last executing test programs:

23.638351064s ago: executing program 2 (id=2263):
r0 = socket(0x2, 0x80805, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x20, 0x140b, 0x800, 0x70bd27, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_RES_CM_IDN={0x8, 0x3f, 0x4}, @RDMA_NLDEV_ATTR_RES_CM_IDN={0x8, 0x3f, 0x1}]}, 0x20}}, 0x81)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(sm4)\x00'}, 0x58)
r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRES8], 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r5, 0x80104592, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x45}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, r6, 0x0, 0x0, 0xffffffffffffffff, 0x1400})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18010300000020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000020b703000007000000850000000600"/64], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000240)="b9", 0x1}], 0x1}}], 0x2, 0x0)

23.050460984s ago: executing program 2 (id=2275):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000140))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f0000000080)=0x1, 0xd, 0x2, 0x0, 0x0, 0xfffffffe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
syz_emit_ethernet(0xcf, &(0x7f0000000280)={@link_local, @random="38c8eda83ab8", @void, {@ipv4={0x800, @gre={{0x16, 0x4, 0x1, 0x37, 0xc1, 0x66, 0x0, 0x6, 0x2f, 0x0, @broadcast, @private=0xa010100, {[@timestamp_prespec={0x44, 0x34, 0xb6, 0x3, 0xc, [{@multicast1, 0x3}, {@multicast1, 0xffff}, {@broadcast, 0x3ff}, {@empty, 0xff}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x81}, {@rand_addr=0x64010100, 0x80000000}]}, @cipso={0x86, 0x8, 0xffffffffffffffff, [{0x1, 0x2}]}, @timestamp={0x44, 0x8, 0xe8, 0x0, 0x4, [0x8]}]}}, {{}, {0x1, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x86dd, [], "0b26abb5c0ea79a522335a306c0d63e3b92e765f0023444de2d2dd35005dab6ae08711c789"}, {0x8, 0x88be, 0x4, {{0x1, 0x1, 0x7f, 0x3, 0x1, 0x1, 0x5, 0x6}, 0x1, {0xf2}}}, {0x8, 0x22eb, 0x3, {{0x9, 0x2, 0xa5, 0x2, 0x1, 0x3, 0x0, 0xd}, 0x2, {0x3, 0x6, 0x1, 0x4, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x82801, 0x0)

22.859433408s ago: executing program 2 (id=2284):
mount$9p_tcp(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000040)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@noextend}, {@uname={'uname', 0x3d, 'noextend'}}]}})
r0 = syz_open_dev$I2C(&(0x7f00000002c0), 0x4, 0x404800)
ioctl$I2C_TIMEOUT(r0, 0x702, 0x3)
listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000700)=""/4096, 0x1000)

22.019876895s ago: executing program 2 (id=2296):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x3)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r3})
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

21.959843733s ago: executing program 2 (id=2297):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0xfffffffd, 0x9, 0x32314241, 0x3, 0x7, [{0x6, 0xd381}, {0xdc5, 0x5}, {0x0, 0x5}, {0x8, 0x10000}, {0x1000, 0xcf}, {0x5, 0x6}, {0x1, 0x80000005}, {0x8003, 0x8000}], 0x7, 0x7, 0x2, 0x0, 0x1}})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r1, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x1, @mcast1, 0x4}, 0x1c)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
sendto$inet6(r2, 0x0, 0x0, 0x400ad80, &(0x7f00000000c0)={0xa, 0x4e23, 0x5b3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="b3ab706204ee39c9dae21a1718ee351ebc92d2f0d482a863ae5cc53a083d9b761b0000000000000000", 0x29}], 0x1}}], 0x1, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000340)={0x1, 0xb, 0x9, 0x2, 0x4, "3bc9a3558fc50251a1a8a1000000ddff00", 0x3, 0xcb})

21.609891804s ago: executing program 2 (id=2306):
mount$9p_virtio(&(0x7f0000000040), &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x4, &(0x7f0000000200)={'trans=virtio,', {[{@ignoreqv}]}})
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020)

21.573526877s ago: executing program 32 (id=2306):
mount$9p_virtio(&(0x7f0000000040), &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x4, &(0x7f0000000200)={'trans=virtio,', {[{@ignoreqv}]}})
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020)

17.950377727s ago: executing program 3 (id=2344):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x301, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000280)="99dd7ab112feae7132448bb8daedc9cde123c30fd80a", 0x16}], 0x1)
syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e06006220"], 0x9)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r1, &(0x7f0000000980)=[{&(0x7f0000000500)="be81", 0x20000}], 0x1, 0x5, 0xa, 0x14)

17.039315416s ago: executing program 3 (id=2354):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x8, &(0x7f0000000100)=@framed={{0x18, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f00000001c0)='GPL\x00'}, 0x90)
r1 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r5, 0x0, &(0x7f0000000000)="bda8", 0x2, 0x100, 0x1}) (async)
io_uring_enter(r1, 0x46f3, 0x0, 0x0, 0x0, 0x0) (async)
write(r4, &(0x7f0000000200)='~', 0x1)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff8000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='net/vlan/config\x00')
read$qrtrtun(r7, &(0x7f00000004c0)=""/57, 0x39)

16.830416298s ago: executing program 3 (id=2356):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404)

16.829774086s ago: executing program 3 (id=2357):
io_setup(0xeb0, &(0x7f0000000140)=<r0=>0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/udp\x00')
pread64(r2, &(0x7f00000013c0)=""/15, 0xf, 0x404)
io_submit(r0, 0x1, &(0x7f0000001780)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
r3 = socket$inet(0x2, 0x80001, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x100000, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
accept4(r4, 0x0, 0x0, 0x800)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x8)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r3, &(0x7f0000000180)={0x2, 0xce20, @empty}, 0x10)
ioctl$FIONCLEX(r2, 0x5450)
listen(r3, 0x3)
r5 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r5, &(0x7f0000000180)={0x2, 0xde20, @empty}, 0x10)
listen(r5, 0x3)
r6 = syz_open_dev$vbi(&(0x7f0000000180), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f00000001c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r6, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xb40, 0x870, 0x1, 0x1, 0xd59f82, 0x19f5, 0x4, 0x5, 0x0, 0x3, 0x27fd, 0x2800, 0x440, 0x3, 0xca56818c2ee5910d, 0x1, {0x45, 0x80}, 0xcd, 0x3}})
io_cancel(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)

16.656466485s ago: executing program 3 (id=2360):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$net_dm(&(0x7f00000000c0), r0)
sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0xe, r1, 0x200, 0x70bd28, 0x10000, {0x2}}, 0x14}}, 0x2000884)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f3f000000170a001700000000040037000d00110001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

14.999051848s ago: executing program 3 (id=2385):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'macsec0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x1184, 0x4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ES={0x5, 0xa, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x28011, r3, 0xaae46000)
syz_emit_ethernet(0x3e, &(0x7f0000000300)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x8, 0x4, 0x0, @private2, @local, {[], {0x0, 0x0, 0x8}}}}}}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2e, &(0x7f0000000000)=r0, 0x4)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fchdir(r5)
r6 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r6, 0x5452, &(0x7f00000001c0)=0x1)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000b40)=0xe)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x40, 0x80, 'syz0\x00', 0x8}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
ioctl$KVM_GET_NR_MMU_PAGES(r5, 0xae45, 0x80)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070200000ee6000abf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @multicast1}, {0x4e23, 0x17c1, 0x8}}}}}, 0x0)
close(r8)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000180)={0x5, &(0x7f0000000080)=[{0x4, 0xe0, 0x2, 0x2}, {0x200, 0x8, 0x1, 0x8}, {0x7, 0x1, 0x4, 0x554b}, {0x400, 0x0, 0x2, 0x8}, {0x5, 0x43, 0x31, 0x400}]})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r7, &(0x7f0000000100)=ANY=[], 0x280)
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000))
close_range(r3, r5, 0x2)

14.928884814s ago: executing program 33 (id=2385):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'macsec0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x1184, 0x4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ES={0x5, 0xa, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x28011, r3, 0xaae46000)
syz_emit_ethernet(0x3e, &(0x7f0000000300)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x8, 0x4, 0x0, @private2, @local, {[], {0x0, 0x0, 0x8}}}}}}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2e, &(0x7f0000000000)=r0, 0x4)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fchdir(r5)
r6 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r6, 0x5452, &(0x7f00000001c0)=0x1)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000b40)=0xe)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x40, 0x80, 'syz0\x00', 0x8}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
ioctl$KVM_GET_NR_MMU_PAGES(r5, 0xae45, 0x80)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070200000ee6000abf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @multicast1}, {0x4e23, 0x17c1, 0x8}}}}}, 0x0)
close(r8)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000180)={0x5, &(0x7f0000000080)=[{0x4, 0xe0, 0x2, 0x2}, {0x200, 0x8, 0x1, 0x8}, {0x7, 0x1, 0x4, 0x554b}, {0x400, 0x0, 0x2, 0x8}, {0x5, 0x43, 0x31, 0x400}]})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r7, &(0x7f0000000100)=ANY=[], 0x280)
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000))
close_range(r3, r5, 0x2)

1.330118742s ago: executing program 0 (id=2596):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) (async, rerun: 32)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x1, 0x0, 0x0, 0x1, 0x0, 0xfffd}, 0x20) (async, rerun: 32)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x4})
ioctl(r2, 0x8b32, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x0, 0x3, 0x1, 0x0, 0x54}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) (async)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) (async, rerun: 32)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001a00), 0x121b82, 0x0) (rerun: 32)
write$UHID_CREATE(r4, &(0x7f0000002a40)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x0, 0x0, 0x0, 0xfff, 0x8, 0x3, 0x8}}, 0x120) (async, rerun: 64)
r5 = fsmount(r1, 0x0, 0x0) (rerun: 64)
write$UHID_DESTROY(r5, &(0x7f0000000000), 0x4) (async, rerun: 64)
readahead(r3, 0x5, 0x4b2) (async, rerun: 64)
r6 = openat$cgroup_procs(r5, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000140), 0x12) (async)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b29090955f70e0dd038e7ff7fc6e5539b324c078b089b32313b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) (async)
setsockopt$inet6_tcp_int(r0, 0x6, 0x9, 0x0, 0x0)

1.329841098s ago: executing program 1 (id=2597):
r0 = socket(0x10, 0x3, 0x0)
syslog(0x2, &(0x7f0000001600)=""/10, 0xa)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000005200010000b3c73ee9b9109667c78e20dc00000004009e032754a2630200000200009908000100feffffff70f80b7ffd42262d0fdc5d2d880cc0184b6a15fc767f010087acea20f8d804dcec8dcd4e5d4b583718936f89fc4cbfe4dd238e09568e884a45eba619bf8d3dbc1d212ecc2f91e8b1a78d42c7ed8ad0d4fff0f7bfba3670c55fe9620f4e7983f2aef6c73b5e374e4ee0625e83d59384188d4e70fc3886be1290c4544e46da947fa5e22de886108f913cde76f0730429802f991da35d2b46c49055dc00"/212], 0x1c}}, 0x0)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec22, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000480)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x6, &(0x7f0000000380)=[{&(0x7f0000000280)=""/194, 0xc2}], 0x1})
r4 = syz_io_uring_setup(0x559d, &(0x7f0000000940)={0x0, 0xfa8f, 0x2000, 0x1, 0x35}, &(0x7f0000000080), &(0x7f00000002c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1c, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x8}}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x90)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r4, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1.329017491s ago: executing program 0 (id=2598):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0), 0x1a1201, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
syz_clone(0x18000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r1, 0x800c5012, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)

1.25061928s ago: executing program 4 (id=2599):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000440)='/dev/comedi0\x00', 0x101001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610434000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000140)={'comedi_bond\x00', [0x0, 0xf72, 0x7fffffff, 0x84e1, 0x2f, 0x2007, 0x7, 0x5, 0x8000, 0x2b000004, 0x0, 0x8500, 0x1003, 0x4, 0xffff, 0xffff, 0xffffffa8, 0xc53, 0x1ff, 0x6, 0x10, 0x0, 0x8, 0xe2df, 0x746f, 0x8, 0x5, 0x7, 0x1, 0x4]})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xda})

1.250492191s ago: executing program 0 (id=2600):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000906010200000000000000000500000205000100070000002c0007800c00148008000140e00000020c0001800800014064010100060004404e20f9ef05000700840000000900020073797a31"], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x4800)

1.250226948s ago: executing program 4 (id=2601):
r0 = socket(0x10, 0x2, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1a000, r0, &(0x7f0000000080)={0x10000000})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r4=>0xffffffffffffffff}, 0x106, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x820, @empty, 0x7ea}, {0xa, 0x4e24, 0x10000, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0xb}, r4, 0xfffffffb}}, 0x48)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000880)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x18}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x58}, 0x1, 0x0, 0x0, 0xc040}, 0x0)

1.238947817s ago: executing program 4 (id=2602):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000080000000850000002b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="180000000000000000000000000000001802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, 'lo\x00'}}, 0x1e)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000d80)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r2, 0x0, 0x12, 0x0, &(0x7f0000000340)="c1dfb080cd21d308098ee6889900", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x300, &(0x7f0000000180)=[0x6bd1a312, 0xec63, 0xff, 0x8, 0x98b9, 0x7ff, 0x0, 0x100000000000004, 0x10000, 0x100, 0x100, 0x0, 0x3, 0x5, 0x5, 0x49, 0x3fc, 0x4, 0x0, 0x9, 0x8, 0x7, 0x1c1, 0x1000000003, 0x40002, 0x2, 0x6, 0x7, 0x96, 0x1, 0xffffffff00000000, 0x5, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x3, 0x4, 0x8, 0x6, 0x6, 0x8000003, 0xa3de, 0x4e, 0x8, 0x5c3e, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffff8, 0x4, 0x40000e, 0x7, 0x0, 0x2000000e6, 0x200000000000101, 0x5, 0x100004, 0x63, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x5929, 0xe8, 0x80000000, 0xfffffffffffffc00, 0x2, 0x4, 0x2, 0x2, 0x7, 0x7, 0x3, 0x2, 0x8, 0xfff, 0x101, 0x4, 0x4, 0xab6, 0x4, 0x4, 0x1, 0x6, 0xb, 0x139790, 0x6, 0xe, 0x5, 0x400000000008061d, 0x10000003, 0x8, 0x6, 0x4, 0x4, 0x200, 0xfffffffffffffffc, 0xe53e, 0x2c, 0x8, 0x2293332f, 0x6, 0x8c7, 0x0, 0xd, 0x3, 0x5, 0x1, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x4cb, 0x8, 0x3, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb690, 0x3ffc00000, 0x8, 0x3]})
r3 = memfd_create(&(0x7f00000001c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0\xbc]\x12\xc0D\x9f\x80\x8f\xfe\xf2\xc2)\xccm\xacz\xc1\xad\xe4\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
write$binfmt_elf32(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03"], 0xd8)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.180234757s ago: executing program 0 (id=2603):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2040080}, 0x4000000)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ca9bd410991100b098a8010218010902120001000010000904"], 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000000c0)={0x0, 'batadv_slave_1\x00', {0x4}, 0xbfa})
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000015000103000000003417787c0a000000201ffd0a63adf5a8e36b5e790bb261be10866b7bbcf670906e07d3ca6c29ad3ebee4995abdb91acf6daf81c8cdbf0ba9bbe0af9cba662411b3b900a0e8e6bd074b"], 0x14}}, 0x20000080)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002, 0x0, 0x80}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@newqdisc={0x24c, 0x24, 0x300, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0x7}, {0x5}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}, @qdisc_kind_options=@q_choke={{0xa}, {0x20c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "6bdd952cb11437d2e721bdd28d11661a3af59e5c960d1f10caaa2104815088919e65d39b2f33aa8649bdbc32ec666d0052ca76ff7d046fd67caf973d868cf129e5385831a942d6d6a44a4ac7641a21f63d888b1ba744d3201f5abaaa8d710728a1f169fe8204a9d5e1f18616d292c27d39ef3168f696207a6642d898600ebe088d12fc940e35a4bf95df2bd0d3cdf25cf7459052c197a297a62e7526789955231621de0bbf16ac7dc4b68570d63886f09871a5020761fe67b1a092a38d727e9b692136bdd51e5d9a9c1342b2b007fb17d673af67e3b503734c85c29bb5d1c69075444bfac4258c18478440edb0b9bf12b59410df806ff6d86cf0e7581c81b7e6"}, @TCA_CHOKE_STAB={0x104, 0x2, "0fe33ec1ef574bb7207ec526a0a3da405aad438d72e708a6c17194c1d2ef6ee70411ab5dd4ce2d5305f7f9bc061d12fbdcb68757f84aeb85be29162238e1ce33a12b3c7e980c913758785bc1531bb155e22cef84e3f23e095c859203aeae4637019302135c8f938a7a0111e27af133775d8ad9b2e2b5bbed052ccfb9d276ac67ff7a693bf67616c36ec6f209912883677c90b090e1937ed6deb8d18bb46af213afb9fd6a9c2a3763d1ae176f704f208f2f99e737d0ea7720345540ecd43effa56f8925af78ad732ee473fc60d12f0ad64a816eeb16a7fec6748a7cab17df302791968242465978a3444606f3a3075e2330379675e886107124b216b9046f7a81"}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xff}]}, 0x24c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x7)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x1b, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x96}}, 0x1c}}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f00000004c0)={r4, @in={{0x2, 0xfffe, @empty}}, 0x1, 0x7ffe}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000001c0)={r4, @in={{0x2, 0x4e24, @empty}}, 0x100000, 0x5, 0x0, 0x1f4, 0x52, 0xfffffffc, 0x81}, 0x9c)
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="02c9a01c0018000500170514000500447838004d0003000300060044dc09000700b3b5c19d43da716ac4ac377f5c0711f2756eebdc21ef475b94a8a49a663c7fecd9a3cf4e9544c968a945b91c49b0eee93e392f6c685cad2b4da9ae3180915ca91a9b1acbd813f7de08a4d167ad0889d5c2001d1c229bdbca24aa787047723f568acee1e656f2dbb1050a88ad212eaab354b9c0b80368723f6429e186fb4bbe6a330511faa56af29b78303ea7351cd1378a98ac6116a5920825ec55884ad202b3c650b22129dd591f8fd25ef474ee5735264ada42aeff01b9"], 0x21)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="3400000010000d042bbd7000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1026cf58ece95a02000002020000140012800a000100767863616e00"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x8800)
recvmsg$kcm(r6, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10000)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32], 0x10)

