Warning: Permanently added '[localhost]:20954' (ECDSA) to the list of known hosts.
2020/11/29 02:52:28 fuzzer started
2020/11/29 02:52:29 dialing manager at 10.0.2.10:33503
2020/11/29 02:52:29 syscalls: 3441
2020/11/29 02:52:29 code coverage: enabled
2020/11/29 02:52:29 comparison tracing: enabled
2020/11/29 02:52:29 extra coverage: enabled
2020/11/29 02:52:29 setuid sandbox: enabled
2020/11/29 02:52:29 namespace sandbox: enabled
2020/11/29 02:52:29 Android sandbox: /sys/fs/selinux/policy does not exist
2020/11/29 02:52:29 fault injection: enabled
2020/11/29 02:52:29 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/11/29 02:52:29 net packet injection: enabled
2020/11/29 02:52:29 net device setup: enabled
2020/11/29 02:52:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/11/29 02:52:29 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/11/29 02:52:29 USB emulation: enabled
2020/11/29 02:52:29 hci packet injection: enabled
2020/11/29 02:52:29 wifi device emulation: enabled
02:53:58 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000180)=0x1)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:53:59 executing program 1:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001440)='/dev/uhid\x00', 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000100)={0xb, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 'J'}}, 0x119)
write$UHID_DESTROY(r0, &(0x7f0000000280), 0x4)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000001480), 0xa)

02:53:59 executing program 2:
r0 = socket$inet6(0xa, 0x3, 0x3c)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8914, &(0x7f0000000940)={'wlan1\x00'})
syz_80211_join_ibss(&(0x7f00000000c0)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0)

02:53:59 executing program 3:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000034fa1d0809122323e9e2010203010902120001000002000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0})

