last executing test programs:

55.858121583s ago: executing program 3 (id=994):
r0 = getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x22000, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, 0x0, 0x178)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x84880)
read$FUSE(r4, &(0x7f0000000300)={0x2020}, 0x2020)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
pipe(&(0x7f0000000140)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000002380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000002340)={&(0x7f0000000280)={0x70, r8, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040}, 0x4000)
r9 = dup(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$inet(r11, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r12, r10, 0x80000)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200000000000000f1000040"])
socket$netlink(0x10, 0x3, 0xa)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x3c, r14, 0x1, 0x0, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}}, 0x0)
listen(r7, 0xb6)

55.181114549s ago: executing program 3 (id=1017):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="280000000206050000000000c63260a48afaad8f9650a32aa81f980000000000000008"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="1200000012000100020000686a8e5d3d360000000000100000000c00001700000000"], 0x30}], 0x1, 0x0, 0x0, 0x20004801}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000080)={0x10}) (async)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

55.051511632s ago: executing program 3 (id=1019):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202})
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x183001)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0xffffffff, 0x0, 0x467, 0x1, [<r7=>0x0], [0x0, 0xa, 0x0, 0x20002], [0xfffffffc, 0x4, 0x2, 0x100000], [0xc5, 0x4, 0x40001, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7})
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r8, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x4000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x15, 0x3, 0x2, 0x87}, {0x6000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0xd, 0x6, 0x4, 0x8, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x83}, {0x1000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x7, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x0, 0x306424, 0x2, 0x1500, 0x3000, [0x6800000000000000, 0x4, 0x5e, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

54.669884021s ago: executing program 3 (id=1027):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb500a, 0x0)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
ioctl$TCSETS(r0, 0x80047456, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000140))
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x1)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0xa)
ioctl$TCFLSH(r2, 0x540b, 0x2)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

54.590590824s ago: executing program 3 (id=1029):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000080)={0x1a, 0x1, 0x4, 0x0, 0x0, 0x0, @random="5f302e5cf058"}, 0x10)
listen(r0, 0x0)
accept4$llc(r0, 0x0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_init_net_socket$llc(0x1a, 0x801, 0x0) (async)
bind$llc(r0, &(0x7f0000000080)={0x1a, 0x1, 0x4, 0x0, 0x0, 0x0, @random="5f302e5cf058"}, 0x10) (async)
listen(r0, 0x0) (async)
accept4$llc(r0, 0x0, 0x0, 0x0) (async)

50.960404665s ago: executing program 3 (id=1089):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x1, 0x84)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r5, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r4)
bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x0)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(r1, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(r1)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x20, 0x2, 0x9, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44080)
timer_getoverrun(r3)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$inet6(0xa, 0x1, 0x84) (async)
gettid() (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) (async)
socket$netlink(0x10, 0x3, 0x10) (async)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TIPC_NL_NET_GET(r5, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r4) (async)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2}) (async)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r4) (async)
bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async)
shutdown(r1, 0x0) (async)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8) (async)
sendto$inet6(r1, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c) (async)
close(r1) (async)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x20, 0x2, 0x9, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44080) (async)
timer_getoverrun(r3) (async)

50.894054893s ago: executing program 32 (id=1089):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x1, 0x84)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r5, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r4)
bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x0)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(r1, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(r1)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x20, 0x2, 0x9, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44080)
timer_getoverrun(r3)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$inet6(0xa, 0x1, 0x84) (async)
gettid() (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) (async)
socket$netlink(0x10, 0x3, 0x10) (async)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TIPC_NL_NET_GET(r5, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r4) (async)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2}) (async)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r4) (async)
bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async)
shutdown(r1, 0x0) (async)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8) (async)
sendto$inet6(r1, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c) (async)
close(r1) (async)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x20, 0x2, 0x9, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44080) (async)
timer_getoverrun(r3) (async)

39.511764725s ago: executing program 4 (id=1253):
setresgid(0xee00, 0xee01, 0x0)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$setperm(0x5, r0, 0x1c243811)
keyctl$chown(0x4, r0, 0xee00, 0x0)
keyctl$get_security(0x11, r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000017c0)=@newtaction={0xe98, 0x30, 0x25, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x30, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {}, {}, {}, {}, {0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe81}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

39.421719662s ago: executing program 4 (id=1254):
r0 = socket$nl_route(0x10, 0x3, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000000)=0x31)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
r3 = socket$nl_route(0x10, 0x3, 0x0)
stat(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000002000010000000000fbdbdf270a00000008000000000000000c001400", @ANYRES32=r1, @ANYRES32=r4, @ANYBLOB="66a1a74600215556315e405ca9e321f4a01714542e0588b265fc8fd15fde83fe342804f4cebb8484df079e8055b3f91d245da7e6033c403e8fcaee94d3008c7e1222d36a5e69bcac841dd92d07a524d0d86acc190ea97919555a7375"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x5090c1, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000640012800b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600"], 0x94}}, 0x0)

39.418887876s ago: executing program 4 (id=1255):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r0 = creat(&(0x7f0000000100)='./file0/file0\x00', 0x22)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
ioctl$SNDCTL_TMR_START(r0, 0x5402)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)

39.360909989s ago: executing program 4 (id=1256):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWSETELEM={0xb98, 0xc, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0xc}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0xb7c, 0x3, 0x0, 0x1, [{0x334, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPRESSIONS={0x4c, 0xb, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x3c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x1}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x4}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0xfd}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x9}]}}}]}, @NFTA_SET_ELEM_DATA={0x1ec, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VALUE={0x4b, 0x1, "ed3c9c7a6973eaa151aeb82b8365b537f4c55d04d1a8556631bd6dc2f107d2344189f0003129440d316d50f0676551daf75609ecadcce0c0c027a51b43e4d84ea256f2985dd65c"}, @NFTA_DATA_VALUE={0xfa, 0x1, "dac653d0ff2d677e6aea21929bb6c1a548c3422ed54de3db45b70a1f6bf3ff0f97b56d78090d4c789f28eda65dc5c480bd16c2e992ca02716282e84f1efb3d559e1bafff8dc438682afd6880185df50622d24f911bbb751e4cd15a9c0593dcf724a18cafab78edd318edc5ff1649ae9c1cbf3fbf0752eb15d133b4823a4d879eea4c7281f0ba914045bfae33e447da635ee2e13a59070cf72e54a83903120e1556ddd477eaa5af4deb537ee70669044c114be2bf94c48f74f52a463fb5956c3afdb979abec03a8c8b1b090327fdc77d81a9b4507574dabb3bdd69f9f5508f64c8b41e7e2167da1febad6aa7444c7f801cb25aa288426"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_EXPRESSIONS={0xb8, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}, {0x64, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x187}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0x100}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, {0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x30, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_DUP_SREG_ADDR={0x8}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x15}]}}}]}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @xfrm={{0x9}, @void}}, @NFTA_SET_ELEM_KEY={0x10, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc, 0x1, "80b089ff7f1e6ffd"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0xee0b}]}, {0x49c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0x244, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x58, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x30, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_CONNLIMIT_FLAGS={0x8}]}}}, {0x12c, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x11c, 0x2, 0x0, 0x1, [@NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_EXPR={0x10, 0x7, 0x0, 0x1, {{0xb}, @void}}, @NFTA_DYNSET_SET_ID={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_DYNSET_EXPR={0x10, 0x7, 0x0, 0x1, {{0xb}, @void}}, @NFTA_DYNSET_EXPRESSIONS={0xa8, 0xa, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @osf={{0x8}, @void}}, {0x28, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_DUP_SREG_DEV={0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xb}]}}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x50, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_OSF_TTL={0x5, 0x2, 0xd}, @NFTA_OSF_TTL={0x5, 0x2, 0x81}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_TTL={0x5, 0x2, 0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_TTL={0x5, 0x2, 0xa}]}}}]}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_DYNSET_TIMEOUT={0xc, 0x6, 0x1, 0x0, 0x997}, @NFTA_DYNSET_EXPR={0x1c, 0x7, 0x0, 0x1, {{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0xe}]}}}]}}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @xfrm={{0x9}, @void}}, {0x44, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xc}]}}}, {0x1c, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0xf97a66f2bbb17965}]}}}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x8}, @NFTA_SET_ELEM_DATA={0x21c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VALUE={0x6d, 0x1, "df432593aba682ee4033a5646f7187fa1ccc4a9dee21c8f0abd77167c90264deba2d6fc26a8f4e0e652196ae597bc952d4f80ae98549c9d51cb8510b1421054d5df2f785fa99485af80378d22d4f2f54da7d2b1761a066cd6b860871663f9d4517473512e39d2e49bf"}, @NFTA_DATA_VALUE={0xb6, 0x1, "075a89c9ff34f49a66bb4e5954bde4f3a109c8d6460ed592d8405fb1bca1ac25ee22f23a4aa81d8439cd38e56726bd0a51fab3ece87066cb901413c5fdc3f145694c259f61ffc3945d94aa8700d3221549d4e9e4bbe648a8d49f2047ea32923030e6a1bad62e1f63b098a0e350e824e1e903212b30138b5057ea9aa1c444b6b2a599d225dc1d9a0c9f1bdfffa60c3624f061686f3316a8c5c47e1ce58302cb35ccdf53e6e5c211e0f141c640b717ce8825b5"}, @NFTA_DATA_VALUE={0x60, 0x1, "1a6d6360132e5bf60707c0288536ab28023eca98eee864becd0708e551f256d174cb5ffd2636f3335501af8ce3809cbe723abb5eb47b005cdc44e59157cd8a2a20d7097691de08f678681721bce04178505f4f0df537eeea687ff815"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x1}]}, {0x3a8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xf3, 0x6, 0x1, 0x0, "dce9bffb04f74baaef865882c816b3c43153e20d2ea3f05b00c81cb0bf69bb67249c4108f7f6799577650defbe098217389b18509332052943456ef991057b7b941f7c7ecfd44da0d0be6cda04237a7b2269af923ea66641ee77d47ebbe0ed1080ff978502bbfc1b357dd697c1f65d12992742388a028affa6df20ce2503fa79a98f837f78957bd5f74970409443e6b0a5d7da8b4b2e50dd71f5fe66710041be618ae29a73843ef4bd8133db72f0bbccdfa3d4f18d2028cb358e070bef95df7bc0c397e0d2e85ea911d5f4b1727e6047db552f7a266940f03048e678f38fea801d2e34c8230cc67c506edfcf10f6fb"}, @NFTA_SET_ELEM_USERDATA={0xe3, 0x6, 0x1, 0x0, "a24a2f591aef3a6efd858f76b12ff9b4657f2f47c5a73da58e898cc9d22f62cf875fbeb4831c730e7f00e9d0b5e2d0c301840688c8f0d3d5b2905108582850a0cb19b5bf503f82ee3968b9f3724670f6e39dc92696571e72ef7e9dbf4f900a1f2c373b7283b090b7c9134d4845cd2d4a468220ed1de0b4e0d04f78ef33ad2ec8807b371a01d962f6c23c667f0c054a6bf4ccc5e697379cae28af6a24a8aa72d5b0e839585c9f9c8a4aee70cd5d103673308fa80ae3e7ca2fce48c746dcd4f045f90a53baa869cfa546bd7b6c86558d4b9262869442830c4c722361521b646a"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x5c, 0xb, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_FIB_FLAGS={0x8}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x32}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x10000}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_KEY_END={0x138, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x99, 0x1, "3ea4b01ea79c59f45bcccc7571eecd78d7f232bcf94cc44a2102926fa6bfba478719e816595772599def7a1b1fe04f08f52dee2323b31503d69e797867850da2c0b59ff0e81abf1469462233080d1585efe8c4c145c640fc39a2766a94a4a0cd91f387074b6a1bed826fc956d8a01e8cc1f1e3d72337d8943b8c1d230fb588d041b0675a464465ca1d12253772a1acd0132d71b2fc"}, @NFTA_DATA_VALUE={0x4c, 0x1, "cb6ec112b830848cae1c4dc7ee4bc540961aed5e5ea88cff9b2c96c77c1e77ad98aaf8b2f32a55c3178c2a53b49ded8de7fe20d50c255d3d7f9707b83f7c0bfaa71068984a8903b4"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}}, 0xbc0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100)={<r1=>r0})
r2 = accept4$ax25(r1, &(0x7f0000000180)={{0x3, @bcast}, [@rose, @remote, @remote, @remote, @null, @null, @default, @default]}, &(0x7f0000000140)=0x48, 0x80000)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWSETELEM={0xb98, 0xc, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0xc}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0xb7c, 0x3, 0x0, 0x1, [{0x334, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPRESSIONS={0x4c, 0xb, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x3c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x1}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x4}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0xfd}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x9}]}}}]}, @NFTA_SET_ELEM_DATA={0x1ec, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VALUE={0x4b, 0x1, "ed3c9c7a6973eaa151aeb82b8365b537f4c55d04d1a8556631bd6dc2f107d2344189f0003129440d316d50f0676551daf75609ecadcce0c0c027a51b43e4d84ea256f2985dd65c"}, @NFTA_DATA_VALUE={0xfa, 0x1, "dac653d0ff2d677e6aea21929bb6c1a548c3422ed54de3db45b70a1f6bf3ff0f97b56d78090d4c789f28eda65dc5c480bd16c2e992ca02716282e84f1efb3d559e1bafff8dc438682afd6880185df50622d24f911bbb751e4cd15a9c0593dcf724a18cafab78edd318edc5ff1649ae9c1cbf3fbf0752eb15d133b4823a4d879eea4c7281f0ba914045bfae33e447da635ee2e13a59070cf72e54a83903120e1556ddd477eaa5af4deb537ee70669044c114be2bf94c48f74f52a463fb5956c3afdb979abec03a8c8b1b090327fdc77d81a9b4507574dabb3bdd69f9f5508f64c8b41e7e2167da1febad6aa7444c7f801cb25aa288426"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_EXPRESSIONS={0xb8, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}, {0x64, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x187}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0x100}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, {0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x30, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_DUP_SREG_ADDR={0x8}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x15}]}}}]}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @xfrm={{0x9}, @void}}, @NFTA_SET_ELEM_KEY={0x10, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc, 0x1, "80b089ff7f1e6ffd"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0xee0b}]}, {0x49c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0x244, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x58, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x30, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_CONNLIMIT_FLAGS={0x8}]}}}, {0x12c, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x11c, 0x2, 0x0, 0x1, [@NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_EXPR={0x10, 0x7, 0x0, 0x1, {{0xb}, @void}}, @NFTA_DYNSET_SET_ID={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_DYNSET_EXPR={0x10, 0x7, 0x0, 0x1, {{0xb}, @void}}, @NFTA_DYNSET_EXPRESSIONS={0xa8, 0xa, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @osf={{0x8}, @void}}, {0x28, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_DUP_SREG_DEV={0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xb}]}}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x50, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_OSF_TTL={0x5, 0x2, 0xd}, @NFTA_OSF_TTL={0x5, 0x2, 0x81}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_TTL={0x5, 0x2, 0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_TTL={0x5, 0x2, 0xa}]}}}]}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_DYNSET_TIMEOUT={0xc, 0x6, 0x1, 0x0, 0x997}, @NFTA_DYNSET_EXPR={0x1c, 0x7, 0x0, 0x1, {{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_DREG={0x8, 0x3, 0x1, 0x0, 0xe}]}}}]}}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @xfrm={{0x9}, @void}}, {0x44, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1a}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0xc}]}}}, {0x1c, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0xf97a66f2bbb17965}]}}}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x8}, @NFTA_SET_ELEM_DATA={0x21c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VALUE={0x6d, 0x1, "df432593aba682ee4033a5646f7187fa1ccc4a9dee21c8f0abd77167c90264deba2d6fc26a8f4e0e652196ae597bc952d4f80ae98549c9d51cb8510b1421054d5df2f785fa99485af80378d22d4f2f54da7d2b1761a066cd6b860871663f9d4517473512e39d2e49bf"}, @NFTA_DATA_VALUE={0xb6, 0x1, "075a89c9ff34f49a66bb4e5954bde4f3a109c8d6460ed592d8405fb1bca1ac25ee22f23a4aa81d8439cd38e56726bd0a51fab3ece87066cb901413c5fdc3f145694c259f61ffc3945d94aa8700d3221549d4e9e4bbe648a8d49f2047ea32923030e6a1bad62e1f63b098a0e350e824e1e903212b30138b5057ea9aa1c444b6b2a599d225dc1d9a0c9f1bdfffa60c3624f061686f3316a8c5c47e1ce58302cb35ccdf53e6e5c211e0f141c640b717ce8825b5"}, @NFTA_DATA_VALUE={0x60, 0x1, "1a6d6360132e5bf60707c0288536ab28023eca98eee864becd0708e551f256d174cb5ffd2636f3335501af8ce3809cbe723abb5eb47b005cdc44e59157cd8a2a20d7097691de08f678681721bce04178505f4f0df537eeea687ff815"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x1}]}, {0x3a8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xf3, 0x6, 0x1, 0x0, "dce9bffb04f74baaef865882c816b3c43153e20d2ea3f05b00c81cb0bf69bb67249c4108f7f6799577650defbe098217389b18509332052943456ef991057b7b941f7c7ecfd44da0d0be6cda04237a7b2269af923ea66641ee77d47ebbe0ed1080ff978502bbfc1b357dd697c1f65d12992742388a028affa6df20ce2503fa79a98f837f78957bd5f74970409443e6b0a5d7da8b4b2e50dd71f5fe66710041be618ae29a73843ef4bd8133db72f0bbccdfa3d4f18d2028cb358e070bef95df7bc0c397e0d2e85ea911d5f4b1727e6047db552f7a266940f03048e678f38fea801d2e34c8230cc67c506edfcf10f6fb"}, @NFTA_SET_ELEM_USERDATA={0xe3, 0x6, 0x1, 0x0, "a24a2f591aef3a6efd858f76b12ff9b4657f2f47c5a73da58e898cc9d22f62cf875fbeb4831c730e7f00e9d0b5e2d0c301840688c8f0d3d5b2905108582850a0cb19b5bf503f82ee3968b9f3724670f6e39dc92696571e72ef7e9dbf4f900a1f2c373b7283b090b7c9134d4845cd2d4a468220ed1de0b4e0d04f78ef33ad2ec8807b371a01d962f6c23c667f0c054a6bf4ccc5e697379cae28af6a24a8aa72d5b0e839585c9f9c8a4aee70cd5d103673308fa80ae3e7ca2fce48c746dcd4f045f90a53baa869cfa546bd7b6c86558d4b9262869442830c4c722361521b646a"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x5c, 0xb, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_FIB_FLAGS={0x8}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x32}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x10000}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_KEY_END={0x138, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x99, 0x1, "3ea4b01ea79c59f45bcccc7571eecd78d7f232bcf94cc44a2102926fa6bfba478719e816595772599def7a1b1fe04f08f52dee2323b31503d69e797867850da2c0b59ff0e81abf1469462233080d1585efe8c4c145c640fc39a2766a94a4a0cd91f387074b6a1bed826fc956d8a01e8cc1f1e3d72337d8943b8c1d230fb588d041b0675a464465ca1d12253772a1acd0132d71b2fc"}, @NFTA_DATA_VALUE={0x4c, 0x1, "cb6ec112b830848cae1c4dc7ee4bc540961aed5e5ea88cff9b2c96c77c1e77ad98aaf8b2f32a55c3178c2a53b49ded8de7fe20d50c255d3d7f9707b83f7c0bfaa71068984a8903b4"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}}, 0xbc0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100)={r0}) (async)
accept4$ax25(r1, &(0x7f0000000180)={{0x3, @bcast}, [@rose, @remote, @remote, @remote, @null, @null, @default, @default]}, &(0x7f0000000140)=0x48, 0x80000) (async)
close(r2) (async)

39.261547484s ago: executing program 4 (id=1257):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000500), 0x8, 0x0)
r1 = syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0xfffffffd}, &(0x7f0000000240), &(0x7f0000001880))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000600))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000000)={0x60, 0x0, &(0x7f000007c000/0x4000)=nil, &(0x7f0000839000/0x1000)=nil, 0x0, 0x0, 0x0, 0x9, 0x40, 0x0, 0x51, 0xa}) (async)
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000000)={0x60, 0x0, &(0x7f000007c000/0x4000)=nil, &(0x7f0000839000/0x1000)=nil, 0x0, 0x0, 0x0, 0x9, 0x40, 0x0, 0x51, 0xa})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4204, r3, 0x202, &(0x7f0000000140)={&(0x7f0000000600)=""/4096, 0x1000})
keyctl$restrict_keyring(0xa, 0x0, 0x0, &(0x7f0000000000)='i\xacl*c\x822')
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x21, &(0x7f0000000440)=r0, 0x1)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB="2c0011f02c0b6b6a0d8a640bee0100000000000000f15c"]) (async)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB="2c0011f02c0b6b6a0d8a640bee0100000000000000f15c"])

39.210849352s ago: executing program 4 (id=1258):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x325, 0x400, 0x0, {0x8}}, 0x14}}, 0x4800)
syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000000)=0x88d, 0x4)

23.523943655s ago: executing program 33 (id=1258):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x325, 0x400, 0x0, {0x8}}, 0x14}}, 0x4800)
syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000000)=0x88d, 0x4)

18.951134102s ago: executing program 2 (id=1535):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_emit_ethernet(0x76, &(0x7f0000001100)={@link_local, @local, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "b33883", 0x3c, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "74cd7b", 0x0, 0x2b, 0x0, @private1, @mcast1, [], "c6214c55d1055a616515f5a7"}}}}}}}, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x1081, 0x3})
ioperm(0x80000001, 0x1, 0x3ff)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x1}], 0x1, 0x0, 0x0, 0xc080}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
socket$nl_generic(0x10, 0x3, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

18.83059916s ago: executing program 2 (id=1539):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000001000390400"/20, @ANYRES32=r2, @ANYBLOB="0198000003130000240012800900010069706970000000001400028008000300e0"], 0x44}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9}, 0x0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, 0x0, 0x8881)
setsockopt(r4, 0xf1178ca7, 0x9, 0x0, 0x0)

18.829126392s ago: executing program 2 (id=1541):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2000000}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xa4c81, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000001580)="03a30aa8", 0x4}], 0x20) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) (async)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010040000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000088000000060a010400000000000000000100000008000b40000000000900010073797a3000000000600004805c0001800b0001007470726f787900004c00028008000340000000160800014000"], 0x110}}, 0x40040) (async)
sync_file_range(r3, 0x5, 0x200, 0x5af05b22927b6ef4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9f00000011000000000000000000000f040000"], 0x0, 0x26}, 0x28) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd63"], 0xcfa4)
r5 = socket$netlink(0x10, 0x3, 0x15) (async)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x0, 0x0, 'dh\x00'}, 0x2c)
inotify_init() (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000010000000fcffffffffdb000400c6dd00", @ANYRES32=0x0, @ANYBLOB="0000000000000000090001"], 0x2c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) (async)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="04010000100053"], 0x104}, 0x1, 0x0, 0x0, 0x20040890}, 0x200080c0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x1d, &(0x7f0000000200)=0x8, 0x4)
r7 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r7, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x2, [0x2], [0x2000], [0x7fffffff, 0x0, 0x0, 0x2], [0x400000000000001]}) (async)
dup3(r0, r6, 0x0)