1.180021569s ago: executing program 4 (id=2604):
syz_emit_ethernet(0xfc0, &(0x7f0000000880)={@empty, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, @void, {@mpls_uc={0x8847, {[], @generic="c2cdb31f0274f2b77602625d694c7e5bc65c0315d650b755efd4c8c92c3063e0a4ff84a1950c84fb8907bc613fd41398eb1ff2ac4aa1f802cd6d9831b7672568030e4275dd1d7a52e9cc96d32dd140c835a34508d48f19488ac5d00d628549b50cb00ffb76e26b86602dfc69b0f2d0fa8b6fd86684142e7083cd8897487404fc4ed894b08ae0e0e2075a050f389520332f6f3cf983353d30505ada69c6c477157510a9782a7cc75ff31dc9adb7cb06f96fd35eac1dd490167c157214487016ecf62dc2382e98ec292cde810141af8043b133cd4a8be028212da9656111d7cfde0699360506db2cf281b967e97bb4d7ab8352f3c9c573d75f1aa21d8786b472544d8bdb93e712fa855f21307e83687e235562c36ffa63189fa179a73cc118912970fe51950949332af36993bbc074cea7bacc45be74d0e5457a65212bca5cec88cbec43f0a42621c1dc18a9e4f6e8726cee94c3eb7f230ebd3eae202bd1f3abbb65ae2736b384e4f42a9d8a752c5733c52149693a1fa4f90089525ee0d5178059e394283fb020d915f5984f958b1d8d89a98a24e60d0582ded2e34a87bc607915547e9f011d83da828a613f3c3d88cb94902354b8ade33a068d37f5af884eec0fac9079723dd825fe153e86004dbf69deaac354ef914c676e049f151711921566bad3baa25df90002fdd0fd39454113989f8e9bb62483a2cc9c1cf93c59e74739924d39cd59e18c31d36e69736fea4b56bc20e3bb07a47d7e561f0d9e9ee00c812abd968bceeddac6d42341f9e1aad0c793cc62cf9dd4024a9e49c60bfcc9101e684627e45b18c82a0861a2a8a2a5e2d6af869ff5888ae1b2077764f5c8136b3439a1b4c66071db84c0a00c8a77504f721769c3fe866bdad4c8f366b7a69037d8c4a5eaff46a4a0820746b39db4e9b06c79d54172e1a823a6838eca06fcb1869197eb00020388586bab69b77859fc28aeb99a87739137cc64475b6fa2c2873dd7449f1ecb9a19699b3389a0a6a15848777e85f6fe866b48a9cb9dd6cf7551bcb7b63f74dfd0712e6ec809af4ead32c545d5f7cd3ed79b29505cd83ac4fdbd5689a84907c632ece395e965c9b00760e0b70cf0fa56a2e9f709464583b2e486d742847f591153f4cea95dd8214f4d1e24bdb4f707226bf60e07703a8552d1b188d760cad168aac9c68303063242bfd47594705b10ed573377e2cd26e9285d15fa30618b198608820f40d337f5e75e4737c196fd11ae2979117cfd67ddcea20979bf7069fecc47ba95cd3e5cae272c7437f2a50a645fd02cea1ae828717dfaa0717c59bcc6e5990269ffbe2d73c0ef6e1d74255ad780251145961acc94886b05b78e5ce0d03af8762bf701d2d19cfaf64c5f21aed93e709419f3ed916a76be22b22b0ca6c5a71f5f803e411a3262ed02da6542db2582e45250005213916bae264719c374f9eac1b21db4b29c14774dc851e6acfc01b5aa6df370cdde1551fff36f8d478663372fc7e70c47cd46d0714d648205d96eeb5eba62d24973ef33e16384de916e99651b6cf90bd86e73ca94e4492866fc80f5eb4d95639ffc428c29060e07e2aa2869cee4644b51369a5913a96cb6514446202b85006660e1d594c86bc9617e2c89df9c043fe69f3f60bf7973d00d8bd2399ba0490434160467abf13d939f39cceebf779956f27c8ad11423dc772102f8b24e6f7ab4707722223bd45aa25716da2138f10096063726560cd8ba77cff71fdf56a5d24af4ea688a782c32ce10050bae20e31016203aa12f1e606e8f2b014d19a64f420604cc0c212f137393725143dd280a3dbdfc69098bea68d7d400b34ae88a228e16650f223fd7fe8ba09686cbc89cce130826fa6e84b7aa476bee123e85e9a27771b3aa1e9dbc222d051bc17ab83e5c8c292bdcf9c19d65a6a95ad65eac700045bd56e312337088ea6ef1726dc2b3e2cfe27fc868ad4aec0abd1bf8dc01ca52c5edab91d5e97edfebebf035ab569914f92f5e3e813023b3ec287d58864ff5d6aa0bb02024923170024a31d75c3ae36567cc083a4946278066d103fa49b946f3ef7c241966b32e291d0dd8ac1c7fbad07fba88a86c0a81830b1c395428894ab2037c946e15f5f915527ae739f6ec26113ba08851998fb6ec6424731b696b7e4ccd2bff49ac1f29bfd2eae8e8c833b2a8b941c43140cc109d31e8b9cd29c3023a50d4d7c8fe92f7ef206630e18484e1014e851837e1be39ce4aeac144600a3830e707f6b864e543da5c737895d8e5a44923b6b2cedd808abffd9247f6e7fc9d91ad8d7b3e6d6570c3acc06ccfcf496e221df96ff3f8898039dad11aee73226c21d53fb05dddb9ac3e5c9805a15b1330923ad23579d7a65acc436ef1c9a496b45477cb79d12eb5128738cbbaecf1eb6a61d0b6e41e94ef2616b92bb02d58522631fbca6b057dd5702e8e6eb3ae22b2882b583ace5ab3bfc6d895d45e1df33caa3fd1e51b6a7e01d2ed4c6c9a66de08254ff2e91cd3cfd46e6ce55f05ba72928d70166fb68db94480f37f035d400929e217a3c0a8891ac0420636f4ede09a16a32c5d2ab8e7547ca16b4089ff94ee62b502d0560cfe1f0a6ab266f05e50c0db2ab44b436f81c259eb6c9c5befcdf280ed4947084298e78346b1698875c6ae7e35e6502782beef0c93fd536fe48ad30f06da4ea9f784ca58cd4797ad74b7b75a6cfc3983099232d0880bda7157e5b70ff0802afc3a1fe29564f4aa4aab432745b6a803ee7c531694c888d15e2f6b81e3f3407da2a87292cc1ab83092a1199962ebaf1e269af65105781184ab9d1df00c35f5137a92d4b2c8c27becaa6690afed054e1803cba343329eb2c3860909738d51a36e2f249d9aa2b4be15cac521b5d3decf5ba20a4166004470b6163762f556f7f43c1eaa00d4e1c5e6c583fea6fa501cd193c7da0e3d49ea60130ea0096055e722e7e6d325f1d6ffac8779dd271d3914b87e65c521f31820bd2c4e29543de6ec6554d495081078464f901076583871ccbb744651eeb71142189c51713df96127ee281559c38b00aac5e60c3d0d4ed54a57ae2672f516c148eeaec88ef83c985bba8252bbea506c9ed3f69cb5b8f0ef40d88820b49f04256fc06822df8329cb8fda5eb6bc5ad3a053c51a195417681e74a0cef9e116d7028fc7799c617162078509a98e199280d23f53e39f9910405d2d0b35c4d8708e5f061f14f14cc2a3e07f40204d7ca3499efee220b54faea028e1c86fe7015352ac29ec89d0b6b70c1f34ae863fc09e308d17fe9b66448fb41b87f3bea82328d5450f545579322059827b740c61218dce03218034722c94460a94b90803505227c3c34c1922dfbb2f428806a29b3994f56284061c32089be6ca5602d50b624e4d916cc652ee5180811b89707c1cd06caffa17780c8a320c549c8e8518e1fcad3f2c6beb4ee5a02b6f03d81badbb2591008173afde0c194ed3664da7fef1d37d433bd83b2ee56aa838de3987e0cab89c224ad7d949dde88e025eb1df02e175ac67679ea635ffa428276ef9c34ac57eab6ea54a2774ed5419cccf04bf8db2204c6308dd19c43b85502030de570770e3bb06f254b069bf3573085a88822e9da092381226d0405020d09293695f6b175a931f6c655a7f2be94f1af8cf53d5203612a3a99e9ca93884359ce9119b6d517dd6f198c1fbfebb09e20e5fd19477d80565c06cb6e5063e7b9f2197ad03e92da0ebf4db82d916df43958e0e12e3a8acdc9f953ad33a1d5394fef2debe9321800b362f1378314951954bd19ded1d37562b0db6995b2b87ad9392613bbf766bec07ee833fd9f3642c0dbe6584bc578072dc18a9203fa0fd08605635c0cba17c93fae3f5898b684ca53ea31a0599adce31b870ad6563742aba1ae1f0294cdaf45ba400ac112c84b3720cf3fe71c5a8e9bcbb956cb793f8f002e690b227898611489c71b802dcd4b67af3754060086778bc0fe8e175b3bcd349435e3e9834e638ebf774338bd741ea956789ef063437584c2d3196af34dff7e09c4c579f0279e2eeb3b6e4e2fc823b4349c493c9f5475f46c20b35f7b7d5ed4a7eadc28da0f1e1f47b4e03bf4ed69b55ed1bc803601cebea81f2981ec80ba9cd9650b5c3bd9823694a0d2cac386fa162e3481a79d17d3c44a8e17c3f67cdab7c72eece4d12fa7f58e4f911d81a909db341d99df6f5c879bb3e2eb2468bf21544e83c00ed8a5ef2b907d27b2e275bd206a347208cc3a1addee14775624fde579d25bfbea37516ca9e9e686bc5de70fe5dc66f7e7eaf65bbf108e32d18fc7b69549e7cf6d68c73630e4ebb16e06671040951baf6ffcf8878e5c5dfad903e0ab920232c5379e7e93131583233b84efc99bbd845bcf07836c7ad985edbd1320d408fbd8ef7e8c97ffcd6f89cd6e1d6a8cd4bfa681b5c5f8f2b033a16bfc2fcc0bdc1946af47221fcb74301c8fd8aa8219422bd87074b10cf8f8287b3602a908f26bb267faf3162cc34467ea15ffd784737921cb048841792b9597bedb6cb49e2a725977f322b143fceb91b99793d3b6689b45e804e9fe18ad284bea566c7be20ce195363714afadef519a6320a341fa2d159d9764b13d1330acf589c0c4e6944af66059525df1fe421b815115aed93992fece9f75dacc0ac6df6ac5401c6f1651e91f028ab3ef51a52c2df8c22070b61a776120301b32e0de63f27f8dc558064796560867ac2a14b1b72c9bb6938f98ab0f7c33d32ed27b51aeaa10698972d79b6b49dc96f09ca6d926cae45700856e5804d82bb00bd90b33bb76b645369d9c6abb3dbac90a5e371d7c875f3199b96b23ab136d4cafdd999b8c72ce23eb0467b6bd881fc1f3c3249ba87f7ba3f386b7a248e451585e368bb196277145093dd6f28d3de74504bfefa816c1060d0b34d8525f1e92b492773748691c45191301228b00762210eee91c37e4ed2c264b59e5976bc351b66d267e6c9770c3f51d240c96f68a98e3a08abf49d54dc854945bd0ba692af1f0ff75c5b29ca999150c2ba3e15a1dab8446fa63f0552efbd2c1b568e19606b8d1ea0066ed690f192d3aefa21a68fb313f18b1120c6ed11a32703b1526b1dac81133d644e29fdba3e1db8165028d6b782e1a803f154b9520dcc76072bd77d231c481e6f855e9b4fdc5d6d83bf3a1eca79928d31f3c28a738244badbded0fc6dd2ab5f2d5c569da7228457a650d25ddd894eb2e60bcb11fa5f9b8daddf37431d3eec9873faf753e6d28c7146ac0ae11c3cfd4f62659211fe4ef6273caaba223cfad1afda29fdbc83cf22cc730a46b95bde9e6a242bb78759c2db3a52a74b6e8f696c1ebd2046060133ecf544c5159c3be44dc99e9b2c47186b3cc91a775c8c18f213529b644d19429350922765303e12e24b23372b15446413cf8b2843f37321285826fa78c3c4f75685eb3c25a86dc3dcd8197efb887dc3fbc6f250cc7a7f06fe26c2bf1bef1f8a1ef1904860b870b3d260322285063f0e152bb151453c12cd152fa25571e7000d54d3bddc26bdc8a5ce5a3d39c1483e2772e469cf2a364c22cb2cc09a1832ea824fd8c51e55443083e7954cab48ce1f58115b7de25648969b0f77756801f66d1892f7c8076394d50c8d47b6050566a69856dbe257c6f98c9d1dfa8e039e1cfe7652b8d0ede75d96cfcd9fb420b1f172b09c6bb97eaebb7d8e26dc"}}}}, 0x0)
setuid(0xee00)
setpriority(0x1, 0x0, 0xffffffffffffffff)
ustat(0x8d, &(0x7f0000000000))

1.070412159s ago: executing program 4 (id=2605):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
r2 = fanotify_init(0x10, 0x2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r2, 0x41, 0x8000038, r3, 0x0)
fanotify_mark(r2, 0x80, 0x0, r3, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[], 0x14}}, 0x800)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56551, 0x4, 0xfffffffe, {0x0, 0x0, 0x0, r5, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x9, 0x1, 0x0, 0x59b, 0xffffffff, 0x1100000}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

1.009082391s ago: executing program 5 (id=2609):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'hsr0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xc}, {0xfff3, 0x8}}}, 0x24}}, 0x20040000)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x14, r5, 0x1, 0x2, 0x0, {0x37}}, 0x14}}, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x84, r5, 0x0, 0x70bd27, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x7bc}, {0x6, 0x11, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x4}}]}, 0x84}, 0x1, 0x0, 0x0, 0x4051}, 0x44000)

1.009022543s ago: executing program 1 (id=2610):
mount(&(0x7f0000000140)=@md0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='bfs\x00', 0x0, 0x0)
gettid()

929.364309ms ago: executing program 1 (id=2611):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x4, &(0x7f0000000480)=@framed={{}, [@exit]}, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) (async)
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040), 0x2, 0x0)

928.842087ms ago: executing program 1 (id=2612):
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x2, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0x2]}})
timerfd_create(0x7, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xcc\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\xae\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5\x00\x00\x00\x00\x00\x00\x00\x05L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\x06\x00\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xaaw\xbe\xd0\xd0\xc8d\x96G\xcf\x066\x84\x82-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10\x04\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x2)
r2 = syz_io_uring_setup(0xccb, &(0x7f00000000c0)={0x0, 0x3232, 0x0, 0x0, 0x2eb}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000180)=<r4=>0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000400)=[r1, r2], 0x2)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000140)={r6, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000200)={r6, 0x1, 0x6, @local}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r7, 0x107, 0x8, &(0x7f0000000000)=0xf3f, 0x4)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000011006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'macvlan1\x00', <r10=>0x0})
sendto$packet(r8, &(0x7f00000001c0)="330520000a00160006007ef52f555f2ab34eb67eabe2dffebf30f8784f997bea54fefe714c6b9e7dae76f98691ffb71675553f", 0x33, 0x4040801, &(0x7f0000000000)={0x11, 0x8, r10, 0x1, 0x5f, 0x6, @local}, 0x14)
recvmmsg(r7, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x400000080001001, 0x0, 0x0, 0x22})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r11 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080), 0x2202, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{<r12=>0x0}, {}]})
ioctl$DRM_IOCTL_NEW_CTX(r11, 0x40086425, &(0x7f0000000140)={r12, 0x2})
r13 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r13, 0x0, 0xcf, &(0x7f0000000000), &(0x7f0000000040)=0x4)

860.065196ms ago: executing program 5 (id=2613):
io_uring_setup(0x25f5, &(0x7f00000000c0)={0x0, 0xc63b, 0x0, 0x0, 0x1})
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe)
socket$l2tp(0x2, 0x2, 0x73)
socket$l2tp(0x2, 0x2, 0x73)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r3, r4, 0x4, 0x0, @void}, 0x10)
r5 = dup2(r2, r1)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r7 = syz_open_dev$media(&(0x7f0000000100), 0x0, 0x600)
preadv(r7, &(0x7f0000001400)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x3, 0x5)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9)
r9 = add_key$user(&(0x7f0000000280), &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000001740)="3ebad0a53d535d229c433bc405ef687e434c2df7108f099029f26368b829e312d23d34040000000200d6e24f37d5095f839f9aa3507d74f7526f2440e7988da94ccd868dd8741d4043eba0b6070000004a0900a75bfd611b2d7ae6aa1d056c2c5116a6160ca76becfbabaea60204dc55ea02d43c809e0ed6e56163fdab317afd5c34d614367d9a83c200b9c5bbf98fb5d7f490df65d316eb937ea3465375a5ab6c4620b9b14971d06704a50a2dee3cdcae0794322dc0b3365332c5e26c3d86ff29cbf14aab0365ca6416321ee2c215b079ac9d73d392ca12a65a9abdef71f44c5dd80490589bad7dc3cb2cdaab41809004b6df49bf246ad8e831d4d782041dabb3877046329b59fe49c1ef5b82bf110bd98136aa8c09e55b9660c4907035b8184de3cb23f81cb3368c54d756d7b2fa441f60f54ded045dfd8293f33f88fcf4ec0bc0ce251607dcf71c8589672674cd13214ce7b241cd879089da83616741bde8120325ed9c29142bcf", 0x169, r8)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r6, r9}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
r10 = add_key$fscrypt_provisioning(&(0x7f00000001c0), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)={0x2, 0x0, @auto=[0x13, 0x2a, 0x3c]}, 0xb, r8)
keyctl$unlink(0x9, r10, r8)
io_uring_setup(0x25f5, &(0x7f00000000c0)={0x0, 0xc63b, 0x0, 0x0, 0x1}) (async)
add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe) (async)
socket$l2tp(0x2, 0x2, 0x73) (async)
socket$l2tp(0x2, 0x2, 0x73) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) (async)
socket$unix(0x1, 0x5, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) (async)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0) (async)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r3, r4, 0x4, 0x0, @void}, 0x10) (async)
dup2(r2, r1) (async)
close_range(r5, 0xffffffffffffffff, 0x0) (async)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) (async)
syz_open_dev$media(&(0x7f0000000100), 0x0, 0x600) (async)
preadv(r7, &(0x7f0000001400)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x3, 0x5) (async)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) (async)
add_key$user(&(0x7f0000000280), &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000001740)="3ebad0a53d535d229c433bc405ef687e434c2df7108f099029f26368b829e312d23d34040000000200d6e24f37d5095f839f9aa3507d74f7526f2440e7988da94ccd868dd8741d4043eba0b6070000004a0900a75bfd611b2d7ae6aa1d056c2c5116a6160ca76becfbabaea60204dc55ea02d43c809e0ed6e56163fdab317afd5c34d614367d9a83c200b9c5bbf98fb5d7f490df65d316eb937ea3465375a5ab6c4620b9b14971d06704a50a2dee3cdcae0794322dc0b3365332c5e26c3d86ff29cbf14aab0365ca6416321ee2c215b079ac9d73d392ca12a65a9abdef71f44c5dd80490589bad7dc3cb2cdaab41809004b6df49bf246ad8e831d4d782041dabb3877046329b59fe49c1ef5b82bf110bd98136aa8c09e55b9660c4907035b8184de3cb23f81cb3368c54d756d7b2fa441f60f54ded045dfd8293f33f88fcf4ec0bc0ce251607dcf71c8589672674cd13214ce7b241cd879089da83616741bde8120325ed9c29142bcf", 0x169, r8) (async)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r6, r9}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) (async)
add_key$fscrypt_provisioning(&(0x7f00000001c0), &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)={0x2, 0x0, @auto=[0x13, 0x2a, 0x3c]}, 0xb, r8) (async)
keyctl$unlink(0x9, r10, r8) (async)

