last executing test programs:

3.752647345s ago: executing program 2 (id=1597):
r0 = socket(0x2000000015, 0x80005, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000080), &(0x7f00000002c0)=@tcp6=r0}, 0x20)
socket$igmp6(0xa, 0x3, 0x2) (async)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) (async)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000080)={0x8, 0x8169, 0x6}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000080)={0x8, 0x8169, 0x6})
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e9f, 0x2, @loopback, 0x7}, 0x1c) (async)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e9f, 0x2, @loopback, 0x7}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x952f, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000b40)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000b40))
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000024c0)=ANY=[@ANYBLOB="2000000010000104000000000000000000480000", @ANYRES32=r5, @ANYBLOB="ae1e"], 0x20}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r6)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
ioctl$SIOCSIFHWADDR(r6, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"}) (async)
ioctl$SIOCSIFHWADDR(r6, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8) (async)
close(r8)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
ioctl$SIOCSIFHWADDR(r8, 0x8b04, &(0x7f0000000140)={'virt_wifi0\x00', @multicast})

3.459578772s ago: executing program 2 (id=1600):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c4620060000000000000000000002003e00090000007c00000000000000dbfcffffffffffff02080000000000007f000000060038000100feff0300030032f15810724bf6ff26a2c2263b000000010067419e000ceb84e452c759d366f6ec53177b90ed2e41ef688d82326b35d29916b0ebafdda8dd70"], 0x78) (async)
close(r0) (async)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x1000)

3.458420552s ago: executing program 2 (id=1603):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0xf0b, 0x3, 0x25dfdbfc, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0xffff}, {0x2, 0xffff}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x44045}, 0xc090)
io_uring_setup(0x650b, &(0x7f0000000180)={0x0, 0x2c3f, 0x0, 0x21, 0xab})
r0 = socket(0x28, 0x6, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000340)=0x8, &(0x7f0000000380)=0x2)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0xe8302, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r5, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
ioctl$DVB_DVR_DMX_DQBUF(r5, 0xc0186f40, &(0x7f0000000040)={0x6, 0x6, 0x6, 0x6, 0x0, 0x8e0d})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000440)={[0xffffffffffffffed, 0x100000000, 0x0, 0xffffffffffffffff, 0x2000100001, 0x0, 0x2004c8, 0x7, 0x4, 0x1, 0x7, 0x8000, 0x5, 0x0, 0x0, 0xffffffffffffffff], 0xffff1000, 0x200})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.303236659s ago: executing program 2 (id=1608):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x14, r4, 0x211}, 0x14}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000300000000000000000000636e48096398920abecf5a540dcb57e9f55b9571445339596a2d6d64056c9d8c103b6eef925aee8a17968d291eb8e3cd68672dc4d8b7dec573b0b2ab7bf947998274eff6941fc8f0bbb41baea1124c718d82836895c27468a309707c4c4e31981d20b6dff1b3c79342fdaf0de0eeea3a37732b5df9953078b8486e22747583128a8e4be05b68f9666819e5135f76da0e54ae1a7226d78b08d92bf92f5854c6f4f4c2e186e33653acc212e9a7f1bb714b3a786a07f009bb91d45d7b65d739bc7c46cd0c0d57b506d613c19d4cb08b8c23eca620d89d0fecfc54c11b94024f673d89052ece000000000000000000", @ANYRES32=r2, @ANYBLOB="0400fe000a0034000101010101010000"], 0x2c}, 0x1, 0x0, 0x0, 0x20004000}, 0x400c880)

3.302736193s ago: executing program 2 (id=1609):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x400000b0, 0x0, 0xfffffffffffffffd}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000004380)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
setxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "e94ac076bd8c7edcb17345f9c6dffce237ac0e43"}, 0x15, 0x1)
close(r4)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000006e80)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2082)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f0000000080)={0x0, 0x0, 0x6, 0x6, 0x5})
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private0, @mcast2, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
write$FUSE_INIT(r3, &(0x7f0000004300)={0x50, 0x0, r5, {0x7, 0x29, 0x0, 0x11812410, 0x0, 0x200, 0x81}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000000000)="03684a7b99a4fde940f3ec0d105ea2c8267323117153aa4a4f099c3835a607cd5cbd77b83cc33d13bbb6c6bcae59db739af84a4b5d34bffc145f3cc27ed3d4f9d9b3103699a1e1cc4ddfb6c1afd07ddfc18e358cd62649479724ce867fefc0a15041bee9f6084842fb982d5c2cf1488d668b741c64f0a6fd2643e729ac5a56462a6b64d5a0a751fda4fadf63ba0dc2fd14ecbf546918db77095545b41ab170e5d6e8ec8bf9ce9b8d53b832e90c701fe52af7999f8fd509577ead1be27891ada8564167f2c7d2eea1c1c9c65d8e151c58ddee43ec34e74d330ec50cbbb2bb21892c7ca995066e3cbea8a69d94dc6bcef5f3c0ef630e774d092ea58627f3e09c66a9c7d1abcf4f8f8af87f4269df288aca9bbf758275ce9695256e764d185a91a7570fca3aab16c75ecaff6b8dda371c3226d6ec6e55c5c4d8cfc5c33892bacc956a3613bcfa849da1b5e070a7911d7488b3e628d9339718e8b821f1bb5d5c45f0316bb563d0a442801412dfd5a4d61ca657e04d6686f7d5863d57954400aeee8e79be8f3cc4cbb3d4b91269df039c3d3543e500b90a2bdc6eb60cc7afab7b5187d88fbd76e6212ea29e872b73f925287bdc808b4a4f8ec7f8aa08bc90b29e217c3eef69d8deae4141f4f9bd110b7bde9320e7b45f422e9a6111bcaf99c9911e46e219d3bab477926bd5d2e78d4cd0eca133c232b1e863fd7799dbf609f3670b323e5518e8f4bd36e9b3da2c68a28eaec9cac688b4dd0b73adc24a8c7acc264399b7facbc2f43e8e40b6cae9f8e956d1dbfe259f12bae75ad362c354050ffdd6e954f2d7615fafce888bd6f672a81c9fd4318caba765069c0a425e898bf7611b77f0fe61c27d318159dba42f011900246c64557d27b77aef928ab04a147baca37863cf998a2ac30b903c0314449ddb218887c309ec7184c8c733f5d4e7b2d79516e9531c9a5becf8294d6ccd777f285b13160e1c949d3069c6c66c0daa62bac679bc9b69825398d1c290d765e882fa2c8708b20ccec885ab6785dc22696b61c109ff84bc5407932c3e5bf12069a68b8e3333a26d3dd390ef9bc01b86013fbcb5c28a1f4d2b8084f1502fccc4027a124c3629d8f4a8befd14b597cebda5f94f36050a31b95087cbac347788a71a90e87f2187fae600aa42719c05c2859cb30ae0fd58a7bba681f7a6027a00583071def2c9a94456e5d9acb9fd2d11fdea524582489c02377bf7f590948985c769b3822cb6366681d79113c6a6c752f2475caba77b7b2e8f293d7fd9b991f63e254c98dec94f4f3def4fee9cdb56ff3ba7fe6a718cbe9a7f04710e257ea8a49d6605266048fc122d4f3173d4b04b3e282bd3c5198d7fcb72ec38e0b07dd8a541b2807e601e5a0a01f07a281e0e1a261c65977088a54597efd0997c59647aeebb2605a89705eeff3ec780e302e24b23a0cbe4f81367c3f118545f01328d22eb8e802667389143166a9db9477c9b58eb5c76a19b8f8b2692b0d356003f08ae54dfc820d8e357ecbf91fb7e212cbef1262171abaf2f613a5bb59b783cad476fec50d16ca0ac13c08a59a3097e6e3fde700a4b987d10311fc22d4aa210956cd859799f78010e4c0f25b715876aa253df15009490f71be3b0022875161f537c70b14bdb9e2d87a5a11b414a1198533c7de6fc4d22228133bc26b19d9f1e7627b14c72e3c39d3fa2186a42e50a0d1867dc312f94c7209d51475ed4aa80b2ccb0557a40422bf7317de2fdf3296727723a2d23babd5e23f7c3edf4942bb485b95a122e6aba41b8f80f684f84605462448d5a4fd66dfe9bbf80590b9999b4780d4f4f189a20f4400b2975df85b584c8c8f9fa3095f13aede1f52dac98be358b0a0d72bed4df71cd23973e326179580268c4e5d1be4b2ae2e1e2dba913998faa6088af128fc8fd3ae26203a898882b67d86d63f6ee8f8e216337330db6d928facf9d0ca273845ee5b33a0a136aeb48b7c52d3b95fe73efaf06197ec8753ee0349f19db8730917d0f18a2de9602d3b887bc583ff64dfee67e2bdf4d5cc1c341b89acd3dd5176d2c15ec2a77120b8a49591ca438ae36c52845e5dca550e539da9ba2a2eda49be316f3d6d4b7c83666bd4759940347c29dedd273adac722630a940e104316b4806553ded47132be4e31a50600f5a4dd56825b245b7aae853f56f79e0ec31f7b5db945ee3bb92865acb0d8828598e77446ee50ecd8bf5e7ccbd963445a09e3be215709b0b3bff2e9d12e6549924338f236b4ff973682e2e03fbf6b167e3b3a0f8c3f3c1e8d0e21a71937c918cabab50dd74c011a1a5531cfcf88a5df5fa58f17715f7c7b3a64d9dab6f20a596288969191420ed71daccbae7c1ec88bf74811b5e1f4bd306f3d810c4f3600df2903ffdf8db40ac7153fd93327a1065cf2c4590c8ba9f9391eb6aa600cb42aff8793e4721afeb3d470beda45dad9adfc6f4fdb24eafc63792f5015c656ca37cee82b7ee382bda31d786d6e03d4c8611c4ca464e2360ca747815c9eebd38c8fc7d5eea2db96b29d771a96dc5c884029077125bcc31980564555d21ecce5d0388e1bc1e618c7dfb31b02b1a6730db7eda387dd4ceb96f65178bb088e81133e5086f73c458f84139685ef930945a51979faeab539e4964244709dcb8b38f575d3a3ec1328a0df65fb34241db7cb3250b8ae0dbc44670d2b5cc3a1785d8d281c05256ef2beee3b202d8bce053e55ce1fb2bb208e65d488ae24484b00c2e343fc3544ca546406688022db6e29ceca9539ec095a2a2cfc5f516230f75fc961c5de1e8d33222331f57db02cac5f9208029c6114d041bb1cc7f959f77511f5790a564600c018afc253e5ecd5010bd769b45a04296ca09e87fb63bf3d3b51dd8b3f6d4426a03c0944d09dff654c5718ab1fef063caba34029be6811502e8bb785011dd1e34b0c192915adeeb40faad0725a8f9a62acf61b944a271d20567f350cdee22d76e3cc5966ba742d9c43823af19ba74c60da0df0c5f4e7e26af7224147774a1f8ae09f929066e1769ffb3c40ba9fed13d2670b9e865a155426ed5c83648c0ad34e46f5308b455e0835730fe529668b606f3f52b0d04534d0e14bc0ff0f742359550e6980ac9978455adb3de0f292af12a3700453e035a49eafe98fc0d7f26e42a6c41f380448607b7c96291f98fa6bbd7e32c249a49171f8fa81762a490a1ce5c39d66d35c6ed6c0679440c06197c2e24d48e1de81c711164c02820816afb5393d3d6c801c3c062ac46d1494f52c45ca36faf94894eec9d71e1be6c7256f4aee8dc080156b28623c821ef8d1826ebf0a41332620f42589270e142561374c825e828e2bd9ae41fd34959db48319d54ffe7a1b58ae8f7361cbaee8e26e0e7e1b7f125f8cd99788825efd01c38ec987904190a0ad52bc20cd36cc7209f9269ac87b2fa44d2456661d3056d893cf912c69ae6b2b83d0c781a6d6c33df1910867b71257ab74e244e3ebbac07445069418fe2e440a384e16feedf8e3165676e67866430eb6a8a5334620d8c2cda15b0328bb0c50630886353f95241cf4f3b647a4ff812c70e1b074c4befdc70fbfdbf868bcc81652034b5bfa831f1b686724046dcd17ac91ace83711e9ec7465d14c9d508bce93676a58ef7dae37221436865ad34ac2fd691e3b3e12aee6736dbdeec9b1c05fcedf8b9ced547259a1a40471ebe8b4bfda69d2f884da025e2809fb9f159150bbcb331ca3c502012a7fe76b4fc2771976aeb624ad7f2d72c707f5f19d8ded84581ac5afa697ff99d27d88c9588fe769839c9cc9d6786a0f814667527c53b6253b1825bfe17e7d734d96d61da0ae7349d0922774fa9b4baf332a4568e32cafa417ec659c4ad72cd656a1e2c59c8dee38890ed3acd8b4f8657de41f670106c38c38ba1a553f0f589a57c61f5105d70e0c0953459383cb9337ca972cda1d2cd3056eb07f21c1f5b995a04997fecf501bb201c67fd2afe4d44fedea595969b6b3706087b0f59d2ddbb099d60436a94f0ba33282b29f6e914fe92add4b33cf70b680b905cfa2b2ccb00b9967f99806e8d69783fd35a2d7fbb424e9fde2647609aecb0208bc3864bf95f05e50ba12123edaca8de927b338dfcb3cc597947c606c08315061a7fec98c48f480e2febd26fcc8dc12289aeb0adefa2c2be1766a5bc74ef1aab6c2cdbdfbf1810d956bc889c8e614b7b933ff6e336bb208db5b592775fe71c3ebfad5f47e0d074e1c0cb36761481ec677794f23c3698bd35875719f242e3fc939bc3668f9723f31effe189dabdf4ebbed073eab952c88f13059eee22230bc7724d7266b15726a0b0898cdd274e3e56d0a356166b5d16456249e9e92e84e39f61c0ecdf99ec2cd230440c03fd21cf68f27306628d35ea47367775f39d20a07f3959b38d49e3674061fc1018b647047ad39f77027878badd29927c5806f95aebde5f070fed28ed34052550678d3c6b677a3b5a46f76a98264c42206bf62caa95df5437092b68e025ee9ce2ad733b6db3ec97fd33cdc3b2f77ee90dd86d8bd289ae1a437c86f4153ddcff5e846347bfecc1499bb42980e4fa91790faee1b1991dfead5d7c460348631f0469b2b9e8f65207a00985511e0c41f441d9a3154f5a0298c172fd7135d4bf95c11cdf1769db1cc55f392aec309037599327a7c53c10a56d1ace8ad19186a2fc75dfa9d657c114eae99c1c1a6b4a58440718bea82290bd1c2a67048938c381648ea2b2c7110d748c9c8d782f20430b1427b51d7036e55b0997c6f75717db67a82c88d3647ee036b49392f0467d6010b32f9de3e5e79ef082c5bb975d11d2bf76a97f7159c11a7753db8a065d3126ccda9abbebd2c54374e389942c24b27435868fadb45bb060d3c1084b211e2afa8dfaa2d8dab8dc47fe10e6c32afece7c4976176a7c66d704125c0948c238c843b41b0246be1f50f8e07884cfe7ae8885ca06339a339c8d5978b079e0eb78facfa1dc67ca70733dfefc6c868ca149e0661b70e0134870a3107c8c46711fed14f892d6fc66d95306838688f13b19e904416a8d161cc33527878b38ad10b1c08db21457b2075608be7300d39748e4fcebe02b190f3e8ed32a0ef734b11ca43a21f5f809bba795f5aa0ea01050021d0f5213620af5b08fda6421a42b7c82804a20a6ef6d471babf76f46538327f943476d1d109a3f0dc531233d6f93d8dc27f4745735085f92adf63d617b373fba24f289035710e69eb80da12d36e8eaec22620ffaabadfb824bd5fc309a2c74959505856b5b890bba8f22bc571a9d87e93ba3b9aba6dcf26f7076c0c2e271641835ea25fd49d96c69d4fb8bb8731bd2cbc75146aed10d269f9060462339cde8830b535920be3dbf143eace0f1ea9469b95a64fbd7e5057eb880d4422cbf97cfc3f7140251d4923580ca2113f345cf24a66499ceffd2e39dc4fd74cf448638962957b409f0d218c165c13ffe107aa1dd1d9a02092cd46cf2b353dd2d2ca7b8a7ae8eda0ee18bba269bbffed0c7d400497aee4da0896cf6329d76ccea098fbef9075412d1c2a3644cf0f202b884303d204314ae92c56217b2feb5e7c1e15a99fbdd655fb8f6bbc3ab1259bf03b2ee17c5b7e9443695177ec5040eeff3fc36ceafe143393d76a3d735cfe6c9b632e52dbe64dc1265961e8a27ee9f76c0add9e0581e474d7678214f5b64c932903715befc6b766611f1d7e495573b9a3e009cfcb0ffef7ac57c3561badbfa41c119e541180aa2364de61a601699cd1bf3de01d15794b728e1444efd6ffa1e57d95489c8df91fbc057b66dd6d9f3a01b19f36bc99f0b54ed1f9905067dd1608bce47f5ff1981a25184aacd39e331d8ff3dfa7c012d7e667a69249cb4803b23f7eeaab8ed29c69ba3d2a1b88821ffefc5825650c53b6364f38e0a178312f5d29d5375423cceabc8e1c4e51a566ba3f9b176b858c8860440ff8ebdde725640d2dff6b9160bb69f188755b0ff766b410704cda4c33e1ae2c73b5799a00d2f55de73109728b350302b64df2ce3eaf2e0c6561009b60c2701ac493076305e97ed20c3b42f40b2bc7f13bba4ab8181e2085b07930c6f5579205dff696902be824e65ddc774e886e8d261fe74712a31e406b0f7725b4559d7ad0f27a1a870261aa5bb8a720e7c89ba933770d48821416de070df1abcc6eee1147c20bda090d940aeee2bd48c0f3d94675d9b9cf1a62ba50e31a7af0714dd8325d5fb7142e88c4d22ddb8f0278ee6ba88e361524e291b6d000f6523ad4188b021da9ef4a634ed09eb2002b9c726746c9ffc32f261edb448106aa1e2daaed865255fd1d296fedbbb2de3f7c1f15935e52006492b632ad125aa1e000c9d71bdb945792668e16b26122a3fd7cba1a40db8083068c5c48fd2aaa621c87d9f5621bba442fc26839030dbe4e37fda4046d6503bb03e0f928de25d4cd4e2a40ec93c9021dfcbb25f6e2c943cc85eba8123340d6364949581e8c8c2913d59dafe4297672c0b9e7418485f00cbcf672a588904beb3c074bebf339815b91c7c374ceed5a701e1ade8f5d87ca536120116307ac259577a8e12958425317c482d2c7089bf3d83e12318d1526107a050f3c094492de7255b22e18ca2ff261b3ed197f2f8e67b71b1c5a6a04b99158b58e9baad75201aabe13254617d0de0a9073af62491c67fc18d1ccbf7686a85a99b39e9d7d9c85a0777e47c9fd0e10c932c20f13ef287b44b9b706ec818aa0c48a10caac58a9b8355e84bc820698c2501f0c12e1b67df701cfcbe72dc47a2c87d43753ebfdb24cc838507e241d9fcd3d4955a373209ccda903a3ffced05e4232f2cca9bba197fdba8a9357cb1d6da6d9b4095027dc03e17d59ebc2d358e171da0044df102b193c79390ebcb58023b40c621df71e064b0056bfcf1eaee1eca85357cd1ac78feaa54bbbd85596977ba85003ea60d8685f4e3b756e4f81453077396590fa214f672929e81569442023667b798c24e06ee20dbf64cfccb51b2bca4e2a5b0df137bb37ab3e2854dc7e1b879866a72a5809b563596cc9fd3e53abdbccfd5dbc60662252ddc5c290d72230d79b7504b40fdb45ded2f02e926652c1e04ea4c1c488025ad1098adeebe98e385ab1caec4b9eb4d3bbd5ef3ddf1fd0d72784604a989558fd37f6d4fee20609090b3331e254fec98414a2c54589ee01c9429b7cb574b9167efede1d966a227bf2a8e422f38680d77d3c555cf1117e7d7e804ad730c36a78b7846473d6481bd0839bd3e6982ed47246c370a90b76e5b88de202346fb20b8b6b5ecb6a90b8478d17b175a1821df75b48ecc34866fe5c8960bf64d5ff92831bb9357474bec65e0dd1699b0f0340ee5ac5e9e9d3df66edca20201371fc21ad80aacd49c6b0abcfee9c876c15edcfccde823b55b61cb7b254487ef8c8781a22043f4adaf25df34580a6b3904fd014b50c59fa90eff75fa5fd32aaec9aa10df8a2b9b824952e475c964533942bbe30f4167a11fc15d548e0a31f911030569722f0c67e79e90483f6f0bee1c7f80face1a1b0f940c891be688cb16394f6c07fd29b5f248c211d1f76ec1292755d8bd963e191b3a8851472fbbd2cb732f4fd9fef3a8fb29aea097328173fdeaf56fa2279e86fb954306b040c960d0b601b3a741c96cf1f0bd1172f848585cb3b57d7d2e2a84914526f5a6f9895cf5aa4425b4dbf9f59037756a0321bba204a737e36277e86fd268f6047921f4f8fab69dfee137c07874f12f89084e7117e2c9221690a27f880f17d08d56f9dbc96ffef3920b55fb773dde72e1ba35f3e0c9872e339508281426ab04941df4885f7e0293149f1642c2573e2b6594b8fd953ae2468cf917cdaa0692cf461e3628860935def39af78af5e1540147ab1c70c3ab7f7c76abea0d8541feb43e632d7a2cc7bef15a4700304048ecf135968d0a9644ce899aad05b186a2224bab3836248cc6137472203ebceb29b3e87610df12417ee722f309c54b2e65591d8b929440f3ec43ee9ff8f7b7710668e4312610d1591303d5270394da0ab61e4515af5215dc81137f0dc90f951972731f8d98ceb8b4ea38da7d8dc153ccbae5068781eaf9a4a7b11b4319090261b61aa65a8536292eb5392020eb285b2db07f81e7f764d65037050f1e3748593474c6c1dc11cfcb56e1c916157280098a437265e1c682cbfed717e7275bc6c3bb6c6ef7f0f9fdd19ef82ff2c82284c3a061f57b21d3705aff97710108a7d1217a7ea3feda021d20f1fdca94bbef67e0aeaa3db6ccc2d060f7b33707fe19cb2d0232f1239373bb38e666cbbbf3a697c6d0e957ec6730f56034440e789a7a37304d09eb742f21019a77c608cf578162a55d0aea113c051b110b5281ed8b6638d2b31604e965cb019f2f106bc4e96d1313c70612f1ff18afdce7926270dd242c49cc53792f160d1e143e04d7eb3ca40828b153fac466bc53a084281987b47b806a4ef668859eb9035ef68e9c20bd6bb790fdf6f921569b4e97fae5b7edc761b4944c1d6d90f4df40bc3203ed838d4c61cdeb7a9bbb68d59b2cc00125eecaf06b759ac1b9dd68028225d0a60efa499e4436962362727011eef6cc55962dd4ffe2fd3892907e837045883cc9ba8892ab265a31924f3055d4dee68feff05d9f10ebdf1e8c1c1e7001b5b02a7fe26b9c0641e054ae37854187fb1bb6e9fae05b09e85a1e0e14bc801f2d8b9a178a9a72b147e137e0d83192664a88a3aca4fb6a4f0c5787b20c31bc5975dfbc8bcff8987573bd14b1ca434d93452e67ed01c60be99e535bb3f848888d224520b61cfc1de2d6b2ebef9f24674c31aada52784a0b7b60f351653c71d546cf951e6b4a0d917ac6afd0a713f41833f9f74a3a7d3c19b523299666da2b48676ca7aafebadef05b3bbf4b6b62834046f51d3d4582fb4c9de27a3f5e992853368e4f17f9dba27c8c4438307fc7405f53fb27cc81c1521452a1a5edb0cabdf7a73b1cab0675b619fd5a0fadb7147776e74695c042d9d8bfda045bcef7542b42249f34c7590605d0201a762390f2fee5f3cdb488426609c663c9fc4dc2a5277f3f589a14e6dcc202dfcd89bb148a368ff1792d230c19934143d2c260dbdfb334af863b856e415febd22fba01c568d8f48dba6d92f493cd1164a376f006d55db609cc2c9532a9f56da3b06e3db2a05f797eed57892e2fb677541324bcd763cf4669e7a871e322d0cc6e21befe3c767976f058dbe7a059d673c94c7ac5d49178bf19d32907b6fe66a92cc8ea30a858da43f74354390d6e97021da50812c59a78915e5b33221531bfa054c594ce3a2300e5a7d712773181901dfcf6922e980566fa62b1f2b669a27fbecce29e9be6d22058463e350163f33d18ce92a72d1b470857b6a37998aec5672521a8f0d66ab2bd01de516036ec47d1f63b95b437dc6d5a0168189d5a963cb0a80a9a5f20b03515396e3525f0ab13b0c1e5dd051b4c930da6d57ab6f7dd94ab3e689e0355af0b34871296152a76cce170d7b14d471ee4d9daa93de4ed755f30d45344f724288c17e4b22583158f1305ff55fecf7d526e207fa609886e14c9a168bf364b049409f63590f18a5515de8c1fd8c5a9710b6e33d2ecd01466b799f14be787612b8f17df0c05483a16097c0a504880249e28f1e067663c640a550a8c7ad9d090f7b2e902c5c20936869a5f3d3a014817f90babf847b43cf67ec23f120ae4abc63a418d1d99f359fc2c33a5bb34e1f5780576111a88c5ede834bc41e498548ddd128f9e884f4cd3e1bf1aaa1204079ce74e709306f38f2d6859128fc35d3a74c534ff1dccadfc8fe41f1be9510349af8710eb6d2dbc758be12b65622dad1cf48abc2fc409f5ed6a3af8d0b6548643c46dfba9db4e5827475e6e317c9c018a4dd5de391cc9cca85ec527537e26949e5091baca4f0b563d4c3969f15115e5ccdeb9e40788fe12f9d32d9488a70ae53b819726e4483ea6bbcb76f99775ca5e4f93c76edae462c08d596209f985aa55ef5e786701edcee8d831dd6dc0fee9ad01b6bdd63e886a5e55bdc593390c81e18dfd8c685b81306bad6b7a19a86b2bab5cbf4754708422e99f8f2497d798b3db565e709bcbba4c376c1c60b22b994fe8fdcb25215d505511cc1927f6a35344023d5da0a3ac0830e6aa80f5f7f0d94a67c99c6b22717078aecba2a599daa2acc054cda25e3965172e5fef464ec19aa71de5e84b6de30cc673fbab8c441ea37bfb3fc321a504371bc0996702e9be38db762e339ad7ad66dc2caa887e4ab60272d7963f85b14c941d31e545b85c640427302efe7142f0e0897a8c623ce57da213fbc2d1f90677142fd48cafca0b2934e572833ed6473218d0513dd1f6ecc578e5a1109ddae552b3be0cfe7246d7682a59fe9ae783a0f318d1800d5c466c80c5fd3facd0340f455f081068dd2cda5cda744018d902217152b6c05d37c090f8348b0471053152c2a4570fbab3f6dc30c8e49a63b88a00b3aac75180a633692e35ea976821694e133eb8bb4d31237d002fce1dd2ce55528dafcef2f0e00690562d144bb0e19576ce6ab72deac22067d8edac916b1b07e4eb57ff0b885b1b79f37dcf88135eedc17ffd948b61e4df4985033bcf891dd5b1448c8668947a271d93d03ce31216810a6bb45a6c5a12e290d97a60ad4b5c7384cf19421ac1ca64d346b50771e0b50e5caf1d9dfe056e8da247aa502ff04c8e29ca810a1d3ec7a89bc17dba2936f03a80228171f7999b3f2768617970efe57b14011c80666ac4999a568ebef74e2ca14df0ff6f0fcd47c538be96aaca1e65b53b98447101e49672b48167c0afc1afffe669b0f9718bd3305805c292db9738740b362564e4691cbdf061db1ed3f9db1f8bed82939f835d14f46818e3eb4e25f7a8d77d9d0d7913c45d8a81115c1a5e37b1d3bd1b7b5e6afaaefc81d9700bf83506fbf15457bc0f59f7008cc803efdcb6d39e388f6b28e80d47134265cc5438804b12d50e61a489da829dca05792d2ac182ba747331e88a7118f7dd38067f7d38f37be362260effacbc33863bb47aeebbadeae648a1090718266eedd2ed5a2c23f168759198aa92b2ac45c2a68ff212f29260e641a38541b066d39df4e95cd1c8e7e6ffae1b8017e6f629db3910b07496c8a81e4e66ac2321fd9e7ebfecf5bf6e922d7a79fb710a2d42dad1916c9b186c2c50c818fdb1afa19be867d943ee98f732fe3a01364281c0f6d0eb64a278721dc7bff5316256b0f4251abbd9b8ba7c7c12a3bf02a1fbc9ca94b965588fbc82343d07df8e06eaa5ed2137fec129351d80a9048a7d78b31ffaf2e388864a763c4af7aa53000e0bb2eb8ac0e4272cbb79dc6a7d65890f125c523c7cfddacdedbe87938aca915c92c807dab26be7d748827d4e3188676312ef1ac8460b29e8e715f4075e33104ce82e6785aadf17a7cf82d2a705e9f2d0fd25810ba33d76e54b48eda3effc01f37c89db38af81922fadc8c3361fe74ed51eac5e4437108106ffdedb339b406c082d62a8bf718989846d23f966e1ea39103010f767b3a6f0a0a2041b1dafcb787e69ffad75ed2a0081b92a4136ad5ae557c55a4b6219a390103428181ab36f329ad182a92957495c", 0x2000, &(0x7f0000006dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004480)={0x90, 0x0, 0x6, {0x3, 0x0, 0x7fffffff, 0x1fffffffffffd, 0x400, 0xc, {0x1, 0x9, 0x8, 0x1, 0x1, 0x4, 0x8, 0x123, 0xdab5, 0xa000, 0x0, r6, r7, 0x6, 0xffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x8000, &(0x7f0000002000)={[{@metacopy_off}], [{@euid_gt={'euid>', r6}}, {@context={'context', 0x3d, 'user_u'}}, {@hash}, {@smackfsroot={'smackfsroot', 0x3d, '^'}}]})

