last executing test programs:

3m39.648950179s ago: executing program 3 (id=4985):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="380000005500e50100000000fdffffff07000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r2, @ANYBLOB="010101007f"], 0x38}, 0x1, 0xffffffffffffdd86, 0x0, 0x4}, 0x0)

3m39.589021309s ago: executing program 3 (id=4986):
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001280)={0x6, 0x22, &(0x7f0000000000)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9c}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ldst={0x0, 0x0, 0x1, 0x7, 0x5, 0x100, 0xfffffffffffffff0}, @ldst={0x2, 0x2, 0x6, 0x7, 0xa, 0x2, 0xfffffffffffffff0}, @exit, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @alu={0x7, 0x1, 0x0, 0x3, 0x1, 0xfffffffffffffff8, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @exit, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}], &(0x7f0000000140)='GPL\x00', 0x5, 0x1000, &(0x7f0000000180)=""/4096, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001180)={0x2, 0x5}, 0x8, 0x10, &(0x7f00000011c0)={0x4, 0x5, 0x2, 0x7}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000001200)=[r0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001240)=[{0x2, 0x4, 0xb, 0xc}, {0x4, 0x5, 0x2, 0x6}, {0x3, 0x1, 0x7, 0x3}, {0x3, 0x1, 0x9, 0x3}]}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000001340)={r0, r4})
getsockopt$bt_hci(r0, 0x0, 0x60, &(0x7f00001e3000)=""/30, &(0x7f0000d23000)=0x44)

3m39.468425617s ago: executing program 3 (id=4987):
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000280)={0xf020000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x98f909, 0x3, '\x00', @string=0x0}})

3m39.467123519s ago: executing program 3 (id=4988):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb1)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x2000300, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
unlink(&(0x7f0000000080)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8c04, 0x80)
renameat(r0, &(0x7f0000001400)='./file0/file0\x00', r0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x10, r1)
getdents64(r0, &(0x7f00000028c0)=""/4092, 0xffc)

3m39.418892395s ago: executing program 3 (id=4991):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
close(0xffffffffffffffff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40800)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x106}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4800f5001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

3m38.948090467s ago: executing program 3 (id=4999):
r0 = socket(0xb, 0x2, 0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0)

3m38.801779093s ago: executing program 32 (id=4999):
r0 = socket(0xb, 0x2, 0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0)

3m7.398545644s ago: executing program 4 (id=5208):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xe0800, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000022c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x8, 0xc695d31f854950dd}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x5bb6}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
close(r1)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r3, 0x42}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000001c0)="27030200dc0f14000e00003c0ff000000000ff8400000066e4532cc10200000003125ce882cbf490d90812533f00", 0x2e}], 0x1}, 0x45)

3m7.208777055s ago: executing program 4 (id=5212):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x44ea00, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x2)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x8)

3m7.208583317s ago: executing program 4 (id=5213):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000f40)={0x5, 0x0, [{0x8000, 0x7, 0xfffff714, [0x9, 0x9, 0x1af, 0xb9a2, 0x1, 0x10, 0x8, 0x2]}, {0xfffff78a, 0x6, 0x9, [0x9f7, 0x3, 0x1, 0x0, 0x4, 0xf, 0x8, 0x200]}, {0x1ff, 0x9, 0x1ff, [0x94f, 0x1, 0x73e5d9cb, 0x9, 0x0, 0x9, 0x7, 0x400]}, {0x5, 0x7fffffff, 0xf, [0xbf, 0x100, 0x0, 0x10000, 0x8001, 0x3, 0x100, 0xf08b9bb]}, {0x2e, 0x3, 0x8, [0x8, 0x6, 0xb1, 0x3f68f75, 0x7, 0x0, 0x103, 0x4]}]})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x60ab, 0x2, 0x1, 0x0, 0x10, 0x10}, 0x20)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmmsg$inet(r3, &(0x7f0000000880)=[{{&(0x7f0000000580)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r6, 0x4b47, &(0x7f00000000c0)={0xfe, 0x2, 0x200})
getsockopt$inet6_int(r2, 0x29, 0x4a, 0x0, &(0x7f0000000080))
ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000000))

3m7.138979042s ago: executing program 4 (id=5214):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) (async, rerun: 64)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x100) (rerun: 64)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x21d000, 0x0) (async, rerun: 64)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async, rerun: 64)
chdir(&(0x7f0000000140)='./bus\x00') (async)
read$FUSE(r1, &(0x7f0000000840)={0x2020}, 0x2020) (async, rerun: 64)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000500)='system.posix_acl_access\x00', &(0x7f0000000040)={{}, {}, [], {0x4, 0x6}, [], {0x10, 0x6}}, 0x24, 0x0) (async, rerun: 64)
lseek(r1, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r2, 0x5761, &(0x7f0000000040)={0x1, 0x0, [{}]})
fsconfig$FSCONFIG_SET_PATH(r2, 0x3, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000180)='./bus\x00', r1)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="1802000043000701fefffffffcdbdf25037c000004004580000201"], 0x218}}, 0x4) (async)
socket$nl_generic(0x10, 0x3, 0x10)

3m7.078978686s ago: executing program 4 (id=5217):
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r0, &(0x7f00000003c0)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000}}], 0x40000cf, 0x0)

3m6.858648488s ago: executing program 4 (id=5218):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x4c, 0x1, 0x6, 0x202, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48010}, 0x80)
openat$kvm(0xffffffffffffff9c, 0x0, 0x901800, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='yeah', 0x4)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x6d)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x100000c4, @empty, 0xfffffdff}, 0x1c)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4001, 0x800000, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="5e597a919ae824a936bb410a5d7789bd18a0a8a5027d3d923cb99367f4509263b6d2c04b7b9d76d694d8ea9e81ef136d6518469849cfbf9499edabb802a2e5222293aeca612d484cf68712515e43899795371786205a20092a006a66cfdbb6cea08550b23e04efd8b065c902a77df88d709d4ca8a16c85a662a24c815efaf7acaa128ca69d34b130c0d1006a2565d448a775798f4c30b5f699bbaabe30ad7a873dba3cdd174caf73b5e40abc688259a283c107", @ANYRESHEX, @ANYRES32=r4, @ANYRESDEC=r4], 0x8)
connect$inet6(r4, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000003, @mcast2, 0x6}, 0x52)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006b", 0xc, 0xffffffffffffffff)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
ioctl$DRM_IOCTL_PANTHOR_BO_CREATE(0xffffffffffffffff, 0xc0186445, &(0x7f0000000000)={0x0, 0x0, 0x0, <r5=>0x0})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDSETKEYCODE(r6, 0x4b4d, &(0x7f0000000080)={0x1, 0x1})
ioctl$DRM_IOCTL_PANTHOR_BO_QUERY_INFO(0xffffffffffffffff, 0xc0106450, &(0x7f0000000040)={r5, 0x1, 0x1})
write(r4, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000280)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e21, @empty}, 0x100, 0x0, 0x0, 0x0, 0xe4, &(0x7f0000000200)='syzkaller1\x00', 0x3a92, 0x3, 0x2})

3m6.838194947s ago: executing program 33 (id=5218):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x4c, 0x1, 0x6, 0x202, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48010}, 0x80)
openat$kvm(0xffffffffffffff9c, 0x0, 0x901800, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='yeah', 0x4)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x6d)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x100000c4, @empty, 0xfffffdff}, 0x1c)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4001, 0x800000, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="5e597a919ae824a936bb410a5d7789bd18a0a8a5027d3d923cb99367f4509263b6d2c04b7b9d76d694d8ea9e81ef136d6518469849cfbf9499edabb802a2e5222293aeca612d484cf68712515e43899795371786205a20092a006a66cfdbb6cea08550b23e04efd8b065c902a77df88d709d4ca8a16c85a662a24c815efaf7acaa128ca69d34b130c0d1006a2565d448a775798f4c30b5f699bbaabe30ad7a873dba3cdd174caf73b5e40abc688259a283c107", @ANYRESHEX, @ANYRES32=r4, @ANYRESDEC=r4], 0x8)
connect$inet6(r4, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000003, @mcast2, 0x6}, 0x52)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006b", 0xc, 0xffffffffffffffff)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
ioctl$DRM_IOCTL_PANTHOR_BO_CREATE(0xffffffffffffffff, 0xc0186445, &(0x7f0000000000)={0x0, 0x0, 0x0, <r5=>0x0})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDSETKEYCODE(r6, 0x4b4d, &(0x7f0000000080)={0x1, 0x1})
ioctl$DRM_IOCTL_PANTHOR_BO_QUERY_INFO(0xffffffffffffffff, 0xc0106450, &(0x7f0000000040)={r5, 0x1, 0x1})
write(r4, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000280)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e21, @empty}, 0x100, 0x0, 0x0, 0x0, 0xe4, &(0x7f0000000200)='syzkaller1\x00', 0x3a92, 0x3, 0x2})

2m9.446682178s ago: executing program 2 (id=6024):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000280)="5338a3", 0x3}], 0x1}}], 0x1, 0x20008000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x2, &(0x7f0000000040)=0xffff, 0x4)
shutdown(r0, 0x1)

2m9.388141862s ago: executing program 2 (id=6025):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1816c1, 0x1ff) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f0000000380)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async)
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r1 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r1, 0xc0884123, &(0x7f0000000080))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) (async)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x8000, @remote, 0x8}], 0x1c) (async)
recvmsg(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) (async)
linkat(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000) (async)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) (async)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, '\x00', 0x21}, 0xb}, 0x1c) (async)
syz_emit_ethernet(0xfef3, &(0x7f0000000080)=ANY=[], 0x0) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file7\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x0)

2m9.387891223s ago: executing program 2 (id=6026):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r0=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000080)={0x50, 0x0, r0, {0x7, 0x29, 0x9, 0x208, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}}, 0x50)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents64(r1, 0x0, 0x0)

2m9.30807877s ago: executing program 2 (id=6027):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0x4)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000850000003300000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

2m9.307870873s ago: executing program 2 (id=6028):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x6f1dd9aa, 0x0)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000140)="480100001a000708ab0925040900070002ab0700a90100001d60369321001d000a800000000000000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc00030026000000140000270400117c22ebc205214000000000008934d07302ade01720d7d5bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a87", 0x148)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f0000000340)=[r2], &(0x7f0000000280)=[0x1], &(0x7f0000000200), 0x0, 0x0, 0x7f})

2m9.057864321s ago: executing program 2 (id=6033):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
lseek(r2, 0x25, 0x4)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r1, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0xb}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r4, 0x40046208, 0x0)

2m8.990887339s ago: executing program 34 (id=6033):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
lseek(r2, 0x25, 0x4)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r1, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0xb}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r4, 0x40046208, 0x0)

3.248252982s ago: executing program 0 (id=7465):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1740, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)={0x28, 0x43, 0x107, 0xfffffffe, 0x25dfdbfc, {0x3, 0x7c}, [@nested={0x4, 0x145}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x464, 0x0, 0x1, [@nested={0x8, 0xcd, 0x0, 0x1, [@nested={0x4, 0x62}]}]}]}]}, 0x28}}, 0xc000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0x50d8, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000080)={0x3172, 0x0, 0x2}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000000240)=@file={0x1}, 0x6e)
listen(r6, 0x0)
connect$unix(r5, &(0x7f0000000640)=@file={0x1}, 0x6e)
r7 = syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000c00000/0x400000)=nil)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x421, 0x4, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x26d2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x3}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x25}]}}}, @IFLA_BROADCAST={0xa}]}, 0x50}}, 0xc080)
r9 = syz_kvm_add_vcpu$x86(r7, &(0x7f0000000080)={0x0, 0x0})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xfc}]}, 0x10)
ioctl$KVM_SET_CPUID2(r9, 0x4008ae90, &(0x7f0000000200)={0x2, 0x0, [{0x40000001, 0x2, 0x3, 0x3, 0x4, 0xe11, 0x5}, {0xd, 0x9, 0x4, 0xff7ffffa, 0x1fd, 0x7fff, 0x1}]})
sendmsg$nl_route(r8, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)=@ipv4_newaddr={0x48, 0x14, 0x8, 0x70bd25, 0x25dfdbfc, {0x2, 0x20, 0xc, 0xc8}, [@IFA_LABEL={0x14, 0x3, 'pim6reg0\x00'}, @IFA_CACHEINFO={0x14, 0x6, {0x9, 0x3, 0x7, 0x1}}, @IFA_BROADCAST={0x8, 0x4, @loopback}]}, 0x48}, 0x1, 0x0, 0x0, 0x40800}, 0x4040)

3.021557452s ago: executing program 0 (id=7466):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_RESET(r1, 0x5514)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000500)=@mangle={'mangle\x00', 0x44, 0x6, 0x470, 0x310, 0x168, 0x0, 0x310, 0x98, 0x3d8, 0x3d8, 0x3d8, 0x3d8, 0x3d8, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x98}}, {{@ip={@remote, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@pkttype={{0x28}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4d0)

3.021167589s ago: executing program 0 (id=7467):
write$FUSE_STATFS(0xffffffffffffffff, &(0x7f0000000000)={0x60, 0x0, 0x0, {{0x0, 0x7e, 0xcac5, 0x8, 0x7, 0x6, 0x91, 0xfffffffe}}}, 0x60)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000080))
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0))
r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x600001, 0x0)
r2 = ioctl$KVM_GET_STATS_FD_vm(r1, 0xaece)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000140)={0x8, 0x1})
r3 = syz_open_dev$dvb_demux(&(0x7f0000000180), 0x8, 0x301840)
ioctl$BTRFS_IOC_DEV_REPLACE(r3, 0xca289435, &(0x7f00000001c0)={0x1, 0x21, @status={[0x8, 0x3ff, 0x7, 0x6, 0x2, 0x3]}, [0x32a, 0x9, 0x1, 0x3c, 0x78, 0x5, 0x80000000, 0xfffffffffffffff7, 0x3, 0xe, 0x489, 0x80000000, 0x95b7, 0x84, 0x0, 0x2, 0x0, 0x1ff, 0x10001, 0x80000000, 0x7fff, 0x7, 0x5, 0xf8, 0x6, 0xfffffffffffffffb, 0xffffffffffff7335, 0x2, 0x8, 0x9, 0x1, 0x5b, 0x9, 0x3545, 0x100000000, 0x0, 0xfffffffffffffffc, 0x7ec, 0x6, 0xb, 0xa33, 0x4, 0x2, 0x4, 0x9, 0x6, 0x2, 0x2, 0xfffffffffffffff7, 0x5c8c, 0x5, 0x8, 0x0, 0xb9d, 0x101, 0xe4, 0xfffffffffffffffa, 0x1000000000, 0xb3be, 0xffffffffffffffd5, 0xffff, 0xde, 0x80000001, 0x2]})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000c80)=[@text32={0x20, &(0x7f0000000c00)="b805000000b90d0000000f01c10f793666baf80cb8d38f148eef66bafc0cecb805000000b9291409e10f01c10fc7bf3700000066b834018ec0f6fd66b897000f00d8c4c1fa10200f07", 0x49}], 0x1, 0x2, &(0x7f0000000cc0), 0x0)
ioctl$KVM_SET_SREGS2(r2, 0x4140aecd, &(0x7f0000000d00)={{0x6000, 0x60000, 0x1c, 0x81, 0x0, 0x8, 0x8, 0x1, 0x81, 0xf1, 0xbd, 0xb}, {0xd000, 0x80a0000, 0xa, 0xfe, 0x5, 0x2, 0x9, 0x8, 0xb, 0x4, 0x2, 0x9}, {0xc000, 0x8080000, 0xe, 0x6, 0xd, 0x7, 0x4, 0x3, 0xaf, 0xb, 0x5, 0x2}, {0x1, 0x2000, 0x10, 0x6, 0xf, 0x81, 0x0, 0xba, 0x3, 0x1, 0x4, 0x2}, {0x8080000, 0x2000, 0xa, 0x5, 0x3, 0x4, 0x8, 0x0, 0x7, 0x5, 0x7f, 0x40}, {0x1000, 0x0, 0xb, 0x9a, 0x4, 0x2, 0xdd, 0x2, 0x81, 0x1, 0x8, 0x9}, {0xd000, 0x4, 0xe, 0x6, 0xb, 0xf8, 0xe5, 0x2, 0x9, 0xdf, 0x44, 0x81}, {0x10000, 0xdddd0000, 0x3, 0x8, 0x8, 0x7, 0x9, 0x20, 0xd, 0xe7, 0x3, 0x1}, {0x5000, 0x5}, {0x10000, 0x9d}, 0x0, 0x0, 0x26000, 0x20010, 0x9, 0x8000, 0x801a001, 0x1, [0x80000001, 0x6, 0x80000000, 0x8]})
io_uring_enter(r1, 0x56f4, 0x83, 0x18, &(0x7f0000000e40)={[0x4]}, 0x8)
r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000e80), 0x200000, 0x0)
ioctl$OCFS2_IOC_RESVSP64(0xffffffffffffffff, 0x4030582a, &(0x7f0000000ec0)={0x1, 0x1, 0x8000, 0x4, 0x8f, 0x2954d639})
bind$alg(r2, &(0x7f0000000f00)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000f80)={0x8, 0x0, [{0xb, 0xc1, 0x1, 0x2, 0x7}, {0x80000019, 0x6, 0x4, 0x4, 0x200}, {0x1, 0x80000001, 0x1a, 0x8, 0x5}, {0xd, 0x3, 0x7, 0x1b3cbf5f, 0x1}, {0x1, 0x97, 0x3, 0x7ff, 0x6c}, {0x80000001, 0x1, 0xb4, 0x8001, 0x7ff}, {0x40000000, 0x4a, 0x8, 0xef, 0x7}, {0xc0000001, 0x0, 0x0, 0xfffffff8, 0x1}]})
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000001080)={0x1, 0x10})
write$sndseq(r2, &(0x7f00000010c0)=[{0x9, 0x3, 0x80, 0x2, @tick=0x5, {0x2, 0x64}, {0xa0}, @time=@time={0xe, 0x3}}, {0x2, 0xca, 0xc, 0xc, @time={0x82, 0x7}, {0x9, 0x5}, {0xb6, 0x5}, @queue={0x5, {0xe2a, 0x2}}}], 0x38)
splice(r0, &(0x7f0000001100)=0x2, r1, &(0x7f0000001140)=0xcf, 0x80, 0x4)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000001180), 0x104080, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f00000011c0)=0x1)
r6 = dup(r5)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r6, 0x80047210, &(0x7f0000001200))
ioctl$F2FS_IOC_FLUSH_DEVICE(r5, 0x4008f50a, &(0x7f0000001240)={0x5aa3, 0x7})
fcntl$getown(r0, 0x9)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r0, 0x40146f2c, &(0x7f0000001280)={0x34, 0x0, 0x3, 0x14, 0x4})
write$nci(r2, &(0x7f00000012c0)=@NCI_OP_NFCEE_MODE_SET_RSP={0x2, 0x1, 0x2, 0x1, 0x30, 0x1}, 0x4)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000001300)={{0x2f, @private=0xa010101, 0x4e21, 0x0, 'sed\x00', 0x32, 0x5, 0x32}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x2000, 0x5, 0x69, 0x5}}, 0x44)

2.938279578s ago: executing program 0 (id=7468):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001980)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x3, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000200000018230000", @ANYRES32=r1, @ANYRES64=r0], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000000480)={0x9, {"a2e3ad084fc752f91b29090955f70e0dd038e7ff7fc6e5539b3272078b089b34393b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d336d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169b34288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b473e2ffd9d44b56871495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3527138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a20900000000000000bdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aad66d7bbef724779ca1f73373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b4db39b012a6d7e566539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d0642b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff258a6be40e88bd1e4b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffcb759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff070000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e22, 0xb6, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000040), 0x3)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "dce02de9d7bd466b", "72e64b3892cb7025848c9f40363cf916", "cfff3c66", "e2b768b4bb9e0d9b"}, 0x28)
sendto$inet6(r3, &(0x7f0000000300)='S', 0xfffffffffffffe94, 0xc000, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x20, &(0x7f0000000000)=0xe6d3, 0x4)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'wlan0\x00', &(0x7f0000000040)=@ethtool_sset_info={0x37, 0x8, 0xb565, [0x5, 0x8]}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="7638300c000000000000e900feff", 0x0, 0x10000, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

2.874069998s ago: executing program 0 (id=7469):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x14040, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0_macvtap\x00', <r2=>0x0}) (async)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000) (async)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$OBJ_PIN_PROG(0x11, &(0x7f0000000040)=@generic={&(0x7f0000000700)='./file0\x00', r6}, 0x18)
sendmsg$alg(r5, &(0x7f0000003540)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="fbd89b3e89", 0x5}], 0x1}, 0x34000041)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffc0000, {0x0, 0x0, 0x0, r2, {0x0, 0x8}, {0xffff, 0xffff}, {0x9, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x30, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x2c, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x9}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xff}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x2}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x6d}]}]}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40001}, 0x10)
ioctl$SNDCTL_DSP_GETTRIGGER(r0, 0x80045010, &(0x7f00000001c0)) (async)
syz_emit_ethernet(0x76, &(0x7f00000005c0)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b88ef", 0x40, 0x3a, 0x0, @private1, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "bdd7c3", 0x0, 0x0, 0x0, @loopback, @empty, [@routing={0x6}], "df7d270b77aa81ed"}}}}}}}, 0x0) (async)
r7 = syz_socket_connect_nvme_tcp() (async)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_SET(r8, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10108000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x2c, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x4}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0xcc}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x4e}]}, 0x2c}}, 0x80) (async, rerun: 32)
recvfrom$inet_nvme(r7, &(0x7f0000000000)=""/222, 0xde, 0x10100, &(0x7f0000000100)=@ax25={{0x3, @bcast, 0x8}, [@null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null]}, 0x80) (rerun: 32)

2.873795964s ago: executing program 0 (id=7470):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
r2 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f0000000100)) (async)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r3, 0x0) (async)
r4 = socket$vsock_stream(0x28, 0x1, 0x0) (async)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r5=>0x0)
ptrace(0x4208, r5) (async)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @hyper}, 0x10)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x20000}, 0x8) (async)
close_range(r1, 0xffffffffffffffff, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x70bd25, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