syzkaller login: [  263.516741][ T9300] IPVS: ftp: loaded support on port[0] = 21
[  263.672118][ T9300] chnl_net:caif_netlink_parms(): no params data found
[  263.769579][ T9302] IPVS: ftp: loaded support on port[0] = 21
[  263.778746][ T9300] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.809769][ T9300] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.830262][ T9300] device bridge_slave_0 entered promiscuous mode
[  263.851703][ T9300] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.871380][ T9300] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.891840][ T9300] device bridge_slave_1 entered promiscuous mode
[  263.931032][ T9300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.964394][ T9300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.014175][ T9300] team0: Port device team_slave_0 added
[  264.039740][ T9300] team0: Port device team_slave_1 added
[  264.082945][ T9300] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.102589][ T9300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.172756][ T9300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.207169][ T9300] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.227488][ T9300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.305221][ T9300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.353794][ T9304] IPVS: ftp: loaded support on port[0] = 21
[  264.375323][ T9300] device hsr_slave_0 entered promiscuous mode
[  264.392692][ T9300] device hsr_slave_1 entered promiscuous mode
[  264.427123][ T9305] IPVS: ftp: loaded support on port[0] = 21
[  264.484231][ T9302] chnl_net:caif_netlink_parms(): no params data found
[  264.655601][ T9302] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.670451][ T9302] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.688882][ T9302] device bridge_slave_0 entered promiscuous mode
[  264.720982][ T9302] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.738867][ T9302] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.758264][ T9302] device bridge_slave_1 entered promiscuous mode
[  264.824456][ T9302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.852294][ T9302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.895085][ T9302] team0: Port device team_slave_0 added
[  264.925146][ T9304] chnl_net:caif_netlink_parms(): no params data found
[  264.965578][ T9302] team0: Port device team_slave_1 added
[  265.041857][ T9302] batman_adv: batadv0: Adding interface: batadv_slave_0
[  265.062563][ T9302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  265.129813][ T9302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  265.179667][ T9305] chnl_net:caif_netlink_parms(): no params data found
[  265.208826][ T9300] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  265.237463][ T9302] batman_adv: batadv0: Adding interface: batadv_slave_1
[  265.255946][ T9302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  265.332771][ T9302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  265.380598][ T9300] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  265.419269][ T9304] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.440978][ T9304] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.463552][ T9304] device bridge_slave_0 entered promiscuous mode
[  265.484225][ T9300] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  265.510498][   T18] Bluetooth: hci0: command 0x0409 tx timeout
[  265.514847][ T9300] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  265.570907][ T9304] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.590523][ T9304] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.611700][ T9304] device bridge_slave_1 entered promiscuous mode
[  265.662752][ T9302] device hsr_slave_0 entered promiscuous mode
[  265.676252][ T9302] device hsr_slave_1 entered promiscuous mode
[  265.691646][ T9302] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  265.711887][ T9302] Cannot create hsr debugfs directory
[  265.730281][ T9304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  265.781314][ T9304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  265.808557][ T3304] Bluetooth: hci1: command 0x0409 tx timeout
[  265.822770][ T9305] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.842597][ T9305] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.858609][ T9305] device bridge_slave_0 entered promiscuous mode
[  265.879328][ T9305] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.894976][ T9305] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.913327][ T9305] device bridge_slave_1 entered promiscuous mode
[  265.987166][ T9304] team0: Port device team_slave_0 added
[  266.001905][ T9304] team0: Port device team_slave_1 added
[  266.023197][ T9305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.054750][ T9305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.095117][ T9305] team0: Port device team_slave_0 added
[  266.117160][ T9304] batman_adv: batadv0: Adding interface: batadv_slave_0
[  266.128429][ T9315] Bluetooth: hci2: command 0x0409 tx timeout
[  266.138628][ T9304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.225764][ T9304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  266.256772][ T9305] team0: Port device team_slave_1 added
[  266.280010][ T9304] batman_adv: batadv0: Adding interface: batadv_slave_1
[  266.299849][ T9304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.370081][ T3082] Bluetooth: hci3: command 0x0409 tx timeout
[  266.370433][ T9304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.435010][ T9305] batman_adv: batadv0: Adding interface: batadv_slave_0
[  266.452566][ T9305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.511543][ T9305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  266.548000][ T9305] batman_adv: batadv0: Adding interface: batadv_slave_1
[  266.564257][ T9305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.620048][ T9305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.657353][ T9304] device hsr_slave_0 entered promiscuous mode
[  266.669970][ T9304] device hsr_slave_1 entered promiscuous mode
[  266.682484][ T9304] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  266.697167][ T9304] Cannot create hsr debugfs directory
[  266.745592][ T9305] device hsr_slave_0 entered promiscuous mode
[  266.761970][ T9305] device hsr_slave_1 entered promiscuous mode
[  266.779793][ T9305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  266.805520][ T9305] Cannot create hsr debugfs directory
[  266.961090][ T9302] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  266.993424][ T9302] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  267.015772][ T9300] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.041546][ T9302] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  267.065515][ T9302] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  267.106717][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  267.127121][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  267.150843][ T9300] 8021q: adding VLAN 0 to HW filter on device team0
[  267.173678][ T9304] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  267.193206][ T9304] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  267.215169][ T9304] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  267.233345][ T9304] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  267.269737][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  267.296125][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  267.323691][ T9323] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.348772][ T9323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.374490][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  267.394772][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  267.416842][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  267.439328][ T9324] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.457817][ T9324] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.507164][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  267.531444][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  267.561216][ T9305] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  267.580116][    T7] Bluetooth: hci0: command 0x041b tx timeout
[  267.607007][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  267.628996][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  267.645665][ T9305] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  267.669163][ T9305] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  267.684378][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  267.699338][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  267.715001][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  267.735012][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  267.750543][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.773798][ T9300] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  267.795402][ T9300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  267.810659][ T9305] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  267.836708][ T9302] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.851712][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  267.867191][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.903971][ T3304] Bluetooth: hci1: command 0x041b tx timeout
[  267.919710][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  267.919826][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  267.919894][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  267.920307][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  267.983919][ T9302] 8021q: adding VLAN 0 to HW filter on device team0
[  268.004369][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.020905][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.037779][   T18] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.052395][   T18] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.068559][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  268.089918][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.108332][ T3082] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.126463][ T3082] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.141678][ T3082] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.159811][ T9300] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.195021][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  268.214351][ T9315] Bluetooth: hci2: command 0x041b tx timeout
[  268.222140][ T9304] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.260536][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  268.281531][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  268.297449][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  268.330015][ T9304] 8021q: adding VLAN 0 to HW filter on device team0
[  268.349345][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  268.366095][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  268.382400][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  268.399071][   T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  268.417166][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  268.449094][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  268.466740][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  268.482497][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  268.498790][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.515628][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  268.532483][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.551465][    T7] Bluetooth: hci3: command 0x041b tx timeout
[  268.562133][ T9302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  268.591280][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.607311][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.624029][ T3304] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.637073][ T3304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.651337][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.668549][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.685707][ T3304] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.699662][ T3304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.713766][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  268.730470][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  268.745810][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  268.760172][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  268.777605][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  268.791259][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  268.809421][ T9300] device veth0_vlan entered promiscuous mode
[  268.826329][ T9300] device veth1_vlan entered promiscuous mode
[  268.839018][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  268.853402][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  268.867757][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  268.882149][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  268.901940][ T9305] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.926711][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  268.944558][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  268.960494][ T3304] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  268.979016][ T9302] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.000529][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  269.020474][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  269.055637][ T9300] device veth0_macvtap entered promiscuous mode
[  269.077716][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.098563][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.117901][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  269.137385][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  269.158553][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  269.177807][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  269.196068][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  269.217653][ T9300] device veth1_macvtap entered promiscuous mode
[  269.236546][ T9304] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  269.256359][ T9304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  269.270013][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  269.283727][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  269.298526][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  269.315358][ T9305] 8021q: adding VLAN 0 to HW filter on device team0
[  269.346504][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  269.361560][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.377467][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  269.393254][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  269.408234][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.420885][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.436044][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.455964][ T9300] batman_adv: batadv0: Interface activated: batadv_slave_0
[  269.474153][ T9300] batman_adv: batadv0: Interface activated: batadv_slave_1
[  269.489728][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  269.505774][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  269.521967][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  269.536918][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.568124][ T9300] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.590223][ T9300] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.605296][ T9300] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.620707][ T9300] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.639781][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  269.655908][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  269.658287][ T9336] Bluetooth: hci0: command 0x040f tx timeout
[  269.671070][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.694010][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.708334][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  269.722304][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  269.735889][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  269.749821][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.763808][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  269.778388][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.790441][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.804321][ T9302] device veth0_vlan entered promiscuous mode
[  269.820140][ T9304] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.843465][ T9302] device veth1_vlan entered promiscuous mode
[  269.874379][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  269.891134][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  269.922770][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  269.941522][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  269.960194][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  269.968392][    T7] Bluetooth: hci1: command 0x040f tx timeout
[  269.979212][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.007819][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  270.026070][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  270.045291][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  270.063118][   T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  270.094502][ T9305] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  270.120254][ T9305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  270.135957][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.155410][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  270.174122][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  270.248500][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  270.271051][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  270.291484][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  270.298405][    T7] Bluetooth: hci2: command 0x040f tx timeout
[  270.311537][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  270.345963][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  270.364886][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  270.393546][ T9304] device veth0_vlan entered promiscuous mode
[  270.410240][ T9302] device veth0_macvtap entered promiscuous mode
[  270.427460][ T9302] device veth1_macvtap entered promiscuous mode
[  270.456812][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.465989][ T9302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  270.477543][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.504062][ T9302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.549963][ T9302] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.573970][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  270.589134][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  270.605065][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  270.620819][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  270.635069][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  270.649127][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  270.665312][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.681481][ T9315] Bluetooth: hci3: command 0x040f tx timeout
[  270.683052][ T9304] device veth1_vlan entered promiscuous mode
[  270.715071][ T9302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  270.737172][ T9302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.757719][ T9302] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.781337][ T9305] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.796999][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  270.813354][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  270.829436][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  270.846321][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  270.869133][ T9302] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.886130][ T9302] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.903361][ T9302] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.921631][ T9302] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.957720][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  270.974993][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.991369][ T9324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  271.016323][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  271.044443][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  271.088355][ T9304] device veth0_macvtap entered promiscuous mode
[  271.091635][ T9300] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  271.109768][ T9304] device veth1_macvtap entered promiscuous mode
[  271.165746][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  271.184370][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  271.201166][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  271.218647][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.244454][ T9304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  271.267118][ T9304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.287080][ T9304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  271.307791][ T9304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.329151][ T9304] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.351402][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  271.367648][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  271.384906][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  271.400683][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.417602][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.432416][ T9330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.449989][ T9304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  271.470870][ T9304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.494711][ T9304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  271.517795][ T9304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.539259][ T9304] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.557746][ T9304] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.575528][ T9304] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.593638][ T9304] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.610166][ T9304] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.633324][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  271.649061][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  271.679135][ T9305] device veth0_vlan entered promiscuous mode
[  271.703330][ T9332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.719094][ T9332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.744444][ T9315] Bluetooth: hci0: command 0x0419 tx timeout
[  271.749145][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  271.749234][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.749261][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.799392][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  271.818415][ T9305] device veth1_vlan entered promiscuous mode
[  271.870985][ T9332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.894383][ T9332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.920855][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  271.939220][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  271.946815][ T9330] hid-generic 0000:0000:0000.0002: item fetching failed at offset 0/1
[  271.957335][ T9315] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
02:54:08 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000180)=0x1)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