2.934490265s ago: executing program 1 (id=1615):
r0 = openat$audio1(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x80444d1a, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000000), 0x0, 0x210040)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$inet6(0xa, 0x0, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
write$tun(r2, &(0x7f0000000540)={@val={0xa}, @void, @eth={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \b', 0x11, 0x11, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], {0x4f19, 0x4e20, 0x11, 0x0, @opaque="713b841b47b6b5ee49"}}}}}}}, 0x4b)
accept4$x25(r1, &(0x7f0000000040)={0x9, @remote}, &(0x7f0000000080)=0x12, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

2.779220331s ago: executing program 1 (id=1617):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0xf0b, 0x3, 0x25dfdbfc, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0xffff}, {0x2, 0xffff}, {0xfff3, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x44045}, 0xc090)
io_uring_setup(0x650b, &(0x7f0000000180)={0x0, 0x2c3f, 0x0, 0x21, 0xab})
socket(0x28, 0x6, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000340)=0x8, &(0x7f0000000380)=0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0xe8302, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r4, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)
ioctl$DVB_DVR_DMX_DQBUF(r4, 0xc0186f40, &(0x7f0000000040)={0x6, 0x6, 0x6, 0x6, 0x0, 0x8e0d})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0xffffffffffffffed, 0x100000000, 0x0, 0xffffffffffffffff, 0x2000100001, 0x0, 0x2004c8, 0x7, 0x4, 0x1, 0x7, 0x8000, 0x5, 0x0, 0x0, 0xffffffffffffffff], 0xffff1000, 0x200})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.643870698s ago: executing program 1 (id=1618):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000240)={0x1f, 0x2}, 0x6)
write$bt_hci(r0, &(0x7f0000000080)={0x1, @remote_oob_ext_data_reply={{0x445, 0x46}, {@any, "4eca4e3b431bfdfd3255b1326fde7468", "936f384ebe0606fb336b2fa14806d3f8", "019d5048dfd863d156abeaf4f5b38481", "e5204f12a8fc1a0a4003daab6ac10b16"}}}, 0x4a)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x2012, r1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x80051)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000000)=0x15)

2.643709455s ago: executing program 1 (id=1619):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc0145b0e, &(0x7f0000000040)={0x100000, 0x0, 0xff, 0x0, 0x3})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000851000000300000018000000000000000000000000000000950000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x15}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

2.332431744s ago: executing program 2 (id=1620):
r0 = socket$kcm(0xa, 0x922000000003, 0x11) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="480000001000010027bd7000fbd9dfa500000000", @ANYRES32, @ANYBLOB="104e0600d5ba2259280012800900010076657468000000001800028014000100000000000206e9b43d"], 0x7c}, 0x1, 0x0, 0x0, 0x404c000}, 0x2) (async)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000500)=@l2tp6={0xa, 0x0, 0x3, @loopback={0xffff0000000005b4}, 0x1}, 0x80, 0x0}, 0x8000) (async)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000180)={@hyper, 0x1})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0xb940, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_GUEST_MEMFD(r7, 0xc040aed4, &(0x7f00000001c0)={0x1000200001ee0000, 0x3})
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r8, 0x0) (async)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x3, 0x2) (async)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9) (async)
ptrace$peeksig(0x4209, r9, &(0x7f0000000180)={0x44, 0x1}, 0x0)
r10 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x3, 0x440080) (async)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r10, 0x40045532, &(0x7f0000000040)) (async)
r11 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r11, 0xc0884123, &(0x7f0000000080)={0x1, "728d0a484585ec93a59baeb6831b8ef11067fdfe02554fee4c0b67b1b99eeeaa18e15a525315cc71983456358ceb7e1a68ce0c3c2b0f3513a5f267418500", {0x1ff, 0x4fffffffffd}})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r2, 0x7cb, &(0x7f0000000100)={&(0x7f0000001080)={{@any, 0xfff}, {@any, 0x5}, 0x400, "4145fdc5fec7663a106cef95c8d86f03d655b82e62dc5204ff06732791d90936bf31f7b4eafad3ed43e8da42de6780edce2e2f941399c9b9002a6a538fc1ebd3e994ce6fa4a67c775c476cdbedebbe34904cbe0d5808cf5892aa1e563f949f38cd2ebaa2c46464183ead798b1af0ba7ad5db77736a5329e7297e674242854f87ef03b0fba724523033529e64be44188740b9e9a0ba6944e9724c4aaa8470ab8d35a1746a1da4dfa2112cb5135d97efae0975e7fa5e421fe7ec12a8bbd7714076b63ddaca822d7c0383ccc4e21b11c8a0443850c05f4bb6716b6ba83016b709b44a9959c44daa717edf6b43f7c235fae47730ff2d435ed29d062451ab74bd9f65d9bf96e1afc645ca2249c89146fc815210d465ca0ede0acbfe1165b15d222ed668b79b14f901178d35e7421637588c887b0f2335ea84a442fc95bbcf0ea3b308ee18d913901cb8f40dd2798e781c4b1c620c23565b5bc18e25c206f772c863c8a8864f460c239033717d41f94fbf13b1d0c7271364bd6d144160e1df33fcb33e5d45a5e7ea4264d089397d7e022c6e1f37a2e464c01b4df6a906d3a46d9432ba1966d73aa0627491e3b3c33bee03ff2138896b64862910f24dbacc3c686e0059ff5915c8b69bce3c4022c5c80d574274d1107c9935898ae444a6c38dbd8319e778e1a86a293094bd98d0ae3ae2c32a4bcb20e0517c03e7b46839f4e3601ff98244ca5485cacbfe53c935cf14038bba908af19834a86b56cf68a7170448a434b55d66c080ea095b02ba4c3f8ba492c9e50111bf1b3085cc0f3938a58609a337e89eba9271ee071a8b9f3ab4ad0fc3c92a48cb6bc63ed74877d8425c88eb40d18c6260d2221dc295d1fa1557cfcfe1cb3a1d61b4b1235e28903ae5a4d3d358f6d3e2c87b110e38aab0fd1ca2c047b3ea826d8cd9b980b3fc64fbf38d0d3fed0057b30612880a3d93aa3e16e1c1902cc8c206d7732f426fbb063b020a03d08e3bcd4ff32c30c8ea424ea0c746e72c23e8d53576cc801bdf82f8bba865074e5dde3177820c24be87b9bd36e30a81d1d50b5aa0628262d46d19060ae37a33aa8e515fed3f8bfdf65ba5f8e11e4d517a50ce03f82bc5b3c8e9b3eb6572f1a686430170ce64bc1a61246fd99b2d8a3215104478eead271fcca07bc66e637d5543ad47147f5ad50cc5a203a37b7d2f67bb0387ae189ee7d5cfc0a421b0f0e6286aaf28a3eadfad1b8c83a26ac0a1d4a3846d93e161c82be100278d94e35fc7b5f1feb833f1b975adb33bec5d777cfbdb2c5fe171e205fd6596b37ba646b9ecb163fabcd89a469f6ad539a80937748105298b0a6364d75c6de3cbcbb96c440d5489f3f47149551e7f53d3a22d837cfb59c3e43f0c95760791ed36ff84ae82a679e4e062461bda5db7c27fb00c3238266734bc7c16d45ce7cd3f0b7e63c309977816048f24"}, 0x418, 0x8}) (async)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'wg0\x00', {0x2, 0x4e23, @loopback}})

1.14390117s ago: executing program 1 (id=1644):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1}}}}}, 0x0) (async)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009a65d0860040800dee20102030109021b05000000000009040000f678eaf50009058402"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
openat$mice(0xffffff9c, &(0x7f0000000140), 0x1ad100) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005fdb2971dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359ca9daf3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae682acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da30000bce645451b851111dd98ac4d8da9317c2c082020e0b2d6340809000000000000008e053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456521cffdef93e29f10f4a11f0cfbfc0ff976b20fe"], &(0x7f0000000080)='GPL\x00', 0x0, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000000000000000000000071184b000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/14], 0x22)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) (async)
pipe2(&(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x84080)
sendmsg$NFT_BATCH(r3, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000580)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_DELSET={0xa4, 0xb, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x3}, @NFTA_SET_USERDATA={0x80, 0xd, 0x1, 0x0, "7556985b5766e53a0b00142f2c4333ac75e07ddad18c2b23dd960198228d7c4d5d2d6e3801d3711cfb11ccd393f18e40f87e1f7ea1405d61dc2b916064bc3d5c02b02a590ded516f7d8a1af363d326185d336fe53f85589a35e42bfdc894d6fd02724d63703ce041d7957699736558fa086f1e11dd2823528d53215a"}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x180}]}, @NFT_MSG_NEWTABLE={0x5c, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xc}}}, 0x128}, 0x1, 0x0, 0x0, 0x20008040}, 0x400c800)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)=0x18) (async)
read$dsp(r0, &(0x7f0000000240)=""/74, 0x4a)

643.594181ms ago: executing program 0 (id=1648):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000000079100800000000004000000000000000950000000000000099a1aae9e4a6f8b821bf0e5d67028ff5ec80128ba45db82a5ceb41f4b54ac9b08873f9d351c714258e6f485e7777200852f33e5a35a4b6c55470692389c53123a50ec579c2a5fd1361cea9a10cb1fa3fbb2331f4e5107cf16fdef1eefd0c2da93f02b6ebfa597416bc0a9a0a59754710751e4a61f5a4087262e07e21bc24520f422f8e285daac6822b1d7e5df170c58cb3f553f05beeb6c33605a11f4a78785ac65e6eaaf686ec49c945f976d6a5738cbcd468fdca0541e9c3ca6322ce8eeb56b544525a8d96cab3516df5b0fc42c38e76355f4e888c5f389f872815ad49b813b03b305121a60bb6fa878a6fa46b7d8c54fb5812c4750137376f"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000680)={&(0x7f00000001c0), 0xc, &(0x7f0000000640)={&(0x7f0000000240)={0x3e4, r1, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_SOPASS={0x8c, 0x3, "73a4650eaf51c48daaf3168705e3218249392788d8d2b1bd99bf79162ba3f945cc26ebea5bf63e64091323dea3e3560400dd19c7e1275a7759c9e9c6e916b7355d0658ed634ce47c0a1a915ca1e03bf9abf1e880cb0c45aa2b1fadf8e4e026b39f48db274c4516a709be7b7d57a61129ce5b06e766ff1d322894080ccf037f0057057e579d236a4c"}, @ETHTOOL_A_WOL_MODES={0x1d0, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xffffff2e}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0xd4, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '[!{\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xd}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, '-]\':\xfa.!+(+\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ']^\'\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}]}, {0x4}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe16}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '^)#-{]\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, ',,!+/%.\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '(:\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xcdf}, @ETHTOOL_A_BITSET_MASK={0xd3, 0x5, "1c7d9e713bfe93f10f67b9f281fc0b621772732f529fd3a7210490dda081ada7eee78968b8ad1973dcf34998bb133d4b683b3c329fbc1f1052551212887236bbdd4abb03977f87924f784f7fd55be343962afd8daa31519b6d1f4a0f8cb6f35e296abdd5e4f4042b4664f2bf77f99f744a77f790b90a449528c34182f31b0d8d2e5a22f50304b3c86b20e6f840dfeb198303e9a55051c13ca0a13083d86491343478731298ba0fbb3cead328cda0727403a46759d386eb3588a990a56ee6c7697ca2365c2fa14d12b9ec321a8ddb4c"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}]}, @ETHTOOL_A_WOL_MODES={0xe8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xdb, 0x5, "01a2b6bae43333d2aff701dc8823d4dda6f8a1c65067aaf65917916a8b07dd733d09e3274dc05b66449a4c4274c8a59c223cf8972558bda46baa6473dd8b49e8f243b82b2084c91f51b9596f9e932ad4e297a8fdffbb6de7c43e8598f984df27fa673773475bfb6ff1c2b880a3be4235c21f8e9be9e0dc94df357474a1bd0261691588a78bcc606207bbd96b5caee566bca33d48c8af73a15ebd59d34b55622a7922ccc518c8a624605934a5d0f36a725c8b01ca4cc0c5cf8b2f78407bd29117bafc64dfb6e58108da43c2d43fe75711f62f72048bac25"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x40}]}, @ETHTOOL_A_WOL_SOPASS={0x89, 0x3, "29234270ced8e6c1f9cd6974b3e506271c4b681196ba34d97f370d4c1dd7fe5c1275e8e828f6a7d2eb87e016d1ff9af77c1393480e24979c87356ebffea472585d2fdae8920f84315e1101133fd7ac43bf111d54cc397cf8c192451741386b418d2ab0975ac30aa41b1c5b73346a1bb0eadf2012edb994db603d483bd5f3e0349350091d59"}]}, 0x3e4}, 0x1, 0x0, 0x0, 0x4c090}, 0x4000)