1.805525547s ago: executing program 1 (id=7485):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000000701010000000000000000030000062c00064000000000000000060900010073797a30000000000800054000000001"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000440)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x24, r5, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x24}}, 0x4000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
ioctl$AUTOFS_IOC_PROTOSUBVER(r8, 0xc0089364, &(0x7f0000000180))
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000180)=<r9=>0x0, &(0x7f0000000200)=0x4)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="92d028000000feff010029bd70000700000000000000", @ANYRES32=r11, @ANYBLOB="80007f0a0a000200ffffffffffff0000"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4040004)
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r12, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e24, @multicast1}}, 0x2, 0x4, 0x200, 0xff, 0x38c6de2d4adf4b5e, 0x0, 0xf7}, &(0x7f0000000380)=0x9c)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r13=>0x0}}, 0x10)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, <r14=>0x0}, &(0x7f0000000340)=0x14)
sendmsg$ETHTOOL_MSG_EEE_GET(r1, &(0x7f00000010c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001080)={&(0x7f0000001240)=ANY=[@ANYBLOB="1c010000", @ANYRES16=r2, @ANYBLOB="00082dbd7000fddbdf25170000001800018014000200636169663000000000000000000000001400018008000100", @ANYRES32=r6, @ANYBLOB="08000300020000003000018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="1400020067656e6576653000000000000000000008000100", @ANYRES32=r14, @ANYBLOB="200024801400020062617461647630000000000000000000080003000202000034000180140002dd75657468315f766c616e00000000000008000100dd4ce601c2487583510767825f512828b4a3831a20169eaa1c4117f7c12d1aabc277b9d93a28a61bb6a93c587c48ca525a7600c5a8494b846143352954006a36721803f72f5b2c74c5a9bb4f1d53052c40ab548aa8fd1a3840f58c4eed8dbde6254266cf31c23bbb430aa7dd3a1435b7451d5183e1be03000000d3b5f9799ab05d2a3ed56ab7ffc33773bcc69de622ee0cb09bfe1dc6623d6133ce2679caa506d5bc1c82d23e1d2855daaa12fca444a89ec5ada047f85629f8f3c901f4d2af08ba0000000000", @ANYRES32=r11, @ANYBLOB="140002006970766c616e300000000000000000004000018008000100", @ANYRES32=r13, @ANYBLOB="1400020064766d72703000000000000000000000080003000300000008000300020000000800030001000000080003000000000018000180140002006970365f767469300000000000000000"], 0x11c}, 0x1, 0x0, 0x0, 0x4000040}, 0x85)
r15 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4380, 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='.\x00', &(0x7f0000000000), 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB='tRans=virtio,version=9p2000.u,'])
r16 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r16, &(0x7f0000003480)={0x2020}, 0x2020)
ioctl$CDROMREADMODE1(r15, 0x530d, &(0x7f00000004c0)={0x0, 0x2, 0x1, 0xf8, 0x9, 0x6})

1.6825031s ago: executing program 1 (id=7489):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0xc0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0101020000000000292400128009000100626f6e640000000014fc94062c0b030cb5d7e8b100428005002bba8eed9a6a01000600060005001b007a99a896033840733037cccfb84d0e00005bb015bd28dfc758a1"], 0x44}}, 0x0)

1.619424203s ago: executing program 6 (id=7491):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x191)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, &(0x7f0000000000)=0x9, 0x8, 0x5)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0xc, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, '4'}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xe0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x14)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) (async)
chdir(&(0x7f00000001c0)='./bus\x00') (async)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x40000000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x10, 0x1a, 0x0, 0x1, [@AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x2}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bridge_slave_1\x00'}]}, 0x44}}, 0x0) (async, rerun: 64)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f00000000c0)={0x400000000, r2, 0x80000}) (rerun: 64)

1.616517536s ago: executing program 6 (id=7492):
sendmsg$DEVLINK_CMD_SB_POOL_SET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="94000000", @ANYRES16=0x0, @ANYBLOB="04002bbd700000000000000000000e0001006e657464657673696d00dd000f0002006e657464657673696d30000008000b0000000080060011000000000008001300fcffffff05001400010000000e0001006e657464657673696d0000000f0002006e657464657673696dbf6d016e7230000008000b00020000000600110009000000080013000800000005001400000000008d74a9457e8943d1088b01be8462e72a67ca5d7b2f0cc73600f0e112a0bd603e5e4387df793ff8250f4cb486d4b964252d4945db64c35faf8018a8df0d7c1cd99f4e4731e548200b86d7d8c8188e5a74aa3202af9c338ce95f4f82317effdd73b7e32421365c2bb77a0d9f3fc376d38b968d3aa16dd5fd49c50431687c7268698a4f74283596e11a6ca11a219c421483ba7eded63b2670f700df6cf1e97c2a6ac3410532693a50c11e9898442f844494bb493836613ada3398b0ab0677ccc6a103b68bf9d54dec25698762d956e0b903ca"], 0x94}, 0x1, 0x0, 0x0, 0x48000}, 0x5)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write(r0, &(0x7f0000000000)="0d0000000100e2", 0x7)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz0\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0x4, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1000001, 0x8, 0xd, 0x0, 0x412a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10002, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x4, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0xffffffff, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a8, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x7, 0x4, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x4, 0x7aac, 0x3fe, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x2, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x93, 0x7fffffff, 0x1000004, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x10, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0xfffffff8, 0x2, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd7d, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1af8, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x87, 0x28e3, 0x9, 0x81, 0x3, 0xa, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x2, 0x2, 0x5, 0xd8ce, 0xf, 0x100009, 0xc, 0x1, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x7, 0xdab, 0x6, 0x8, 0x14020, 0x1, 0x9]}, 0x45c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0xdb, 0x0, 0x3})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES8=r8, @ANYRESDEC=r8], 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)
sendmmsg$inet(r8, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="27726a46e3b140f6008c814b18c7e4f2f8f700c27f7d8bc80633c9b29ac41e3ab4b7a1029de61fc40bf1571606f44f597bcd453f8a025238795b29cb0b6cc5eba0f6675b632d4e01e884f515670dc38e363051c190bfba2de14165db25897dd998573e37acdb39a60e8b37e7e5fa767961d61e3e2464a1468083e21df5124febeb81a6a0246c1547e5a98113638d", 0x8e}], 0x1, &(0x7f0000000180)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}], 0x48}}], 0x1, 0x40)
socket$packet(0x11, 0x3, 0x300)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_MCAST_JOIN_GROUP(r9, 0x29, 0x2a, &(0x7f0000000300)={0x8, {{0xa, 0x4e22, 0xf4, @dev={0xfe, 0x80, '\x00', 0x18}}}}, 0x88)
r10 = socket$netlink(0x10, 0x3, 0x4)
write(r10, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)

1.320080827s ago: executing program 1 (id=7493):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000d40)={0xd, 0x4, {0x51, 0x8, 0x1, {0xe0ee, 0x1}, {0x9, 0x100}, @rumble={0x22, 0x3}}, {0x54, 0xab, 0xd, {0xdec8, 0x2}, {0xb, 0xfff9}, @const={0x6c04, {0x7, 0x0, 0x7fff, 0x7}}}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$security_selinux(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), &(0x7f00000002c0)='system_u:object_r:sysfs_t:s0\x00', 0x1d, 0x2)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
rmdir(&(0x7f0000000040)='./file1\x00')
r1 = open(&(0x7f0000000280)='./file0\x00', 0x325182, 0x43)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'gretap0\x00', &(0x7f0000000080)=@ethtool_ts_info={0x3a}})
mknodat$loop(r1, &(0x7f0000000100)='./file1\x00', 0x400, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$getflags(r4, 0x401)
chdir(&(0x7f0000000000)='./bus\x00')
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045fc0030fffc00000002907800000000e000000114009078ac1414bb53f68378f65b987df5ff06000000007ee410f074"], 0x0)
setxattr$trusted_overlay_nlink(&(0x7f0000000140)='./file1\x00', &(0x7f0000000240), 0x0, 0x0, 0x0)

1.318861152s ago: executing program 6 (id=7494):
unshare(0x2040400)
unshare(0x20000000)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x4)
r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='cgroup.freeze\x00', 0x5000000, 0x0)
readv(r2, &(0x7f00000012c0)=[{&(0x7f0000002c40)=""/4081, 0xff1}], 0x1)

1.1965174s ago: executing program 6 (id=7495):
r0 = io_uring_setup(0x3454, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES64=r0], 0x69)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$XFS_IOC_FD_TO_HANDLE(r1, 0xc038586a, &(0x7f0000000280)={<r2=>r0, &(0x7f0000000180)='$#${,$@\x00', 0x200000, &(0x7f00000001c0)={@_ha_fsid={[0x9, 0x2]}, {0x5, 0x6, 0x8001, 0x100000000}}, 0xc30, &(0x7f0000000200), &(0x7f0000000240)=0x3})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000300)={0x4, [0x0, <r3=>0x0, 0x0, 0x0]}, &(0x7f0000000340)=0x14)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000380)={r3, 0x97, "c12ddebb854b6859bccc857caccb0bcc3b51a33a514310029cb742941374fbaba0b07ac68657c03e3286bcc86a7e77f3ab3494d9a4b2fb12b7ee9d81b0beb8bddac5119c59bb66ecccd8098a6e9a74cd870a81ace41d098ac88fba58f6f9df86c7dc08af0611d164ca57bfcf25025cffd9135c67178328171c9f8b1be2d102d6b15d84b0217fe240a25f7cb86940159762649f6fe8e640"}, &(0x7f0000000440)=0x9f)
read$fb(r1, &(0x7f00000000c0)=""/132, 0x84)
close(0xffffffffffffffff)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

1.195662629s ago: executing program 1 (id=7496):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x1100, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

1.067939204s ago: executing program 1 (id=7497):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e04, @dev={0xac, 0x14, 0x14, 0x59}}, 0x10)
shutdown(r1, 0x1)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_PMKSA(r2, &(0x7f0000000200)={&(0x7f00000000c0), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x70, r3, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x40, 0x79}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_PMK={0x14, 0xfe, "8d3b81051165ed7813d8e8ef832aab61"}, @NL80211_ATTR_PMKID={0x14, 0x55, "edddeb1d965ebbeaaeb98e33ac294166"}, @NL80211_ATTR_PMK={0x14, 0xfe, "ad7798f25a3fa2a6a3c145d706cfcd03"}]}, 0x70}, 0x1, 0x0, 0x0, 0x10803}, 0x8000)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x40000142, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
read$FUSE(r4, &(0x7f00000041c0)={0x2020}, 0x2020)
setsockopt$inet6_tcp_int(r4, 0x6, 0x8, &(0x7f0000000280)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
r6 = getpid()
r7 = syz_open_procfs(r6, &(0x7f0000000000))
getdents(r7, &(0x7f0000002000)=""/4096, 0x1000)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r5, {0xfffd, 0x10}, {0x1, 0xfff1}, {0xfff2, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x840)

1.067466499s ago: executing program 6 (id=7498):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e20, 0xfffffffb, @empty, 0x2}, 0x1c)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x22)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000006180)={0x2020, 0x0, <r4=>0x0}, 0x202a)
syz_fuse_handle_req(r3, &(0x7f0000002140)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715be861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a420c35322f9cf8060550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x5, {0x7, 0x2, 0x7, 0x8, 0x0, 0xc, {0x43, 0x3, 0x6, 0x3ff, 0xffc, 0xe000000000000000, 0x0, 0x10, 0x120, 0x2000, 0x10001, 0x0, 0x0, 0x501, 0x6}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r7)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000640)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7000fbdbdf254f00000008000300", @ANYRES32=r9, @ANYBLOB="50007a800c000300417f7622318573d51c000200c82e0754cc3e672457963b2c507f9f355b56ab95ffe4d6682400010011d276e3380344a16699b66f7e0aeffdd4cd9672f50fc87fe3ee49c851f8a6f72af9695420d0f978b1a5596f0d0eef7fdcf104db0dd045206052acc80521b3d6e50fb4218c28f2a0a59d5f4d9995ae8e6a6d20560c609bd6ece3daa3ceb593f1fcf7c9fbd10fe5bbaa7596fa0660282fa86125368c6c9a31564893affec5154ca30518b8a5d3ee3ae44ea0a2d112ff3eb76c6918ae26c4cd6433cf586c01af3d7b9612303bb557501414b2e2a129"], 0x6c}, 0x1, 0x0, 0x0, 0x4010000}, 0x4000000)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x2c, r6, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x6}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0xa053}, 0x4)
write$FUSE_INIT(r3, &(0x7f0000000440)={0x50, 0x0, r4, {0x7, 0x29, 0x2, 0xffffffff80200168, 0x40, 0x1, 0xfffffff1, 0x0, 0x0, 0x0, 0x80, 0x7fffffff}}, 0x50)
r10 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x82042, 0xc0)
r11 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r11, 0x84, 0x75, &(0x7f0000000e40)={0x0, 0x9}, 0x8)
recvfrom$inet(r11, &(0x7f0000000100)=""/165, 0xa5, 0x40000101, &(0x7f0000000340)={0x2, 0x4e23, @empty}, 0x10)
ioctl$sock_inet_tcp_SIOCOUTQ(r10, 0x5427, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000580000a44000000090a0104000000f6ffffffff090000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003eca9d548751597fd001100010000000000000000000100000a"], 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

854.811016ms ago: executing program 1 (id=7500):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a7c000000060a0b0400000000000000000200fffe500004802800018007000100637400001c000280080001400000000208000240000000160500030000000000240001800b0001007470726f7879000014000280080002400000000e0800014000000002"], 0xa4}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
mlock(&(0x7f0000627000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2)
r1 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x1)
write$UHID_INPUT(r1, &(0x7f0000000d00)={0x8, {"7894e6e62ce0f10fcdce74f21ad5b47c923d4dec90cefd599912070f341d59a8802e33af9869738f25b2f72093dd0ffa688e8e417c6e0e09b99649818d7caca39e142ef69d9101397854c3f51bde013686a626b2120c03d98c0ad981069188fbbddb88bf41a6b29ed43d1244e6025e1e4a2f40577619ccee39385bfc86461023a7906e5c07d16415140f4ab26db004362c885ef2c9ee82d3dd7e2ac42ca05d81ccea87dc0ec4a8f222013d6d4d0b0c828f3d2e3151dce87bfb335c1ad67bb3323564022ab23a6ba54ca117ca592c8d4227922347ea6f7c9d3dbdbc8d235f2d03e688d5ca7718d60e911534f964bf20359a0057847e7d7fd2cc463784aab2b06ba95512cfc427da44aa73634b0797b9baab391aa176d259c047ee9d346e63903860ab3c571d064509a715c5c4c6edffce9e1701e8291c2d937e3ff18691fe9a665b1a3b717a40205f8efa239b37e6b33f5c8ac28e616f788d0294c8d39ff4a63aaca7d4c578a935dd84850432201081bc1b00c5797847eaff8cecf8af8a60f075b5ff1c3dc9e62f9a3cfc4333a7501dd8badfdc691a9d35d3fc2c0e8f1b21a2c619201004a0d82bace1738ba9ca93e6fbf8ebaa78b5423efb19d3337ad050a7a1a634737a0169921911b277ab235f8b186efd60c3eff58e974a856ba460c5fbd91c1b5c999a7f6b4474560e0c5698085e1ff96381999bf7338dddab4499c6ae315245ecc98d3ca2ebc11214a4115e9205e7d1705591be4029a5e92ae06c02ba39ac70cf1ba082ccee070bf2feafa55ac6e863adb6f89a7475c2dc073058b0f8a52151d8c3ced025463656942bfd257ace6c54bd57985a44cef1c20777db47d12bd34371ef6f537e455b7787e3a853713877fa9465937602ceef8b9439507ab802ea4eaf5ee2ecd710b1840d8b8c995b5904434198abd8f0e830857ed1af53f3bcede9d57afb1cd7ad27bf222a6d1c58286c40d22211a3b2b7b7bbf5923a528fa4d781aaec1f67e013392b17197d2f6ff2d0e68bea94ce57cc516daffdf2348333a8dc596894540aa2a79437d95465fc27627b0e26871d5248c39e1a3badb319d449a7d67145418e1a35cb4bf950a5483d6e80763ea676b89d1f1e2cea20c590c76ae9fb228ffd638ccabdb3830cf944e1cccfb7ba8b1d1f0aabc498155ddda8404ebe2e25cfcfa9058af7d66bef79e592a579d556404ea3f28d6ddb3fdead9123247e23827f729eee41540d0f0e94027d65eee4e7c1c913c634f9abf546388cd2e4b351b16bd97faae3b54f5b2750495619ec36d97a1080564fa30a9f8a2700b77340b5bbd9cc377ee35420b5b762935047af7837e973a9da42ef93c11f145704d041054bcc4680363cbbee16a2bc0eaaa49cfa23330a666dff32daa17a6ea425f1ed2354d0c36893c895a0564e100d3e1385467405ca2706cfb62453faf72b1648727faeffb3c934bc4e48e4ce93af11bff3208cb3843da7ed68451b4af747ef72e2fb78a73990c95097c9504aacddffc5caadeb171e95ad113561144907d361fd28695239f6619360b9d0eead653cc83ab13fc7c0c60237e3363b6f319daa38d792426393e2396404a112ed9e70b378f494d4b540bf9b44d76b347a12c8cdaeed350a85698eb71bd126f75b9aa0ff7435926a4a4ce04e4187eae5a80b1ff56aa7f1b005a9a057b6ace4cf08c404f66c0b31974d151e9a2840ebcbfbfd898e6694b89fe78a68b90551c9d33c14914dceff64a699c1cf1570c2d1f53e905abef9f954fbdd100b1b18f10dbd673bd6c7a9693286cf2dc0ab9919466750aa42ccfa27e9ff4190dd784ec6f2e19270521f98561a959152b16a80f0b1e183375d3886936ae03ff4949777d30481c24bbae918d5fdcc8f46ff05e2370095bc85cde086dc1e32423f21c13c42490fb679462f35dd0c4ef06f8c3f24327af47ea2c73a856f112385094fe138022e308c157adb19b94ed0e8d94b805883318b33b22f371d62f0b764b2a44b65018bef417357aa997ea4ef95a2899963e06a3c553943e14d3364b73919f5e6d8395d56d522f1b19ae37d48f1534d92e4248824adb555281aea2fb317bfb30cdc7d4efada900006f45578a061b19e2eeefffdbf1974a1633182501611724079f926122c1c8fd9b1d8e6302d76ed90616abcfcac478e3b8d3be91eee5f9c653f8fed3afc1eb33d9314aaa021e8b53ab7ba3e59b301a6c757efd95c6661d7d3e8a73cdec7833f4608dc238d8e144a5b0196a9aea6fb30efdfdb05f9529c52af93cd78d857e3cc920bf30b2292380c662890f3679c09aea55c77a75dbb4da338c0fb737a5fc31252d9fa798f9dd70947f6cfa0474a7a835c694dfbb5c678216915d1f04c81d5df8f2efde80fdbce8248525d9b639f394847b9a8c2e7f7288b031df91db059eabb750c1bfe732b78001c2cca0f74cd8873cc2a892d26e1dbd48db297853775c21d68ce1daebee4f4d65bf8e448b1c80da35eaff3295ffe0aef68baff15f7585aba741699c3ed9a62f2c18200e40cbb383b844459ca9636d61645470d4f8b04704b84a7986d816c037d368d807ab936faa842a427cc4987ab506f3f08841195c893f39656547ff62730ec43aa78311d57defe4002301f6b9e1f6573f3a46715e2d1f899480e8bc97f5dfe48ad14df280126998d32dc0a63231584b5ee82d5f90d5ccd3eb3923cee0dfe0eb9b1ac54fd97214ad86c6459cf916ba0bfc9d4210a95346d753f4bc7440d78274c4cd1850907a2bf150a1c1b511bf0438494a6aa1a197f787c96b410d866b4cb284f74122ffbb2f5fa7c2c22f935c7e1542ff83f01e3024ee6e3d7fd0fba2754e635c8116a27f15586300d6522979822c1f97038f33c644ef82e9818f4a09388cb9a69514c929e9bc149fd7a26b458d89abb5e3ae1de29ed1f28d613878a24a9296c967339b9c6749f92c720982cb78a120bcf7593c6fbae36f9a06caa384a7e5d3f05442b0a69f72518a76a916968aae56abda54dac318fd726335e95592f80d030ef51aea41d5e348267fcea65e49d8e36e711fedb3fb9ad37d3fdf2185dcc3ff44736d6a0d4b4bd1810f89ec6e0e6b6f58f74d73ddd2a27fcfaf36d1aec6c3769787a1d3b8514487a399e6497bd0bf4c4242868d599aeb2202cae535e8118d478fc43b4c8bfdcf024f36f5d7c9f75c69bc9d4d5414e8bef740bcaf9027dbdb0f47643b984406c9ce1999d7631243c26d6824ae74ab71f536e40e934a5dfea7f5c5d10713c831df6ba168f4080a4b082e94bc23c0807aab7c0bc29f327d185a2a9302cc255aa54764c4eb8ef5b17d640afa30b36572294914d51ac146f87af6f5abd97823724aba25f589e769aa1047e72365e9ee67e7f90e80542cc842aebabc97679dd893075e8a1bd6934ac9e768e20bcf4c2fa29c5f7a103d3ff689c721e08ef1d0ca61ee3e07a815aa943879dd5c406dcff6a946b0a12980620cfb224912e27accbb63b1e2d571c65918c806060dcd08d5cef341e5c5705021ec19605b809a44d2a8f6f27e18f2b8fd268e23706564df5501096fd8f8261e27d5c8b582673f0c76bf78b27f754cddb5b64a33c87841681d8eef2b5abe8a8deabee587189f75b8b518909cd2a6f89910425e8647f25077829f1b400b3abcaeff6f54ccc00f6fb7abeeefe0226e4e2b55fba0925b49be8310fc5a490384e4a5e7216b0fd0c09c00e3327ada8c59eb37443ac9148a9df92b0d4e6851cd93b784d3e0a236d9fe7c483f03d813fc98e632cf6255dc4a70a0458570776509ebfb545f35956c7e32493f6ad886ec858bfc29bffb7f2ae7eed7d83e3075554dd81e72c93f4c2e4dcdb0832e76861b983b17c2a6f887a988e4fd47459fd45134560b5b1bec10c50914f2d7f327a4e68a0c453f067035f243ca01aa22969481d5fb48d1da82f35222c4e8d249625c454159f7b00a85d43414eb5e7c8044922b323f2473af648d1dba5ffff34bd5e023a2fe4860d7568fa4d35ad20c461eb38bced561edcef853dbcdd7b69bb40e9cda525a71a286c956a1268cacad0bc0c79ed7632aedbb8dc78ba1a2adea2b650314072d1ebc08f9753d6d38e53a758ea4700160588e819239711a506f004ec57037cd6efcbb9cee3bba556eaaa008bf8e8390085b85653c7aa006dd836c7ad025bed9dec77a4a00b309776862fca4dd01dff16aa6bd70a876662093b85ffbb07b2f8b4361f5dc635f940571239a71865e8f1a289f449ae9a74266205c8b1fe8a732db502c9ea5e5c379b704d43ef795b40450aa498535803767d2c2cbd2749474d2997e00f37612fcc0ae7322b8c8e2a90cf66ada69bd05b82d5707562b37e40674f0a3f58d9c776a931b8768d5c23f17c5f9135e7a4ce0c6eb356d9fb4a53d112194c19e6f045d2bd44132a70b9ccd7e65d2787899785f7ee9185589136c847347142440e0a405c18ff3f31acb791a805dd281aaf97aee708dcce2f1aa53161b7716fa0978c0d02871637ad7e1af5a158b727a1dfc2ae1aafbb9c516469ee89fa0f1de23a17115ded5e9c560a468c5192943be74aeaba51083ca0379563f1fa78e29eca1eaf849cd00f419ceb59e640248c332c845e68e9a398281b962ae59aa5b18006b6ea6e0c5f1b30665e1fb975da11ed6a47bd44b4241bbf0443f178e8249805cc3f980a4bb2f46baab0a12e9e9b2aaa7e0ca22b2314a9e5ef6412f4efe31381e3d716244af3112444eabbb0c353acafc0f1179ad4c63b81e5f5bfd771591d24e5254fa72e30aa53717c24b49cee71cdd9368e207af5e992a04f06de912cfcfca38732f5c8393d466d209680ebfa5764897f04531138beff3f65691593e334c2ae2825ffa9353e8aeef37b90691ea5c78d7c86124abf6491a068bf03c3467e5e42ca4b58192d17856722207568777141ccbef3f3891708897af9c196be92056527a8da820d28dccaf4dfed4d38fb8fe826b238d31bad751631a0d8b1eabdfa7bffe65241238ff982d21b2222cdd3a536385d0ab2180ccdf4672d0b21156377fe640ee8c8744b9ba1efce91c295e83a4271a34a1f70adbc2ff0aa6ba9e1965061cadcd3d824636bbc1f977c78dde1859d752c86b099705616edf6e94523f108af79ab5073d26f3788c4d56f1b17b764c1bc387e531dab5dd71198c56b02c68552dc1098beec85dc1bbe2dde316e6093a9a33f578d789da9b2a9209ed6e73a0597bc62467afc42f0348c9b885b92f37569a953f6316d5c8b188539474da3836abeae7ec259cf8fd28f02593597e9206e05e8da4f4346aab36f179deb68a9dab9b550d6fe4f0c88563935328a699b9cbb2015be57c28beaf60be499114f04a96a2f7fb3bf3b5b31e422954c96790aa1e49c5bc1946df0df2b4be63c0aac1ddcf187714f6e67a076a823feaeba5db4a99e5f494ec939d1b0ecd23752c08c3b788704612127e7f080ef581b4990accd6dca7ce52844bc7bbc8c8752497c171d8e628c53609a920fb5a1bc740cb05e2035de72f636ef0498ed2f3cccb64d5740afbc30015442ca0511160787b2c763072c70035f7f3bbbd3966bcc80d021ce1482e27681b963a28189c2ee9d64d0622a94eac689d3fc1a4137c4d62a4c73fab4b0175a8ff8fa256118affd94aaeee33b155043f53d9e3d4eb82173df0938c6c3e51c118c1acf187c84f12090ad1dd663013e433455290f87ca88959f9f481e4dd05e6a483abe00f7c974e5ff602a7a6eaa71f8ac06c50afac0c2858b554f59bf88002766a619ae9b0864926d07b273238e1ebd456543f77ea800231dbf4479f0b90fc607", 0x1000}}, 0x1006)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000100)={0x0, 0x40, 0x3, 0x7, 0x16, "b0bf2ebb48c849ac0000000003000018bfff40"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup3(r3, r2, 0x0)
ioctl$TCSETAW(r2, 0x5407, &(0x7f00000000c0)={0x7, 0xffff, 0x1, 0x5, 0xb, "1f6ea8138a1e62b0"})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0xff)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
io_uring_setup(0x2068, &(0x7f0000000100)={0x0, 0xd5b1, 0x4000, 0x0, 0x239, 0x0, r0}) (async)
io_uring_setup(0x2068, &(0x7f0000000100)={0x0, 0xd5b1, 0x4000, 0x0, 0x239, 0x0, r0})
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r5) (async)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r5)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0003000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) (async)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0003000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