859.817996ms ago: executing program 5 (id=2614):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000280))
r2 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000001c0)={0x0, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x2, 0x180000, 0x1}, 0x1c)
recvmsg$unix(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
mkdirat(0xffffffffffffff9c, 0x0, 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg$kcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)}, 0x1)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000200))
rename(0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
read(r4, &(0x7f0000000f00)=""/43, 0x2b)

750.384162ms ago: executing program 1 (id=2615):
r0 = socket(0x28, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x1, 0x101801)
ioctl$SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f0000000000)=0x18)
write(r0, &(0x7f0000000140)="2600000014004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)

748.962493ms ago: executing program 1 (id=2616):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=""/48, 0x30}, {&(0x7f0000000ac0)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/250, 0xfa}, {&(0x7f00000001c0)=""/36, 0x24}], 0x4, &(0x7f0000000240)=""/197, 0xc5}, 0x261)

620.051863ms ago: executing program 5 (id=2617):
read$FUSE(0xffffffffffffffff, &(0x7f0000000480)={0x2020}, 0x2020)

619.719683ms ago: executing program 5 (id=2618):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0xa, [@struct={0x8, 0x1, 0x0, 0xf, 0x0, 0x10005, [{0x2, 0x5, 0xa}]}, @var={0x4, 0x0, 0x0, 0xe, 0x2}]}, {0x0, [0x30, 0x0, 0x0, 0xcf, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f00000001c0)=""/257, 0x4a, 0x101, 0x6}, 0x28)
r0 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ioctl$CDROMEJECT(r2, 0x5309) (async)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x28011, r2, 0x0)
readlink(&(0x7f0000000040)='./file0/file0/file0/file0/file0\x00', &(0x7f0000000080)=""/167, 0xa7) (async)
sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback}, 0x1c) (async)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x3d10, 0x4) (async)
sendto$inet6(r1, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000005580)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/132, 0x84}, 0xb}], 0x1, 0x40010040, 0x0) (async, rerun: 32)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x0, 0xffffff95}) (rerun: 32)

430.086481ms ago: executing program 5 (id=2619):
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='limits\x00')
read$msr(r0, &(0x7f0000000180)=""/174, 0xae)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000002740)=ANY=[@ANYBLOB], 0x14}], 0x1}, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_rsp={{0x18, 0x4, 0x8}, {0x1ff, 0x3, 0x1}}}}, 0x15)
openat$kvm(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x2})
io_uring_enter(0xffffffffffffffff, 0x4c6e, 0xc67a, 0xc, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x627, 0x4c1, 0x43, 0x0, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
read$eventfd(r3, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r6, 0xc008ae88, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002536702500000000690040007b1af8ff00000000bfa1000000e0000007010000f8ffffffb7020000080600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x1c}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xcab5, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)

239.782763ms ago: executing program 4 (id=2620):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='rxrpc_recvmsg\x00', r0}, 0x10)
r1 = socket(0x21, 0x2, 0x10000000000002)
connect$rxrpc(r1, &(0x7f0000000040)=@in4={0x21, 0x100, 0x2, 0x10, {0x2, 0x4000, @dev={0xac, 0x14, 0x14, 0x27}}}, 0x24)
sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000002d40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

249.048µs ago: executing program 0 (id=2621):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x3, 0x0, 0x3, 0x0, 0x2, 0x6, 0x10, 0x301, 0x38, 0xffffffff, 0xf, 0x0, 0x20, 0x3f, 0x4, 0x0, 0x4}}, 0x58)
close(r0)
execve(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000040)={0xd64e, 0x18, [{0x7, 0x1}, {0x3}, {0x3, 0x1}, {0x33}, {0xb, 0x1}, {0xf}, {0x9, 0x1}, {0x3}, {0x8, 0x1}, {0xd}, {0x5}, {0x8}, {0xb}, {0xc}, {0x9, 0x1}, {0x2}, {0xd, 0x1}, {0x1}, {0xd}, {0x7}, {}, {0x9}, {0x5}, {0x1, 0x1}]})

0s ago: executing program 0 (id=2622):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1/../file0\x00', 0x400, 0x108)
mkdirat(r0, &(0x7f0000000240)='./bus\x00', 0x186)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r1 = open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0xfffffffffffffffc, 0x5, 0x7, 0x3, 0x1, {0x400000080001, 0xfd, 0x20ff, 0x8, 0xe, 0xd615, 0x9, 0x3, 0xfffffffc, 0x8000, 0x0, 0x0, 0x0, 0x5, 0x6}}, {0x0, 0x1f}}}, 0xa0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, &(0x7f0000000200)={0xc, r4})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r3, 0x3b70, &(0x7f00000000c0)={0x18})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x0, @loopback=0x7f000000}})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x891c, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffc}})

0s ago: executing program 0 (id=2623):
pipe(&(0x7f0000000200)) (async)
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0, 0xe2, &(0x7f0000000500)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x21, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
r5 = openat$cgroup_ro(r0, &(0x7f0000000900)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r5, 0x8008973) (async)
ftruncate(r5, 0x8008973)
writev(r5, &(0x7f0000000440)=[{&(0x7f0000000e80)="94d1f2e1ab95afe67e299cbc47530ccadacb8ecabe3c73ac55d925a0d52a79ceedae83cf90a1789f07fbde8a75991d1e775ce7bdb15e59273429b52a246643318051f60e", 0x44}, {&(0x7f0000000200)="18dff49858454fa491119b39f4ec02355402d69d02218513b580502ab73969fb7558b897e3b30d7d9c163303e86c133317f29d7e6e36c73e48253f01c272ec92fbc348244d10ce2c6bf23ea037d0557d84d20daea2bf7c058abfe432abbd8e9caa85ad0b8735520934a1d67b761b5dc37cf6e5f8c97d4bd70594b5a70a07775b2be008eed722b8555654b1c72c9847787cac29cbaa00434abf377f953fe1f06ff3cbe07550b6a7bde2bc7d5c5b68753a4d94bdeb60c704ec50fc674079ea876dfba754ac108a5b9c6ad9dfbf1b1349e3df787b38ca6398943f11669967824c3e4370e238708d7738c140b959ba9a5694b614843e20687d700d106af3bd3e0ee40e08d9da17775707616c3c1c36df68b824bde8511a60ff3f013d1d9d90c0395185874fd065c3381c77613c906a6c01389e9f4ac6f952a87eec7ad0fa512d75cc9c717c4794986b23c9df14bf2c03137e1e2467b9da0db51f983f480060c13147f5a8ff3620db7d4db5d3dd5a19493a775bfaf0f357f966cf06c8de2de53e04d00066", 0x182}, {&(0x7f0000000f00)="f48ed488b79c19020b12c847a2b2bd6910d9e9dde186c648318dcc169dff39a3990286898efed16221dab719543a20fc028c0d910d5faa93e1681842fa9c6d5fe96a168e3320464326fbfd8a129db351f0d5f9a328a4358e5c0334de68436dd2b6c2502f45f248d2a7f0ebaafd021a8b306e63dd563b492896f4c09e6d5dc738b5bdc947bc7d209c1b04445155481e33fc1ef3329e34267522cae90ee707e7cbb9ca3065d53f2e86949582355a7b2cca99e1504cb2ff0c6ad674e7ceb632351c38ff3aacd22c389c43bcfeb4a4cbec9d41813f520eace7e54347a8dc9e44cd8687a97ce0ed8a2ced68318e8b8361db585ed78e80b2f7af86e42d9b8bf132a33d851e", 0x102}, {&(0x7f0000000c40)="202bb0415639f0c1e98ad3c35ba126faa9e43e618c9679bae2c30304d1850473f4102215ea2a192d9901b0785473c381e7904a63aba8ed92e2c3d8daf88f68dd5f5d04804a0331ff16ba0ccb9c36956022c1f7656660e773c38b9cf90e3d684ca95b5283b1ff10efc0b8351d0fe7423a3e5158c1e0e4831ecc8df81a0f8827e5c49556cabf334789727d6414d056bd6fb1a1311c748dfdc72879c6091c30be23580eecd40e8c40713768764e450ab8d5d28c905d5b4dc64f1a", 0xb9}, {&(0x7f0000000d00)="845a6ee005638b2ad5dfa946f0633199a56cfa28b954f52ce3bc96ed1ffc361391d7d17045334ce9d5bce43aec5764594c6990570a911f8e19b67ac28237444f36db4d873eb720364e02738406b1db285123e01365ddb94decdbe7fb481edcddf8fc77a271c54201dd827c7283600fda09663bac7efb887e41cb330805bbba05cea8248bad80d8c3df57d2b83ce207239a2f0efd1c414d737315e3a650cd62caad58b3f1bb8b3732b3fa1ed3d38a9088490ba4a8c694e3c07f5953bdff4a145188e9c60155529b3ba1595fbce830268d5a21eec04c46e1950d2f167ff9fff49cd6111017294bf8c5", 0xe8}, {&(0x7f00000004c0)="9d2aba98f0b975bf7210f7e7d7d3e223f4d186282fe89a5b99d5c2ea2863634e543819ec0ae3fcdfd6c5ad048df8fe8110603326b3fd088763e7d695fcff918a8c5c1f7ea86505918c7773e5d247f6d714fb99e7a86dc53673d48d61d079cbf2c7298d22ddedc4103338fd0af6f0b5308ca1c7d34f26fb9f964c1d2b42173024df139d7b2146635a6002ce9d439265593fda27820c4899009d0e9e64542b5eae59df7a197bb1dfff597e2886a314b6b00b56664a0829b5bac45860aa6c1f7be92f29cd82a3ac64d6cd312390bd6cd3535dd6f9ecc3c92cb40196d68e610e4e7e99b9e9aaceeb9887ecbeb0c369c44b6aae92a0b646e48fec4280c10a1f1cc2fe4d1d51c72b983e2f2c3a05cb91d26c7132d821b05e26bafcd4c7699639f7003d62d112f5c2f6f8c6939bd812e16e6a6927ebb45ab6a66e4630f1476f48a113f0a89235a085e14b166a7ce525308ae322aea9b9805b6392c4280b509679503ccbbe137d6185ff25437e5e4e6240a4a07e4051c6d030da271f946171b1ade790bdf2289c5e0ddcb33de11961264734ce77e04f94c330dac130362d5af3a5754cd69f72271157c82dd4ecf473f8b1bebcb5b9eaff0933322ca28291c278bd7f623eefc3779d980b9c39c1753488fb90ff8f4e0ce31b6e7f945f1feb0e0089b9e375c52218fbc945459f3861a6b197c74afafd944167eb991ea18ca878b59212e8d7172f6a64969eb647282588e5a54f2bc01b8f6bc43a407ce57ff99cd078e9865e2dbd0f5463", 0x225}], 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1c, 0xa, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x1}, [@generic={0x6, 0x1, 0x4, 0x4, 0xffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, @ldst={0x3, 0x2, 0x3, 0x2, 0x0, 0xfffffffffffffffc, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f0000000180)='GPL\x00', 0xff, 0xeb, &(0x7f0000000400)=""/235, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r4, r5, 0x9, &(0x7f0000000740)=[r0, r0, r1, r1], &(0x7f0000000780)=[{0x5, 0x4, 0xe, 0x1}, {0x3, 0x3, 0x5841, 0x2}, {0x0, 0x2, 0x6, 0xa}, {0x4, 0x3, 0x9, 0x3}, {0x2, 0x3, 0xc, 0x9}, {0x4, 0x3, 0x0, 0xa}, {0x3, 0x3, 0x7, 0x7}, {0x1, 0x3, 0x10, 0x2}, {0x1, 0x4, 0xe, 0x3}], 0x10, 0xfffffff8}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1c, 0xa, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x1}, [@generic={0x6, 0x1, 0x4, 0x4, 0xffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, @ldst={0x3, 0x2, 0x3, 0x2, 0x0, 0xfffffffffffffffc, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f0000000180)='GPL\x00', 0xff, 0xeb, &(0x7f0000000400)=""/235, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, r4, r5, 0x9, &(0x7f0000000740)=[r0, r0, r1, r1], &(0x7f0000000780)=[{0x5, 0x4, 0xe, 0x1}, {0x3, 0x3, 0x5841, 0x2}, {0x0, 0x2, 0x6, 0xa}, {0x4, 0x3, 0x9, 0x3}, {0x2, 0x3, 0xc, 0x9}, {0x4, 0x3, 0x0, 0xa}, {0x3, 0x3, 0x7, 0x7}, {0x1, 0x3, 0x10, 0x2}, {0x1, 0x4, 0xe, 0x3}], 0x10, 0xfffffff8}, 0x94)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x90, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0xe9d, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x9, 0xffffffff}, 0xd0, 0x9}}) (async)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x90, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0xe9d, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x9, 0xffffffff}, 0xd0, 0x9}})
r6 = shmget$private(0x0, 0x1000, 0x800, &(0x7f0000ffc000/0x1000)=nil)
shmctl$IPC_RMID(r6, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
r7 = fcntl$dupfd(r2, 0x0, r0)
ioctl$TCFLSH(r7, 0x400455c8, 0x2) (async)
ioctl$TCFLSH(r7, 0x400455c8, 0x2)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000080)=0x2)
setsockopt$ax25_SO_BINDTODEVICE(r7, 0x101, 0x19, &(0x7f0000000000)=@rose={'rose', 0x0}, 0x10)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0xfc) (async)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0xfc)

kernel console output (not intermixed with test programs):