18.771271205s ago: executing program 2 (id=1542):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x2)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000480), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$ARCH_GET_GS(0x1e, r1, &(0x7f0000000180), 0x1004)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x200000)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', 0x0, 0x1c}, 0x18)

18.711063874s ago: executing program 2 (id=1544):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x4, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000000)) (async, rerun: 32)
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x80800) (async, rerun: 32)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5) (async)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x200800, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c0100646e6f3d", @ANYRESHEX=r0, @ANYBLOB="2c736d61636b66737472616e736d7574653d05000000000000000000c77d49000000000000000000000000002c00"]) (async)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) (rerun: 64)

18.000958334s ago: executing program 2 (id=1550):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x4, &(0x7f0000000200)={'trans=virtio,', {[{@cache_loose}]}})
chdir(&(0x7f0000000280)='./file0\x00')
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x181)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x38, r6, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r7}}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x38}}, 0x20000000)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="bbd5c3bd5e72561108f8e4d689bab6285ff0a572ef5bf81e0c73729d58b352a216f19a63268452cad26ac19f62248ef2dfc26bb49f892328eb7ec715fdf1f08eba829fa3edd23993e5ea57d2e335c161ddfe1a773f6ea7e5d661a20cdc8632d8", @ANYRES16=r4, @ANYBLOB="010027bd7000fcdbdf25020000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x24040090}, 0xc0)
r8 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
write$uinput_user_dev(r8, &(0x7f00000007c0)={'syz0\x00', {0x7, 0x0, 0xfffb, 0x8001}, 0x3d, [0x3, 0x0, 0x1, 0x6, 0x2, 0x8000000, 0x2, 0x7, 0xffffffff, 0x4, 0x7, 0xc, 0x23cf, 0x1, 0x7, 0x0, 0x306, 0x0, 0xffffffff, 0x9, 0x2, 0x6, 0x1, 0x0, 0x6, 0x7, 0x1, 0x0, 0x2, 0xffff, 0xc, 0x6, 0x10001, 0x2, 0x1000000, 0x1, 0x7, 0x8, 0x7, 0x6, 0x660, 0x3, 0xc643ecb1, 0x8, 0x5, 0x3ff, 0x8a1, 0x401, 0x7, 0x6d, 0x5, 0xc, 0x6, 0x249a, 0x6, 0x5a30, 0xe788, 0x8001, 0x4, 0x9, 0xab, 0x7, 0x4, 0x6], [0x200, 0x139, 0x6, 0x271, 0x2, 0x9a9, 0x3, 0x4, 0x40000005, 0x5, 0x9, 0x10000, 0x10001, 0x8, 0x3ff, 0x0, 0xfff, 0x8, 0x7, 0x100, 0xc, 0x75b1, 0x0, 0x9d, 0x6, 0xb, 0x1, 0x1, 0x16f4, 0x2, 0x400, 0x5, 0x9, 0x953b, 0x8, 0x9, 0x8, 0x1, 0xec2, 0xbd, 0x9, 0xc, 0x6596, 0x8, 0x4, 0x7f, 0xb, 0x98c0, 0x3, 0x9, 0x7, 0x2, 0xf78, 0x9, 0x35ce0cb3, 0x0, 0x8, 0x8, 0x5b0, 0x18b, 0x10, 0x9, 0x3, 0xb], [0x222d, 0xa, 0x2, 0x3, 0x6f083aad, 0x5, 0x0, 0x1, 0xfffffffd, 0x0, 0x7d, 0x8000000, 0x1, 0x1, 0x2, 0x7ff, 0x3, 0x9, 0x1e, 0x3162, 0x800, 0x101, 0x100, 0x0, 0x6, 0x2c, 0x7, 0xfffffff8, 0xffffffff, 0x80000000, 0x3, 0x6, 0x7, 0x0, 0x4e, 0x575b089f, 0xbc3e, 0xfffffffa, 0xfffffff7, 0x9bd6, 0x1, 0x0, 0x9, 0x6, 0x7, 0x7, 0x0, 0x3, 0x401, 0xa55, 0x6, 0x3, 0x0, 0xfff, 0x40000000, 0x5, 0x7, 0x4, 0x7, 0x800, 0xffffffff, 0x81, 0x6, 0xd], [0x25, 0x8000, 0x1, 0x9, 0x3, 0xb, 0x7, 0x10000, 0x5, 0xe47f, 0x117, 0x4, 0x3, 0x3f47, 0x6, 0x8, 0x3, 0x1, 0x0, 0x601f, 0x2, 0x9, 0xd, 0x1, 0x9, 0xff, 0x6, 0x10001, 0x5, 0x2, 0x1000, 0xc, 0x4, 0xd8, 0x2, 0x8, 0x9, 0x2, 0x7fffffff, 0x9, 0x40, 0x0, 0x4, 0x7fff, 0x7, 0x1, 0x3, 0x9, 0x0, 0x8, 0x3, 0x7, 0x1a00000, 0xe72, 0x5, 0x2, 0x1, 0x4, 0xc000000, 0x7fffffff, 0x40, 0x3, 0x2, 0x6]}, 0x45c)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r9, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000c40)={0x8, {"69ef7ca846fa201622ad9c8595380f54d6f3ee1a487c85f0ba5f82483e4a0f3d5a43d86217176e8e7794b233a8c5439c6df70cb48c537282d4cb98e3c35d572e7732abd4612b6ca622c66a8bc8378f8471deb059c6268263588fed8740df7c3f8f6160178988861a460a734448c19c2f58a199693f5e9b85e4d39601acc9d74b8d5015a96d9a997e23667e9d45b4902251ab41dabb186e19690f84419e85d365a404945e8ecb06f89187e2b776dfe50dcd6511d7617b678c3a66304880c6b1c43e7e20ccf4a01c401bf2e6bfdeeb31304c0f9f3318978fe6dcfbc3e8b64dd58dc2bb33da54b731ff091b2edabc32035469150b7e67aa02c0a84fe19b752e2724de941e229b451e01584b417dfe3f38f26fa8af0658c0d2cce4ea56e3f990e6c68fae2c0497aca58178be5e73de2a0481606343142c3192ca34359be6a2f44f7fef7f5b755e89592a9f7a0e722f25901274a1a6d7e82edf9957585c7c310d7fd245dbe043c51ff9ac81ee39d92f09af4b95b393f7735e1bf6298ce197ba14609cc66c3fd242d16a6d6715254c099f3002293c5a22f2e44b210f242b13c29732654c0ecfac0c1286bcb6e6cad2fc461990c6fd362a9827f80f5ff3d7bb4c8fe608b1a07d9e0f9a1aa5869866d7d29da0873edf1314d26340051eac60e41ede1520e894418655d74fcbe07142460bb3c3f302a5ebb9d4ad45a4294b998110f9719029f97c0ab07c07c288ebc61fded772548b61265528f89cf6ec2c2b65fd8bdbbceeb47fce3498426af151e92f9c91813894df9bac3af6064b8e1d48a896c227e23a62e9f21aaeb4ee461e12d01a6724b3e4c550e4a1e3bc2b98b4bff4c728e3fa02f14aecd209440246f3ddf1b5416255c533f628c04b10b30b043778233e470a8f6e16aa0fe2ed938bdcbf8a5cfdb1cd94d321cb25b5543e3900f9e8a960cea835d410bb4d5f8a6de87ab0f34b521ba443fc6795d28f76df4ca36d0bb27986a8f12715c0b21f413f19d337207de8bf3fa94b09bdfdab1fff781c9a13a0a9e82dd7548880ae6ce2646b9c4aa598af0067cb296efd9ec3f1b9da64b2e0cbde1967f796037984daa6d72b0c021060f5063ff63bd1de8617094128b93346e58f9cb1d2ac2e1af64538b7e8d3ec09502fbb28cc8ee79865c37f1f65b53aa07d721e44f3c7baf0646cf61066bcf704da9a1691f745e1519d1d6f5c3e28ba87fe428c034802e8ec2ac0e51577d931bd34001b53a2b2f7a2ada5d529ec9cd7d6829c07f104f2388ed465cd88716a7716a227bfa76dd28243dca1ac21c826c2627eac7da14def4880557fe0f3b94872290e3a734349dbacf8e92df8e1c544f7e101ca24608024402db4cb3cf8ce857d9d1561c51c5c851e891fce166bcbfb6af134de8485ace91d4c8e671887159d69a3b2d1ab116a32767b64f98ef28896b00c3ccb144d759ad57b102580a79fa437af27e56edf652ec09ba07cea06ca03c74e9f47fdb7e073dae178a0bc90da8f9105e38617da90e5c0017e374a566448b70be7664fa3bc0e143d70b58e5f90a8fc4553406620e9df818e9ea9111f5bff3d08fd4c2b408a745091cda4dff7480447985f719617646e5811e4c6b6d242a23e2f4810bc090722802b3bef0fc77bd6cb746703d49bd19f9f7384dbb05ba5b9120ed8ca09fa0a57c49df19190f240dbf6dccaa26061679ed4e96312ab79a8783c3a52f134753493c87e012e2f3ed5a336ac226320ea94764d0078c47e47fc05fea0db5c6b548a72302e6b0c61a1478a85c7efe6ab1859cdb44302e2a651870e851204817ae0e67aedc3daef67766c398afb5e586f584add30a70a8604cc4b0db0e928ad8d60067aee73bbe2bb04d9022345375f87a703ea30d78c989f34ad74a231aeccb3ef2e19666f6d609bb5f3afee4fbae8cd1bcd2b0bb300616e69c44388c8236ca85eb7ed59056945813d2c5d109efd048c217b5b52d6a9d7e608b17b4b2d28fb2268c392894f561d7e9fa52eab8f5e04388997efbbe5efbb0f747cb67648e68648c7638b8f04e07aeb17189dbeeca8ee5b0140eba862ba60edce1bfa63f51f56a6a8644f8afeaa49272253da36703a6d45d7272b367523d6581cdbac7ab8482a5524ddcd052265454df0b2741ba1c89b04d9270cb50ccf172e2ac70aed04746c88f908a14d0ac2e3d66099fa38944c77c4c3bb9372d6f1d2d02dbb631a8bc583b8ef7c8a0be473467ed252c8aac54aedc9eae625040d42d14e86ff43f45823bbe533902037bf3fa51fb5d21618550359de1d21a494cb68fb52244ca3bb2b1acf3543b6a2a61bd980090d0dfbf2afad924c0e8c7889f982534b4b40f4acafe5fbbc6c95553cca776667c09742812fb33fd6b34e84930786a074e3e75c3a93f5aea8f597ac2c2b9a7d1a9f1d79fbca894ca731a7e41a2eadf29a471656a5bc39d32fe676917d7606995836d36293c366b56e0a16bd616fc5601b6ac491097f81f7774df9a7577265329ed3f2a720e1bc1dc526c47d408afe16a1f3aac482f36bd2950e30eca9a79d600a6f06bee7b8a7d4ceef98dd8bb11c6d5c7ed9d6358b8680edf857831174042111a5d0f10f3defe66e4c66c98b84a9f28e7bd850698522b642535c16536f1aa4739611850be33ecfd43e00456339a2e6f7a7c458281dd77d3ac4980e686fbacf72bf5dd79f1a838a277f20e64ab0a2dd4d541abee51b5d3bf353897bec44dc3e58244e6339e30f6da3bf56c62dc963179b14353a7430fb672e04ccb5f3016821566792d6acf57bc2c97520a3602d8d09e7dfe3a5411f3732aa5e1e00ea83732f2fc6a526f4a3c0c5f5ab41c868274deca10ab21e8fbbbf881e319d9f0cb78d4400c0996f216884b9810f3cb58d472d74a71a8969f0076804e528b254812104ea2db99069b12be2c6d4d6fad84e64088b2f266a69b4060e4d7c323f23db35fb4490af5810476ff9cb5715248ef9354b5c3ded514aaa5867440b4c1a6cecf1c9f7e240eff3f13120269069601223238748cf3ba0ff897f50c7c8dddf4e50251c794690a2fcec74959b41f5570be559428bfd2d227863659e3b7aa30a2bcbbef720b09f1dc48330082625d9798d882e162bc5576842bc5c9ff4a034df8e866d6e83cc6d2a4d907889d98550a861805bfdbb45a30b4e01c7c4b1057f18c6be39ae9616f4dbd555eeb1844137d7a7fa6cd7be7b70ba51d6da9f7d328a007e93df8db4ad394c334e42fb953b6cb630a792580227e81dd30316172dae18bc69e028c54813c49485337a540f368c0dcc822f139f3144103625eaff11ac4a67784e54fe61c20388fd2d1abb7c5893f0a092a19616ae54416290c867701851bd7c005e68e9303094722c66752c6bcfc95af6ea076bea8d0571e65c03b635c05509bac18491b7d5f987b730531eb661ba6a006c9379f72067d78872f582949979697fea7a5330cd1f32b5524b0c88e16d96b074b0869c88ef864aa5e64b7a82f0ccfca3d289c1d6dd7325fb2b7332a17a42c72853652a90c5536b67f6c49e1d5f11d13b2b6f7aa27aaa688451eb31266663776017fbeb31b2c0f0b32aa5d8cab2c4ecd6aa2fe2c9d4f335e547423c88502e47f6f628c8e274c16349aa2a9a0821a9320fb3af6ababecac87ed9e0a3cebb1c976d31ac27f66ad5a46bacff6e548cf750f55e4366d66b04dae6b0f4bcee12cf9f9b419f6b742118b9eca3d9aef532fc5820e596d747c462cb1482e88055064ac32dd20f04ba998479946b5a551d234a7cfbd434257bf6b69dc923d78d3098a36ec34db3b8213fad8ec67ed051f684969ffbb123285030af47813e4d98b927729fcb47b8408218c98a1d965658a24d59877a6b93c78b7be0b76bcc76b4da9513f083eba1c461d666f376c2f45111efca68e4a19af6cd8db1c8000337b9f628446a13c6289d9c1add0f07bfcb8f3c5231216e81c79a09f636f0f9d94f7e51573bf202026f864b0b9050d4d9e7771c16d69bb679c395f3300539ed222f7a426aa2052fcaf9527508bf918d30df60bb957a56450448a102ccc0c456efee3646fc866427b4d9b3202841df7963e27ebd6da6af2c50eed9b8a76f5bb481df466526da8eb1220d7ef51bc779e24130013cbfe7738875e5d4983fccfecda3a1e663eaa67a909a057935b21ca19cdad021f5a8e7f86c240fb6401f6cc84a43d6634197173735125f7869b3c077aef2569f553527d007b478e8d5f44430ff4a012622fd43438ee55621cdfd623dbb2202370ae44fd47415a377bde98d97479478550b7cf037fc5d99bb5ea51524bd8298d1335fa82fe566f7f6bcced0305b1348adfcd202a5d2f51d508a8f40dcd74454d26e1e54dec58bc34663bf318b7b480c89f15fdeffef1ba4545a469b6d2fb1c14cd9543bdd319e449bcd207144e2786105c61f0cdb6d41f07953c3bc73eefbc7b8e90ae85d0f5696a387145d2727bca06acfebb59da65419d14e790ab905de1be7680e58e942608cc73cbfe44652c3e4ffbc595655a5359ddc3f6ee437abcc12f6735b3a9cd8d300dbe43a8c02519097bf34c44883390c9083d859d8596b24f2cb963eef371dcceaa73ccc7ed5fa9772aba6a0f955a217b83281596ed99c5a9f1f496d793e18c30ad117839a2b6192af33d0ad52132228cdc5b66b77531518e66ed9a11cebe82086eaeb0dec96620b1a51f9a6fe73769ea7790f8659edc7b16ceafa565a7c1165bda9cc6b47aca94ef92e67820ed8ca674f241ccab2a74d6f991e78bbc8c3a0891272e10c0f9b70676bb7751ebf4ea3593ce1b6ab307804ae079e58f7417b5d35dcf96f8ab3b64d3e79181024fcea5f7fdce1ae186432010e33bc81a6876b1669e90c0253b2f8dc34595e520a1388b43bb301d0fc5071763123a09437b09c5aedd6a0a9ff323a27990358f3f9bf6150b286210326190666330f542cdb7374d328e5482a48b48ddb4a6a57f270cda1592a4adfc2034560172a98af6b8d1382ca88ec51724e583b7d3e400309f0e70ad91d3c40833425360631b4a4dcb7a6bf3731de0ee52333c196ec7b2705f1d852fe4898ef9dac849b89b9aa708720760627ee867c6e53b75937c8d78fe83e9ae86267878aa62fa802cfab850313b75783ee6ede0d0daa62fa3cc6c5a59a69f2c4213a447017f730cd1e09389e171d4da4b59a50f8b087db8b8c4c5b04705a9d13707b866688b0668afba111e8376502c27522c640a0e0a3e07b0d98251b60a57687bbbd44539dc0e1a99d8133b38de74426f9d78122414033e9d837eac0a0121edd4a662a6366732135ee52ec62db57cfb7e7550e35614e40c3069edf40e17819c8ecfa33c13501ba6bf732d2654b5a0f02e6f1879ea64a9723fc2a5509c1e3b8b768652bbf568603088f35b35e448cc0ddd9f9217a103777c79df0e969243ae0cbc7b4b768be7c9ee689b81265f528f51ee8efd5bc1c827f33fb6550108075191de02108d6dc2d54b3d7e821fc627db2ac6d399e0d415a09957fdf55b166ca79abbc33957885fe781222359f46b755dae5a724307d038e93d8395a31441691c4435d145f7f0a75a23df837565acad7af792d2452d1d05d0fd8f4d0796b463dcc29c547e20b5387f14f152b11e0e3244600992d9f51623931481554f65172dc8b9e62db8e2d52ba44e1f1768fe2011b7053b943d6b4171cc060af0763105fc6b64e94c904269a934f4ff7c32085c84d8e83b2f8fc86732dddefc55584dd79d30e4bb6e8c183ef18c0c9479dbf8db95d3da58d080e2bf291ad9d0be828ad1da5dd7364fafd4794169daad6f21dc4", 0x1000}}, 0x1006)
close_range(r1, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="e7cc2b6cfed20ac8", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
r12 = socket(0x10, 0x3, 0x0)
sendto$inet6(r12, &(0x7f0000000280)="7800000018002507b9409b14ffff00000214ae04020206050a02040c430009003f000405100000000d0085a168d0bf46d389516a9069921a4b0005000a00000049935a", 0x43, 0x0, 0x0, 0x0)
r13 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r13, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x8100, 0x30, 0x30, 0x0, @in6={0x1b, 0x4000, 0x0, @empty, 0xbff}, @ib={0x1b, 0xd9, 0xfff, {"4a50abf0c8ed50f638facd57de629163"}, 0x8000000000000001, 0x8, 0x3}}}, 0x118)
bind$inet6(r11, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)