726.646194ms ago: executing program 5 (id=7503):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x72, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r4, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r5=>0x0})
sendto$packet(r0, &(0x7f00000000c0)="80000000a37e98a328246b9ee46a5c63f6ffc0619d65b3d58a87f3e8dc34326ed283cf663e163bc3fbcfa6bea673b1c03d980b4282f640bc258cadbe4698fa84b08d00df5a77d8cd8fb509440d3e4b475e8fc6ba2dd553ef18c20483527dba8bfdccd84ee80f7f96103c2eda0c04bdd3df78b0bd4ffba2f86f434a513b66dd603927fa5fd564ee3ff4d07c6d765c1af83c21f3ca1026694946ca6308e7c6f76ab181322132dcd0381d81bd6e4d749bd3e97d3689be1558580153a0a4", 0xbc, 0x8b01, &(0x7f00000004c0)={0x11, 0x17, r5, 0x1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)

533.315888ms ago: executing program 5 (id=7504):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000076b4a5154d4f923c5300000000000000000000000000330acc"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r1, 0x0, &(0x7f0000000400)=""/160}, 0x20)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}, @in6={0xa, 0x4e21, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8001}], 0x38)

532.29095ms ago: executing program 5 (id=7505):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x2, 0x0, &(0x7f0000000180))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x7c, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x3d)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000640)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xc0f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4}, 0x50)
r5 = bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r3}, 0x8)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="9feb010018000000000000005801000058010000040000000700000000000007000000000000000000000003000000000500000004000000000000000200000008000006040000000800000000000100070000000000000003000000090000000900000008000000050000000f0000000c0000000010000000000000feffffff05000000f9ffffff080000000000000a0000000008000000070000060400000002000000ff0f0000020000007e000000060000000400000047000000010000000c00000001000000040000002f9400000500000009000000050000000500000604000000080000000400000009000000080000000d000000ffff000000000000040000000c00000053000000060000000000000e0500000000000000000000000900000d00000000070000000200000005000000010000000900000002000000020000000300000006000000010000000d000000000000000b000000000000000100000000000000000000000000000000302d009d5078e0801effeeda08c08689fc42d1edacc3f0d0e403c70392697676f1db65a9510fa35dce38fe05ed41c116cd1e06385ad13bce20b9b4a5cedff09050a42016c6766de60b130fa8b7892e30f38118fe7ce48db289dcfc7cf0d6da8767f2ad79ec0c68ae07af6525243a252d066bcd179cc0ce27cf6fb6705fe4682071f1498a6d8bfcd03f60d49774e8cb73372abb0e876d6c09dd1ab16a70bd45ca909585b5f58a791631edc7387c1b0a0948bb5841c89c5c24ba1712f28ac67854037629d331290c4d30b9e6d65a040e718c281968b810ba"], &(0x7f0000000340)=""/81, 0x174, 0x51, 0x5, 0x80000001, 0x10000, @value=r5}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="b9212cfc06000000010000000000000028000000", @ANYRES32=r4, @ANYBLOB="ba00"/20, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="0300000000000000010000000e00"/28], 0x50)
ioctl$KVM_CAP_X2APIC_API(r2, 0x4068aea3, &(0x7f0000000080)={0x81, 0x0, 0x2})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x8000}, 0x1}}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x20008084}, 0x20004000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000180)=[{&(0x7f0000000300)="d80000001a0081044e81f782db4cb9040a1d0800fe007c05e8fe55a115001c000200142603600e12080005007a010401a80016002000034004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0x12b}], 0x1}, 0x0)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
close(0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$sock_SIOCGIFBR(r11, 0x8941, &(0x7f0000000080)=@add_del={0x3, &(0x7f0000000100)='ip6erspan0\x00', 0x2a0ffffffff})
vmsplice(r10, &(0x7f0000000500)=[{&(0x7f0000000440)="8f", 0x1}], 0x1, 0x6)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000480)={{0x1000, 0xdddd1000, 0x4, 0x9, 0xfd, 0xe4, 0x40, 0x7, 0x0, 0x2b, 0x16, 0x9}, {0x200000, 0x3000, 0x3, 0x0, 0x40, 0x5, 0x7d, 0x6, 0x5, 0x3, 0x3, 0xb5}, {0xeeef0000, 0xf000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa8, 0x4, 0x4}, {0x80a0000, 0xeeee0000, 0x9, 0x6, 0x4, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x10000, 0xdddd9000, 0x2, 0x3, 0x3, 0x6, 0xab, 0x81, 0x7, 0x2, 0xdb}, {0x60000, 0x100000, 0xc, 0x7, 0xb1, 0x9, 0x21, 0x81, 0x80, 0xff, 0x1}, {0x3000, 0x8000000, 0x4, 0x1, 0x2, 0x5, 0x7, 0x3, 0x5, 0x80, 0x1, 0x70}, {0x70000, 0x1000, 0x9, 0x5, 0xf, 0x7, 0xc, 0x34, 0x2, 0xc, 0xb0, 0x9}, {0x10000, 0x5}, {0x2000, 0x5}, 0x80000031, 0x0, 0x8000000, 0x2024, 0x3, 0x500, 0x3000, [0xf90000000000, 0x4, 0x80, 0xfff]})
socket$nl_route(0x10, 0x3, 0x0)

256.269413ms ago: executing program 5 (id=7506):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, r0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4048aecb, 0x0)

106.10554ms ago: executing program 6 (id=7507):
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x20, 0x0)
ioctl$XFS_IOC_FSINUMBERS(r0, 0xc0205867, &(0x7f0000000540)={&(0x7f0000000040)=0x2, 0xfffffff9, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000500)})
r1 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000580)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x24b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x91, 0x20, 0x3f, "", [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x3, 0x1, 0x2, 0x8e, {0x9, 0x21, 0x3, 0x59, 0x1, {0x22, 0xe60}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x8, 0x1}}, [{{0x9, 0x5, 0x2, 0x3, 0x648, 0x5, 0x2, 0x7e}}]}}}]}}]}}, &(0x7f0000000900)={0xa, &(0x7f00000005c0)={0xa, 0x6, 0x110, 0x2, 0x24, 0x6, 0x28, 0x8}, 0xc, &(0x7f0000000600)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x16, 0x3, 0xd, 0xd}]}, 0x4, [{0x102, &(0x7f0000000640)=@string={0x102, 0x3, "cd71909a2c3272dafedb4f68e6970e2a66580583bbbbbf222f4293b1b28b10bdd05d473817efd9a426c4fa477065d0628028220fe09c9949ff0e0320da1f736555edbbc16cc0619224ad316eea2143c0c98b1a1e0e11c4c2c695e1fa6816b80a1ef7065cd9a1a023e9fc057135c0da6cb05459a22882b7acc2761fb1f6ee7fc0ec391b7bb6c192ce0ac874614cfc268b3eeb547fbc4c4b89740a7a085aa95a141c4c32bcb58e68734e0672b1c1bdecac8849d74a9628f27fb509cc7ca6563a7f991293b41248bc86d7f993cc4d39ed0459994260d5a699110d4a75bb2ab15b2af6888f521ca9a9bc49e17d921857c8fbfeda423b50e37b76ddd60e0a7fe0357d"}}, {0x4, &(0x7f0000000780)=@lang_id={0x4}}, {0x24, &(0x7f00000007c0)=@string={0x24, 0x3, "04dc0a4c366afae5856e4fc821c8aab27d3641f6b42032bbd3ddc32a7ae3070c06d6"}}, {0xe8, &(0x7f0000000800)=@string={0xe8, 0x3, "52504543dec0d6a20105e4a7a73d993291bd997704e86bdeb7b6bc33d4a8103ddae828811a72bb85506c1b5adc65df46bf35da8e47904e59989a3935630fed26c31181c5155214d49d8b37c8cbe84da9d8f485f175a49ccf9a0d19f844eb0e4e5fe54ba3d9607a962593bf25d4781d71708677e785662992ecba72ad2de4ec1ff0faf7fce7a5351042ddaee4aa2755fa2ee38d166e27d0d41752bfcc0e57bae49a1085ef7e7fbadc8c0d3e019701aff7d9416ece67b29f87b668f57d737c19cd3661ea3f9877617e2e86390884902274536c365b11095ad9516b18b78ae178f3e59370979819"}}]})
syz_usb_control_io$hid(r1, &(0x7f0000000b80)={0x24, &(0x7f0000000980)={0x0, 0x21, 0x8c, {0x8c, 0x30, "8e070a6b93a83ace3573aaf3a44912888fc6fd9b2b3cf6ff14509cda5ce0be6dc313ef458becd5577355732a8d2bfd6a446c46e1379c3920f3d6b69a12b49eeef72b6af7aa454c7655e99b3393ca4b0919bac97bc815c2793780e2df0d4d6a04ad42b1fcc21259b27a3b75ad1485843968e40d27fc65c52dc2c53b395e9acd3bf8b7b86d5743633eb530"}}, &(0x7f0000000a40)={0x0, 0x3, 0x9e, @string={0x9e, 0x3, "3b57ae80078e274d03d7fa19ee02437fd7b066c7abe91c5c15d59b93e26f1150528cc31436ebc04da8645bfdbf0bfa357c6e5b180775f84dac1d65805a23e76eecd240ddfff87bd7c2274a7d3772552df0e6a2d43f7b3551e06000f480335b9f83ccd02121830788cf2e642c832b4d2bdcb40441919237bbbd4bc9d155615436359ca01455e14fd2eb2a5f6a3383f665bc324c0fde19be544dc8104f"}}, &(0x7f0000000b00)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0xc, "6cb68df0"}, @local=@item_4={0x3, 0x2, 0x9, 'P-m\a'}]}}, &(0x7f0000000b40)={0x0, 0x21, 0x9, {0x9, 0x21, 0x9, 0x5, 0x1, {0x22, 0x3ee}}}}, &(0x7f0000000e40)={0x2c, &(0x7f0000000bc0)={0x0, 0x16, 0x99, "a3b515c97cc4c19fe3f06b0a92ea58395b44ea7014b27a967f633cf02517e2cf0da2a016ea4755ab1a1f1da7131294d2368a227390be969350fd0dd590e3e4177c4e101558c02f4117181d62e82f939437c5350a5a8c09860ce0eb60a5bc5921f90ead8eb0fed62086915a0f2e80ec7f936abd32954c05c14c7a5aa645ed0ae4e49ac7bd1f4665dda7656fce95877f67d03080c3ee1663a703"}, &(0x7f0000000c80)={0x0, 0xa, 0x1}, &(0x7f0000000cc0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000d00)={0x20, 0x1, 0xdf, "02e629b8e9f205d892422f94ffba98390701dbed9d911e88d1fa1c094c159e02aae47594426b55936e3c32a8b9fe6c61807671820e01f17ba7cd895149fd888c86e07c9da05c47b4bdb1ccccacc1973967f2360b51abe0f455272d9bf2dc1c6ca870973e1912bbbc1338a2ca65665620a15e51b37ff9d875450fb3b840e33f3fa594eaa7a936064f7e082d9577cc855a094a091748120abdd91eaddf0c0fc35261df5916c89f0cacf9d9f58590f738cd7cab1bc66013e4f2a5edea3f718008a08e0b4548d06eccb8bee727d172c9e95d71edc18912c89bd830e2d120ee8298"}, &(0x7f0000000e00)={0x20, 0x3, 0x1, 0xc}})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000e80)={{0x1, 0x1, 0x18, <r2=>r0, {0x9}}, './file0\x00'})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000f40)={'tunl0\x00', &(0x7f0000000ec0)={'erspan0\x00', <r3=>0x0, 0x8720, 0x80, 0x4, 0x6, {{0x9, 0x4, 0x3, 0x8, 0x24, 0x68, 0x0, 0x1e, 0x0, 0x0, @remote, @remote, {[@generic={0x88, 0xc, "6501c143281257fa5c0f"}, @noop]}}}}})
connect$can_bcm(r2, &(0x7f0000000f80)={0x1d, r3}, 0x10)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000001000)={0x9, 0x0, &(0x7f0000000fc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_usb_control_io(r1, &(0x7f00000012c0)={0x2c, &(0x7f0000001040)={0x0, 0x22, 0x80, {0x80, 0x2, "e88d8694aa8caabef71b3f9de008d46e216110326f3658774e4faeefbf0255b8d8b16c1726584a6c1e4dead75a5323fa9f20f247356de8509cc560883dbcba1e9578900a689c255c6e0fbb0445b0ad192c9ea6445d62ec0b64f88041fdcb82054f61c17ae1ff0528d4a860f9ef60a760569254e4b6613643e481ff737500"}}, &(0x7f0000001100)={0x0, 0x3, 0xd3, @string={0xd3, 0x3, "9272c594ee790e3b9d21e14684d5079ad094f41c8575fb9e707a639b2f2ab9bd47a2f2be9612a0fa40e181bf1226a3edd7cfc9ef5f9cb26e537c6b0b218399036ba622a6b9801b1b0d6ed12eb71dfa698bc464caeed3bc60315f6c995fba84d9a26f34dfbc5f11ac11406a47155eea2a560e3cdeec67fa94030f3e31c0d76b40636a0a37a644e68952e9f4a5f539dac492e5566d9e141f49da8fbc25401791f84e4b82f2158b87f278542658755a360220962031c0b12e01a3173d9263a0340a99f06c7437cfa5f3f5ff09411428e081a8"}}, &(0x7f0000001200)={0x0, 0xf, 0xf, {0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0xa, 0x0, 0x2, 0xfffb}]}}, &(0x7f0000001240)={0x20, 0x29, 0xf, {0xf, 0x29, 0x40, 0x1, 0x9, 0x8, "a9d0e63e", "81a7c0a5"}}, &(0x7f0000001280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x4, 0x8, 0x68, 0x0, 0x69b7, 0x9}}}, &(0x7f00000017c0)={0x84, &(0x7f0000001300)={0x40, 0x8, 0xe2, "6299bed159de6bc7bbfc9a7ea81c218a5f0a6807ede6ead893e818b93ff6e0f27b79a5852ab9aab7925935d986e0af86202f40baeee9e7d27fe468a93e5f526f98964cba85bfe59a8a2870044cf81092bd55a0e9670a9e83d701983f4b572fe23c31a1d4ebccc5a425bec1d87373c78ff30d5d540904cc2e2d363d0d06df5ecc63f4414c4b8e1d2865feb88ae2f3a8f455e22603bcdc2aa2af742c34fd399ffe742a9da3e5c395618b3d67f46574bee8b22dad0727addb01ef12a3e025620245b899edf48e6a0968e0a90e0a9c75cbb36154e78ca05d7f52b58c0f5dca96cf7bda60"}, &(0x7f0000001400)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000001440)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000001480)={0x20, 0x0, 0x4, {0x3, 0x3}}, &(0x7f00000014c0)={0x20, 0x0, 0x4, {0x10, 0xe2539898d52c7ff7}}, &(0x7f0000001500)={0x40, 0x7, 0x2, 0x4}, &(0x7f0000001540)={0x40, 0x9, 0x1, 0x83}, &(0x7f0000001580)={0x40, 0xb, 0x2, 'n`'}, &(0x7f00000015c0)={0x40, 0xf, 0x2, 0x9}, &(0x7f0000001600)={0x40, 0x13, 0x6, @broadcast}, &(0x7f0000001640)={0x40, 0x17, 0x6, @remote}, &(0x7f0000001680)={0x40, 0x19, 0x2, "0cd5"}, &(0x7f00000016c0)={0x40, 0x1a, 0x2, 0x9}, &(0x7f0000001700)={0x40, 0x1c, 0x1, 0x8}, &(0x7f0000001740)={0x40, 0x1e, 0x1, 0x62}, &(0x7f0000001780)={0x40, 0x21, 0x1, 0x8}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f00000018c0), r2)
sendmsg$GTP_CMD_NEWPDP(r4, &(0x7f00000019c0)={&(0x7f0000001880)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001980)={&(0x7f0000001900)={0x54, r5, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@GTPA_PEER_ADDR6={0x14, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_PEER_ADDR6={0x14, 0xb, @local}]}, 0x54}, 0x1, 0x0, 0x0, 0x8044}, 0x40884)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001a40), r2)
sendmsg$IPVS_CMD_GET_CONFIG(r4, &(0x7f0000001bc0)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001a80)={0xd8, r6, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x1608e1128771a6cf}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff7}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xa1}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xc}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve0\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x57}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xf}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40}, 0x4401)
r7 = syz_usb_connect$uac2(0x6, 0xcd, &(0x7f0000001c00)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xff, 0x41e, 0x323b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x3, 0x1, 0x6, 0x10, 0x8, {0x8, 0xb, 0x1, 0x2, 0x1, 0x8, 0x20, 0xd6}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x8, 0x6, 0x10, 0x5}, [@multiply_unit={0x7, 0x24, 0xc, 0x6, 0x9, 0x1, 0x3}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0xe, 0x2, 0xdd, 0x9, "f21515", "f3a1"}]}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x9, 0x6e, 0x10, {0x8, 0x25, 0x1, 0x80, 0x3, 0x7, 0x3}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0xb44b, 0x200, 0x8, 0x97}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x7f, 0x3, 0x6, 0xc, "7c19", 'w}'}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0xff, 0x3, 0x3, 0x6, 0x8}, @format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0x238, 0xac, 0x20, "ec3405c2afacfb"}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x8001, 0x3, 0x8}, @format_type_i_descriptor={0x6, 0x24, 0x2, 0x1, 0x3}]}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0x0, 0xcc, 0x1, {0x8, 0x25, 0x1, 0x80, 0x30, 0x5}}}}}}}}]}}, &(0x7f00000021c0)={0xa, &(0x7f0000001d00)={0xa, 0x6, 0x300, 0x7, 0x2, 0x4, 0x10, 0x2}, 0x185, &(0x7f0000001d40)={0x5, 0xf, 0x185, 0x6, [@generic={0xb1, 0x10, 0xb, "0c35df9358e9ab4b0863286bd4ef740bac21aceb3dbeabf2c77efa6ac6e8d4e22591c2b8ddb19f9c1c7fe7e711944705cab6c2fdb2488aae11e05c065ca998229e9b65d2520e4cf7cf04bdf7d45e06f89a53dbb3e65772461a210e5274db1d475196582a20d9d24cc1154df728ce849cfd0f2dec0f3d55d7ca4c53e8ccab2bf228ca9f12f4487369655b4ed63c55c4164c740a1f19edc1958b0bd78e39b8eba74aebae3599f91ae23ec976f14b3a"}, @wireless={0xb, 0x10, 0x1, 0x4, 0x6a, 0x44, 0x3, 0x7, 0x40}, @generic={0xa6, 0x10, 0x4, "de8737aa671482d1da036c98a2022cdc95d3440e912a24c7911023e2e14d68933993e4069a0dce4714e1056443a5e2993fb47cfe9eb726623a5ca04d3bc840799e0053692868bb20d5a597b18d197aaafff11b73ae4d55cedbad33688c4596b728e4e3ca6df2f860ca7f19dd96eb5f43f67ba65b2d191ed2ba81b464c3bb91d5d245d7054d8ee3331fbda00da68e4a375846ca14b7727ba30900cbb94db0da38351318"}, @ssp_cap={0x18, 0x10, 0xa, 0xfe, 0x3, 0x3ff, 0x1e, 0x10, [0xc0, 0xff0000, 0x0]}, @ptm_cap={0x3}, @ptm_cap={0x3}]}, 0x6, [{0x4, &(0x7f0000001f00)=@lang_id={0x4, 0x3, 0x812}}, {0xfb, &(0x7f0000001f40)=@string={0xfb, 0x3, "a00634c17536efa2e7ee5cdc8cebb5cb466469e32ea27be0b3825fdab4fcd6dc16696bdcd6365a4cf2511c88ab5f406c3de9bf032de0ec229c3d61aca47603cb99ac3630c4ae18010e3fe1aed5db0710d141b6894d8ea959913fc68e0316390fd96de8c99c511d41cc64b93fdb1403829a9bbce8bec128f2150b1b9b804227a5f60aa7b7431dcf8c0d51eae1644069368a8e84439b70231e2325fc834ccb6f5257e8c667e9cccbf39ce026f26490428aa6a9f6c011e4677d1391f0c9cdcb884efa07928333375003140ae66631365963b59d48d0830373d8ea7d9ec76f64b60a4feb46f4f17d9e3c3c9662adfa75e5d35e3011ad007be58f9c"}}, {0xb0, &(0x7f0000002040)=@string={0xb0, 0x3, "1e977cf7301bbf68c4211ea089ad6746fd3c0f6a6e8bd0be8564dcb1244433a7d93e9d97f18f5b0bf8418dd4fbf5c83f104bad186c2e81284a407965df12b214b636cfa6f5d5674d198e22bc965844eb6eecf516d338c8dc531357a191bca47f52e6695025f8874e49c6b1a6396c7320819a820faa56e91e2594c2628ef3d577d1f8fee0d2ef1ce42be706794db683b0021301a862a349b970f9655f515f7c0c8908fb46ae70659103045db1082c"}}, {0x4, &(0x7f0000002100)=@lang_id={0x4, 0x3, 0x820}}, {0x4, &(0x7f0000002140)=@lang_id={0x4, 0x3, 0xb6aa9e4c8b8e3f21}}, {0x4, &(0x7f0000002180)=@lang_id={0x4, 0x3, 0x827}}]})
syz_usb_control_io$uac2(r7, &(0x7f00000022c0)={0x14, &(0x7f0000002240)={0x0, 0xc, 0x19, {0x19, 0x31, "183288ec5df391b9209dade250f4307d94b486053510e8"}}, &(0x7f0000002280)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x42b}}}, &(0x7f00000025c0)={0x44, &(0x7f0000002300)={0x0, 0x16, 0xde, "51c195b8e3f28fc719479f551395d4699150b7d47397c16a0552b63a983ec14db3fc7a656a9d64d9c2a1450f3528d88199bd9aefca82c88daacc804b6944719575e2c9a48b2666ef1c9b1db8ced2568b04ff7a7cfbe6103a3f398bcc1e0c043042993dfdd61b403304b08dfb4a94aefeccf5fa46fd6d488f351d2ccdba082629c9297a340613216ff65db1ec7a872c1f787186137f179e35b73d35e8a0d61dfdd14d8444dbfa5af9b4cdacaede9367f8d27208a440ff35581499d93cfd38bef43a5c959c779730adca29ebf01c26e85b2a0d326e6257badaad0d8e17a42f"}, &(0x7f0000002400)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000002440)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000002480)={0x20, 0x81, 0x2, "9a49"}, &(0x7f00000024c0)={0x20, 0x82, 0x1, "f0"}, &(0x7f0000002500)={0x20, 0x83, 0x3, "d51dbd"}, &(0x7f0000002540)={0x20, 0x84, 0x1, "a1"}, &(0x7f0000002580)={0x20, 0x85, 0x3, "c2b951"}})
syz_emit_vhci(&(0x7f0000002640)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x11}, @hci_ev_le_direct_adv_info={{}, {0xcd, 0x0, @none, 0x5, @any, 0xf}}}}, 0x14)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000002800)={&(0x7f0000002680)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000027c0)={&(0x7f00000026c0)={0xf8, r6, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x44, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6gre0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0xc}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x37}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3c}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x200}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@rand_addr=0x64010102}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x5}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1000}]}, 0xf8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r2, 0x8917, &(0x7f0000002840)={'pimreg\x00', {0x2, 0x0, @multicast1}})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002880)='./binderfs2/binder1\x00', 0x2, 0x0)
sendmsg(r4, &(0x7f0000003040)={&(0x7f00000028c0)=@can={0x1d, r3}, 0x80, &(0x7f0000002ec0)=[{&(0x7f0000002940)="003b2474450de39fe5642128680fa3b2430e8188f7c9faa92b27c5ccc6a464101724deb52350245f9cecf1fd9871a254bdbfee4e1e1e63cfab8a0233fb899c91be70cdd85c44f17087b476da6fd34c376b6b8ff7530237c23766d0c9f0e035dd53ea7973a52f1495a53daf06701007a974b4a46b4ba4075cae503136210ae32a5bae0ffa38b31d7325bd7f7500eed8006d87c908948e", 0x96}, {&(0x7f0000002a00)="e42e5ffc99bc2316674b1a09b4d873ddd5df3f76db4135b43204b6550176f2eff802e034617e1efdacd8d59c0a9e9eb6078c422450cd0f7f2cefa29d2f65f56f0d3c8ce827cdc039c91a5cb9e228742a2559cc8f8a52e4b5a312322dcb6c8a7155fe7654e8c7f57074140d2e8f55e71aeacd0e404ad8a8b709df12bd91e08a59b67385712e4c07403661ce47c4e56ca2c9ddd651127533ac4a4935987a56d03c925e99152602948101740abab07d99bfdf3c219202c1be6d9360c72626c0", 0xbe}, {&(0x7f0000002ac0)="4712e75fab55663e28c0b33be0ab8b89c70a909c1e971bc4fe94702c4b67c909e65626fc401ccb42875989a9ba1b7b18a82fac4bd8375c1551861853afcdea86b057db27200456d90ead3352955b5b49d8397999baa3ecfc11309af15b482de900f2d9d7c0c1bcf2b0efb58b86fdfaabe506af3d4c36d045f8116ce310e3aca6f4fb0286889d9b52d7dd03a5f078d649c5fb4eb144813ea824f0a1c4c62be162f7f30e90e6714f92bb167061c62a30bbede75e4338a9a45a200286e3e932652aa0bc8495ef578acb8f6a48fc0d3c83718d0151b50cbcf4ba87a9aebfb29e8b7eb7881654f2fa884db4807481a67296d3248d0f76bf4dee", 0xf7}, {&(0x7f0000002bc0)="8fee20bc2170a9a824e499c2fa9108a6d40ac5a529641fb0228a12ee63e7c6208aaee40cd350568daef5ac36bcf97a21e5948ce754ba067ec7c850fedcba91a577ec7865a67d4ca3b848dc97a729eeadca09c4368161601f2a285e8c6fe5d061b06a14cdc12c12c91aaf760e8d6570b75faf870085ddef7002e1803476615dfb93bce7344e2be106109367a7e5df3f31c48a5736a02c1cf5eada87f624645a6b6c3acaaf5d05a9c1940bd45ae989c22ea47a38", 0xb3}, {&(0x7f0000002c80)="a26dce50c59ba454491117e754b622329b2148dd6235557d30bd0d2582a03af16cc50c52a56f83796d2d9aadf17d49bffd76281e7646850e17408bd633ddc4e44b47136938a79d9a7fe14be00c18c7944a7876d76b30c10281f443e4d53ba6ef7ee9f2fc8c50cbd9a4c537b4941e5c9dea90de6e915325c5b60ee46f1a86d5b126a79f23285881062e129c3b65c87ab2541ca4ca5dd1ff51c54b55f5863745e29fdfa67a074a2b08f115d48bcd062dc973477fd67ec4ca98a5849c91169f568836", 0xc1}, {&(0x7f0000002d80)="4791d28bfae0e4ab17500a6b34156c43fd4c77fdbae7a44ed8634df65b8d51e9cac4bd37655884745741bc5084f71c0adfddcf33128ebe01", 0x38}, {&(0x7f0000002dc0)="353e225b4faec057fbba5d1fffc2668d01b37b448f11828d5443fe9d9de54f6107394b5e9513327b4e8e9ca01d082e462fed6f4c95f040c15b5770d38b26c7c70ebb4c276ca0b4eea9feb9055102153fbbd859d7fada873959b0f043110a3cd4b57ca8bbae81108ae10508d82d173b6547ab037fe253161c5b44ecc245f1178fe99e3b46eb2a860eac6e64cd970ea6058d393dfb921eb0a63586a39442adfb9c9e40639364174b45c604543a76b1a7a7ee8bc3c4403c01db34aec51f9931f76a4c7996d291c4e1ac91b83032819de9f0ac16e498116e038b4cacdf7570936b0b10eafcddbd41da0709a232d31db47ee1999a13d62e8072ee", 0xf8}], 0x7, &(0x7f0000002f40)=[{0xd8, 0x101, 0xffffffec, "a095c3f9d2cf57520bff58d2d25d3c26c7b21a0ca60048437c72b65cc5c487e4eb50d7bb85d1337b430e49dec63cf912ba805326f754a95b6224d84ad38c15a51cc7c3ab9d3a84cd70d04f57fbc7893eb1d7a3333df503d7e129a7a99d957edc826bc8d897c72d6e70d6c5851ee4d78dba9f122d5bcd522dd10cb8562452d7908a89df9ab4c23bd78d5fc65abc31b09526ecf93b0174d38b51d44da73439bc4b2616d183a05b7590e617b63bff94d84ec6bb483810b2589726d77ebf509108db80f9"}], 0xd8}, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000003080)="739a1754b608c06a", 0x8)