643.373505ms ago: executing program 0 (id=1649):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x4, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f00000002c0)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="f93322bfe8a4e4dc767c3313b845c2ebff22136925fb198e5e18f95d989f53a743be96eb2505fcd69dfc5dac7c23833ca8e91cd7407dd783a7d98579cefe2566a5e4d64789a83234b65225bb3ab308134dc82cc245dd95fb4b9b9710d13762abe30897c0ba573b78c7345bc9ae72fa24b17ed8c995118bb1bf36044cde9793c76332a2cfbba837a91927832c08844d00b76831f6fd56305291e452d50c6ab1b5ba73d3fc57c19dd332bc59159040a15ecbd26f", 0xb3}, {&(0x7f0000000140)="cb254fc8d891953df25fd62f2199d3bcd9f60c03478b548745b6e2531e3db2a9b9fa17db9b48f909f46d779a64651e929f5662a292fccbad496e4b1fab", 0x3d}, {&(0x7f0000000180)="82eb3a4561e9948a30a086670f3f8f8e87768baf3a06871ae6a01a20ec", 0x1d}], 0x3, &(0x7f0000000200)=[@op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x81}], 0x60, 0x20005000}, {0x0, 0x0, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x8880}], 0x2, 0x80c4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$NILFS_IOCTL_SYNC(r0, 0x80086e8a, &(0x7f0000000280))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="650f340f3566b842000f00d8b805000000b14000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x18}], 0x1, 0x19, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000006c0)=[@textreal={0x8, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
socket(0x840000000002, 0x3, 0x100) (async)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) (async)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0) (async)
setsockopt$inet_buf(r2, 0x0, 0x4, 0x0, 0x0) (async)
sendmmsg$alg(r2, &(0x7f00000002c0)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="f93322bfe8a4e4dc767c3313b845c2ebff22136925fb198e5e18f95d989f53a743be96eb2505fcd69dfc5dac7c23833ca8e91cd7407dd783a7d98579cefe2566a5e4d64789a83234b65225bb3ab308134dc82cc245dd95fb4b9b9710d13762abe30897c0ba573b78c7345bc9ae72fa24b17ed8c995118bb1bf36044cde9793c76332a2cfbba837a91927832c08844d00b76831f6fd56305291e452d50c6ab1b5ba73d3fc57c19dd332bc59159040a15ecbd26f", 0xb3}, {&(0x7f0000000140)="cb254fc8d891953df25fd62f2199d3bcd9f60c03478b548745b6e2531e3db2a9b9fa17db9b48f909f46d779a64651e929f5662a292fccbad496e4b1fab", 0x3d}, {&(0x7f0000000180)="82eb3a4561e9948a30a086670f3f8f8e87768baf3a06871ae6a01a20ec", 0x1d}], 0x3, &(0x7f0000000200)=[@op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x81}], 0x60, 0x20005000}, {0x0, 0x0, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x8880}], 0x2, 0x80c4) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$NILFS_IOCTL_SYNC(r0, 0x80086e8a, &(0x7f0000000280)) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="650f340f3566b842000f00d8b805000000b14000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x18}], 0x1, 0x19, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000006c0)=[@textreal={0x8, 0x0}], 0x1, 0x11, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)

283.754698ms ago: executing program 0 (id=1652):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32=r5, @ANYBLOB="60005080110001004abee339084eeef16f162471f40000000800030006ac0f000500020007"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r1, 0x200, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@crypto_settings=[@NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}], @NL80211_ATTR_PBSS={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x400c880)

283.212262ms ago: executing program 0 (id=1653):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="500100001a000100000000000200000002001c1f0000c808ffffffea080006000700000008000400", @ANYRES32=r0, @ANYBLOB="06001c004e21000008000100ac1414"], 0x150}, 0x1, 0x0, 0x0, 0x2000c094}, 0x4040084)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001980)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x61, 0x61, 0xa, [@datasec={0x4, 0x3, 0x0, 0xf, 0x1, [{0x1, 0x1, 0x2}, {0x5, 0x1ff, 0xce6}, {0x4, 0x9, 0x9}], '-'}, @ptr={0xe}, @enum={0xe, 0x3, 0x0, 0x6, 0x4, [{0x9, 0x6}, {0x7, 0xb93}, {0xb, 0x69}]}]}, {0x0, [0x0, 0x61, 0x61, 0x2e, 0x2e, 0x61, 0x0, 0x30]}}, &(0x7f0000000980)=""/4096, 0x86, 0x1000, 0x0, 0x6}, 0x28)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000180)={<r3=>0x0, @dev, @loopback}, &(0x7f00000001c0)=0xc)
r4 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000200)=@id, &(0x7f0000000240)=0x10, 0x80000)
getsockopt$TIPC_CONN_TIMEOUT(r4, 0x10f, 0x82, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000019c0)=@bloom_filter={0x1e, 0x3, 0x289, 0x9, 0x80, r1, 0x2, '\x00', r3, r2, 0x4, 0x2, 0x4, 0x1}, 0x50)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="500100001a000100000000000200000002001c1f0000c808ffffffea080006000700000008000400", @ANYRES32=r0, @ANYBLOB="06001c004e21000008000100ac1414"], 0x150}, 0x1, 0x0, 0x0, 0x2000c094}, 0x4040084) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1}, 0x4) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001980)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x61, 0x61, 0xa, [@datasec={0x4, 0x3, 0x0, 0xf, 0x1, [{0x1, 0x1, 0x2}, {0x5, 0x1ff, 0xce6}, {0x4, 0x9, 0x9}], '-'}, @ptr={0xe}, @enum={0xe, 0x3, 0x0, 0x6, 0x4, [{0x9, 0x6}, {0x7, 0xb93}, {0xb, 0x69}]}]}, {0x0, [0x0, 0x61, 0x61, 0x2e, 0x2e, 0x61, 0x0, 0x30]}}, &(0x7f0000000980)=""/4096, 0x86, 0x1000, 0x0, 0x6}, 0x28) (async)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000180)={0x0, @dev, @loopback}, &(0x7f00000001c0)=0xc) (async)
accept4$tipc(0xffffffffffffffff, &(0x7f0000000200)=@id, &(0x7f0000000240)=0x10, 0x80000) (async)
getsockopt$TIPC_CONN_TIMEOUT(r4, 0x10f, 0x82, &(0x7f0000000280), &(0x7f00000002c0)=0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000019c0)=@bloom_filter={0x1e, 0x3, 0x289, 0x9, 0x80, r1, 0x2, '\x00', r3, r2, 0x4, 0x2, 0x4, 0x1}, 0x50) (async)

233.749258ms ago: executing program 0 (id=1655):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x20) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f00000002c0)='./file0\x00', &(0x7f00000004c0), 0x8017, &(0x7f0000000000)={'trans=virtio,', {[{@cache_readahead}, {@version_u}]}})
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a310000000014000380"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0) (async)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3800000040000701fefffff8ff000000017c0000040042800c00018006000600800a000014000280100014800c0016800800b6"], 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0xc800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd0002800800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
lstat(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000040))

231.032323ms ago: executing program 0 (id=1657):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000080)={0x8, 0x8169, 0x6}) (async)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e8f, 0x2, @mcast2, 0x7}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x2c}, 0x44004)

133.570884ms ago: executing program 3 (id=1659):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x9, 0x8000)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000040)=""/198)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(0xffffffffffffffff, 0xc0505510, &(0x7f0000000280)={0x0, 0x5, 0x8, 0xfff, &(0x7f0000000140)=[{}, {}, {}, {}, {}]})
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000300)={<r1=>0x0, 0x2}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000380)={<r2=>r1, 0x1ff}, 0xfffffffffffffffe)
r3 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x10)
ioctl$SIOCPNGETOBJECT(r3, 0x89e0, &(0x7f0000000440)=0x23aa)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000480)={r2, 0x1}, 0x8)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r4, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$FS_IOC_SETVERSION(r3, 0x40087602, &(0x7f0000000600)=0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_SURVEY(r5, &(0x7f0000000740)={&(0x7f0000000640), 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, r4, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20068040}, 0x4044800)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000780)={{0x1, 0x1, 0x18, <r7=>r3, {0x100}}, './file0\x00'})
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r7, 0x84, 0x23, &(0x7f00000007c0)={r2, 0xbb7}, 0x8)
r8 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000800), 0x29a200, 0x0)
bind$phonet(r3, &(0x7f0000000840)={0x23, 0x8, 0xff, 0xf}, 0x10)
r9 = syz_open_dev$ndb(&(0x7f0000000880), 0x0, 0x540)
ioctl$XFS_IOC_START_COMMIT(r9, 0x80585882, &(0x7f00000008c0)={<r10=>0xffffffffffffffff})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x60, r4, 0x8, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xa, 0x7e}}}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_FRAME={0x3a, 0x33, @action_no_ack={{{0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x1, 0x1}, {0x8}, @broadcast, @device_b, @random="a1ea722325fe", {0x7, 0x8}}, @tdls_chsw_resp={0xc, 0x6, {0x13, {0x65, 0x12, {@random="5f470ee9e907", @device_b, @broadcast}}, {0x68, 0x4, {0xb0, 0x9}}}}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r10, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x21000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x14, r4, 0x300, 0x70bd2a, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20040080)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r7, 0x84, 0x4, &(0x7f0000000b80), 0x4)
syz_genetlink_get_family_id$fou(&(0x7f0000000bc0), r7)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r8, 0x6, 0x21, &(0x7f0000000c00)="8b76ee490c027df498fd053fe67441a9", 0x10)
recvmsg$can_bcm(r7, &(0x7f0000000e40)={&(0x7f0000000c40)=@vsock, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000cc0)=""/32, 0x20}, {&(0x7f0000000d00)=""/224, 0xe0}], 0x2}, 0x10000)
ioctl$SIOCSIFMTU(r10, 0x8922, &(0x7f0000000e80)={'veth0_macvtap\x00', 0x90e})
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000f00), r5)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r5, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x24, r11, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40040)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f0000001000)={0x5, {{0xa, 0x4e23, 0x100, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1ff}}}, 0x88)

131.628943ms ago: executing program 3 (id=1660):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001", @ANYRESOCT], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40000)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NFT_BATCH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
close(0x3) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@gettfilter={0x24, 0x2e, 0x100, 0x70bc25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x8, 0xffff}, {0xf, 0xf}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4048040}, 0x0) (async, rerun: 64)
memfd_create(&(0x7f0000000040)='-\xa2\x85B/`]{\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9d*\xd1\xbd\t\x00\x00\x00\x13&\xb4a&', 0x2) (rerun: 64)
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4004010}, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async, rerun: 64)
accept4$alg(r4, 0x0, 0x0, 0xc00) (async, rerun: 64)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async, rerun: 64)
syz_kvm_setup_cpu$x86(r4, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x4b, 0x0, 0x0) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1) (async, rerun: 32)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

63.925773ms ago: executing program 3 (id=1661):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xfffffffd}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x58}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}}, 0x20004000) (async)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) (async)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x189482)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
close(0x3) (async)
ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x80000000) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xab98}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x841}, 0x40088d1) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async)
r2 = socket$netlink(0x10, 0x3, 0x0) (async)
r3 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7ffe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0xc745, 0x1, 0x4, 0x0, 0x2}) (async)
ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000000)={0x2, 0xd, 0xffffff44, 0x80800})
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

63.745108ms ago: executing program 3 (id=1662):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f0000000000)=<r4=>0x0)
bind$nfc_llcp(r2, &(0x7f0000000200)={0x27, r4, 0x0, 0x2, 0x4, 0xff, "d92984bd1ca44c226af5160e961711a077609475b78411e879918d20000000f2170e65e3f50327080e000000000000001900", 0x1c}, 0x60)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000140)={'syzkaller0\x00', 0x10})
ioctl$TUNGETSNDBUF(r6, 0x800454d3, &(0x7f0000000080))
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x2c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@crypto_settings=[@NL80211_ATTR_PMK={0x4}], @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004000}, 0x400c880)

2.171411ms ago: executing program 3 (id=1663):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x318, 0xffffffff, 0xffffffff, 0x318, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x3, 0xf, 0x0, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0xd}, [0xff000000, 0x0, 0xffffff00, 0xff000000], [0xff000000, 0xffff00, 0xffffff00, 0xff], [0xffffffff, 0xffffffff, 0xff000000, 0xffffff00], 0x0, 0x25e8}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x17}, @local, [0xff], [], 'lo\x00', 'gre0\x00', {}, {}, 0x0, 0x5}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x8, 0xfb}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x378)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f00000002c0)={{{0x1, 0x1}}, 0x0, 0x1000026, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000400)='id_legacy\x00', &(0x7f0000000440))
keyctl$dh_compute(0x17, &(0x7f00000006c0)={r1, r2, r2}, 0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={'streebog256\x00'}})

1.996424ms ago: executing program 3 (id=1664):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0xffffffffea30e898, 0x80)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000040)={0x3c, r2, 0xb97534d5fe970ccf, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x5}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x389}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
ioctl$VIDIOC_DQEVENT(r0, 0x80885659, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x201, 0x0)

0s ago: executing program 1 (id=1665):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000002900)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4044000}, 0x8000)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0xfffffff7, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x1, 0x12, 0x2}, 0x8, 0x203ffffd, 0x300, 0x0, 0x2, 0x20000, 0x0}) (async)
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='ext3\x00', 0x204001, 0x0)

kernel console output (not intermixed with test programs):