17.961551661s ago: executing program 34 (id=1550):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x4, &(0x7f0000000200)={'trans=virtio,', {[{@cache_loose}]}})
chdir(&(0x7f0000000280)='./file0\x00')
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x181)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x38, r6, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r7}}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x38}}, 0x20000000)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="bbd5c3bd5e72561108f8e4d689bab6285ff0a572ef5bf81e0c73729d58b352a216f19a63268452cad26ac19f62248ef2dfc26bb49f892328eb7ec715fdf1f08eba829fa3edd23993e5ea57d2e335c161ddfe1a773f6ea7e5d661a20cdc8632d8", @ANYRES16=r4, @ANYBLOB="010027bd7000fcdbdf25020000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x24040090}, 0xc0)
r8 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
write$uinput_user_dev(r8, &(0x7f00000007c0)={'syz0\x00', {0x7, 0x0, 0xfffb, 0x8001}, 0x3d, [0x3, 0x0, 0x1, 0x6, 0x2, 0x8000000, 0x2, 0x7, 0xffffffff, 0x4, 0x7, 0xc, 0x23cf, 0x1, 0x7, 0x0, 0x306, 0x0, 0xffffffff, 0x9, 0x2, 0x6, 0x1, 0x0, 0x6, 0x7, 0x1, 0x0, 0x2, 0xffff, 0xc, 0x6, 0x10001, 0x2, 0x1000000, 0x1, 0x7, 0x8, 0x7, 0x6, 0x660, 0x3, 0xc643ecb1, 0x8, 0x5, 0x3ff, 0x8a1, 0x401, 0x7, 0x6d, 0x5, 0xc, 0x6, 0x249a, 0x6, 0x5a30, 0xe788, 0x8001, 0x4, 0x9, 0xab, 0x7, 0x4, 0x6], [0x200, 0x139, 0x6, 0x271, 0x2, 0x9a9, 0x3, 0x4, 0x40000005, 0x5, 0x9, 0x10000, 0x10001, 0x8, 0x3ff, 0x0, 0xfff, 0x8, 0x7, 0x100, 0xc, 0x75b1, 0x0, 0x9d, 0x6, 0xb, 0x1, 0x1, 0x16f4, 0x2, 0x400, 0x5, 0x9, 0x953b, 0x8, 0x9, 0x8, 0x1, 0xec2, 0xbd, 0x9, 0xc, 0x6596, 0x8, 0x4, 0x7f, 0xb, 0x98c0, 0x3, 0x9, 0x7, 0x2, 0xf78, 0x9, 0x35ce0cb3, 0x0, 0x8, 0x8, 0x5b0, 0x18b, 0x10, 0x9, 0x3, 0xb], [0x222d, 0xa, 0x2, 0x3, 0x6f083aad, 0x5, 0x0, 0x1, 0xfffffffd, 0x0, 0x7d, 0x8000000, 0x1, 0x1, 0x2, 0x7ff, 0x3, 0x9, 0x1e, 0x3162, 0x800, 0x101, 0x100, 0x0, 0x6, 0x2c, 0x7, 0xfffffff8, 0xffffffff, 0x80000000, 0x3, 0x6, 0x7, 0x0, 0x4e, 0x575b089f, 0xbc3e, 0xfffffffa, 0xfffffff7, 0x9bd6, 0x1, 0x0, 0x9, 0x6, 0x7, 0x7, 0x0, 0x3, 0x401, 0xa55, 0x6, 0x3, 0x0, 0xfff, 0x40000000, 0x5, 0x7, 0x4, 0x7, 0x800, 0xffffffff, 0x81, 0x6, 0xd], [0x25, 0x8000, 0x1, 0x9, 0x3, 0xb, 0x7, 0x10000, 0x5, 0xe47f, 0x117, 0x4, 0x3, 0x3f47, 0x6, 0x8, 0x3, 0x1, 0x0, 0x601f, 0x2, 0x9, 0xd, 0x1, 0x9, 0xff, 0x6, 0x10001, 0x5, 0x2, 0x1000, 0xc, 0x4, 0xd8, 0x2, 0x8, 0x9, 0x2, 0x7fffffff, 0x9, 0x40, 0x0, 0x4, 0x7fff, 0x7, 0x1, 0x3, 0x9, 0x0, 0x8, 0x3, 0x7, 0x1a00000, 0xe72, 0x5, 0x2, 0x1, 0x4, 0xc000000, 0x7fffffff, 0x40, 0x3, 0x2, 0x6]}, 0x45c)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r9, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000c40)={0x8, {"69ef7ca846fa201622ad9c8595380f54d6f3ee1a487c85f0ba5f82483e4a0f3d5a43d86217176e8e7794b233a8c5439c6df70cb48c537282d4cb98e3c35d572e7732abd4612b6ca622c66a8bc8378f8471deb059c6268263588fed8740df7c3f8f6160178988861a460a734448c19c2f58a199693f5e9b85e4d39601acc9d74b8d5015a96d9a997e23667e9d45b4902251ab41dabb186e19690f84419e85d365a404945e8ecb06f89187e2b776dfe50dcd6511d7617b678c3a66304880c6b1c43e7e20ccf4a01c401bf2e6bfdeeb31304c0f9f3318978fe6dcfbc3e8b64dd58dc2bb33da54b731ff091b2edabc32035469150b7e67aa02c0a84fe19b752e2724de941e229b451e01584b417dfe3f38f26fa8af0658c0d2cce4ea56e3f990e6c68fae2c0497aca58178be5e73de2a0481606343142c3192ca34359be6a2f44f7fef7f5b755e89592a9f7a0e722f25901274a1a6d7e82edf9957585c7c310d7fd245dbe043c51ff9ac81ee39d92f09af4b95b393f7735e1bf6298ce197ba14609cc66c3fd242d16a6d6715254c099f3002293c5a22f2e44b210f242b13c29732654c0ecfac0c1286bcb6e6cad2fc461990c6fd362a9827f80f5ff3d7bb4c8fe608b1a07d9e0f9a1aa5869866d7d29da0873edf1314d26340051eac60e41ede1520e894418655d74fcbe07142460bb3c3f302a5ebb9d4ad45a4294b998110f9719029f97c0ab07c07c288ebc61fded772548b61265528f89cf6ec2c2b65fd8bdbbceeb47fce3498426af151e92f9c91813894df9bac3af6064b8e1d48a896c227e23a62e9f21aaeb4ee461e12d01a6724b3e4c550e4a1e3bc2b98b4bff4c728e3fa02f14aecd209440246f3ddf1b5416255c533f628c04b10b30b043778233e470a8f6e16aa0fe2ed938bdcbf8a5cfdb1cd94d321cb25b5543e3900f9e8a960cea835d410bb4d5f8a6de87ab0f34b521ba443fc6795d28f76df4ca36d0bb27986a8f12715c0b21f413f19d337207de8bf3fa94b09bdfdab1fff781c9a13a0a9e82dd7548880ae6ce2646b9c4aa598af0067cb296efd9ec3f1b9da64b2e0cbde1967f796037984daa6d72b0c021060f5063ff63bd1de8617094128b93346e58f9cb1d2ac2e1af64538b7e8d3ec09502fbb28cc8ee79865c37f1f65b53aa07d721e44f3c7baf0646cf61066bcf704da9a1691f745e1519d1d6f5c3e28ba87fe428c034802e8ec2ac0e51577d931bd34001b53a2b2f7a2ada5d529ec9cd7d6829c07f104f2388ed465cd88716a7716a227bfa76dd28243dca1ac21c826c2627eac7da14def4880557fe0f3b94872290e3a734349dbacf8e92df8e1c544f7e101ca24608024402db4cb3cf8ce857d9d1561c51c5c851e891fce166bcbfb6af134de8485ace91d4c8e671887159d69a3b2d1ab116a32767b64f98ef28896b00c3ccb144d759ad57b102580a79fa437af27e56edf652ec09ba07cea06ca03c74e9f47fdb7e073dae178a0bc90da8f9105e38617da90e5c0017e374a566448b70be7664fa3bc0e143d70b58e5f90a8fc4553406620e9df818e9ea9111f5bff3d08fd4c2b408a745091cda4dff7480447985f719617646e5811e4c6b6d242a23e2f4810bc090722802b3bef0fc77bd6cb746703d49bd19f9f7384dbb05ba5b9120ed8ca09fa0a57c49df19190f240dbf6dccaa26061679ed4e96312ab79a8783c3a52f134753493c87e012e2f3ed5a336ac226320ea94764d0078c47e47fc05fea0db5c6b548a72302e6b0c61a1478a85c7efe6ab1859cdb44302e2a651870e851204817ae0e67aedc3daef67766c398afb5e586f584add30a70a8604cc4b0db0e928ad8d60067aee73bbe2bb04d9022345375f87a703ea30d78c989f34ad74a231aeccb3ef2e19666f6d609bb5f3afee4fbae8cd1bcd2b0bb300616e69c44388c8236ca85eb7ed59056945813d2c5d109efd048c217b5b52d6a9d7e608b17b4b2d28fb2268c392894f561d7e9fa52eab8f5e04388997efbbe5efbb0f747cb67648e68648c7638b8f04e07aeb17189dbeeca8ee5b0140eba862ba60edce1bfa63f51f56a6a8644f8afeaa49272253da36703a6d45d7272b367523d6581cdbac7ab8482a5524ddcd052265454df0b2741ba1c89b04d9270cb50ccf172e2ac70aed04746c88f908a14d0ac2e3d66099fa38944c77c4c3bb9372d6f1d2d02dbb631a8bc583b8ef7c8a0be473467ed252c8aac54aedc9eae625040d42d14e86ff43f45823bbe533902037bf3fa51fb5d21618550359de1d21a494cb68fb52244ca3bb2b1acf3543b6a2a61bd980090d0dfbf2afad924c0e8c7889f982534b4b40f4acafe5fbbc6c95553cca776667c09742812fb33fd6b34e84930786a074e3e75c3a93f5aea8f597ac2c2b9a7d1a9f1d79fbca894ca731a7e41a2eadf29a471656a5bc39d32fe676917d7606995836d36293c366b56e0a16bd616fc5601b6ac491097f81f7774df9a7577265329ed3f2a720e1bc1dc526c47d408afe16a1f3aac482f36bd2950e30eca9a79d600a6f06bee7b8a7d4ceef98dd8bb11c6d5c7ed9d6358b8680edf857831174042111a5d0f10f3defe66e4c66c98b84a9f28e7bd850698522b642535c16536f1aa4739611850be33ecfd43e00456339a2e6f7a7c458281dd77d3ac4980e686fbacf72bf5dd79f1a838a277f20e64ab0a2dd4d541abee51b5d3bf353897bec44dc3e58244e6339e30f6da3bf56c62dc963179b14353a7430fb672e04ccb5f3016821566792d6acf57bc2c97520a3602d8d09e7dfe3a5411f3732aa5e1e00ea83732f2fc6a526f4a3c0c5f5ab41c868274deca10ab21e8fbbbf881e319d9f0cb78d4400c0996f216884b9810f3cb58d472d74a71a8969f0076804e528b254812104ea2db99069b12be2c6d4d6fad84e64088b2f266a69b4060e4d7c323f23db35fb4490af5810476ff9cb5715248ef9354b5c3ded514aaa5867440b4c1a6cecf1c9f7e240eff3f13120269069601223238748cf3ba0ff897f50c7c8dddf4e50251c794690a2fcec74959b41f5570be559428bfd2d227863659e3b7aa30a2bcbbef720b09f1dc48330082625d9798d882e162bc5576842bc5c9ff4a034df8e866d6e83cc6d2a4d907889d98550a861805bfdbb45a30b4e01c7c4b1057f18c6be39ae9616f4dbd555eeb1844137d7a7fa6cd7be7b70ba51d6da9f7d328a007e93df8db4ad394c334e42fb953b6cb630a792580227e81dd30316172dae18bc69e028c54813c49485337a540f368c0dcc822f139f3144103625eaff11ac4a67784e54fe61c20388fd2d1abb7c5893f0a092a19616ae54416290c867701851bd7c005e68e9303094722c66752c6bcfc95af6ea076bea8d0571e65c03b635c05509bac18491b7d5f987b730531eb661ba6a006c9379f72067d78872f582949979697fea7a5330cd1f32b5524b0c88e16d96b074b0869c88ef864aa5e64b7a82f0ccfca3d289c1d6dd7325fb2b7332a17a42c72853652a90c5536b67f6c49e1d5f11d13b2b6f7aa27aaa688451eb31266663776017fbeb31b2c0f0b32aa5d8cab2c4ecd6aa2fe2c9d4f335e547423c88502e47f6f628c8e274c16349aa2a9a0821a9320fb3af6ababecac87ed9e0a3cebb1c976d31ac27f66ad5a46bacff6e548cf750f55e4366d66b04dae6b0f4bcee12cf9f9b419f6b742118b9eca3d9aef532fc5820e596d747c462cb1482e88055064ac32dd20f04ba998479946b5a551d234a7cfbd434257bf6b69dc923d78d3098a36ec34db3b8213fad8ec67ed051f684969ffbb123285030af47813e4d98b927729fcb47b8408218c98a1d965658a24d59877a6b93c78b7be0b76bcc76b4da9513f083eba1c461d666f376c2f45111efca68e4a19af6cd8db1c8000337b9f628446a13c6289d9c1add0f07bfcb8f3c5231216e81c79a09f636f0f9d94f7e51573bf202026f864b0b9050d4d9e7771c16d69bb679c395f3300539ed222f7a426aa2052fcaf9527508bf918d30df60bb957a56450448a102ccc0c456efee3646fc866427b4d9b3202841df7963e27ebd6da6af2c50eed9b8a76f5bb481df466526da8eb1220d7ef51bc779e24130013cbfe7738875e5d4983fccfecda3a1e663eaa67a909a057935b21ca19cdad021f5a8e7f86c240fb6401f6cc84a43d6634197173735125f7869b3c077aef2569f553527d007b478e8d5f44430ff4a012622fd43438ee55621cdfd623dbb2202370ae44fd47415a377bde98d97479478550b7cf037fc5d99bb5ea51524bd8298d1335fa82fe566f7f6bcced0305b1348adfcd202a5d2f51d508a8f40dcd74454d26e1e54dec58bc34663bf318b7b480c89f15fdeffef1ba4545a469b6d2fb1c14cd9543bdd319e449bcd207144e2786105c61f0cdb6d41f07953c3bc73eefbc7b8e90ae85d0f5696a387145d2727bca06acfebb59da65419d14e790ab905de1be7680e58e942608cc73cbfe44652c3e4ffbc595655a5359ddc3f6ee437abcc12f6735b3a9cd8d300dbe43a8c02519097bf34c44883390c9083d859d8596b24f2cb963eef371dcceaa73ccc7ed5fa9772aba6a0f955a217b83281596ed99c5a9f1f496d793e18c30ad117839a2b6192af33d0ad52132228cdc5b66b77531518e66ed9a11cebe82086eaeb0dec96620b1a51f9a6fe73769ea7790f8659edc7b16ceafa565a7c1165bda9cc6b47aca94ef92e67820ed8ca674f241ccab2a74d6f991e78bbc8c3a0891272e10c0f9b70676bb7751ebf4ea3593ce1b6ab307804ae079e58f7417b5d35dcf96f8ab3b64d3e79181024fcea5f7fdce1ae186432010e33bc81a6876b1669e90c0253b2f8dc34595e520a1388b43bb301d0fc5071763123a09437b09c5aedd6a0a9ff323a27990358f3f9bf6150b286210326190666330f542cdb7374d328e5482a48b48ddb4a6a57f270cda1592a4adfc2034560172a98af6b8d1382ca88ec51724e583b7d3e400309f0e70ad91d3c40833425360631b4a4dcb7a6bf3731de0ee52333c196ec7b2705f1d852fe4898ef9dac849b89b9aa708720760627ee867c6e53b75937c8d78fe83e9ae86267878aa62fa802cfab850313b75783ee6ede0d0daa62fa3cc6c5a59a69f2c4213a447017f730cd1e09389e171d4da4b59a50f8b087db8b8c4c5b04705a9d13707b866688b0668afba111e8376502c27522c640a0e0a3e07b0d98251b60a57687bbbd44539dc0e1a99d8133b38de74426f9d78122414033e9d837eac0a0121edd4a662a6366732135ee52ec62db57cfb7e7550e35614e40c3069edf40e17819c8ecfa33c13501ba6bf732d2654b5a0f02e6f1879ea64a9723fc2a5509c1e3b8b768652bbf568603088f35b35e448cc0ddd9f9217a103777c79df0e969243ae0cbc7b4b768be7c9ee689b81265f528f51ee8efd5bc1c827f33fb6550108075191de02108d6dc2d54b3d7e821fc627db2ac6d399e0d415a09957fdf55b166ca79abbc33957885fe781222359f46b755dae5a724307d038e93d8395a31441691c4435d145f7f0a75a23df837565acad7af792d2452d1d05d0fd8f4d0796b463dcc29c547e20b5387f14f152b11e0e3244600992d9f51623931481554f65172dc8b9e62db8e2d52ba44e1f1768fe2011b7053b943d6b4171cc060af0763105fc6b64e94c904269a934f4ff7c32085c84d8e83b2f8fc86732dddefc55584dd79d30e4bb6e8c183ef18c0c9479dbf8db95d3da58d080e2bf291ad9d0be828ad1da5dd7364fafd4794169daad6f21dc4", 0x1000}}, 0x1006)
close_range(r1, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="e7cc2b6cfed20ac8", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
r12 = socket(0x10, 0x3, 0x0)
sendto$inet6(r12, &(0x7f0000000280)="7800000018002507b9409b14ffff00000214ae04020206050a02040c430009003f000405100000000d0085a168d0bf46d389516a9069921a4b0005000a00000049935a", 0x43, 0x0, 0x0, 0x0)
r13 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r13, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x8100, 0x30, 0x30, 0x0, @in6={0x1b, 0x4000, 0x0, @empty, 0xbff}, @ib={0x1b, 0xd9, 0xfff, {"4a50abf0c8ed50f638facd57de629163"}, 0x8000000000000001, 0x8, 0x3}}}, 0x118)
bind$inet6(r11, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)

6.780227583s ago: executing program 6 (id=1710):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x80) (async)
mprotect(&(0x7f0000024000/0x3000)=nil, 0x3000, 0x2) (async)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="100000000300010002000000f6dbe7df"], 0x10}], 0x1, 0x0, 0x0, 0x80c0}, 0x20004090) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000140)="b882008ee8f3cf66b80500000066b9f1000000a00f01c1c1c7ba8c9eba610066ed0f01f766b80500000066b90b0000000f01c1ba6100eddfdfbaa10066b80098000066ef", 0x39}], 0x1, 0x5c, 0x0, 0x0)
r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
write$binfmt_register(r4, &(0x7f0000000240)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x1, 0x3a, 'y\\(:,', 0x3a, '/dev/kvm\x00', 0x3a, './file0', 0x3a, [0x43, 0x46, 0x50, 0x46, 0x4f]}, 0x3a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6.66134788s ago: executing program 6 (id=1712):
r0 = syz_clone(0x10000011, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_mrelease(r1, 0x0) (async, rerun: 64)
r2 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r1, @ANYRES32=r0, @ANYRES16=r1, @ANYBLOB="feb6357effaf80e249f9382b2e93e4a23654a00fa258949b4d56ce8656464a7e36a4c05d4f1a6d2217997c427b66cc299c5fbab39ad0d5f98e7173b9cc705e2e5ad17f0e35c70e", @ANYBLOB="b43bf6c79924e0c2fb3e11b4b836b42fb49a3f88dc45023383e3ed7990ad2b766e6ecbeb2d56", @ANYRES16=r1, @ANYBLOB="cf86237b2097a77995375adf5a3d07fa26f1519cad3ccf63903bdaf7350c5fb2b01669f23d2354c845cd13579f0a2ee3a733"], 0x0) (rerun: 64)
syz_usb_control_io(r2, 0x0, 0x0) (async, rerun: 32)
syz_usb_disconnect(0xffffffffffffffff) (rerun: 32)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtclass={0x24, 0x28, 0x4, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9, 0x4}, {0x7, 0xb}, {0xb, 0xf}}}, 0x24}}, 0x80000) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x4c, 0x10, 0x401, 0x70bd26, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'nicvf0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) (async, rerun: 32)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x14, 0x0, 0x0, @remote}}}}}, 0x0) (rerun: 32)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=0']) (async)
poll(&(0x7f0000000240)=[{r3, 0x10}], 0x1, 0x1) (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/resume_offset', 0xa0042, 0x0)
write$tcp_mem(r6, &(0x7f0000000280)={0x7, 0x2d, 0xffffffffffffffff, 0x3a, 0x0, 0x2c}, 0x48) (async, rerun: 64)
r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) (async, rerun: 64)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000400)={@cgroup, 0x4, 0x1, 0x3ff, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f00000001c0)=[0x0], &(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0}, 0x40) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000500)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, &(0x7f0000000540)=[0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x4b, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x15, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10) (rerun: 64)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={@fallback=r3, r6, 0x1c, 0x31, r7, @void, @void, @void, @value=r9, r8}, 0x20)

3.630780096s ago: executing program 6 (id=1767):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x3)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0xf000, 0x8000000, 0x2, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x7c, 0x3000, 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000003c0)={0xb03, 0x3000, 0x0, r2, 0x4})
dup(r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c8}, 0x20000000)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f0000000040)=0x6, 0x8)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r5, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r7, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f00000001c0)={<r8=>0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000400)={r8, @in6={{0xa, 0x4e21, 0x4, @empty, 0x9}}, 0x4, 0x4, 0x624e, 0xa, 0x55, 0x7f}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f00000000c0)={r8, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f00000000c0)="b882008ee8f3cf66b80500000066b9f10000000f01c10fc7ba8c9eba610066ed0f01f766b80500000066b90b0000000f01c1ba6100eddfdfbaa10066b80098000066ef", 0x43}], 0x1, 0x5c, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11ff0)
ioctl$TIOCGPGRP(r10, 0x540f, &(0x7f0000000200)=<r11=>0x0)
ioctl$BLKTRACESETUP(r10, 0xc0481273, &(0x7f0000000240)={'\x00', 0x8, 0x4, 0x80400, 0x2002, 0x7fc, r11})

3.499007844s ago: executing program 6 (id=1771):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x2})
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x27, 0x1, 0x0, "3a8e00000034b52ba75066c27891ca55e21f0000000000b2b678d200", 0x32344d59})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000080)={0x5, "9f3c3058d1fcbfa882c0dd1017c9bc5a94b455f073571aea7b7c3b7a38c1e4cf", 0x1})
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='A', 0x1, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000500)=@multiplanar_userptr={0x9, 0xa, 0x4, 0x400, 0x4, {}, {0x1, 0x8, 0x7, 0x82, 0x10, 0x0, "bc8feb13"}, 0x8, 0x2, {&(0x7f0000000440)=[{0x9001, 0x7fffffff, {0x0}, 0x1000}, {0x5, 0xdf9, {0x0}, 0xd90b}]}, 0x6})
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x2, 0x1, 0x0, 0x4})

3.431299298s ago: executing program 6 (id=1773):
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$sock(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@mark={{0x14, 0x1, 0x4f, 0x594}}], 0x18}, 0x2404c8d5)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2711, @hyper}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000040)={0x3, 0x980914, 0x3})
pselect6(0x40, &(0x7f0000000040)={0x3, 0x10000, 0x3, 0x7, 0x4, 0x7ff, 0xf, 0xe11d}, 0x0, &(0x7f00000001c0)={0x8, 0x0, 0x1, 0x100000001, 0x5, 0x100000000, 0x4, 0x262}, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x4498bda7e2139f51, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f0000000140)={0x4})
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x5, 0x13, 0x1, 0x0, 0x5f, 0x3, 0x0, 0xa6, 0x2, 0x5, 0x6}, {0xfffffff9, 0x4004, 0x0, 0x0, 0x0, 0xf6, 0x1, 0x8, 0x4, 0xff, 0x4, 0x0, 0x800000000000000}, {0xffffff01, 0x35, 0x0, 0x0, 0x4, 0x5, 0x7, 0xfe, 0x5, 0x2, 0x0, 0x4}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0xfffffffffffffffe, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x5, 0x7fff, 0x1000200004, 0x4, 0x2, 0x0, 0x1], 0x8080000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.418103481s ago: executing program 6 (id=1792):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x8031, 0xffffffffffffffff, 0x65364000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000400), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1)
socket$kcm(0x29, 0x4, 0x0)
close(0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x6a)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@default_permissions}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pread64(r1, &(0x7f00000029c0)=""/4096, 0x1000, 0xd36)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227000100000000090400fb015cc7aa00090509"], 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000180)=ANY=[@ANYBLOB="12011001000000086b1d010140000102030109025f0003010600060904000000010100000a24018700010201020904010000010200005af2c92a01010200000905010910000504000725010305020009040200000143000009040201010102000009058209df03fd00c607250103070300"], 0x0)
r2 = openat$ptp1(0xffffffffffffff9c, &(0x7f00000009c0), 0x101000, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r2, 0x3d13, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

1.661147142s ago: executing program 1 (id=1800):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x5c, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4ad}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000850}, 0x20040040)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x7d)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="36b1814ca70857d6ba7e5ea9d01c03b5903e3aeefc6a1209eeb4fff7019e8955f3e0be89b3d439ff57f289e5f1f29c41d4517cd84d652ef40f27731414da9d74e47257696db58de407dbf81a0c23cfdb2c7b470a75a4dadd3d5fe84b9bf60d670cb826baa08ab9a1b970180861b64b7b620015e95b1c8bd97c3987b47ec1888c89ffd8be0d797929c640e829ba346ec747cf1cf9a6000027cdc30e39cba209cc467a7e834bd7bdf2bc1f8e95a6ac9504ba567c10e36a7fd9c7c6e19d8a5bc5b42fb9711f50001b6290a06bc9691a0b9949f6cc5a3234f5aef0f541d028645510b70f15b6b35bad3407049d47b21e053b3e5cea9d77ca76d3496cfbea5da8e257efadc3693832b7a116a91206fdea08e95aecd32542248e1c8f07d60b70c48933d810e5b80617071f844debe6c46a04177a8947b0eeb939ea0f5bcd235e98e2412c67ba2db48078f1be5c0e3e5ebe6f76eca6c0142a99dd72e765ac8f5a517bfc7a225d903226f09534f17d9017a0546577dfeb283e8360e44b3117017c1cca3d46cd5a1974da41e5e4f8d309c353416dfaf0c42fe4654d1b1294b506027cfba8b91a6bb8f01f6590b8fd6530ee5710b22a0b65de8b06dad4c5f2d3d56b3b2b9c4395d9f6d4f39291d40ca91359a14822c07b6b6cc4a9c5b4cfd028aa", 0x1dc)

1.658000383s ago: executing program 1 (id=1802):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) (async)
chdir(&(0x7f0000000100)='./file0\x00') (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x3e, 0x107, 0x70bd25, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x17, 0x0, 0x1, [@nested={0x4, 0x1}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x404c0c0}, 0xc000) (async, rerun: 32)
recvfrom(r0, &(0x7f0000000200)=""/188, 0xbc, 0x40010101, &(0x7f0000000140)=@rc={0x1f, @any, 0x3}, 0x80) (async, rerun: 32)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) (async)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r1}, 0xc)