105.028112ms ago: executing program 5 (id=7508):
mount$cgroup(0x0, 0x0, 0x0, 0xa04004, &(0x7f0000000200))
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000002090000850000004300000095"], 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1}, 0xc)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff)

0s ago: executing program 5 (id=7509):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) (async)
getpeername$netlink(r2, &(0x7f00000002c0), &(0x7f0000000300)=0xc) (async)
r4 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000f80), 0x2, 0x0)
close(r4) (async, rerun: 32)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) (rerun: 32)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r3], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) (async)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYRES8=r3, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r3], 0x5c}}, 0x40) (async)
set_tid_address(0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r6, 0xc06c4124, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
pipe2(&(0x7f0000000100), 0x0) (async)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

kernel console output (not intermixed with test programs):

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  550.027543][T25633] batadv_slave_0: Caught tx_queue_len zero misconfig
[  550.032602][T25636] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[  550.060505][T20449] usb 5-1: Using ep0 maxpacket: 16
[  550.070867][T20449] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 255, changing to 11
[  550.076307][T20449] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 59391, setting to 1024
[  550.082460][T20449] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  550.085944][T20449] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.088863][T20449] usb 5-1: Product: syz
[  550.090756][T20449] usb 5-1: Manufacturer: syz
[  550.093028][T20449] usb 5-1: SerialNumber: syz
[  550.098142][T20449] usb 5-1: config 0 descriptor??
[  550.106839][T25611] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  550.113277][T20449] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  550.117377][T20449] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  550.128725][T25641] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=26788 sclass=netlink_route_socket pid=25641 comm=syz.6.6575
[  550.136816][T25643] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=26788 sclass=netlink_route_socket pid=25643 comm=syz.6.6575
[  550.183156][T25646] program syz.5.6576 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  550.194800][T25649] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  550.205605][T19783] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  550.221423][T25649] macsec1: entered promiscuous mode
[  550.327699][T25654] pim6reg: entered allmulticast mode
[  550.362380][T19783] usb 6-1: Using ep0 maxpacket: 8
[  550.365913][T19783] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  550.369451][T19783] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  550.373308][T19783] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  550.377096][T19783] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  550.380327][T19783] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  550.386225][T19783] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  550.389302][T19783] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.610019][T19783] usb 6-1: usb_control_msg returned -32
[  550.618291][T19783] usbtmc 6-1:16.0: can't read capabilities
[  550.690235][T25669] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6582'.
[  550.715109][T20449] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  550.817895][ T5737] Bluetooth: hci3: Unexpected cc 0x0000 with no status
[  550.871283][T25673] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6584'.
[  550.963095][T25683] usbtmc 6-1:16.0: usb_control_msg returned -32
[  550.996501][T19217] usb 6-1: USB disconnect, device number 47
[  551.004215][   T41] audit: type=1400 audit(1062.922:31797): avc:  denied  { getopt } for  pid=25685 comm="syz.6.6587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  551.095198][T25692] No source specified
[  551.144714][T20449] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  551.148667][T20449] em28xx 5-1:0.0: board has no eeprom
[  551.186502][T25697] binder: 25696:25697 ioctl c00c620f 200000000100 returned -22
[  551.216347][T20449] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  551.223500][T20449] em28xx 5-1:0.0: dvb set to bulk mode.
[  551.237055][T20449] usb 5-1: USB disconnect, device number 37
[  551.250254][T20449] em28xx 5-1:0.0: Disconnecting em28xx
[  551.255156][ T3259] em28xx 5-1:0.0: Binding DVB extension
[  551.281723][ T3259] em28xx 5-1:0.0: Registering input extension
[  551.285457][T20449] em28xx 5-1:0.0: Closing input extension
[  551.323959][T20449] em28xx 5-1:0.0: Freeing device
[  551.542660][T19783] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  551.613995][T20449] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  551.638317][T25715] lo: Caught tx_queue_len zero misconfig
[  551.688134][ T5737] Bluetooth: hci3: unexpected subevent 0x19 length: 24 < 28
[  551.692235][T19783] usb 11-1: Using ep0 maxpacket: 16
[  551.696553][T19783] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  551.701154][T19783] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  551.715621][T19783] usb 11-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  551.719768][T19783] usb 11-1: New USB device strings: Mfr=34, Product=0, SerialNumber=0
[  551.720681][   T41] audit: type=1400 audit(1063.632:31798): avc:  denied  { shutdown } for  pid=25720 comm="syz.5.6600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  551.723042][T19783] usb 11-1: Manufacturer: syz
[  551.727093][T19783] usb 11-1: config 0 descriptor??
[  551.766517][T20449] usb 5-1: config 0 has no interfaces?
[  551.770142][T20449] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  551.780190][T20449] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.792334][T20449] usb 5-1: config 0 descriptor??
[  551.820159][   T41] audit: type=1400 audit(1063.732:31799): avc:  denied  { read } for  pid=25720 comm="syz.5.6600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  552.001141][T25703] i2c i2c-1: dtv_property_process_set: SET cmd 0x93e81109 undefined
[  552.011202][T25703] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  552.014201][T25703] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  552.020321][T25703] vhci_hcd vhci_hcd.0: Device attached
[  552.029454][T25703] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  552.088501][ T5737] Bluetooth: hci2: Malformed LE Event: 0x0d
[  552.150724][T19783] input: syz as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:041E:3100.000F/input/input38
[  552.220861][T19783] creative-sb0540 0003:041E:3100.000F: input,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[  552.262218][    T9] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  552.344554][ T3259] usb 11-1: USB disconnect, device number 8
[  552.896513][T25760] syzkaller0: entered promiscuous mode
[  552.898307][T25760] syzkaller0: entered allmulticast mode
[  552.918963][T25760] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  552.922831][T25759] tipc: Resetting bearer <eth:syzkaller0>
[  552.940870][T25759] tipc: Disabling bearer <eth:syzkaller0>
[  553.003250][T19783] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  553.117564][T25770] gfs2: not a GFS2 filesystem
[  553.154143][T19783] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  553.158084][T19783] usb 10-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  553.163141][T19783] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  553.167343][T19783] usb 10-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  553.167884][T25773] netlink: 'syz.1.6618': attribute type 1 has an invalid length.
[  553.173350][T19783] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  553.176200][T25773] netlink: 'syz.1.6618': attribute type 2 has an invalid length.
[  553.180873][T19783] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  553.185177][T19783] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  553.189651][T25773] netlink: 'syz.1.6618': attribute type 1 has an invalid length.
[  553.193699][T19783] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  553.193721][T19783] usb 10-1: Product: syz
[  553.193734][T19783] usb 10-1: Manufacturer: syz
[  553.196887][T25756] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  553.197971][T25773] netlink: 'syz.1.6618': attribute type 1 has an invalid length.
[  553.203786][T19783] cdc_wdm 10-1:1.0: skipping garbage
[  553.213969][T19783] cdc_wdm 10-1:1.0: skipping garbage
[  553.217916][T19783] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  553.220967][T19783] cdc_wdm 10-1:1.0: Unknown control protocol
[  553.221237][T25773] bond2: entered promiscuous mode
[  553.226589][T25773] 8021q: adding VLAN 0 to HW filter on device bond2
[  553.405013][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.407962][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.411868][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.414826][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.418509][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.421453][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.425651][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.428589][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.431761][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.435128][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.438900][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.441818][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.445545][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.448477][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.451916][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.454484][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.458161][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.460526][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.463366][    C0] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  553.466305][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  553.497027][ T5801] usb 10-1: USB disconnect, device number 13
[  553.497060][    C0] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  553.529728][T25797] syzkaller0: entered promiscuous mode
[  553.531684][T25797] syzkaller0: entered allmulticast mode
[  553.622938][T25800] syz.6.6625 (25800) used obsolete PPPIOCDETACH ioctl
[  554.234164][T25827] __nla_validate_parse: 9 callbacks suppressed
[  554.234181][T25827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6632'.
[  554.244200][T25827] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  554.247157][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  554.251834][T25827] vhci_hcd vhci_hcd.0: Device attached
[  554.256025][T25829] vhci_hcd: connection closed
[  554.256200][   T12] vhci_hcd vhci_hcd.1: stop threads
[  554.261654][   T12] vhci_hcd vhci_hcd.1: release socket
[  554.264631][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  554.275854][T25730] vhci_hcd: connection reset by peer
[  554.277066][ T7151] usb 5-1: USB disconnect, device number 38
[  554.281721][T24541] vhci_hcd vhci_hcd.0: stop threads
[  554.289369][T24541] vhci_hcd vhci_hcd.0: release socket
[  554.294122][T24541] vhci_hcd vhci_hcd.0: disconnect device
[  554.306829][T25832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6634'.
[  554.311467][T25832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6634'.
[  554.320372][T25834] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6633'.
[  554.326263][T25834] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6633'.
[  554.368713][T25836] syzkaller0: entered promiscuous mode
[  554.371165][T25836] syzkaller0: entered allmulticast mode
[  554.371643][T25838] netlink: 'syz.6.6636': attribute type 4 has an invalid length.
[  554.402019][T25838] random: crng reseeded on system resumption
[  554.407024][T25836] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  554.412480][T25835] tipc: Resetting bearer <eth:syzkaller0>
[  554.431142][T25835] tipc: Disabling bearer <eth:syzkaller0>
[  554.433238][T25838] Unrecognized hibernate image header format!
[  554.437868][T25838] PM: hibernation: Image mismatch: architecture specific data
[  554.443731][T25838] netlink: 'syz.6.6636': attribute type 4 has an invalid length.
[  554.615716][   T41] audit: type=1400 audit(1066.532:31800): avc:  denied  { accept } for  pid=25853 comm="syz.6.6642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  554.647072][T25854] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6642'.
[  554.658787][T25854] kvm: MONITOR instruction emulated as NOP!
[  554.748532][T25858] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  554.751528][T25858] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  554.755347][T25858] vhci_hcd vhci_hcd.0: Device attached
[  554.801411][T25864] xt_hashlimit: size too large, truncated to 1048576
[  554.870021][   T41] audit: type=1400 audit(1066.782:31801): avc:  denied  { ioctl } for  pid=25863 comm="syz.1.6644" path="/dev/ptyq7" dev="devtmpfs" ino=134 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  554.891974][   T41] audit: type=1326 audit(1066.802:31802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25867 comm="syz.0.6645" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x0
[  554.929430][T25870] syzkaller0: entered promiscuous mode
[  554.931421][T25870] syzkaller0: entered allmulticast mode
[  554.954030][T25870] tipc: Started in network mode
[  554.955676][T25870] tipc: Node identity de007294993e, cluster identity 4711
[  554.959950][T25870] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  554.965291][T25869] tipc: Resetting bearer <eth:syzkaller0>
[  554.982214][ T5880] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  554.985907][T25869] tipc: Disabling bearer <eth:syzkaller0>
[  555.002413][T19539] usb 49-1: new low-speed USB device number 2 using vhci_hcd
[  555.072847][T25873] netlink: 'syz.1.6647': attribute type 30 has an invalid length.
[  555.075540][T25873] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6647'.
[  555.086290][T25873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6647'.
[  555.090953][T25873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6647'.
[  555.097841][T25873] netlink: 'syz.1.6647': attribute type 30 has an invalid length.
[  555.101035][T25873] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6647'.
[  555.133268][T25875] block nbd1: Unsupported socket: should be TCP or UNIX.
[  555.133532][ T5880] usb 11-1: config index 0 descriptor too short (expected 247, got 96)
[  555.139240][ T5880] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  555.142900][ T5880] usb 11-1: config 0 has no interfaces?
[  555.146163][ T5880] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  555.149368][ T5880] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  555.152812][ T5880] usb 11-1: Product: syz
[  555.154716][ T5880] usb 11-1: Manufacturer: syz
[  555.158013][ T5880] usb 11-1: config 0 descriptor??
[  555.366215][T25860] vhci_hcd: connection reset by peer
[  555.370504][ T5880] usb 11-1: USB disconnect, device number 9
[  555.376692][   T12] vhci_hcd vhci_hcd.6: stop threads
[  555.385657][   T12] vhci_hcd vhci_hcd.6: release socket
[  555.392007][   T12] vhci_hcd vhci_hcd.6: disconnect device
[  555.939410][T25886] kvm: user requested TSC rate below hardware speed
[  556.101736][T25895] xt_hashlimit: size too large, truncated to 1048576
[  556.279896][T25903] program syz.5.6657 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  556.295777][T25907] cgroup2: Unknown parameter 'net'
[  556.365587][T25909] netlink: 'syz.5.6659': attribute type 1 has an invalid length.
[  556.370385][T25909] nbd: error processing sock list
[  556.775017][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.783750][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.788043][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.793725][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.797619][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.803141][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.806594][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.811714][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.815671][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.819486][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  556.847562][ T5880] hid-generic 0000:0000:0000.0010: hidraw1: <UNKNOWN> HID v0.00 Device [Á“ƽZÄæwÇý[baÿ–é|\rnÀ)A¼#6”oÒ¯ô?•ða Iü¸äãs„Ö5hVõ3ñ®(;éò
[  556.847562][ T5880] ãÑ�ƒPÔ$zÉ·‡X$©·à˜w[SÖì–ÀRìÑeÑzx—ÞuñS r»œÏláì[µ5l'˜ZCz2ñ] on 
[  556.936899][T25920] fido_id[25920]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  557.060004][T25922] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[  557.426373][   T41] audit: type=1400 audit(1069.246:31803): avc:  denied  { ioctl } for  pid=25957 comm="syz.0.6674" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4604 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  557.439538][    T9] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  557.704814][T25952] syz.5.6673 (25952): drop_caches: 2
[  557.779190][   T41] audit: type=1400 audit(1069.583:31804): avc:  denied  { append } for  pid=25971 comm="syz.0.6681" name="001" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  557.794760][T25972] CIFS mount error: No usable UNC path provided in device string!
[  557.794760][T25972] 
[  557.806486][T25972] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  558.220104][ T7151] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  558.293524][T25997] overlay: Unknown parameter 'dont_hash'
[  558.394053][ T7151] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.411869][ T7151] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.416270][ T7151] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  558.421033][ T7151] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  558.433296][ T7151] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.446947][ T7151] usb 10-1: config 0 descriptor??
[  558.722546][T26016] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=26016 comm=syz.0.6694
[  558.754078][    T9] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[  558.773622][T26019] dns_resolver: Unsupported server list version (0)
[  558.833785][T26022] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=26022 comm=syz.0.6696
[  558.915660][    T9] usb 11-1: Using ep0 maxpacket: 8
[  558.925865][    T9] usb 11-1: config index 0 descriptor too short (expected 5924, got 36)
[  558.927088][ T7151] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  558.935826][    T9] usb 11-1: config 250 has an invalid interface number: 228 but max is -1
[  558.939830][    T9] usb 11-1: config 250 has 1 interface, different from the descriptor's value: 0
[  558.943786][    T9] usb 11-1: config 250 has no interface number 0
[  558.948673][    T9] usb 11-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  558.962466][    T9] usb 11-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  558.970635][    T9] usb 11-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  558.982331][    T9] usb 11-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  558.990349][    T9] usb 11-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  559.002361][    T9] usb 11-1: config 250 interface 228 has no altsetting 0
[  559.008468][    T9] usb 11-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  559.016884][    T9] usb 11-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  559.020712][    T9] usb 11-1: Product: syz
[  559.024227][    T9] usb 11-1: SerialNumber: syz
[  559.045608][    T9] hub 11-1:250.228: bad descriptor, ignoring hub
[  559.048734][    T9] hub 11-1:250.228: probe with driver hub failed with error -5
[  559.263381][    T9] usblp 11-1:250.228: usblp1: USB Bidirectional printer dev 10 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  559.290865][   T41] audit: type=1400 audit(1070.996:31805): avc:  denied  { append } for  pid=26047 comm="syz.1.6704" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  559.529123][T26069] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  559.557423][T26074] __nla_validate_parse: 14 callbacks suppressed
[  559.557440][T26074] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6711'.
[  559.569068][T26069] overlayfs: failed lookup in lower (newroot/83, name='bus', err=-40): overlapping layers
[  559.682184][T26079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6713'.
[  559.716739][T26079] macsec1: entered promiscuous mode
[  559.721962][T26079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6713'.
[  559.929937][ T5737] Bluetooth: hci3: command 0x0401 tx timeout
[  560.303492][T20449] usb 11-1: USB disconnect, device number 10
[  560.311500][T20449] usblp1: removed
[  560.443256][T19539] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  560.570246][T26122] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6717'.
[  560.575425][T26122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6717'.
[  560.691515][   T41] audit: type=1400 audit(1072.307:31806): avc:  denied  { write } for  pid=26123 comm="syz.0.6718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  560.700607][   T41] audit: type=1400 audit(1072.307:31807): avc:  denied  { ioctl } for  pid=26123 comm="syz.0.6718" path="socket:[114865]" dev="sockfs" ino=114865 ioctlcmd=0x6686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  560.815137][T26132] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6721'.
[  560.824343][T26132] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6721'.
[  560.893489][T26142] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6725'.
[  560.936524][T26146] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  560.939315][T26146] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  560.942849][T26146] vhci_hcd vhci_hcd.0: Device attached
[  560.948403][T26150] befs: (nbd6): unable to read superblock
[  561.005260][T26156] fuse: Unknown parameter '0x0000000000000004'
[  561.034166][T19217] usb 10-1: USB disconnect, device number 14
[  561.158292][ T5806] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  561.162055][T26159] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  561.190299][ T5880] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[  561.197187][T26165] netlink: 60 bytes leftover after parsing attributes in process `syz.5.6731'.
[  561.200241][T26165] netlink: 'syz.5.6731': attribute type 3 has an invalid length.
[  561.201057][    T9] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  561.204734][T26165] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6731'.
[  561.276044][T20449] usb 11-1: new high-speed USB device number 11 using dummy_hcd
[  561.340209][ T5806] usb 6-1: Using ep0 maxpacket: 32
[  561.343923][ T5806] usb 6-1: unable to get BOS descriptor or descriptor too short
[  561.346547][ T5806] usb 6-1: too many configurations: 215, using maximum allowed: 8
[  561.350515][ T5806] usb 6-1: unable to read config index 0 descriptor/start: -61
[  561.353197][ T5806] usb 6-1: can't read configurations, error -61
[  561.363024][    T9] usb 5-1: config index 0 descriptor too short (expected 247, got 96)
[  561.367078][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  561.370525][    T9] usb 5-1: config 0 has no interfaces?
[  561.374121][    T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  561.377460][    T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  561.380101][    T9] usb 5-1: Product: syz
[  561.381551][    T9] usb 5-1: Manufacturer: syz
[  561.384874][    T9] usb 5-1: config 0 descriptor??
[  561.446785][T20449] usb 11-1: Using ep0 maxpacket: 8
[  561.452474][T20449] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  561.456141][T20449] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  561.460693][T20449] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  561.465408][T20449] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  561.470135][T20449] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  561.475761][T20449] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  561.480082][T20449] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.500202][ T5806] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  561.692498][ T5806] usb 6-1: Using ep0 maxpacket: 32
[  561.696869][ T5806] usb 6-1: unable to get BOS descriptor or descriptor too short
[  561.699484][ T5806] usb 6-1: too many configurations: 215, using maximum allowed: 8
[  561.706080][ T5806] usb 6-1: unable to read config index 0 descriptor/start: -61
[  561.708889][T20449] usb 11-1: usb_control_msg returned -32
[  561.711082][T20449] usbtmc 11-1:16.0: can't read capabilities
[  561.713091][ T5806] usb 6-1: can't read configurations, error -61
[  561.718738][ T5806] usb usb6-port1: attempt power cycle
[  562.084358][T26221] usbtmc 11-1:16.0: control status returned 0
[  562.109311][ T5806] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  562.131458][ T5806] usb 6-1: Using ep0 maxpacket: 32
[  562.136069][ T5806] usb 6-1: unable to get BOS descriptor or descriptor too short
[  562.139694][ T5806] usb 6-1: too many configurations: 215, using maximum allowed: 8
[  562.145390][ T5806] usb 6-1: unable to read config index 0 descriptor/start: -61
[  562.148901][ T5806] usb 6-1: can't read configurations, error -61
[  562.301795][ T5806] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  562.334512][ T5806] usb 6-1: Using ep0 maxpacket: 32
[  562.341973][ T5806] usb 6-1: unable to get BOS descriptor or descriptor too short
[  562.344996][ T5806] usb 6-1: too many configurations: 215, using maximum allowed: 8
[  562.349362][ T5806] usb 6-1: unable to read config index 0 descriptor/start: -61
[  562.351947][ T5806] usb 6-1: can't read configurations, error -61
[  562.354434][ T5806] usb usb6-port1: unable to enumerate USB device
[  563.050466][T26228] openvswitch: netlink: IP tunnel dst address not specified
[  563.148462][T26232] vlan0: entered allmulticast mode
[  563.150342][T26232] bond0: entered allmulticast mode
[  563.152240][T26232] geneve2: entered allmulticast mode
[  564.132571][T26241] syzkaller0: entered promiscuous mode
[  564.135154][T26241] syzkaller0: entered allmulticast mode
[  564.162153][    T9] usb 5-1: USB disconnect, device number 39
[  564.164622][T26241] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  564.166398][T26148] vhci_hcd: connection reset by peer
[  564.173992][ T1264] vhci_hcd vhci_hcd.0: stop threads
[  564.178551][ T1264] vhci_hcd vhci_hcd.0: release socket
[  564.183058][ T1264] vhci_hcd vhci_hcd.0: disconnect device
[  564.187222][T26240] tipc: Resetting bearer <eth:syzkaller0>
[  564.238827][T26240] tipc: Disabling bearer <eth:syzkaller0>
[  564.263621][ T5806] usb 11-1: USB disconnect, device number 11
[  564.325796][T19217] IPVS: starting estimator thread 0...
[  564.439806][T26249] IPVS: using max 32 ests per chain, 76800 per kthread
[  564.467598][   T41] audit: type=1804 audit(1075.844:31808): pid=26257 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.6755" name="file0" dev="ramfs" ino=116137 res=1 errno=0
[  564.538718][T26266] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  564.638513][   T41] audit: type=1400 audit(1076.003:31809): avc:  denied  { create } for  pid=26277 comm="syz.5.6762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  564.671220][   T41] audit: type=1400 audit(1076.022:31810): avc:  denied  { setopt } for  pid=26277 comm="syz.5.6762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  564.910124][T26297] __nla_validate_parse: 5 callbacks suppressed
[  564.910139][T26297] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6768'.
[  565.043593][T26305] xt_l2tp: v2 doesn't support IP mode
[  565.076905][T26307] fuse: Unknown parameter 'group_i00000000000000000000'
[  565.101507][ T7151] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[  565.245377][T26319] could not open pipe file descriptor
[  565.261783][ T7151] usb 11-1: Using ep0 maxpacket: 8
[  565.267505][ T7151] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  565.272841][ T7151] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  565.276132][ T7151] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  565.279428][ T7151] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  565.283256][ T7151] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  565.287805][ T7151] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  565.291392][ T7151] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.513613][ T7151] usb 11-1: usb_control_msg returned -32
[  565.516714][ T7151] usbtmc 11-1:16.0: can't read capabilities
[  565.870897][T26326] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6779'.
[  565.927583][T26332] syzkaller0: entered promiscuous mode
[  565.930031][T26332] syzkaller0: entered allmulticast mode
[  565.974009][T26332] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  565.979937][T26331] tipc: Resetting bearer <eth:syzkaller0>
[  565.998444][T26331] tipc: Disabling bearer <eth:syzkaller0>
[  566.095579][T26339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6784'.
[  566.099695][T26339] block nbd1: Unsupported socket: should be TCP or UNIX.
[  566.268976][T26343] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6767'.
[  566.274259][T26343] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6767'.
[  566.672607][ T5880] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  566.864238][T26349] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  566.973539][T26355] netlink: 44 bytes leftover after parsing attributes in process `syz.5.6788'.
[  567.020309][T26359] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  567.150666][T26370] fuse: Unknown parameter 'group_id00000000000000000000'
[  567.240030][T26373] kvm: requested 173485 ns i8254 timer period limited to 200000 ns
[  567.275536][T26373] kvm: requested 129904 ns i8254 timer period limited to 200000 ns
[  567.433831][   T41] audit: type=1400 audit(1078.623:31811): avc:  denied  { execute } for  pid=26378 comm="syz.0.6795" path="/dev/audio1" dev="devtmpfs" ino=1322 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  567.463111][T19783] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  567.507914][T26385] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  567.552409][T26387] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6797'.
[  567.608597][T26389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6798'.
[  567.612884][T26389] block nbd1: Unsupported socket: should be TCP or UNIX.
[  567.623535][T19783] usb 6-1: Using ep0 maxpacket: 8