text=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  202.802432][T11027] netlink: 'syz.3.1616': attribute type 2 has an invalid length.
[  202.806839][ T6865] usb 5-1: device descriptor read/64, error -71
[  202.927292][T11034] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1619'.
[  202.952765][   T24] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  202.958317][   T24] em28xx 6-1:0.0: board has no eeprom
[  203.076620][ T6865] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  203.145758][T11050] random: crng reseeded on system resumption
[  203.226607][ T6865] usb 5-1: device descriptor read/64, error -71
[  203.295845][T11055] fuse: Bad value for 'group_id'
[  203.298024][T11055] fuse: Bad value for 'group_id'
[  203.336887][ T6865] usb usb5-port1: attempt power cycle
[  203.532529][T11061] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1627'.
[  203.560367][T11063] fuse: Bad value for 'fd'
[  203.696753][ T6865] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  203.700582][T11068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1629'.
[  203.703869][T11068] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1629'.
[  203.717216][ T6865] usb 5-1: device descriptor read/8, error -71
[  203.956750][ T6865] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  203.987545][ T6865] usb 5-1: device descriptor read/8, error -71
[  204.027202][T10961] em28xx 6-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  204.096847][ T6865] usb usb5-port1: unable to enumerate USB device
[  204.099471][   T24] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  204.099488][   T24] em28xx 6-1:0.0: dvb set to bulk mode.
[  204.100133][ T5935] em28xx 6-1:0.0: Binding DVB extension
[  204.109802][   T24] usb 6-1: USB disconnect, device number 19
[  204.112170][   T24] em28xx 6-1:0.0: Disconnecting em28xx
[  204.138453][ T5935] em28xx 6-1:0.0: Registering input extension
[  204.140968][   T24] em28xx 6-1:0.0: Closing input extension
[  204.156821][   T24] em28xx 6-1:0.0: Freeing device
[  204.342418][T11109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1646'.
[  204.367023][ T5935] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  204.496638][ T5935] usb 5-1: device descriptor read/64, error -71
[  204.746690][ T5935] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  204.886784][ T5935] usb 5-1: device descriptor read/64, error -71
[  205.007151][ T5935] usb usb5-port1: attempt power cycle
[  205.193353][T11119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1649'.
[  205.197161][T11119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1649'.
[  205.366601][ T5935] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  205.545731][T11139] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  205.578258][ T5935] usb 5-1: device not accepting address 25, error -71
[  205.692305][T11145] binder: BINDER_SET_CONTEXT_MGR already set
[  205.695020][T11145] binder: 11144:11145 ioctl 4018620d 200000000100 returned -16
[  205.699643][T11145] binder: BINDER_SET_CONTEXT_MGR already set
[  205.701586][T11145] binder: 11144:11145 ioctl 4018620d 2000000002c0 returned -16
[  206.271763][T11177] nft_compat: unsupported protocol 0
[  206.556267][T11186] syz.1.1670(11186): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  206.628288][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1671'.
[  206.631933][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1671'.
[  206.648082][T11188] netlink: 'syz.3.1671': attribute type 1 has an invalid length.
[  206.677416][T11188] 8021q: adding VLAN 0 to HW filter on device bond2
[  206.697259][T11188] 8021q: adding VLAN 0 to HW filter on device bond2
[  206.700363][T11188] bond2: (slave ip6gre0): The slave device specified does not support setting the MAC address
[  206.704441][T11188] bond2: (slave ip6gre0): Error -95 calling set_mac_address
[  206.722901][T11188] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51 sclass=netlink_route_socket pid=11188 comm=syz.3.1671
[  206.728283][T11188] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  206.934524][   T40] kauditd_printk_skb: 57 callbacks suppressed
[  206.934533][   T40] audit: type=1400 audit(1762670528.529:831): avc:  denied  { ioctl } for  pid=11205 comm="syz.3.1678" path="socket:[46113]" dev="sockfs" ino=46113 ioctlcmd=0x4942 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  206.937138][T11206] syzkaller1: entered promiscuous mode
[  206.969093][    C0] vkms_vblank_simulate: vblank timer overrun
[  206.994283][T11206] IPVS: set_ctl: invalid protocol: 4 0.0.0.0:20003
[  206.999578][T11205] delete_channel: no stack
[  207.021980][T11211] random: crng reseeded on system resumption
[  207.094588][T11218] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  207.095659][   T40] audit: type=1400 audit(1762670528.689:832): avc:  denied  { read } for  pid=11212 comm="syz.0.1681" lport=53299 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  207.127084][T11222] macvlan2: entered promiscuous mode
[  207.128711][T11222] macvlan2: entered allmulticast mode
[  207.130664][T11222] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  207.207287][T11231] hugetlbfs: syz.2.1688 (11231): Using mlock ulimits for SHM_HUGETLB is obsolete
[  207.249225][T11235] geneve2: entered promiscuous mode
[  207.250904][T11235] geneve2: entered allmulticast mode
[  207.258474][   T40] audit: type=1400 audit(1762670528.859:833): avc:  denied  { accept } for  pid=11232 comm="syz.1.1689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  207.265459][T11238] loop2: detected capacity change from 0 to 128
[  207.296299][T11237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1691'.
[  207.299301][T11237] bridge_slave_1: left allmulticast mode
[  207.301144][T11237] bridge_slave_1: left promiscuous mode
[  207.303032][T11237] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.309223][T11237] bridge_slave_0: left allmulticast mode
[  207.311756][T11237] bridge_slave_0: left promiscuous mode
[  207.314387][T11237] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.776325][T11268] netlink: zone id is out of range
[  207.818474][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1703'.
[  207.889113][T11284] batadv_slave_1: entered promiscuous mode
[  207.892164][T11284] batadv_slave_1: left promiscuous mode
[  208.000015][T11298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1712'.
[  208.003200][T11298] netlink: 'syz.1.1712': attribute type 30 has an invalid length.
[  208.077983][T11315] fuse: Bad value for 'fd'
[  208.087523][T11317] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1718'.
[  208.091299][T11317] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  208.094468][T11317] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  208.116723][ T5935] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  208.144292][T11326] netlink: 'syz.1.1722': attribute type 15 has an invalid length.
[  208.146922][T11326] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1722'.
[  208.146995][T11327] netlink: 'syz.1.1722': attribute type 15 has an invalid length.
[  208.153169][T11327] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1722'.
[  208.171919][T11331] overlayfs: failed to clone upperpath
[  208.184296][T11331] --map-set only usable from mangle table
[  208.185625][T11335] overlayfs: failed to clone upperpath
[  208.228697][T11346] ICMPv6: NA: aa:aa:aa:aa:aa:00 advertised our address fe80::aa on syz_tun!
[  208.255192][T11341] overlayfs: failed to resolve './file0': -40
[  208.269455][ T5935] usb 8-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  208.274857][ T5935] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.278752][ T5935] usb 8-1: Product: syz
[  208.280089][ T5935] usb 8-1: Manufacturer: syz
[  208.281544][ T5935] usb 8-1: SerialNumber: syz
[  208.300291][T11364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1736'.
[  208.303114][T11364] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1736'.
[  208.305933][T11364] netlink: 'syz.0.1736': attribute type 12 has an invalid length.
[  208.310211][  T841] IPVS: starting estimator thread 0...
[  208.321259][   T40] audit: type=1400 audit(1762670529.919:834): avc:  denied  { getopt } for  pid=11368 comm="syz.2.1738" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  208.344446][   T40] audit: type=1326 audit(1762670529.939:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11372 comm="syz.0.1739" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c72b8f6c9 code=0x50000
[  208.355732][   T40] audit: type=1326 audit(1762670529.939:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11372 comm="syz.0.1739" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c72b8f6c9 code=0x50000
[  208.363250][   T40] audit: type=1326 audit(1762670529.939:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11372 comm="syz.0.1739" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c72b8f6c9 code=0x50000
[  208.370808][   T40] audit: type=1326 audit(1762670529.939:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11372 comm="syz.0.1739" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c72b8f6c9 code=0x50000
[  208.378303][   T40] audit: type=1326 audit(1762670529.939:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11372 comm="syz.0.1739" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c72b8f6c9 code=0x50000
[  208.385555][   T40] audit: type=1326 audit(1762670529.939:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11372 comm="syz.0.1739" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c72b8f6c9 code=0x50000
[  208.416772][T11367] IPVS: using max 47 ests per chain, 112800 per kthread
[  208.472605][T11390] macvtap1: entered promiscuous mode
[  208.474350][T11390] macvtap1: entered allmulticast mode
[  208.476206][T11390] veth1_to_bridge: entered allmulticast mode
[  208.478992][T11390] veth1_to_bridge: entered promiscuous mode
[  208.481358][T11390] team0: Device macvtap1 failed to register rx_handler
[  208.484496][T11390] veth1_to_bridge: left allmulticast mode
[  208.486337][T11390] veth1_to_bridge: left promiscuous mode
[  208.723979][ T5935] rtl8150 8-1:1.0: couldn't reset the device
[  208.726085][ T5935] rtl8150 8-1:1.0: probe with driver rtl8150 failed with error -5
[  208.731843][ T5935] usb 8-1: USB disconnect, device number 16
[  208.782830][T11416] netlink: 'syz.2.1753': attribute type 1 has an invalid length.
[  208.786126][T11416] nbd: couldn't find device at index -2127233020
[  208.946675][T11418] geneve2: entered promiscuous mode
[  208.949086][T11418] geneve2: entered allmulticast mode
[  209.125347][T11425] netlink: 'syz.2.1757': attribute type 1 has an invalid length.
[  209.247421][T11442] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  209.284546][T11445] dns_resolver: Unsupported content type (234)
[  209.293324][T11449] netlink: 'syz.2.1766': attribute type 3 has an invalid length.
[  209.505894][T11466] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=37 sclass=netlink_tcpdiag_socket pid=11466 comm=syz.2.1771
[  209.673195][T11480] kvm: MWAIT instruction emulated as NOP!
[  209.910025][T11498] policy can only be matched on NF_INET_PRE_ROUTING
[  209.910041][T11498] unable to load match
[  210.150408][T11517] netlink: 'syz.0.1792': attribute type 1 has an invalid length.
[  210.267658][T11530] gretap2: entered promiscuous mode
[  210.271451][T11530] bond1: (slave gretap2): making interface the new active one
[  210.274373][T11530] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  210.450029][T11542] netlink: 'syz.2.1800': attribute type 64 has an invalid length.
[  210.554632][T11546] autofs: Bad value for 'uid'
[  210.556395][T11546] autofs: Bad value for 'uid'
[  211.074500][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.077226][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.079538][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.082954][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.085350][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.088200][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.090484][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.092791][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.095272][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.097674][ T6865] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  211.105585][ T6865] hid-generic 0003:0004:0000.0009: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  211.128153][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.134944][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.143332][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.154023][T11599] fido_id[11599]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  211.287252][T11598] infiniband syz1: set active
[  211.288876][T11598] infiniband syz1: added xfrm0
[  211.295335][ T6865] xfrm0 speed is unknown, defaulting to 1000
[  211.325248][T11598] RDS/IB: syz1: added
[  211.329211][T11598] smc: adding ib device syz1 with port count 1
[  211.331407][T11598] smc:    ib device syz1 port 1 has no pnetid
[  211.335337][ T6865] xfrm0 speed is unknown, defaulting to 1000
[  211.367066][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.383463][T11629] netlink: zone id is out of range
[  211.488495][T11640] FAULT_INJECTION: forcing a failure.
[  211.488495][T11640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.496012][T11640] CPU: 2 UID: 0 PID: 11640 Comm: syz.3.1834 Not tainted syzkaller #0 PREEMPT(full) 
[  211.496027][T11640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.496033][T11640] Call Trace:
[  211.496048][T11640]  <TASK>
[  211.496052][T11640]  dump_stack_lvl+0x16c/0x1f0
[  211.496085][T11640]  should_fail_ex+0x512/0x640
[  211.496106][T11640]  _copy_from_user+0x2e/0xd0
[  211.496125][T11640]  move_addr_to_kernel+0x65/0x170
[  211.496137][T11640]  __sys_connect+0xb1/0x160
[  211.496148][T11640]  ? __pfx___sys_connect+0x10/0x10
[  211.496164][T11640]  ? __pfx_ksys_write+0x10/0x10
[  211.496177][T11640]  __x64_sys_connect+0x72/0xb0
[  211.496188][T11640]  ? lockdep_hardirqs_on+0x7c/0x110
[  211.496204][T11640]  do_syscall_64+0xcd/0xfa0
[  211.496214][T11640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.496225][T11640] RIP: 0033:0x7f199878f6c9
[  211.496233][T11640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.496243][T11640] RSP: 002b:00007f1999624038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  211.496253][T11640] RAX: ffffffffffffffda RBX: 00007f19989e5fa0 RCX: 00007f199878f6c9
[  211.496260][T11640] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000006
[  211.496266][T11640] RBP: 00007f1999624090 R08: 0000000000000000 R09: 0000000000000000
[  211.496272][T11640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.496278][T11640] R13: 00007f19989e6038 R14: 00007f19989e5fa0 R15: 00007fff6202c4f8
[  211.496291][T11640]  </TASK>
[  211.529860][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.661010][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.734092][T11665] overlayfs: failed to clone lowerpath
[  211.762237][T11598] xfrm0 speed is unknown, defaulting to 1000
[  211.833173][T11673] could not allocate digest TFM handle cbcmac-aes-neon
[  211.867916][ T5935] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  212.016707][ T5935] usb 8-1: Using ep0 maxpacket: 8
[  212.020529][ T5935] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  212.024742][ T5935] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  212.028881][ T5935] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.033060][ T5935] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.036481][ T5935] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  212.046596][ T5935] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.053473][ T5935] hub 8-1:1.0: bad descriptor, ignoring hub
[  212.055533][ T5935] hub 8-1:1.0: probe with driver hub failed with error -5
[  212.058310][ T5935] cdc_wdm 8-1:1.0: skipping garbage
[  212.060019][ T5935] cdc_wdm 8-1:1.0: skipping garbage
[  212.063367][ T5935] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  212.065921][ T5935] cdc_wdm 8-1:1.0: Unknown control protocol
[  212.305309][T11692] sg_read: process 1266 (syz.3.1837) changed security contexts after opening file descriptor, this is not allowed.
[  212.329446][T11653] cdc_wdm 8-1:1.0: Error submitting int urb - -90
[  212.364994][T11653] validate_nla: 75 callbacks suppressed
[  212.365004][T11653] netlink: 'syz.3.1837': attribute type 32 has an invalid length.
[  212.370780][T11653] __nla_validate_parse: 81 callbacks suppressed
[  212.370795][T11653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1837'.
[  212.385844][T11653] bond3: Setting coupled_control to off (0)
[  212.507518][  T840] usb 8-1: USB disconnect, device number 17
[  212.546090][   T40] kauditd_printk_skb: 121 callbacks suppressed
[  212.546101][   T40] audit: type=1400 audit(1762670534.139:962): avc:  denied  { map } for  pid=11709 comm="syz.0.1857" path="socket:[45510]" dev="sockfs" ino=45510 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  212.555903][   T40] audit: type=1400 audit(1762670534.139:963): avc:  denied  { read accept } for  pid=11709 comm="syz.0.1857" path="socket:[45510]" dev="sockfs" ino=45510 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  212.643257][T11717] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1859'.
[  212.647945][T11717] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  212.697678][ T6094] IPVS: starting estimator thread 0...
[  212.700581][T11721] IPVS: nq: FWM 3 0x00000003 - no destination available
[  212.703199][    C0] IPVS: nq: FWM 3 0x00000003 - no destination available
[  212.717346][   T40] audit: type=1400 audit(1762670534.319:964): avc:  denied  { getopt } for  pid=11718 comm="syz.1.1860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  212.720386][T11719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1860'.
[  212.727881][T11719] bridge_slave_1: left allmulticast mode
[  212.730259][T11719] bridge_slave_1: left promiscuous mode
[  212.732830][T11719] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.735156][T11725] /dev/nullb0: Can't lookup blockdev
[  212.739220][T11719] bridge_slave_0: left allmulticast mode
[  212.741016][T11719] bridge_slave_0: left promiscuous mode
[  212.743567][T11719] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.786636][T11722] IPVS: using max 46 ests per chain, 110400 per kthread
[  212.950079][   T40] audit: type=1400 audit(1762670534.549:965): avc:  denied  { write } for  pid=11741 comm="syz.3.1867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  212.984687][   T40] audit: type=1400 audit(1762670534.579:966): avc:  denied  { write } for  pid=11745 comm="syz.3.1869" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  213.024803][   T40] audit: type=1400 audit(1762670534.619:967): avc:  denied  { setopt } for  pid=11754 comm="syz.3.1871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  213.031109][T11757] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  213.032094][   T40] audit: type=1400 audit(1762670534.619:968): avc:  denied  { bind } for  pid=11756 comm="syz.1.1872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  213.035589][T11757] overlayfs: missing 'lowerdir'
[  213.103590][T11765] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1876'.
[  213.109612][T11765] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11765 comm=syz.1.1876
[  213.174112][T11774] CIFS mount error: No usable UNC path provided in device string!
[  213.174112][T11774] 
[  213.177557][T11774] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  213.220810][   T40] audit: type=1400 audit(1762670534.819:969): avc:  denied  { map } for  pid=11770 comm="syz.1.1879" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  213.229401][   T40] audit: type=1400 audit(1762670534.819:970): avc:  denied  { execute } for  pid=11770 comm="syz.1.1879" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  213.568169][T11809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1892'.
[  213.685831][T11818] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1896'.
[  213.766113][T10365] udevd[10365]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  214.070208][T11845] IPv6: addrconf: prefix option has invalid lifetime
[  214.233725][   T40] audit: type=1326 audit(1762670535.829:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11861 comm="syz.3.1906" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f199878f6c9 code=0x0
[  215.120346][T11870] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  215.123546][T11870] overlayfs: missing 'lowerdir'
[  215.282715][T11876] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  215.352694][T11876] hsr_slave_1 (unregistering): left promiscuous mode
[  215.506203][T11878] binder: BINDER_SET_CONTEXT_MGR already set
[  215.508904][T11878] binder: 11877:11878 ioctl 4018620d 2000000000c0 returned -16
[  215.512151][T11878] binder: 11877:11878 unknown command 0
[  215.514665][T11878] binder: 11877:11878 ioctl c0306201 200000000080 returned -22
[  215.521488][T11878] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=272 sclass=netlink_route_socket pid=11878 comm=syz.3.1912
[  215.531193][T11878] overlayfs: failed to resolve './file0': -2
[  215.579387][T11880] max out of range
[  215.656362][T11884] x_tables: duplicate underflow at hook 3
[  215.877744][T11887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11887 comm=syz.3.1916
[  215.882245][T11887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11887 comm=syz.3.1916
[  215.979328][T11904] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  216.468417][T11926] sch_tbf: burst 32852 is lower than device lo mtu (65550) !
[  216.586634][T11929] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1930'.
[  216.600548][T11929] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1930'.
[  216.652144][T11934] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  216.655794][T11934] overlayfs: failed to set xattr on upper
[  216.658230][T11934] overlayfs: ...falling back to redirect_dir=nofollow.
[  216.661081][T11934] overlayfs: ...falling back to index=off.
[  216.663544][T11934] overlayfs: ...falling back to uuid=null.
[  216.666031][T11934] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  216.821419][T11944] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1934'.
[  216.916778][ T5935] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  217.010702][T11954] netlink: 'syz.1.1939': attribute type 1 has an invalid length.
[  217.023770][T11954] bond4: entered promiscuous mode
[  217.025626][T11954] 8021q: adding VLAN 0 to HW filter on device bond4
[  217.098050][ T5935] usb 8-1: config index 0 descriptor too short (expected 45, got 36)
[  217.101276][ T5935] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  217.105661][ T5935] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  217.109940][ T5935] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  217.114220][ T5935] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  217.120182][ T5935] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  217.123801][ T5935] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.129086][ T5935] usb 8-1: config 0 descriptor??
[  217.132765][T11934] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  217.539166][ T5935] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd
[  217.547300][ T5935] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  217.657753][T11969] __nla_validate_parse: 2 callbacks suppressed
[  217.657763][T11969] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1944'.
[  217.663673][T11969] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1944'.
[  217.672468][T11969] geneve2: entered promiscuous mode
[  217.674138][T11969] geneve2: entered allmulticast mode
[  217.676723][ T9634] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  217.679324][ T9634] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  217.682299][ T9634] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  217.684897][ T9634] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  217.712371][T11971] netlink: 'syz.2.1945': attribute type 23 has an invalid length.
[  217.804559][  T841] usb 8-1: USB disconnect, device number 18
[  218.070938][T11982] rdma_op ffff888055c771f0 conn xmit_rdma 0000000000000000
[  218.155938][T11984] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1950'.
[  218.161793][   T40] kauditd_printk_skb: 33182 callbacks suppressed
[  218.161806][   T40] audit: type=1400 audit(1762670539.759:34154): avc:  denied  { ioctl } for  pid=11983 comm="syz.1.1950" path="socket:[48698]" dev="sockfs" ino=48698 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  218.253364][   T40] audit: type=1400 audit(1762670539.849:34155): avc:  denied  { map } for  pid=11987 comm="syz.1.1951" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  218.296246][T11990] mkiss: ax0: crc mode is auto.
[  218.473628][T12010] tmpfs: Cannot change global quota limit on remount
[  218.476302][T12010] tmpfs: Bad value for 'size'
[  218.483461][   T40] audit: type=1400 audit(1762670540.079:34156): avc:  denied  { name_bind } for  pid=12011 comm="syz.3.1958" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  218.771258][T12032] overlay: ./file0 is not a directory
[  218.774132][T12032] overlayfs: failed to clone upperpath
[  218.903110][T12041] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1965'.
[  218.950726][T12046] sctp: [Deprecated]: syz.0.1967 (pid 12046) Use of int in max_burst socket option deprecated.
[  218.950726][T12046] Use struct sctp_assoc_value instead
[  218.957761][   T40] audit: type=1400 audit(1762670540.559:34157): avc:  denied  { bind } for  pid=12045 comm="syz.0.1967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  219.109554][   T40] audit: type=1400 audit(1762670540.709:34158): avc:  denied  { getopt } for  pid=12058 comm="syz.0.1971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  219.132221][T12061] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1972'.
[  219.135869][T12061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1972'.
[  219.155290][T12061] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1972'.
[  219.160017][T12061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1972'.
[  219.347539][   T40] audit: type=1326 audit(1762670540.949:34159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12015 comm="syz.3.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f199878f6c9 code=0x7fc00000
[  219.354991][   T40] audit: type=1326 audit(1762670540.949:34160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12015 comm="syz.3.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f199878f6c9 code=0x7fc00000
[  219.362340][   T40] audit: type=1326 audit(1762670540.949:34161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12015 comm="syz.3.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f199878f6c9 code=0x7fc00000
[  219.371143][   T40] audit: type=1326 audit(1762670540.949:34162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12015 comm="syz.3.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f199878f6c9 code=0x7fc00000
[  219.378870][   T40] audit: type=1326 audit(1762670540.949:34163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12015 comm="syz.3.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f199878f6c9 code=0x7fc00000
[  219.411116][T12067] overlayfs: failed to clone upperpath
[  219.415572][T12067] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1974'.
[  219.941132][T12094] overlayfs: failed to clone lowerpath
[  220.247607][T12108] netlink: 'syz.0.1988': attribute type 4 has an invalid length.
[  220.506696][   T64] Bluetooth: hci4: command 0x1003 tx timeout
[  220.506916][ T5291] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  236.093835][T12136] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1997'.