[  271.973458][ T9330] hid-generic: probe of 0000:0000:0000.0002 failed with error -22
[  271.983208][ T9324] hid-generic 0000:0000:0000.0003: item fetching failed at offset 0/1
[  272.028956][ T9324] hid-generic: probe of 0000:0000:0000.0003 failed with error -22
[  272.047848][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.052080][ T9305] device veth0_macvtap entered promiscuous mode
[  272.062867][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
02:54:09 executing program 1:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001440)='/dev/uhid\x00', 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000100)={0xb, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 'J'}}, 0x119)
write$UHID_DESTROY(r0, &(0x7f0000000280), 0x4)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000001480), 0xa)

[  272.068522][ T9315] Bluetooth: hci1: command 0x0419 tx timeout
[  272.080532][ T9305] device veth1_macvtap entered promiscuous mode
[  272.114327][ T9315] hid-generic 0000:0000:0000.0004: item fetching failed at offset 0/1
[  272.126643][ T9305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  272.133610][ T9315] hid-generic: probe of 0000:0000:0000.0004 failed with error -22
02:54:09 executing program 1:

[  272.152145][ T9305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.187658][ T9305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
02:54:09 executing program 1:

[  272.214077][ T9305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
02:54:09 executing program 1:

[  272.235390][ T9305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  272.260106][ T9305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
02:54:09 executing program 1:

[  272.283394][ T9305] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.302846][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.320009][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.337523][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.353221][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  272.367535][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  272.368497][ T9315] Bluetooth: hci2: command 0x0419 tx timeout
[  272.383945][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.413059][ T9323] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  272.431704][ T9305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  272.452858][ T9305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.471329][ T9305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  272.491726][ T9305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.516729][ T9305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  272.543802][ T9305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.565673][ T9305] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.582009][ T9335] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  272.598399][ T9335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.623784][ T9305] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.641788][ T9305] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.661775][ T9305] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.678130][ T9305] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.740373][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.757804][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.768378][ T9315] Bluetooth: hci3: command 0x0419 tx timeout
02:54:09 executing program 2:

[  272.845931][ T9332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.869948][ T9332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.887574][ T9372] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.890994][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  272.910223][ T9372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.947180][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  273.278408][   T28] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  273.538268][   T28] usb 8-1: Using ep0 maxpacket: 8
[  273.898630][   T28] usb 8-1: New USB device found, idVendor=1209, idProduct=2323, bcdDevice=e2.e9
[  273.915296][   T28] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.930557][   T28] usb 8-1: Product: syz
[  273.938607][   T28] usb 8-1: Manufacturer: syz
[  273.947034][   T28] usb 8-1: SerialNumber: syz
[  273.969150][   T28] usb 8-1: config 0 descriptor??
[  274.438502][   T28] gs_usb 8-1:0.0: Configuring for 1 interfaces
[  274.862159][ T9323] usb 8-1: USB disconnect, device number 2
[  275.638330][ T9323] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  275.908996][ T9323] usb 8-1: Using ep0 maxpacket: 8
02:54:12 executing program 3:

02:54:12 executing program 1:

02:54:12 executing program 2:

02:54:12 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000180)=0x1)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:12 executing program 1:

02:54:12 executing program 2:

02:54:12 executing program 3:

02:54:12 executing program 2:

[  276.067020][ T9323] usb 8-1: unable to read config index 0 descriptor/start: -71
[  276.092358][ T9323] usb 8-1: can't read configurations, error -71
02:54:13 executing program 1:

02:54:13 executing program 2:

02:54:14 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000180)=0x1)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:14 executing program 3:

02:54:14 executing program 1:

02:54:14 executing program 2:

02:54:14 executing program 3:

02:54:14 executing program 2:

02:54:14 executing program 1:

02:54:14 executing program 3:

02:54:15 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:15 executing program 2:

02:54:15 executing program 3:

02:54:15 executing program 1:

02:54:15 executing program 2:

02:54:15 executing program 1:

02:54:15 executing program 3:

02:54:15 executing program 2:

02:54:15 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:15 executing program 1:

02:54:15 executing program 3:

02:54:15 executing program 2:

02:54:16 executing program 3:

02:54:16 executing program 2:

02:54:16 executing program 3:

02:54:16 executing program 1:

02:54:16 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:16 executing program 3:

02:54:16 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:16 executing program 2:

02:54:16 executing program 1:

02:54:16 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:16 executing program 3:

02:54:16 executing program 2:

02:54:16 executing program 1:

02:54:16 executing program 2:

02:54:16 executing program 3:

02:54:16 executing program 1:

02:54:16 executing program 2:

02:54:17 executing program 3:

02:54:17 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:17 executing program 1:

02:54:17 executing program 2:

02:54:17 executing program 1:

02:54:17 executing program 3:

02:54:17 executing program 2:

02:54:17 executing program 1:

02:54:17 executing program 3:

02:54:17 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:17 executing program 2:

02:54:17 executing program 1:

02:54:17 executing program 3:

02:54:17 executing program 1:

02:54:17 executing program 3:

02:54:17 executing program 2:

02:54:17 executing program 1:

02:54:18 executing program 2:

02:54:18 executing program 3:

02:54:18 executing program 1:

02:54:18 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:18 executing program 1:

02:54:18 executing program 3:

02:54:18 executing program 2:

02:54:18 executing program 1:

02:54:18 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:18 executing program 2:

02:54:18 executing program 3:

02:54:18 executing program 1:

02:54:18 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:18 executing program 2:

02:54:18 executing program 1:

02:54:18 executing program 3:

02:54:18 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040))
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:18 executing program 1:

02:54:18 executing program 2:

02:54:18 executing program 1:

02:54:18 executing program 3:

02:54:19 executing program 2:

02:54:19 executing program 3:

02:54:19 executing program 1:

02:54:19 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040))
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:19 executing program 2:

02:54:19 executing program 3:

02:54:19 executing program 1:

02:54:19 executing program 3:

02:54:19 executing program 2:

02:54:19 executing program 1:

02:54:19 executing program 3:

02:54:20 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040))
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:20 executing program 2:

02:54:20 executing program 3:

02:54:20 executing program 1:

02:54:20 executing program 3:

02:54:20 executing program 2:

02:54:20 executing program 1:

02:54:20 executing program 3:

02:54:21 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:21 executing program 2:

02:54:21 executing program 1:

02:54:21 executing program 3:

02:54:21 executing program 2:

02:54:21 executing program 3:

02:54:21 executing program 1:

02:54:21 executing program 2:

02:54:22 executing program 3:

02:54:22 executing program 2:

02:54:22 executing program 1:

02:54:22 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:22 executing program 2:

02:54:22 executing program 3:

02:54:22 executing program 1:

02:54:22 executing program 3:

02:54:22 executing program 2:

02:54:22 executing program 1:

02:54:22 executing program 2:

02:54:23 executing program 1:

02:54:23 executing program 3:

02:54:23 executing program 2:

02:54:23 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:23 executing program 1:

02:54:23 executing program 2:

02:54:23 executing program 3:

02:54:23 executing program 2:

02:54:23 executing program 1:

02:54:23 executing program 3:

02:54:23 executing program 2:

02:54:24 executing program 3:

02:54:24 executing program 1:

02:54:24 executing program 2:

02:54:24 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:24 executing program 3:

02:54:24 executing program 1:

02:54:24 executing program 2:

02:54:24 executing program 1:

02:54:27 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:27 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x38, 0x2, 0x2, 0x301, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast2}}}]}]}, 0x38}}, 0x0)

02:54:27 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x2c, 0x2, 0x1, 0x301, 0x0, 0x0, {}, [@CTA_MARK_MASK={0x8}, @CTA_ZONE={0x6}, @CTA_MARK={0x8}]}, 0x2c}}, 0x0)

02:54:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x1, 0x0)
dup3(r0, r1, 0x0)

02:54:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
readv(r0, &(0x7f0000000000), 0x9)

02:54:27 executing program 2:

02:54:27 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={[], [], @empty}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)={0xa, 0x0, 0x0, @private1}, 0x8, 0x0, 0x0, &(0x7f0000000040)=[@pktinfo={{0x20, 0x29, 0x32, {@private2}}}], 0x20}}], 0x2, 0x0)

02:54:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={[], [], @empty}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001300)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=[@pktinfo={{0x20, 0x29, 0x32, {@ipv4={[], [], @multicast1}}}}], 0x20}}], 0x2, 0x0)

02:54:30 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f00000002c0)={@local, @dev}, 0xfeb0)

02:54:30 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x2c, 0x2, 0x1, 0x301, 0x0, 0x0, {}, [@CTA_MARK_MASK={0x8}, @CTA_ZONE={0x6}, @CTA_MARK={0x8}]}, 0x2c}}, 0x0)

02:54:30 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newspdinfo={0x1c, 0x24, 0x1, 0x0, 0x0, 0x0, [@XFRMA_SPD_IPV4_HTHRESH={0x6, 0x3, {0x0, 0x22}}]}, 0x1c}}, 0x0)
recvmmsg(r0, &(0x7f0000004b80)=[{{&(0x7f0000000340)=@llc, 0x80, &(0x7f0000000440)=[{&(0x7f00000003c0)=""/100, 0x64}, {&(0x7f0000000180)=""/22, 0x16}], 0x2}}, {{&(0x7f0000000480)=@caif=@dgm, 0x80, &(0x7f0000000580)=[{&(0x7f0000000500)=""/42, 0x2a}, {&(0x7f0000000000)=""/7, 0x7}], 0x2}}, {{&(0x7f00000005c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x80, &(0x7f0000001900)=[{&(0x7f0000000640)=""/29, 0x1d}, {&(0x7f0000000680)=""/161, 0xa1}, {&(0x7f0000000740)=""/35, 0x23}, {&(0x7f0000000780)=""/4096, 0x1000}, {&(0x7f0000001780)=""/183, 0xb7}, {&(0x7f0000001840)=""/182, 0xb6}], 0x6, &(0x7f0000001940)=""/69, 0x45}}, {{&(0x7f00000019c0)=@caif=@dbg, 0x80, &(0x7f0000002d40)=[{&(0x7f0000001a40)=""/162, 0xa2}, {&(0x7f0000001b00)=""/4096, 0x1000}, {&(0x7f0000000080)=""/40, 0x28}, {&(0x7f0000002b40)=""/199, 0xc7}, {&(0x7f0000002c40)=""/204, 0xcc}], 0x5, &(0x7f0000002d80)=""/84, 0x54}}, {{&(0x7f0000002e00)=@caif=@dbg, 0x80, &(0x7f00000032c0)=[{&(0x7f0000002e80)=""/185, 0xb9}, {&(0x7f0000002f40)=""/133, 0x85}, {&(0x7f0000003000)=""/224, 0xe0}, {&(0x7f0000003100)=""/81, 0x51}, {&(0x7f0000003180)=""/129, 0xfffffe48}, {&(0x7f0000003240)=""/128, 0x80}], 0x6, &(0x7f0000000240)=""/202, 0xca}}, {{&(0x7f00000033c0), 0x80, &(0x7f0000004500)=[{&(0x7f0000003440)=""/4096, 0x1000}, {&(0x7f0000004440)=""/144, 0x90}], 0x2, &(0x7f0000004540)=""/134, 0x86}}, {{&(0x7f0000004600)=@isdn, 0x80, &(0x7f00000047c0)=[{&(0x7f0000004680)=""/112, 0x70}, {&(0x7f0000004700)=""/144, 0x90}], 0x2}}, {{&(0x7f0000004800)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000004a40)=[{&(0x7f0000004880)=""/133, 0x85}, {&(0x7f0000004940)=""/5, 0x5}, {&(0x7f0000004980)=""/187, 0xbb}], 0x3, &(0x7f0000004a80)=""/237, 0xed}}], 0x8, 0x2142, &(0x7f0000004c80)={0x77359400})

02:54:30 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
r2 = dup3(r0, r1, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, 0x0, 0x0)

02:54:30 executing program 2:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x5, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [@sadb_x_nat_t_port={0x1}]}, 0x18}}, 0x0)

02:54:30 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={0x0, @l2tp={0x2, 0x0, @empty}, @l2tp, @hci, 0x6})