[  567.629565][T19783] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  567.633050][T19783] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  567.638614][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  567.643690][T19783] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  567.649475][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  567.654358][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  567.659551][T19783] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  567.665034][T19783] usb 6-1: config 168 interface 0 has no altsetting 0
[  567.669646][T19783] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  567.672939][T19783] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  567.677319][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  567.688714][T19783] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  567.693148][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  567.697094][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  567.701903][T19783] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  567.706481][T19783] usb 6-1: config 168 interface 0 has no altsetting 0
[  567.709840][T19783] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  567.712704][T19783] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  567.716517][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  567.720920][T19783] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  567.725063][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  567.729438][T19783] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  567.735106][T19783] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  567.742566][T19783] usb 6-1: config 168 interface 0 has no altsetting 0
[  567.748562][T19783] usb 6-1: string descriptor 0 read error: -22
[  567.751370][T19783] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  567.770698][T19783] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.788896][T19783] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  568.036983][T19783] usb 11-1: USB disconnect, device number 12
[  568.055996][ T3259] usb 6-1: USB disconnect, device number 52
[  568.404439][T26399] openvswitch: netlink: Flow actions attr not present in new flow.
[  568.657729][ T1433] ieee802154 phy0 wpan0: encryption failed: -22
[  568.856202][   T41] audit: type=1400 audit(1079.952:31812): avc:  denied  { create } for  pid=26414 comm="syz.0.6804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  568.856537][T26415] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  568.864292][   T41] audit: type=1400 audit(1079.952:31813): avc:  denied  { bind } for  pid=26414 comm="syz.0.6804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  568.877891][   T41] audit: type=1400 audit(1079.971:31814): avc:  denied  { write } for  pid=26414 comm="syz.0.6804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  568.894228][T26416] gfs2: Unknown parameter 'discardfo'
[  569.059044][T26420] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6806'.
[  569.100736][T26425] overlayfs: regular lower layers cannot follow data lower layers
[  569.105038][ T5727] Bluetooth: hci2: unknown advertising packet type: 0x6c
[  569.105062][ T5727] Bluetooth: hci2: unknown advertising packet type: 0x64
[  569.110563][ T5727] Bluetooth: hci2: unknown advertising packet type: 0x69
[  569.114662][T26425] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6807'.
[  569.274993][T26431] block nbd1: Unsupported socket: should be TCP or UNIX.
[  569.502708][   T41] audit: type=1400 audit(1080.551:31815): avc:  denied  { unmount } for  pid=23848 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  569.656340][T26436] fuse: Unknown parameter '0x0000000000000004'
[  569.921230][ T5881] usb 11-1: new high-speed USB device number 13 using dummy_hcd
[  570.103105][ T5881] usb 11-1: Using ep0 maxpacket: 8
[  570.109381][ T5881] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  570.112969][ T5881] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  570.116841][ T5881] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  570.120606][ T5881] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  570.124908][ T5881] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  570.129672][ T5881] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  570.133160][ T5881] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.333561][T26443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  570.342235][   T41] audit: type=1400 audit(1081.337:31816): avc:  denied  { shutdown } for  pid=26442 comm="syz.0.6813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  570.354355][ T5881] usb 11-1: usb_control_msg returned -32
[  570.356460][ T5881] usbtmc 11-1:16.0: can't read capabilities
[  570.601502][T26455] dummy0: entered promiscuous mode
[  570.606648][T26455] dummy0: left promiscuous mode
[  570.730652][T26459] usbtmc 11-1:16.0: control status returned 0
[  570.793924][T26458] geneve1: entered allmulticast mode
[  570.980519][T26467] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  571.444735][T26485] fuse: Bad value for 'fd'
[  572.000525][T26504] fuse: Bad value for 'rootmode'
[  572.093024][   T41] audit: type=1400 audit(1082.984:31817): avc:  denied  { setopt } for  pid=26513 comm="syz.0.6836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  572.361662][T26528] tmpfs: Bad value for 'mpol'
[  572.496258][T26539] __nla_validate_parse: 2 callbacks suppressed
[  572.496276][T26539] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6844'.
[  572.497840][   T41] audit: type=1400 audit(1083.358:31818): avc:  denied  { remove_name } for  pid=26533 comm="syz.1.6843" name="file1" dev="9p" ino=72876275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  572.499114][T26539] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6844'.
[  572.502896][   T41] audit: type=1400 audit(1083.358:31819): avc:  denied  { unlink } for  pid=26533 comm="syz.1.6843" name="file1" dev="9p" ino=72876275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  572.522998][   T41] audit: type=1400 audit(1083.377:31820): avc:  denied  { create } for  pid=26533 comm="syz.1.6843" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  572.537834][T26535] netem: change failed
[  572.733126][T26545] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6847'.
[  572.739476][T26545] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26545 comm=syz.0.6847
[  572.886133][ T5880] usb 11-1: USB disconnect, device number 13
[  572.905255][T26551] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  572.958440][T26557] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6852'.
[  572.963015][T26557] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6852'.
[  572.970004][T26559] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6848'.
[  573.004128][T26562] syzkaller0: entered promiscuous mode
[  573.006424][T26562] syzkaller0: entered allmulticast mode
[  573.036068][T26566] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  573.038377][T26566] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  573.041270][T26566] vhci_hcd vhci_hcd.0: Device attached
[  573.045455][T26567] vhci_hcd: connection closed
[  573.045743][T24542] vhci_hcd vhci_hcd.0: stop threads
[  573.052785][T24542] vhci_hcd vhci_hcd.0: release socket
[  573.054920][T24542] vhci_hcd vhci_hcd.0: disconnect device
[  573.157432][   T41] audit: type=1400 audit(1083.967:31821): avc:  denied  { write } for  pid=26576 comm="syz.6.6857" path="socket:[122881]" dev="sockfs" ino=122881 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  573.218951][T26582] fuse: Unknown parameter '0x0000000000000004'
[  573.306569][T26589] netlink: 44 bytes leftover after parsing attributes in process `syz.6.6862'.
[  573.347599][   T41] audit: type=1326 audit(1084.154:31822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26590 comm="syz.1.6863" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7db779cdd9 code=0x0
[  573.501350][T19217] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  573.504835][T26602] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6866'.
[  573.550989][T26604] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6867'.
[  573.557893][T26604] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1017 sclass=netlink_route_socket pid=26604 comm=syz.6.6867
[  573.606974][T26609] macsec2: entered promiscuous mode
[  573.610013][T26609] macsec2: entered allmulticast mode
[  573.648707][T26615] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6872'.
[  573.674230][T19217] usb 10-1: Using ep0 maxpacket: 8
[  573.683090][T19217] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  573.686914][T19217] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  573.691210][T19217] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  573.696430][T19217] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  573.700839][T19217] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  573.705531][T26620] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  573.706816][T19217] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  573.713750][T19217] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.770245][T26627] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 3, id = 0
[  573.802625][T26629] random: crng reseeded on system resumption
[  573.958831][T19217] usb 10-1: usb_control_msg returned -32
[  573.970786][T19217] usbtmc 10-1:16.0: can't read capabilities
[  574.333854][T26641] usbtmc 10-1:16.0: control status returned 0
[  574.819330][T26650] tmpfs: Bad value for 'size'
[  574.965832][T26652] netlink: 'syz.1.6883': attribute type 2 has an invalid length.
[  574.975873][T26652] netlink: 'syz.1.6883': attribute type 2 has an invalid length.
[  575.315747][T26673] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  575.771411][ T1264] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  575.772760][T26690] xt_hashlimit: overflow, rate too high: 0
[  575.905331][ T5880] usb 11-1: new high-speed USB device number 14 using dummy_hcd
[  576.065698][ T5880] usb 11-1: Using ep0 maxpacket: 32
[  576.071631][ T5880] usb 11-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  576.081547][ T5880] usb 11-1: string descriptor 0 read error: -22
[  576.084684][ T5880] usb 11-1: New USB device found, idVendor=086a, idProduct=0002, bcdDevice= 0.40
[  576.088992][ T5880] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.314261][T20449] usb 11-1: USB disconnect, device number 14
[  576.443566][ T3259] usb 10-1: USB disconnect, device number 15
[  576.484838][T26699] fuse: Bad value for 'rootmode'
[  576.548313][T26709] 9pnet_virtio: no channels available for device syz
[  576.628705][T26712] syzkaller0: entered promiscuous mode
[  576.630625][T26712] syzkaller0: entered allmulticast mode
[  576.643070][T26720] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=26720 comm=syz.1.6905
[  576.743913][T26729] binder: BINDER_SET_CONTEXT_MGR already set
[  576.750449][T26729] binder: 26723:26729 ioctl 4018620d 200000000100 returned -16
[  576.895055][T26737] fuse: Bad value for 'rootmode'
[  576.942124][ T5727] Bluetooth: hci4: command tx timeout
[  576.945438][T26744] netlink: 'syz.1.6914': attribute type 21 has an invalid length.
[  576.948206][T26744] IPv6: NLM_F_CREATE should be specified when creating new route
[  576.957108][T26744] netlink: 'syz.1.6914': attribute type 1 has an invalid length.
[  576.984373][   T41] audit: type=1800 audit(1087.551:31823): pid=26741 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.5.6913" name="/newroot/419/file0" dev="tmpfs" ino=2275 res=0 errno=0
[  577.015155][T26749] syzkaller0: entered promiscuous mode
[  577.020104][T26749] syzkaller0: entered allmulticast mode
[  577.060659][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.063469][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  577.066577][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.069286][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  577.077280][T26749] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  577.086394][T26748] tipc: Resetting bearer <eth:syzkaller0>
[  577.104972][T26748] tipc: Disabling bearer <eth:syzkaller0>
[  577.133337][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.136522][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  577.236394][T26763] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  577.348331][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.351127][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  577.413139][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.416073][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  577.441188][T26783] dummy0 speed is unknown, defaulting to 1000
[  577.550306][   T41] audit: type=1400 audit(1088.084:31824): avc:  denied  { remount } for  pid=26785 comm="syz.6.6924" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  577.567216][   T41] audit: type=1400 audit(1088.093:31825): avc:  denied  { setopt } for  pid=26785 comm="syz.6.6924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  577.570979][T26783] lo speed is unknown, defaulting to 1000
[  577.655596][T26791] syzkaller0: entered promiscuous mode
[  577.661058][T26791] syzkaller0: entered allmulticast mode
[  577.895276][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.898378][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  577.957601][T19783] libceph: connect (1)[c::]:6789 error -22
[  577.960906][T19783] libceph: mon0 (1)[c::]:6789 connect error
[  578.408423][T26813] fuse: Unknown parameter 'use00000000000000000000'
[  578.468887][T26815] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  578.471832][T26815] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  578.479540][T26815] vhci_hcd vhci_hcd.0: Device attached
[  578.485116][T26815] ªªªªªª: renamed from hsr0 (while UP)
[  578.504138][T26758] ceph: No mds server is up or the cluster is laggy
[  578.507316][T26754] ceph: No mds server is up or the cluster is laggy
[  578.685039][T26816] vhci_hcd: connection closed
[  578.689167][ T1264] vhci_hcd vhci_hcd.0: stop threads
[  578.691658][T26821] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  578.693984][ T1264] vhci_hcd vhci_hcd.0: release socket
[  578.699770][ T1264] vhci_hcd vhci_hcd.0: disconnect device
[  578.724847][T26824] bridge3: entered promiscuous mode
[  578.729865][T26824] bridge3: entered allmulticast mode
[  578.737537][ T5880] usb 37-1: new high-speed USB device number 4 using vhci_hcd
[  578.741921][ T5880] usb 37-1: enqueue for inactive port 0
[  578.792604][T26826] dummy0: Caught tx_queue_len zero misconfig
[  578.798643][T26826] netlink: 'syz.5.6937': attribute type 21 has an invalid length.
[  578.802328][T26823] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  578.802432][T26826] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37157 sclass=netlink_route_socket pid=26826 comm=syz.5.6937
[  578.823010][ T5880] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  578.906716][T26830] __nla_validate_parse: 5 callbacks suppressed
[  578.906728][T26830] netlink: 44 bytes leftover after parsing attributes in process `syz.5.6939'.
[  578.975474][   T41] audit: type=1400 audit(1089.422:31826): avc:  denied  { create } for  pid=26838 comm="syz.5.6942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  579.463947][T26861] fuse: Unknown parameter 'use00000000000000000000'
[  579.506364][T26863] gretap0: entered promiscuous mode
[  579.512107][T26863] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6948'.
[  579.515382][T26863] gretap0: left promiscuous mode
[  579.627113][T26858] loop5: detected capacity change from 0 to 2640
[  579.631418][T26858] buffer_io_error: 11 callbacks suppressed
[  579.631433][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.638615][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.641515][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.644186][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.647220][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.649976][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.652700][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.655474][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.658860][T26858] ldm_validate_partition_table(): Disk read failed.
[  579.661525][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.664237][T26858] Buffer I/O error on dev loop5, logical block 0, async page read
[  579.667448][T26858] Dev loop5: unable to read RDB block 0
[  579.672126][T26858]  loop5: unable to read partition table
[  579.674130][T26858] loop_reread_partitions: partition scan of loop5 (3„¾‚³˜) failed (rc=-5)
[  579.781391][T26874] CIFS mount error: No usable UNC path provided in device string!
[  579.781391][T26874] 
[  579.786525][T26874] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  580.129462][   T41] audit: type=1326 audit(1090.498:31827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.152589][   T41] audit: type=1326 audit(1090.498:31828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.163651][   T41] audit: type=1326 audit(1090.498:31829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.173177][   T41] audit: type=1326 audit(1090.498:31830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.184607][   T41] audit: type=1326 audit(1090.498:31831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.198050][   T41] audit: type=1326 audit(1090.498:31832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.210185][   T41] audit: type=1326 audit(1090.498:31833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.221359][   T41] audit: type=1326 audit(1090.498:31834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.234133][   T41] audit: type=1326 audit(1090.498:31835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26906 comm="syz.0.6961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271e59cdd9 code=0x50000
[  580.430619][T26930] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6966'.
[  580.708796][T26942] binder: 26940:26942 ioctl 4018620d 0 returned -22
[  580.787884][T26955] overlay: ./file1 is not a directory
[  580.925566][T26962] netlink: 'syz.6.6975': attribute type 21 has an invalid length.
[  581.004174][T26967] netlink: 'syz.6.6976': attribute type 3 has an invalid length.
[  581.094268][T26971] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6977'.
[  581.105121][T26971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6977'.
[  581.111628][T26971] netlink: 'syz.1.6977': attribute type 29 has an invalid length.
[  581.119896][T26971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6977'.
[  581.126262][T26971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6977'.
[  581.133837][T26971] netlink: 'syz.1.6977': attribute type 29 has an invalid length.
[  581.142858][T26971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6977'.
[  581.273125][T26971] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  581.281138][T26971] qnx6: wrong signature (magic) in superblock #1.
[  581.283616][T26971] qnx6: unable to read the first superblock
[  581.438818][T26979] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6979'.
[  581.649230][T26989] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  581.910391][T26997] binder: binder_mmap: 26994 200000ffa000-200000ffd000 bad vm_flags failed -1
[  582.086871][T27008] netlink: 44 bytes leftover after parsing attributes in process `syz.6.6988'.
[  582.157321][T27011] new mount options do not match the existing superblock, will be ignored
[  582.427706][T27020] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  582.495936][T27022] fuse: Unknown parameter 'user_i00000000000000000000'
[  583.107608][ T3259] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  583.256999][ T3259] usb 6-1: device descriptor read/64, error -71
[  583.516347][ T3259] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  583.586543][T27053] syzkaller0: entered promiscuous mode
[  583.588600][T27053] syzkaller0: entered allmulticast mode
[  583.613708][T27053] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  583.619713][T27052] tipc: Resetting bearer <eth:syzkaller0>
[  583.642288][T27052] tipc: Disabling bearer <eth:syzkaller0>
[  583.652332][ T3259] usb 6-1: device descriptor read/64, error -71
[  583.730662][T27063] fuse: Unknown parameter 'grouÿ2Ød'
[  583.780835][ T3259] usb usb6-port1: attempt power cycle
[  583.813348][T27068] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  583.890913][T27071] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27071 comm=syz.5.7009
[  584.054046][T27084] netem: change failed
[  584.143922][ T3259] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  584.166407][ T3259] usb 6-1: device descriptor read/8, error -71
[  584.432583][ T3259] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  584.468061][T27102] kvm: kvm [27101]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  584.472294][T27102] kvm: kvm [27101]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  584.476210][ T3259] usb 6-1: device descriptor read/8, error -71
[  584.603853][ T3259] usb usb6-port1: unable to enumerate USB device
[  584.730542][T27110] tipc: Invalid UDP bearer configuration
[  584.730593][T27110] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  584.833643][T27116] __nla_validate_parse: 2 callbacks suppressed
[  584.833659][T27116] netlink: 100 bytes leftover after parsing attributes in process `syz.5.7022'.
[  584.838468][   T41] kauditd_printk_skb: 16381 callbacks suppressed
[  584.838480][   T41] audit: type=1400 audit(1094.897:48217): avc:  denied  { ioctl } for  pid=27115 comm="syz.5.7022" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 ioctlcmd=0x9418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  584.899106][T27123] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7024'.
[  584.901953][T27123] block nbd1: Unsupported socket: should be TCP or UNIX.
[  584.920757][T27119] dummy0 speed is unknown, defaulting to 1000
[  584.954939][   T41] audit: type=1400 audit(1095.009:48218): avc:  denied  { read } for  pid=27118 comm="syz.6.7023" dev="sockfs" ino=125429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  585.008251][T27119] lo speed is unknown, defaulting to 1000
[  585.650182][   T41] audit: type=1400 audit(1095.664:48219): avc:  denied  { name_bind } for  pid=27147 comm="syz.0.7030" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  585.778759][T27156] netlink: 96 bytes leftover after parsing attributes in process `syz.6.7032'.
[  585.859701][T27161] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7033'.
[  585.871911][T27165] binder: 27164:27165 ioctl c0306201 2000000002c0 returned -22
[  585.880516][T27161] bond1: entered promiscuous mode
[  585.882265][T27161] bond1: entered allmulticast mode
[  585.911055][T27162] veth3: entered allmulticast mode
[  585.933705][T27169] fuse: Unknown parameter '0x0000000000000003'
[  585.959736][T27170] syz_tun: entered allmulticast mode
[  586.006978][T27165] dvmrp8: entered allmulticast mode
[  586.022270][T27164] syz_tun: left allmulticast mode
[  586.178921][   T41] audit: type=1400 audit(1096.160:48220): avc:  denied  { create } for  pid=27183 comm="syz.1.7040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ipx_socket permissive=1
[  586.189042][   T41] audit: type=1400 audit(1096.169:48221): avc:  denied  { create } for  pid=27181 comm="syz.0.7039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  586.197701][   T41] audit: type=1400 audit(1096.179:48222): avc:  denied  { write } for  pid=27181 comm="syz.0.7039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  586.204536][   T41] audit: type=1400 audit(1096.179:48223): avc:  denied  { read } for  pid=27181 comm="syz.0.7039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  586.214837][T27184] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7040'.
[  586.233813][T27188] netlink: 14 bytes leftover after parsing attributes in process `syz.6.7041'.
[  586.291692][T27192] netlink: 44 bytes leftover after parsing attributes in process `syz.6.7041'.
[  586.440583][T27199] fuse: Unknown parameter '0x0000000000000003'
[  586.498454][T27201] program syz.6.7046 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  586.553807][T27207] fuse: Bad value for 'fd'
[  586.609785][T27213] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  586.612055][T27213] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  586.615331][T27213] vhci_hcd vhci_hcd.0: Device attached
[  586.619205][T27214] vhci_hcd: connection closed
[  586.621799][T24545] vhci_hcd vhci_hcd.5: stop threads
[  586.627097][T24545] vhci_hcd vhci_hcd.5: release socket
[  586.628980][T24545] vhci_hcd vhci_hcd.5: disconnect device
[  587.183244][   T41] audit: type=1400 audit(1097.086:48224): avc:  denied  { read } for  pid=27224 comm="syz.1.7054" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  587.207463][   T41] audit: type=1400 audit(1097.124:48225): avc:  denied  { listen } for  pid=27226 comm="syz.5.7055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  587.222836][T27229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7056'.
[  587.226140][T27229] block nbd1: Unsupported socket: should be TCP or UNIX.
[  587.422362][ T5727] Bluetooth: hci2: unexpected event for opcode 0x2041
[  587.427404][T27237] fuse: Unknown parameter 'fd0xffffffffffffffff00000000000000000000'
[  587.543011][T27251] fuse: Bad value for 'rootmode'
[  587.563019][T27253] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7064'.
[  587.569766][T27256] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7064'.
[  587.575734][T27255] syzkaller0: entered promiscuous mode
[  587.580383][T27255] syzkaller0: entered allmulticast mode
[  587.627695][T27255] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  587.634216][T27254] tipc: Resetting bearer <eth:syzkaller0>
[  587.665456][T27254] tipc: Disabling bearer <eth:syzkaller0>
[  587.815197][T27268] input: syz1 as /devices/virtual/input/input40
[  588.705157][   T41] audit: type=1326 audit(1098.518:48226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27284 comm="syz.6.7075" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23e119cdd9 code=0x7bff0000
[  589.069614][T27306] block nbd1: Unsupported socket: should be TCP or UNIX.
[  589.098528][T27308] tun0: tun_chr_ioctl cmd 1074025672
[  589.106090][T27308] tun0: ignored: set checksum disabled
[  590.121316][T27348] overlayfs: workdir and upperdir must reside under the same mount
[  590.341893][   T41] kauditd_printk_skb: 11 callbacks suppressed
[  590.341905][   T41] audit: type=1400 audit(1100.053:48238): avc:  denied  { execute } for  pid=27358 comm="syz.0.7094" path="/534/file0" dev="tmpfs" ino=2811 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  590.769099][   T41] audit: type=1326 audit(1100.446:48239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x0
[  590.815817][T27363] __nla_validate_parse: 3 callbacks suppressed
[  590.815836][T27363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7094'.
[  590.823124][T27363] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7094'.
[  590.834028][   T41] audit: type=1326 audit(1100.521:48240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.858699][   T41] audit: type=1326 audit(1100.521:48241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.895089][   T41] audit: type=1326 audit(1100.521:48242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.917235][   T41] audit: type=1326 audit(1100.521:48244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.939768][   T41] audit: type=1326 audit(1100.521:48243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.972520][   T41] audit: type=1326 audit(1100.558:48245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.983214][   T41] audit: type=1326 audit(1100.558:48246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  590.996380][   T41] audit: type=1326 audit(1100.558:48247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27370 comm="syz.5.7096" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f437539cdd9 code=0x7ffc0000
[  591.795500][ T5727] Bluetooth: hci3: unexpected event for opcode 0x0c47
[  592.042712][T27401] tap0: tun_chr_ioctl cmd 1074025675
[  592.049002][T27401] tap0: persist enabled
[  592.051218][T27401] tap0: tun_chr_ioctl cmd 1074025675
[  592.054825][T27401] tap0: persist disabled
[  592.215193][T27407] CIFS: iocharset name too long
[  592.542951][T27431] netlink: 190972 bytes leftover after parsing attributes in process `syz.5.7111'.
[  592.583145][T27431] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  592.586350][T27431] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  592.747071][T27440] syzkaller0: entered promiscuous mode
[  592.749036][T27440] syzkaller0: entered allmulticast mode
[  592.776788][T27440] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  592.782405][T27442] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  592.798444][T27439] tipc: Resetting bearer <eth:syzkaller0>
[  592.854566][T27439] tipc: Disabling bearer <eth:syzkaller0>
[  592.880855][T27446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7118'.
[  592.884935][T27446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7118'.
[  592.889265][T27446] netlink: 'syz.1.7118': attribute type 18 has an invalid length.
[  592.892902][T27446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7118'.
[  592.958734][T27448] netlink: 'syz.5.7119': attribute type 1 has an invalid length.
[  593.020636][T27450] netlink: 92 bytes leftover after parsing attributes in process `syz.1.7120'.
[  593.023413][T27453] netlink: 92 bytes leftover after parsing attributes in process `syz.1.7120'.
[  593.050126][T27454] can0: slcan on ttynull.
[  593.075475][ T5727] Bluetooth: hci4: unexpected event for opcode 0x2016
[  593.337266][ T7151] usb 11-1: new high-speed USB device number 15 using dummy_hcd
[  593.368037][T27488] netlink: 72 bytes leftover after parsing attributes in process `syz.5.7132'.
[  593.496080][ T7151] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  593.506252][ T7151] usb 11-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  593.513965][ T7151] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  593.521911][ T7151] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.532563][ T7151] usb 11-1: config 0 descriptor??
[  593.552670][T27503] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7138'.
[  593.557683][T27503] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  593.766767][T27454] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  594.367687][T27525] netlink: 'syz.5.7144': attribute type 1 has an invalid length.
[  594.438781][T27525] 8021q: adding VLAN 0 to HW filter on device bond6
[  594.452513][T27529] vlan1: entered allmulticast mode
[  594.455059][T27529] bond6: entered allmulticast mode
[  594.597200][T27541] sg_write: data in/out 63015/10 bytes for SCSI command 0xff-- guessing data in;
[  594.597200][T27541]    program syz.1.7151 not setting count and/or reply_len properly
[  594.607975][T27539] syzkaller0: entered promiscuous mode
[  594.611002][T27539] syzkaller0: entered allmulticast mode
[  594.660405][T27539] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  594.676576][T27538] tipc: Resetting bearer <eth:syzkaller0>
[  594.703221][T27538] tipc: Disabling bearer <eth:syzkaller0>
[  595.141532][ T5881] usb 6-1: new full-speed USB device number 57 using dummy_hcd