 } for  pid=8837 comm="syz.1.804" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  123.563863][   T40] audit: type=1400 audit(2000000067.409:1585): avc:  denied  { create } for  pid=8837 comm="syz.1.804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  123.577632][   T40] audit: type=1400 audit(2000000067.419:1586): avc:  denied  { read } for  pid=8841 comm="syz.0.805" dev="nsfs" ino=4026532888 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  123.665015][ T8848] sctp: [Deprecated]: syz.1.809 (pid 8848) Use of struct sctp_assoc_value in delayed_ack socket option.
[  123.665015][ T8848] Use struct sctp_sack_info instead
[  123.705047][ T8848] xfrm0 speed is unknown, defaulting to 1000
[  124.233298][ T8635] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  124.236900][ T8635] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.264097][ T8635] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  124.269901][ T8635] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.286984][ T8874] ubi31: attaching mtd0
[  124.293652][ T8874] ubi31: scanning is finished
[  124.294721][ T8876] netlink: 'syz.1.816': attribute type 30 has an invalid length.
[  124.296645][ T8635] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  124.300742][ T8635] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.305072][ T8874] ubi31: empty MTD device detected
[  124.321579][ T8635] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  124.324116][ T8635] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.400293][ T8883] tap0: tun_chr_ioctl cmd 1074025672
[  124.402830][ T8883] tap0: ignored: set checksum enabled
[  124.449623][ T8874] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  124.452766][ T8874] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  124.455779][ T8874] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  124.458502][ T8874] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  124.461356][ T8874] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  124.464032][ T8874] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  124.467309][ T8874] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2250594075
[  124.471189][ T8874] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  124.478554][ T8887] ubi31: background thread "ubi_bgt31d" started, PID 8887
[  124.490453][ T8870] ubi: mtd0 is already attached to ubi31
[  124.710509][ T8896] bond0: Error: Cannot enslave bond to itself.
[  124.819225][ T8900] netlink: 28 bytes leftover after parsing attributes in process `syz.1.824'.
[  125.002228][ T5883] IPVS: starting estimator thread 0...
[  125.020085][ T8906] qnx4: no qnx4 filesystem (no root dir).
[  125.022796][ T8910] IPVS: set_ctl: invalid protocol: 43 172.20.20.187:0
[  125.124121][ T8907] IPVS: using max 42 ests per chain, 100800 per kthread
[  125.148134][ T8931] netlink: 48 bytes leftover after parsing attributes in process `syz.2.831'.
[  125.227723][   T63] Bluetooth: hci1: unexpected event for opcode 0x1009
[  125.287435][ T8937] netlink: 132 bytes leftover after parsing attributes in process `syz.2.835'.
[  125.295493][ T8940] bond0: (slave team0): Releasing backup interface
[  125.305047][ T8940] team0 (unregistering): Port device team_slave_0 removed
[  125.315041][ T8940] team0 (unregistering): Port device team_slave_1 removed
[  125.435830][ T8953] netlink: 44 bytes leftover after parsing attributes in process `syz.0.838'.
[  125.523800][ T8960] input: syz0 as /devices/virtual/input/input13
[  125.701066][ T8970] libceph: resolve '�@��e2��OAq���cz' (ret=-3): failed
[  126.199748][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.206906][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.211427][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.219791][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.223455][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.225893][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.228250][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.230542][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.232881][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.235162][   T29] hid-generic 0003:0008:0005.0005: unknown main item tag 0x0
[  126.242421][   T29] hid-generic 0003:0008:0005.0005: hidraw1: USB HID v7.29 Device [syz0] on syz0
[  126.365366][ T9008] fido_id[9008]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  126.591417][ T5883] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  126.770166][ T5883] usb 7-1: not running at top speed; connect to a high speed hub
[  126.782848][ T5883] usb 7-1: config 1 interface 0 has no altsetting 0
[  126.786082][ T9019] netlink: 750 bytes leftover after parsing attributes in process `syz.1.858'.
[  126.789271][ T5883] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  126.795605][ T5883] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.799035][ T5883] usb 7-1: Product: Т
[  126.800878][ T5883] usb 7-1: Manufacturer: ᰊ
[  126.806597][ T5883] usb 7-1: SerialNumber: syz
[  126.920241][ T9023] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  126.923692][ T9026] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  127.044983][ T9035] xt_hashlimit: size too large, truncated to 1048576
[  127.044993][ T9034] xt_hashlimit: size too large, truncated to 1048576
[  127.216577][ T9048] openvswitch: netlink: IP tunnel dst address not specified
[  127.302336][ T5882] Process accounting resumed
[  127.396454][ T9065] netlink: 12 bytes leftover after parsing attributes in process `syz.0.871'.
[  127.402337][ T9065] binder: BINDER_SET_CONTEXT_MGR already set
[  127.404229][ T9065] binder: 9063:9065 ioctl 4018620d 200000004a80 returned -16
[  127.416165][ T9061] netlink: 'syz.3.870': attribute type 1 has an invalid length.
[  127.418634][ T9061] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  127.424207][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.870'.
[  127.429685][ T9061] netlink: 28 bytes leftover after parsing attributes in process `syz.3.870'.
[  127.527377][ T9074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9074 comm=syz.3.872
[  127.531203][ T9074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9074 comm=syz.3.872
[  128.065680][ T9085] syzkaller0: entered promiscuous mode
[  128.067493][ T9085] syzkaller0: entered allmulticast mode
[  128.143510][ T9090] xt_hashlimit: invalid rate
[  128.539007][ T9111] xfrm0 speed is unknown, defaulting to 1000
[  128.562981][   T40] kauditd_printk_skb: 268 callbacks suppressed
[  128.563050][   T40] audit: type=1400 audit(2000000072.409:1855): avc:  denied  { append } for  pid=9103 comm="syz.1.882" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  128.572525][   T40] audit: type=1400 audit(2000000072.409:1856): avc:  denied  { ioctl } for  pid=9103 comm="syz.1.882" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  128.588148][   T40] audit: type=1400 audit(2000000072.429:1857): avc:  denied  { create } for  pid=9110 comm="syz.3.884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  128.664129][ T9123] netlink: 'syz.0.886': attribute type 1 has an invalid length.
[  128.676130][ T9123] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.701725][ T9123] veth3: entered promiscuous mode
[  128.707812][ T9123] bond1: (slave veth3): Enslaving as an active interface with a down link
[  128.722479][   T40] audit: type=1400 audit(2000000072.569:1858): avc:  denied  { connect } for  pid=9110 comm="syz.3.884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  128.738266][ T9123] bond1: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  128.752631][ T5883] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71
[  128.771007][ T5883] usb 7-1: USB disconnect, device number 9
[  128.779683][   T40] audit: type=1400 audit(2000000072.619:1859): avc:  denied  { mounton } for  pid=9130 comm="syz.3.888" path="/306/file0" dev="tmpfs" ino=1644 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  128.784705][ T9131] overlayfs: failed to clone lowerpath
[  128.790534][   T40] audit: type=1400 audit(2000000072.619:1860): avc:  denied  { mount } for  pid=9130 comm="syz.3.888" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  128.813525][ T9131] overlayfs: failed to clone lowerpath
[  128.830238][ T9141] netlink: 104 bytes leftover after parsing attributes in process `syz.0.890'.
[  128.832110][   T40] audit: type=1400 audit(2000000072.669:1861): avc:  denied  { execmem } for  pid=9138 comm="syz.2.889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  128.835632][ T9142] netlink: 104 bytes leftover after parsing attributes in process `syz.0.890'.
[  128.839061][   T40] audit: type=1400 audit(2000000072.669:1862): avc:  denied  { execute } for  pid=9138 comm="syz.2.889" path="/152/file0" dev="tmpfs" ino=823 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  128.850365][   T40] audit: type=1800 audit(2000000072.669:1863): pid=9139 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.889" name="file0" dev="tmpfs" ino=823 res=0 errno=0
[  128.859217][   T40] audit: type=1804 audit(2000000072.679:1864): pid=9139 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.889" name="/newroot/152/file0" dev="tmpfs" ino=823 res=1 errno=0
[  128.945204][ T9151] netlink: 'syz.0.894': attribute type 4 has an invalid length.
[  129.041034][ T9158] netlink: 'syz.0.896': attribute type 7 has an invalid length.
[  129.044218][ T9158] netlink: 'syz.0.896': attribute type 8 has an invalid length.
[  129.818338][ T9201] netlink: 'syz.1.909': attribute type 11 has an invalid length.
[  130.034321][ T9222] __nla_validate_parse: 6 callbacks suppressed
[  130.034332][ T9222] netlink: 84 bytes leftover after parsing attributes in process `syz.3.916'.
[  130.100996][ T9228] netlink: 12 bytes leftover after parsing attributes in process `syz.3.917'.
[  130.135948][ T9235] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2571 sclass=netlink_route_socket pid=9235 comm=syz.2.919
[  130.143476][ T9235] netlink: 28 bytes leftover after parsing attributes in process `syz.2.919'.
[  130.149967][ T9235] netlink: 28 bytes leftover after parsing attributes in process `syz.2.919'.
[  130.179952][ T9240] loop5: detected capacity change from 0 to 2640
[  130.185968][ T8249] buffer_io_error: 4085 callbacks suppressed
[  130.185977][ T8249] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.190527][ T9245] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=515 sclass=netlink_route_socket pid=9245 comm=syz.3.923
[  130.194876][ T8249] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.199299][ T8249] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.204693][ T8249] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.207664][ T8249] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.211218][ T9240] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.217120][ T9240] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.220128][ T9240] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.223372][ T9240] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.225839][ T9240] Buffer I/O error on dev loop5, logical block 0, async page read
[  130.228380][ T9240] ldm_validate_partition_table(): Disk read failed.
[  130.236212][ T9240] Dev loop5: unable to read RDB block 0
[  130.238107][ T9240]  loop5: unable to read partition table
[  130.252125][ T9240] loop_reread_partitions: partition scan of loop5 (3�����) failed (rc=-5)
[  130.805782][ T9294] netlink: 4 bytes leftover after parsing attributes in process `syz.3.936'.
[  130.925988][ T9302] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  131.071433][   T29] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  131.223480][   T29] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  131.227932][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.232151][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.235979][   T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  131.242364][   T29] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  131.246102][   T29] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  131.249367][   T29] usb 6-1: Manufacturer: syz
[  131.253293][   T29] usb 6-1: config 0 descriptor??
[  131.357250][ T9310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.942'.
[  131.474328][ T9316] netlink: 'syz.0.944': attribute type 1 has an invalid length.
[  131.502159][ T9316] 8021q: adding VLAN 0 to HW filter on device bond2
[  131.549102][ T9316] veth5: entered promiscuous mode
[  131.557185][ T9316] bond2: (slave veth5): Enslaving as an active interface with a down link
[  131.570083][ T9323] SELinux: security_context_str_to_sid (E�) failed with errno=-22
[  131.651986][ T9327] bond3: Unable to set down delay as MII monitoring is disabled
[  131.658426][ T9327] bond3 (unregistering): Released all slaves
[  131.665830][   T29] hid_parser_main: 30 callbacks suppressed
[  131.665848][   T29] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  131.682795][   T29] appleir 0003:05AC:8243.0006: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  131.911539][ T9351] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  131.934262][ T9361] netlink: 'syz.3.957': attribute type 29 has an invalid length.
[  131.939544][ T9361] netlink: 'syz.3.957': attribute type 3 has an invalid length.
[  131.942112][ T9361] netlink: 76 bytes leftover after parsing attributes in process `syz.3.957'.
[  131.958350][ T9358] nvme_fabrics: missing parameter 'transport=%s'
[  131.962421][ T9358] nvme_fabrics: missing parameter 'nqn=%s'
[  131.969360][ T9358] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[  131.980242][ T9367] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  132.029258][ T9369] openvswitch: netlink: Missing valid actions attribute.
[  132.030711][ T9371] netlink: 16 bytes leftover after parsing attributes in process `syz.0.961'.
[  132.032859][ T9369] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  132.036665][ T9371] netlink: 16 bytes leftover after parsing attributes in process `syz.0.961'.
[  132.048541][ T9369] netlink: 24 bytes leftover after parsing attributes in process `syz.2.960'.
[  132.292096][ T9382] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  132.747179][ T9421] netlink: 'syz.2.975': attribute type 2 has an invalid length.
[  133.273380][ T9441] openvswitch: netlink: Geneve opt len 62 is not a multiple of 4.
[  133.296790][ T9445] veth1_macvtap: left promiscuous mode
[  133.298529][ T9445] macsec0: entered promiscuous mode
[  133.303459][ T9445] veth1_macvtap: entered promiscuous mode
[  133.305397][ T9445] macsec0: left promiscuous mode
[  133.324614][ T9445] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method
[  133.447564][ T9459] tipc: Can't bind to reserved service type 2
[  133.573267][   T40] kauditd_printk_skb: 317 callbacks suppressed
[  133.573360][   T40] audit: type=1400 audit(2000000077.419:2182): avc:  denied  { mount } for  pid=9464 comm="syz.2.990" name="/" dev="9p" ino=80216101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  133.594563][   T40] audit: type=1400 audit(2000000077.419:2183): avc:  denied  { write } for  pid=9464 comm="syz.2.990" name="/" dev="9p" ino=80216101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  133.608196][   T40] audit: type=1400 audit(2000000077.419:2184): avc:  denied  { add_name } for  pid=9464 comm="syz.2.990" name="cpuacct.usage_user" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  133.616128][   T40] audit: type=1400 audit(2000000077.419:2185): avc:  denied  { create } for  pid=9464 comm="syz.2.990" name="cpuacct.usage_user" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  133.631622][   T40] audit: type=1400 audit(2000000077.419:2186): avc:  denied  { associate } for  pid=9464 comm="syz.2.990" name="cpuacct.usage_user" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  133.639491][   T40] audit: type=1400 audit(2000000077.419:2187): avc:  denied  { read append } for  pid=9464 comm="syz.2.990" name="cpuacct.usage_user" dev="9p" ino=80216183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  133.648944][   T40] audit: type=1400 audit(2000000077.419:2188): avc:  denied  { open } for  pid=9464 comm="syz.2.990" path="/176/file0/cpuacct.usage_user" dev="9p" ino=80216183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  133.661044][   T40] audit: type=1400 audit(2000000077.429:2189): avc:  denied  { write } for  pid=9464 comm="syz.2.990" name="cpuacct.usage_user" dev="9p" ino=80216183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  133.663671][ T9475] bond6 (unregistering): Released all slaves
[  133.669584][   T40] audit: type=1400 audit(2000000077.429:2190): avc:  denied  { read write } for  pid=9464 comm="syz.2.990" name="uinput" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  133.679618][   T40] audit: type=1400 audit(2000000077.429:2191): avc:  denied  { open } for  pid=9464 comm="syz.2.990" path="/dev/uinput" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  133.768231][ T5813] usb 6-1: USB disconnect, device number 9
[  133.780745][ T9483] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  133.848248][ T9490] xt_hashlimit: size too large, truncated to 1048576
[  133.857463][ T9486] 9p: Could not find request transport: v�irtio
[  133.935005][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.939495][ T9502] SELinux: failed to load policy
[  133.940213][ T9496] overlayfs: failed to clone upperpath
[  133.941515][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.941545][ T9502] SELinux: failed to load policy
[  133.941633][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.941652][ T9502] SELinux: failed to load policy
[  133.941826][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.960272][ T9502] SELinux: failed to load policy
[  133.966115][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.967967][ T9505] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1040 sclass=netlink_route_socket pid=9505 comm=syz.1.1000
[  133.969801][ T9502] SELinux: failed to load policy
[  133.976094][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.979260][ T9502] SELinux: failed to load policy
[  133.981038][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.986011][ T9502] SELinux: failed to load policy
[  133.988005][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.991048][ T9502] SELinux: failed to load policy
[  133.992993][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  133.996062][ T9502] SELinux: failed to load policy
[  133.998442][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.001639][ T9502] SELinux: failed to load policy
[  134.003248][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.006350][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.009440][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.012958][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.016281][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.025534][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.042387][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.047141][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.054151][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.059062][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.065327][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.070306][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.077511][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.082964][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.087065][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.091164][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.098614][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.108075][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.112434][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.116609][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.120708][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.126213][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.130515][ T9502] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  134.351873][ T9534] Bluetooth: MGMT ver 1.23
[  134.375077][ T9538] 9pnet_virtio: no channels available for device syz
[  134.601492][   T39] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  134.625059][ T9553] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  134.697910][ T9564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.703951][ T9564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.751821][   T39] usb 7-1: Using ep0 maxpacket: 8
[  134.754986][   T39] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  134.758208][   T39] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  134.762156][   T39] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  134.766974][   T39] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  134.768722][ T9569] fuse: fd is not a fuse device
[  134.772566][   T39] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.777364][   T39] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  134.780743][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.941377][ T6175] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  134.944765][ T9576] xt_cgroup: path and classid specified
[  134.994668][   T39] usb 7-1: usb_control_msg returned -32
[  134.996363][   T39] usbtmc 7-1:16.0: can't read capabilities
[  135.070054][ T9580] __nla_validate_parse: 10 callbacks suppressed
[  135.070121][ T9580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1019'.
[  135.103099][ T6175] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.107375][ T6175] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.112489][ T6175] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  135.118522][ T6175] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  135.121277][ T6175] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.127325][ T6175] usb 6-1: config 0 descriptor??
[  135.257621][   T50] usb 7-1: USB disconnect, device number 10
[  135.259183][ T9536] usbtmc 7-1:16.0: usb_control_msg returned -71
[  135.538431][ T6175] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  135.859766][ T9586] IPv4: Oversized IP packet from 127.202.26.0
[  136.110071][ T9595] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1022'.
[  136.114044][ T9595] netlink: 'syz.2.1022': attribute type 7 has an invalid length.
[  136.117380][ T9595] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1022'.
[  136.148999][ T9594] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  136.155001][ T9594] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  136.169865][ T9594] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3)
[  136.173705][ T9594] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3)
[  136.177950][ T9594] overlayfs: d_ino too big (269, ino=9223372036854777256, xinobits=3)
[  136.180697][ T9594] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3)
[  136.183716][ T9594] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=3)
[  136.186543][ T9594] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=3)
[  136.189226][ T9594] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=3)
[  136.192615][ T9594] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=3)
[  136.195318][ T9594] overlayfs: d_ino too big (dev, ino=4611686018427387923, xinobits=3)
[  136.198343][ T9594] overlayfs: d_ino too big (kernel, ino=4611686018427387911, xinobits=3)
[  136.240274][ T9600] netlink: 'syz.2.1024': attribute type 1 has an invalid length.
[  136.288801][ T9605] netlink: 'syz.2.1026': attribute type 11 has an invalid length.
[  136.292001][ T9605] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1026'.
[  136.474242][ T9603] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  136.503934][ T9603] xt_hashlimit: size too large, truncated to 1048576
[  136.802264][ T9636] netdevsim netdevsim0: Direct firmware load for 
 failed with error -2
[  136.806193][ T9636] netdevsim netdevsim0: Falling back to sysfs fallback for: 