02:54:30 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f00000002c0)={@local, @local}, 0xc)

02:54:30 executing program 2:
r0 = openat$tun(0xffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
dup3(r0, r1, 0x0)

02:54:30 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x40, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_NLBUFSIZ={0x8}, @NFULA_CFG_TIMEOUT={0x8}, @NFULA_CFG_FLAGS={0x6}, @NFULA_CFG_MODE={0xa, 0x2, {0x0, 0x2}}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x40}}, 0x0)

02:54:30 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000040)={@local, @dev}, 0xc)

02:54:33 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x40, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_NLBUFSIZ={0x8}, @NFULA_CFG_TIMEOUT={0x8}, @NFULA_CFG_FLAGS={0x6}, @NFULA_CFG_MODE={0xa, 0x2, {0x8, 0x2}}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x40}}, 0x0)

02:54:33 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0x1d}}, 0xfffffffffffffe9b)

02:54:33 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x10, &(0x7f0000000040)="bfa941ae", 0x49)

02:54:33 executing program 0:
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:33 executing program 1:
r0 = openat$nvram(0xffffff9c, &(0x7f0000001b80)='/dev/nvram\x00', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = dup3(r1, r0, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x1c)

02:54:33 executing program 3:

02:54:33 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
r2 = dup3(r0, r1, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @private1}, 0x1c)

02:54:33 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)

02:54:33 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@newsa={0x13c, 0x10, 0x6c0d93ec1b7dd313, 0x0, 0x0, {{@in=@broadcast, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@remote, 0x0, 0x32}, @in6=@ipv4={[], [], @loopback}, {}, {}, {}, 0x0, 0x0, 0x2}, [@migrate={0x50, 0x11, [{@in=@empty, @in6=@private2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@loopback}]}]}, 0x13c}}, 0x0)

02:54:33 executing program 2:
socketpair(0x0, 0xf, 0x0, 0x0)

02:54:33 executing program 3:
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "bd6e91", 0x8, 0x3a, 0x0, @private0, @mcast2={0xff, 0x2, [0x0, 0x0, 0x9]}, {[], @mlv2_report}}}}}, 0x0)

02:54:36 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@newsa={0x13c, 0x10, 0x6c0d93ec1b7dd313, 0x0, 0x0, {{@in=@broadcast, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@remote, 0x0, 0x32}, @in6=@ipv4={[], [], @loopback}, {}, {}, {}, 0x0, 0x0, 0x2}, [@migrate={0x50, 0x11, [{@in=@empty, @in6=@private2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@loopback}]}]}, 0x13c}}, 0x0)

02:54:36 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0xa, 0x4e22, 0x0, @ipv4={[], [], @loopback}}, 0x1c, 0x0}, 0x0)

02:54:36 executing program 2:
r0 = socket(0x1, 0x3, 0x0)
connect$inet6(r0, 0x0, 0x0)

02:54:36 executing program 0:
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:36 executing program 2:
keyctl$update(0x2, 0x0, 0x0, 0x5a)

02:54:36 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x38, 0x2, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

02:54:36 executing program 3:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0xa, 0x4e22, 0x0, @ipv4={[], [], @loopback}}, 0x1c, 0x0}, 0x0)

02:54:36 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_mreq(r0, 0x29, 0x6, &(0x7f00000000c0)={@empty}, 0xfffffffffffffd53)

02:54:39 executing program 0:
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:39 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@newsa={0x13c, 0x10, 0x6c0d93ec1b7dd313, 0x0, 0x0, {{@in6=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xa0, 0x0, 0x0, 0xee00}, {@in=@broadcast}, @in, {}, {}, {}, 0x0, 0x0, 0x2}, [@migrate={0x50, 0x11, [{@in=@empty, @in6=@private0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@loopback}]}]}, 0x13c}}, 0x0)

02:54:39 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000004a80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40010100, 0x0)
sendmmsg(r0, &(0x7f0000001f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