[  595.177467][T27561] pim6reg: entered allmulticast mode
[  595.315091][ T5881] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  595.323377][ T5881] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  595.346891][ T5881] usb 6-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  595.353828][ T5881] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.365068][ T5881] usb 6-1: Product: syz
[  595.366902][ T5881] usb 6-1: Manufacturer: syz
[  595.374930][ T5881] usb 6-1: SerialNumber: syz
[  595.611643][ T5881] usb 6-1: USB disconnect, device number 57
[  595.774143][T27573] netlink: 'syz.0.7161': attribute type 1 has an invalid length.
[  596.222358][   T41] kauditd_printk_skb: 458 callbacks suppressed
[  596.222405][   T41] audit: type=1400 audit(1105.555:48706): avc:  denied  { setopt } for  pid=27588 comm="syz.1.7164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  596.229716][T27589] netlink: 'syz.1.7164': attribute type 1 has an invalid length.
[  596.245553][T27589] netlink: 'syz.1.7164': attribute type 1 has an invalid length.
[  596.329817][T27595] __nla_validate_parse: 8 callbacks suppressed
[  596.329836][T27595] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7166'.
[  596.374664][T21996] usb 11-1: USB disconnect, device number 15
[  596.476267][   T41] audit: type=1400 audit(1105.799:48707): avc:  denied  { write } for  pid=27596 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.509315][T27454] can0 (unregistered): slcan off ttynull.
[  596.558139][   T41] audit: type=1400 audit(1105.874:48708): avc:  denied  { write } for  pid=27606 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.664000][T27620] program syz.5.7173 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  596.696703][   T41] audit: type=1400 audit(1105.995:48709): avc:  denied  { write } for  pid=27616 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.698796][T27623] dlm: no locking on control device
[  596.744833][   T41] audit: type=1400 audit(1106.051:48710): avc:  denied  { write } for  pid=27625 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.818750][   T41] audit: type=1400 audit(1106.117:48711): avc:  denied  { write } for  pid=27628 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.834244][T27632] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  596.869557][   T41] audit: type=1400 audit(1106.164:48712): avc:  denied  { write } for  pid=27634 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  596.870585][T27632] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  596.897755][T27637] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7176'.
[  596.900719][T27637] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7176'.
[  596.953128][T27632] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  596.958044][T27632] overlayfs: failed to look up (tracing) for ino (-66)
[  597.012606][T27640] dummy0 speed is unknown, defaulting to 1000
[  597.145203][T27640] lo speed is unknown, defaulting to 1000
[  597.454813][T27660] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  597.463100][T27660] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  597.489255][T27660] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  597.493078][T27660] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  597.507060][T27660] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  597.509766][T27660] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  597.529609][T27660] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  597.702657][   T41] audit: type=1400 audit(1106.940:48713): avc:  denied  { mounton } for  pid=27684 comm="syz.5.7192" path="/503/bus" dev="tmpfs" ino=2712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  597.702731][T27686] cgroup: Need name or subsystem set
[  597.873270][T27694] syzkaller0: entered promiscuous mode
[  597.876168][T27694] syzkaller0: entered allmulticast mode
[  597.971783][T27698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7197'.
[  597.984741][T27700] netlink: 292 bytes leftover after parsing attributes in process `syz.6.7198'.
[  597.988812][T27701] netlink: 292 bytes leftover after parsing attributes in process `syz.6.7198'.
[  597.989500][   T41] audit: type=1400 audit(1107.212:48714): avc:  denied  { map } for  pid=27697 comm="syz.1.7197" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  598.001972][   T41] audit: type=1400 audit(1107.212:48715): avc:  denied  { execute } for  pid=27697 comm="syz.1.7197" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  598.443849][T27751] syz.5.7214: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  598.454249][T27751] CPU: 1 UID: 0 PID: 27751 Comm: syz.5.7214 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  598.454281][T27751] Tainted: [L]=SOFTLOCKUP
[  598.454289][T27751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  598.454326][T27751] Call Trace:
[  598.454335][T27751]  <TASK>
[  598.454344][T27751]  dump_stack_lvl+0x100/0x190
[  598.454518][T27751]  warn_alloc.cold+0x95/0x1c1
[  598.454560][T27751]  ? __pfx_warn_alloc+0x10/0x10
[  598.454633][T27751]  ? stack_depot_save_flags+0x27/0x9d0
[  598.454726][T27751]  ? __lock_acquire+0x4a5/0x2630
[  598.454778][T27751]  ? xskq_create+0xfb/0x1d0
[  598.454809][T27751]  __vmalloc_node_range_noprof+0x136c/0x1630
[  598.454845][T27751]  ? xskq_create+0xfb/0x1d0
[  598.454872][T27751]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  598.454910][T27751]  ? xskq_create+0xfb/0x1d0
[  598.454930][T27751]  vmalloc_user_noprof+0x9e/0xe0
[  598.454956][T27751]  ? xskq_create+0xfb/0x1d0
[  598.454975][T27751]  xskq_create+0xfb/0x1d0
[  598.454998][T27751]  xsk_setsockopt+0x743/0xab0
[  598.455030][T27751]  ? __pfx_xsk_setsockopt+0x10/0x10
[  598.455060][T27751]  ? find_held_lock+0x2b/0x80
[  598.455078][T27751]  ? __fget_files+0x215/0x3d0
[  598.455239][T27751]  ? selinux_socket_setsockopt+0x6a/0x80
[  598.455286][T27751]  ? __pfx_xsk_setsockopt+0x10/0x10
[  598.455319][T27751]  do_sock_setsockopt+0xf3/0x1d0
[  598.455415][T27751]  __sys_setsockopt+0x195/0x220
[  598.455452][T27751]  __x64_sys_setsockopt+0xbd/0x160
[  598.455482][T27751]  ? do_syscall_64+0x90/0xf80
[  598.455506][T27751]  ? lockdep_hardirqs_on+0x78/0x100
[  598.455529][T27751]  do_syscall_64+0x10b/0xf80
[  598.455552][T27751]  ? clear_bhb_loop+0x40/0x90
[  598.455576][T27751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.455597][T27751] RIP: 0033:0x7f437539cdd9
[  598.455613][T27751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  598.455632][T27751] RSP: 002b:00007f43762a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  598.455651][T27751] RAX: ffffffffffffffda RBX: 00007f4375615fa0 RCX: 00007f437539cdd9
[  598.455664][T27751] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  598.455675][T27751] RBP: 00007f4375432d69 R08: 0000000000000004 R09: 0000000000000000
[  598.455686][T27751] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  598.455698][T27751] R13: 00007f4375616038 R14: 00007f4375615fa0 R15: 00007ffe4be41c88
[  598.455742][T27751]  </TASK>
[  598.455801][T27751] Mem-Info:
[  598.548801][ T3259] usb 6-1: new full-speed USB device number 58 using dummy_hcd
[  598.555970][T27751] active_anon:3885 inactive_anon:15371 isolated_anon:0
[  598.555970][T27751]  active_file:7309 inactive_file:10962 isolated_file:0
[  598.555970][T27751]  unevictable:1768 dirty:209 writeback:0
[  598.555970][T27751]  slab_reclaimable:10234 slab_unreclaimable:132008
[  598.555970][T27751]  mapped:23292 shmem:11317 pagetables:6427
[  598.555970][T27751]  sec_pagetables:316 bounce:0
[  598.555970][T27751]  kernel_misc_reclaimable:0
[  598.555970][T27751]  free:412539 free_pcp:1188 free_cma:0
[  598.589845][T27751] Node 0 active_anon:15348kB inactive_anon:61484kB active_file:20584kB inactive_file:43620kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:22976kB dirty:532kB writeback:0kB shmem:41696kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:20736kB pagetables:14760kB sec_pagetables:1252kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  598.602516][T27751] Node 1 active_anon:192kB inactive_anon:0kB active_file:8652kB inactive_file:228kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:70192kB dirty:304kB writeback:0kB shmem:3572kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:128kB pagetables:10948kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  598.614401][T27751] Node 0 DMA free:10456kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  598.624140][T27751] lowmem_reserve[]: 0 1231 1231 1231 1231
[  598.626466][T27751] Node 0 DMA32 free:171044kB boost:8192kB min:35672kB low:42540kB high:49408kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15348kB inactive_anon:61484kB active_file:20584kB inactive_file:43620kB unevictable:3536kB writepending:532kB zspages:508kB present:2080628kB managed:1260912kB mlocked:0kB bounce:0kB free_pcp:3700kB local_pcp:628kB free_cma:0kB
[  598.638147][T27751] lowmem_reserve[]: 0 0 0 0 0
[  598.639738][T27751] Node 1 Normal free:1468124kB boost:0kB min:39756kB low:49692kB high:59628kB reserved_highatomic:0KB free_highatomic:0KB active_anon:192kB inactive_anon:0kB active_file:8652kB inactive_file:228kB unevictable:3536kB writepending:304kB zspages:5432kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:1028kB local_pcp:0kB free_cma:0kB
[  598.651340][T27751] lowmem_reserve[]: 0 0 0 0 0
[  598.653013][T27751] Node 0 DMA: 25*4kB (UM) 28*8kB (UM) 24*16kB (UM) 21*32kB (UM) 24*64kB (UM) 19*128kB (UM) 8*256kB (UM) 4*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 10468kB
[  598.658383][T27751] Node 0 DMA32: 3137*4kB (UME) 3100*8kB (UME) 1684*16kB (UME) 84*32kB (UME) 269*64kB (UME) 141*128kB (UME) 62*256kB (UM) 41*512kB (UM) 31*1024kB (UM) 0*2048kB 0*4096kB = 170852kB
[  598.664270][T27751] Node 1 Normal: 764*4kB (UME) 966*8kB (UME) 1024*16kB (UME) 937*32kB (UME) 900*64kB (UME) 708*128kB (UME) 533*256kB (UME) 444*512kB (UME) 330*1024kB (UME) 48*2048kB (UM) 113*4096kB (UM) = 1468224kB
[  598.670722][T27751] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  598.674238][T27751] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  598.677898][T27751] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  598.681049][T27751] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=2 hugepages_size=2048kB
[  598.684095][T27751] 30178 total pagecache pages
[  598.685676][T27751] 594 pages in swap cache
[  598.687124][T27751] Free swap  = 82300kB
[  598.689116][T27751] Total swap = 124996kB
[  598.690518][T27751] 1048443 pages RAM
[  598.691775][T27751] 0 pages HighMem/MovableOnly
[  598.693276][T27751] 283904 pages reserved
[  598.694661][T27751] 0 pages cma reserved
[  598.723190][ T3259] usb 6-1: config 0 has no interfaces?
[  598.726917][ T3259] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  598.729886][ T3259] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  598.732666][ T3259] usb 6-1: Product: syz
[  598.734072][ T3259] usb 6-1: Manufacturer: syz
[  598.735696][ T3259] usb 6-1: SerialNumber: syz
[  598.738965][ T3259] usb 6-1: config 0 descriptor??
[  598.912223][T20449] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  598.957109][ T3259] usb 6-1: USB disconnect, device number 58
[  599.072355][T20449] usb 5-1: Using ep0 maxpacket: 8
[  599.103698][T20449] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  599.106744][T20449] usb 5-1: config 0 has no interface number 0
[  599.108892][T20449] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  599.112522][T20449] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  599.116512][T20449] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  599.120080][T20449] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  599.124394][T20449] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  599.127464][T20449] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.131958][T20449] usb 5-1: config 0 descriptor??
[  599.141391][T20449] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  599.392070][T27766] netlink: 'syz.5.7217': attribute type 2 has an invalid length.
[  599.394884][T27766] netlink: 'syz.5.7217': attribute type 1 has an invalid length.
[  599.516698][ T5727] Bluetooth: hci2: command 0x0406 tx timeout
[  599.681544][ T5727] Bluetooth: hci4: command 0x0405 tx timeout
[  599.681598][ T5737] Bluetooth: hci3: command 0x0401 tx timeout
[  601.424432][T27791] 9pnet_virtio: no channels available for device syz
[  601.439442][T27792] netlink: 45 bytes leftover after parsing attributes in process `syz.1.7225'.
[  601.443700][T27791] netlink: 45 bytes leftover after parsing attributes in process `syz.1.7225'.
[  601.566147][ T5801] usb 5-1: USB disconnect, device number 40
[  601.581176][ T5801] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  601.669458][T27801] syzkaller0: entered promiscuous mode
[  601.671958][T27801] syzkaller0: entered allmulticast mode
[  601.702259][T27801] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  601.709451][T27800] tipc: Resetting bearer <eth:syzkaller0>
[  601.727569][T27800] tipc: Disabling bearer <eth:syzkaller0>
[  601.733354][ T5727] Bluetooth: hci2: command 0x0406 tx timeout
[  601.782410][T27811] syzkaller0: entered promiscuous mode
[  601.784988][T27811] syzkaller0: entered allmulticast mode
[  601.812559][T27811] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  601.832454][T27810] tipc: Resetting bearer <eth:syzkaller0>
[  601.853881][T27810] tipc: Disabling bearer <eth:syzkaller0>
[  601.904262][ T5737] Bluetooth: hci4: command 0x0405 tx timeout
[  601.908653][ T5727] Bluetooth: hci3: command 0x0401 tx timeout
[  601.953504][T27818] netlink: 'syz.1.7234': attribute type 14 has an invalid length.
[  602.171625][T20449] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  602.173858][T27823] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  602.200649][T27823] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7235'.
[  602.206985][T27823] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7235'.
[  602.311291][ T5727] Bluetooth: hci4: unexpected event for opcode 0x1003
[  602.342304][T20449] usb 10-1: Using ep0 maxpacket: 32
[  602.350705][T20449] usb 10-1: config 1 interface 0 altsetting 1 endpoint 0x2 has invalid maxpacket 1608, setting to 1024
[  602.355329][T20449] usb 10-1: config 1 interface 0 has no altsetting 0
[  602.358785][T20449] usb 10-1: language id specifier not provided by device, defaulting to English
[  602.363900][T20449] usb 10-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40
[  602.367608][T20449] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.370893][T20449] usb 10-1: Product: 䰊樶溅�젡늪㙽�₴묲⫃�ఇ혆
[  602.373966][T20449] usb 10-1: SerialNumber: ��샞ꋖ�꟤㶧㊙붑瞙뚷㎼꣔�脨爚薻�娛旜䛟㖿軚�奎骘㔹ལ⛭ᇃ�刕��젷�ꑵ쾜ක与�惙険錥▿磔�虰�暅鈩뫬굲�Ῥ﫰ﳷꗧဵ➪突���列첿圎ႚ罾ඌľƗ䇙칮뉧螟梶緵米촙愶㿪瞘繡蘮࠹還�汓嬶ऑ歑뜘���ᦘ
[  602.390242][T27816] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  602.508187][T27843] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7241'.
[  602.512007][T27843] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7241'.
[  602.565580][T27847] fuse: Bad value for 'fd'
[  602.732154][T27850] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  602.735097][T27850] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  602.737747][T27850] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  602.836512][T20449] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:1.0/input/input44
[  602.900736][T27857] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  602.922481][T27859] netlink: 'syz.6.7248': attribute type 13 has an invalid length.
[  603.007642][T27857] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.021638][T27859] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7248'.
[  603.053931][ T5727] Bluetooth: hci3: Malformed LE Event: 0x0b
[  603.065488][ T5122] bcm5974 10-1:1.0: could not read from device
[  603.078447][T20449] usb 10-1: USB disconnect, device number 16
[  603.088565][ T5122] bcm5974 10-1:1.0: could not read from device
[  603.129551][T27857] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.237393][T27857] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.274620][T27867] netlink: 'syz.6.7250': attribute type 1 has an invalid length.
[  603.277333][T27867] netlink: 224 bytes leftover after parsing attributes in process `syz.6.7250'.
[  603.295039][T27870] netlink: 'syz.6.7250': attribute type 1 has an invalid length.
[  603.298176][T27870] netlink: 224 bytes leftover after parsing attributes in process `syz.6.7250'.
[  603.301421][T27870] workqueue: Failed to create a rescuer kthread for wq "phy3": -EINTR
[  603.343520][   T41] kauditd_printk_skb: 6 callbacks suppressed
[  603.343532][   T41] audit: type=1400 audit(1112.218:48722): avc:  denied  { create } for  pid=27874 comm="syz.6.7251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  603.353782][T27876] dummy0 speed is unknown, defaulting to 1000
[  603.373468][T24543] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  603.390892][T24545] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  603.410224][T24545] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  603.428880][T24542] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  603.439244][T27876] lo speed is unknown, defaulting to 1000
[  603.482868][T27879] dummy0 speed is unknown, defaulting to 1000
[  603.537037][T27882] can: request_module (can-proto-0) failed.
[  603.643403][T27892] syzkaller0: entered promiscuous mode
[  603.649834][T27892] syzkaller0: entered allmulticast mode
[  603.655006][T27879] lo speed is unknown, defaulting to 1000
[  603.683862][T27892] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  603.690980][T27891] tipc: Resetting bearer <eth:syzkaller0>
[  603.713209][T27891] tipc: Disabling bearer <eth:syzkaller0>
[  603.729483][T27888] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  603.732687][T27888] SELinux: failed to load policy
[  603.913264][T19539] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  603.930488][T27910] fuse: Unknown parameter '0x0000000000000004'
[  604.062869][T19539] usb 10-1: device descriptor read/64, error -71
[  604.148401][ T5801] usb 11-1: new high-speed USB device number 16 using dummy_hcd
[  604.201889][   T24] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  604.326551][ T5801] usb 11-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  604.331410][T19539] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  604.334869][ T5801] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.338677][ T5801] usb 11-1: Product: syz
[  604.341274][ T5801] usb 11-1: Manufacturer: syz
[  604.343474][ T5801] usb 11-1: SerialNumber: syz
[  604.347916][ T5801] usb 11-1: config 0 descriptor??
[  604.373542][   T24] usb 5-1: Using ep0 maxpacket: 8
[  604.377786][   T24] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  604.380786][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  604.386901][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  604.390110][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  604.394510][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  604.399210][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  604.402444][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.469368][ T5727] Bluetooth: hci4: ACL packet for unknown connection handle 1736
[  604.481081][T19539] usb 10-1: device descriptor read/64, error -71
[  604.570934][   T41] audit: type=1400 audit(1113.369:48723): avc:  denied  { bind } for  pid=27907 comm="syz.6.7259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  604.585870][T20449] usb 11-1: USB disconnect, device number 16
[  604.610803][T19539] usb usb10-port1: attempt power cycle
[  604.630767][   T24] usb 5-1: usb_control_msg returned -32
[  604.638764][   T24] usbtmc 5-1:16.0: can't read capabilities
[  604.971338][T19539] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  604.993718][T19539] usb 10-1: device descriptor read/8, error -71
[  605.007359][T27919] usbtmc 5-1:16.0: control status returned 0
[  605.270352][T19539] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  605.292328][T19539] usb 10-1: device descriptor read/8, error -71
[  605.420305][ T5801] usb 11-1: new high-speed USB device number 17 using dummy_hcd
[  605.423986][T19539] usb usb10-port1: unable to enumerate USB device
[  605.582813][ T5801] usb 11-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  605.587630][ T5801] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  605.592547][ T5801] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  605.596776][ T5801] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  605.603724][ T5801] usb 11-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  605.607926][ T5801] usb 11-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  605.611468][ T5801] usb 11-1: Manufacturer: syz
[  605.616013][ T5801] usb 11-1: config 0 descriptor??
[  606.053164][T27921] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7263'.
[  606.062259][ T5801] hid_parser_main: 16 callbacks suppressed
[  606.062279][ T5801] appleir 0003:05AC:8243.0012: unknown main item tag 0x0
[  606.080700][ T5801] appleir 0003:05AC:8243.0012: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[  606.276983][   T24] usb 11-1: USB disconnect, device number 17
[  606.607535][ T5727] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  606.613452][ T5727] Bluetooth: hci4: Injecting HCI hardware error event
[  606.624600][ T5737] Bluetooth: hci4: hardware error 0x00
[  607.013690][T27928] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  607.018255][T27928] 9p: Invalid uid '0x00000000ffffffff'
[  607.160853][ T5801] usb 5-1: USB disconnect, device number 41
[  607.231274][T27940] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7269'.
[  607.347328][   T41] audit: type=1400 audit(1115.971:48724): avc:  denied  { getopt } for  pid=27951 comm="syz.5.7274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  607.426680][   T41] audit: type=1400 audit(1116.036:48725): avc:  denied  { append } for  pid=27946 comm="syz.6.7272" path="socket:[131225]" dev="sockfs" ino=131225 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  607.512829][T27963] overlayfs: overlapping lowerdir path
[  607.573512][T27977] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7282'.
[  607.603412][T27979] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=27979 comm=syz.5.7283
[  607.639867][T27986] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7285'.
qemu-system-x86_64: warning: 9p: degraded performance: a reasonable high msize should be chosen on client/guest side (chosen msize is <= 8192). See https://wiki.qemu.org/Documentation/9psetup#msize for details.
[  607.831120][T27988] vlan1: entered promiscuous mode
[  607.833796][T27988] hsr0: entered promiscuous mode
[  607.836275][T27988] vlan1: entered allmulticast mode
[  607.838635][T27988] hsr0: entered allmulticast mode
[  607.840766][T27988] hsr_slave_0: entered allmulticast mode
[  607.842967][T27988] hsr_slave_1: entered allmulticast mode
[  607.922856][   T41] audit: type=1400 audit(1116.514:48726): avc:  denied  { watch } for  pid=27989 comm="syz.5.7287" path="/531/devices.list" dev="tmpfs" ino=2858 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  608.018706][T21996] usb 5-1: new low-speed USB device number 42 using dummy_hcd
[  608.155803][T21996] usb 5-1: device descriptor read/64, error -71
[  608.242339][T27996] tmpfs: Unknown parameter 'mpoM'
[  608.371783][T27998] sit0: Caught tx_queue_len zero misconfig
[  608.374578][T27998] netem: change failed
[  608.412602][T21996] usb 5-1: new low-speed USB device number 43 using dummy_hcd
[  608.477563][T28005] netlink: 44 bytes leftover after parsing attributes in process `syz.6.7292'.
[  608.521648][T28009] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  608.527938][T28009] netlink: 'syz.6.7294': attribute type 21 has an invalid length.
[  608.532497][T28009] IPv6: NLM_F_CREATE should be specified when creating new route
[  608.551516][T21996] usb 5-1: device descriptor read/64, error -71
[  608.668711][T21996] usb usb5-port1: attempt power cycle
[  608.766083][T28016] syzkaller0: entered promiscuous mode
[  608.768659][T28016] syzkaller0: entered allmulticast mode
[  608.798977][T28016] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  608.804216][T28015] tipc: Resetting bearer <eth:syzkaller0>
[  608.825803][T28015] tipc: Disabling bearer <eth:syzkaller0>
[  608.839833][ T5737] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  608.927324][T24544] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  609.032361][T21996] usb 5-1: new low-speed USB device number 44 using dummy_hcd
[  609.044974][   T41] audit: type=1400 audit(1117.562:48727): avc:  denied  { getopt } for  pid=28026 comm="syz.6.7299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  609.054008][T21996] usb 5-1: device descriptor read/8, error -71
[  609.185549][T28029] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  609.192239][T28029] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  609.273463][T24545] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  609.277144][T24545] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  609.282580][T24545] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  609.287118][T24545] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  609.309687][T21996] usb 5-1: new low-speed USB device number 45 using dummy_hcd
[  609.337821][T21996] usb 5-1: device descriptor read/8, error -71
[  609.460441][T21996] usb usb5-port1: unable to enumerate USB device
[  609.494880][T28035] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7302'.
[  609.911042][T28051] syzkaller1: entered promiscuous mode
[  609.914371][T28051] syzkaller1: entered allmulticast mode
[  610.049830][T28063] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7311'.
[  610.188419][   T41] audit: type=1400 audit(1118.629:48728): avc:  denied  { setopt } for  pid=28069 comm="syz.6.7314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  610.466046][T28081] netlink: 132 bytes leftover after parsing attributes in process `syz.6.7317'.
[  610.653269][T28091] netlink: 44 bytes leftover after parsing attributes in process `syz.6.7321'.
[  610.797693][ T5727] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  610.955323][ T5801] usb 11-1: new high-speed USB device number 18 using dummy_hcd
[  611.126293][ T5801] usb 11-1: Using ep0 maxpacket: 8
[  611.130102][ T5801] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  611.134617][ T5801] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  611.140230][ T5801] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  611.148409][ T5801] usb 11-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  611.152721][ T5801] usb 11-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  611.156389][ T5801] usb 11-1: Product: syz
[  611.159192][ T5801] usb 11-1: Manufacturer: syz
[  611.161296][ T5801] usb 11-1: SerialNumber: syz
[  611.165901][ T5801] usb 11-1: config 0 descriptor??
[  611.233340][ T5801] rc_core: IR keymap rc-imon-rsc not found
[  611.236078][ T5801] Registered IR keymap rc-empty
[  611.239987][ T5801] rc rc0: iMON Station as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0
[  611.245881][ T5801] input: iMON Station as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0/input45
[  611.376276][T28121] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7329'.
[  611.395772][T28093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  611.400912][T28093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  611.421311][T20449] usb 11-1: USB disconnect, device number 18
[  611.427899][T28127] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  611.483852][T28129] syzkaller0: entered promiscuous mode
[  611.485851][T28129] syzkaller0: entered allmulticast mode
[  611.506225][T28129] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  611.509873][T28128] tipc: Resetting bearer <eth:syzkaller0>
[  611.517034][   T41] audit: type=1400 audit(1119.873:48729): avc:  denied  { execute_no_trans } for  pid=28132 comm="syz.1.7333" path="/252/file0" dev="tmpfs" ino=1344 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  611.529212][T28128] tipc: Disabling bearer <eth:syzkaller0>
[  611.603035][T28137] btrfs: Unknown parameter 'acl§àÂó¬v™¤ßÎøÁH)uÏo'
[  611.972197][T28156] binder: 28155:28156 ioctl c0306201 200000000640 returned -22
[  612.038357][T28161] bond0: (slave macvlan3): Opening slave failed
[  612.130523][T28163] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7345'.
[  612.144674][T28167] overlayfs: conflicting lowerdir path
[  612.201135][T28169] netlink: 'syz.0.7346': attribute type 4 has an invalid length.
[  612.267788][T28174] binder: Binderfs stats mode cannot be changed during a remount
[  612.635139][T28210] syzkaller0: entered promiscuous mode
[  612.637048][T28210] syzkaller0: entered allmulticast mode
[  612.660968][T28210] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  612.665723][T28209] tipc: Resetting bearer <eth:syzkaller0>
[  612.687292][T28209] tipc: Disabling bearer <eth:syzkaller0>
[  612.791668][T28219] binder: BINDER_SET_CONTEXT_MGR already set
[  612.796173][T28219] binder: 28218:28219 ioctl 4018620d 200000000180 returned -16
[  612.841997][T28227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7360'.
[  612.852063][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  612.855462][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  612.859263][T28227] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  612.862033][T28227] UDF-fs: Scanning with blocksize 512 failed
[  612.869619][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  612.873890][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  612.877994][T28227] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  612.881941][T28227] UDF-fs: Scanning with blocksize 1024 failed
[  612.885525][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  612.911359][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  612.917666][T28227] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  612.923602][T28227] UDF-fs: Scanning with blocksize 2048 failed
[  612.926780][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  612.930980][T28227] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  612.936752][T28227] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found
[  612.940332][T28227] UDF-fs: Scanning with blocksize 4096 failed
[  612.943354][T28227] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  612.969516][T28226] netlink: 'syz.6.7363': attribute type 21 has an invalid length.
[  612.972639][T28226] IPv6: NLM_F_CREATE should be specified when creating new route
[  612.977318][   T41] audit: type=1400 audit(1121.239:48730): avc:  denied  { watch_reads } for  pid=28241 comm="syz.0.7366" path="/581/file0" dev="tmpfs" ino=3066 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  613.039501][T28246] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[  613.236939][T28256] syzkaller0: entered promiscuous mode
[  613.238926][T28256] syzkaller0: entered allmulticast mode