1.600937545s ago: executing program 1 (id=1803):
syz_80211_inject_frame(&(0x7f0000000180), 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)="fa", 0x1}], 0x1}}], 0x1, 0x24040890)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000140)=0xffff0000, 0x4)
pselect6(0x40, &(0x7f0000000240)={0x2, 0x0, 0x7, 0x3, 0x3, 0x0, 0x100, 0x5}, &(0x7f00000000c0)={0x1d, 0xfffffffffffffffe, 0x40, 0x7eff, 0x0, 0x1, 0x0, 0x8}, 0x0, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f00000000c0)={0x7})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000003700)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r5, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r5, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'gretap0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f00000004c0)="05", 0x1, 0x240458d1, &(0x7f0000000200)={0x11, 0x8100, r7, 0x1, 0x85, 0x6, @broadcast}, 0x14)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r10, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x4, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x800, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x70, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x3, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1000, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x8000, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0xffffffff, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0xe, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xd, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7ffb, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x61, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0x3, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x20002, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x6, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x20000000, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r11 = accept4(r2, 0x0, 0x0, 0x80800)
sendto$isdn(r11, &(0x7f0000000580)={0xd, 0xb4cefa6}, 0x8, 0x10, 0x0, 0x0)
r12 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), r1)
sendmsg$WG_CMD_GET_DEVICE(r11, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="10002cbd7000fcdbdf250000000014000200776731000100000000000000000000000800070002000000080007000800000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843"], 0x5c}, 0x1, 0x0, 0x0, 0x40}, 0x1)

1.5966315s ago: executing program 0 (id=1804):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3c}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f00000003c0)=0xc26080b)
write$binfmt_aout(r1, &(0x7f0000000280)=ANY=[], 0xfce1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}, [@ldst={0x6, 0x0, 0x2, 0x0, 0x2, 0xfffffffffffffffe}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

1.586151514s ago: executing program 0 (id=1805):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8000, 0x64}, [@IFLA_GROUP={0x8}, @IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}]}, 0x34}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000007996b9ac61108e010000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.471198411s ago: executing program 5 (id=1806):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f0016000800000000000000200006400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a6683f5aeb4edbb57a5025ccca9e00360db398262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3c93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x4000050)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r2, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f0000002ac0)={0x18, 0x1409, 0x1, 0x70bd2a, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x46004}, 0xc080)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000040)=0xbd, &(0x7f0000000180)=0x2)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0xfffffffc, 0xfffffffb, 0x101, 0xe65, 0x0, 0x20008004}})

1.47100158s ago: executing program 0 (id=1807):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x58}}, 0x0)

1.410697322s ago: executing program 5 (id=1808):
r0 = syz_open_dev$swradio(&(0x7f0000000940), 0x1, 0x2)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000007d40)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r1, <r3=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000480)='%pB    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r3}, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x11, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000000000000000020004008500000097000000b7080000000000007b8af8ff00000000b7080000ffffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="6c0000000001010400000000141a00000200000024010180140200e00000010c00028005000100000000002c00028014000180080001000000000008000200ac1e00010c000280050001000000000006000340f9000000080007400000000100"/108], 0x6c}}, 0x0)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9071, 0xffffffffffffffff, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0)
write$sndseq(r6, &(0x7f0000000100)=[{0x9, 0x37, 0x7, 0x9, @tick=0x5, {0x1, 0x8b}, {0x9}, @raw8={"c2ebca87a5fa93953e8ef923"}}], 0x1c)
setitimer(0x2, 0x0, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(r2, 0x80106720, &(0x7f0000000580)={0x1, &(0x7f0000000540)=[{0xc0000000, 0x52, &(0x7f00000004c0)="a000fbd6a94aa070fdcf949393a0b5561b4410a085c361f4cbbd0357ef530836f3506884ef270223d2fe416f26cf2de8dec1d34320da0b9f10788edbadfce99994b9f12ff19ce7bad561787829e9c136cd7a"}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$CDROMCLOSETRAY(r6, 0x5319)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000400)={<r9=>0xffffffffffffffff}, 0x80)
lseek(r9, 0x36c, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newtaction={0x98, 0x30, 0x1, 0x0, 0x0, {}, [{0x84, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0x763, 0x5, 0xc, 0x9}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x4}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a80)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000006700000008000300", @ANYRES32=r10, @ANYBLOB="0c00990000000000400000000800c300741300000800c40001"], 0x3c}}, 0x0)
r12 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x601, 0x0)
write$FUSE_NOTIFY_DELETE(r12, &(0x7f0000000240)=ANY=[@ANYBLOB="2d000000060000000000000000000000030000000000000006000000fbffffff040000000000000047504c0000"], 0x2d)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000a80)={0xb, @win={{0x38305543, 0x9, 0xfff, 0x2}, 0x1, 0x2, 0x0, 0x5, 0x0, 0x8f}})

1.339633574s ago: executing program 0 (id=1809):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="000000001f0000001a007f"])
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)
ioctl$CDROM_SEND_PACKET(r3, 0x5381, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

1.271110565s ago: executing program 0 (id=1810):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x2d, 0x1001, r0, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0) (async)
open$dir(&(0x7f0000000000)='./file0\x00', 0x6000, 0x3)

1.270740793s ago: executing program 0 (id=1811):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001440)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000003980)={0x0, @vsock={0x28, 0x0, 0xffffffff, @my=0x0}, @l2={0x1f, 0x6, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2}, @ethernet={0x306, @remote}, 0x7, 0x0, 0x0, 0x0, 0xb, 0x0, 0x9, 0xfff, 0xff})
r1 = syz_io_uring_complete(0x0)
connect$bt_rfcomm(r1, &(0x7f00000000c0)={0x1f, @none, 0x3}, 0xa)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0x22, &(0x7f00000056c0), 0x4)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
sendmmsg$inet(r5, &(0x7f00000028c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="ff55797091", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000005c0)="e6c177a7", 0x4}], 0x1}}], 0x2, 0x24008080)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="3800000003f001002abb7000fddbdf250900020073797a30000000000800430073697605140033006c6f8050564e7f70f38b9306dcf7488897e35e3ef5d960e4edc7e079a3d61ea11569400d11b9fb5ba27b7204975c961353bdf712d337e071e3856e3e46f12b306e9a1be9ec5de90cf03f5a0dbf6565aacd6d39eb46b25b1664a0c6cbce89ad5e6749d180b51f48f8ad50ae3f5c8716ca9c7dbabfcafc875ede3629b5b1c034c3a91e65e60225c2e167242aa5e8e4c2e52f219264a56e1c1f035ceeb9e45de78fc3f1789d68435a1e6779e9514e60f429928b23ae545d6ce14e4b"], 0x38}, 0x1, 0x0, 0x0, 0x40008c0}, 0x4400)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000140)="06ff03076844babeb89e14f00806", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
clock_gettime(0x0, &(0x7f0000000000))
r8 = syz_open_dev$radio(&(0x7f0000000240), 0x1, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r8, 0x402c5639, &(0x7f0000000080)={0x0, 0x1, 0x5})
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000080))

1.171078926s ago: executing program 5 (id=1812):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="01000000060000000410000010"], 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000080)={'c', ' *:* ', 'rwm\x00'}, 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newlink={0x34, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x50483}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x9005}, 0x0)
sendmmsg$inet(r4, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r3}, 0x10)
shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ff9000/0x3000)=nil)
shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ff9000/0x3000)=nil)
r7 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
shmat(r7, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
shmctl$IPC_RMID(r7, 0x0)
r8 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffb000/0x4000)=nil)
shmat(r8, &(0x7f0000ffd000/0x1000)=nil, 0x4000)

1.110962134s ago: executing program 5 (id=1813):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0) (async)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) (async)
listen(r1, 0x0) (async)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106) (async)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x20000, 0x4})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x2, &(0x7f0000000380)=[{0x2, 0xfd, 0x0, 0x7ffefffd}, {0xe, 0x5, 0x4, 0x2}]}) (async)
r4 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x6, &(0x7f0000000280)={0x3, 0x0, &(0x7f0000000200)=[r3, r0, r1, r1, r3]}, 0x5) (async)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0xfffffffc}, 0x1c) (async)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x6, 0xa}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0xfffffff8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4854}, 0x0) (async)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) (async)
r10 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r10, 0xc02064b2, &(0x7f0000000200)={0x28f, 0xfff, 0x100001}) (async)
r11 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) (async)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0xccb, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r11, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r12=>0x0], 0x0, 0x0, 0x0, 0x1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) (async)
ioctl$DRM_IOCTL_MODE_CURSOR(r10, 0xc01c64a3, &(0x7f0000000040)={0x3, r12, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r10, 0xc02464bb, &(0x7f00000000c0)={0x0, r12, 0x10001, 0x7, 0x3, 0x7, 0xfffffffd, 0x9, 0x800}) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000020000000001000000280001801410040000000002000000000000ffffac1414aa060081000a00800008eab974be2ff63a00060003e4"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

1.106864395s ago: executing program 5 (id=1814):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
getsockopt$inet_opts(r3, 0x0, 0x4, 0x0, &(0x7f0000003d00))
r4 = dup(r2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x20, 0x40, 0x9, 0xffffffff, 0x25dfdbfd, {0x3}, [@nested={0x4, 0x12c}, @nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0xb9}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
ioctl$KVM_GET_MSRS_cpu(r4, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x40000106, 0x0, 0x1}]})

970.541182ms ago: executing program 5 (id=1815):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000280)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000008d804dd000000000000010902"], 0x0)
syz_open_procfs$pagemap(r3, &(0x7f0000000380))
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='hybla\x00', 0x6)
syz_usb_connect(0x5, 0x24, &(0x7f0000000380)={{0x12, 0x1, 0x250, 0x4, 0xda, 0xb0, 0x10, 0xccd, 0x39, 0x4499, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0xf8, 0x90, 0x1, [{{0x9, 0x4, 0x6f, 0x8, 0x0, 0x37, 0x6d, 0xbe, 0x9}}]}}]}}, 0x0)
shutdown(r1, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000023c0)=ANY=[@ANYBLOB="380000005500e502000000000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32=0x0, @ANYBLOB="0001"], 0x38}}, 0x80)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={<r5=>0x0, 0x1c, &(0x7f0000000200)=[@in6={0xa, 0x4e22, 0x1, @local, 0x5}]}, &(0x7f0000000140)=0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8919, &(0x7f00000000c0)={'batadv_slave_0\x00'})
listen(r0, 0xfff)
r7 = accept$inet6(r0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_MAXSEG(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={r5, 0x500}, 0x8)

50.191368ms ago: executing program 1 (id=1816):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1800000007140100000032c83a110000050042"], 0x18}}, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x0, {0x0, @multicast, 'ip6gre0\x00'}}, 0x1e)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740), 0x11002, &(0x7f0000000180)=ANY=[@ANYRES64=r0])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000001c0))
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r3, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x94, r4, 0x1b11db05c25e0ad3, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_KEY={0x5c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x9}]}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4268f20b2f5b48e1b3fe4644eab23288"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x8}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x81}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "4170a14b0201340fb2b48fbe92630cdbb38c0342608dafab5c873c8d7892afd8"}]}, @NL802154_ATTR_SEC_KEY={0xc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7a}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x94}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4000800)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x80489439, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000700)={'bond0\x00'})

1.241941ms ago: executing program 1 (id=1817):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="b601000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab6bef11ae3d300"], &(0x7f0000000080)='GPL\x00', 0x9, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000100))
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20102, 0x0)
symlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r1 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
flistxattr(r2, 0xfffffffffffffffe, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000140)={0x40, 0x1, {0x3, 0x1, 0x1, 0x3, 0x3}, 0x1})
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x52, 0x1, 0x2, "f83bebf45608e255d91c5debf11c7fffffffffffffff000400080000e9feff00", 0x31324d59})

0s ago: executing program 1 (id=1818):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="60000000020601120000000000000000000000000500010007000000140007800800124000030000050015000c0000000900020073797a300000000011000300686173683a69702c6d61726b0000000005000400000000000500050002"], 0x60}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x3, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x88}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x5900b000)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0xfdef)

kernel console output (not intermixed with test programs):