[  137.192018][ T5827] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  137.343491][ T5827] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  137.347098][ T5827] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.351645][ T5827] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  137.355478][ T5827] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.367888][ T5827] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  137.372031][ T5827] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  137.375311][ T5827] usb 7-1: Product: syz
[  137.377195][ T5827] usb 7-1: Manufacturer: syz
[  137.390985][ T5827] cdc_wdm 7-1:1.0: skipping garbage
[  137.396730][ T5827] cdc_wdm 7-1:1.0: skipping garbage
[  137.400637][ T5827] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device
[  137.403789][ T5827] cdc_wdm 7-1:1.0: Unknown control protocol
[  137.593132][ T6175] usb 7-1: USB disconnect, device number 11
[  137.615475][   T29] usb 6-1: USB disconnect, device number 10
[  137.632654][ T1439] ieee802154 phy0 wpan0: encryption failed: -22
[  137.634698][ T1439] ieee802154 phy1 wpan1: encryption failed: -22
[  137.689317][ T9649] xt_hashlimit: size too large, truncated to 1048576
[  137.846993][ T9652] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1036'.
[  137.850869][ T9652] netlink: 'syz.3.1036': attribute type 7 has an invalid length.
[  137.855483][ T9652] netlink: 'syz.3.1036': attribute type 8 has an invalid length.
[  137.858598][ T9652] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1036'.
[  137.943356][ T9659] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1039'.
[  137.980421][ T9665] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1040'.
[  138.041424][ T6175] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  138.044571][ T9668] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1041'.
[  138.051770][ T9667] overlayfs: statfs failed on './file0'
[  138.118474][ T9670] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1551 sclass=netlink_route_socket pid=9670 comm=syz.1.1042
[  138.195006][ T6175] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  138.202214][ T6175] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.208096][ T6175] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  138.213790][ T6175] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.219359][ T6175] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  138.223347][ T6175] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  138.226528][ T6175] usb 7-1: Product: syz
[  138.228163][ T6175] usb 7-1: Manufacturer: syz
[  138.231550][ T5885] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  138.237928][ T6175] cdc_wdm 7-1:1.0: skipping garbage
[  138.239750][ T6175] cdc_wdm 7-1:1.0: skipping garbage
[  138.244667][ T6175] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  138.246670][ T6175] cdc_wdm 7-1:1.0: Unknown control protocol
[  138.391457][ T5885] usb 5-1: Using ep0 maxpacket: 8
[  138.398941][ T5885] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  138.403267][ T5885] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  138.407136][ T5885] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  138.410377][ T5885] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  138.415393][ T5885] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  138.418815][ T5885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.568743][ T9678] netlink: 'syz.3.1045': attribute type 4 has an invalid length.
[  138.572133][ T9678] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1045'.
[  138.620334][   T40] kauditd_printk_skb: 299 callbacks suppressed
[  138.620350][   T40] audit: type=1400 audit(2000000082.459:2491): avc:  denied  { create } for  pid=9684 comm="syz.3.1047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.630663][   T40] audit: type=1400 audit(2000000082.469:2492): avc:  denied  { write } for  pid=9684 comm="syz.3.1047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.633835][ T5885] usb 5-1: GET_CAPABILITIES returned 0
[  138.637138][   T40] audit: type=1400 audit(2000000082.469:2493): avc:  denied  { nlmsg_read } for  pid=9684 comm="syz.3.1047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.638821][ T5885] usbtmc 5-1:16.0: can't read capabilities
[  138.672886][   T40] audit: type=1400 audit(2000000082.519:2494): avc:  denied  { read write } for  pid=5733 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  138.680468][   T40] audit: type=1400 audit(2000000082.519:2495): avc:  denied  { open } for  pid=5733 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  138.688847][   T40] audit: type=1400 audit(2000000082.519:2496): avc:  denied  { ioctl } for  pid=5733 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  138.697514][   T40] audit: type=1400 audit(2000000082.519:2497): avc:  denied  { prog_load } for  pid=9686 comm="syz.3.1048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  138.704691][   T40] audit: type=1400 audit(2000000082.519:2498): avc:  denied  { perfmon } for  pid=9688 comm="syz.1.1049" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  138.711970][   T40] audit: type=1400 audit(2000000082.519:2499): avc:  denied  { prog_run } for  pid=9688 comm="syz.1.1049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  138.718421][   T40] audit: type=1400 audit(2000000082.539:2500): avc:  denied  { ioctl } for  pid=9688 comm="syz.1.1049" path="socket:[32007]" dev="sockfs" ino=32007 ioctlcmd=0x6608 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.785254][ T9698] tmpfs: Unknown parameter 'grpq�ota_block_hardlimit'
[  138.843386][ T5885] usb 5-1: USB disconnect, device number 12
[  138.851132][ T9714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.857417][ T9714] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.884562][ T9714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.895514][ T9714] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.049853][ T9728] fuse: fd is not a fuse device
[  139.466822][ T9751] xfrm0 speed is unknown, defaulting to 1000
[  139.811379][ T5885] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  139.971417][ T5885] usb 5-1: Using ep0 maxpacket: 32
[  139.980895][ T5885] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  139.984131][ T9765] netlink: 'syz.1.1070': attribute type 1 has an invalid length.
[  139.991453][ T5885] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  139.997313][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  140.003921][ T5885] usb 5-1: Product: syz
[  140.005409][ T9765] 8021q: adding VLAN 0 to HW filter on device bond6
[  140.009424][ T5885] usb 5-1: Manufacturer: syz
[  140.011191][ T5885] usb 5-1: SerialNumber: syz
[  140.024780][ T5885] usb 5-1: config 0 descriptor??
[  140.032184][ T9757] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  140.036594][ T5885] hub 5-1:0.0: bad descriptor, ignoring hub
[  140.041364][ T5885] hub 5-1:0.0: probe with driver hub failed with error -5
[  140.048338][ T9765] bond6: (slave veth5): Enslaving as an active interface with a down link
[  140.103892][ T9765] 8021q: adding VLAN 0 to HW filter on device batadv1
[  140.106691][ T9765] bond6: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  140.108074][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  140.114245][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  140.115991][   T50] usb 7-1: USB disconnect, device number 12
[  140.117871][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  140.270880][ T9757] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[  140.274683][ T9757] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[  140.352769][   T29] usb 5-1: USB disconnect, device number 13
[  140.474743][ T9778] __nla_validate_parse: 3 callbacks suppressed
[  140.474812][ T9778] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1073'.
[  140.834221][   T63] Bluetooth: hci0: command tx timeout
[  140.895509][ T9798] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1078'.
[  140.942748][   T63] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[  141.027813][ T9809] nbd: must specify a size in bytes for the device
[  141.036398][ T9809] pim6reg1: entered promiscuous mode
[  141.038102][ T9809] pim6reg1: entered allmulticast mode
[  141.042411][ T9810] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1027 sclass=netlink_route_socket pid=9810 comm=syz.2.1079
[  141.335333][ T9820] netlink: 'syz.2.1085': attribute type 1 has an invalid length.
[  141.338715][ T9820] netlink: 'syz.2.1085': attribute type 1 has an invalid length.
[  141.343172][ T9820] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1085'.
[  141.343341][ T9820] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1085'.
[  141.343356][ T9820] netlink: 'syz.2.1085': attribute type 1 has an invalid length.
[  141.343369][ T9820] netlink: 634 bytes leftover after parsing attributes in process `syz.2.1085'.
[  141.392986][ T9825] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1087'.
[  141.446773][ T9828] support for cryptoloop has been removed.  Use dm-crypt instead.
[  141.537465][ T5827] IPVS: starting estimator thread 0...
[  141.621939][ T9836] IPVS: using max 43 ests per chain, 103200 per kthread
[  141.724914][ T9851] sg_write: data in/out 16777180/10 bytes for SCSI command 0x0-- guessing data in;
[  141.724914][ T9851]    program syz.1.1095 not setting count and/or reply_len properly
[  141.775355][ T9858] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  142.037149][ T9874] netlink: 'syz.2.1100': attribute type 29 has an invalid length.
[  142.061468][ T5885] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  142.149498][ T9885] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  142.155017][ T9885] block device autoloading is deprecated and will be removed.
[  142.201460][ T5885] usb 5-1: device descriptor read/64, error -71
[  142.215360][ T9889] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1104'.
[  142.441579][ T5885] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  142.527663][ T9918] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  142.568494][ T9922] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  142.581771][ T5885] usb 5-1: device descriptor read/64, error -71
[  142.693092][ T5885] usb usb5-port1: attempt power cycle
[  142.710043][ T9931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1118'.
[  142.712926][ T9931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1118'.
[  142.827370][ T9936] netlink: 'syz.1.1119': attribute type 10 has an invalid length.
[  142.902316][ T9943] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  142.974709][ T9940] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1121'.
[  143.051492][ T5885] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  143.074902][ T5885] usb 5-1: device descriptor read/8, error -71
[  143.121005][ T9958] tipc: Started in network mode
[  143.123034][ T9958] tipc: Node identity 72ef7e4960d3, cluster identity 3865
[  143.134555][ T9958] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.321553][ T5885] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  143.341984][ T5885] usb 5-1: device descriptor read/8, error -71
[  143.402277][ T9976] openvswitch: netlink: IP tunnel attribute has 231 unknown bytes.
[  143.463598][ T5885] usb usb5-port1: unable to enumerate USB device
[  143.497927][ T9981] /dev/sr0: Can't open blockdev
[  143.510034][ T9981] loop6: detected capacity change from 0 to 8
[  143.615610][ T9993] netlink: 'syz.1.1134': attribute type 12 has an invalid length.
[  143.849060][   T40] kauditd_printk_skb: 310 callbacks suppressed
[  143.849076][   T40] audit: type=1400 audit(2000000087.689:2811): avc:  denied  { create } for  pid=9999 comm="syz.1.1137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  143.852985][T10000] syzkaller1: entered promiscuous mode
[  143.862705][   T40] audit: type=1400 audit(2000000087.699:2812): avc:  denied  { create } for  pid=9999 comm="syz.1.1137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  143.863989][T10000] syzkaller1: entered allmulticast mode
[  143.869688][   T40] audit: type=1400 audit(2000000087.699:2813): avc:  denied  { ioctl } for  pid=9999 comm="syz.1.1137" path="socket:[31671]" dev="sockfs" ino=31671 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  143.967401][ T9981] Dev loop6: unable to read RDB block 8
[  143.969289][ T9981]  loop6: unable to read partition table
[  143.971248][ T9981] loop6: partition table beyond EOD, truncated
[  143.973269][ T9981] loop_reread_partitions: partition scan of loop6 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  143.981969][   T40] audit: type=1400 audit(2000000087.829:2814): avc:  denied  { read write } for  pid=10001 comm="syz.1.1138" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  143.990040][   T40] audit: type=1400 audit(2000000087.829:2815): avc:  denied  { open } for  pid=10001 comm="syz.1.1138" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  144.027243][   T40] audit: type=1400 audit(2000000087.869:2816): avc:  denied  { mounton } for  pid=10003 comm="syz.1.1139" path="/271" dev="tmpfs" ino=1453 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  144.141762][   T50] tipc: Node number set to 305954377
[  144.189115][   T40] audit: type=1400 audit(2000000088.029:2817): avc:  denied  { read write } for  pid=10015 comm="syz.1.1141" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  144.196836][   T40] audit: type=1400 audit(2000000088.029:2818): avc:  denied  { open } for  pid=10015 comm="syz.1.1141" path="/dev/dri/card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  144.205263][   T40] audit: type=1400 audit(2000000088.039:2819): avc:  denied  { ioctl } for  pid=10015 comm="syz.1.1141" path="/dev/dri/card2" dev="devtmpfs" ino=639 ioctlcmd=0x640d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  144.217488][   T40] audit: type=1400 audit(2000000088.039:2820): avc:  denied  { create } for  pid=10015 comm="syz.1.1141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  144.247180][T10017] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  144.250388][T10017] UDF-fs: Scanning with blocksize 2048 failed
[  144.255437][T10017] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  144.257603][T10017] UDF-fs: Scanning with blocksize 4096 failed
[  144.932430][T10060] MTD: Attempt to mount non-MTD device "/dev/md0"
[  144.934015][T10058] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  144.938198][T10060] cramfs: wrong magic
[  144.945423][T10058] CIFS mount error: No usable UNC path provided in device string!
[  144.945423][T10058] 
[  144.955445][T10058] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  144.976160][T10058] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  144.978611][T10058] IPv6: NLM_F_CREATE should be set when creating new route
[  144.981073][T10058] IPv6: NLM_F_CREATE should be set when creating new route
[  145.060339][T10064] program syz.0.1146 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  145.105102][T10068] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  145.109068][T10068] overlayfs: missing 'lowerdir'
[  145.151884][T10066] md: md2 stopped.
[  145.163373][T10066] mac80211_hwsim hwsim4 ������: renamed from wlan0 (while UP)
[  145.573867][T10108] __nla_validate_parse: 2 callbacks suppressed
[  145.573883][T10108] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1162'.
[  145.841467][ T6175] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  145.877482][T10121] misc userio: Invalid payload size
[  145.880127][T10121] misc userio: Invalid payload size
[  146.006008][ T6175] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.012869][ T6175] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.016698][ T6175] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  146.022419][ T6175] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  146.025217][ T6175] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.029157][ T6175] usb 6-1: config 0 descriptor??
[  146.436406][ T6175] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  146.438807][ T6175] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x5
[  146.441088][ T6175] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x2
[  146.443486][ T6175] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x5
[  146.445830][ T6175] plantronics 0003:047F:FFFF.0008: item fetching failed at offset 11/15
[  146.448639][ T6175] plantronics 0003:047F:FFFF.0008: parse failed
[  146.450803][T10167] xt_CT: No such helper "pptp"
[  146.454031][ T6175] plantronics 0003:047F:FFFF.0008: probe with driver plantronics failed with error -22
[  146.540475][T10173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1181'.
[  146.544502][T10173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1181'.
[  146.651798][T10173] block nbd1: server does not support multiple connections per device.
[  146.660151][T10173] block nbd1: shutting down sockets
[  146.698593][T10188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1185'.
[  146.921537][T10196] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1188'.
[  147.205065][T10221] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1195'.
[  147.376878][T10241] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  147.554737][T10256] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1205'.
[  147.564872][T10253] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  147.567953][T10253] UDF-fs: Scanning with blocksize 2048 failed
[  147.573856][T10253] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  147.576800][T10253] UDF-fs: Scanning with blocksize 4096 failed
[  147.687131][T10265] cgroup2: Unknown parameter 'euid'
[  147.708630][T10265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1209'.
[  147.713788][T10265] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1209'.
[  148.216592][T10276] bond0: Error: CAN devices cannot be enslaved
[  148.334303][T10282] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1213'.
[  148.587028][ T5827] usb 6-1: USB disconnect, device number 11
[  148.720900][T10311] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input17
[  148.791602][T10316] netlink: 'syz.3.1224': attribute type 39 has an invalid length.
[  148.875145][   T40] kauditd_printk_skb: 267 callbacks suppressed
[  148.875212][   T40] audit: type=1400 audit(2000000092.719:3088): avc:  denied  { read } for  pid=10319 comm="syz.1.1226" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  148.894179][   T40] audit: type=1400 audit(2000000092.729:3089): avc:  denied  { open } for  pid=10319 comm="syz.1.1226" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  148.932886][   T40] audit: type=1400 audit(2000000092.779:3090): avc:  denied  { mounton } for  pid=10324 comm="syz.0.1227" path="/317/file0" dev="tmpfs" ino=1723 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  148.956350][   T40] audit: type=1400 audit(2000000092.779:3091): avc:  denied  { mount } for  pid=10324 comm="syz.0.1227" name="/" dev="9p" ino=80216101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  148.976829][   T40] audit: type=1400 audit(2000000092.779:3092): avc:  denied  { write } for  pid=10324 comm="syz.0.1227" name="/" dev="9p" ino=80216101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  148.993786][   T40] audit: type=1400 audit(2000000092.779:3093): avc:  denied  { add_name } for  pid=10324 comm="syz.0.1227" name="blkio.throttle.io_service_bytes" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  149.020479][   T40] audit: type=1400 audit(2000000092.779:3094): avc:  denied  { create } for  pid=10324 comm="syz.0.1227" name="blkio.throttle.io_service_bytes" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  149.029576][   T40] audit: type=1400 audit(2000000092.779:3095): avc:  denied  { associate } for  pid=10324 comm="syz.0.1227" name="blkio.throttle.io_service_bytes" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  149.038559][   T40] audit: type=1400 audit(2000000092.789:3096): avc:  denied  { read append } for  pid=10324 comm="syz.0.1227" name="blkio.throttle.io_service_bytes" dev="9p" ino=80216179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.048332][   T40] audit: type=1400 audit(2000000092.789:3097): avc:  denied  { open } for  pid=10324 comm="syz.0.1227" path="/317/file0/blkio.throttle.io_service_bytes" dev="9p" ino=80216179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  149.048810][T10327] could not open pipe file descriptor
[  149.143730][T10332] ufs: You didn't specify the type of your ufs filesystem
[  149.143730][T10332] 
[  149.143730][T10332] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  149.143730][T10332] 
[  149.143730][T10332] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  149.156568][T10332] ufs: failed to set blocksize
[  149.312342][T10330] ipip0: entered allmulticast mode
[  149.640735][T10353] overlayfs: failed to clone upperpath
[  149.802126][T10360] syzkaller0: entered promiscuous mode
[  149.804434][T10360] syzkaller0: entered allmulticast mode
[  150.106060][T10377] hsr_slave_1 (unregistering): left promiscuous mode
[  150.279201][T10380] debugfs: '1��^!0x0000000000000003' already exists in 'ieee80211'
[  150.322601][T10380] sysfs: cannot create duplicate filename '/class/ieee80211/1��^!0x0000000000000003'
[  150.325571][T10380] CPU: 1 UID: 0 PID: 10380 Comm: syz.0.1246 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  150.325590][T10380] Tainted: [L]=SOFTLOCKUP
[  150.325594][T10380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  150.325601][T10380] Call Trace:
[  150.325605][T10380]  <TASK>
[  150.325610][T10380]  dump_stack_lvl+0x100/0x190
[  150.325634][T10380]  sysfs_warn_dup.cold+0x1c/0x28
[  150.325652][T10380]  sysfs_do_create_link_sd+0x113/0x140
[  150.325668][T10380]  sysfs_create_link+0x61/0xc0
[  150.325683][T10380]  device_add+0x675/0x1950
[  150.325707][T10380]  ? __pfx_device_add+0x10/0x10
[  150.325724][T10380]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  150.325739][T10380]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  150.325767][T10380]  wiphy_register+0x1edd/0x2d90
[  150.325780][T10380]  ? __rtnl_unlock+0xb9/0xf0
[  150.325796][T10380]  ? __pfx_wiphy_register+0x10/0x10
[  150.325809][T10380]  ? __asan_memset+0x23/0x50
[  150.325826][T10380]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  150.325848][T10380]  ieee80211_register_hw+0x3055/0x4570
[  150.325871][T10380]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  150.325887][T10380]  ? __pfx___debug_object_init+0x10/0x10
[  150.325902][T10380]  ? find_held_lock+0x2b/0x80
[  150.325913][T10380]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  150.325926][T10380]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  150.325941][T10380]  ? __hrtimer_setup+0x208/0x330
[  150.325957][T10380]  mac80211_hwsim_new_radio+0x2a01/0x5aa0
[  150.325980][T10380]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  150.325994][T10380]  ? __asan_memcpy+0x3c/0x60
[  150.326012][T10380]  hwsim_new_radio_nl+0xc5f/0x1370
[  150.326025][T10380]  ? rcu_is_watching+0x12/0xc0
[  150.326043][T10380]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  150.326059][T10380]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0
[  150.326076][T10380]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[  150.326094][T10380]  genl_family_rcv_msg_doit+0x214/0x300
[  150.326111][T10380]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  150.326131][T10380]  ? bpf_lsm_capable+0x9/0x10
[  150.326141][T10380]  ? security_capable+0x80/0x260
[  150.326155][T10380]  ? ns_capable+0xd2/0xf0
[  150.326172][T10380]  genl_rcv_msg+0x560/0x800
[  150.326189][T10380]  ? __pfx_genl_rcv_msg+0x10/0x10
[  150.326204][T10380]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  150.326221][T10380]  netlink_rcv_skb+0x159/0x420
[  150.326234][T10380]  ? __pfx_genl_rcv_msg+0x10/0x10
[  150.326249][T10380]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  150.326269][T10380]  ? netlink_deliver_tap+0x1ae/0xcc0