[  613.262395][T28256] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  613.270898][T28255] tipc: Resetting bearer <eth:syzkaller0>
[  613.293877][T28255] tipc: Disabling bearer <eth:syzkaller0>
[  613.316954][T19217] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  613.500905][T19217] usb 5-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x2C, changing to 0xC
[  613.505874][T19217] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0xC has an invalid bInterval 0, changing to 7
[  613.510626][T19217] usb 5-1: config 0 interface 0 has no altsetting 0
[  613.515509][T19217] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  613.518752][T19217] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  613.521656][T19217] usb 5-1: Product: syz
[  613.523438][T19217] usb 5-1: Manufacturer: syz
[  613.525080][T19217] usb 5-1: SerialNumber: syz
[  613.529318][T19217] usb 5-1: config 0 descriptor??
[  613.542618][T19217] usb 5-1: selecting invalid altsetting 0
[  613.702546][T28273] input: syz0 as /devices/virtual/input/input47
[  613.712248][T28269] gfs2: not a GFS2 filesystem
[  613.761873][T28246] usb 5-1: cannot submit urb 0, error -2: endpoint not enabled
[  613.774378][T21996] usb 5-1: USB disconnect, device number 46
[  613.820321][T28277] SET target dimension over the limit!
[  613.993141][   T41] audit: type=1400 audit(1122.194:48731): avc:  denied  { write } for  pid=28285 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  614.065426][   T41] audit: type=1400 audit(1122.250:48732): avc:  denied  { write } for  pid=28291 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  614.266569][T28304] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7387'.
[  614.287671][   T41] audit: type=1400 audit(1122.456:48733): avc:  denied  { write } for  pid=28299 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  614.328506][T28308] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7388'.
[  614.373434][T28308] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  614.391477][   T41] audit: type=1400 audit(1122.559:48734): avc:  denied  { write } for  pid=28314 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  614.394384][T28308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  614.448599][T28309] syzkaller0: entered promiscuous mode
[  614.454616][T28309] syzkaller0: entered allmulticast mode
[  614.511860][   T41] audit: type=1400 audit(1122.671:48735): avc:  denied  { write } for  pid=28324 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  614.602731][   T41] audit: type=1400 audit(1122.755:48736): avc:  denied  { write } for  pid=28332 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  614.758081][T28352] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  614.763989][T28352] iommufd_mock iommufd_mock1: Adding to iommu group 10
[  614.775130][T28352] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7398'.
[  614.823560][   T41] audit: type=1400 audit(1122.961:48737): avc:  denied  { connect } for  pid=28345 comm="syz.6.7396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  614.895743][T28365] xt_CT: You must specify a L4 protocol and not use inversions on it
[  615.038071][T28377] netlink: 'syz.6.7405': attribute type 12 has an invalid length.
[  615.344872][T28390] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7409'.
[  615.348891][T28390] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7409'.
[  615.355555][ T5727] Bluetooth: hci3: unexpected event for opcode 0x0c47
[  615.456366][   T24] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  615.626136][   T24] usb 6-1: Using ep0 maxpacket: 8
[  615.631557][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  615.635211][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  615.639010][   T24] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  615.644867][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.660460][   T24] hub 6-1:1.0: bad descriptor, ignoring hub
[  615.662365][   T24] hub 6-1:1.0: probe with driver hub failed with error -5
[  615.769152][T28398] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7411'.
[  615.822782][T28401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7412'.
[  615.827861][T28397] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7411'.
[  615.875257][T28383] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.7407'.
[  615.888534][   T41] audit: type=1400 audit(1123.963:48738): avc:  denied  { write } for  pid=28402 comm="syz.0.7413" name="config" dev="proc" ino=4026535364 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  615.949394][T28408] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7414'.
[  615.999379][T20449] usb 6-1: USB disconnect, device number 59
[  616.024254][T28414] pim6reg99999999: entered allmulticast mode
[  616.290855][T28430] netlink: 'syz.5.7421': attribute type 7 has an invalid length.
[  616.294436][T28430] netlink: 'syz.5.7421': attribute type 8 has an invalid length.
[  616.435752][   T41] audit: type=1400 audit(1124.468:48739): avc:  denied  { validate_trans } for  pid=28439 comm="syz.5.7425" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  616.457611][T28442] netlink: 'syz.1.7427': attribute type 9 has an invalid length.
[  616.728442][   T41] audit: type=1400 audit(1124.749:48740): avc:  denied  { create } for  pid=28473 comm="syz.5.7435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  616.736405][   T41] audit: type=1400 audit(1124.749:48741): avc:  denied  { connect } for  pid=28473 comm="syz.5.7435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  616.749802][T28474] team_slave_1: Caught tx_queue_len zero misconfig
[  616.853988][T19539] usb 11-1: new high-speed USB device number 19 using dummy_hcd
[  616.857064][T28478] bridge0: port 3(macvlan0) entered blocking state
[  616.860221][T28478] bridge0: port 3(macvlan0) entered disabled state
[  616.863286][T28478] macvlan0: entered allmulticast mode
[  616.871554][T19783] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  616.875369][ T5727] Bluetooth: hci2: command 0x0406 tx timeout
[  616.879209][T28478] macvlan0: left allmulticast mode
[  616.882456][T19783] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  616.981339][T28483] syzkaller0: entered promiscuous mode
[  616.983413][T28483] syzkaller0: entered allmulticast mode
[  617.006227][T28483] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  617.012979][T28482] tipc: Resetting bearer <eth:syzkaller0>
[  617.025412][T19539] usb 11-1: Using ep0 maxpacket: 16
[  617.030219][T19539] usb 11-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  617.036913][T28482] tipc: Disabling bearer <eth:syzkaller0>
[  617.041099][T19539] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  617.050236][T19539] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  617.063650][T19539] usb 11-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  617.067870][T19539] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.073677][T19539] usb 11-1: config 0 descriptor??
[  617.082017][T19539] usbhid 11-1:0.0: couldn't find an input interrupt endpoint
[  617.258225][T28500] netlink: 'syz.5.7445': attribute type 13 has an invalid length.
[  617.656279][   T41] audit: type=1400 audit(1125.619:48742): avc:  denied  { listen } for  pid=28526 comm="syz.5.7454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  617.711422][T28531] loop6: detected capacity change from 0 to 2640
[  617.714768][T28531] buffer_io_error: 11 callbacks suppressed
[  617.714783][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.725099][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.728738][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.734028][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.737991][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.742367][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.745976][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.751079][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.755921][T28531] ldm_validate_partition_table(): Disk read failed.
[  617.760229][   T41] audit: type=1400 audit(1125.713:48743): avc:  denied  { read write } for  pid=28535 comm="syz.5.7457" name="0:0:0:0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  617.762568][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.771526][   T41] audit: type=1400 audit(1125.713:48744): avc:  denied  { ioctl open } for  pid=28535 comm="syz.5.7457" path="/dev/bsg/0:0:0:0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  617.777988][T28531] Buffer I/O error on dev loop6, logical block 0, async page read
[  617.787898][T28531] Dev loop6: unable to read RDB block 0
[  617.790847][T28531]  loop6: unable to read partition table
[  617.793580][T28531] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  617.886576][T28542] siw: device registration error -23
[  617.890772][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  618.097200][ T5727] Bluetooth: hci3: unexpected event for opcode 0x041b
[  618.346260][T28574] netlink: zone id is out of range
[  618.387327][T28574] xfrm2: entered allmulticast mode
[  618.547212][T28577] SET target dimension over the limit!
[  618.741461][T28590] bridge_slave_0: left allmulticast mode
[  618.744205][T28590] bridge_slave_0: left promiscuous mode
[  618.747265][T28590] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.753661][T28590] bridge_slave_1: left allmulticast mode
[  618.757170][T28590] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.772692][T28590] team0: Port device team_slave_0 removed
[  618.783251][T28590] team0: Port device team_slave_1 removed
[  618.786564][T28590] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  618.794803][T28590] batman_adv: batadv0: Removing interface: batadv_slave_0
[  618.800085][T28590] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  618.803314][T28590] batman_adv: batadv0: Removing interface: batadv_slave_1
[  618.808666][T28590] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  619.087479][T19783] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  619.089587][T19783] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  619.400652][ T5737] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  619.418258][ T5737] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  619.449712][ T5737] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  619.454678][ T5737] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  619.462181][ T5737] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  619.491137][ T5727] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  619.497447][ T5727] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  619.501341][ T5727] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  619.505168][ T5727] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  619.508735][ T5727] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  619.545163][T28622] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  619.546136][T28618] netlink: 'syz.1.7478': attribute type 29 has an invalid length.
[  619.565082][T28618] netlink: 'syz.1.7478': attribute type 29 has an invalid length.
[  619.764037][T28657] __nla_validate_parse: 204 callbacks suppressed
[  619.764050][T28657] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7485'.
[  619.783375][T28592] dummy0 speed is unknown, defaulting to 1000
[  619.819696][T19783] usb 11-1: USB disconnect, device number 19
[  619.872394][T28655] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  619.930028][T28592] lo speed is unknown, defaulting to 1000
[  620.087165][T28674] netlink: 44 bytes leftover after parsing attributes in process `syz.6.7492'.
[  620.254317][T28688] SELinux:  Context system_u:object_r:sysfs_t:s0 is not valid (left unmapped).
[  620.254677][T28592] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.261200][   T41] kauditd_printk_skb: 8 callbacks suppressed
[  620.261232][   T41] audit: type=1400 audit(1128.052:48753): avc:  denied  { relabelto } for  pid=28687 comm="syz.1.7493" name="bus" dev="tmpfs" ino=1529 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:sysfs_t:s0"
[  620.266509][T28592] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.275074][   T41] audit: type=1400 audit(1128.052:48754): avc:  denied  { associate } for  pid=28687 comm="syz.1.7493" name="bus" dev="tmpfs" ino=1529 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:sysfs_t:s0"
[  620.275119][   T41] audit: type=1400 audit(1128.052:48755): avc:  denied  { mounton } for  pid=28687 comm="syz.1.7493" path="/287/bus" dev="tmpfs" ino=1529 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:sysfs_t:s0"
[  620.280383][T28592] bridge_slave_0: entered allmulticast mode
[  620.295030][   T41] audit: type=1400 audit(1128.052:48756): avc:  denied  { write } for  pid=28687 comm="syz.1.7493" name="bus" dev="tmpfs" ino=1529 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:sysfs_t:s0"
[  620.304177][T28592] bridge_slave_0: entered promiscuous mode
[  620.310428][   T41] audit: type=1400 audit(1128.052:48757): avc:  denied  { add_name } for  pid=28687 comm="syz.1.7493" name="work" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:sysfs_t:s0"
[  620.310454][   T41] audit: type=1400 audit(1128.052:48758): avc:  denied  { associate } for  pid=28687 comm="syz.1.7493" name="work" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  620.310474][   T41] audit: type=1400 audit(1128.052:48759): avc:  denied  { setattr } for  pid=28687 comm="syz.1.7493" name="work" dev="tmpfs" ino=1530 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  620.310497][   T41] audit: type=1400 audit(1128.052:48760): avc:  denied  { write } for  pid=28687 comm="syz.1.7493" name="work" dev="tmpfs" ino=1530 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  620.310518][   T41] audit: type=1400 audit(1128.052:48761): avc:  denied  { write open } for  pid=28687 comm="syz.1.7493" path=2F202864656C6574656429 dev="tmpfs" ino=1531 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  620.310540][   T41] audit: type=1400 audit(1128.052:48762): avc:  denied  { write } for  pid=28687 comm="syz.1.7493" name="work" dev="tmpfs" ino=1530 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  620.377546][T28592] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.380685][T28592] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.383942][T28592] bridge_slave_1: entered allmulticast mode
[  620.388222][T28592] bridge_slave_1: entered promiscuous mode
[  620.419502][T28592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  620.426819][T28592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  620.452141][T28592] team0: Port device team_slave_0 added
[  620.456966][T28592] team0: Port device team_slave_1 added
[  620.484238][T28592] batman_adv: batadv0: Adding interface: batadv_slave_0
[  620.487594][T28592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  620.498761][T28592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  620.503124][T28698] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7497'.
[  620.505028][T28592] batman_adv: batadv0: Adding interface: batadv_slave_1
[  620.510365][T28592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  620.521308][T28592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  620.645742][T28592] hsr_slave_0: entered promiscuous mode
[  620.649075][T28592] hsr_slave_1: entered promiscuous mode
[  620.652048][T28592] debugfs: 'hsr0' already exists in 'hsr'
[  620.654525][T28592] Cannot create hsr debugfs directory
[  620.902496][T28592] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  620.912596][T28592] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  620.917430][T28592] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.023534][T28592] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  621.027764][T28592] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  621.032015][T28592] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.109857][T28719] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7505'.
[  621.116279][T28719] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7505'.
[  621.155899][T28592] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  621.160235][T28592] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  621.164965][T28592] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.168659][T28721] netlink: 'syz.5.7505': attribute type 28 has an invalid length.
[  621.173284][T28721] netlink: 'syz.5.7505': attribute type 3 has an invalid length.
[  621.176757][T28721] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7505'.
[  621.251160][T28592] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  621.255410][T28592] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  621.264325][T28592] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.556485][T28592] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  621.563821][T28592] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  621.570108][T28592] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  621.575674][T28730] netlink: 'syz.5.7509': attribute type 1 has an invalid length.
[  621.576546][T28592] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  621.611310][T28592] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  621.614471][T28730] netlink: 'syz.5.7509': attribute type 1 has an invalid length.
[  621.622905][T28592] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  621.626696][T28592] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  621.632942][T28592] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  621.637608][T28731] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR
[  621.650955][T28739] ==================================================================
[  621.658158][T28739] BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x209a/0x4160
[  621.662172][T28739] Write of size 2560 at addr ffffc9000354862c by task vivid-000-vid-c/28739
[  621.668160][T28739] 
[  621.669344][T28739] CPU: 0 UID: 0 PID: 28739 Comm: vivid-000-vid-c Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  621.669370][T28739] Tainted: [L]=SOFTLOCKUP
[  621.669377][T28739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  621.669405][T28739] Call Trace:
[  621.669413][T28739]  <TASK>
[  621.669420][T28739]  dump_stack_lvl+0x100/0x190
[  621.669517][T28739]  print_report+0x13d/0x4b0
[  621.669559][T28739]  ? _raw_spin_lock_irqsave+0x52/0x60
[  621.669586][T28739]  ? tpg_fill_plane_buffer+0x209a/0x4160
[  621.669612][T28739]  kasan_report+0xdf/0x1d0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  621.669676][T28739]  ? tpg_fill_plane_buffer+0x209a/0x4160
[  621.669704][T28739]  kasan_check_range+0x10f/0x1e0
[  621.669727][T28739]  __asan_memcpy+0x3c/0x60
[  621.669748][T28739]  tpg_fill_plane_buffer+0x209a/0x4160
[  621.669787][T28739]  vivid_fillbuff+0x963/0x3ff0
[  621.669826][T28739]  ? __lock_acquire+0x4a5/0x2630
[  621.669872][T28739]  ? __pfx_vivid_fillbuff+0x10/0x10
[  621.669891][T28739]  ? __lock_acquire+0x4a5/0x2630
[  621.669919][T28739]  ? v4l2_ctrl_request_setup+0x45a/0xa60
[  621.669939][T28739]  ? lockdep_hardirqs_on+0x78/0x100
[  621.669961][T28739]  ? vivid_thread_vid_cap_tick+0x81b/0x1470
[  621.669978][T28739]  vivid_thread_vid_cap_tick+0x81b/0x1470
[  621.670001][T28739]  vivid_thread_vid_cap+0x454/0xd70
[  621.670022][T28739]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  621.670044][T28739]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  621.670071][T28739]  ? do_raw_spin_lock+0x128/0x260
[  621.670093][T28739]  ? find_held_lock+0x2b/0x80
[  621.670109][T28739]  ? __kthread_parkme+0xbb/0x230
[  621.670127][T28739]  ? rcu_is_watching+0x12/0xc0
[  621.670153][T28739]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  621.670171][T28739]  ? lockdep_hardirqs_on+0x78/0x100
[  621.670191][T28739]  ? __kthread_parkme+0x18c/0x230
[  621.670207][T28739]  ? kthread+0x13a/0x450
[  621.670225][T28739]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  621.670243][T28739]  kthread+0x370/0x450
[  621.670262][T28739]  ? __pfx_kthread+0x10/0x10
[  621.670282][T28739]  ret_from_fork+0x72b/0xd50
[  621.670316][T28739]  ? __pfx_ret_from_fork+0x10/0x10
[  621.670335][T28739]  ? __switch_to+0x800/0x1100
[  621.670361][T28739]  ? __pfx_kthread+0x10/0x10
[  621.670382][T28739]  ret_from_fork_asm+0x1a/0x30
[  621.670411][T28739]  </TASK>
[  621.670418][T28739] 
[  621.734065][T28592] 8021q: adding VLAN 0 to HW filter on device bond0
[  621.734851][T28739] The buggy address belongs to a
[  621.755816][T28592] 8021q: adding VLAN 0 to HW filter on device team0
[  621.756826][T28739]  2-page vmalloc region starting at 0xffffc90003547000 allocated at vb2_vmalloc_alloc+0x135/0x410
[  621.780229][T28739] The buggy address belongs to the physical page:
[  621.783075][T28739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x44d53
[  621.787355][T28739] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  621.790302][T28739] raw: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  621.793942][T28739] raw: ffffffffffffffff 0000000000000000 00000001ffffffff 0000000000000000
[  621.797528][T28739] page dumped because: kasan: bad access detected
[  621.800290][T28739] page_owner tracks the page as allocated
[  621.802806][T28739] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x29c2(GFP_NOWAIT|__GFP_HIGHMEM|__GFP_IO|__GFP_FS|__GFP_ZERO), pid 28736, tgid 28734 (syz.1.7510), ts 621638490194, free_ts 621525844107
[  621.811236][T28739]  post_alloc_hook+0x153/0x170
[  621.813435][T28739]  get_page_from_freelist+0x11a6/0x33b0
[  621.815860][T28739]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  621.818468][T28739]  alloc_pages_mpol+0x1fb/0x540
[  621.820631][T28739]  alloc_pages_noprof+0x1a/0x160
[  621.822865][T28739]  __vmalloc_node_range_noprof+0xf9a/0x1630
[  621.825303][T28739]  vmalloc_user_noprof+0x9e/0xe0
[  621.827463][T28739]  vb2_vmalloc_alloc+0x135/0x410
[  621.829643][T28739]  __vb2_queue_alloc+0x8d5/0x1160
[  621.831832][T28739]  vb2_core_reqbufs+0x899/0xf30
[  621.834005][T28739]  __vb2_init_fileio+0x32d/0x1000
[  621.836232][T28739]  vb2_core_poll+0x611/0x740
[  621.838277][T28739]  vb2_poll+0x4b/0xe0
[  621.840022][T28739]  vb2_fop_poll+0x10e/0x350
[  621.842055][T28739]  v4l2_poll+0x15f/0x220
[  621.843925][T28739]  do_sys_poll+0x6e5/0xe90
[  621.845922][T28739] page last free pid 28727 tgid 28726 stack trace:
[  621.848731][T28739]  __free_frozen_pages+0x747/0x1040
[  621.851009][T28739]  qlist_free_all+0x47/0xf0
[  621.853039][T28739]  kasan_quarantine_reduce+0x1a0/0x1f0
[  621.855423][T28739]  __kasan_slab_alloc+0x69/0x90
[  621.857579][T28739]  __kmalloc_node_noprof+0x2bd/0x850
[  621.859903][T28739]  __vmalloc_node_range_noprof+0x409/0x1630
[  621.862513][T28739]  __vmalloc_node_noprof+0xad/0xf0
[  621.864771][T28739]  __vmalloc_noprof+0xa3/0x120
[  621.866873][T28739]  bpf_prog_alloc_no_stats+0x59/0x630
[  621.869242][T28739]  bpf_prog_alloc+0x3b/0x200
[  621.871164][T28739]  bpf_prog_load+0x48c/0x2b30
[  621.873244][T28739]  __sys_bpf+0x223a/0x4b90
[  621.875189][T28739]  __x64_sys_bpf+0x7b/0xc0
[  621.877175][T28739]  do_syscall_64+0x10b/0xf80
[  621.879211][T28739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.881850][T28739] 
[  621.882923][T28739] Memory state around the buggy address:
[  621.885392][T28739]  ffffc90003548f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  621.888877][T28739]  ffffc90003548f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  621.892416][T28739] >ffffc90003549000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  621.895881][T28739]                    ^
[  621.897797][T28739]  ffffc90003549080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  621.901474][T28739]  ffffc90003549100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  621.904957][T28739] ==================================================================
[  621.908642][ T5727] Bluetooth: hci1: command tx timeout
[  621.914979][   T24] usb 11-1: new high-speed USB device number 20 using dummy_hcd
[  621.924239][  T161] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.927596][  T161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  621.932818][  T161] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.935895][  T161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  622.000936][T28739] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  622.004158][T28739] CPU: 0 UID: 0 PID: 28739 Comm: vivid-000-vid-c Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  622.009084][T28739] Tainted: [L]=SOFTLOCKUP
[  622.010985][T28739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  622.015387][T28739] Call Trace:
[  622.016887][T28739]  <TASK>
[  622.018213][T28739]  dump_stack_lvl+0x100/0x190
[  622.020280][T28739]  vpanic+0x552/0x970
[  622.022054][T28739]  ? __pfx_vpanic+0x10/0x10
[  622.024061][T28739]  ? tpg_fill_plane_buffer+0x209a/0x4160
[  622.026516][T28739]  panic+0xd1/0xe0
[  622.028188][T28739]  ? __pfx_panic+0x10/0x10
[  622.030144][T28739]  ? tpg_fill_plane_buffer+0x209a/0x4160
[  622.032588][T28739]  ? preempt_schedule_common+0x42/0xc0
[  622.034821][T28739]  ? check_panic_on_warn+0x1f/0x90
[  622.037070][T28739]  check_panic_on_warn.cold+0x19/0x34
[  622.039381][T28739]  end_report.part.0+0x3a/0x90
[  622.041493][T28739]  kasan_report.cold+0xe/0x18
[  622.043527][T28739]  ? tpg_fill_plane_buffer+0x209a/0x4160
[  622.045970][T28739]  kasan_check_range+0x10f/0x1e0
[  622.048139][T28739]  __asan_memcpy+0x3c/0x60
[  622.050092][T28739]  tpg_fill_plane_buffer+0x209a/0x4160
[  622.052480][T28739]  vivid_fillbuff+0x963/0x3ff0
[  622.054592][T28739]  ? __lock_acquire+0x4a5/0x2630
[  622.056788][T28739]  ? __pfx_vivid_fillbuff+0x10/0x10
[  622.059041][T28739]  ? __lock_acquire+0x4a5/0x2630
[  622.061284][T28739]  ? v4l2_ctrl_request_setup+0x45a/0xa60
[  622.063732][T28739]  ? lockdep_hardirqs_on+0x78/0x100
[  622.065970][T28739]  ? vivid_thread_vid_cap_tick+0x81b/0x1470
[  622.068541][T28739]  vivid_thread_vid_cap_tick+0x81b/0x1470
[  622.071041][T28739]  vivid_thread_vid_cap+0x454/0xd70
[  622.073359][T28739]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  622.076057][T28739]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  622.078579][T28739]  ? do_raw_spin_lock+0x128/0x260
[  622.080871][T28739]  ? find_held_lock+0x2b/0x80
[  622.082981][T28739]  ? __kthread_parkme+0xbb/0x230
[  622.085173][T28739]  ? rcu_is_watching+0x12/0xc0
[  622.087293][T28739]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  622.089856][T28739]  ? lockdep_hardirqs_on+0x78/0x100
[  622.092143][T28739]  ? __kthread_parkme+0x18c/0x230
[  622.094355][T28739]  ? kthread+0x13a/0x450
[  622.096258][T28739]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  622.098732][T28739]  kthread+0x370/0x450
[  622.100562][T28739]  ? __pfx_kthread+0x10/0x10
[  622.102658][T28739]  ret_from_fork+0x72b/0xd50
[  622.104734][T28739]  ? __pfx_ret_from_fork+0x10/0x10
[  622.106982][T28739]  ? __switch_to+0x800/0x1100
[  622.109073][T28739]  ? __pfx_kthread+0x10/0x10
[  622.111116][T28739]  ret_from_fork_asm+0x1a/0x30
[  622.113273][T28739]  </TASK>
[  622.115623][T28739] Kernel Offset: disabled
[  622.117537][T28739] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:48:24  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff857e38d5 RDI=ffffffff9b470140 RBP=ffffffff9b470100 RSP=ffffc9000720f180
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=666f206574697257
R12=0000000000000000 R13=0000000000000061 R14=0000000000000010 R15=ffffffff857e3870
RIP=ffffffff857e38ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6376000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b31623ffc CR3=000000003d736000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004222200 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d3f77bdfa4b9aa0 5f9909741e56bed2
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf30c6e6da26cf51 5755480f95d3cc68
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 90b5d1edaacfbc0f 5414e21da9490a2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 31f011a1162d1ac4 4e3fb75345d33a52
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000028
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000028
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d2d2d2d3cc22309 573cf56200000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 20c883c91c69bfcd 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8e9f894b9fae25d9 2581e79e819d5c97
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000003163616d
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856b08e647
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b69be1163cb6500 a4ac85c293540e63 57c93d417f4d0394 89cd11f6992873d1
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b69be1163cb6500 a4ac85c293540e63 57c93d417f4d0394 89cd11f6992873d1
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1515004140494c44 43050c41435f564b 51404b5f514c4b4c 0d564b5f51405600
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3f85ded5f8 00007f3f85ded5c8 00007f3f85ded600 00007f3f85ded5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000004000008fb RBX=ffff88801b8ff488 RCX=0000000000000830 RDX=0000000000000004
RSI=00000000000000fb RDI=0000000000000002 RBP=1ffff920000d4199 RSP=ffffc900006a0ca0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000002 R13=ffff88806a63c580 R14=1ffff1100b66d401 R15=0000000000000000
RIP=ffffffff81b65b0a RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f32ed941300 ffffffff 00c00000
GS =0000 ffff8880d6476000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557024fd0f40 CR3=000000002ff14000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000feffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=5b93eb616e1a9900 55aba714598d7f71 5b93eb616e1a9900 55aba714598d7f71 5b93eb616e1a9900 55aba714598d7f71 5b93eb616e1a9900 55aba714598d7f71
ZMM18=c89a5aca0a70d403 9410170a49f40136 c89a5aca0a70d403 9410170a49f40136 c89a5aca0a70d403 9410170a49f40136 c89a5aca0a70d403 9410170a49f40136
ZMM19=0621000000000000 0000000000000004 0621000000000000 0000000000000003 0621000000000000 0000000000000002 0621000000000000 0000000000000001
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002a20300020002 a003000800029803 0008000290030a04 00028c0302020002
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8a030a0200028803 2808000280030280 040c80030c80040d a0030008000d9003
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0fffffffffffff04 0d80031808000610 00201000060073e4 1808000610002010
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03000000ffffffa6 03000000ffffff9e 03000000ffffff96 03000000ffffff8e
ZMM25=9410170a9410170a 9410170a9410170a 9410170a9410170a 9410170a9410170a 9410170a9410170a 9410170a9410170a 9410170a9410170a 9410170a9410170a
ZMM26=0a70d4030a70d403 0a70d4030a70d403 0a70d4030a70d403 0a70d4030a70d403 0a70d4030a70d403 0a70d4030a70d403 0a70d4030a70d403 0a70d4030a70d403
ZMM27=c89a5acac89a5aca c89a5acac89a5aca c89a5acac89a5aca c89a5acac89a5aca c89a5acac89a5aca c89a5acac89a5aca c89a5acac89a5aca c89a5acac89a5aca
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0521000005210000 0521000005210000 0521000005210000 0521000005210000 0521000005210000 0521000005210000 0521000005210000 0521000005210000
info registers vcpu 2