[  236.104851][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  236.104866][   T40] audit: type=1400 audit(1762670557.699:34172): avc:  denied  { create } for  pid=12133 comm="syz.1.1997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  236.116071][   T40] audit: type=1400 audit(1762670557.699:34173): avc:  denied  { bind } for  pid=12133 comm="syz.1.1997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  236.125074][   T40] audit: type=1400 audit(1762670557.719:34174): avc:  denied  { setattr } for  pid=12133 comm="syz.1.1997" name="/" dev="9p" ino=71827691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  236.125504][T12136] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1997'.
[  236.137828][T12151] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1999'.
[  236.150255][T12155] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2003'.
[  236.150336][T12136] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  236.158015][T12155] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.161437][T12157] netlink: 'syz.0.2003': attribute type 3 has an invalid length.
[  236.164579][T12157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.460263][   T40] audit: type=1400 audit(1762670558.059:34175): avc:  denied  { ioctl } for  pid=12186 comm="syz.1.2009" path="/446/file0/file0" dev="9p" ino=71827835 ioctlcmd=0x8953 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  236.512527][T12191] netlink: 'syz.3.2011': attribute type 2 has an invalid length.
[  236.515712][T12191] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2011'.
[  236.524374][   T40] audit: type=1400 audit(1762670558.119:34176): avc:  denied  { map } for  pid=12186 comm="syz.1.2009" path="/446/file0/cgroup.controllers" dev="9p" ino=71827933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  236.635101][   T40] audit: type=1804 audit(1762670558.229:34177): pid=12187 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.2009" name="/newroot/446/file0/file0" dev="9p" ino=71827835 res=1 errno=0
[  236.756908][T12205] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2015'.
[  236.761532][T12205] 9pnet_virtio: no channels available for device syz
[  236.765836][T12205] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2015'.
[  236.775063][T12205] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  236.952302][T12213] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2018'.
[  237.139491][T12239] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2027'.
[  237.143362][T12240] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51 sclass=netlink_route_socket pid=12240 comm=syz.1.2027
[  237.148028][T12239] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51 sclass=netlink_route_socket pid=12239 comm=syz.1.2027
[  237.152607][T12239] tmpfs: Bad value for 'mpol'
[  237.178228][T12247] netlink: 1192 bytes leftover after parsing attributes in process `syz.2.2028'.
[  253.010668][   T40] audit: type=1400 audit(1762670574.609:34178): avc:  denied  { ioctl } for  pid=12255 comm="syz.0.2032" path="socket:[50363]" dev="sockfs" ino=50363 ioctlcmd=0x943c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  253.172432][T12288] __nla_validate_parse: 1 callbacks suppressed
[  253.172448][T12288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2042'.
[  253.178688][T12288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2042'.
[  253.188654][T12288] gretap0: entered promiscuous mode
[  253.210753][T12288] gretap0: left promiscuous mode
[  253.215502][T12292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2044'.
[  253.256645][  T841] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  253.306210][T12301] fuse: Bad value for 'fd'
[  253.308595][T12301] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2047'.
[  253.311433][T12301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2047'.
[  253.318275][   T46] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  253.318336][T12301] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2047'.
[  253.321568][   T46] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  253.324258][T12301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2047'.
[  253.328318][   T46] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  253.334110][   T46] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  253.385772][T12315] netlink: 27 bytes leftover after parsing attributes in process `syz.3.2051'.
[  253.407990][  T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.411685][  T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.414799][  T841] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  253.419249][  T841] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  253.421890][   T40] audit: type=1400 audit(1762670575.019:34179): avc:  denied  { node_bind } for  pid=12316 comm="syz.2.2052" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  253.422145][  T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.434279][  T841] usb 6-1: config 0 descriptor??
[  253.443114][T12319] xfrm0 speed is unknown, defaulting to 1000
[  253.563854][   T40] audit: type=1400 audit(1762670575.159:34180): avc:  denied  { unmount } for  pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  253.585605][T12331] fuseblk: Bad value for 'fd'
[  253.658445][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2058'.
[  253.662844][  T842] IPVS: starting estimator thread 0...
[  253.746785][T12338] IPVS: using max 47 ests per chain, 112800 per kthread
[  253.780991][T12342] IPVS: set_ctl: invalid protocol: 59 100.1.1.2:0
[  253.788497][T12344] netlink: 182 bytes leftover after parsing attributes in process `syz.0.2060'.
[  253.868056][  T841] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  253.883677][T12348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2052 sclass=netlink_route_socket pid=12348 comm=syz.0.2062
[  254.002821][   T40] audit: type=1800 audit(1762670575.599:34181): pid=12358 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.2065" name="file1" dev="overlay" ino=2791 res=0 errno=0
[  254.003307][T12358] evm: overlay not supported
[  254.042592][T12360] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31172 sclass=netlink_route_socket pid=12360 comm=syz.0.2066
[  254.080722][   T40] audit: type=1400 audit(1762670575.679:34182): avc:  denied  { read } for  pid=12363 comm="syz.0.2068" path="socket:[50471]" dev="sockfs" ino=50471 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  254.110995][   T40] audit: type=1800 audit(1762670575.709:34183): pid=12366 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.2069" name="bus" dev="tmpfs" ino=2993 res=0 errno=0
[  254.213589][T12371] x_tables: duplicate underflow at hook 1
[  254.689732][T12412] fuse: Unknown parameter '000000000000000000000030x0000000000000003'
[  255.092318][T12427] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.095751][T12427] bond0 (unregistering): Released all slaves
[  255.104338][T12426] tmpfs: Cannot change global quota limit on remount
[  255.107995][    C0] plantronics 0003:047F:FFFF.000B: usb_submit_urb(ctrl) failed: -1
[  255.114959][T12424] netlink: 'syz.2.2089': attribute type 10 has an invalid length.
[  255.149533][T12430] ip6gretap3: default qdisc (pfifo_fast) fail, fallback to noqueue
[  255.191524][   T40] audit: type=1800 audit(1762670576.789:34184): pid=12432 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.2092" name="bus" dev="overlay" ino=2866 res=0 errno=0
[  255.290887][   T40] audit: type=1400 audit(1762670576.889:34185): avc:  denied  { setopt } for  pid=12447 comm="syz.0.2097" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  255.318869][T12445] netlink: 'syz.2.2096': attribute type 7 has an invalid length.
[  255.321368][T12445] netlink: 'syz.2.2096': attribute type 8 has an invalid length.
[  255.335275][T12452] IPVS: set_ctl: invalid protocol: 210 10.1.1.0:20003
[  255.341602][T12454] cgroup: Invalid name
[  255.388630][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.400826][T12472] netlink: 'syz.0.2103': attribute type 30 has an invalid length.
[  255.497546][T12491] geneve2: entered promiscuous mode
[  255.502004][T12491] netlink: 'syz.3.2110': attribute type 11 has an invalid length.
[  255.539778][T12498] SELinux:  Context system_u:object_r:cron_log_t:s0 is not valid (left unmapped).
[  255.544342][   T40] audit: type=1400 audit(1762670577.139:34186): avc:  denied  { relabelto } for  pid=12497 comm="syz.3.2112" name="file0" dev="tmpfs" ino=2911 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:cron_log_t:s0"
[  255.550392][T12500] geneve2: entered promiscuous mode
[  255.555521][   T40] audit: type=1400 audit(1762670577.139:34187): avc:  denied  { associate } for  pid=12497 comm="syz.3.2112" name="file0" dev="tmpfs" ino=2911 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:cron_log_t:s0"
[  255.764610][T12519] program syz.1.2118 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  255.797542][T12522] xt_connbytes: Forcing CT accounting to be enabled
[  255.799921][T12522] set match dimension is over the limit!
[  255.888430][ T6094] usb 6-1: USB disconnect, device number 20
[  255.964820][T12538] team0 (unregistering): Port device team_slave_0 removed
[  255.970679][T12538] team0 (unregistering): Port device team_slave_1 removed
[  256.081667][T12547] loop5: detected capacity change from 0 to 7
[  256.094358][T12547]  loop5: [CUMANA/ADFS] p1 [ADFS] p1
[  256.096152][T12547] loop5: partition table partially beyond EOD, truncated
[  256.098732][T12547] loop5: p1 size 2989602745 extends beyond EOD, truncated
[  256.226761][ T6094] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  256.344566][T12560] netlink: 'syz.2.2132': attribute type 1 has an invalid length.
[  256.356668][ T6094] usb 6-1: device descriptor read/64, error -71
[  256.381199][T12560] 8021q: adding VLAN 0 to HW filter on device bond3
[  256.385878][T12560] bond0: (slave bond3): making interface the new active one
[  256.389601][T12560] bond0: (slave bond3): Enslaving as an active interface with an up link
[  256.401253][T12560] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.536596][  T840] usb 8-1: new full-speed USB device number 19 using dummy_hcd
[  256.596861][ T6094] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  256.645267][T12591] syz.0.2140: vmalloc error: size 136314880, failed to allocated page array size 266240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  256.653267][T12591] CPU: 3 UID: 0 PID: 12591 Comm: syz.0.2140 Not tainted syzkaller #0 PREEMPT(full) 
[  256.653290][T12591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.653300][T12591] Call Trace:
[  256.653307][T12591]  <TASK>
[  256.653313][T12591]  dump_stack_lvl+0x16c/0x1f0
[  256.653344][T12591]  warn_alloc+0x248/0x3a0
[  256.653371][T12591]  ? __pfx_warn_alloc+0x10/0x10
[  256.653404][T12591]  ? xt_alloc_entry_offsets+0x3f/0x60
[  256.653421][T12591]  ? __vmalloc_node_noprof+0xad/0xf0
[  256.653446][T12591]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  256.653474][T12591]  ? xt_alloc_entry_offsets+0x3f/0x60
[  256.653493][T12591]  ? __x64_sys_setsockopt+0xbd/0x160
[  256.653513][T12591]  ? do_syscall_64+0xcd/0xfa0
[  256.653528][T12591]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  256.653552][T12591]  ? ___kmalloc_large_node+0xed/0x160
[  256.653577][T12591]  __kvmalloc_node_noprof+0x431/0x9c0
[  256.653594][T12591]  ? xt_alloc_entry_offsets+0x3f/0x60
[  256.653610][T12591]  ? xt_alloc_entry_offsets+0x3f/0x60
[  256.653631][T12591]  ? xt_alloc_entry_offsets+0x3f/0x60
[  256.653645][T12591]  ? __might_fault+0x13b/0x190
[  256.653669][T12591]  xt_alloc_entry_offsets+0x3f/0x60
[  256.653684][T12591]  translate_table+0x22d/0x17b0
[  256.653710][T12591]  ? _copy_from_user+0x59/0xd0
[  256.653741][T12591]  ? __pfx_translate_table+0x10/0x10
[  256.653768][T12591]  do_ip6t_set_ctl+0x570/0xb00
[  256.653789][T12591]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  256.653820][T12591]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  256.653842][T12591]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  256.653871][T12591]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  256.653899][T12591]  nf_setsockopt+0x8d/0xf0
[  256.653926][T12591]  ipv6_setsockopt+0x135/0x170
[  256.653948][T12591]  rawv6_setsockopt+0xc2/0x510
[  256.653965][T12591]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  256.653983][T12591]  ? selinux_socket_setsockopt+0x6a/0x80
[  256.654009][T12591]  ? sock_common_setsockopt+0x2e/0xf0
[  256.654034][T12591]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  256.654062][T12591]  do_sock_setsockopt+0xf3/0x1d0
[  256.654091][T12591]  __sys_setsockopt+0x1a0/0x230
[  256.654116][T12591]  __x64_sys_setsockopt+0xbd/0x160
[  256.654136][T12591]  ? do_syscall_64+0x91/0xfa0
[  256.654151][T12591]  ? lockdep_hardirqs_on+0x7c/0x110
[  256.654176][T12591]  do_syscall_64+0xcd/0xfa0
[  256.654193][T12591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.654209][T12591] RIP: 0033:0x7f3c72b8f6c9
[  256.654224][T12591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.654238][T12591] RSP: 002b:00007f3c73a00038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  256.654255][T12591] RAX: ffffffffffffffda RBX: 00007f3c72de5fa0 RCX: 00007f3c72b8f6c9
[  256.654266][T12591] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  256.654275][T12591] RBP: 00007f3c72c11f91 R08: 0000000000000420 R09: 0000000000000000
[  256.654285][T12591] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.654295][T12591] R13: 00007f3c72de6038 R14: 00007f3c72de5fa0 R15: 00007ffc765c3838
[  256.654320][T12591]  </TASK>
[  256.654327][T12591] Mem-Info:
[  256.717791][  T840] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  256.718961][T12591] active_anon:29516 inactive_anon:35503 isolated_anon:0
[  256.718961][T12591]  active_file:2013 inactive_file:40728 isolated_file:0
[  256.718961][T12591]  unevictable:1768 dirty:164 writeback:0
[  256.718961][T12591]  slab_reclaimable:9685 slab_unreclaimable:72107
[  256.718961][T12591]  mapped:29464 shmem:57320 pagetables:1350
[  256.718961][T12591]  sec_pagetables:318 bounce:0
[  256.718961][T12591]  kernel_misc_reclaimable:0
[  256.718961][T12591]  free:401184 free_pcp:22716 free_cma:0
[  256.720414][  T840] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  256.722729][T12591] Node 0 active_anon:94300kB inactive_anon:142012kB active_file:7328kB inactive_file:162708kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:117856kB dirty:656kB writeback:0kB shmem:202016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:14320kB pagetables:5172kB sec_pagetables:1268kB all_unreclaimable? no Balloon:0kB
[  256.724494][  T840] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  256.726880][T12591] Node 1 active_anon:23764kB inactive_anon:0kB active_file:724kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:27264kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:228kB sec_pagetables:4kB all_unreclaimable? no Balloon:0kB
[  256.726926][T12591] Node 0 DMA free:5364kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:144kB inactive_anon:9528kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:276kB local_pcp:96kB free_cma:0kB
[  256.728887][  T840] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.730949][T12591] lowmem_reserve[]:
[  256.734818][T12557] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  256.736753][T12591]  0
[  256.738793][T12557] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  256.740524][  T840] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  256.741100][T12591]  1239
[  256.776720][ T6094] usb 6-1: device descriptor read/64, error -71
[  256.787237][T12591]  1239 1239 1239
[  256.838301][T12591] Node 0 DMA32 free:43968kB boost:0kB min:27580kB low:34472kB high:41364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:96760kB inactive_anon:132484kB active_file:7452kB inactive_file:162708kB unevictable:3536kB writepending:656kB zspages:76kB present:2080628kB managed:1269472kB mlocked:0kB bounce:0kB free_pcp:47276kB local_pcp:10884kB free_cma:0kB
[  256.848635][T12591] lowmem_reserve[]: 0 0 0 0 0
[  256.850163][T12591] Node 1 Normal free:1555276kB boost:0kB min:39660kB low:49572kB high:59484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23764kB inactive_anon:0kB active_file:724kB inactive_file:204kB unevictable:3536kB writepending:0kB zspages:0kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:39208kB local_pcp:13352kB free_cma:0kB
[  256.860339][T12591] lowmem_reserve[]: 0 0 0 0 0
[  256.861873][T12591] Node 0 DMA: 3*4kB (UM) 9*8kB (UM) 2*16kB (ME) 2*32kB (UE) 3*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 1*1024kB (E) 1*2048kB (E) 0*4096kB = 5364kB
[  256.866880][T12591] Node 0 DMA32: 48*4kB (UME) 45*8kB (ME) 113*16kB (UME) 60*32kB (ME) 35*64kB (UME) 47*128kB (UME) 30*256kB (UM) 10*512kB (UM) 14*1024kB (M) 2*2048kB (UM) 0*4096kB = 43768kB
[  256.872310][T12591] Node 1 Normal: 83*4kB (UME) 23*8kB (UME) 25*16kB (UM) 12*32kB (UME) 33*64kB (UME) 48*128kB (UME) 24*256kB (UME) 5*512kB (UM) 3*1024kB (UME) 7*2048kB (UM) 371*4096kB (UM) = 1555284kB
[  256.878011][T12591] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  256.880949][T12591] Node 0 hugepages_total=7 hugepages_free=0 hugepages_surp=3 hugepages_size=2048kB
[  256.883825][T12591] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  256.886747][T12591] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  256.889581][T12591] 100090 total pagecache pages
[  256.891129][T12591] 1 pages in swap cache
[  256.892488][T12591] Free swap  = 121644kB
[  256.893809][T12591] Total swap = 124996kB
[  256.895133][T12591] 1048443 pages RAM
[  256.896355][T12591] 0 pages HighMem/MovableOnly
[  256.896996][ T6094] usb usb6-port1: attempt power cycle
[  256.897886][T12591] 281762 pages reserved
[  256.901471][T12591] 0 pages cma reserved
[  256.949170][  T840] usb 8-1: USB disconnect, device number 19
[  257.246659][ T6094] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  257.267112][ T6094] usb 6-1: device descriptor read/8, error -71
[  257.507044][ T6094] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  257.527238][ T6094] usb 6-1: device descriptor read/8, error -71
[  257.546302][T12606] pim6reg: entered allmulticast mode
[  257.636901][ T6094] usb usb6-port1: unable to enumerate USB device
[  258.183324][T12640] __nla_validate_parse: 14 callbacks suppressed
[  258.183340][T12640] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2157'.
[  258.309239][T12659] xt_nfacct: accounting object `syz0' does not exist
[  258.686177][   T40] kauditd_printk_skb: 84 callbacks suppressed
[  258.686189][   T40] audit: type=1400 audit(1762670580.279:34272): avc:  denied  { getopt } for  pid=12662 comm="syz.2.2165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  258.687748][T12666] xt_l2tp: v2 sid > 0xffff: 1114112
[  258.696246][T12671] xt_l2tp: v2 sid > 0xffff: 1114112
[  258.698393][   T40] audit: type=1400 audit(1762670580.299:34273): avc:  denied  { execute } for  pid=12672 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  258.706978][   T40] audit: type=1400 audit(1762670580.299:34274): avc:  denied  { execute_no_trans } for  pid=12672 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  258.874286][   T64] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  258.880830][   T64] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  258.883684][   T64] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  258.888771][   T64] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  258.891354][   T64] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  258.907009][ T6865] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  258.911298][T12673] xfrm0 speed is unknown, defaulting to 1000
[  259.068114][ T6865] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.077436][ T6865] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.080492][ T6865] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  259.084450][ T6865] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  259.088134][ T6865] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.091945][ T6865] usb 8-1: config 0 descriptor??
[  259.098923][T12673] chnl_net:caif_netlink_parms(): no params data found
[  259.184037][T12673] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.186445][T12673] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.189005][T12673] bridge_slave_0: entered allmulticast mode
[  259.191909][T12673] bridge_slave_0: entered promiscuous mode
[  259.195697][T12673] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.199001][T12673] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.201892][T12673] bridge_slave_1: entered allmulticast mode
[  259.205091][T12673] bridge_slave_1: entered promiscuous mode
[  259.242868][T12673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.248861][T12673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.289925][T12673] team0: Port device team_slave_0 added
[  259.295594][T12673] team0: Port device team_slave_1 added
[  259.342352][T12673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.345145][T12673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  259.355249][T12673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.363492][T12673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.366396][T12673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  259.376323][T12673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.420705][T12673] hsr_slave_0: entered promiscuous mode
[  259.423046][T12673] hsr_slave_1: entered promiscuous mode
[  259.425225][T12673] debugfs: 'hsr0' already exists in 'hsr'
[  259.427219][T12673] Cannot create hsr debugfs directory
[  259.513310][ T6865] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  259.538632][T12673] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.542513][T12673] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.573406][   T40] audit: type=1800 audit(1762670581.169:34275): pid=12697 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.2174" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  259.612655][T12699] netlink: 'syz.2.2175': attribute type 4 has an invalid length.
[  259.615298][T12699] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2175'.
[  259.624156][T12673] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.627533][T12673] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.712159][T12673] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.715461][T12673] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.825478][T12673] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.829317][T12673] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.939315][T12724] netlink: 'syz.1.2181': attribute type 1 has an invalid length.
[  259.955795][T12724] 8021q: adding VLAN 0 to HW filter on device bond5
[  259.971822][T12724] 8021q: adding VLAN 0 to HW filter on device bond5
[  259.974135][T12724] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  259.977871][T12724] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  260.029477][T12729] veth3: entered promiscuous mode
[  260.032605][T12729] bond5: (slave veth3): Enslaving as an active interface with a down link
[  260.037930][T12729] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2181'.
[  260.041993][T12729] 8021q: adding VLAN 0 to HW filter on device bond5
[  260.051102][T12673] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  260.055895][T12673] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  260.067509][T12673] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  260.071858][T12673] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  260.088656][T12673] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.090966][T12673] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.093345][T12673] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.095650][T12673] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.098089][T12731] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2183'.
[  260.118799][ T9634] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.122514][ T9634] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.138974][T12673] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.147461][T12673] 8021q: adding VLAN 0 to HW filter on device team0
[  260.153723][  T224] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.156011][  T224] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.160046][T12739] usb usb4: usbfs: process 12739 (syz.1.2184) did not claim interface 0 before use
[  260.162927][   T78] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.166311][   T78] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.271810][T12673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.279583][T12745] bond0: (slave bond_slave_0): Releasing backup interface
[  260.302607][T12673] veth0_vlan: entered promiscuous mode
[  260.309871][T12673] veth1_vlan: entered promiscuous mode
[  260.324171][T12673] veth0_macvtap: entered promiscuous mode
[  260.329486][T12673] veth1_macvtap: entered promiscuous mode
[  260.337614][T12673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  260.344375][T12673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.350391][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.354182][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.358035][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.360872][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.365170][   T40] audit: type=1400 audit(1762670581.959:34276): avc:  denied  { write } for  pid=12746 comm="syz.1.2186" lport=60555 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  260.404183][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.406954][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.418877][   T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.421367][   T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.430671][   T40] audit: type=1400 audit(1762670582.029:34277): avc:  denied  { mounton } for  pid=12673 comm="syz-executor" path="/syzkaller.YflbDK/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  260.439324][   T40] audit: type=1400 audit(1762670582.029:34278): avc:  denied  { mounton } for  pid=12673 comm="syz-executor" path="/syzkaller.YflbDK/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=51154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  260.448353][   T40] audit: type=1400 audit(1762670582.049:34279): avc:  denied  { mounton } for  pid=12673 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  260.549828][   T40] audit: type=1400 audit(1762670582.149:34280): avc:  denied  { accept } for  pid=12759 comm="syz.0.2188" path="socket:[51157]" dev="sockfs" ino=51157 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  260.606719][ T6094] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  260.611430][T12764] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2190'.
[  260.680385][T12768] netlink: 264 bytes leftover after parsing attributes in process `syz.0.2191'.
[  260.707881][    C1] plantronics 0003:047F:FFFF.000C: usb_submit_urb(ctrl) failed: -1
[  260.759127][ T6094] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.762605][ T6094] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.765667][ T6094] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  260.769683][ T6094] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  260.772589][ T6094] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.776970][ T6094] usb 6-1: config 0 descriptor??
[  260.873195][T12773] xfrm0 speed is unknown, defaulting to 1000
[  260.906672][   T64] Bluetooth: hci4: command tx timeout
[  260.910694][   T40] audit: type=1400 audit(1762670582.509:34281): avc:  denied  { unmount } for  pid=12772 comm="syz.2.2200" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[  260.913331][T12775] usb usb4: usbfs: process 12775 (syz.0.2193) did not claim interface 0 before use
[  261.187825][ T6094] plantronics 0003:047F:FFFF.000D: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  261.442381][   T24] usb 6-1: USB disconnect, device number 25
[  261.442927][T12787] overlayfs: failed to clone upperpath