02:54:39 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001240)=[{&(0x7f00000000c0)="d35fb9b1c935da68e42112e1be86cab58d8fcb90ab4ed0ef9872a985c4f8c7d5d10652aabc91c798b2477a154b71fade28bd8934151e68aa6e7f9d7640bb7b2385d0cae314ae4d116904107b24d211e90e5314f8821268b5a6a2e949fd2f8f1271be2d278e722d9f92bf6b60c98cd1dd0fcbaa036ad0fdbb18e4be32", 0x7c}, {&(0x7f0000000140)="3b9831c49faf899b", 0x8}, {&(0x7f0000000180)="e8ba933de5049ba707834990407b459face54db7d2130790047d661b1ad7431e14bf936d75f1cffe010c82e926a03c35d8aad57e9de827521432fa740c904a667ecc1a74685690c4792161d317ee429d8f05bdcd905b81e07ade3bd349965decf984b4217b6b6a7d91dfe2bda59d51ebc9", 0x71}, {&(0x7f0000000200)="765fca99552d7f3ac7ea80aed8bcbec8f3c49336cfd23fcfb91f70c604f0eea7e8d19c2f616870c37e91e7f270ea26ae3fa9715003182b1b22103afab128f6e01ba05dbe0ddd4113e061a87cf08ca439fe7ba73d0438ab10cb09798e50003d92c4ea67e20130cc963fa520aa18bc6584a08169f0de813e031c13714163a6f7183cd2efcb3df6f14371bd46ff38bad087f580aaa418a55d88e0edb359a6aaf6a4b046760a7c823dece6f8d2f3359ad8466af7ada67ced7aa9b002511a5bbc09650aa1c13ffb6e5ee77f9f160c32d955e9342e340c6551a57e452e1c49e994f4608818f6907205ace44d02743a1d2e9f3192a36bcf75704d5dbddba7333ef52ac2bb65869c9007628cf471de97eee5f3fd7dc86be538b3ac34c58f214b3831e9f9451da2fa4b73f70198adc8afaa072a684749c48bf892a4691e1cecf9f05e6652c8293a5d0c9cc19a66fbbaefffe19ad46b7a7879e4d28ebbc86ece3071e7bec4b5d2db60eece6e8679af2b8c700e86084852793372ad7e9c86d817c930dcb52d597188bb9a9a12059bce5aeb57ae17f1f7658f780052145aeee03ce37679764caa7b5174882d54ab994af1c3d4cb7c088dbe9a8a02ff94a6a18d9abc3d33ca6758dbb5dace0b60a74943c1bc7b2448da421a6c6b43663e5ba29783d43e40105d25cc5ff9ab15da4031209f04037dd1d96523c0fe13bc95ec5f93a221206ae5714599336f4ddc8c683400fabbf3d2629fb38b6488a912f0892c31a6b741c36491e6a41b80173328b8c50ff6a01752a65150d5e11b1cad460eefda4a57b468d4bac4c82a3f693366ed007c09e67ea57fe2be32a7cb3cef596637b7e784194f1310333514cea6640c56a6481da6ed30afb2884808ab332e9d27a6ea762f7d5eb66fdae481db9be370fc2e6dcb88b4578af4d6cbc28bd4c6b63515d5c80c144d8e329154239d564266f5bb975d2c701bb375c751b856ac343e1fb513d842c3125e41f2f4a19bbbcf96d44bc237b378a3b76ae9c2cc935b0c0e7cbaba842562723d85ad32e6aa6135aab018e997bc8f0fc705decf71789e089dbb2ee47945aff9218120db2e3c8051a97be43286d7bbf9b15069f240b05dc7853d6b851b5577fd376d4075cb60f707fa7028433dd99097ac98c01bb080d1bdb16de7e258e0340cb32f6a46655420c8919411641568865499675e3097a0afb79023c9a7af47dba8673b4844cf37d39e7c4ed7164fd5690d4c90d89f1a4c815398d1e5c79455d8d62af5cf2b43531e2a2f35d56e992136a7c7feb89e70796d404c8f191a66bbe71ba9531e1028ce2895601c31cfc5c8edae22f9ac0ace086fe4fd2e6389c8ce142ee06847a2b2a7241bbab8cfe0a04851491ba6936c2814493a6b1cad638c68902ed011dc717d662e6e12a94b15a6dcd37a6335ea3daae7fd768f999155cd0e36055c72812f43f9a6f2b4360520a74e112b01ae40bb66313c15f74a087fefc30a86610a2c1ecd0fbbbe6fce802d42967ac0d77a88ade10fc736629c08ac177c19a1f5d26520145c95acfee28e87e65c5d05e519532a447911b5b4f127b38535d26bc5df01929fe47c3c20c524c463a3193e471bc7adcd784ac428a97f7dce9098ce9e3335f41f327faa0c5ee1db68aba87f287acab1465f0164381f1020c64e890b628cc7e3ddd9add32e4d0b2301e46067fd6886c6dc65be82fc98d41854de1701be552fc0d9746c7b3aa4778030b5fec3e069b1504de5d5c14361a345101ea708b9f58a1447c3f7b937998978eb40bf1a22a6dd9efd522ce4a4277f1421ba2962acf5890dda0029636b4b31ee823d2ae97a23c33a85f02ee512694ade626b616f6cf3a3e2562200d2ea430c40326866c2f04accf8b2291cc93b2a890552a508b84585ac6e57434472e77b86a068a68ce1a7d3a1d698b36533672cc607cd96567e8706f58167c4cbba319924ae8a412e84bc2fd14142fdac02798c4a3f1adaa051ac8890920dc480453551ecbd575f2845675f4ee574f1ef3117f3403abb9cb85cae92c03006662892f8498325884ca22373c1bc5f838d913ef6f8f4bb6bdc8dc8a346ac55fdaf043ad0d4af23edbdeb649297f54a0d5bc8054d206c0bd6098c29b8b094f5a46b0f05f718d03c6647c56f067293fa8eb404444951b4f034d35c696e40b7066d25e88d01d5f744dc0f684b5c59ff58154ae52792ced5fabd966c0a51c2c675e1a90be89ee14aea26b3b57c15005fcbf69f5d6bef97a698a9c39637d4cdbc4a5ee1972e73864030e1261f6ced2fc2575554b9d30c78d153af9face9532802e4d03fa519696c4d6e56dec2572cc7c15bb2a4dac3053919137195c78f8ee84d9f51febc1cd1f9b98dd5959a78cc343571a1d5fbe3e13dfd043a71001d17cc7f62420a9dee13a67a279619a29d7501bd05aa171cdd8420fc085b5bb8680274535c44ffc9b2031abd585f841bd4e36af37ace48742ce44f527db4868c8a98c78b157c8d05d4632ffcd4b77f88b4a38361da54a5d047240839968af05328fbcd5571d43c8733915474b5d5953a59d1f406936b2ca8e426d5ee4b23f41027a18b1ad8cc82c61fcc094f05afbc5a4c730312145bb76b4e4941265a08cebc6e71a015a78fee599404781092d968ddb8ddb16cb99c8bc63c56f39a61ea0b88cb61773d9d587fb7241e3e675490d988260d176288d4fe25b783b44ab0dab74d2f4bd0aa187eb276c406127a4c7bd857b7da5ae000c86dc8f7475aff0c32de4de0fd78a38db4e548e25f68de66abc652a7f1b8a31815a73d041bdaad47bded9729a46a8325c975d24d76a8ce874a8adf7497d4b6965af001423e4e5ad73200d6c75c74fd003f4f8da97dd00ca9dcdcccf3e9e6adff066cbe1dc8a369b7706fdb374764b467417d38c990a82dc1e32d14c6eab72cd8fe667a7e2b8610df92625ddd9f7e4a04436f6778b8d5f8dc090e59a2be96d528349587143f3815260f3ce513fc07f8b7806abd63671a7e8da2ce3dc2e0059ba45b9333a3e6b969446535d24cf994b7d9df8419c7114d3877715356e42560cf53e73da74af3f43824ebfce3d9e9d38d4432e0e7c499cd9f71649033622fab9ba0b7db1d665badab230f110f2b8596a43fe2609b3b7e878ae032514a3a10c0d0f9e16eb9545a30bb8d0557afa6d0f49d7457bbc1a771684903267f45c4f165c635c9a438d78790bc401c11196e5ce5740794160dd33cf8db2f6dcd78a2fb92e69fd63a326fe77bd4461adcfae4bf6849ef0aa45ad2c342ca00d0130d513905695e7f5d5abce98db1881d9b95173a3e1370d8c8187d98e8de6f64ad37414892f8184cb79b4bc80b52ac639599f16a49ac52b53969ea433b0ccda598f089975ee24d5c50b1e16ba0b0087df5f73990367670e0e3c6c4f85a6e3fda9f8fa440ff2822068768409c00995b6c817af87040399cd5ae5c735343f9e7e1454957ddfbe7e8fc9d2f3105bf28a74020fea40244522a8f117022df6b3f848cedcaedddf14f40cba89cf12e19e975ebbb1dabb24d5d28789993d892c2854b668d7ebcbe327c72737d73445cbc1824bb73ae90949b7d45e840683fe901dc371874c9f3c83de63c745d0e542d3b040d0ebaae761b9e1f9b851e1c91d7c5e2800d6d83ec9d63805f9748a975ad708a88ed683db1bbbc2a33d351abd165b814fb12fd102debf0d46d61da0a57cbf2c0116f3a7493b646933767da61191cd5b42e882f8882d71749b2be7456318eacf37d3d81cf38ed4bc623ca941942899862933692bbe1f0bd0e74d65a61f24b083a00a1377d2f228a046b916d00211594dca36ac524388f46686e315cc29cab69690923c659465ed5b26852b901964b834dca767ee2dfa99de9aebec2b456dc48b0a4ba5e39c38194cb2fc5e570ad3f66915ac8429f430c81a1456520e387cccae770484a6767904b77af525a410c12fb2e7cb4eed6de3c303c352005a6c4ec9425eb49289f4e8a6d7dc89c10988ddbb81b375f58f5be36eb9701093e7277c29253e7d7bd1453e03ad7d81a58f01adef674b007322c2e1782f2f4d70c28326121f8310c2c6b6d125ff869846ead464fa7222ddfe8dd70269de56a719a4a4895f11ccf0a831348eb210753561947197459acc4904bd2083d56a94581255103d03a217f2fcca9f51f042ee73defd8fadb29789eaed879c5c21ba351232db8c82d67413f3803b78e813b981ea79a4705d8b8360fa11450f0a440220fb8049b6c36fc8ccbbf6db77315200ec9918586acb14a878a4349027ac3aab7d1b72e250caed9c2fddb433a1083461d76f3c29437cac6b2c8b692a144637833744c818c47cc3aa26f9db293d9238f5bcb46912885302b19b1d814157d40daae48703802c7a6c42d07f27d04a70c9314109b9c17053947deb975557ad2865dac4a568e9d4cd7f71a3024b6c3c1ca94c7da343f4c12343e5911a5d52034aaf89c6dc692c2db8254b431e88d5ef80f45386b888e2b210e7771293c8e6fb1ab6b809e9bff8ff48affe19a2dcdfc8ec567897d962cf6b6bce536347c3ff995e6f4728fc24746a4ed9b3be7d9226c300b55530b2b8547d49de196ca6fc1858fa5cbed5792fdccd6b2cb357490714c3d3c6b64eca4d2472505988fc25d7a4fa8302495e424f277d2b5ec4b29c2c1782504c715493eb74f3aa18b7c2cc2007cc956ebb44fd3b65f40a134cfd68f0fd8ff1a16e0862e4d18d8ca1a0419ed7f923d770c3d1a8efbe804cee0cfd31012d797120b09732de0e6412e371ef64992c01129add879317e24e3d020b72703ddbc0a1efe0cffa5979baf470674ce1efa9500f107c9e8e0db0338a65929a33a4523aaa227c1387d5f1f9e939d8b1489dd4b94e4a74641a9fb05edb4615f48e750e24feb82449bf78c1a6eebfeb0e9cc59fc1310b75c608abf5f58d8b5164261e8ac0cf5df5df6fe6f8e964b10c91bd0b79292cdf1bfc5a575cedcc5b9b1a14d830a71b0ad1e4470d916412f5f90c6bf62", 0xdcc}], 0x4, &(0x7f0000001280)=[{0xc}], 0xc}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f40)=[{0xc, 0x1, 0x2}], 0xc}}], 0x2, 0x0)