[  150.326284][T10380]  genl_rcv+0x28/0x40
[  150.326296][T10380]  netlink_unicast+0x585/0x850
[  150.326311][T10380]  ? __pfx_netlink_unicast+0x10/0x10
[  150.326329][T10380]  netlink_sendmsg+0x8b0/0xda0
[  150.326345][T10380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.326357][T10380]  ? __might_fault+0x40/0x140
[  150.326378][T10380]  ____sys_sendmsg+0x9e1/0xb70
[  150.326389][T10380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.326403][T10380]  ? __pfx_____sys_sendmsg+0x10/0x10
[  150.326419][T10380]  ? __pfx_futex_wake_mark+0x10/0x10
[  150.326431][T10380]  ___sys_sendmsg+0x190/0x1e0
[  150.326446][T10380]  ? __pfx____sys_sendmsg+0x10/0x10
[  150.326472][T10380]  ? do_futex+0x192/0x350
[  150.326490][T10380]  __sys_sendmsg+0x170/0x220
[  150.326506][T10380]  ? __pfx___sys_sendmsg+0x10/0x10
[  150.326523][T10380]  ? __x64_sys_futex+0x34f/0x4d0
[  150.326549][T10380]  ? rcu_is_watching+0x12/0xc0
[  150.326567][T10380]  do_syscall_64+0x115/0x870
[  150.326583][T10380]  ? clear_bhb_loop+0x40/0x90
[  150.326597][T10380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.326609][T10380] RIP: 0033:0x7f54d0b9ce59
[  150.326619][T10380] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  150.326629][T10380] RSP: 002b:00007f54cedf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  150.326640][T10380] RAX: ffffffffffffffda RBX: 00007f54d0e15fa0 RCX: 00007f54d0b9ce59
[  150.326647][T10380] RDX: 0000000004000010 RSI: 0000200000000100 RDI: 0000000000000003
[  150.326653][T10380] RBP: 00007f54d0c32d6f R08: 0000000000000000 R09: 0000000000000000
[  150.326662][T10380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  150.326671][T10380] R13: 00007f54d0e16038 R14: 00007f54d0e15fa0 R15: 00007fff97c02ce8
[  150.326691][T10380]  </TASK>
[  150.653488][T10412] TCP: TCP_TX_DELAY enabled
[  150.689684][T10419] Invalid source name
[  150.690995][T10419] UBIFS error (pid: 10419): cannot open "ubifs", error -22
[  150.716308][T10417] cgroup: noprefix used incorrectly
[  150.728780][T10417] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  150.884044][T10436] xfrm0 speed is unknown, defaulting to 1000
[  150.892931][   T60] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  150.903535][T10438] xfrm0 speed is unknown, defaulting to 1000
[  150.970387][T10447] __nla_validate_parse: 2 callbacks suppressed
[  150.970399][T10447] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1266'.
[  150.978114][T10448] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1266'.
[  150.986534][T10447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10447 comm=syz.3.1266
[  151.025132][T10438] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1264'.
[  151.028013][T10443] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1264'.
[  151.062340][   T60] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  151.084488][   T60] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  151.093589][   T60] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  151.105372][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.157468][T10468] fuse: fd is not a fuse device
[  151.159321][T10467] fuse: fd is not a fuse device
[  151.266750][T10479] fuse: Unknown parameter '����0x0000000000000005'
[  151.328288][   T63] Bluetooth: hci1: unexpected event for opcode 0x200c
[  151.361141][   T60] usb 5-1: usb_control_msg returned -32
[  151.363264][   T60] usbtmc 5-1:16.0: can't read capabilities
[  151.568797][   T29] usb 5-1: USB disconnect, device number 18
[  151.750424][T10527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1280'.
[  151.753501][T10527] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1280'.
[  151.756413][T10527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1280'.
[  151.759207][T10527] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1280'.
[  151.957648][T10532] IPv6: sit1: Disabled Multicast RS
[  151.960601][T10532] sit1: entered allmulticast mode
[  152.061928][T10539] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1284'.
[  152.064813][T10539] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1284'.
[  152.146572][T10543] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  152.196659][T10545] xfrm0 speed is unknown, defaulting to 1000
[  152.254526][T10550] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  152.349565][T10557] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.366596][T10557] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.399954][T10557] 8021q: adding VLAN 0 to HW filter on device bond1
[  152.406082][T10561] xt_cluster: you have exceeded the maximum number of cluster nodes (205 > 32)
[  152.415078][T10516] bond2: (slave lo): interface is now down
[  152.424926][T10557] 8021q: adding VLAN 0 to HW filter on device bond2
[  152.443729][T10557] 8021q: adding VLAN 0 to HW filter on device team1
[  152.453805][T10557] 8021q: adding VLAN 0 to HW filter on device bond5
[  152.463687][T10557] batadv0: entered promiscuous mode
[  152.467293][T10557] 8021q: adding VLAN 0 to HW filter on device macsec1
[  152.473725][T10557] 8021q: adding VLAN 0 to HW filter on device bond7
[  152.503364][ T5827] xfrm0 speed is unknown, defaulting to 1000
[  152.522917][T10503] bond3: (slave veth3): link status definitely up, 10000 Mbps full duplex
[  152.530696][T10503] bond3: (slave veth3): making interface the new active one
[  152.540797][T10503] bond3: active interface up!
[  152.563202][T10516] bond2: (slave lo): interface is now down
[  152.573125][T10516] bond2: now running without any active interface!
[  152.592833][T10503] bond6: (slave veth5): link status definitely up, 10000 Mbps full duplex
[  152.598820][T10503] bond6: (slave veth5): making interface the new active one
[  152.605135][T10503] bond6: active interface up!
[  152.715647][T10575] Bluetooth: MGMT ver 1.23
[  152.853754][T10584] vcan0: tx drop: invalid sa for name 0x0000000000000004
[  152.862526][T10587] No source specified
[  153.049314][T10601] qnx6: unable to set blocksize
[  153.221497][   T29] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  153.358676][T10614] netlink: 'syz.2.1311': attribute type 63 has an invalid length.
[  153.361213][T10614] gretap0: entered allmulticast mode
[  153.364427][T10614] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  153.373581][   T29] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  153.377305][   T29] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  153.385921][   T29] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  153.388974][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.606225][   T29] usb 5-1: usb_control_msg returned -32
[  153.610015][   T29] usbtmc 5-1:16.0: can't read capabilities
[  153.673286][ T6175] libceph: connect (1)[c::]:6789 error -101
[  153.679171][ T6175] libceph: mon0 (1)[c::]:6789 connect error
[  153.689451][ T6175] libceph: connect (1)[c::]:6789 error -101
[  153.693204][ T6175] libceph: mon0 (1)[c::]:6789 connect error
[  153.703630][T10627] netlink: 'syz.2.1315': attribute type 15 has an invalid length.
[  153.767404][T10625] ceph: No mds server is up or the cluster is laggy
[  153.774415][T10636] IPv6: Can't replace route, no match found
[  153.791542][   T60] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  153.881840][   T40] kauditd_printk_skb: 285 callbacks suppressed
[  153.881852][   T40] audit: type=1400 audit(2000000097.729:3383): avc:  denied  { create } for  pid=10639 comm="syz.2.1319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  153.889758][   T40] audit: type=1400 audit(2000000097.729:3384): avc:  denied  { module_request } for  pid=10639 comm="syz.2.1319" kmod="net-pf-2-proto-7-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  153.941473][   T60] usb 6-1: Using ep0 maxpacket: 32
[  153.942717][   T40] audit: type=1400 audit(2000000097.789:3385): avc:  denied  { create } for  pid=10639 comm="syz.2.1319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  153.945402][   T60] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  153.958526][   T40] audit: type=1400 audit(2000000097.789:3386): avc:  denied  { ioctl } for  pid=10622 comm="syz.1.1314" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  153.965505][   T60] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  153.970077][   T40] audit: type=1400 audit(2000000097.789:3387): avc:  denied  { setopt } for  pid=10639 comm="syz.2.1319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  153.974819][   T60] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  153.980265][   T60] usb 6-1: Product: syz
[  153.982624][   T60] usb 6-1: Manufacturer: syz
[  153.984091][   T60] usb 6-1: SerialNumber: syz
[  153.987834][   T60] usb 6-1: config 0 descriptor??
[  153.990060][T10623] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  153.992980][   T60] hub 6-1:0.0: bad descriptor, ignoring hub
[  153.995089][   T60] hub 6-1:0.0: probe with driver hub failed with error -5
[  154.047253][   T40] audit: type=1400 audit(2000000097.889:3388): avc:  denied  { create } for  pid=10645 comm="syz.3.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  154.058679][   T40] audit: type=1400 audit(2000000097.889:3389): avc:  denied  { create } for  pid=10645 comm="syz.3.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  154.069468][   T40] audit: type=1400 audit(2000000097.899:3390): avc:  denied  { write } for  pid=10645 comm="syz.3.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  154.075603][   T40] audit: type=1400 audit(2000000097.899:3391): avc:  denied  { ioctl } for  pid=10645 comm="syz.3.1320" path="socket:[35348]" dev="sockfs" ino=35348 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  154.083861][   T40] audit: type=1400 audit(2000000097.909:3392): avc:  denied  { sys_module } for  pid=10645 comm="syz.3.1320" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  154.196748][T10623] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90
[  154.306583][T10663] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10663 comm=syz.3.1324
[  154.753999][   T63] Bluetooth: hci3: command tx timeout
[  154.885077][T10717] kAFS: No cell specified
[  155.111570][ T6175] usb 6-1: USB disconnect, device number 12
[  155.181469][ T5883] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  155.331794][ T5883] usb 7-1: Using ep0 maxpacket: 8
[  155.336389][ T5883] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  155.339541][ T5883] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  155.343448][ T5883] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  155.347275][ T5883] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  155.351218][ T5883] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  155.356570][ T5883] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  155.360244][ T5883] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.577402][ T5883] usb 7-1: usb_control_msg returned -32
[  155.582890][ T5883] usbtmc 7-1:16.0: can't read capabilities
[  155.595498][ T5883] usb 7-1: USB disconnect, device number 13
[  156.086321][ T6175] usb 5-1: USB disconnect, device number 19
[  156.117637][T10737] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4118 sclass=netlink_route_socket pid=10737 comm=syz.0.1348
[  156.126854][T10737] tmpfs: Unknown parameter 'mp�l'
[  156.147516][T10739] __nla_validate_parse: 9 callbacks suppressed
[  156.147527][T10739] netlink: 868 bytes leftover after parsing attributes in process `syz.2.1349'.
[  156.178784][T10741] netlink: 'syz.0.1350': attribute type 21 has an invalid length.
[  156.183031][T10741] netlink: 'syz.0.1350': attribute type 6 has an invalid length.
[  156.186023][T10741] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1350'.
[  156.230549][T10750] syzkaller0: entered promiscuous mode
[  156.232535][T10750] syzkaller0: entered allmulticast mode
[  156.341977][T10758] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  156.344297][ T5813] IPVS: starting estimator thread 0...
[  156.441666][T10761] IPVS: using max 43 ests per chain, 103200 per kthread
[  156.510544][T10771] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10771 comm=syz.1.1356
[  156.515169][T10771] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1356'.
[  156.686286][T10780] Cannot find set identified by id 65534 to match
[  156.940758][T10797] CIFS: Unable to determine destination address
[  156.954883][T10797] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1363'.
[  156.958236][T10797] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1363'.
[  157.093685][T10803] netlink: 'syz.0.1365': attribute type 1 has an invalid length.
[  157.096641][T10803] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1365'.
[  157.197363][T10807] i2c i2c-1: Frontend requested software zigzag, but didn't set the frequency step size
[  157.471909][    C2] sr 2:0:0:0: [sr0] tag#22 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  157.476150][    C2] sr 2:0:0:0: [sr0] tag#22 CDB: Rebuild(16) 81 9b b2 45 b3 f7 6c c3 20 c7 07 16
[  157.511797][T10822] xt_CT: No such helper "netbios-ns"
[  157.528117][T10827] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1372'.
[  157.591498][ T6175] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  157.741450][ T6175] usb 5-1: Using ep0 maxpacket: 16
[  157.744592][T10846] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1377'.
[  157.747642][ T6175] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  157.754657][ T6175] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  157.757902][ T6175] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.760560][ T6175] usb 5-1: Product: syz
[  157.762149][ T6175] usb 5-1: Manufacturer: syz
[  157.763677][ T6175] usb 5-1: SerialNumber: syz
[  157.767126][ T6175] usb 5-1: config 0 descriptor??
[  157.771381][   T60] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  157.773862][ T6175] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  157.778212][ T6175] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  157.789821][T10849] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1378'.
[  157.794501][T10849] netlink: 'syz.3.1378': attribute type 15 has an invalid length.
[  157.862723][T10849] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1378'.
[  157.865734][T10849] netlink: 'syz.3.1378': attribute type 15 has an invalid length.
[  157.921672][   T60] usb 6-1: Using ep0 maxpacket: 32
[  157.929310][   T60] usb 6-1: config 9 has an invalid interface number: 229 but max is 2
[  157.933200][   T60] usb 6-1: config 9 contains an unexpected descriptor of type 0x1, skipping
[  157.936359][   T60] usb 6-1: config 9 has an invalid interface number: 181 but max is 2
[  157.939611][   T60] usb 6-1: config 9 contains an unexpected descriptor of type 0x2, skipping
[  157.943400][   T60] usb 6-1: config 9 has an invalid interface number: 81 but max is 2
[  157.946758][   T60] usb 6-1: config 9 has an invalid interface number: 44 but max is 2
[  157.949417][   T60] usb 6-1: config 9 has an invalid interface number: 98 but max is 2
[  157.952880][   T60] usb 6-1: config 9 has 5 interfaces, different from the descriptor's value: 3
[  157.956275][   T60] usb 6-1: config 9 has no interface number 0
[  157.958698][   T60] usb 6-1: config 9 has no interface number 1
[  157.960734][   T60] usb 6-1: config 9 has no interface number 2
[  157.963298][   T60] usb 6-1: config 9 has no interface number 3
[  157.966184][   T60] usb 6-1: config 9 has no interface number 4
[  157.968767][   T60] usb 6-1: config 9 interface 229 altsetting 5 has a duplicate endpoint with address 0xB, skipping
[  157.973082][   T60] usb 6-1: config 9 interface 229 altsetting 5 has 3 endpoint descriptors, different from the interface descriptor's value: 14
[  157.977921][   T60] usb 6-1: too many endpoints for config 9 interface 181 altsetting 239: 139, using maximum allowed: 30
[  157.983903][   T60] usb 6-1: config 9 interface 181 altsetting 239 has a duplicate endpoint with address 0xB, skipping
[  157.988234][   T60] usb 6-1: config 9 interface 181 altsetting 239 endpoint 0xA has an invalid bInterval 48, changing to 7
[  157.995267][   T60] usb 6-1: config 9 interface 181 altsetting 239 endpoint 0x6 has invalid wMaxPacketSize 0
[  157.999261][   T60] usb 6-1: config 9 interface 181 altsetting 239 has a duplicate endpoint with address 0x6, skipping
[  158.003881][   T60] usb 6-1: config 9 interface 181 altsetting 239 has a duplicate endpoint with address 0xE, skipping
[  158.008161][   T60] usb 6-1: config 9 interface 181 altsetting 239 has a duplicate endpoint with address 0xF, skipping
[  158.012679][   T60] usb 6-1: config 9 interface 181 altsetting 239 has a duplicate endpoint with address 0x1, skipping
[  158.016110][   T60] usb 6-1: config 9 interface 181 altsetting 239 has 11 endpoint descriptors, different from the interface descriptor's value: 139
[  158.020734][   T60] usb 6-1: config 9 interface 81 altsetting 6 has a duplicate endpoint with address 0x8, skipping
[  158.025093][   T60] usb 6-1: config 9 interface 81 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[  158.028813][   T60] usb 6-1: config 9 interface 81 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[  158.033294][   T60] usb 6-1: config 9 interface 81 altsetting 6 has 3 endpoint descriptors, different from the interface descriptor's value: 9
[  158.038873][   T60] usb 6-1: too many endpoints for config 9 interface 44 altsetting 140: 210, using maximum allowed: 30
[  158.043506][   T60] usb 6-1: config 9 interface 44 altsetting 140 has a duplicate endpoint with address 0x9, skipping
[  158.047936][   T60] usb 6-1: config 9 interface 44 altsetting 140 has a duplicate endpoint with address 0x9, skipping
[  158.051998][   T60] usb 6-1: config 9 interface 44 altsetting 140 has an invalid descriptor for endpoint zero, skipping
[  158.056283][   T60] usb 6-1: config 9 interface 44 altsetting 140 has a duplicate endpoint with address 0x1, skipping
[  158.060179][   T60] usb 6-1: config 9 interface 44 altsetting 140 has an invalid descriptor for endpoint zero, skipping
[  158.064661][   T60] usb 6-1: config 9 interface 44 altsetting 140 has a duplicate endpoint with address 0xB, skipping
[  158.068485][   T60] usb 6-1: config 9 interface 44 altsetting 140 has 6 endpoint descriptors, different from the interface descriptor's value: 210
[  158.074003][   T60] usb 6-1: config 9 interface 98 altsetting 181 has a duplicate endpoint with address 0x8, skipping
[  158.077822][   T60] usb 6-1: config 9 interface 98 altsetting 181 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[  158.082579][   T60] usb 6-1: config 9 interface 98 altsetting 181 bulk endpoint 0x7 has invalid maxpacket 16
[  158.086119][   T60] usb 6-1: config 9 interface 98 altsetting 181 has a duplicate endpoint with address 0xB, skipping
[  158.090264][   T60] usb 6-1: config 9 interface 229 has no altsetting 0
[  158.092777][   T60] usb 6-1: config 9 interface 181 has no altsetting 0
[  158.095471][   T60] usb 6-1: config 9 interface 81 has no altsetting 0
[  158.097834][   T60] usb 6-1: config 9 interface 44 has no altsetting 0
[  158.100355][   T60] usb 6-1: config 9 interface 98 has no altsetting 0
[  158.107024][   T60] usb 6-1: New USB device found, idVendor=07cf, idProduct=2002, bcdDevice=6b.2b
[  158.110719][   T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.113560][   T60] usb 6-1: Product: 펑䮺뢎ꥇ檠洬⏊뗃᮴㽧स矟峷釤劜ᴊꛤ᭒冐쵱Ⓧ厬䵸ゼ칠뚛袶糼济僁쫦퇸✸帤퇁ꦌ凴䖿镚＞뻪୤뺂蕺㌪㐚ﰖ⁞İ䁙貎ኡ➾뱭᧌騇枻ශ潢陵⣹샋ᖼ憩ᦄ➕ﭫკᩞ酤搳ᗫꗙઇ盉ᨷ쾸싽漤᳇䱖챻橻铱癕༁ﳷ䧝쨪㾂䀷盐雄ẩ䆓ḽ妪䆧쑑뱆뀙뢱坸擷匇乻ﶙը准
[  158.126813][   T60] usb 6-1: Manufacturer: 켦鉤舷羧똡刬縏졠홶䬊镗Ⳅ곁ܡᆙῂ弿础坌뇊⏽㗡໶釉䂕哺髲㲙蟓䝈鴡
[  158.132163][   T60] usb 6-1: SerialNumber: 蛐䜦㓰ꆝꍊꮸ恅㧚뜗묿ᢿ翢嶁⋂ݛ膱ڟ鲠戅棎ನ噝줤籔숨ԥꞪ꭪굨㯣෭㿃텀솆癌班ť쪆稐㡵覼⠏愫鴐띙痭镹쵃韦軚鳭ꉀ靖遁ࣁ⥮䮝䂌༩繉恐쥆浰㿪
[  158.384839][ T6175] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  158.792621][ T6175] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  158.796262][ T6175] em28xx 5-1:0.0: board has no eeprom
[  158.961881][T10871] fuse: fd is not a fuse device
[  159.013121][   T40] kauditd_printk_skb: 204 callbacks suppressed
[  159.013535][   T40] audit: type=1400 audit(2000000102.859:3597): avc:  denied  { create } for  pid=10874 comm="syz.3.1386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  159.064294][   T40] audit: type=1400 audit(2000000102.909:3598): avc:  denied  { create } for  pid=10880 comm="syz.3.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  159.074383][   T40] audit: type=1400 audit(2000000102.919:3599): avc:  denied  { setopt } for  pid=10880 comm="syz.3.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  159.085810][   T40] audit: type=1400 audit(2000000102.929:3600): avc:  denied  { read write } for  pid=10817 comm="syz.0.1369" name="frontend0" dev="devtmpfs" ino=952 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  159.094380][   T40] audit: type=1400 audit(2000000102.929:3601): avc:  denied  { open } for  pid=10817 comm="syz.0.1369" path="/dev/dvb/adapter0/frontend0" dev="devtmpfs" ino=952 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  159.103107][   T40] audit: type=1400 audit(2000000102.939:3602): avc:  denied  { bind } for  pid=10880 comm="syz.3.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  159.109844][   T40] audit: type=1400 audit(2000000102.939:3603): avc:  denied  { name_bind } for  pid=10880 comm="syz.3.1387" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  159.117037][   T40] audit: type=1400 audit(2000000102.939:3604): avc:  denied  { node_bind } for  pid=10880 comm="syz.3.1387" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  159.123905][   T40] audit: type=1400 audit(2000000102.939:3605): avc:  denied  { ioctl } for  pid=10817 comm="syz.0.1369" path="/dev/dvb/adapter0/frontend0" dev="devtmpfs" ino=952 ioctlcmd=0x6f53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  159.132156][   T40] audit: type=1400 audit(2000000102.939:3606): avc:  denied  { sqpoll } for  pid=10880 comm="syz.3.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  159.225708][T10893] netlink: 'syz.3.1390': attribute type 1 has an invalid length.
[  159.248593][T10893] bond4: entered promiscuous mode
[  159.251101][T10893] 8021q: adding VLAN 0 to HW filter on device bond4
[  159.495259][T10914] ip6t_srh: unknown srh match flags  4000
[  159.880109][T10819] em28xx 5-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  159.882383][T10929] fuse: fd is not a fuse device
[  159.889840][T10934] hsr_slave_0: left promiscuous mode
[  159.931529][ T6175] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  159.938514][ T6175] em28xx 5-1:0.0: dvb set to bulk mode.
[  159.947527][ T5885] em28xx 5-1:0.0: Binding DVB extension
[  159.954001][ T6175] usb 5-1: USB disconnect, device number 20
[  159.961218][ T6175] em28xx 5-1:0.0: Disconnecting em28xx
[  159.987247][ T5885] em28xx 5-1:0.0: Registering input extension
[  159.989400][ T6175] em28xx 5-1:0.0: Closing input extension
[  160.004806][ T6175] em28xx 5-1:0.0: Freeing device
[  160.073924][T10944] loop2: detected capacity change from 0 to 7
[  160.093775][T10944] Dev loop2: unable to read RDB block 7
[  160.099874][T10944]  loop2: unable to read partition table
[  160.103116][T10944] loop2: partition table beyond EOD, truncated
[  160.108049][T10944] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  160.404122][   T60] usb 6-1: USB disconnect, device number 13
[  160.579399][T10991] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  160.646810][T11007] fuse: fd is not a fuse device
[  160.685385][T10997] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  160.704400][T10998] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.707508][T10998] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.830721][T10998] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.871918][T10998] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.878271][T10998] batadv_slave_1: left promiscuous mode
[  160.880183][T11013] cgroup: fork rejected by pids controller in /syz3