[  261.474323][T12787] tipc: Enabling of bearer <ud#:s> rejected, media not registered
[  261.480502][ T5935] usb 8-1: USB disconnect, device number 20
[  261.547397][T12789] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2197'.
[  262.018762][T12806] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2204'.
[  262.022556][T12806] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2204'.
[  262.257419][T12825] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2211'.
[  262.266854][   T10] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  262.296360][T12828] netlink: 'syz.1.2210': attribute type 1 has an invalid length.
[  262.298923][T12828] netlink: 'syz.1.2210': attribute type 4 has an invalid length.
[  262.330790][T12831] vim2m vim2m.0: vidioc_s_fmt queue busy
[  262.426660][   T10] usb 5-1: Using ep0 maxpacket: 16
[  262.429744][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  262.434407][   T10] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  262.437489][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.439997][   T10] usb 5-1: Product: syz
[  262.441315][   T10] usb 5-1: Manufacturer: syz
[  262.442786][   T10] usb 5-1: SerialNumber: syz
[  262.445492][   T10] usb 5-1: config 0 descriptor??
[  262.449047][   T10] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  262.451947][   T10] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  262.986720][   T64] Bluetooth: hci4: command tx timeout
[  263.051708][   T10] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  263.248605][T12857] IPVS: nq: FWM 3 0x00000003 - no destination available
[  263.459432][   T10] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  263.462044][   T10] em28xx 5-1:0.0: board has no eeprom
[  263.526661][ T6865] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[  263.529648][T12808] em28xx 5-1:0.0: write to i2c device at 0xfffe failed with unknown error (status=1)
[  263.547609][T12879] overlay: Bad value for 'redirect_dir'
[  263.613619][T12883] binder: 12882:12883 unknown command 0
[  263.615402][T12883] binder: 12882:12883 ioctl c0306201 200000000300 returned -22
[  263.645127][T12885] binder: BINDER_SET_CONTEXT_MGR already set
[  263.647178][T12885] binder: 12884:12885 ioctl 4018620d 2000000000c0 returned -16
[  263.651329][T12885] netlink: 'syz.3.2231': attribute type 4 has an invalid length.
[  263.653744][T12885] __nla_validate_parse: 4 callbacks suppressed
[  263.653751][T12885] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2231'.
[  263.688315][ T6865] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  263.692850][ T6865] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  263.697083][ T6865] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  263.698766][T12887] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  263.699973][ T6865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.706745][T12864] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  263.706809][T12864] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  263.709630][ T6865] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  263.712347][T12887] qnx6: wrong signature (magic) in superblock #1.
[  263.717656][T12887] qnx6: unable to read the first superblock
[  263.908222][ T6865] usb 6-1: USB disconnect, device number 26
[  263.918364][T12808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.922203][T12808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.977935][   T10] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  263.980546][   T10] em28xx 5-1:0.0: dvb set to bulk mode.
[  263.988067][  T840] em28xx 5-1:0.0: Binding DVB extension
[  263.991873][   T10] usb 5-1: USB disconnect, device number 27
[  264.006900][   T10] em28xx 5-1:0.0: Disconnecting em28xx
[  264.016684][  T840] em28xx 5-1:0.0: Registering input extension
[  264.020387][   T10] em28xx 5-1:0.0: Closing input extension
[  264.029363][   T10] em28xx 5-1:0.0: Freeing device
[  264.146632][  T841] usb 8-1: new full-speed USB device number 21 using dummy_hcd
[  264.158159][T12911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2239'.
[  264.308181][  T841] usb 8-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x4A, changing to 0xA
[  264.311786][  T841] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0xA has invalid maxpacket 220, setting to 64
[  264.315118][  T841] usb 8-1: config 0 interface 0 has no altsetting 0
[  264.319219][  T841] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  264.322053][  T841] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  264.324595][  T841] usb 8-1: Product: syz
[  264.325892][  T841] usb 8-1: Manufacturer: syz
[  264.327491][  T841] usb 8-1: SerialNumber: syz
[  264.330124][  T841] usb 8-1: config 0 descriptor??
[  264.332134][T12896] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  264.336483][  T841] usb 8-1: selecting invalid altsetting 0
[  264.499640][T12941] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2248'.
[  264.502735][T12941] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2248'.
[  264.539769][   T24] usb 8-1: USB disconnect, device number 21
[  264.604548][T12956] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2250'.
[  265.066766][   T64] Bluetooth: hci4: command tx timeout
[  265.121274][T12976] netlink: 504 bytes leftover after parsing attributes in process `syz.3.2257'.
[  265.386630][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  265.386644][   T40] audit: type=1326 audit(1762670586.979:34293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.399120][   T40] audit: type=1326 audit(1762670586.979:34294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.408950][   T40] audit: type=1326 audit(1762670586.979:34295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.417980][   T40] audit: type=1326 audit(1762670586.979:34296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.426974][   T40] audit: type=1326 audit(1762670586.979:34297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.434859][   T40] audit: type=1326 audit(1762670586.979:34298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.442884][   T40] audit: type=1326 audit(1762670586.979:34299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.450164][   T40] audit: type=1326 audit(1762670586.979:34300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.458083][   T40] audit: type=1326 audit(1762670586.979:34301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.465556][   T40] audit: type=1326 audit(1762670586.979:34302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.0.2250" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f248538f6c9 code=0x7fc00000
[  265.504315][T13002] qnx4: no qnx4 filesystem (no root dir).
[  265.703794][T13012] FAT-fs (nullb0): bogus number of reserved sectors
[  265.706077][T13012] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  265.912018][T13020] loop5: detected capacity change from 0 to 7
[  265.921319][T12749]  loop5: [CUMANA/ADFS] p1 [ADFS] p1
[  265.923756][T12749] loop5: partition table partially beyond EOD, truncated
[  265.927178][T12749] loop5: p1 size 2989602745 extends beyond EOD, truncated
[  265.942815][T13020]  loop5: [CUMANA/ADFS] p1 [ADFS] p1
[  265.945201][T13020] loop5: partition table partially beyond EOD, truncated
[  265.949234][T13020] loop5: p1 size 2989602745 extends beyond EOD, truncated
[  265.977550][T13029] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  265.980377][T13020] 8021q: adding VLAN 0 to HW filter on device bond1
[  266.041692][T13042] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2273'.
[  266.124424][T13049] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2278'.
[  266.858656][T13073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2289'.
[  266.862730][T13073] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2289'.
[  266.970282][T13073] fuseblk: Unknown parameter 'norecovery'
[  266.995020][T13057] 9pnet_fd: p9_fd_create_tcp (13057): problem connecting socket to 127.0.0.1
[  267.087987][T13098] /dev/sg0: Can't lookup blockdev
[  267.157737][   T64] Bluetooth: hci4: command tx timeout
[  267.583190][ T5291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  267.587364][ T5291] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  267.591450][ T5291] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  267.596190][ T5291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  267.599772][ T5291] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  267.621093][T13132] xfrm0 speed is unknown, defaulting to 1000
[  267.785085][T13132] chnl_net:caif_netlink_parms(): no params data found
[  267.856284][T13132] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.858683][T13132] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.860979][T13132] bridge_slave_0: entered allmulticast mode
[  267.863628][T13132] bridge_slave_0: entered promiscuous mode
[  267.866802][T13132] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.869142][T13132] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.871390][T13132] bridge_slave_1: entered allmulticast mode
[  267.873924][T13132] bridge_slave_1: entered promiscuous mode
[  267.914625][T13132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.920255][T13132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.962982][T13132] team0: Port device team_slave_0 added
[  267.967090][T13132] team0: Port device team_slave_1 added
[  268.006093][T13132] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.008730][T13132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  268.019403][T13132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.024726][T13132] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.027799][T13132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  268.037233][T13132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.078763][T13132] hsr_slave_0: entered promiscuous mode
[  268.081202][T13132] hsr_slave_1: entered promiscuous mode
[  268.083503][T13132] debugfs: 'hsr0' already exists in 'hsr'
[  268.085430][T13132] Cannot create hsr debugfs directory
[  268.209555][T13132] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  268.215732][T13132] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  268.220345][T13132] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  268.224448][T13132] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  268.240035][T13132] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.242132][T13132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.244337][T13132] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.246399][T13132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.283847][T13132] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.298611][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.302482][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.318217][T13132] 8021q: adding VLAN 0 to HW filter on device team0
[  268.325466][ T9634] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.327790][ T9634] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.333274][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.335524][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.441795][T13132] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.546987][ T6761] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  268.550613][T13132] veth0_vlan: entered promiscuous mode
[  268.555558][T13132] veth1_vlan: entered promiscuous mode
[  268.571219][T13132] veth0_macvtap: entered promiscuous mode
[  268.578443][T13132] veth1_macvtap: entered promiscuous mode
[  268.587384][T13132] batman_adv: batadv0: Interface activated: batadv_slave_0
[  268.594413][T13132] batman_adv: batadv0: Interface activated: batadv_slave_1
[  268.600289][ T9634] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.603065][ T9634] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.606139][ T9634] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.609392][ T9634] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.652834][  T224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.655279][  T224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.671001][  T224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.673460][  T224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.677166][ T6761] usb 5-1: device descriptor read/64, error -71
[  268.729855][T13218] __nla_validate_parse: 1 callbacks suppressed
[  268.729870][T13218] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2307'.
[  268.735752][T13220] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2307'.
[  268.743376][ T5291] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  268.743909][T13218] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  268.749452][ T5291] CPU: 1 UID: 0 PID: 5291 Comm: kworker/u33:1 Not tainted syzkaller #0 PREEMPT(full) 
[  268.749478][ T5291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.749491][ T5291] Workqueue: hci0 hci_rx_work
[  268.749520][ T5291] Call Trace:
[  268.749527][ T5291]  <TASK>
[  268.749534][ T5291]  dump_stack_lvl+0x16c/0x1f0
[  268.749566][ T5291]  sysfs_warn_dup+0x7f/0xa0
[  268.749590][ T5291]  sysfs_create_dir_ns+0x24b/0x2b0
[  268.749614][ T5291]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  268.749637][ T5291]  ? find_held_lock+0x2b/0x80
[  268.749665][ T5291]  ? do_raw_spin_unlock+0x172/0x230
[  268.749687][ T5291]  kobject_add_internal+0x2c4/0x9b0
[  268.749714][ T5291]  kobject_add+0x16e/0x240
[  268.749733][ T5291]  ? __pfx_kobject_add+0x10/0x10
[  268.749756][ T5291]  ? do_raw_spin_unlock+0x172/0x230
[  268.749777][ T5291]  ? kobject_put+0xab/0x5a0
[  268.749803][ T5291]  device_add+0x288/0x1aa0
[  268.749826][ T5291]  ? __pfx_dev_set_name+0x10/0x10
[  268.749850][ T5291]  ? __pfx_device_add+0x10/0x10
[  268.749872][ T5291]  ? mgmt_send_event_skb+0x2fb/0x460
[  268.749907][ T5291]  hci_conn_add_sysfs+0x17e/0x230
[  268.749937][ T5291]  le_conn_complete_evt+0x1260/0x2150
[  268.749970][ T5291]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  268.749996][ T5291]  ? hci_event_packet+0x459/0x11c0
[  268.750029][ T5291]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  268.750057][ T5291]  ? skb_pull_data+0x166/0x210
[  268.750082][ T5291]  hci_le_meta_evt+0x357/0x5e0
[  268.750109][ T5291]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  268.750139][ T5291]  hci_event_packet+0x685/0x11c0
[  268.750165][ T5291]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  268.750194][ T5291]  ? __pfx_hci_event_packet+0x10/0x10
[  268.750223][ T5291]  ? kcov_remote_start+0x3c9/0x6d0
[  268.750246][ T5291]  ? lockdep_hardirqs_on+0x7c/0x110
[  268.750288][ T5291]  hci_rx_work+0x2c5/0x16b0
[  268.750316][ T5291]  ? rcu_is_watching+0x12/0xc0
[  268.750344][ T5291]  process_one_work+0x9cf/0x1b70
[  268.750401][ T5291]  ? __pfx_process_one_work+0x10/0x10
[  268.750429][ T5291]  ? assign_work+0x1a0/0x250
[  268.750450][ T5291]  worker_thread+0x6c8/0xf10
[  268.750480][ T5291]  ? __pfx_worker_thread+0x10/0x10
[  268.750499][ T5291]  kthread+0x3c5/0x780
[  268.750515][ T5291]  ? __pfx_kthread+0x10/0x10
[  268.750533][ T5291]  ? rcu_is_watching+0x12/0xc0
[  268.750555][ T5291]  ? __pfx_kthread+0x10/0x10
[  268.750572][ T5291]  ret_from_fork+0x675/0x7d0
[  268.750586][ T5291]  ? __pfx_kthread+0x10/0x10
[  268.750603][ T5291]  ret_from_fork_asm+0x1a/0x30
[  268.750641][ T5291]  </TASK>
[  268.750662][ T5291] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  268.775403][T13218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2307'.
[  268.776928][ T5291] Bluetooth: hci0: failed to register connection device
[  268.778952][T13218] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2307'.
[  268.871771][T13218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2307'.
[  268.875372][T13218] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2307'.
[  268.880569][   T78] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  268.883507][   T78] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  268.888167][   T78] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  268.892663][   T78] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  268.926820][ T6761] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  268.989215][ T5291] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  268.994303][ T5291] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  268.998492][ T5291] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  269.002735][ T5291] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  269.008207][ T5291] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  269.057249][T13231] xfrm0 speed is unknown, defaulting to 1000
[  269.066670][ T6761] usb 5-1: device descriptor read/64, error -71
[  269.183913][ T6761] usb usb5-port1: attempt power cycle
[  269.236826][T13245] hub 2-0:1.0: USB hub found
[  269.239030][T13245] hub 2-0:1.0: 2 ports detected
[  269.282184][T13231] chnl_net:caif_netlink_parms(): no params data found
[  269.299660][T13249] random: crng reseeded on system resumption
[  269.360541][T13231] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.362783][T13231] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.365213][T13231] bridge_slave_0: entered allmulticast mode
[  269.368385][T13231] bridge_slave_0: entered promiscuous mode
[  269.372256][T13231] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.374766][T13231] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.377205][T13231] bridge_slave_1: entered allmulticast mode
[  269.379891][T13231] bridge_slave_1: entered promiscuous mode
[  269.414197][T13231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.419439][T13231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.452574][T13231] team0: Port device team_slave_0 added
[  269.455937][T13231] team0: Port device team_slave_1 added
[  269.493374][T13231] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.496180][T13231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  269.507029][T13231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.513037][T13231] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.515902][T13231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  269.526849][ T6761] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  269.527685][T13231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.552456][ T6761] usb 5-1: device descriptor read/8, error -71
[  269.585363][T13231] hsr_slave_0: entered promiscuous mode
[  269.588788][T13231] hsr_slave_1: entered promiscuous mode
[  269.591868][T13231] debugfs: 'hsr0' already exists in 'hsr'
[  269.594199][T13231] Cannot create hsr debugfs directory
[  269.626761][ T5291] Bluetooth: hci0: command tx timeout
[  269.732488][T13231] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.735956][T13231] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.786709][ T6761] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  269.807364][ T6761] usb 5-1: device descriptor read/8, error -71
[  269.822241][T13231] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.825603][T13231] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.917650][T13231] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.920798][T13231] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.926880][ T6761] usb usb5-port1: unable to enumerate USB device
[  269.992966][T13231] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.997639][T13231] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.135831][T13231] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  270.142805][T13231] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  270.148656][T13231] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  270.155850][T13231] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  270.212229][T13231] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.235189][T13231] 8021q: adding VLAN 0 to HW filter on device team0
[  270.248045][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.250840][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.257928][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.260236][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.389891][T13231] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.415386][T13231] veth0_vlan: entered promiscuous mode
[  270.420757][T13231] veth1_vlan: entered promiscuous mode
[  270.442913][T13231] veth0_macvtap: entered promiscuous mode
[  270.446717][T13231] veth1_macvtap: entered promiscuous mode
[  270.455561][T13231] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.463769][T13231] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.471849][ T9634] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.474602][ T9634] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.477970][ T9634] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.480764][ T9634] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.514951][  T224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.518744][  T224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.532393][ T9634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.535828][ T9634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.570551][T13269] netlink: 172 bytes leftover after parsing attributes in process `syz.3.2331'.
[  270.663166][T13272] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2340'.
[  270.665996][T13272] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2340'.
[  270.670865][T13272] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2340'.
[  270.934370][   T40] kauditd_printk_skb: 30 callbacks suppressed
[  270.934382][   T40] audit: type=1326 audit(1762670592.529:34333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="syz.3.2342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.943594][   T40] audit: type=1326 audit(1762670592.529:34334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="syz.3.2342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.943880][T13279] netlink: '': attribute type 10 has an invalid length.
[  270.950735][   T40] audit: type=1326 audit(1762670592.529:34335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="syz.3.2342" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.950759][   T40] audit: type=1326 audit(1762670592.529:34336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.950779][   T40] audit: type=1326 audit(1762670592.529:34337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.950799][   T40] audit: type=1326 audit(1762670592.539:34338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.950821][   T40] audit: type=1326 audit(1762670592.539:34339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.950841][   T40] audit: type=1326 audit(1762670592.539:34340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  270.997098][   T40] audit: type=1326 audit(1762670592.539:34341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  271.003932][   T40] audit: type=1326 audit(1762670592.539:34342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13278 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad37f8f6c9 code=0x7ffc0000
[  271.020109][T13279] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  271.057591][T13281] netlink: 'syz.3.2343': attribute type 4 has an invalid length.
[  271.064143][T13281] netlink: 'syz.3.2343': attribute type 4 has an invalid length.
[  271.066940][ T5291] Bluetooth: hci3: command tx timeout
[  271.098427][ T5291] Bluetooth: hci3: unexpected Set CIG Parameters response data
[  271.425658][T13290] overlayfs: failed to get inode (-116)
[  271.431656][T13290] overlayfs: failed to get inode (-116)
[  271.706735][ T5291] Bluetooth: hci0: command tx timeout
[  271.721545][T13300] netlink: 'syz.0.2349': attribute type 1 has an invalid length.
[  271.724886][T13300] netlink: 'syz.0.2349': attribute type 3 has an invalid length.
[  272.110920][T13312] netlink: 'syz.0.2355': attribute type 2 has an invalid length.
[  272.833601][T13349] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  272.942033][T13357] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  273.206693][T13384] binder: BINDER_SET_CONTEXT_MGR already set
[  273.209835][T13384] binder: 13377:13384 ioctl 4018620d 200000000100 returned -16
[  273.217180][T13384] binder: 13377:13384 ioctl ae41 0 returned -22
[  273.217300][T13384] binder: BINDER_SET_CONTEXT_MGR already set
[  273.217306][T13384] binder: 13377:13384 ioctl 4018620d 200000000340 returned -16
[  273.371654][T13389] "syz.4.2375" (13389) uses obsolete ecb(arc4) skcipher
[  273.565675][T13406] tipc: Started in network mode
[  273.565692][T13406] tipc: Node identity 5671f6c819bc, cluster identity 4711
[  273.565785][T13406] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  273.568342][T13406] syzkaller0: entered promiscuous mode
[  273.574269][T13406] syzkaller0: entered allmulticast mode
[  273.587352][T13406] netlink: 'syz.4.2380': attribute type 11 has an invalid length.
[  273.592099][T13405] tipc: Resetting bearer <eth:syzkaller0>
[  273.603839][T13405] tipc: Disabling bearer <eth:syzkaller0>
[  273.630442][T13408] overlayfs: conflicting options: userxattr,metacopy=on
[  273.786956][ T5291] Bluetooth: hci0: command tx timeout
[  273.789137][T13413] __nla_validate_parse: 5 callbacks suppressed
[  273.789151][T13413] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2383'.
[  273.981585][T13377] [U] 
[  274.018950][T13417] ceph: Path missing in source
[  274.045035][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.130011][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.208790][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.247136][   T64] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  274.251165][   T64] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  274.255207][   T64] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  274.262287][   T64] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  274.264991][   T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  274.301904][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.309715][T13424] xfrm0 speed is unknown, defaulting to 1000
[  274.452110][   T12] bridge_slave_1: left allmulticast mode
[  274.454275][   T12] bridge_slave_1: left promiscuous mode
[  274.457863][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.463111][   T12] bridge_slave_0: left allmulticast mode
[  274.464948][   T12] bridge_slave_0: left promiscuous mode
[  274.467233][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.548942][T13434] dns_resolver: Unsupported server list version (0)
[  274.793663][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  274.802024][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  274.809461][   T12] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  274.824033][   T12] bond0 (unregistering): Released all slaves
[  274.883466][T13450] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  275.011776][T13424] chnl_net:caif_netlink_parms(): no params data found
[  275.151455][T13481] syzkaller0: entered promiscuous mode
[  275.153242][T13481] syzkaller0: entered allmulticast mode
[  275.158903][T13481] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2401'.
[  275.162198][T13424] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.164663][T13424] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.167220][T13424] bridge_slave_0: entered allmulticast mode
[  275.169896][T13424] bridge_slave_0: entered promiscuous mode
[  275.174005][T13424] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.176377][T13424] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.180233][T13424] bridge_slave_1: entered allmulticast mode
[  275.183009][T13424] bridge_slave_1: entered promiscuous mode
[  275.193305][T13481] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2401'.
[  275.248753][T13424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.255658][T13424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.328814][   T12] hsr_slave_0: left promiscuous mode
[  275.331138][   T12] hsr_slave_1: left promiscuous mode