r parsing attributes in process `syz.3.967'.
[  114.487215][ T6049] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  114.490697][ T6049] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  114.494825][ T6049] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  114.495970][ T1153] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  114.499536][ T6049] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  114.505222][ T6049] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  114.510268][ T6049] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  114.513096][ T6049] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  114.515668][ T6049] usb 6-1: Product: syz
[  114.517410][ T6049] usb 6-1: Manufacturer: syz
[  114.521361][ T6049] cdc_wdm 6-1:1.0: skipping garbage
[  114.523021][ T6049] cdc_wdm 6-1:1.0: skipping garbage
[  114.526178][ T6049] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  114.528491][ T6049] cdc_wdm 6-1:1.0: Unknown control protocol
[  114.587369][ T5963] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  114.589652][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  114.593115][ T5963] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  114.596818][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  114.605832][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  114.607996][ T1153] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  114.610065][ T5963] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  114.614672][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  114.618176][ T5963] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  114.621835][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  114.625221][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  114.629640][ T5963] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  114.631940][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  114.635229][ T5963] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  114.638947][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  114.642450][ T5963] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  114.650381][ T5963] usb 7-1: string descriptor 0 read error: -22
[  114.652378][ T5963] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  114.655272][ T5963] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.665947][ T5963] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  114.718900][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  114.801825][ T5963] usb 6-1: USB disconnect, device number 10
[  114.826043][ T1146] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  114.866035][   T29] usb 7-1: USB disconnect, device number 7
[  114.935920][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  115.046367][ T1153] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  115.186069][ T9373] ata1.00: invalid multi_count 128 ignored
[  115.250885][  T149] ata1.00: invalid multi_count 128 ignored
[  115.286891][  T149] ata1.00: invalid multi_count 128 ignored
[  115.327097][   T67] ata1.00: invalid multi_count 128 ignored
[  115.337346][ T9376] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  115.342267][ T9376] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  115.367857][   T67] ata1.00: invalid multi_count 128 ignored
[  115.426319][ T1316] ata1.00: invalid multi_count 128 ignored
[  115.454506][ T9384] netlink: 16 bytes leftover after parsing attributes in process `syz.0.976'.
[  115.469008][ T9384] team0: Mode changed to "random"
[  115.478220][  T149] ata1.00: invalid multi_count 128 ignored
[  115.526959][  T149] ata1.00: invalid multi_count 128 ignored
[  115.566782][  T149] ata1.00: invalid multi_count 128 ignored
[  115.613851][ T9399] tipc: Started in network mode
[  115.617508][ T9399] tipc: Node identity , cluster identity 4711
[  115.620286][ T9399] tipc: Failed to obtain node identity
[  115.622392][ T9399] tipc: Enabling of bearer <eth:sit0> rejected, failed to enable media
[  115.626821][ T9397] ata1.00: invalid multi_count 128 ignored
[  115.666837][ T9397] ata1.00: invalid multi_count 128 ignored
[  115.726784][ T9397] ata1.00: invalid multi_count 128 ignored
[  115.762851][ T9407] netlink: 'syz.3.983': attribute type 2 has an invalid length.
[  115.785875][ T9397] ata1.00: invalid multi_count 128 ignored
[  115.839739][ T9415] netlink: 68 bytes leftover after parsing attributes in process `syz.1.984'.
[  115.856775][ T9397] ata1.00: invalid multi_count 128 ignored
[  115.946763][ T9397] ata1.00: invalid multi_count 128 ignored
[  115.985952][ T9420] netlink: 20 bytes leftover after parsing attributes in process `syz.1.986'.
[  116.016788][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.106792][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.167014][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.218168][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  116.218179][   T40] audit: type=1400 audit(1758444929.977:606): avc:  denied  { map } for  pid=9428 comm="syz.0.988" path="socket:[30964]" dev="sockfs" ino=30964 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  116.256734][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.312408][   T40] audit: type=1400 audit(1758444930.077:607): avc:  denied  { mounton } for  pid=9438 comm="syz.1.991" path="/proc/916/cgroup" dev="proc" ino=32037 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  116.319868][   T40] audit: type=1400 audit(1758444930.077:608): avc:  denied  { remount } for  pid=9438 comm="syz.1.991" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=filesystem permissive=1
[  116.327061][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.367051][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.402233][ T9451] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.405532][ T9451] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.409646][ T9451] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  116.417433][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.457817][   T40] audit: type=1400 audit(1758444930.227:609): avc:  denied  { getopt } for  pid=9463 comm="syz.1.998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  116.468595][   T67] ata1.00: invalid multi_count 128 ignored
[  116.495208][ T9451] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.500053][ T9451] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.502825][ T9476] kAFS: No cell specified
[  116.505344][ T9451] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  116.507018][ T9478] kAFS: No cell specified
[  116.518019][   T67] ata1.00: invalid multi_count 128 ignored
[  116.568373][ T1313] ata1.00: invalid multi_count 128 ignored
[  116.582720][ T9451] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.586803][ T9451] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.590116][ T9451] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  116.607896][ T9397] ata1.00: invalid multi_count 128 ignored
[  116.657027][ T9492] netlink: 'syz.0.1001': attribute type 1 has an invalid length.
[  116.659479][ T9492] netlink: 'syz.0.1001': attribute type 1 has an invalid length.
[  116.663638][ T9492] netlink: 'syz.0.1001': attribute type 1 has an invalid length.
[  116.695153][ T9498] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1007'.
[  116.721501][ T9451] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  116.724819][ T9451] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.728426][ T9451] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  116.827135][ T9509] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51 sclass=netlink_route_socket pid=9509 comm=syz.2.1009
[  116.831120][ T9509] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=9509 comm=syz.2.1009
[  116.835564][ T9509] netlink: 'syz.2.1009': attribute type 27 has an invalid length.
[  116.839391][ T9509] netlink: 'syz.2.1009': attribute type 4 has an invalid length.
[  116.873866][ T1145] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  116.881028][ T1145] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  116.884954][ T1145] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  116.895607][ T1145] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  116.900339][ T1145] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  116.903128][ T1145] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  116.912788][ T1145] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  116.915412][ T1145] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  116.918169][ T1145] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  116.928723][ T1145] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  116.931283][ T1145] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  116.933856][ T1145] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  116.964268][ T9522] binder_alloc: 9521: binder_alloc_buf, no vma
[  117.073322][ T9534] batadv_slave_0: entered promiscuous mode
[  117.079707][ T9534] batadv_slave_1: entered promiscuous mode
[  117.083173][ T9534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.087967][ T9534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.091905][ T9534] debugfs: 'hsr1' already exists in 'hsr'
[  117.094516][ T9534] Cannot create hsr debugfs directory
[  117.209183][ T9539] overlay: ./bus is not a directory
[  117.275966][ T8493] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  117.326832][ T9539] block nbd2: Device being setup by another task
[  117.382939][ T9541] block nbd2: shutting down sockets
[  117.415327][ T9547] netlink: 'syz.0.1023': attribute type 21 has an invalid length.
[  117.418998][ T9547] IPv6: NLM_F_CREATE should be specified when creating new route
[  117.422256][ T9547] IPv6: Can't replace route, no match found
[  117.423880][ T9549] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  117.438117][ T8493] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  117.445319][ T8493] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  117.450177][ T8493] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.455841][ T8493] usb 6-1: Product: syz
[  117.457555][ T8493] usb 6-1: Manufacturer: syz
[  117.459481][ T8493] usb 6-1: SerialNumber: syz
[  117.473609][ T8493] usb 6-1: config 0 descriptor??
[  117.530326][ T9552] could not allocate digest TFM handle xcbc-aes-ce
[  117.582545][ T9563] tmpfs: Unknown parameter 'nr_inodØes'
[  117.592417][   T40] audit: type=1400 audit(1758444931.357:610): avc:  denied  { append } for  pid=9561 comm="syz.0.1028" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  117.663889][ T9569] binder: 9566:9569 ioctl c0306201 200000000640 returned -22
[  117.684676][ T9526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.688877][ T9526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.852685][   T40] audit: type=1400 audit(1758444931.617:611): avc:  denied  { write } for  pid=9579 comm="syz.2.1034" name="file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  117.852971][ T9580] sd 0:0:0:0: PR command failed: 1026
[  117.863074][ T9580] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  117.865184][ T9580] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  117.901231][ T1025] usb 6-1: USB disconnect, device number 11
[  118.010695][   T40] audit: type=1400 audit(1758444931.777:612): avc:  denied  { connect } for  pid=9587 comm="syz.2.1037" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.018796][   T40] audit: type=1400 audit(1758444931.777:613): avc:  denied  { shutdown } for  pid=9587 comm="syz.2.1037" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.026637][   T40] audit: type=1400 audit(1758444931.777:614): avc:  denied  { write } for  pid=9587 comm="syz.2.1037" path="socket:[33230]" dev="sockfs" ino=33230 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.036048][   T40] audit: type=1400 audit(1758444931.777:615): avc:  denied  { ioctl } for  pid=9587 comm="syz.2.1037" path="socket:[33230]" dev="sockfs" ino=33230 ioctlcmd=0x64b1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.540359][ T9616] __nla_validate_parse: 5 callbacks suppressed
[  118.540370][ T9616] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1042'.
[  118.556714][ T9612] kvm: pic: level sensitive irq not supported
[  118.556956][ T9612] kvm: pic: non byte read
[  118.561096][ T9612] kvm: pic: level sensitive irq not supported
[  118.561349][ T9612] kvm: pic: non byte read
[  118.667754][ T9620] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  118.844823][ T9638] fuse: Unknown parameter '000000000000000000000020x0000000000000003'
[  118.848971][ T9631] fuse: Unknown parameter '000000000000000000000020x0000000000000003'
[  119.023222][ T9662] comedi comedi2: dt2814: I/O port conflict (0x5,2)
[  119.056083][ T1145] net_ratelimit: 37 callbacks suppressed
[  119.056103][ T1145] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.061536][ T9651] kvm_pr_unimpl_wrmsr: 15 callbacks suppressed
[  119.061549][ T9651] kvm: kvm [9650]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0xfffffc18
[  119.066902][ T9651] kvm: kvm [9650]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0xfffffc18
[  119.068531][ T9668] input: syz1 as /devices/virtual/input/input16
[  119.084661][ T9651] kvm: kvm [9650]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xfffffc18
[  119.103553][ T9651] kvm: kvm [9650]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0xfffffc18
[  119.106947][ T9651] kvm: kvm [9650]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0xfffffc18
[  119.166322][ T1145] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.227670][ T9672] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1060'.
[  119.271485][ T9678] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1062'.
[  119.285867][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.371158][ T9687] IPv6: NLM_F_CREATE should be specified when creating new route
[  119.373716][ T9687] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  119.376067][ T9687] IPv6: NLM_F_CREATE should be set when creating new route
[  119.395955][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.423471][ T9692] binder: 9691:9692 ioctl d0009412 200000002040 returned -22
[  119.516110][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.608281][ T9700] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  119.612262][ T9700] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  119.616121][ T9700] overlayfs: conflicting lowerdir path
[  119.626454][ T1146] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.673181][ T9705] syz.2.1070: attempt to access beyond end of device
[  119.673181][ T9705] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128
[  119.678729][ T9705] gfs2: error -5 reading superblock
[  119.735900][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.828237][ T9717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1073'.
[  119.846632][   T46] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.955886][   T12] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  119.971285][ T9724] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1076'.
[  119.976072][ T5975] Bluetooth: hci3: command 0x0406 tx timeout
[  120.056516][ T9734] overlayfs: failed to resolve './file0': -2
[  120.067352][ T1145] bond1: (slave ip6gretap1): failed to get link speed/duplex
[  120.148740][ T9737] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  120.150911][ T9737] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  120.153866][ T9737] vhci_hcd vhci_hcd.0: Device attached
[  120.336005][   T53] vhci_hcd: vhci_device speed not set
[  120.396054][   T53] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  120.697799][ T9755] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  120.700440][ T9755] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  120.704109][ T9755] vhci_hcd vhci_hcd.0: Device attached
[  120.708206][ T9756] vhci_hcd: connection closed
[  120.709988][ T1145] vhci_hcd: stop threads
[  120.712895][ T1145] vhci_hcd: release socket
[  120.714388][ T1145] vhci_hcd: disconnect device
[  120.944854][ T9738] vhci_hcd: connection reset by peer
[  120.949127][ T1145] vhci_hcd: stop threads
[  120.950575][ T1145] vhci_hcd: release socket
[  120.953103][ T1145] vhci_hcd: disconnect device
[  121.061852][ T9769] loop7: detected capacity change from 0 to 127
[  121.261459][   T12] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.265010][   T12] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.268746][   T12] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.335426][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  121.335438][   T40] audit: type=1400 audit(1758444935.097:628): avc:  denied  { execute } for  pid=9779 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  121.346245][   T40] audit: type=1400 audit(1758444935.097:629): avc:  denied  { execute_no_trans } for  pid=9779 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  121.356106][   T12] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.359211][   T12] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.362266][   T12] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.481606][   T12] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.484689][   T12] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.487974][   T12] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.503881][ T9796] sp0: Synchronizing with TNC
[  121.530266][ T5975] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  121.534699][ T5975] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  121.538036][ T5975] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  121.541196][ T5975] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  121.543866][ T5975] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  121.549788][   T12] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.552954][   T12] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.557822][   T12] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.579372][ T9808] netlink: 700 bytes leftover after parsing attributes in process `syz.1.1097'.
[  121.673627][ T9825] omfs: Invalid superblock (0)
[  121.685900][ T9797] chnl_net:caif_netlink_parms(): no params data found
[  121.703762][ T9829] Bluetooth: MGMT ver 1.23
[  121.724142][ T9830] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1098'.
[  121.798321][ T9797] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.800599][ T9797] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.802851][ T9797] bridge_slave_0: entered allmulticast mode
[  121.805498][ T9797] bridge_slave_0: entered promiscuous mode
[  121.840233][ T9842] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1103'.
[  121.895370][   T12] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  121.899330][   T12] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  121.915373][   T12] bond2 (unregistering): (slave ip6gre1): Releasing backup interface
[  121.917096][   T40] audit: type=1400 audit(1758444935.687:630): avc:  denied  { setopt } for  pid=9844 comm="syz.0.1104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  121.919027][   T12] ip6gre1 (unregistering): left promiscuous mode
[  122.337130][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.344001][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  122.349008][   T12] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  122.353013][   T12] bond0 (unregistering): Released all slaves
[  122.432853][   T12] bond1 (unregistering): Released all slaves
[  122.525573][ T9861] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000007
[  122.529893][   T12] bond2 (unregistering): Released all slaves
[  122.542551][   T12] bond3 (unregistering): Released all slaves
[  122.552675][ T9797] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.555389][ T9797] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.559295][ T9797] bridge_slave_1: entered allmulticast mode
[  122.562455][ T9797] bridge_slave_1: entered promiscuous mode
[  122.612968][ T9797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  122.618638][ T9797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  122.623129][ T9870] netlink: 'syz.0.1112': attribute type 21 has an invalid length.
[  122.649761][   T12] tipc: Left network mode
[  122.694036][ T9797] team0: Port device team_slave_0 added
[  122.697607][ T9797] team0: Port device team_slave_1 added
[  122.729259][   T40] audit: type=1400 audit(1758444936.497:631): avc:  denied  { read write } for  pid=9869 comm="syz.0.1112" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  122.729730][ T9870] orangefs_devreq_write_iter: total:0: must be at least:8240:
[  122.738491][   T40] audit: type=1400 audit(1758444936.497:632): avc:  denied  { open } for  pid=9869 comm="syz.0.1112" path="/219/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  122.763470][ T9797] batman_adv: batadv0: Adding interface: batadv_slave_0
[  122.765954][ T9797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.773716][ T9797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  122.778425][ T9797] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.780653][ T9797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.788704][ T9797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.798519][   T40] audit: type=1400 audit(1758444936.567:633): avc:  denied  { accept } for  pid=9880 comm="syz.0.1114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  122.807213][ T9881] binder: 9880:9881 ioctl c0306201 200000000640 returned -22
[  122.810852][ T9881] binder: 9880:9881 ioctl ae80 0 returned -22
[  122.849161][ T9797] hsr_slave_0: entered promiscuous mode
[  122.851475][ T9797] hsr_slave_1: entered promiscuous mode
[  122.853843][ T9797] debugfs: 'hsr0' already exists in 'hsr'
[  122.856029][ T9797] Cannot create hsr debugfs directory
[  122.951341][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1117'.
[  122.955011][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1117'.
[  123.094863][   T12] hsr_slave_0: left promiscuous mode
[  123.098320][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.101365][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.149754][   T12] veth1_macvtap: left promiscuous mode
[  123.151912][   T12] veth0_macvtap: left promiscuous mode
[  123.154241][   T12] veth1_vlan: left promiscuous mode
[  123.156413][   T12] veth0_vlan: left promiscuous mode
[  123.578174][ T5969] Bluetooth: hci0: command tx timeout
[  123.759327][   T12] team0 (unregistering): Port device team_slave_1 removed
[  123.821293][   T12] team0 (unregistering): Port device team_slave_0 removed
[  124.413154][   T40] audit: type=1400 audit(1758444938.177:634): avc:  denied  { read } for  pid=9921 comm="syz.2.1124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  124.440940][ T9797] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  124.452976][ T9797] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  124.477094][ T9797] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  124.486493][ T9797] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  124.607091][ T9943] __nla_validate_parse: 3 callbacks suppressed
[  124.607102][ T9943] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1128'.
[  124.623325][ T9797] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.640975][ T9797] 8021q: adding VLAN 0 to HW filter on device team0
[  124.650084][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.652412][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.660972][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.663247][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.710598][ T9956] tipc: Started in network mode
[  124.712348][ T9956] tipc: Node identity c27a1ad06184, cluster identity 4711
[  124.715528][ T9956] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  124.719286][ T9956] syzkaller0: entered promiscuous mode
[  124.721150][ T9956] syzkaller0: entered allmulticast mode
[  124.729846][ T9956] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  124.741829][ T9956] tipc: Resetting bearer <eth:syzkaller0>
[  124.744756][ T9955] tipc: Resetting bearer <eth:syzkaller0>
[  124.753427][ T9955] tipc: Disabling bearer <eth:syzkaller0>
[  124.830268][ T9797] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.917221][ T9970] program syz.1.1133 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.000694][ T9797] veth0_vlan: entered promiscuous mode
[  125.007122][ T9797] veth1_vlan: entered promiscuous mode
[  125.020784][ T9797] veth0_macvtap: entered promiscuous mode
[  125.025652][ T9797] veth1_macvtap: entered promiscuous mode
[  125.034913][ T9797] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.041437][ T9797] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.046669][   T46] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.051092][ T1153] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.054831][ T1153] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.060537][ T1153] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.065525][ T9980] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1135'.
[  125.069758][ T9980] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1135'.
[  125.073508][ T9979] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1135'.
[  125.079055][ T9979] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1135'.
[  125.121342][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.124428][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.141222][ T9984] block device autoloading is deprecated and will be removed.
[  125.148532][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.151090][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.161621][   T40] audit: type=1400 audit(1758444938.927:635): avc:  denied  { mounton } for  pid=9797 comm="syz-executor" path="/syzkaller.b3ldYo/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  125.179976][ T9987] dlm: no local IP address has been set
[  125.181895][ T9987] dlm: cannot start dlm midcomms -107
[  125.289365][   T40] audit: type=1400 audit(1758444939.057:636): avc:  denied  { ioctl } for  pid=9996 comm="syz.4.1140" path="socket:[37096]" dev="sockfs" ino=37096 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  125.398219][T10007] tmpfs: Unknown parameter 'volatile'
[  125.455723][T10016] program syz.4.1146 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.457482][T10017] program syz.4.1146 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  125.459627][T10016] ata1.00: non-matching transfer count (0/2304)
[  125.465084][T10017] ata1.00: non-matching transfer count (0/2304)
[  125.471116][T10016] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1146'.
[  125.474857][T10017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1146'.
[  125.474895][T10021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1146'.
[  125.482210][T10021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1146'.
[  125.483585][T10017] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1146'.
[  125.486183][T10021] netlink: 'syz.4.1146': attribute type 7 has an invalid length.
[  125.494811][T10017] netlink: 'syz.4.1146': attribute type 7 has an invalid length.
[  125.494949][   T53] vhci_hcd: vhci_device speed not set
[  125.572525][T10043] netlink: 'syz.1.1154': attribute type 3 has an invalid length.
[  125.575086][T10044] netlink: 'syz.1.1154': attribute type 3 has an invalid length.
[  125.577951][T10042] 8021q: VLANs not supported on wg2
[  125.617194][T10047] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  125.656123][ T5969] Bluetooth: hci0: command tx timeout
[  125.678971][T10055] gfs2: not a GFS2 filesystem
[  125.734743][   T40] audit: type=1400 audit(1758444939.497:637): avc:  denied  { create } for  pid=10058 comm="syz.1.1159" name="control" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  125.794398][T10049] netlink: 'syz.4.1152': attribute type 29 has an invalid length.
[  125.955911][ T1025] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  126.118702][ T1025] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  126.121257][ T1025] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  126.124743][ T1025] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  126.129702][ T1025] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  126.133297][ T1025] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  126.138830][ T1025] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  126.141657][ T1025] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.146150][ T1025] usb 7-1: config 0 descriptor??
[  126.148579][T10057] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  126.425918][   T34] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  126.557081][ T1025] plantronics 0003:047F:FFFF.0005: reserved main item tag 0xd
[  126.568464][ T1025] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  126.580792][   T34] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  126.584560][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.588163][   T34] usb 6-1: Product: syz
[  126.589852][   T34] usb 6-1: Manufacturer: syz
[  126.591782][   T34] usb 6-1: SerialNumber: syz
[  126.599413][   T34] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  126.631579][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  126.631595][   T40] audit: type=1400 audit(1758444940.397:643): avc:  denied  { firmware_load } for  pid=6030 comm="kworker/3:3" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  126.642589][ T6030] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  126.775003][ T1025] usb 7-1: USB disconnect, device number 8