02:54:39 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_QTHRESH={0x8}]}, 0x24}}, 0x0)

02:54:39 executing program 2:
r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$link(0x8, r0, r1)

02:54:39 executing program 1:
r0 = openat$rtc(0xffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_AIE_ON(r0, 0x7001)

02:54:39 executing program 3:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@allocspi={0x13c, 0x16, 0x1, 0x0, 0x0, {{{@in=@multicast2, @in=@multicast1}, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x33}, @in6=@remote}}, [@algo_crypt={0x48, 0x2, {{'essiv(xts-camellia-asm,sha384-arm64)\x00'}}}]}, 0x13c}}, 0x0)

02:54:42 executing program 2:
r0 = socket(0x1, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @private2}, 0x1c)

02:54:42 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000000)={@rand_addr, @private}, 0xc)

02:54:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$netlink(r0, 0x0, 0x0)

02:54:42 executing program 0:
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:42 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x8}, 0x1c)
getsockopt$inet6_int(r0, 0x29, 0x10, 0x0, &(0x7f00000000c0))

02:54:42 executing program 3:
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@remote, @broadcast, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @empty, @loopback, @broadcast, @dev}}}}, 0x0)

02:54:42 executing program 1:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000700)=@flushpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, "", [@policy={0xa8, 0x7, {{@in6=@empty, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}]}, 0xb8}}, 0x0)

02:54:42 executing program 0:
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

02:54:42 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$netlink(r0, 0x10e, 0x3, &(0x7f0000001080)=""/4096, &(0x7f0000000000)=0x1000)

02:54:42 executing program 0:
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