[  275.333335][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.335788][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.339069][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.341486][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.370741][   T12] veth1_macvtap: left promiscuous mode
[  275.372783][   T12] veth0_macvtap: left promiscuous mode
[  275.375600][   T12] veth1_vlan: left promiscuous mode
[  275.377909][   T12] veth0_vlan: left promiscuous mode
[  275.867059][   T64] Bluetooth: hci0: command tx timeout
[  275.920890][T13502] program syz.4.2407 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  275.979001][T13505] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2408'.
[  275.981839][T13505] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2408'.
[  275.981858][T13504] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2408'.
[  275.988715][T13504] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2408'.
[  276.141536][   T12] team0 (unregistering): Port device team_slave_1 removed
[  276.223803][   T12] team0 (unregistering): Port device team_slave_0 removed
[  276.349410][   T64] Bluetooth: hci2: command tx timeout
[  276.828232][T13505] geneve2: entered promiscuous mode
[  276.831133][T13505] geneve2: entered allmulticast mode
[  276.844975][T13424] team0: Port device team_slave_0 added
[  276.848972][T13424] team0: Port device team_slave_1 added
[  276.953005][T13424] batman_adv: batadv0: Adding interface: batadv_slave_0
[  276.955855][T13424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  276.967424][T13424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.978191][T13424] batman_adv: batadv0: Adding interface: batadv_slave_1
[  276.980942][T13424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  276.991368][T13424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  277.055217][T13424] hsr_slave_0: entered promiscuous mode
[  277.057865][T13424] hsr_slave_1: entered promiscuous mode
[  277.060389][T13424] debugfs: 'hsr0' already exists in 'hsr'
[  277.062396][T13424] Cannot create hsr debugfs directory
[  277.105134][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  277.105150][   T40] audit: type=1400 audit(1762670598.699:34377): avc:  denied  { remount } for  pid=13541 comm="syz.0.2419" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  277.105190][T13543] binder: Bad value for 'stats'
[  277.254866][T13424] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  277.259293][T13424] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  277.264679][T13424] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  277.272513][T13424] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  277.318550][T13424] 8021q: adding VLAN 0 to HW filter on device bond0
[  277.334267][T13424] 8021q: adding VLAN 0 to HW filter on device team0
[  277.340034][ T9639] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.342337][ T9639] bridge0: port 1(bridge_slave_0) entered forwarding state
[  277.348043][ T9634] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.350365][ T9634] bridge0: port 2(bridge_slave_1) entered forwarding state
[  277.474693][T13424] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.603442][T13424] veth0_vlan: entered promiscuous mode
[  277.608868][T13424] veth1_vlan: entered promiscuous mode
[  277.625460][T13424] veth0_macvtap: entered promiscuous mode
[  277.632793][T13424] veth1_macvtap: entered promiscuous mode
[  277.643291][T13424] batman_adv: batadv0: Interface activated: batadv_slave_0
[  277.652609][T13592] can0: slcan on ptm0.
[  277.655411][T13424] batman_adv: batadv0: Interface activated: batadv_slave_1
[  277.671836][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  277.677619][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  277.680579][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  277.684261][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  277.725572][ T9639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.728169][ T9639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.737337][T13591] can0 (unregistered): slcan off ptm0.
[  277.742457][ T9639] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.744910][ T9639] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.791110][T13599] x_tables: ip6_tables: CT target: only valid in raw table, not syz1
[  277.798990][   T40] audit: type=1400 audit(1762670599.399:34378): avc:  denied  { associate } for  pid=13601 comm="syz.0.2427" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  277.812002][T13600] ALSA: seq fatal error: cannot create timer (-19)
[  277.833173][T13599] ALSA: seq fatal error: cannot create timer (-19)
[  277.853849][T13610] netlink: 830 bytes leftover after parsing attributes in process `syz.0.2428'.
[  277.882464][T13612] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5133 sclass=netlink_route_socket pid=13612 comm=syz.1.2429
[  277.946655][   T64] Bluetooth: hci0: command tx timeout
[  277.962753][T13620] openvswitch: netlink: IP tunnel dst address not specified
[  278.039278][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2435'.
[  278.070731][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2435'.
[  278.078673][T13635] x_tables: duplicate underflow at hook 2
[  278.187342][T13649] batadv_slave_1: entered promiscuous mode
[  278.189711][T13651] batadv_slave_1: left promiscuous mode
[  278.196578][   T40] audit: type=1400 audit(1762670599.789:34379): avc:  denied  { nlmsg_write } for  pid=13647 comm="syz.5.2440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  278.224374][   T40] audit: type=1400 audit(1762670599.819:34380): avc:  denied  { read append } for  pid=13652 comm="syz.1.2442" name="fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  278.232735][   T40] audit: type=1400 audit(1762670599.819:34381): avc:  denied  { open } for  pid=13652 comm="syz.1.2442" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  278.240707][   T40] audit: type=1400 audit(1762670599.819:34382): avc:  denied  { ioctl } for  pid=13652 comm="syz.1.2442" path="/dev/fb1" dev="devtmpfs" ino=640 ioctlcmd=0x4600 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  278.327687][T13672] usb usb5: usbfs: process 13672 (syz.4.2443) did not claim interface 0 before use
[  278.332195][   T40] audit: type=1400 audit(1762670599.929:34383): avc:  denied  { read } for  pid=13657 comm="syz.4.2443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  278.332332][T13672] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  278.344409][T13674] kvm: user requested TSC rate below hardware speed
[  278.427022][   T64] Bluetooth: hci2: command tx timeout
[  278.440419][T13684] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13684 comm=syz.1.2450
[  278.517275][T13692] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  278.520472][T13692] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.524618][T13692] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  278.528776][T13692] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.536155][T13692] batman_adv: batadv0: Interface deactivated: gretap1
[  278.539277][T13692] batman_adv: batadv0: Removing interface: gretap1
[  278.565314][T13694] loop5: detected capacity change from 0 to 7
[  278.575717][T13694]  loop5: [CUMANA/ADFS] p1 [ADFS] p1
[  278.577626][T13694] loop5: partition table partially beyond EOD, truncated
[  278.580247][T13694] loop5: p1 size 2989602745 extends beyond EOD, truncated
[  278.754027][T13702] syzkaller0: entered promiscuous mode
[  278.756300][T13702] syzkaller0: entered allmulticast mode
[  278.782842][T13705] dlm: non-version read from control device 0
[  278.825492][T13707] overlayfs: missing 'workdir'
[  278.874399][   T40] audit: type=1400 audit(1762670600.469:34384): avc:  denied  { execute } for  pid=13710 comm="syz.5.2461" path="/dev/comedi4" dev="devtmpfs" ino=3360 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1
[  278.963020][T13714] overlayfs: invalid origin (0000)
[  278.965905][T13721] x_tables: ip6_tables: mh match: only valid for protocol 135
[  278.969579][T13722] netlink: 'syz.1.2465': attribute type 14 has an invalid length.
[  278.970092][T13721] netlink: 'syz.5.2464': attribute type 39 has an invalid length.
[  278.972043][T13722] __nla_validate_parse: 3 callbacks suppressed
[  278.972050][T13722] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2465'.
[  278.991556][T13722] netlink: 'syz.1.2465': attribute type 14 has an invalid length.
[  278.994046][T13722] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2465'.
[  279.112911][T13724] Option 'Ô_n'¶tr—1ZQ¥3Œ ¬-Öµ²ÙkÕXÜv~’' to dns_resolver key: bad/missing value
[  279.121288][T13724] nbd: socks must be embedded in a SOCK_ITEM attr
[  279.152117][T13726] SET target dimension over the limit!
[  279.175637][   T40] audit: type=1400 audit(1762670600.769:34385): avc:  denied  { module_load } for  pid=13727 comm="syz.4.2468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  279.175745][T13728] Invalid ELF header type: 29184 != 1
[  279.224820][T13726] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  279.447187][ T6865] usb 9-1: new low-speed USB device number 2 using dummy_hcd
[  279.517942][T13745] hugetlbfs: Unknown parameter 'ÿÿ0x0000000000000000'
[  279.573161][T13750] bond0: entered allmulticast mode
[  279.574960][T13750] bond_slave_0: entered allmulticast mode
[  279.576915][T13750] bond_slave_1: entered allmulticast mode
[  279.606710][ T6865] usb 9-1: Invalid ep0 maxpacket: 32
[  279.622705][T13754] overlayfs: workdir and upperdir must reside under the same mount
[  279.736670][ T6865] usb 9-1: new low-speed USB device number 3 using dummy_hcd
[  279.886627][ T6865] usb 9-1: Invalid ep0 maxpacket: 32
[  279.888595][ T6865] usb usb9-port1: attempt power cycle
[  279.977886][T13757] overlayfs: failed to resolve './file0/file0': -2
[  280.026764][   T64] Bluetooth: hci0: command tx timeout
[  280.131460][T13774] 9pnet_virtio: no channels available for device /dev/nullb0
[  280.246998][ T6865] usb 9-1: new low-speed USB device number 4 using dummy_hcd
[  280.277747][ T6865] usb 9-1: Invalid ep0 maxpacket: 32
[  280.426747][ T6865] usb 9-1: new low-speed USB device number 5 using dummy_hcd
[  280.447290][ T6865] usb 9-1: Invalid ep0 maxpacket: 32
[  280.449660][ T6865] usb usb9-port1: unable to enumerate USB device
[  280.487802][T13783] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.2487'.
[  280.506864][   T64] Bluetooth: hci2: command tx timeout
[  280.565042][T13788] veth1_macvtap: left promiscuous mode
[  280.566993][T13788] macsec0: entered promiscuous mode
[  280.568683][T13788] macsec0: entered allmulticast mode
[  280.651977][T13790] veth1_macvtap: entered promiscuous mode
[  280.653879][T13790] veth1_macvtap: entered allmulticast mode
[  280.656013][T13790] macsec0: left promiscuous mode
[  280.657937][T13790] macsec0: left allmulticast mode
[  280.660296][T13790] veth1_macvtap: left allmulticast mode
[  280.731801][T13793] nbd: must specify a device to reconfigure
[  280.813173][T13798] tmpfs: Unknown parameter '00000000000000000000107'
[  280.818925][T13798] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2492'.
[  280.919710][T13801] overlayfs: statfs failed on './file1'
[  281.458551][T13788] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  281.956269][   T40] audit: type=1326 audit(1762670603.549:34386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.5.2499" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0d8f6c9 code=0x7fc00000
[  282.024295][T13825] xfrm0 speed is unknown, defaulting to 1000
[  282.307625][   T40] kauditd_printk_skb: 806 callbacks suppressed
[  282.307634][   T40] audit: type=1400 audit(1762670603.909:35193): avc:  denied  { map } for  pid=13837 comm="syz.1.2505" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  282.317429][   T40] audit: type=1400 audit(1762670603.909:35194): avc:  denied  { write execute } for  pid=13837 comm="syz.1.2505" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  282.331529][T13844] netlink: 'syz.4.2506': attribute type 1 has an invalid length.
[  282.334767][T13844] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2506'.
[  282.337943][T13844] NCSI netlink: No device for ifindex 0
[  282.386722][ T6170] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  282.415695][   T40] audit: type=1326 audit(1762670604.009:35195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.423371][   T40] audit: type=1326 audit(1762670604.009:35196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.431451][T13852] sp0: Synchronizing with TNC
[  282.434279][T13853] Invalid source name
[  282.435953][T13853] UBIFS error (pid: 13853): cannot open "/dev/sg0", error -22
[  282.436452][   T40] audit: type=1326 audit(1762670604.019:35197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.444764][T13852] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2508'.
[  282.448363][   T40] audit: type=1326 audit(1762670604.019:35198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.448387][   T40] audit: type=1326 audit(1762670604.019:35199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.448406][   T40] audit: type=1326 audit(1762670604.019:35200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.465678][T13856] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2510'.
[  282.466703][   T40] audit: type=1326 audit(1762670604.019:35201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.484582][   T40] audit: type=1326 audit(1762670604.019:35202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13849 comm="syz.1.2508" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f159178f6c9 code=0x7ffc0000
[  282.549215][ T6170] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.554344][ T6170] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.558574][ T6170] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  282.563789][ T6170] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  282.567748][ T6170] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.569103][T13856] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  282.573514][ T6170] usb 10-1: config 0 descriptor??
[  282.580981][T13856] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  282.586753][   T64] Bluetooth: hci2: command tx timeout
[  282.587345][T13856] bond0 (unregistering): Released all slaves
[  282.622993][T13861] netlink: 'syz.0.2512': attribute type 10 has an invalid length.
[  282.625783][T13861] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.628343][T13861] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.633188][T13861] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.635516][T13861] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.637942][T13861] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.640200][T13861] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.644461][T13861] bridge0: entered allmulticast mode
[  282.646504][T13861] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  282.650976][T13854] [U] è`
[  282.666918][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  282.805988][T13867] kvm: kvm [13866]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  282.809690][T13867] kvm: kvm [13866]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  282.924580][T13873] netlink: 'syz.1.2517': attribute type 3 has an invalid length.
[  282.932783][T13873] netlink: 'syz.1.2517': attribute type 3 has an invalid length.
[  282.987314][ T6170] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  283.010294][T13887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=13887 comm=syz.0.2521
[  283.052503][T13887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13887 comm=syz.0.2521
[  283.082053][T13895] fuse: Bad value for 'fd'
[  283.194049][T13910] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2530'.
[  283.340350][T13929] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2535'.
[  283.526473][T13947] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  283.530511][T13947] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.549186][T13955] netlink: 'syz.1.2543': attribute type 16 has an invalid length.
[  283.600990][T13947] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  283.604956][T13947] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.649309][T13962] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2545'.
[  283.723035][T13947] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  283.727398][T13947] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.813428][T13947] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  283.818200][T13947] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.931981][ T9634] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  283.935311][ T9634] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.949200][   T46] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  283.951825][   T46] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.961377][ T9634] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  283.964040][ T9634] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.973007][ T9634] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  283.975699][ T9634] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.160501][T13980] program syz.4.2551 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  284.218556][    C2] plantronics 0003:047F:FFFF.000E: usb_submit_urb(ctrl) failed: -1
[  284.278479][T13987] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2554'.
[  284.282312][T13987] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2554'.
[  284.593094][T13998] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2559'.
[  284.680767][T14006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2562'.
[  284.684499][T14006] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2562'.
[  284.688953][T14006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2562'.
[  284.732144][T14008] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  284.832973][T14021] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2567'.
[  284.836926][  T841] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  284.845275][T14021] netlink: 84 bytes leftover after parsing attributes in process `syz.5.2567'.
[  284.986681][  T841] usb 5-1: Using ep0 maxpacket: 8
[  284.990013][  T841] usb 5-1: unable to get BOS descriptor or descriptor too short
[  284.993448][  T841] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  284.998871][  T841] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  285.001804][  T841] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.004398][  T841] usb 5-1: Product: syz
[  285.005720][  T841] usb 5-1: Manufacturer: syz
[  285.007438][  T841] usb 5-1: SerialNumber: syz
[  285.017561][ T5935] usb 10-1: USB disconnect, device number 2
[  285.056319][T14024] Bluetooth: MGMT ver 1.23
[  285.057964][T14024] Bluetooth: hci0: service_discovery: too big uuid_count value 29811
[  285.094150][T14026] netlink: 'syz.1.2569': attribute type 1 has an invalid length.
[  285.113271][T14026] bond6: (slave bridge0): making interface the new active one
[  285.115994][T14026] bond6: (slave bridge0): Enslaving as an active interface with an up link
[  285.129415][T14026] 9pnet_fd: Insufficient options for proto=fd
[  285.215782][  T841] cdc_ncm 5-1:1.0: bind() failure
[  285.220418][  T841] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  285.223444][  T841] cdc_ncm 5-1:1.1: bind() failure
[  285.230758][  T841] usb 5-1: USB disconnect, device number 32
[  285.713160][T14052] syz_tun: entered allmulticast mode
[  285.744864][T14051] syz_tun: left allmulticast mode
[  286.163978][T14064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2580'.
[  286.204082][T14066] IPVS: set_ctl: invalid protocol: 60 172.30.0.2:20002
[  286.407508][T14076] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2584'.
[  286.415974][T14076] Mount JFS Failure: -5
[  286.418850][T14076] jfs_mount failed w/return code = -5
[  286.639696][T14085] binder: BINDER_SET_CONTEXT_MGR already set
[  286.642149][T14085] binder: 14084:14085 ioctl 4018620d 200000000100 returned -16
[  286.645854][T14085] binder: BINDER_SET_CONTEXT_MGR already set
[  286.648115][T14085] binder: 14084:14085 ioctl 4018620d 200000004a80 returned -16
[  287.631590][   T40] kauditd_printk_skb: 60 callbacks suppressed
[  287.631607][   T40] audit: type=1400 audit(1762670609.229:35263): avc:  denied  { ioctl } for  pid=14111 comm="syz.1.2595" path="socket:[62738]" dev="sockfs" ino=62738 ioctlcmd=0x8917 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  287.749558][T14124] comedi comedi0: Cannot bond this driver to itself!
[  288.002465][T14148] SELinux: security_context_str_to_sid („) failed with errno=-22
[  288.036341][T14150] hsr_slave_0: left promiscuous mode
[  288.039383][T14150] hsr_slave_1: left promiscuous mode
[  288.076643][   T24] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  288.111319][T14158] batadv_slave_1: entered promiscuous mode
[  288.113823][T14158] netlink: 'syz.1.2612': attribute type 10 has an invalid length.
[  288.222421][T14157] batadv_slave_1: left promiscuous mode
[  288.236705][   T24] usb 5-1: Using ep0 maxpacket: 16
[  288.242613][   T24] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[  288.245690][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24
[  288.248548][   T24] usb 5-1: Product: syz
[  288.250016][   T24] usb 5-1: Manufacturer: syz
[  288.251589][   T24] usb 5-1: SerialNumber: syz
[  288.254988][   T24] usb 5-1: config 0 descriptor??
[  288.429554][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.432529][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.435555][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.438901][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.441863][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.444736][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.447868][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.450843][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.453788][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.457038][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.460349][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.461648][   T64] Bluetooth: hci4: Malformed LE Event: 0x0d
[  288.463614][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.464934][T14133] netlink: 'syz.0.2603': attribute type 29 has an invalid length.
[  288.465453][T14133] netlink: 'syz.0.2603': attribute type 29 has an invalid length.
[  288.468496][   T24] usb 5-1: USB disconnect, device number 33
[  288.470170][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.480039][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.483574][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.486878][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.489883][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.493220][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.496330][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.499520][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.502738][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.505960][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.509617][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.512812][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.515853][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.519055][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.522158][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.525261][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.528381][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.531793][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.535006][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.538011][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  288.541119][T14182] program syz.5.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  289.041062][T14195] overlayfs: failed to resolve './file1': -2
[  289.075993][T14198] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005f: 0000 [#1] SMP KASAN NOPTI
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  289.080188][T14198] KASAN: null-ptr-deref in range [0x00000000000002f8-0x00000000000002ff]
[  289.083510][T14198] CPU: 2 UID: 0 PID: 14198 Comm: syz.0.2623 Not tainted syzkaller #0 PREEMPT(full) 
[  289.087149][T14198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.090531][T14198] RIP: 0010:h5_recv+0x104/0x950
[  289.092074][T14198] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 91 90 7b f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  289.098089][T14198] RSP: 0018:ffffc9000c597bf0 EFLAGS: 00010293
[  289.100055][T14198] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff884167fa
[  289.102586][T14198] RDX: ffff8880137ba480 RSI: ffffffff8841683f RDI: 0000000000000005
[  289.105046][T14198] RBP: ffffc9000c597d78 R08: 0000000000000005 R09: 0000000000000000
[  289.107528][T14198] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  289.110042][T14198] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8c907a80
[  289.112602][T14198] FS:  00007f248628f6c0(0000) GS:ffff8880d6c08000(0000) knlGS:0000000000000000
[  289.115476][T14198] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  289.117801][T14198] CR2: 0000200000001000 CR3: 0000000050bf6000 CR4: 0000000000352ef0
[  289.120341][T14198] Call Trace:
[  289.121407][T14198]  <TASK>
[  289.122400][T14198]  ? __pfx_h5_recv+0x10/0x10
[  289.124095][T14198]  hci_uart_tty_receive+0x254/0x7e0
[  289.126224][T14198]  ? __pfx_hci_uart_tty_receive+0x10/0x10
[  289.128526][T14198]  tty_ioctl+0x583/0x1680
[  289.130339][T14198]  ? __pfx_tty_ioctl+0x10/0x10
[  289.132346][T14198]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  289.135174][T14198]  ? hook_file_ioctl_common+0x145/0x410
[  289.137451][T14198]  ? selinux_file_ioctl+0x180/0x270
[  289.139589][T14198]  ? selinux_file_ioctl+0xb4/0x270
[  289.141659][T14198]  ? __pfx_tty_ioctl+0x10/0x10
[  289.143583][T14198]  __x64_sys_ioctl+0x18e/0x210
[  289.145410][T14198]  do_syscall_64+0xcd/0xfa0
[  289.147230][T14198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.149530][T14198] RIP: 0033:0x7f248538f6c9
[  289.151308][T14198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.158928][T14198] RSP: 002b:00007f248628f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  289.162272][T14198] RAX: ffffffffffffffda RBX: 00007f24855e6090 RCX: 00007f248538f6c9
[  289.165466][T14198] RDX: 0000200000000080 RSI: 0000000000005412 RDI: 0000000000000007
[  289.168256][T14198] RBP: 00007f2485411f91 R08: 0000000000000000 R09: 0000000000000000
[  289.170787][T14198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  289.173180][T14198] R13: 00007f24855e6128 R14: 00007f24855e6090 R15: 00007ffedf172fe8
[  289.175688][T14198]  </TASK>
[  289.176629][T14198] Modules linked in:
[  289.178302][T14198] ---[ end trace 0000000000000000 ]---
[  289.192453][T14198] RIP: 0010:h5_recv+0x104/0x950
[  289.194313][T14198] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 91 90 7b f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  289.200684][T14198] RSP: 0018:ffffc9000c597bf0 EFLAGS: 00010293
[  289.202980][T14198] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff884167fa
[  289.205950][T14198] RDX: ffff8880137ba480 RSI: ffffffff8841683f RDI: 0000000000000005
[  289.208583][T14198] RBP: ffffc9000c597d78 R08: 0000000000000005 R09: 0000000000000000
[  289.211225][T14198] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  289.213829][T14198] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8c907a80
[  289.216384][T14198] FS:  00007f248628f6c0(0000) GS:ffff8880d6a08000(0000) knlGS:0000000000000000
[  289.219351][T14198] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  289.222461][T14198] CR2: 00007f248626ed58 CR3: 0000000050bf6000 CR4: 0000000000352ef0
[  289.225788][T14198] Kernel panic - not syncing: Fatal exception
[  289.228938][T14198] Kernel Offset: disabled
[  289.230736][T14198] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:39:13  Registers:
info registers vcpu 0