[  126.834222][T10099] syz.0.1170: vmalloc error: size 70778880, failed to allocated page array size 138240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  126.845219][T10099] CPU: 1 UID: 0 PID: 10099 Comm: syz.0.1170 Not tainted syzkaller #0 PREEMPT(full) 
[  126.845241][T10099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.845252][T10099] Call Trace:
[  126.845258][T10099]  <TASK>
[  126.845265][T10099]  dump_stack_lvl+0x16c/0x1f0
[  126.845316][T10099]  warn_alloc+0x248/0x3a0
[  126.845346][T10099]  ? __pfx_warn_alloc+0x10/0x10
[  126.845374][T10099]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  126.845397][T10099]  ? __vmalloc_node_noprof+0xad/0xf0
[  126.845425][T10099]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  126.845460][T10099]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  126.845494][T10099]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  126.845529][T10099]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  126.845556][T10099]  vmalloc_user_noprof+0x9e/0xe0
[  126.845579][T10099]  ? vb2_vmalloc_alloc+0x135/0x3f0
[  126.845604][T10099]  vb2_vmalloc_alloc+0x135/0x3f0
[  126.845629][T10099]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  126.845656][T10099]  __vb2_queue_alloc+0x8c9/0x1280
[  126.845694][T10099]  vb2_core_reqbufs+0xa90/0xfe0
[  126.845726][T10099]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  126.845767][T10099]  ? __pfx___mutex_trylock_common+0x10/0x10
[  126.845806][T10099]  ? trace_contention_end+0xdd/0x130
[  126.845824][T10099]  ? __mutex_lock+0x1c5/0x1060
[  126.845859][T10099]  vb2_ioctl_reqbufs+0x291/0x450
[  126.845881][T10099]  ? __pfx_vb2_ioctl_reqbufs+0x10/0x10
[  126.845902][T10099]  ? __pfx___mutex_lock+0x10/0x10
[  126.845931][T10099]  vidioc_reqbufs+0x86/0x100
[  126.845951][T10099]  v4l_reqbufs+0x152/0x1e0
[  126.845971][T10099]  __video_do_ioctl+0xb40/0xfc0
[  126.845995][T10099]  ? __might_fault+0xe3/0x190
[  126.846013][T10099]  ? __pfx___video_do_ioctl+0x10/0x10
[  126.846042][T10099]  video_usercopy+0x4d0/0x1720
[  126.846065][T10099]  ? __pfx___video_do_ioctl+0x10/0x10
[  126.846086][T10099]  ? selinux_kernel_read_file+0x90/0x130
[  126.846112][T10099]  ? __pfx_video_usercopy+0x10/0x10
[  126.846150][T10099]  v4l2_ioctl+0x1bd/0x250
[  126.846170][T10099]  ? __pfx_v4l2_ioctl+0x10/0x10
[  126.846211][T10099]  __x64_sys_ioctl+0x18e/0x210
[  126.846241][T10099]  do_syscall_64+0xcd/0x4e0
[  126.846268][T10099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.846287][T10099] RIP: 0033:0x7f8e50b8ec29
[  126.846302][T10099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.846320][T10099] RSP: 002b:00007f8e51a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  126.846336][T10099] RAX: ffffffffffffffda RBX: 00007f8e50dd5fa0 RCX: 00007f8e50b8ec29
[  126.846347][T10099] RDX: 00002000000001c0 RSI: 00000000c0145608 RDI: 0000000000000003
[  126.846356][T10099] RBP: 00007f8e50c11e41 R08: 0000000000000000 R09: 0000000000000000
[  126.846366][T10099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  126.846374][T10099] R13: 00007f8e50dd6038 R14: 00007f8e50dd5fa0 R15: 00007ffc50dec3f8
[  126.846394][T10099]  </TASK>
[  126.848405][T10105] netlink: 'syz.2.1172': attribute type 2 has an invalid length.
[  126.850117][T10099] Mem-Info:
[  126.900655][T10113] netlink: 'syz.2.1174': attribute type 10 has an invalid length.
[  126.902402][T10099] active_anon:20412 inactive_anon:8039 isolated_anon:0
[  126.902402][T10099]  active_file:3178 inactive_file:54281 isolated_file:0
[  126.902402][T10099]  unevictable:2820 dirty:80 writeback:0
[  126.902402][T10099]  slab_reclaimable:11279 slab_unreclaimable:74904
[  126.902402][T10099]  mapped:25823 shmem:19782 pagetables:1383
[  126.902402][T10099]  sec_pagetables:316 bounce:0
[  126.902402][T10099]  kernel_misc_reclaimable:0
[  126.902402][T10099]  free:410471 free_pcp:18319 free_cma:0
[  126.957035][   T53] usb 6-1: USB disconnect, device number 12
[  126.957617][T10099] Node 0 active_anon:55656kB inactive_anon:32156kB active_file:9092kB inactive_file:216864kB unevictable:7744kB isolated(anon):0kB isolated(file):0kB mapped:103196kB dirty:304kB writeback:0kB shmem:49736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12880kB pagetables:5592kB sec_pagetables:1264kB all_unreclaimable? yes Balloon:0kB
[  126.970930][T10123] loop9: detected capacity change from 0 to 7
[  126.972119][   T40] audit: type=1400 audit(1758444940.737:644): avc:  denied  { ioctl } for  pid=10122 comm="syz.2.1176" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x9413 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  126.981931][T10099] Node 1 active_anon:25992kB inactive_anon:0kB active_file:3620kB inactive_file:260kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96kB dirty:16kB writeback:0kB shmem:29392kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:208kB pagetables:312kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  126.990280][ T6363] Dev loop9: unable to read RDB block 7
[  126.996728][T10099] Node 0 
[  126.998274][ T6363]  loop9: unable to read partition table
[  127.008207][T10099] DMA free:7584kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2176kB inactive_anon:5248kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:244kB local_pcp:24kB free_cma:0kB
[  127.019282][ T6363] loop9: partition table beyond EOD, 
[  127.020930][T10099] lowmem_reserve[]:
[  127.021765][ T6363] truncated
[  127.023693][T10099]  0
[  127.034223][ T5969] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  127.036208][T10099]  1233 1233 1233 1233
[  127.036241][T10099] Node 0 
[  127.038697][ T5969] Bluetooth: hci1: Injecting HCI hardware error event
[  127.038989][T10099] DMA32 free:81116kB boost:38912kB min:66428kB low:73304kB high:80180kB reserved_highatomic:0KB free_highatomic:0KB active_anon:53480kB inactive_anon:26908kB active_file:9092kB inactive_file:216864kB unevictable:7744kB writepending:304kB present:2080628kB managed:1263420kB mlocked:112kB bounce:0kB free_pcp:45784kB local_pcp:8376kB free_cma:0kB
[  127.040828][ T5969] Bluetooth: hci1: hardware error 0x00
[  127.043568][T10099] lowmem_reserve[]:
[  127.045825][T10123] Dev loop9: unable to read RDB block 7
[  127.046086][T10099]  0
[  127.050542][T10123]  loop9: unable to read partition table
[  127.061013][T10099]  0
[  127.061717][T10123] loop9: partition table beyond EOD, 
[  127.063162][T10099]  0
[  127.066988][T10123] truncated
[  127.069311][T10099]  0
[  127.070002][T10123] loop_reread_partitions: partition scan of loop9 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  127.072221][T10099]  0
[  127.072237][T10099] Node 1 Normal free:1553772kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25992kB inactive_anon:0kB active_file:3620kB inactive_file:260kB unevictable:3536kB writepending:16kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:26452kB local_pcp:248kB free_cma:0kB
[  127.093123][T10099] lowmem_reserve[]: 0 0 0 0 0
[  127.095165][T10099] Node 0 DMA: 26*4kB (UM) 18*8kB (UM) 4*16kB (UM) 6*32kB (UM) 5*64kB (U) 3*128kB (UM) 5*256kB (UM) 4*512kB (U) 1*1024kB (U) 1*2048kB (M) 0*4096kB = 7608kB
[  127.102273][T10099] Node 0 DMA32: 402*4kB (UME) 172*8kB (UME) 61*16kB (UME) 75*32kB (UME) 88*64kB (UME) 36*128kB (UME) 25*256kB (UME) 18*512kB (UM) 31*1024kB (UM) 8*2048kB (U) 0*4096kB = 80344kB
[  127.109582][T10099] Node 1 Normal: 23*4kB (ME) 60*8kB (UME) 191*16kB (UME) 198*32kB (UME) 118*64kB (UME) 54*128kB (UME) 44*256kB (UME) 31*512kB (UM) 37*1024kB (UME) 15*2048kB (UME) 350*4096kB (UM) = 1553772kB
[  127.117515][T10099] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  127.121414][T10099] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  127.125248][T10099] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  127.129358][T10099] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  127.133174][T10099] 77256 total pagecache pages
[  127.135204][T10099] 0 pages in swap cache
[  127.137098][T10099] Free swap  = 124996kB
[  127.138516][T10099] Total swap = 124996kB
[  127.139938][T10099] 1048443 pages RAM
[  127.141165][T10099] 0 pages HighMem/MovableOnly
[  127.142642][T10099] 283275 pages reserved
[  127.143928][T10099] 0 pages cma reserved
[  127.202694][   T40] audit: type=1400 audit(1758444940.967:645): avc:  denied  { name_connect } for  pid=10126 comm="syz.2.1177" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  127.247641][   T40] audit: type=1400 audit(1758444941.017:646): avc:  denied  { setopt } for  pid=10135 comm="syz.0.1180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  127.248898][T10136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.312410][T10136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.351223][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.353672][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.368071][T10136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.440207][   T40] audit: type=1400 audit(1758444941.207:647): avc:  denied  { nlmsg_read } for  pid=10140 comm="syz.2.1182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  127.484314][   T40] audit: type=1400 audit(1758444941.247:648): avc:  denied  { unmount } for  pid=5970 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  127.507031][   T40] audit: type=1326 audit(1758444941.277:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10143 comm="syz.1.1183" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8ae938ec29 code=0x0
[  127.665909][ T6030] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  127.669368][ T6030] ath9k_htc: Failed to initialize the device
[  127.672932][   T53] usb 6-1: ath9k_htc: USB layer deinitialized
[  127.735902][ T5975] Bluetooth: hci0: command tx timeout
[  127.909840][T10148] net_ratelimit: 13 callbacks suppressed
[  127.909855][T10148] openvswitch: netlink: Multiple metadata blocks provided
[  127.931286][   T40] audit: type=1400 audit(1758444941.697:650): avc:  denied  { shutdown } for  pid=10150 comm="syz.4.1185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  127.944656][   T40] audit: type=1400 audit(1758444941.707:651): avc:  denied  { getopt } for  pid=10155 comm="syz.0.1186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  127.951437][   T40] audit: type=1400 audit(1758444941.707:652): avc:  denied  { write } for  pid=10155 comm="syz.0.1186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  128.005987][T10158] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  128.107577][T10163] fuse: Unknown parameter '­ç½o¸ÏAa„ Jý+Ä\$¾ÝýI.¢¶MK«Ñ<aÏ·_õû°Ð•ýÈo¦eoq4ô8@éœLdgɯ¶¾ÿH>>RØ4N¤ò˜ÃSbíÄ÷øiN@6Ø/˜ÿo
‘”—oj¥Úø[ŸÔ1>”Ø/žìðk)%'
[  128.161311][T10165] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  128.169194][T10165] CIFS mount error: No usable UNC path provided in device string!
[  128.169194][T10165] 
[  128.172355][T10165] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  128.203911][T10171] netlink: 'syz.4.1192': attribute type 12 has an invalid length.
[  128.207123][T10171] netlink: 'syz.4.1192': attribute type 29 has an invalid length.
[  128.210286][T10171] netlink: 'syz.4.1192': attribute type 2 has an invalid length.
[  128.279372][T10141] 9pnet_fd: p9_fd_create_tcp (10141): problem connecting socket to 127.0.0.1
[  128.302224][T10178] 9pnet_fd: Insufficient options for proto=fd
[  128.302226][T10179] 9pnet_fd: Insufficient options for proto=fd
[  128.453387][T10195] netlink: 'syz.2.1200': attribute type 30 has an invalid length.
[  128.456905][T10195] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  128.459724][T10195] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  129.105988][ T5969] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  129.195201][T10245] SELinux: security policydb version 17 (MLS) not backwards compatible
[  129.198398][T10245] SELinux: failed to load policy
[  129.463722][T10263] can0: slcan on ttyprintk.
[  129.526981][T10261] overlayfs: missing 'lowerdir'
[  129.608519][T10263] can0 (unregistered): slcan off ttyprintk.
[  129.615891][  T838] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  129.787164][T10277] overlayfs: failed to resolve './file1/file0': -2
[  129.787514][  T838] usb 5-1: config 0 has no interfaces?
[  129.790973][  T838] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  129.793898][  T838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.797722][  T838] usb 5-1: config 0 descriptor??
[  129.938662][T10282] __nla_validate_parse: 12 callbacks suppressed
[  129.938679][T10282] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1225'.
[  130.512404][T10275] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  130.596403][T10287] Option 'Ô_n'¶tr—1ZQ¥3Œ ¬-Öµ²ÙkÕXÜv~’' to dns_resolver key: bad/missing value
[  130.689073][T10292] block nbd2: Send control failed (result -22)
[  130.692602][T10292] block nbd2: Request send failed, requeueing
[  130.698842][ T9397] block nbd2: Dead connection, failed to find a fallback
[  130.702845][ T9397] block nbd2: shutting down sockets
[  130.704709][ T9397] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  130.708455][T10292] EXT4-fs (nbd2): unable to read superblock
[  130.751011][T10294] usb usb9: usbfs: process 10294 (syz.2.1229) did not claim interface 3 before use
[  130.901286][T10304] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  130.903835][T10304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1232'.
[  131.835581][T10326] team0: Device gtp0 is of different type
[  132.016895][T10327] block nbd4: shutting down sockets
[  132.055841][   T53] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  132.081894][T10332] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1241'.
[  132.111803][T10334] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1242'.
[  132.114722][T10334] netlink: 'syz.4.1242': attribute type 6 has an invalid length.
[  132.118318][T10334] netlink: 'syz.4.1242': attribute type 5 has an invalid length.
[  132.121136][T10334] netlink: 'syz.4.1242': attribute type 4 has an invalid length.
[  132.154075][  T838] usb 5-1: USB disconnect, device number 10
[  132.208721][   T53] usb 6-1: Using ep0 maxpacket: 16
[  132.214020][   T53] usb 6-1: config 0 has no interfaces?
[  132.224135][   T53] usb 6-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  132.227661][   T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.230147][   T53] usb 6-1: Product: syz
[  132.231470][   T53] usb 6-1: Manufacturer: syz
[  132.233070][   T53] usb 6-1: SerialNumber: syz
[  132.241419][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  132.241429][   T40] audit: type=1400 audit(1758444946.007:666): avc:  denied  { shutdown } for  pid=10338 comm="syz.0.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  132.245729][   T53] usb 6-1: config 0 descriptor??
[  132.268354][   T40] audit: type=1400 audit(1758444946.037:667): avc:  denied  { map } for  pid=10344 comm="syz.4.1245" path="socket:[35559]" dev="sockfs" ino=35559 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  132.298690][T10347] kvm: kvm [10346]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000018) = 0x0
[  132.394401][   T40] audit: type=1326 audit(1758444946.157:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10317 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e54d8ec29 code=0x7fc00000
[  132.423606][T10354] tmpfs: Unknown parameter 'ørrquota'
[  132.459629][   T53] usb 6-1: USB disconnect, device number 13
[  132.476255][T10359] bridge0: port 3(veth0_to_bridge) entered blocking state
[  132.476794][T10356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1249'.
[  132.478620][T10359] bridge0: port 3(veth0_to_bridge) entered disabled state
[  132.484810][T10359] veth0_to_bridge: entered allmulticast mode
[  132.488875][T10359] veth0_to_bridge: entered promiscuous mode
[  132.568864][T10362] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=10362 comm=syz.2.1251
[  132.585174][T10362] vxcan0: entered promiscuous mode
[  132.619116][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  132.621813][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  132.773310][T10369] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1254'.
[  132.955413][ T5975] Bluetooth: hci0: unknown advertising packet type: 0x82
[  132.955470][ T5975] Bluetooth: hci0: Dropping invalid advertising data
[  132.962521][ T5975] Bluetooth: hci0: Malformed LE Event: 0x02
[  132.965039][ T5975] Bluetooth: hci0: unknown advertising packet type: 0x82
[  132.965056][ T5975] Bluetooth: hci0: Dropping invalid advertising data
[  132.970815][ T5975] Bluetooth: hci0: Malformed LE Event: 0x02
[  133.149718][T10388] dvmrp0: entered allmulticast mode
[  133.152984][T10388] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1261'.
[  133.194267][T10394] Unknown options in mask 22
[  133.326375][   T40] audit: type=1400 audit(1758444947.097:669): avc:  denied  { setopt } for  pid=10407 comm="syz.0.1267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  133.361308][   T40] audit: type=1400 audit(1758444947.127:670): avc:  denied  { append } for  pid=10411 comm="syz.0.1268" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  133.738521][ T1146] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  133.741692][ T1146] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  133.765982][   T53] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  133.796063][ T6034] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  133.815988][ T6034] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  133.860816][T10442] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1275'.
[  134.187279][   T40] audit: type=1400 audit(1758444947.957:671): avc:  denied  { node_bind } for  pid=10448 comm="syz.2.1277" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  134.417237][T10465] tmpfs: Bad value for 'mpol'
[  134.442323][   T40] audit: type=1400 audit(1758444948.207:672): avc:  denied  { getopt } for  pid=10466 comm="syz.0.1283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  134.481015][T10470] syzkaller0: entered promiscuous mode
[  134.483227][T10470] syzkaller0: entered allmulticast mode
[  134.528408][   T40] audit: type=1400 audit(1758444948.297:673): avc:  denied  { create } for  pid=10472 comm="syz.0.1286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  134.534782][   T40] audit: type=1400 audit(1758444948.297:674): avc:  denied  { connect } for  pid=10472 comm="syz.0.1286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  134.542045][   T40] audit: type=1400 audit(1758444948.297:675): avc:  denied  { setopt } for  pid=10472 comm="syz.0.1286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  134.553614][T10476] sctp: [Deprecated]: syz.0.1287 (pid 10476) Use of int in maxseg socket option.
[  134.553614][T10476] Use struct sctp_assoc_value instead
[  134.559679][T10479] netlink: 'syz.1.1288': attribute type 1 has an invalid length.
[  134.560194][T10478] netlink: 'syz.1.1288': attribute type 1 has an invalid length.
[  134.582554][T10478] bond0: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  134.588756][T10482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1289'.
[  135.395858][ T6034] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  135.409373][T10521] sctp: [Deprecated]: syz.1.1303 (pid 10521) Use of int in max_burst socket option.
[  135.409373][T10521] Use struct sctp_assoc_value instead
[  135.456345][T10523] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1304'.
[  135.547639][ T6034] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  135.551118][ T6034] usb 7-1: config 0 interface 0 has no altsetting 0
[  135.555672][ T6034] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  135.561435][ T6034] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  135.564410][ T6034] usb 7-1: Product: syz
[  135.566635][ T6034] usb 7-1: Manufacturer: syz
[  135.568239][ T6034] usb 7-1: SerialNumber: syz
[  135.571323][ T6034] usb 7-1: config 0 descriptor??
[  135.578192][ T6034] usb 7-1: selecting invalid altsetting 0
[  135.624846][T10532] overlayfs: failed to resolve './file1': -2
[  135.779373][   T29] usb 7-1: USB disconnect, device number 9
[  136.018747][T10510] fuse: Unknown parameter 'fÆ10x0000000000000007'
[  136.470613][T10545] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  136.497855][T10547] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.500378][T10547] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.503118][T10547] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.505512][T10547] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.698126][T10566] ufs: You didn't specify the type of your ufs filesystem
[  136.698126][T10566] 
[  136.698126][T10566] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  136.698126][T10566] 
[  136.698126][T10566] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  136.707557][T10566] ufs: ufstype=old is supported read-only
[  136.709451][T10566] block nbd1: Attempted send on invalid socket
[  136.711548][T10566] I/O error, dev nbd1, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.795307][T10575] ip_vti0: Caught tx_queue_len zero misconfig
[  136.824636][T10577] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1320'.
[  137.575991][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  138.187878][T10599] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1327'.
[  138.314948][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  138.314963][   T40] audit: type=1800 audit(1758444952.077:677): pid=10601 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.1327" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  138.635630][T10622] netlink: 'syz.2.1333': attribute type 1 has an invalid length.
[  138.648639][T10622] 8021q: adding VLAN 0 to HW filter on device bond9
[  138.987646][   T40] audit: type=1400 audit(1758444952.757:678): avc:  denied  { ioctl } for  pid=10636 comm="syz.1.1338" path="socket:[41392]" dev="sockfs" ino=41392 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  139.073188][T10646] netlink: 'syz.1.1341': attribute type 7 has an invalid length.
[  139.075702][T10646] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1341'.
[  139.138879][   T40] audit: type=1400 audit(1758444952.907:679): avc:  denied  { validate_trans } for  pid=10650 comm="syz.1.1343" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  139.297503][T10663] sit0: Caught tx_queue_len zero misconfig
[  139.354625][T10675] tmpfs: Too few inodes for current use
[  139.396200][   T40] audit: type=1400 audit(1758444953.167:680): avc:  denied  { write } for  pid=10679 comm="syz.1.1352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  139.402293][   T40] audit: type=1400 audit(1758444953.167:681): avc:  denied  { ioctl } for  pid=10679 comm="syz.1.1352" path="socket:[38265]" dev="sockfs" ino=38265 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  139.629751][   T40] audit: type=1400 audit(1758444953.397:682): avc:  denied  { lock } for  pid=10704 comm="syz.1.1359" path="socket:[39246]" dev="sockfs" ino=39246 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  139.666106][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  139.803056][T10717] nfs: Unknown parameter '*ymÑÚ{ó”¢�%€eʾ¢0ËYE ˆµU@†•¢…`hÐl/3IJÝ÷Œ7êÍLyßœâ§Ôé‡9ÛF"
[  139.803056][T10717]  Qà
[  139.803056][T10717] HÌï¢Ú¥Á´§…Pc;Ó.\ã6Tæð]b¼Óù
[  139.803056][T10717] ´¹X'
[  140.290423][T10733] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.302517][   T40] audit: type=1800 audit(1758444954.067:683): pid=10735 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.1368" name="file1" dev="9p" ino=71827681 res=0 errno=0
[  140.435486][T10747] kvm: pic: non byte read
[  140.439191][T10747] kvm: pic: non byte read
[  140.441747][T10747] kvm: pic: single mode not supported
[  140.441756][T10747] kvm: pic: level sensitive irq not supported
[  140.444032][T10747] kvm: pic: non byte read
[  140.448682][T10747] kvm: pic: non byte read
[  140.451321][T10747] kvm: pic: non byte read
[  140.453968][T10747] kvm: pic: non byte read
[  140.456759][T10747] kvm: pic: non byte read
[  140.459190][T10747] kvm: pic: single mode not supported
[  140.459419][T10747] kvm: pic: non byte read
[  140.463367][T10747] kvm: pic: single mode not supported
[  140.463598][T10747] kvm: pic: non byte read
[  140.607166][T10751] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  141.217869][T10760] veth1_to_team: entered allmulticast mode
[  141.223001][T10759] veth1_to_team: left allmulticast mode
[  141.275837][T10766] rtc_cmos 00:05: Alarms can be up to one day in the future
[  141.565940][  T839] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  141.695891][  T839] usb 6-1: device descriptor read/64, error -71
[  141.935870][  T839] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  141.982268][T10776] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1379'.
[  142.020750][T10778] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1380'.
[  142.065843][  T839] usb 6-1: device descriptor read/64, error -71
[  142.177608][  T839] usb usb6-port1: attempt power cycle
[  142.237797][T10789] netlink: 'syz.2.1383': attribute type 17 has an invalid length.
[  142.240978][T10789] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1383'.
[  142.244610][T10789] macvtap0: entered allmulticast mode
[  142.247022][T10789] veth0_macvtap: entered allmulticast mode
[  142.250504][T10789] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check.
[  142.401273][T10797] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  142.525985][  T839] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  142.528151][T10797] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=263 sclass=netlink_route_socket pid=10797 comm=syz.2.1387
[  142.556614][  T839] usb 6-1: device descriptor read/8, error -71
[  142.747916][T10807] loop7: detected capacity change from 0 to 524255232
[  142.751831][   T40] audit: type=1400 audit(1758444956.517:684): avc:  denied  { bind } for  pid=10805 comm="syz.0.1389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  142.807064][  T839] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  142.837125][  T839] usb 6-1: device descriptor read/8, error -71
[  142.843647][T10821] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1393'.
[  142.848166][T10821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1393'.
[  142.946776][  T839] usb usb6-port1: unable to enumerate USB device
[  143.628061][T10852] overlayfs: failed to resolve './file0': -2
[  143.743180][T10858] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1406'.
[  144.368328][T10879] netlink: 'syz.2.1411': attribute type 2 has an invalid length.
[  144.370799][T10879] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  144.378090][ T5975] Bluetooth: hci3: unexpected cc 0x040d length: 5 < 7
[  144.380222][ T5975] Bluetooth: hci3: unexpected event for opcode 0x040d
[  144.437082][T10886] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  144.439153][T10886] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  144.442075][T10886] vhci_hcd vhci_hcd.0: Device attached
[  144.446057][T10887] usbip_core: unknown command
[  144.447955][T10887] vhci_hcd: unknown pdu 0
[  144.449676][T10887] usbip_core: unknown command
[  144.451802][ T1153] vhci_hcd: stop threads
[  144.453709][ T1153] vhci_hcd: release socket
[  144.455686][ T1153] vhci_hcd: disconnect device
[  144.537223][T10889] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10889 comm=syz.1.1413
[  144.708923][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1414'.
[  144.938928][ T6034] IPVS: starting estimator thread 0...
[  145.035882][T10903] IPVS: using max 41 ests per chain, 98400 per kthread
[  145.137661][   T40] audit: type=1400 audit(1758444958.907:685): avc:  denied  { map } for  pid=10904 comm="syz.0.1419" path="/dev/video0" dev="devtmpfs" ino=955 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  145.319551][T10918] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  145.415918][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  145.449122][T10925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1425'.
[  145.505405][T10928] netlink: 'syz.2.1425': attribute type 15 has an invalid length.
[  145.511127][T10928] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1425'.
[  145.514555][   T40] audit: type=1400 audit(1758444959.277:686): avc:  denied  { listen } for  pid=10904 comm="syz.0.1419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  145.658037][T10939] ieee802154 phy0 wpan0: encryption failed: -22
[  145.842316][   T40] audit: type=1804 audit(1758444959.607:687): pid=10945 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1430" name="/newroot/304/file0" dev="tmpfs" ino=1662 res=1 errno=0
[  146.305084][T10968] tipc: Started in network mode
[  146.307183][T10968] tipc: Node identity 6a612cdced65, cluster identity 4711
[  146.309474][T10968] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  146.679230][T11017] mkiss: ax0: crc mode is auto.
[  146.871473][T11021] veth1_macvtap: entered allmulticast mode
[  147.119413][T11024] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=11024 comm=syz.0.1450