[  160.924489][T10998] veth1_virt_wifi: left promiscuous mode
[  161.205426][T10998] xfrm1: left promiscuous mode
[  161.216143][T10998] bond4: left promiscuous mode
[  161.239097][T10998] team1: left promiscuous mode
[  161.260152][T10998] tipc: Resetting bearer <eth:syzkaller0>
[  161.268967][T10998] syzkaller0: left promiscuous mode
[  161.329331][ T6437] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  161.334369][ T5884] xfrm0 speed is unknown, defaulting to 1000
[  161.337032][ T6437] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.345141][ T6437] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  161.349477][ T5884] syz1: Port: 1 Link DOWN
[  161.355175][ T6437] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.377568][T11053] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  161.383691][ T6437] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  161.387202][ T6437] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.390568][ T6437] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  161.394759][ T6437] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  161.394976][T11058] __nla_validate_parse: 7 callbacks suppressed
[  161.394990][T11058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1430'.
[  161.406125][T11058] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  161.646944][T11078] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1434'.
[  161.667302][T11082] xt_hashlimit: size too large, truncated to 1048576
[  161.682267][T11078] macvlan2: entered promiscuous mode
[  161.686049][T11078] netlink: 436 bytes leftover after parsing attributes in process `syz.1.1434'.
[  161.689749][T11078] openvswitch: netlink: Flow key attr not present in new flow.
[  161.744528][T11087] vivid-000: =================  START STATUS  =================
[  161.745925][T11090] xt_hashlimit: size too large, truncated to 1048576
[  161.749165][T11087] vivid-000: Test Pattern: 75% Colorbar
[  161.754617][T11089] tipc: Started in network mode
[  161.756369][T11089] tipc: Node identity ac141441, cluster identity 4711
[  161.772961][T11089] tipc: Enabled bearer <udp:syz2>, priority 31
[  161.773458][T11087] vivid-000: Fill Percentage of Frame: 100
[  161.777593][T11087] vivid-000: Horizontal Movement: Move Right Fast
[  161.780989][T11087] vivid-000: Vertical Movement: No Movement
[  161.783853][T11087] vivid-000: OSD Text Mode: All
[  161.785953][T11087] vivid-000: Show Border: false
[  161.788047][T11087] vivid-000: Show Square: false
[  161.790069][T11087] vivid-000: Sensor Flipped Horizontally: false
[  161.796623][T11087] vivid-000: Sensor Flipped Vertically: false
[  161.799649][T11087] vivid-000: Insert SAV Code in Image: false
[  161.803510][T11092] syzkaller0: left allmulticast mode
[  161.808796][T11087] vivid-000: Insert EAV Code in Image: false
[  161.811980][T11087] vivid-000: Insert Video Guard Band: false
[  161.814559][T11087] vivid-000: Reduced Framerate: false
[  161.816846][T11087] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  161.820112][T11087] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  161.825342][T11087] vivid-000: Enable Capture Cropping: true
[  161.827884][T11087] vivid-000: Enable Capture Composing: true
[  161.830384][T11087] vivid-000: Enable Capture Scaler: true
[  161.833599][T11087] vivid-000: Timestamp Source: End of Frame
[  161.836182][T11087] vivid-000: Colorspace: SMPTE 170M
[  161.838640][T11087] vivid-000: Transfer Function: Default
[  161.841013][T11087] vivid-000: Y'CbCr Encoding: Default
[  161.844474][T11087] vivid-000: HSV Encoding: Hue 0-179
[  161.846910][T11087] vivid-000: Quantization: Default
[  161.849183][T11087] vivid-000: Apply Alpha To Red Only: false
[  161.852156][T11087] vivid-000: Standard Aspect Ratio: 4x3
[  161.854531][T11087] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  161.857800][T11087] vivid-000: DV Timings: 640x480p59 inactive
[  161.860383][T11087] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  161.863676][T11087] vivid-000: Maximum EDID Blocks: 2
[  161.866244][T11087] vivid-000: Limited RGB Range (16-235): false
[  161.869069][T11087] vivid-000: Rx RGB Quantization Range: Automatic
[  161.872700][T11087] vivid-000: Power Present: 0x00000001
[  161.875150][T11087] tpg source WxH: 720x576 (Y'CbCr)
[  161.878923][T11087] tpg field: 8
[  161.880467][T11099] sch_fq: defrate 0 ignored.
[  161.880489][T11087] tpg crop: (0,0)/64x576
[  161.884449][T11087] tpg compose: (0,0)/16x576
[  161.886424][T11087] tpg colorspace: 1
[  161.888075][T11087] tpg transfer function: 1/0
[  161.890049][T11087] tpg Y'CbCr encoding: 0/0
[  161.892749][T11087] tpg quantization: 0/0
[  161.894554][T11087] tpg RGB range: 0/2
[  161.896277][T11087] vivid-000: ==================  END STATUS  ==================
[  161.911120][T11104] 9p: Bad value for 'version'
[  161.939510][T11109] netlink: 'syz.1.1443': attribute type 1 has an invalid length.
[  161.957761][T11109] 8021q: adding VLAN 0 to HW filter on device bond9
[  161.963568][T11109] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  162.051923][ T5883] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  162.079171][T11122] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.1448'.
[  162.082133][T11122] openvswitch: netlink: Missing key (keys=40, expected=100)
[  162.120993][T11124] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11124 comm=syz.3.1449
[  162.161462][T11131] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11131 comm=syz.3.1451
[  162.211886][ T5883] usb 7-1: Using ep0 maxpacket: 8
[  162.218530][ T5883] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  162.223447][ T5883] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  162.227185][ T5883] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.227391][T11141] program syz.0.1456 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  162.234730][ T5883] usb 7-1: config 0 descriptor??
[  162.254997][T11141] xfrm0 speed is unknown, defaulting to 1000
[  162.365986][T11162] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1459'.
[  162.369081][T11162] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1459'.
[  162.417093][T11166] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1459'.
[  162.440595][T11166] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1459'.
[  162.469382][ T5883] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  162.504816][T11169] syzkaller1: tun_chr_ioctl cmd 1074025678
[  162.506689][T11169] syzkaller1: group set to 0
[  162.509143][T11169] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1461'.
[  162.656231][ T5883] usb 7-1: USB disconnect, device number 14
[  162.656310][    C3] iowarrior 7-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  162.817590][T11200] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  162.827074][T11202] sctp: [Deprecated]: syz.3.1470 (pid 11202) Use of int in max_burst socket option deprecated.
[  162.827074][T11202] Use struct sctp_assoc_value instead
[  162.901432][ T5883] tipc: Node number set to 2886997057
[  162.944210][T11221] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1473'.
[  162.992625][T11225] input: syz0 as /devices/virtual/input/input21
[  163.129257][T11231] veth1_macvtap: left promiscuous mode
[  163.131108][T11231] macsec0: entered allmulticast mode
[  163.137731][T11231] veth1_macvtap: entered promiscuous mode
[  163.139550][T11231] veth1_macvtap: entered allmulticast mode
[  163.142964][T11231] macsec0: left allmulticast mode
[  163.144718][T11231] veth1_macvtap: left allmulticast mode
[  163.189603][T11227] binder: 11226:11227 ioctl 4018620d 200000000040 returned -22
[  163.199995][T11227] binder: 11226:11227 ioctl c0306201 2000000000c0 returned -14
[  163.293311][T11227] binder: 11226:11227 ioctl c0306201 200000000180 returned -14
[  163.764166][T11270] binfmt_misc: register: failed to install interpreter file ./file0
[  163.768749][T11270] overlay: ./file0 is not a directory
[  163.796506][T11272] syz_tun: entered allmulticast mode
[  163.804981][T11272] syz_tun: left allmulticast mode
[  164.030300][   T40] kauditd_printk_skb: 379 callbacks suppressed
[  164.030311][   T40] audit: type=1400 audit(2000000107.869:3986): avc:  denied  { map_create } for  pid=11289 comm="syz.2.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  164.038557][   T40] audit: type=1400 audit(2000000107.869:3987): avc:  denied  { map_read map_write } for  pid=11289 comm="syz.2.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  164.044762][   T40] audit: type=1400 audit(2000000107.879:3988): avc:  denied  { prog_run } for  pid=11289 comm="syz.2.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  164.115611][   T40] audit: type=1400 audit(2000000107.959:3989): avc:  denied  { create } for  pid=11295 comm="syz.2.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.123773][   T40] audit: type=1400 audit(2000000107.959:3990): avc:  denied  { write } for  pid=11295 comm="syz.2.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.132168][   T40] audit: type=1400 audit(2000000107.959:3991): avc:  denied  { connect } for  pid=11295 comm="syz.2.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.146215][   T40] audit: type=1400 audit(2000000107.959:3992): avc:  denied  { name_connect } for  pid=11295 comm="syz.2.1495" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  164.152061][T11296] syz.2.1495 (11296) used greatest stack depth: 19400 bytes left
[  164.154208][   T40] audit: type=1400 audit(2000000107.979:3993): avc:  denied  { listen } for  pid=11295 comm="syz.2.1495" laddr=fe80::13 lport=36648 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.161704][   T40] audit: type=1400 audit(2000000107.979:3994): avc:  denied  { accept } for  pid=11295 comm="syz.2.1495" laddr=fe80::13 lport=36648 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.168557][   T40] audit: type=1400 audit(2000000107.979:3995): avc:  denied  { create } for  pid=11295 comm="syz.2.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  164.551413][ T5883] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  164.703678][ T5883] usb 6-1: Using ep0 maxpacket: 8
[  164.708307][ T5883] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  164.716951][ T5883] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  164.720563][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  164.725075][ T5883] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  164.729088][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  164.734113][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  164.737808][ T5883] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  164.742743][ T5883] usb 6-1: config 168 interface 0 has no altsetting 0
[  164.746346][ T5883] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  164.748705][ T5883] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  164.752610][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  164.756364][ T5883] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  164.760576][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  164.764500][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  164.768827][ T5883] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  164.773717][ T5883] usb 6-1: config 168 interface 0 has no altsetting 0
[  164.776959][ T5883] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  164.779403][ T5883] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  164.783488][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  164.786223][T11329] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  164.787357][ T5883] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  164.794649][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  164.798500][ T5883] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  164.800234][T11329] macsec1: entered promiscuous mode
[  164.803134][ T5883] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  164.804833][T11329] macsec1: entered allmulticast mode
[  164.809956][ T5883] usb 6-1: config 168 interface 0 has no altsetting 0
[  164.813176][ T5883] usb 6-1: string descriptor 0 read error: -22
[  164.816958][ T5883] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  164.820290][ T5883] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.829266][ T5883] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  165.032387][ T5883] usb 6-1: USB disconnect, device number 14
[  165.299968][ T5747] block nbd1: Receive control failed (result -32)
[  165.302108][T11335] block nbd2: Receive control failed (result -32)
[  166.159377][T11409] openvswitch: netlink: Missing key (keys=40, expected=80)
[  166.193597][T11417] openvswitch: netlink: IPv6 tunnel dst address is zero
[  166.366574][T11437] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  166.368590][T11437] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  166.373247][T11437] vhci_hcd vhci_hcd.0: Device attached
[  166.384461][T11437] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(7)
[  166.386552][T11437] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  166.391116][T11437] vhci_hcd vhci_hcd.0: Device attached
[  166.393473][T11443] vhci_hcd: connection closed
[  166.393502][T11439] vhci_hcd: connection closed
[  166.393731][ T8628] vhci_hcd vhci_hcd.1: stop threads
[  166.406132][ T8628] vhci_hcd vhci_hcd.1: release socket
[  166.411483][ T8628] vhci_hcd vhci_hcd.1: disconnect device
[  166.415794][ T8628] vhci_hcd vhci_hcd.1: stop threads
[  166.417647][ T8628] vhci_hcd vhci_hcd.1: release socket
[  166.424041][T11447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=11447 comm=syz.0.1542
[  166.425955][ T8628] vhci_hcd vhci_hcd.1: disconnect device
[  166.428073][T11447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=11447 comm=syz.0.1542
[  166.436133][T11447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=11447 comm=syz.0.1542
[  166.440719][T11448] batadv_slave_1: entered promiscuous mode
[  166.440905][T11447] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=11447 comm=syz.0.1542
[  166.487959][T11453] batadv_slave_1: left promiscuous mode
[  166.971495][ T5813] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  167.123103][ T5813] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.127765][ T5813] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  167.131862][ T5813] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.137139][ T5813] usb 5-1: config 0 descriptor??
[  167.314068][T11470] __nla_validate_parse: 12 callbacks suppressed
[  167.314080][T11470] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1547'.
[  167.319146][T11470] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1547'.
[  167.323063][T11470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1547'.
[  167.326302][T11470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1547'.
[  167.343934][ T5813] usbhid 5-1:0.0: can't add hid device: -71
[  167.345870][ T5813] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  167.355878][ T5813] usb 5-1: USB disconnect, device number 21
[  167.397097][T11480] binder: 11479:11480 ioctl c0306201 2000000001c0 returned -22
[  167.791627][ T5813] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  167.971431][ T5813] usb 5-1: Using ep0 maxpacket: 8
[  167.976635][ T5813] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  167.979212][ T5813] usb 5-1: config 0 has no interface number 0
[  167.981099][ T5813] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.984660][ T5813] usb 5-1: config 0 interface 52 has no altsetting 0
[  167.986700][ T5813] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  167.989391][ T5813] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.994154][ T5813] usb 5-1: config 0 descriptor??
[  168.011516][ T5883] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  168.074768][T11506] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11506 comm=syz.1.1559
[  168.174957][ T5883] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[  168.178290][ T5883] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  168.182408][ T5883] usb 7-1: config 0 interface 0 has no altsetting 0
[  168.187529][T11335] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  168.190458][T11335] CPU: 3 UID: 0 PID: 11335 Comm: kworker/u33:10 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  168.190488][T11335] Tainted: [L]=SOFTLOCKUP
[  168.190492][T11335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  168.190500][T11335] Workqueue: hci2 hci_rx_work
[  168.190526][T11335] Call Trace:
[  168.190530][T11335]  <TASK>
[  168.190535][T11335]  dump_stack_lvl+0x100/0x190
[  168.190551][T11335]  sysfs_warn_dup.cold+0x1c/0x28
[  168.190568][T11335]  sysfs_create_dir_ns+0x24b/0x2b0
[  168.190584][T11335]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  168.190597][T11335]  ? find_held_lock+0x2b/0x80
[  168.190607][T11335]  ? kobject_add_internal+0x25f/0x930
[  168.190624][T11335]  ? kobject_add_internal+0x25f/0x930
[  168.190641][T11335]  ? do_raw_spin_unlock+0x145/0x1e0
[  168.190658][T11335]  kobject_add_internal+0x2c8/0x930
[  168.190676][T11335]  kobject_add+0x16a/0x1e0
[  168.190694][T11335]  ? __pfx_kobject_add+0x10/0x10
[  168.190710][T11335]  ? class_to_subsys+0x10f/0x150
[  168.190724][T11335]  ? kobject_put+0xb9/0x640
[  168.190738][T11335]  ? _raw_spin_unlock+0x28/0x50
[  168.190754][T11335]  device_add+0x294/0x1950
[  168.190775][T11335]  ? __pfx_dev_set_name+0x10/0x10
[  168.190788][T11335]  ? __pfx_device_add+0x10/0x10
[  168.190806][T11335]  ? mgmt_send_event_skb+0x2fb/0x460
[  168.190824][T11335]  hci_conn_add_sysfs+0x1a3/0x260
[  168.190840][T11335]  le_conn_complete_evt+0x11eb/0x1f60
[  168.190858][T11335]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  168.190876][T11335]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[  168.190891][T11335]  ? skb_pull_data+0x15f/0x1e0
[  168.190905][T11335]  hci_le_meta_evt+0x34a/0x5f0
[  168.190918][T11335]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  168.190934][T11335]  hci_event_packet+0x51c/0xcd0
[  168.190947][T11335]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  168.190960][T11335]  ? __pfx_hci_event_packet+0x10/0x10
[  168.190975][T11335]  ? kcov_remote_start+0x374/0x660
[  168.190987][T11335]  ? lockdep_hardirqs_on+0x78/0x100
[  168.191004][T11335]  hci_rx_work+0x451/0xfc0
[  168.191019][T11335]  process_one_work+0xa0e/0x1980
[  168.191040][T11335]  ? __pfx_process_one_work+0x10/0x10
[  168.191058][T11335]  ? __pfx_hci_rx_work+0x10/0x10
[  168.191072][T11335]  worker_thread+0x5ef/0xe50
[  168.191090][T11335]  ? kthread+0x13a/0x450
[  168.191102][T11335]  ? __pfx_worker_thread+0x10/0x10
[  168.191115][T11335]  kthread+0x370/0x450
[  168.191126][T11335]  ? __pfx_kthread+0x10/0x10
[  168.191139][T11335]  ret_from_fork+0x72b/0xd50
[  168.191153][T11335]  ? __pfx_ret_from_fork+0x10/0x10
[  168.191167][T11335]  ? __switch_to+0x800/0x1100
[  168.191182][T11335]  ? __pfx_kthread+0x10/0x10
[  168.191195][T11335]  ret_from_fork_asm+0x1a/0x30
[  168.191218][T11335]  </TASK>
[  168.191262][T11335] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  168.278086][T11335] Bluetooth: hci2: failed to register connection device
[  168.278940][ T5883] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  168.285420][ T5813] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.52/input/input23
[  168.288513][T11335] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  168.290245][ T5883] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  168.295242][ T5883] usb 7-1: Product: syz
[  168.296563][ T5883] usb 7-1: Manufacturer: syz
[  168.298316][ T5883] usb 7-1: SerialNumber: syz
[  168.306039][ T5883] usb 7-1: config 0 descriptor??
[  168.316988][ T5883] usb 7-1: selecting invalid altsetting 0
[  168.514407][T11500] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[  168.519176][   T29] usb 7-1: USB disconnect, device number 16
[  168.523910][T11500] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1557'.
[  168.719247][T11547] cgroup: noprefix used incorrectly
[  169.133283][   T40] kauditd_printk_skb: 232 callbacks suppressed
[  169.133295][   T40] audit: type=1400 audit(2000000112.979:4228): avc:  denied  { read write } for  pid=6107 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  169.142351][   T40] audit: type=1400 audit(2000000112.979:4229): avc:  denied  { open } for  pid=6107 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  169.149757][   T40] audit: type=1400 audit(2000000112.979:4230): avc:  denied  { ioctl } for  pid=6107 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  169.159793][   T40] audit: type=1400 audit(2000000112.989:4231): avc:  denied  { read } for  pid=11553 comm="syz.2.1573" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  169.167673][   T40] audit: type=1400 audit(2000000112.989:4232): avc:  denied  { open } for  pid=11553 comm="syz.2.1573" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  169.174552][   T40] audit: type=1400 audit(2000000112.989:4233): avc:  denied  { ioctl } for  pid=11553 comm="syz.2.1573" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  169.181705][   T40] audit: type=1400 audit(2000000113.009:4234): avc:  denied  { watch } for  pid=11553 comm="syz.2.1573" path="/307/bus" dev="tmpfs" ino=1634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  169.188305][   T40] audit: type=1400 audit(2000000113.009:4235): avc:  denied  { watch_sb watch_reads } for  pid=11553 comm="syz.2.1573" path="/307/bus" dev="tmpfs" ino=1634 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  169.195117][   T40] audit: type=1400 audit(2000000113.029:4236): avc:  denied  { read write } for  pid=11553 comm="syz.2.1573" name="virtual_nci" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  169.202138][   T40] audit: type=1400 audit(2000000113.029:4237): avc:  denied  { open } for  pid=11553 comm="syz.2.1573" path="/dev/virtual_nci" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  169.781049][ T6175] usb 5-1: USB disconnect, device number 22
[  172.146506][T11559] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  172.226947][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1580'.
[  172.231422][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1580'.
[  172.851364][T11619] binder: 11617:11619 ioctl c0306201 200000000640 returned -22
[  172.908960][T11621] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1590'.
[  172.945545][T11623] FAULT_INJECTION: forcing a failure.
[  172.945545][T11623] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  172.950723][T11623] CPU: 0 UID: 0 PID: 11623 Comm: syz.2.1591 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  172.950755][T11623] Tainted: [L]=SOFTLOCKUP
[  172.950761][T11623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  172.950772][T11623] Call Trace:
[  172.950778][T11623]  <TASK>
[  172.950784][T11623]  dump_stack_lvl+0x100/0x190
[  172.950817][T11623]  should_fail_ex.cold+0x5/0xa
[  172.950840][T11623]  _copy_from_iter+0x1f4/0x1690
[  172.950870][T11623]  ? __asan_memset+0x23/0x50
[  172.950897][T11623]  ? __pfx__copy_from_iter+0x10/0x10
[  172.950917][T11623]  ? __pfx___alloc_skb+0x10/0x10
[  172.950946][T11623]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  172.950981][T11623]  netlink_sendmsg+0x808/0xda0
[  172.951007][T11623]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.951026][T11623]  ? __might_fault+0x40/0x140
[  172.951059][T11623]  ____sys_sendmsg+0x9e1/0xb70
[  172.951077][T11623]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.951099][T11623]  ? __pfx_____sys_sendmsg+0x10/0x10
[  172.951127][T11623]  ___sys_sendmsg+0x190/0x1e0
[  172.951148][T11623]  ? __pfx____sys_sendmsg+0x10/0x10
[  172.951188][T11623]  __sys_sendmsg+0x170/0x220
[  172.951206][T11623]  ? __pfx___sys_sendmsg+0x10/0x10
[  172.951228][T11623]  ? rcu_is_watching+0x12/0xc0
[  172.951249][T11623]  do_syscall_64+0x115/0x870
[  172.951269][T11623]  ? clear_bhb_loop+0x40/0x90
[  172.951283][T11623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.951309][T11623] RIP: 0033:0x7fe255f9ce59