CPU#0
RAX=00000000002e3e4c RBX=0000000000000000 RCX=ffffffff8b60a2a9 RDX=ffffed100d486656
RSI=ffffffff8bf07040 RDI=ffffffff8192458d RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8
R8 =0000000000000000 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff90820cd0 R15=0000000000000000
RIP=ffffffff8b608d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2cc63fff CR3=000000004d980000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc6540dbf0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1591813050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f159181305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1591813057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f159181306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15918130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f15918131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000080000 RBX=00007f9c6da26470 RCX=ffffc90007391000 RDX=0000000000000030
RSI=ffffc9000d747e40 RDI=00007f9c6da26470 RBP=00007f9c6da264a0 RSP=ffffc9000d747cd0
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000004 R11=0000000000000001
R12=ffffc9000d747e40 R13=0000000000000004 R14=1ffff92001ae8fab R15=ffff888055a72480
RIP=ffffffff84a4b116 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9c6da276c0 ffffffff 00c00000
GS =0000 ffff8880d6b08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f2485373360 CR3=000000004545f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc13050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc1305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc13057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc1306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cdb74a8 00007f9c6cdb74a0 00007f9c6cdb7498 00007f9c6cdb7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6d91d100 00007f9c6cdb7460 00007f9c6cdb7478 00007f9c6cdb74c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cdb74b8 00007f9c6cdb74b0 00007f9c6cdb74a8 00007f9c6cdb74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000000000 0000000000000000 0000000000000244
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85296335 RDI=ffffffff9add8780 RBP=ffffffff9add8740 RSP=ffffc9000c597560
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9add8740 R15=ffffffff852962d0
RIP=ffffffff8529635f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f248628f6c0 ffffffff 00c00000
GS =0000 ffff8880d6c08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001000 CR3=0000000050bf6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2485413050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f248541305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2485413057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f248541306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f24854130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f24854131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f24855b74a8 00007f24855b74a0 00007f24855b7498 00007f24855b7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f248611d100 00007f24855b7460 00007f24855b7478 00007f24855b74c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f24855b74b8 00007f24855b74b0 00007f24855b74a8 00007f24855b74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a642700 RCX=ffffffff81b0ec11 RDX=ffff88802a6b2480
RSI=ffffffff81b0ebeb RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000378f4f0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=1ffffffff1c79ec1
R12=dffffc0000000000 R13=ffffed100d4c84e1 R14=0000000000000001 R15=0000000000000002
RIP=ffffffff81b0ebed RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6d08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f5b72d17d60 CR3=000000004545f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc13050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc1305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc13057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc1306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cc131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cdb74a8 00007f9c6cdb74a0 00007f9c6cdb7498 00007f9c6cdb7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6d91d100 00007f9c6cdb7460 00007f9c6cdb0004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9c6cdb74b8 00007f9c6cdb74b0 00007f9c6cdb74a8 00007f9c6cdb74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000000000 0000000000000000 0000000000000244
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000