[  147.132613][   T40] audit: type=1400 audit(1758444960.897:688): avc:  denied  { append } for  pid=11023 comm="syz.0.1450" path="/307/file0/cpuset.effective_cpus" dev="9p" ino=71827823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  147.338085][    T9] tipc: Node number set to 2265197788
[  147.410360][T11034] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  147.415318][T11034] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  147.419224][T11034] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  147.429171][T11034] overlayfs: inode number too big (/cpu.stat, ino=4611686018427387913, xinobits=2)
[  147.432663][T11034] evm: overlay not supported
[  147.434955][T11033] overlayfs: inode number too big (/cpu.stat, ino=4611686018427387913, xinobits=2)
[  147.521630][   T40] audit: type=1400 audit(1758444961.287:689): avc:  denied  { listen } for  pid=11042 comm="syz.0.1454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  147.805969][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  147.967125][    T9] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  147.982657][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.986390][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.990810][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  147.994375][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.998195][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.002521][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.006384][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  148.009124][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.012387][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.015283][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  148.018339][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.021499][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.024703][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  148.029425][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.032970][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.036045][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  148.038830][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.042204][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.045129][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  148.048473][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.051776][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.054591][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  148.058177][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  148.061539][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  148.066497][    T9] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  148.069323][    T9] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  148.072085][    T9] usb 5-1: Product: syz
[  148.073455][    T9] usb 5-1: Manufacturer: syz
[  148.075027][    T9] usb 5-1: SerialNumber: syz
[  148.079521][    T9] usb 5-1: config 0 descriptor??
[  148.085915][    T9] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  148.286977][    T9] usb 5-1: USB disconnect, device number 11
[  148.290833][    T9] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  148.834583][ T5977] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  148.838538][ T5977] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  148.842023][ T5977] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  148.845570][ T5977] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  148.849665][ T5977] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  148.916661][T11069] loop6: detected capacity change from 0 to 64
[  148.923547][ T6363] Buffer I/O error on dev loop6, logical block 0, async page read
[  148.927884][ T6363] Buffer I/O error on dev loop6, logical block 0, async page read
[  148.930530][ T6363] Buffer I/O error on dev loop6, logical block 0, async page read
[  148.933067][ T6363] Buffer I/O error on dev loop6, logical block 0, async page read
[  148.936404][ T6363] Buffer I/O error on dev loop6, logical block 0, async page read
[  148.948086][T11059] chnl_net:caif_netlink_parms(): no params data found
[  149.015713][T11059] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.020081][T11059] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.022354][T11059] bridge_slave_0: entered allmulticast mode
[  149.025053][T11059] bridge_slave_0: entered promiscuous mode
[  149.028321][T11059] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.030509][T11059] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.032762][T11059] bridge_slave_1: entered allmulticast mode
[  149.035464][T11059] bridge_slave_1: entered promiscuous mode
[  149.072386][T11059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  149.076815][T11059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.100769][T11080] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1464'.
[  149.110478][T11059] team0: Port device team_slave_0 added
[  149.115494][T11059] team0: Port device team_slave_1 added
[  149.134797][T11084] pim6reg: entered allmulticast mode
[  149.137450][T11083] bond0: Error: Cannot enslave bond to itself.
[  149.144048][T11083] Can't find a SQUASHFS superblock on nullb0
[  149.156051][T11059] batman_adv: batadv0: Adding interface: batadv_slave_0
[  149.158448][T11059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.166720][T11059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  149.171557][T11059] batman_adv: batadv0: Adding interface: batadv_slave_1
[  149.173675][T11059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.182007][T11059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  149.184137][   T40] audit: type=1400 audit(1758444962.947:690): avc:  denied  { unmount } for  pid=5970 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  149.227161][T11059] hsr_slave_0: entered promiscuous mode
[  149.229588][T11059] hsr_slave_1: entered promiscuous mode
[  149.231612][T11059] debugfs: 'hsr0' already exists in 'hsr'
[  149.233354][T11059] Cannot create hsr debugfs directory
[  149.278141][T11093] netlink: 730 bytes leftover after parsing attributes in process `syz.1.1468'.
[  149.347900][ T1125] sr 2:0:0:0: [sr0] tag#25 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  149.351818][ T1125] sr 2:0:0:0: [sr0] tag#25 Sense Key : Illegal Request [current] 
[  149.355087][ T1125] sr 2:0:0:0: [sr0] tag#25 Add. Sense: Invalid command operation code
[  149.358639][ T1125] sr 2:0:0:0: [sr0] tag#25 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  149.361993][ T1125] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  149.366462][ T1125] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  149.373381][T11059] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  149.377587][T11059] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  149.382845][T11059] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  149.387590][T11059] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  149.408119][T11106] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1470'.
[  149.408838][T11059] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.413077][T11059] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.415531][T11059] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.417984][T11059] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.452411][T11059] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.462479][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.466578][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.476990][T11111] program syz.0.1471 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  149.480395][T11059] 8021q: adding VLAN 0 to HW filter on device team0
[  149.485547][   T40] audit: type=1400 audit(1758444963.247:691): avc:  denied  { mount } for  pid=11107 comm="syz.0.1471" name="/" dev="pstore" ino=5823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  149.497082][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.500439][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.508460][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.511025][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.583048][   T40] audit: type=1400 audit(1758444963.347:692): avc:  denied  { create } for  pid=11115 comm="syz.2.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  149.592610][   T40] audit: type=1400 audit(1758444963.347:693): avc:  denied  { bind } for  pid=11115 comm="syz.2.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  149.624668][T11120] 9pnet: Could not find request transport: virtEÌÒ�iÅF…ýšâjWpio
[  149.655436][T11059] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.697410][T11128] netlink: 'syz.2.1476': attribute type 21 has an invalid length.
[  149.699944][T11128] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1476'.
[  149.702676][T11128] netlink: 'syz.2.1476': attribute type 6 has an invalid length.
[  149.705293][T11128] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1476'.
[  149.712774][   T40] audit: type=1804 audit(1758444963.477:694): pid=11128 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1476" name="bus" dev="ramfs" ino=44287 res=1 errno=0
[  149.789710][T11059] veth0_vlan: entered promiscuous mode
[  149.797035][T11059] veth1_vlan: entered promiscuous mode
[  149.819560][T11059] veth0_macvtap: entered promiscuous mode
[  149.820261][T11128] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1476'.
[  149.823250][T11059] veth1_macvtap: entered promiscuous mode
[  149.834963][T11059] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.842513][T11059] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.847717][ T1146] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.850403][ T1146] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.854019][ T1146] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.858309][ T1146] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.879023][   T53] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  149.901194][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.904348][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.916888][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.920110][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.037121][   T53] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  150.041420][   T53] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  150.044919][   T53] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  150.048489][   T53] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  150.052496][   T53] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  150.055453][   T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.057940][   T53] usb 6-1: config 0 descriptor??
[  150.087567][T11138] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1478'.
[  150.133591][T11136] netlink: 1792 bytes leftover after parsing attributes in process `syz.2.1477'.
[  150.153042][T11143] 9pnet_fd: Insufficient options for proto=fd
[  150.184460][T11145] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12397 sclass=netlink_route_socket pid=11145 comm=syz.2.1480
[  150.262625][T11152] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1483'.
[  150.277744][T11152] netlink: 'syz.2.1483': attribute type 21 has an invalid length.
[  150.280829][T11152] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1483'.
[  150.285415][T11152] lo speed is unknown, defaulting to 1000
[  150.287701][T11152] lo speed is unknown, defaulting to 1000
[  150.292451][T11152] lo speed is unknown, defaulting to 1000
[  150.298104][T11152] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  150.304745][T11152] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  150.323115][T11152] lo speed is unknown, defaulting to 1000
[  150.327551][T11152] lo speed is unknown, defaulting to 1000
[  150.330104][T11152] lo speed is unknown, defaulting to 1000
[  150.332554][T11152] lo speed is unknown, defaulting to 1000
[  150.335037][T11152] lo speed is unknown, defaulting to 1000
[  150.392231][T11161] lo speed is unknown, defaulting to 1000
[  150.443860][T11161] netlink: 'syz.2.1487': attribute type 5 has an invalid length.
[  150.522891][T11172] fuse: blksize only supported for fuseblk
[  150.530186][T11172] netlink: 'syz.5.1489': attribute type 4 has an invalid length.
[  150.653597][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  150.653607][   T40] audit: type=1400 audit(1758444964.417:698): avc:  denied  { accept } for  pid=11178 comm="syz.5.1492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  150.662237][ T6049] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  150.666016][   T53] usbhid 6-1:0.0: can't add hid device: -71
[  150.667989][   T53] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  150.674937][   T53] usb 6-1: USB disconnect, device number 18
[  150.715307][T11188] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  150.780379][   T40] audit: type=1400 audit(1758444964.547:699): avc:  denied  { nlmsg_write } for  pid=11191 comm="syz.2.1497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  150.810370][T11195] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1016 sclass=netlink_route_socket pid=11195 comm=syz.5.1498
[  150.838020][ T6049] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  150.841504][ T6049] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  150.844863][ T6049] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  150.848300][ T6049] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  150.852130][ T6049] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  150.854953][ T6049] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.864809][ T6049] usb 5-1: config 0 descriptor??
[  150.901679][T11210] netlink: 'syz.5.1502': attribute type 16 has an invalid length.
[  150.904121][T11210] netlink: 'syz.5.1502': attribute type 17 has an invalid length.
[  150.936229][ T5975] Bluetooth: hci4: command tx timeout
[  150.946799][T11210] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  150.989310][   T40] audit: type=1400 audit(1758444964.757:700): avc:  denied  { read } for  pid=11202 comm="syz.2.1500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  151.197446][T11218] input: syz1 as /devices/virtual/input/input20
[  151.273971][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.276566][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.279065][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.281288][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.283505][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.285918][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.288220][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.290887][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.293101][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.295367][ T6049] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  151.310227][ T6049] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  151.538510][ T6049] usb 5-1: USB disconnect, device number 12
[  151.859269][   T40] audit: type=1400 audit(1758444965.627:701): avc:  denied  { ioctl } for  pid=11242 comm="syz.2.1512" path="/391/file0/file0" dev="fuse" ino=64 ioctlcmd=0x541a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  152.090410][   T40] audit: type=1400 audit(1758444965.857:702): avc:  denied  { unlink } for  pid=11247 comm="syz.0.1513" name="file0" dev="9p" ino=71827677 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.163117][   T40] audit: type=1400 audit(1758444965.927:703): avc:  denied  { link } for  pid=11247 comm="syz.0.1513" name="file1" dev="9p" ino=71827681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.178765][   T40] audit: type=1400 audit(1758444965.947:704): avc:  denied  { setattr } for  pid=11247 comm="syz.0.1513" name="file7" dev="9p" ino=71827681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.392804][T11251] proc: Unknown parameter '}'
[  152.487793][T11261] binder: 11260:11261 ioctl 8933 200000000ec0 returned -22
[  152.527567][T11261] vlan2: entered allmulticast mode
[  152.529674][T11261] bond0: entered allmulticast mode
[  152.835227][ T1145] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  152.839605][T11271] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  152.957202][   T40] audit: type=1400 audit(1758444966.727:705): avc:  denied  { setopt } for  pid=11287 comm="syz.1.1525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  153.016270][ T5975] Bluetooth: hci4: command tx timeout
[  153.051699][   T40] audit: type=1400 audit(1758444966.817:706): avc:  denied  { write } for  pid=11287 comm="syz.1.1525" laddr=::ffff:172.20.20.170 lport=60045 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  153.053574][T11288] netlink: 'syz.1.1525': attribute type 10 has an invalid length.
[  153.061418][   T40] audit: type=1400 audit(1758444966.817:707): avc:  denied  { setopt } for  pid=11287 comm="syz.1.1525" laddr=::ffff:172.20.20.170 lport=60045 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  153.139288][T11304] lo speed is unknown, defaulting to 1000
[  153.183409][T11319] macvtap1: entered promiscuous mode
[  153.185656][T11319] team0: Device macvtap1 is already an upper device of the team interface
[  153.269234][T11329] binder: BINDER_SET_CONTEXT_MGR already set
[  153.271183][T11329] binder: 11328:11329 ioctl 4018620d 200000000280 returned -16
[  153.391676][T11347] can: request_module (can-proto-0) failed.
[  153.534954][T11360] bridge_slave_0: entered promiscuous mode
[  153.568940][T11359] bridge_slave_0: left promiscuous mode
[  154.055906][ T1025] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  154.225812][ T1025] usb 5-1: Using ep0 maxpacket: 8
[  154.230073][ T1025] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  154.232630][ T1025] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  154.235850][ T1025] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  154.239092][ T1025] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  154.242490][ T1025] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  154.246597][ T1025] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  154.249289][ T1025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.418212][ T5977] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  154.422784][ T5977] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  154.425855][ T5977] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  154.429561][ T5977] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  154.432409][ T5977] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  154.459570][T11380] lo speed is unknown, defaulting to 1000
[  154.460749][ T1025] usb 5-1: usb_control_msg returned -32
[  154.463527][ T1025] usbtmc 5-1:16.0: can't read capabilities
[  154.501008][T11385] __nla_validate_parse: 12 callbacks suppressed
[  154.501018][T11385] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1553'.
[  154.540484][T11388] bridge0: entered promiscuous mode
[  154.542720][T11388] macsec1: entered promiscuous mode
[  154.599984][T11380] chnl_net:caif_netlink_parms(): no params data found
[  154.684912][T11380] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.688934][T11380] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.691346][T11380] bridge_slave_0: entered allmulticast mode
[  154.693963][T11380] bridge_slave_0: entered promiscuous mode
[  154.697262][T11380] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.699532][T11380] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.701721][T11380] bridge_slave_1: entered allmulticast mode
[  154.706081][T11380] bridge_slave_1: entered promiscuous mode
[  154.749530][T11380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.754101][T11380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.801305][T11380] team0: Port device team_slave_0 added
[  154.805301][T11380] team0: Port device team_slave_1 added
[  154.814794][T11408] usbtmc 5-1:16.0: usb_control_msg returned -32
[  154.821710][ T5963] usb 5-1: USB disconnect, device number 13
[  154.851132][T11380] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.853434][T11380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.862686][T11380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.871946][T11380] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.874250][T11380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.882649][T11380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.932017][T11380] hsr_slave_0: entered promiscuous mode
[  154.935034][T11380] hsr_slave_1: entered promiscuous mode
[  154.938038][T11380] debugfs: 'hsr0' already exists in 'hsr'
[  154.940115][T11380] Cannot create hsr debugfs directory
[  155.097068][ T5977] Bluetooth: hci4: command tx timeout
[  155.122244][T11380] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  155.129535][T11380] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  155.136572][T11380] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  155.143413][T11380] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  155.166398][T11380] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.169038][T11380] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.171425][T11380] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.173828][T11380] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.226102][T11380] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.241975][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.248349][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.274312][T11380] 8021q: adding VLAN 0 to HW filter on device team0
[  155.283186][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.285814][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.295219][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.297828][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.458043][T11380] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.470456][T11430] bridge: RTM_NEWNEIGH with invalid state 0x1
[  155.512873][T11435] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1565'.
[  155.517787][T11435] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1565'.
[  155.613014][T11380] veth0_vlan: entered promiscuous mode
[  155.619050][T11380] veth1_vlan: entered promiscuous mode
[  155.626701][ T6034] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  155.633793][T11380] veth0_macvtap: entered promiscuous mode
[  155.638428][T11380] veth1_macvtap: entered promiscuous mode
[  155.651720][T11380] batman_adv: batadv0: Interface activated: batadv_slave_0
[  155.661131][T11380] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.671450][   T46] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.674318][   T46] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.681899][   T46] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.689632][   T46] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.706310][T11442] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1567'.
[  155.709825][T11442] netlink: 'syz.5.1567': attribute type 14 has an invalid length.
[  155.721954][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.726900][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.738052][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.740190][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.757466][ T6034] usb 5-1: device descriptor read/64, error -71
[  155.847320][T11446] block nbd5: NBD_DISCONNECT
[  155.849134][T11446] block nbd5: Disconnected due to user request.
[  155.851166][T11446] block nbd5: shutting down sockets
[  155.858875][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  155.858884][   T40] audit: type=1400 audit(1758444969.627:712): avc:  denied  { sqpoll } for  pid=11447 comm="syz.6.1551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  155.873069][T11446] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  155.883155][T11446] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  155.885176][T11446] comedi comedi3: 8255: I/O port conflict (0x10000,4)
[  156.006095][ T6034] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  156.136289][ T6034] usb 5-1: device descriptor read/64, error -71
[  156.246050][ T6034] usb usb5-port1: attempt power cycle
[  156.351282][   T40] audit: type=1400 audit(1758444970.117:713): avc:  denied  { setattr } for  pid=11467 comm="syz.5.1573" name="NETLINK" dev="sockfs" ino=47218 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  156.355994][T11469] netlink: 'syz.5.1573': attribute type 1 has an invalid length.
[  156.362414][T11469] netlink: 136 bytes leftover after parsing attributes in process `syz.5.1573'.
[  156.365130][T11469] netlink: 'syz.5.1573': attribute type 2 has an invalid length.
[  156.368245][T11469] netlink: 'syz.5.1573': attribute type 1 has an invalid length.
[  156.456094][ T5977] Bluetooth: hci3: command tx timeout
[  156.488146][T11479] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1576'.
[  156.516247][T11481] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1576'.
[  156.586229][ T6034] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  156.607091][ T1025] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  156.615330][ T6034] usb 5-1: device descriptor read/8, error -71
[  156.755969][ T1025] usb 11-1: Using ep0 maxpacket: 32
[  156.761566][ T1025] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  156.767498][ T1025] usb 11-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  156.770540][ T1025] usb 11-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  156.773330][ T1025] usb 11-1: Product: syz
[  156.774891][ T1025] usb 11-1: Manufacturer: syz
[  156.777560][ T1025] usb 11-1: SerialNumber: syz
[  156.781360][ T1025] usb 11-1: config 0 descriptor??
[  156.783578][T11466] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  156.856394][ T6034] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  156.876947][ T6034] usb 5-1: device descriptor read/8, error -71
[  156.987257][ T6034] usb usb5-port1: unable to enumerate USB device
[  156.989740][T11488] netlink: 'syz.5.1578': attribute type 2 has an invalid length.
[  156.990237][ T1025] usb 11-1: USB disconnect, device number 2
[  157.068050][T11496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=11496 comm=syz.5.1580
[  157.073366][T11496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pid=11496 comm=syz.5.1580
[  157.078050][T11496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=11496 comm=syz.5.1580
[  157.082768][T11496] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11496 comm=syz.5.1580
[  157.087367][T11496] netlink: 'syz.5.1580': attribute type 27 has an invalid length.
[  157.090230][T11496] netlink: 'syz.5.1580': attribute type 4 has an invalid length.
[  157.092795][T11496] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1580'.
[  157.157921][T11502] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=11502 comm=syz.5.1580
[  157.162916][   T40] audit: type=1400 audit(1758444970.927:714): avc:  denied  { create } for  pid=11495 comm="syz.5.1580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  157.361935][   T40] audit: type=1400 audit(1758444971.127:715): avc:  denied  { connect } for  pid=11506 comm="syz.1.1583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  157.413641][   T40] audit: type=1400 audit(1758444971.177:716): avc:  denied  { listen } for  pid=11506 comm="syz.1.1583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  157.480935][T11509] veth1_to_batadv: entered promiscuous mode
[  157.520838][   T40] audit: type=1400 audit(1758444971.287:717): avc:  denied  { map } for  pid=11510 comm="syz.6.1584" path="/proc/13/net/pfkey" dev="proc" ino=4026534138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  157.528512][   T40] audit: type=1400 audit(1758444971.287:718): avc:  denied  { execute } for  pid=11510 comm="syz.6.1584" path="/proc/13/net/pfkey" dev="proc" ino=4026534138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  157.673019][T11516] netlink: 'syz.6.1586': attribute type 2 has an invalid length.
[  157.676445][T11516] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1586'.
[  157.763358][T11521] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.767171][T11521] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.971506][T11521] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.976310][T11521] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.026106][ T6049] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  158.040186][T11524] netlink: 'syz.5.1588': attribute type 1 has an invalid length.
[  158.055452][T11524] 8021q: adding VLAN 0 to HW filter on device bond1
[  158.068339][T11524] bond1: (slave geneve2): making interface the new active one
[  158.072327][T11524] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  158.391088][   T40] audit: type=1400 audit(1758444972.157:719): avc:  denied  { getopt } for  pid=11535 comm="syz.0.1591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  158.392116][T11536] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1591'.
[  158.536920][ T5977] Bluetooth: hci3: command tx timeout
[  158.564668][   T40] audit: type=1326 audit(1758444972.327:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11546 comm="syz.0.1594" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e50b8ec29 code=0x0
[  158.592676][T11552] sock: sock_timestamping_bind_phc: sock not bind to device
[  158.649129][T11561] bad cache= option: none