[  172.951320][T11623] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.951331][T11623] RSP: 002b:00007fe256ea2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  172.951342][T11623] RAX: ffffffffffffffda RBX: 00007fe256215fa0 RCX: 00007fe255f9ce59
[  172.951349][T11623] RDX: 000000000400c880 RSI: 00002000000001c0 RDI: 0000000000000003
[  172.951356][T11623] RBP: 00007fe256ea2090 R08: 0000000000000000 R09: 0000000000000000
[  172.951362][T11623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.951368][T11623] R13: 00007fe256216038 R14: 00007fe256215fa0 R15: 00007ffd3ea65038
[  172.951382][T11623]  </TASK>
[  173.083605][T11627] comedi comedi0: pcl730: I/O base address not correctly aligned
[  173.132439][T11632] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1595'.
[  173.182340][T11639] xt_hashlimit: size too large, truncated to 1048576
[  173.182346][T11640] xt_hashlimit: size too large, truncated to 1048576
[  173.192383][T11642] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  173.244039][T11639] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  173.281143][T11650] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1599'.
[  173.343210][T11661] FAULT_INJECTION: forcing a failure.
[  173.343210][T11661] name failslab, interval 1, probability 0, space 0, times 1
[  173.347502][T11661] CPU: 2 UID: 0 PID: 11661 Comm: syz.1.1601 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  173.347527][T11661] Tainted: [L]=SOFTLOCKUP
[  173.347546][T11661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  173.347554][T11661] Call Trace:
[  173.347565][T11661]  <TASK>
[  173.347571][T11661]  dump_stack_lvl+0x100/0x190
[  173.347593][T11661]  should_fail_ex.cold+0x5/0xa
[  173.347612][T11661]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  173.347635][T11661]  should_failslab+0xc2/0x120
[  173.347652][T11661]  __kmalloc_noprof+0xe0/0x850
[  173.347680][T11661]  genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  173.347705][T11661]  genl_family_rcv_msg_doit+0xc7/0x300
[  173.347728][T11661]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  173.347756][T11661]  ? bpf_lsm_capable+0x9/0x10
[  173.347770][T11661]  ? security_capable+0x80/0x260
[  173.347790][T11661]  ? ns_capable+0xd2/0xf0
[  173.347812][T11661]  genl_rcv_msg+0x560/0x800
[  173.347834][T11661]  ? __pfx_genl_rcv_msg+0x10/0x10
[  173.347855][T11661]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  173.347878][T11661]  ? __pfx_nl80211_connect+0x10/0x10
[  173.347903][T11661]  ? __pfx_nl80211_post_doit+0x10/0x10
[  173.347931][T11661]  ? __lock_acquire+0x4a5/0x2630
[  173.347956][T11661]  netlink_rcv_skb+0x159/0x420
[  173.347977][T11661]  ? __pfx_genl_rcv_msg+0x10/0x10
[  173.348001][T11661]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  173.348024][T11661]  ? netlink_deliver_tap+0x1ae/0xcc0
[  173.348040][T11661]  genl_rcv+0x28/0x40
[  173.348053][T11661]  netlink_unicast+0x585/0x850
[  173.348071][T11661]  ? __pfx_netlink_unicast+0x10/0x10
[  173.348088][T11661]  netlink_sendmsg+0x8b0/0xda0
[  173.348104][T11661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.348116][T11661]  ? __might_fault+0x40/0x140
[  173.348138][T11661]  ____sys_sendmsg+0x9e1/0xb70
[  173.348150][T11661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.348164][T11661]  ? __pfx_____sys_sendmsg+0x10/0x10
[  173.348184][T11661]  ___sys_sendmsg+0x190/0x1e0
[  173.348199][T11661]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.348230][T11661]  __sys_sendmsg+0x170/0x220
[  173.348247][T11661]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.348270][T11661]  ? rcu_is_watching+0x12/0xc0
[  173.348288][T11661]  do_syscall_64+0x115/0x870
[  173.348302][T11661]  ? clear_bhb_loop+0x40/0x90
[  173.348316][T11661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.348327][T11661] RIP: 0033:0x7f420d99ce59
[  173.348337][T11661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.348348][T11661] RSP: 002b:00007f420e8c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.348359][T11661] RAX: ffffffffffffffda RBX: 00007f420dc15fa0 RCX: 00007f420d99ce59
[  173.348365][T11661] RDX: 000000000400c880 RSI: 00002000000001c0 RDI: 0000000000000003
[  173.348372][T11661] RBP: 00007f420e8c5090 R08: 0000000000000000 R09: 0000000000000000
[  173.348378][T11661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.348384][T11661] R13: 00007f420dc16038 R14: 00007f420dc15fa0 R15: 00007fffb69796a8
[  173.348399][T11661]  </TASK>
[  173.596033][T11680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1607'.
[  173.654263][T11692] FAULT_INJECTION: forcing a failure.
[  173.654263][T11692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.654324][T11692] CPU: 1 UID: 0 PID: 11692 Comm: syz.1.1612 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  173.654345][T11692] Tainted: [L]=SOFTLOCKUP
[  173.654351][T11692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  173.654360][T11692] Call Trace:
[  173.654373][T11692]  <TASK>
[  173.654380][T11692]  dump_stack_lvl+0x100/0x190
[  173.654409][T11692]  should_fail_ex.cold+0x5/0xa
[  173.654432][T11692]  _copy_to_user+0x32/0xd0
[  173.654459][T11692]  simple_read_from_buffer+0xcb/0x170
[  173.654483][T11692]  proc_fail_nth_read+0x1af/0x230
[  173.654502][T11692]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.654521][T11692]  ? rw_verify_area+0xce/0x6d0
[  173.654536][T11692]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.654554][T11692]  vfs_read+0x1e4/0xb30
[  173.654574][T11692]  ? __pfx_vfs_read+0x10/0x10
[  173.654591][T11692]  ? __fget_files+0x215/0x3d0
[  173.654616][T11692]  ? __fget_files+0x21f/0x3d0
[  173.654642][T11692]  ksys_read+0x12a/0x250
[  173.654659][T11692]  ? __pfx_ksys_read+0x10/0x10
[  173.654678][T11692]  ? rcu_is_watching+0x12/0xc0
[  173.654704][T11692]  do_syscall_64+0x115/0x870
[  173.654734][T11692]  ? clear_bhb_loop+0x40/0x90
[  173.654755][T11692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.654771][T11692] RIP: 0033:0x7f420d95d68e
[  173.654785][T11692] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  173.654800][T11692] RSP: 002b:00007f420e8c4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  173.654817][T11692] RAX: ffffffffffffffda RBX: 00007f420e8c56c0 RCX: 00007f420d95d68e
[  173.654827][T11692] RDX: 000000000000000f RSI: 00007f420e8c50a0 RDI: 0000000000000004
[  173.654836][T11692] RBP: 00007f420e8c5090 R08: 0000000000000000 R09: 0000000000000000
[  173.654846][T11692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.654855][T11692] R13: 00007f420dc16038 R14: 00007f420dc15fa0 R15: 00007fffb69796a8
[  173.654879][T11692]  </TASK>
[  173.686682][T11696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1613'.
[  173.687188][T11697] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  173.687814][T11687] 9p: Could not find request transport: virti���o
[  173.734008][T11696] bridge0: port 3(macvlan3) entered blocking state
[  173.736150][T11696] bridge0: port 3(macvlan3) entered disabled state
[  173.738219][T11696] macvlan3: entered allmulticast mode
[  173.740993][T11696] macvlan3: left allmulticast mode
[  173.997191][T11708] afs: Unknown parameter 'd?h}�H�z'
[  174.006974][T11708] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  174.017056][T11708] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1623'.
[  174.239804][   T40] kauditd_printk_skb: 143 callbacks suppressed
[  174.239814][   T40] audit: type=1400 audit(2000000118.079:4381): avc:  denied  { bind } for  pid=11717 comm="syz.1.1618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.248101][   T40] audit: type=1400 audit(2000000118.089:4382): avc:  denied  { write } for  pid=11717 comm="syz.1.1618" path="socket:[40885]" dev="sockfs" ino=40885 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.255277][   T40] audit: type=1400 audit(2000000118.089:4383): avc:  denied  { read } for  pid=11717 comm="syz.1.1618" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.262976][   T40] audit: type=1400 audit(2000000118.089:4384): avc:  denied  { open } for  pid=11717 comm="syz.1.1618" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.270077][   T40] audit: type=1400 audit(2000000118.089:4385): avc:  denied  { map } for  pid=11717 comm="syz.1.1618" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.277381][   T40] audit: type=1400 audit(2000000118.089:4386): avc:  denied  { execute } for  pid=11717 comm="syz.1.1618" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.284586][   T40] audit: type=1400 audit(2000000118.089:4387): avc:  denied  { ioctl } for  pid=11717 comm="syz.1.1618" path="/dev/sg0" dev="devtmpfs" ino=722 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.291460][ T5884] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  174.443078][ T5884] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  174.456248][ T5884] usb 5-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  174.459423][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.462189][ T5884] usb 5-1: Product: syz
[  174.463492][ T5884] usb 5-1: Manufacturer: syz
[  174.464981][ T5884] usb 5-1: SerialNumber: syz
[  174.531459][   T39] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  174.537637][   T40] audit: type=1400 audit(2000000118.379:4388): avc:  denied  { unmount } for  pid=6107 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  174.568243][   T40] audit: type=1400 audit(2000000118.409:4389): avc:  denied  { bpf } for  pid=11721 comm="syz.2.1620" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  174.575399][   T40] audit: type=1400 audit(2000000118.409:4390): avc:  denied  { perfmon } for  pid=11721 comm="syz.2.1620" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  174.640868][T11729] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1622'.
[  174.691419][   T39] usb 6-1: Using ep0 maxpacket: 8
[  174.696977][   T39] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  174.708110][   T39] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  174.711218][   T39] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  174.715067][   T39] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  174.718878][   T39] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  174.723713][   T39] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  174.727407][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.806073][T11737] fuse: fd is not a fuse device
[  174.884546][ T5884] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202
[  174.904041][   T29] usb 5-1: USB disconnect, device number 23
[  174.912942][   T29] usblp0: removed
[  174.922148][T11750] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1629'.
[  174.941505][   T39] usb 6-1: GET_CAPABILITIES returned 0
[  174.943198][   T39] usbtmc 6-1:16.0: can't read capabilities
[  174.963417][T11756] xfrm0 speed is unknown, defaulting to 1000
[  175.023405][T11762] tmpfs: Bad value for 'mpol'
[  175.070940][T11766] netlink: 16166 bytes leftover after parsing attributes in process `syz.0.1634'.
[  175.079612][T11769] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1635'.
[  175.146755][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.149687][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.152406][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.155138][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.157829][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.160520][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.163331][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.166312][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.176161][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.178898][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.181607][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.184327][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.187021][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.189714][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.192418][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.195110][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  175.202981][   T29] usb 6-1: USB disconnect, device number 15
[  175.552719][T11666] Bluetooth: hci0: command 0x0406 tx timeout
[  175.556210][T11666] Bluetooth: hci2: command 0x0406 tx timeout
[  175.559666][T11666] Bluetooth: hci3: command 0x0406 tx timeout
[  175.981531][   T60] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[  176.133831][   T60] usb 6-1: config index 0 descriptor too short (expected 1307, got 27)
[  176.137712][   T60] usb 6-1: config 0 has an invalid interface number: 0 but max is -1
[  176.141740][   T60] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  176.145750][   T60] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  176.150551][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  176.155227][   T60] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  176.164690][   T60] usb 6-1: string descriptor 0 read error: -22
[  176.167719][   T60] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  176.172165][   T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.178708][   T60] usb 6-1: config 0 descriptor??
[  176.181959][T11799] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  176.187080][   T60] hub 6-1:0.0: bad descriptor, ignoring hub
[  176.190132][   T60] hub 6-1:0.0: probe with driver hub failed with error -5
[  176.198019][   T60] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input24
[  176.389550][ T5813] usb 6-1: USB disconnect, device number 16
[  176.857884][T11852] xt_hashlimit: size too large, truncated to 1048576
[  176.923530][T11857] ------------[ cut here ]------------
[  176.927685][T11857] intf 08:02:11:00:00:00 [link=0]: bad STA 08:02:11:00:00:01 bandwidth 20 MHz (0) > channel config 5 MHz (6)
[  176.932703][T11857] WARNING: drivers/net/wireless/virtual/mac80211_hwsim.c:2829 at mac80211_hwsim_sta_rc_update+0x5dc/0x840, CPU#3: syz.3.1664/11857
[  176.938400][T11857] Modules linked in:
[  176.940305][T11857] CPU: 3 UID: 0 PID: 11857 Comm: syz.3.1664 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  176.945112][T11857] Tainted: [L]=SOFTLOCKUP
[  176.946610][T11857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  176.949668][T11857] RIP: 0010:mac80211_hwsim_sta_rc_update+0x5fe/0x840
[  176.951970][T11857] Code: 00 48 8d 3d 04 83 b6 09 48 8b 4c 24 10 48 8b 44 24 20 89 da 44 8b 89 c0 01 00 00 55 48 8d b0 ea 07 00 00 41 57 44 8b 44 24 14 <67> 48 0f b9 3a 58 5a e9 3b fc ff ff e8 81 68 db fa e8 8c 39 5c 04
[  176.957714][T11857] RSP: 0018:ffffc90006aff148 EFLAGS: 00010246
[  176.959578][T11857] RAX: ffff88802c216b78 RBX: 0000000000000000 RCX: ffff888036e34ec0
[  176.962118][T11857] RDX: 0000000000000000 RSI: ffff88802c217362 RDI: ffffffff90e3cb50
[  176.962133][T11862] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  176.964523][T11857] RBP: 0000000000000006 R08: 0000000000000014 R09: 0000000000000000
[  176.964555][T11857] R10: 0000000000000006 R11: 0000000000000000 R12: dffffc0000000000
[  176.964563][T11857] R13: ffff888036e35090 R14: ffff888057b631c0 R15: 0000000000000005
[  176.964572][T11857] FS:  00007f0639e326c0(0000) GS:ffff8880d6687000(0000) knlGS:0000000000000000
[  176.977023][T11857] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.979306][T11857] CR2: 00007f420e74da08 CR3: 000000011590c000 CR4: 0000000000352ef0
[  176.980535][T11863] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  176.981938][T11857] Call Trace:
[  176.981946][T11857]  <TASK>
[  176.981954][T11857]  ? __pfx_mac80211_hwsim_sta_add+0x10/0x10
[  176.981978][T11857]  mac80211_hwsim_sta_add+0xc9/0x290
[  176.981997][T11857]  drv_sta_state+0x869/0x1900
[  176.982024][T11857]  ? ieee80211_recalc_p2p_go_ps_allowed+0x262/0x3e0
[  176.982046][T11857]  sta_info_insert_rcu+0x1629/0x2f90
[  176.994659][T11857]  sta_info_insert+0x16/0xd0
[  176.996081][T11857]  ieee80211_add_station+0x473/0x760
[  176.997732][T11857]  nl80211_new_station+0x14a9/0x20f0
[  176.999636][T11857]  ? __pfx_nl80211_new_station+0x10/0x10
[  177.001958][T11857]  ? nl80211_pre_doit+0x19a/0xae0
[  177.003496][T11857]  genl_family_rcv_msg_doit+0x214/0x300
[  177.005212][T11857]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  177.007073][T11857]  ? bpf_lsm_capable+0x9/0x10
[  177.008508][T11857]  ? security_capable+0x80/0x260
[  177.010083][T11857]  ? ns_capable+0xd2/0xf0
[  177.011487][T11857]  genl_rcv_msg+0x560/0x800
[  177.012888][T11857]  ? __pfx_genl_rcv_msg+0x10/0x10
[  177.014442][T11857]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  177.016167][T11857]  ? __pfx_nl80211_new_station+0x10/0x10
[  177.018022][T11857]  ? __pfx_nl80211_post_doit+0x10/0x10
[  177.019751][T11857]  netlink_rcv_skb+0x159/0x420
[  177.021268][T11857]  ? __pfx_genl_rcv_msg+0x10/0x10
[  177.022905][T11857]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  177.024549][T11857]  ? netlink_deliver_tap+0x1ae/0xcc0
[  177.026168][T11857]  genl_rcv+0x28/0x40
[  177.027395][T11857]  netlink_unicast+0x585/0x850
[  177.028914][T11857]  ? __pfx_netlink_unicast+0x10/0x10
[  177.030536][T11857]  netlink_sendmsg+0x8b0/0xda0
[  177.032069][T11857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.033704][T11857]  ? __might_fault+0x40/0x140
[  177.035160][T11857]  ____sys_sendmsg+0x9e1/0xb70
[  177.036615][T11857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.038193][T11857]  ? __pfx_____sys_sendmsg+0x10/0x10
[  177.039861][T11857]  ? __pfx_futex_wake_mark+0x10/0x10
[  177.041622][T11857]  ___sys_sendmsg+0x190/0x1e0
[  177.043094][T11857]  ? __pfx____sys_sendmsg+0x10/0x10
[  177.044716][T11857]  __sys_sendmsg+0x170/0x220
[  177.046149][T11857]  ? __pfx___sys_sendmsg+0x10/0x10
[  177.047713][T11857]  ? __x64_sys_futex+0x34f/0x4d0
[  177.049237][T11857]  ? rcu_is_watching+0x12/0xc0
[  177.050691][T11857]  do_syscall_64+0x115/0x870
[  177.052249][T11857]  ? clear_bhb_loop+0x40/0x90
[  177.053673][T11857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.055459][T11857] RIP: 0033:0x7f0638f9ce59
[  177.056966][T11857] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  177.064064][T11857] RSP: 002b:00007f0639e32028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.067335][T11857] RAX: ffffffffffffffda RBX: 00007f0639215fa0 RCX: 00007f0638f9ce59
[  177.069826][T11857] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  177.072280][T11857] RBP: 00007f0639032d6f R08: 0000000000000000 R09: 0000000000000000
[  177.074639][T11857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  177.077069][T11857] R13: 00007f0639216038 R14: 00007f0639215fa0 R15: 00007fffd7656d18
[  177.079537][T11857]  </TASK>
[  177.080510][T11857] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  177.082704][T11857] CPU: 3 UID: 0 PID: 11857 Comm: syz.3.1664 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  177.086742][T11857] Tainted: [L]=SOFTLOCKUP
[  177.088511][T11857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  177.092605][T11857] Call Trace:
[  177.094009][T11857]  <TASK>
[  177.095264][T11857]  dump_stack_lvl+0x100/0x190
[  177.097236][T11857]  vpanic+0x552/0x970
[  177.098920][T11857]  ? __pfx_vpanic+0x10/0x10
[  177.100791][T11857]  panic+0xd1/0xe0
[  177.102350][T11857]  ? __pfx_panic+0x10/0x10
[  177.104180][T11857]  check_panic_on_warn.cold+0x19/0x34
[  177.106374][T11857]  ? mac80211_hwsim_sta_rc_update+0x5dc/0x840
[  177.108837][T11857]  __warn.cold+0x191/0x328
[  177.110667][T11857]  __report_bug+0x296/0x3d0
[  177.112420][T11857]  ? mac80211_hwsim_sta_rc_update+0x5dc/0x840
[  177.114290][T11857]  ? __pfx___report_bug+0x10/0x10
[  177.115823][T11857]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  177.117626][T11857]  report_bug_entry+0xe1/0x290
[  177.119146][T11857]  ? mac80211_hwsim_sta_rc_update+0x5fe/0x840
[  177.121481][T11857]  handle_bug+0x1cd/0x2a0
[  177.123202][T11857]  exc_invalid_op+0x17/0x50
[  177.124989][T11857]  asm_exc_invalid_op+0x1a/0x20
[  177.126904][T11857] RIP: 0010:mac80211_hwsim_sta_rc_update+0x5fe/0x840
[  177.129518][T11857] Code: 00 48 8d 3d 04 83 b6 09 48 8b 4c 24 10 48 8b 44 24 20 89 da 44 8b 89 c0 01 00 00 55 48 8d b0 ea 07 00 00 41 57 44 8b 44 24 14 <67> 48 0f b9 3a 58 5a e9 3b fc ff ff e8 81 68 db fa e8 8c 39 5c 04
[  177.136870][T11857] RSP: 0018:ffffc90006aff148 EFLAGS: 00010246
[  177.139265][T11857] RAX: ffff88802c216b78 RBX: 0000000000000000 RCX: ffff888036e34ec0
[  177.142352][T11857] RDX: 0000000000000000 RSI: ffff88802c217362 RDI: ffffffff90e3cb50
[  177.145485][T11857] RBP: 0000000000000006 R08: 0000000000000014 R09: 0000000000000000
[  177.148554][T11857] R10: 0000000000000006 R11: 0000000000000000 R12: dffffc0000000000
[  177.151638][T11857] R13: ffff888036e35090 R14: ffff888057b631c0 R15: 0000000000000005
[  177.154754][T11857]  ? __pfx_mac80211_hwsim_sta_add+0x10/0x10
[  177.157090][T11857]  mac80211_hwsim_sta_add+0xc9/0x290
[  177.159173][T11857]  drv_sta_state+0x869/0x1900
[  177.161021][T11857]  ? ieee80211_recalc_p2p_go_ps_allowed+0x262/0x3e0
[  177.163591][T11857]  sta_info_insert_rcu+0x1629/0x2f90
[  177.165751][T11857]  sta_info_insert+0x16/0xd0
[  177.167565][T11857]  ieee80211_add_station+0x473/0x760
[  177.169222][T11857]  nl80211_new_station+0x14a9/0x20f0
[  177.170839][T11857]  ? __pfx_nl80211_new_station+0x10/0x10
[  177.172553][T11857]  ? nl80211_pre_doit+0x19a/0xae0
[  177.174105][T11857]  genl_family_rcv_msg_doit+0x214/0x300
[  177.175790][T11857]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  177.177647][T11857]  ? bpf_lsm_capable+0x9/0x10
[  177.179112][T11857]  ? security_capable+0x80/0x260
[  177.180630][T11857]  ? ns_capable+0xd2/0xf0
[  177.181980][T11857]  genl_rcv_msg+0x560/0x800
[  177.183370][T11857]  ? __pfx_genl_rcv_msg+0x10/0x10
[  177.184901][T11857]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  177.186530][T11857]  ? __pfx_nl80211_new_station+0x10/0x10
[  177.188257][T11857]  ? __pfx_nl80211_post_doit+0x10/0x10
[  177.189991][T11857]  netlink_rcv_skb+0x159/0x420
[  177.191461][T11857]  ? __pfx_genl_rcv_msg+0x10/0x10
[  177.192999][T11857]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  177.194630][T11857]  ? netlink_deliver_tap+0x1ae/0xcc0
[  177.196395][T11857]  genl_rcv+0x28/0x40
[  177.197642][T11857]  netlink_unicast+0x585/0x850
[  177.199147][T11857]  ? __pfx_netlink_unicast+0x10/0x10
[  177.200762][T11857]  netlink_sendmsg+0x8b0/0xda0
[  177.202231][T11857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.203830][T11857]  ? __might_fault+0x40/0x140
[  177.205273][T11857]  ____sys_sendmsg+0x9e1/0xb70
[  177.206978][T11857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.209025][T11857]  ? __pfx_____sys_sendmsg+0x10/0x10
[  177.211115][T11857]  ? __pfx_futex_wake_mark+0x10/0x10
[  177.213189][T11857]  ___sys_sendmsg+0x190/0x1e0
[  177.215062][T11857]  ? __pfx____sys_sendmsg+0x10/0x10
[  177.217147][T11857]  __sys_sendmsg+0x170/0x220
[  177.219015][T11857]  ? __pfx___sys_sendmsg+0x10/0x10
[  177.221012][T11857]  ? __x64_sys_futex+0x34f/0x4d0
[  177.222898][T11857]  ? rcu_is_watching+0x12/0xc0
[  177.224364][T11857]  do_syscall_64+0x115/0x870
[  177.225809][T11857]  ? clear_bhb_loop+0x40/0x90
[  177.227306][T11857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.229133][T11857] RIP: 0033:0x7f0638f9ce59
[  177.230505][T11857] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  177.236331][T11857] RSP: 002b:00007f0639e32028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.239241][T11857] RAX: ffffffffffffffda RBX: 00007f0639215fa0 RCX: 00007f0638f9ce59
[  177.241698][T11857] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  177.244059][T11857] RBP: 00007f0639032d6f R08: 0000000000000000 R09: 0000000000000000
[  177.246422][T11857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  177.248819][T11857] R13: 00007f0639216038 R14: 00007f0639215fa0 R15: 00007fffd7656d18
[  177.251209][T11857]  </TASK>
[  177.252826][T11857] Kernel Offset: disabled
[  177.254147][T11857] Rebooting in 86400 seconds..