CPU#2
RAX=000000000066c879 RBX=ffff88801ee94a00 RCX=ffffffff8b8a1045 RDX=0000000000000000
RSI=ffffffff8df1fe7a RDI=ffffffff8c1c3600 RBP=0000000000000000 RSP=ffffc90000187df0
R8 =0000000000000001 R9 =ffffed100d4c67b5 R10=ffff88806a633dab R11=0000000000000000
R12=0000000000000002 R13=ffffed1003dd2940 R14=0000000000000002 R15=ffffffff90d79b50
RIP=ffffffff8b89f87f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6576000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f3f869435c0 CR3=000000004bcd2000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000002 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 737570635f657669 7463656666652e74
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe623ccf76
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe623ccf76 00007ffe623ccf7c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7db783334c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7db783338c
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7db78334f0
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7db783337e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81fc0f8d RDX=ffff888013600000
RSI=ffffffff81fc0f67 RDI=ffff888013600000 RBP=ffff88806a4431e0 RSP=ffffc9000416f578
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000003 R13=ffffed100d48863d R14=0000000000000001 R15=ffff88806a73c5c0
RIP=ffffffff81fc0f69 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555560740500 ffffffff 00c00000
GS =0000 ffff8880d6676000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f43761456b8 CR3=000000004387b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000f802fefc Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73657479625f6e69 5f65676173752e42
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe4be42176
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe4be42176 00007ffe4be4217c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f437543334c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f437543338c
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f43754334f0
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f437543337e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000