[  158.649129][T11561] 
[  158.651378][T11561] CIFS: VFS: bad cache= option: none

[  159.153181][   T40] audit: type=1400 audit(1758444972.917:721): avc:  denied  { setopt } for  pid=11590 comm="syz.5.1603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  159.165830][ T6049] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  159.188676][T11593] netlink: 'syz.5.1604': attribute type 2 has an invalid length.
[  159.318680][ T6049] usb 11-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  159.320647][T11604] tmpfs: Group quota block hardlimit too large.
[  159.322346][ T6049] usb 11-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  159.329334][ T6049] usb 11-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  159.332252][ T6049] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.338565][T11580] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  159.350371][ T6049] usb 11-1: Quirk or no altset; falling back to MIDI 1.0
[  159.402264][T11609] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  159.406118][T11609] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  159.434698][T11608] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  159.553638][ T6005] usb 11-1: USB disconnect, device number 4
[  159.652065][T11620] ieee802154 phy0 wpan0: encryption failed: -22
[  159.681156][T11622] netlink: 'syz.1.1614': attribute type 11 has an invalid length.
[  159.993768][T11626] proc: Unknown parameter 'usrquota'
[  160.002718][T11626] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=11626 comm=syz.1.1616
[  160.043591][T11628] tmpfs: Bad value for 'mpol'
[  160.071329][T11630] fuse: Unknown parameter 'rootmode800000000000000000100000'
[  160.212281][T11642] block nbd5: Attempted send on invalid socket
[  160.214582][T11642] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  160.218441][T11642] ADFS-fs (nbd5): error: unable to read block 3, try 0
[  160.228203][T11642] block nbd5: Attempted send on invalid socket
[  160.230359][T11642] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  160.233508][T11642] ADFS-fs (nbd5): error: unable to read block 3, try 0
[  160.316260][ T1025] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  160.404217][T11657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  160.408594][T11657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  160.514088][T11660] ALSA: mixer_oss: invalid index 100000
[  160.616011][ T5977] Bluetooth: hci3: command tx timeout
[  161.388903][T11684] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  161.392127][T11684] syzkaller0: entered promiscuous mode
[  161.394307][T11684] syzkaller0: entered allmulticast mode
[  161.416061][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  161.636082][ T6049] usb 6-1: new low-speed USB device number 19 using dummy_hcd
[  161.706431][T11712] kvm: pic: non byte write
[  161.787525][ T6049] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  161.791029][ T6049] usb 6-1: config 0 has no interface number 0
[  161.793655][ T6049] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  161.798301][ T6049] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 8224, setting to 8
[  161.802801][ T6049] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  161.810186][ T6049] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  161.814491][ T6049] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  161.819053][ T6049] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  161.824255][ T6049] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  161.827995][ T6049] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.837234][ T6049] usb 6-1: config 0 descriptor??
[  161.840167][T11684] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  161.843206][T11684] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  161.851024][ T6049] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  161.891293][T11719] autofs4:pid:11719:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e)
[  161.930723][ T5977] Bluetooth: hci3: unknown advertising packet type: 0x82
[  161.930777][ T5977] Bluetooth: hci3: Dropping invalid advertising data
[  161.936078][ T5977] Bluetooth: hci3: Malformed LE Event: 0x02
[  162.053589][T11684] ldusb 6-1:0.55: Write buffer overflow, 1 bytes dropped
[  162.071719][T11684] tipc: Resetting bearer <eth:syzkaller0>
[  162.082037][ T6049] usb 6-1: USB disconnect, device number 19
[  162.085739][T11683] tipc: Resetting bearer <eth:syzkaller0>
[  162.088898][ T6049] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  162.098836][T11683] tipc: Disabling bearer <eth:syzkaller0>
[  162.541868][ T5977] Bluetooth: hci3: unexpected event 0x1c length: 6 > 5
[  162.543929][T11731] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  162.549552][T11731] SELinux: failed to load policy
[  162.627437][ T1025] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  162.633930][T11733] autofs4:pid:11733:validate_dev_ioctl: path string terminator missing for cmd(0xc0189371)
[  162.696887][ T5977] Bluetooth: hci3: command tx timeout
[  162.777090][ T1025] usb 10-1: config 1 has an invalid interface number: 7 but max is 0
[  162.779605][ T1025] usb 10-1: config 1 has no interface number 0
[  162.781636][ T1025] usb 10-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  162.785631][ T1025] usb 10-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  162.789684][ T1025] usb 10-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  162.792759][ T1025] usb 10-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.798089][ T1025] usb 10-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  162.800852][ T1025] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.803319][ T1025] usb 10-1: Product: syz
[  162.804858][ T1025] usb 10-1: Manufacturer: syz
[  162.806887][ T1025] usb 10-1: SerialNumber: syz
[  162.815739][T11727] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  162.820559][T11727] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  162.952946][T11753] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.955509][T11753] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.226695][T11727] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  163.229133][T11727] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  163.435195][ T1025] usb 10-1: Incompatible driver and firmware versions
[  163.443643][ T1025] usb 10-1: USB disconnect, device number 2
[  163.670341][T11708] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  163.674848][T11708] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.678907][T11708] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  163.682605][T11708] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.692343][T11708] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  163.696810][T11708] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.699884][T11708] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  163.701291][T11774] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  163.702726][T11708] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.705213][T11774] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  163.705358][T11774] vhci_hcd vhci_hcd.0: Device attached
[  163.718349][T11774] binder: 11773:11774 unknown command 0
[  163.720094][T11774] binder: 11773:11774 ioctl c0306201 200000000080 returned -22
[  163.728712][T11775] vhci_hcd: connection closed
[  163.729020][T11706] vhci_hcd: stop threads
[  163.732795][T11706] vhci_hcd: release socket
[  163.734670][T11706] vhci_hcd: disconnect device
[  163.863227][T11789] __nla_validate_parse: 2 callbacks suppressed
[  163.863242][T11789] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1665'.
[  163.870331][T11789] unsupported nlmsg_type 40
[  163.984768][T11800] kvm: kvm [11799]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x200000000b00
[  164.007320][T11807] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  164.090829][T11822] batman_adv: batadv0: Adding interface: dummy0
[  164.091034][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  164.091047][   T40] audit: type=1400 audit(1758444977.857:723): avc:  denied  { shutdown } for  pid=11819 comm="syz.1.1675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  164.093754][T11822] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.112764][T11822] batman_adv: batadv0: Interface activated: dummy0
[  164.132040][T11830] loop9: detected capacity change from 0 to 7
[  164.136801][T11830] Dev loop9: unable to read RDB block 7
[  164.139396][T11830]  loop9: unable to read partition table
[  164.141221][T11830] loop9: partition table beyond EOD, truncated
[  164.143184][T11830] loop_reread_partitions: partition scan of loop9 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  164.207278][T11830] Dev loop9: unable to read RDB block 7
[  164.209057][T11830]  loop9: unable to read partition table
[  164.210912][T11830] loop9: partition table beyond EOD, truncated
[  164.212837][T11830] loop_reread_partitions: partition scan of loop9 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  164.420088][T11897] 9pnet_fd: p9_fd_create_tcp (11897): problem connecting socket to 127.0.0.1
[  164.799417][T11915] bridge9: entered promiscuous mode
[  164.944950][T11922] netlink: 'syz.1.1692': attribute type 1 has an invalid length.
[  164.958839][T11922] 8021q: adding VLAN 0 to HW filter on device bond4
[  164.963376][T11922] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1692'.
[  164.969946][T11922] gretap1: entered promiscuous mode
[  165.131294][ T6005] Process accounting resumed
[  165.168651][T11933] Process accounting resumed
[  165.179123][T11939] openvswitch: netlink: Key type 7457 is out of range max 32
[  165.185595][T11939] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1696'.
[  165.189246][T11941] 9pnet: p9_errstr2errno: server reported unknown error 
[  165.265145][T11952] netlink: 'syz.6.1703': attribute type 1 has an invalid length.
[  165.278353][T11952] 8021q: adding VLAN 0 to HW filter on device bond1
[  165.285199][T11956] ufs: You didn't specify the type of your ufs filesystem
[  165.285199][T11956] 
[  165.285199][T11956] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  165.285199][T11956] 
[  165.285199][T11956] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  165.290769][T11952] vlan2: entered promiscuous mode
[  165.295171][T11956] ufs: ufstype=old is supported read-only
[  165.297141][T11952] bond1: entered promiscuous mode
[  165.298992][T11956] ufs: ufs_fill_super(): bad magic number
[  165.300850][T11952] vlan2: entered allmulticast mode
[  165.304630][T11952] bond1: entered allmulticast mode
[  165.317276][T11952] gretap1: entered promiscuous mode
[  165.428615][T11979] netlink: 'syz.6.1710': attribute type 10 has an invalid length.
[  165.431438][T11979] netlink: 2 bytes leftover after parsing attributes in process `syz.6.1710'.
[  165.434470][T11979] team0: entered promiscuous mode
[  165.436368][T11979] team_slave_0: entered promiscuous mode
[  165.438585][T11979] team_slave_1: entered promiscuous mode
[  165.440616][T11979] bridge0: port 3(team0) entered blocking state
[  165.442651][T11979] bridge0: port 3(team0) entered disabled state
[  165.444737][T11979] team0: entered allmulticast mode
[  165.447034][T11979] team_slave_0: entered allmulticast mode
[  165.449035][T11979] team_slave_1: entered allmulticast mode
[  165.452362][T11979] bridge0: port 3(team0) entered blocking state
[  165.454455][T11979] bridge0: port 3(team0) entered forwarding state
[  165.542093][T11971] usb 1-1: reset high-speed USB device number 2 using ehci-pci
[  165.787260][ T6030] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  165.812302][   T40] audit: type=1400 audit(1758444979.577:724): avc:  denied  { relabelfrom } for  pid=12003 comm="syz.1.1718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  165.821383][   T40] audit: type=1400 audit(1758444979.577:725): avc:  denied  { relabelto } for  pid=12003 comm="syz.1.1718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  165.885007][T12008] netlink: 'syz.5.1719': attribute type 21 has an invalid length.
[  165.925908][ T6030] usb 11-1: device descriptor read/64, error -71
[  166.100081][   T40] audit: type=1800 audit(1758444979.867:726): pid=12035 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.5.1726" name="/newroot/60/bus/#342//deleted" dev="tmpfs" ino=342 res=0 errno=0
[  166.122665][   T40] audit: type=1400 audit(1758444979.887:727): avc:  denied  { accept } for  pid=12041 comm="syz.0.1729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  166.175967][ T6030] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  166.298222][T12051] ip6erspan0: entered promiscuous mode
[  166.331070][ T6030] usb 11-1: device descriptor read/64, error -71
[  166.334382][   T40] audit: type=1400 audit(1758444980.097:728): avc:  denied  { getopt } for  pid=12052 comm="syz.5.1732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  166.436703][ T6030] usb usb11-port1: attempt power cycle
[  166.534147][T12065] binder: 12064:12065 ioctl c0306201 200000000240 returned -14
[  166.805868][ T6030] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  166.836451][ T6030] usb 11-1: device descriptor read/8, error -71
[  166.894664][T12078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1740'.
[  166.923606][   T40] audit: type=1400 audit(1758444980.687:729): avc:  denied  { write } for  pid=12079 comm="syz.1.1741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  167.038681][T12088] Can't find a SQUASHFS superblock on sr0
[  167.095890][ T6030] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  167.128849][ T6030] usb 11-1: device descriptor read/8, error -71
[  167.199071][T12097] SELinux:  policydb version 1483220922 does not match my version range 15-35
[  167.202069][T12097] SELinux: failed to load policy
[  167.236707][ T6030] usb usb11-port1: unable to enumerate USB device
[  167.680513][   T40] audit: type=1400 audit(1758444981.447:730): avc:  denied  { watch_with_perm } for  pid=12126 comm="syz.0.1756" path="/379/bus" dev="tmpfs" ino=2069 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  167.716415][   T29] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  167.877409][   T29] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.880898][   T29] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  167.885026][   T29] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  167.889842][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  167.893514][   T29] usb 6-1: SerialNumber: syz
[  168.107773][   T29] usb 6-1: 0:2 : does not exist
[  168.109431][   T29] usb 6-1: unit 9 not found!
[  168.120864][   T29] usb 6-1: USB disconnect, device number 20
[  168.142826][ T6363] udevd[6363]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  168.202098][T12147] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1763'.
[  168.227228][T12147] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1763'.
[  168.462870][   T40] audit: type=1400 audit(1758444982.227:731): avc:  denied  { mounton } for  pid=12154 comm="syz.5.1765" path="/69/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  168.594634][   T40] audit: type=1400 audit(1758444982.357:732): avc:  denied  { ioctl } for  pid=12160 comm="syz.6.1767" path="/43/file0" dev="tmpfs" ino=242 ioctlcmd=0x540f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  168.806838][T12167] /dev/sr0: Can't open blockdev
[  168.843858][T12181] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  168.853030][T12181] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  168.857367][T12181] kvm: requested 24304 ns i8254 timer period limited to 200000 ns
[  168.860620][T12181] kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[  168.863133][T12181] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  168.868281][T12181] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  168.871678][T12181] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  168.876385][T12181] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  168.881590][T12181] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  168.884884][T12181] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  168.920650][T12193] sctp: [Deprecated]: syz.1.1777 (pid 12193) Use of struct sctp_assoc_value in delayed_ack socket option.
[  168.920650][T12193] Use struct sctp_sack_info instead
[  168.963761][T12196] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  168.966554][T12196] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  168.969922][T12196] vhci_hcd vhci_hcd.0: Device attached
[  168.996876][T12199] vhci_hcd: connection closed
[  168.997154][T11692] vhci_hcd: stop threads
[  169.000210][T11692] vhci_hcd: release socket
[  169.001708][T11692] vhci_hcd: disconnect device
[  169.458760][T12215] openvswitch: netlink: IPv6 tunnel dst address is zero
[  169.462776][T12215] openvswitch: netlink: IPv6 tunnel dst address is zero
[  169.548121][T12229] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1787'.
[  169.554110][T12229] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=12229 comm=syz.1.1787
[  169.558250][T12229] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12229 comm=syz.1.1787
[  169.562052][T12229] netlink: 'syz.1.1787': attribute type 27 has an invalid length.
[  169.565040][T12229] netlink: 'syz.1.1787': attribute type 4 has an invalid length.
[  169.567762][T12229] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1787'.
[  169.612703][T12233] bridge11: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  169.794101][T12246] 9pnet_virtio: no channels available for device syz
[  170.059124][T12259] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1794'.
[  170.106065][ T1025] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  170.235976][ T1025] usb 11-1: device descriptor read/64, error -71
[  170.237191][T12271] tmpfs: Unknown parameter 'fP'§Aø±œ¨³el° ol'
[  170.275973][ T7407] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  170.288559][T12271] dvmrp17: entered allmulticast mode
[  170.291783][T12271] dvmrp17: left allmulticast mode
[  170.399238][   T40] audit: type=1400 audit(1758444984.167:733): avc:  denied  { lock } for  pid=12273 comm="syz.1.1798" path="socket:[50639]" dev="sockfs" ino=50639 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  170.404707][T12274] netlink: 'syz.1.1798': attribute type 1 has an invalid length.
[  170.435914][ T7407] usb 10-1: Using ep0 maxpacket: 16
[  170.439839][ T7407] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  170.444137][ T7407] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  170.447810][ T7407] usb 10-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00
[  170.451592][ T7407] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.456624][ T7407] usb 10-1: config 0 descriptor??
[  170.485892][ T1025] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[  170.544898][   T40] audit: type=1400 audit(1758444984.307:734): avc:  denied  { getopt } for  pid=12278 comm="syz.0.1801" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  170.546568][T12280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1801'.
[  170.626018][ T1025] usb 11-1: device descriptor read/64, error -71
[  170.655620][T12297] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  170.667721][T12294] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  170.679873][T12264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.683704][T12264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.710508][ T7407] usbhid 10-1:0.0: can't add hid device: -71
[  170.712732][ T7407] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  170.717686][ T7407] usb 10-1: USB disconnect, device number 3
[  170.729173][T12303] netlink: 'syz.5.1806': attribute type 21 has an invalid length.
[  170.732480][T12303] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1806'.
[  170.736564][ T1025] usb usb11-port1: attempt power cycle
[  170.739126][T12303] netlink: 'syz.5.1806': attribute type 6 has an invalid length.
[  170.741678][T12303] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1806'.
[  170.791889][T12308] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1808'.
[  170.853857][T12310] program syz.0.1809 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  170.863158][T12310] netlink: 'syz.0.1809': attribute type 10 has an invalid length.
[  170.866384][T12310] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1809'.
[  170.869997][T12310] dummy0: entered promiscuous mode
[  170.872679][T12310] batman_adv: batadv0: Interface deactivated: dummy0
[  170.875415][T12310] batman_adv: batadv0: Removing interface: dummy0
[  170.880556][T12310] bridge0: port 1(dummy0) entered blocking state
[  170.883263][T12310] bridge0: port 1(dummy0) entered disabled state
[  170.886118][T12310] dummy0: entered allmulticast mode
[  170.942900][T12308] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1808'.
[  171.037066][   T40] audit: type=1800 audit(1758444984.807:735): pid=12318 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.1812" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0
[  171.086177][ T1025] usb 11-1: new high-speed USB device number 11 using dummy_hcd
[  171.106699][ T1025] usb 11-1: device descriptor read/8, error -71
[  171.355863][ T1025] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[  171.376604][ T1025] usb 11-1: device descriptor read/8, error -71
[  171.485885][ T6005] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  171.486268][ T1025] usb usb11-port1: unable to enumerate USB device
[  171.645942][ T6005] usb 10-1: Using ep0 maxpacket: 8
[  171.650695][ T6005] usb 10-1: config 0 has no interfaces?
[  171.653041][ T6005] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  171.657568][ T6005] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.663072][ T6005] usb 10-1: config 0 descriptor??
[  171.868441][T12327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.872135][T12327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  172.148164][   T40] audit: type=1400 audit(1758444985.917:736): avc:  denied  { ioctl } for  pid=12330 comm="syz.1.1816" path="socket:[52606]" dev="sockfs" ino=52606 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  172.256939][   T40] audit: type=1400 audit(1758444986.027:737): avc:  denied  { map } for  pid=12334 comm="syz.1.1818" path="socket:[50057]" dev="sockfs" ino=50057 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  172.336198][ T7407] ==================================================================
[  172.339591][ T7407] BUG: KASAN: slab-use-after-free in __mutex_lock+0xe8a/0x1060
[  172.342729][ T7407] Read of size 8 at addr ffff88805a1ee320 by task kworker/0:4/7407
[  172.348065][ T7407] 
[  172.349098][ T7407] CPU: 0 UID: 0 PID: 7407 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) 
[  172.349120][ T7407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.349133][ T7407] Workqueue: events l2cap_chan_timeout
[  172.349166][ T7407] Call Trace:
[  172.349174][ T7407]  <TASK>
[  172.349181][ T7407]  dump_stack_lvl+0x116/0x1f0
[  172.349206][ T7407]  print_report+0xcd/0x630
[  172.349232][ T7407]  ? __virt_addr_valid+0x81/0x610
[  172.349255][ T7407]  ? __phys_addr+0xe8/0x180
[  172.349277][ T7407]  ? __mutex_lock+0xe8a/0x1060
[  172.349299][ T7407]  kasan_report+0xe0/0x110
[  172.349319][ T7407]  ? __mutex_lock+0xe8a/0x1060
[  172.349344][ T7407]  ? l2cap_chan_timeout+0x6d/0x310
[  172.349360][ T7407]  __mutex_lock+0xe8a/0x1060
[  172.349388][ T7407]  ? l2cap_chan_timeout+0x6d/0x310
[  172.349407][ T7407]  ? irqentry_exit+0x3b/0x90
[  172.349428][ T7407]  ? __pfx___mutex_lock+0x10/0x10
[  172.349455][ T7407]  ? lock_acquire+0x62/0x350
[  172.349473][ T7407]  ? l2cap_chan_timeout+0x6d/0x310
[  172.349490][ T7407]  l2cap_chan_timeout+0x6d/0x310
[  172.349509][ T7407]  process_one_work+0x9cc/0x1b70
[  172.349533][ T7407]  ? __pfx_process_one_work+0x10/0x10
[  172.349555][ T7407]  ? assign_work+0x1a0/0x250
[  172.349573][ T7407]  worker_thread+0x6c8/0xf10
[  172.349596][ T7407]  ? __kthread_parkme+0x19e/0x250
[  172.349621][ T7407]  ? __pfx_worker_thread+0x10/0x10
[  172.349639][ T7407]  kthread+0x3c2/0x780
[  172.349656][ T7407]  ? __pfx_kthread+0x10/0x10
[  172.349673][ T7407]  ? rcu_is_watching+0x12/0xc0
[  172.349695][ T7407]  ? __pfx_kthread+0x10/0x10
[  172.349712][ T7407]  ret_from_fork+0x56a/0x730
[  172.349728][ T7407]  ? __pfx_kthread+0x10/0x10
[  172.349745][ T7407]  ret_from_fork_asm+0x1a/0x30
[  172.349795][ T7407]  </TASK>
[  172.349802][ T7407] 
[  172.421088][ T7407] Allocated by task 10339:
[  172.422962][ T7407]  kasan_save_stack+0x33/0x60
[  172.424971][ T7407]  kasan_save_track+0x14/0x30
[  172.426936][ T7407]  __kasan_kmalloc+0xaa/0xb0
[  172.428887][ T7407]  l2cap_conn_add.part.0+0x60/0xa60
[  172.431081][ T7407]  l2cap_chan_connect+0x15e5/0x2020
[  172.433302][ T7407]  l2cap_sock_connect+0x3ba/0x740
[  172.435489][ T7407]  kernel_connect+0x107/0x180
[  172.437465][ T7407]  rfcomm_dlc_open+0x821/0xaa0
[  172.439550][ T7407]  rfcomm_sock_connect+0x423/0x670
[  172.441743][ T7407]  __sys_connect_file+0x13e/0x1a0
[  172.443927][ T7407]  __sys_connect+0x13b/0x160
[  172.445905][ T7407]  __x64_sys_connect+0x72/0xb0
[  172.447896][ T7407]  do_syscall_64+0xcd/0x4e0
[  172.449824][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.452270][ T7407] 
[  172.453340][ T7407] Freed by task 10381:
[  172.455104][ T7407]  kasan_save_stack+0x33/0x60
[  172.457079][ T7407]  kasan_save_track+0x14/0x30
[  172.459051][ T7407]  kasan_save_free_info+0x3b/0x60
[  172.461160][ T7407]  __kasan_slab_free+0x60/0x70
[  172.463163][ T7407]  kfree+0x2b4/0x4d0
[  172.464862][ T7407]  l2cap_conn_del+0x59c/0x730
[  172.466870][ T7407]  l2cap_disconn_cfm+0x96/0xd0
[  172.468877][ T7407]  hci_conn_hash_flush+0x10e/0x260
[  172.471044][ T7407]  hci_dev_close_sync+0x602/0x11d0
[  172.473212][ T7407]  hci_dev_do_close+0x2e/0x90
[  172.475195][ T7407]  hci_unregister_dev+0x227/0x640
[  172.477292][ T7407]  vhci_release+0x17d/0x230
[  172.479195][ T7407]  __fput+0x3ff/0xb70
[  172.480952][ T7407]  task_work_run+0x150/0x240
[  172.482967][ T7407]  do_exit+0x86f/0x2bf0
[  172.484740][ T7407]  do_group_exit+0xd3/0x2a0
[  172.486669][ T7407]  get_signal+0x2673/0x26d0
[  172.488587][ T7407]  arch_do_signal_or_restart+0x8f/0x7d0
[  172.490943][ T7407]  exit_to_user_mode_loop+0x84/0x110
[  172.493160][ T7407]  do_syscall_64+0x41c/0x4e0
[  172.495123][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.497578][ T7407] 
[  172.498621][ T7407] The buggy address belongs to the object at ffff88805a1ee000
[  172.498621][ T7407]  which belongs to the cache kmalloc-1k of size 1024
[  172.503706][ T7407] The buggy address is located 800 bytes inside of
[  172.503706][ T7407]  freed 1024-byte region [ffff88805a1ee000, ffff88805a1ee400)
[  172.507982][ T7407] 
[  172.508758][ T7407] The buggy address belongs to the physical page:
[  172.510795][ T7407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5a1e8
[  172.513543][ T7407] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  172.516210][ T7407] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  172.518575][ T7407] page_type: f5(slab)
[  172.519841][ T7407] raw: 00fff00000000040 ffff88801b842dc0 dead000000000100 dead000000000122
[  172.522509][ T7407] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  172.525170][ T7407] head: 00fff00000000040 ffff88801b842dc0 dead000000000100 dead000000000122
[  172.527823][ T7407] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  172.530507][ T7407] head: 00fff00000000003 ffffea0001687a01 00000000ffffffff 00000000ffffffff
[  172.533199][ T7407] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  172.535898][ T7407] page dumped because: kasan: bad access detected
[  172.537897][ T7407] page_owner tracks the page as allocated
[  172.539672][ T7407] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1082, tgid 1082 (kworker/u32:5), ts 60666261733, free_ts 57418504339
[  172.545560][ T7407]  post_alloc_hook+0x1c0/0x230
[  172.547075][ T7407]  get_page_from_freelist+0x132b/0x38e0
[  172.548802][ T7407]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  172.550662][ T7407]  alloc_pages_mpol+0x1fb/0x550
[  172.552200][ T7407]  new_slab+0x247/0x330
[  172.553529][ T7407]  ___slab_alloc+0xcf2/0x1750
[  172.555051][ T7407]  __slab_alloc.constprop.0+0x56/0xb0
[  172.556734][ T7407]  __kmalloc_noprof+0x2f2/0x510
[  172.558269][ T7407]  ieee802_11_parse_elems_full+0x1db/0x3780
[  172.560122][ T7407]  ieee80211_inform_bss+0x10b/0x1140
[  172.561793][ T7407]  cfg80211_inform_single_bss_data+0x8e7/0x1df0
[  172.563745][ T7407]  cfg80211_inform_bss_data+0x224/0x3bd0
[  172.565507][ T7407]  cfg80211_inform_bss_frame_data+0x26f/0x750
[  172.567415][ T7407]  ieee80211_bss_info_update+0x310/0xab0
[  172.569213][ T7407]  ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0
[  172.571153][ T7407]  ieee80211_iface_work+0xe2e/0x1360
[  172.572809][ T7407] page last free pid 6136 tgid 6136 stack trace:
[  172.574802][ T7407]  __free_frozen_pages+0x7d5/0x10f0
[  172.576433][ T7407]  __folio_put+0x329/0x450
[  172.577848][ T7407]  anon_pipe_buf_release+0x40a/0x520
[  172.579495][ T7407]  free_pipe_info+0x1f1/0x3f0
[  172.580975][ T7407]  pipe_release+0x2bf/0x320
[  172.582423][ T7407]  __fput+0x3ff/0xb70
[  172.583687][ T7407]  task_work_run+0x150/0x240
[  172.585168][ T7407]  exit_to_user_mode_loop+0xeb/0x110
[  172.586831][ T7407]  do_syscall_64+0x41c/0x4e0
[  172.588283][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.590138][ T7407] 
[  172.590904][ T7407] Memory state around the buggy address:
[  172.592651][ T7407]  ffff88805a1ee200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  172.595175][ T7407]  ffff88805a1ee280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  172.597646][ T7407] >ffff88805a1ee300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  172.600117][ T7407]                                ^
[  172.601712][ T7407]  ffff88805a1ee380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  172.604228][ T7407]  ffff88805a1ee400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  172.606722][ T7407] ==================================================================
[  172.609546][ T7407] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  172.611801][ T7407] CPU: 0 UID: 0 PID: 7407 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) 
[  172.614718][ T7407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.618052][ T7407] Workqueue: events l2cap_chan_timeout
[  172.619763][ T7407] Call Trace:
[  172.620822][ T7407]  <TASK>
[  172.621762][ T7407]  dump_stack_lvl+0x3d/0x1f0
[  172.623201][ T7407]  vpanic+0x6e8/0x7a0
[  172.624492][ T7407]  ? __pfx_vpanic+0x10/0x10
[  172.625928][ T7407]  ? __pfx_vprintk_emit+0x10/0x10
[  172.627524][ T7407]  ? __mutex_lock+0xe8a/0x1060
[  172.629033][ T7407]  panic+0xca/0xd0
[  172.630235][ T7407]  ? __pfx_panic+0x10/0x10
[  172.631658][ T7407]  ? check_panic_on_warn+0x1f/0xb0
[  172.633292][ T7407]  check_panic_on_warn+0xab/0xb0
[  172.634899][ T7407]  end_report+0x107/0x170
[  172.636388][ T7407]  kasan_report+0xee/0x110
[  172.637825][ T7407]  ? __mutex_lock+0xe8a/0x1060
[  172.639371][ T7407]  ? l2cap_chan_timeout+0x6d/0x310
[  172.640977][ T7407]  __mutex_lock+0xe8a/0x1060
[  172.642509][ T7407]  ? l2cap_chan_timeout+0x6d/0x310
[  172.644231][ T7407]  ? irqentry_exit+0x3b/0x90
[  172.645899][ T7407]  ? __pfx___mutex_lock+0x10/0x10
[  172.647607][ T7407]  ? lock_acquire+0x62/0x350
[  172.649195][ T7407]  ? l2cap_chan_timeout+0x6d/0x310
[  172.650847][ T7407]  l2cap_chan_timeout+0x6d/0x310
[  172.652405][ T7407]  process_one_work+0x9cc/0x1b70
[  172.653989][ T7407]  ? __pfx_process_one_work+0x10/0x10
[  172.655474][ T7407]  ? assign_work+0x1a0/0x250
[  172.656889][ T7407]  worker_thread+0x6c8/0xf10
[  172.658364][ T7407]  ? __kthread_parkme+0x19e/0x250
[  172.660295][ T7407]  ? __pfx_worker_thread+0x10/0x10
[  172.662099][ T7407]  kthread+0x3c2/0x780
[  172.663392][ T7407]  ? __pfx_kthread+0x10/0x10
[  172.664850][ T7407]  ? rcu_is_watching+0x12/0xc0
[  172.666370][ T7407]  ? __pfx_kthread+0x10/0x10
[  172.667817][ T7407]  ret_from_fork+0x56a/0x730
[  172.669274][ T7407]  ? __pfx_kthread+0x10/0x10
[  172.670736][ T7407]  ret_from_fork_asm+0x1a/0x30
[  172.672247][ T7407]  </TASK>
[  172.674071][ T7407] Kernel Offset: disabled
[  172.675511][ T7407] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:52:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8564c0d5 RDI=ffffffff9b118120 RBP=ffffffff9b1180e0 RSP=ffffc9000f427530
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3530383838666666
R12=0000000000000000 R13=0000000000000061 R14=ffffffff9b1180e0 R15=ffffffff8564c070
RIP=ffffffff8564c0ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66b2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000020000000e000 CR3=000000005ae1c000 CR4=00352ef0
DR0=0000000000000006 DR1=0000000000000000 DR2=0000000000000080 DR3=000000000f000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f330 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f4b6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f4b6 00007ffc4406f4bc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e6e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e7b
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e75
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e89
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412f0f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412fed
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000001a8b57 RBX=0000000000000001 RCX=ffffffff8b94cb49 RDX=0000000000000000
RSI=ffffffff8de52d29 RDI=ffffffff8c163380 RBP=ffffed1003bd7488 RSP=ffffc90000177df8
R8 =0000000000000001 R9 =ffffed100d4a6655 R10=ffff88806a5332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801deba440 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b94b68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67b2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2e24eb CR3=00000000399b1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c1fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000003bf12
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558d20b6a1 000055558d20aed0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558d1f8db9 000055558d1f8b60
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 032008002ab80300 08002ab0030fffff ffffffff042aa003 1008002a98030108
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 002a90034a08002a 88030008002a8003 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01ffffffffffffff ffdf0829e0030008 0029d80300080029 d0030fffffffffff
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0429c003000800 29b80300080029b0 030fffffffffffff 0429a00308000003
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b700000000000000 005a0811b0030108 0011a80300001118 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b7fffffff8000002 07000000000000a2 bf00000000fff88a 7b00000000000008
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0429c003000800 29b80300080029b0 030fffffffffffff 0429a00308000003
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0107f7de10001180 0401000002080606 017ddc2811a40002 00040a11b8033011
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000016bb65 RBX=0000000000000002 RCX=ffffffff8b94cb49 RDX=0000000000000000
RSI=ffffffff8de52d29 RDI=ffffffff8c163380 RBP=ffffed1003bd7910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c6655 R10=ffff88806a6332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801debc880 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b94b68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68b2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000010000 CR3=000000005aef3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000305f6576616c 735f766461746162
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f4b6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f4b6 00007ffc4406f4bc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e6e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e7b
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e75
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e89
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412f0f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412fed
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda05a74a8 00007feda05a74a0 00007feda05a7498 00007feda05a7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda110d100 00007feda05a7460 00007feda05a0004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda05a74b8 00007feda05a74b0 00007feda05a74a8 00007feda05a74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001560eb RBX=0000000000000003 RCX=ffffffff8b94cb49 RDX=0000000000000000
RSI=ffffffff8de52d29 RDI=ffffffff8c163380 RBP=ffffed1003bda000 RSP=ffffc90000197df8
R8 =0000000000000001 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801ded0000 R14=ffffffff90ab7590 R15=0000000000000000
RIP=ffffffff8b94b68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69b2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c31ecdf CR3=000000004de87000 CR4=00352ef0
DR0=0000000000000008 DR1=0000000000000002 DR2=0000000000000081 DR3=ffffffffefffff14 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f330 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f4b6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4406f4b6 00007ffc4406f4bc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e6e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e7b
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e75
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412e89
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412f0f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feda0412fed
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000