[  305.572831][ T9864] ==================================================================
[  305.607591][ T9864] BUG: KASAN: slab-out-of-bounds in xfrm_attr_cpy32+0x15a/0x1d0
02:54:42 executing program 3:
perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xa66, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "03ce02", 0xa30, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, [], @dev, @loopback, [{0x0, 0x1c, "4af5ed2889818240dc55f9586dec836b24d9e09ba7e0fb6e4c019b4732fd79632c80bb666d8f5a808608b246fc603f877c685a675cb034a0ddb7eb3c38c032cd3ffb476625604425fcf538f900fe1e8620324a7bca06bff4240845a2a973ce2730239a4500fad8463ea3d15488ee45084422fdf2866cb0b6558965b498dad3dd1a5432899f0fabb29cba922f36f764b00cd3f01e326df76472497507404bfcbedc42a2ca950d30761a714b7aae774a9be298555b1515212289cf6ac35e7ea841c678a08c2734ef8978954ce5834d50ebc2a996fe612ecce8e3f13004a125a762ec04cafda5"}, {0x0, 0xc, "fec66e9673c146e28aadb1944f860641e8d1066a616aa6ea66d4e5a32a217c9e5b38d9a18e306363928312d03e4f56052d089037ab233aaf7985a5de3e1facc57a2cb994808c029227bd864b9be08c87b6af8095282184684c0ff2e40a8a"}, {0x0, 0x15, "4b4ccace0e2cd3e600b445f3d7d11a992e1cc9e9b220204daf71bfd2e65f462acc3248c27c20bfbc2a3786e9115397d5d81b16c23c236454b22b3543ee787e0251976e87856d133c39f2273ada1a5b2cc8bdd362e5fe928dc28352c4af70fb0113af334cd62eb2cd6ef02ca0e2b3e9ee4d4fe282d3b43e40211446c00866b139735ac95a41ef8a7a3835cc79a07484341b33f849c6b96c4db62f2c0e12cc438b5c29144c48371df6d55e"}, {0x0, 0x18, "c21fbfd4293c4c2362ea4b3038efb9eaa2ea539cfbf1927a6e247af06611cb36074337fb4c22f15998978255d62a2b2ea7667b07ebfd0737df7f6a8c4b961c3cf16160929035fa424ed50b84b7c6ac6a7d68bc3a7e753e7568713d51ae8a8e16f4303dcd3e083eef3a56ae9d61c45586bd08fd6591921b4dedae300b7b404232e9cde672931e5141757d1eec5804316917717baeab4b424cded5ade5b239382f2a213bd839e14dfa084e2debbe87b2cb2f73dfa41346a0cc4900"/195}, {0x0, 0x2, "12c28128d032a47e8cc46a551f41f9f132704dd5"}, {0x0, 0xe7, "7afa58e2398f53c78d52fa519b3d17f3c8fbaf98d93540ee24167c33b1d1bfffa4334e5dc801679fcbdfe15567941146aa7b35c7844ca65b7f1ae93f5d6fad32540e8eb697fbb11a8adfc32fe11cf304706073b361b6f8b0d9355c7beeda3d89b387f6fbd28e1bac3078adc75e9f7d69dd6953ba2c8ffe3744eb4042c94ac95516f356bd300dd52453220e63186997e40f9989872b1c4758a5cc756a5fec631a5cdba6f2fc01aaf7b777ea367159ae46768833bf795a3659e0156cb6571720cfb9a07d6607bc3fd6a9c18c11d1628f9cb9f9c1ac59f6980c1bed0180ccb3ed7e2302f3567167fe16e4ba6f4d396df8719eb054b44c0b557af9c5990c8e302f92fbd3d5c0a5d20c493289f86d931721cbee6873d7e48a27c24f12c00e8dd52f3e2ea2160bc4a2f3145109150fc0735512c353a34a5fdcb09beba20e9423d6853ee78c2f1eb5d29b88de53cf287f7f83f3f35c7540ef0a557a75cccf4ea91952bf7d11d5f7e87deaf1faa0efc9c9a5096a97c65439862fb730f978afcbbd33fd7fef2da3037defbabd0b6d288d662c3414854fe20fa8d2f828c04e13a1de878d11d476ab55bd32607e54f1ee67c4f76fe66f3206d120a36725ffa274f26d50d918d2c21e50fc6abb97ec714a66f8a6ec2c53716629d18524fc112736cb8739d3cdee67834fc34e38d2ff737cb094900a9b1c84c649dc2f6ffc7c754d8adcd31f0577a3952e5ea359432829d0154cd163195fe14669def71381c651755072c581383c69171f2227d70598fcf87347c6045a606a7b4fec119dfb637ef5d396723f1f063176e26d9013f9133873158c2ee847bf0f5d2910e842e85ee793341d152afeee4c3eaed043d2e3cd701e6b8bc10d1abb2da9ae2c286c0e0876d3a09b89a4ad9ee6241c3beece830fdace1660cf79a7fa25f5284f234b3ad8f5ac85fc135f892314057a0b59ed8208837df4bdd18bfe7147290d0cb6e339b3b06cdd410181236e662dd8603b4f989dad69d291ebb9b782257d4be0faa100832db313b1c1fb031faa2f9737a6a9771e208a4f341e1de36778eeaf6c0aa6dd9e74dedb9cf8aa6677c277c24a8626267366acbee48b19968eab630e8895fd395895e0282c6da01cbadc484d251ecdbc43526246b201613a31fe167116bb34f3f3997dc5263544285d53c0edb6ea2882b6d2cc2f408fe4ddd05be6c3edc30a0cbfad450145bcc0e41b95cf03fb1c3174725655274c3ee0196762232339f70522f58e7eac40bbff3bbdd1386d51203dbd181d859414f09b6801423084f8ec89ba261e6ff1ede50e60332a44aafaebac2a8da71d2c05800752e69954f58461d4624fd8d2270e0f90090f463f118af6a7dddaa27a36824a6c19eac2a0b408186b48114d7827068e6ba9e52529fa3b9ab8ad6dabba1940e5d6805201bad76a2fcf6ac631c168d6c22ff15912cdace2cc88face8ddba2d30cde1a987d949766b2ab26c9e8581a0fbda4ec58acfb5f79442ceaaaa2fcd9ce1999f48e210619d34a1adee4791eea7f86ce4fa2b54edabf4e8d33666f4a125531d161ac239c9c1c25e7a4f8035ca80360955b8165894466460633368fc292d2a8d620c661feaefa0e9ef7c5e7a7c7eccd761d837f81464b11fd9d1eee01c67245165fa63820257fee1ba03b0ef01c075310a29a77249e140be69df39933fc20d52dcd70915354923cd40b1120dc3b41307ef69e254825385744a1d26e435ee81b2a4c36b8f56c3af605b054ad4316bf27f70aff0fdedba2d69b7b23e064d9f77f3566cfda4d781e86d491a31a31b62c9f6ffa94587cc53057b2d7ee43267e3a62c0a139831fd962c5063cab3b6a1ca454304c80c656f4d3b54b49d333bbea06c9742612d6f7db591b44b0175eb6ad9bca1cb99ebdb83ec07dc239fe6fc953089d6a36c79064bbe4662b2ca8454be70a0097482323e6e723434c5a0aa4c240341df62306e47412da64805ec917b8eeff73c590fd0eaf23cdc8cbe14a282e5ac84d08a81b9af097017f04f0379cb328fcb76d73b36626d610a770d273083e31aceb31e0fd803a11611f18a54a389b79b8e1ba486240944f71c3b14661664728792249e558c149821c3e793a30511a8319e857e71d6f26468c77b31dcdd94257065a90f94c3093d7c82c90c29992d251be05e0699013844764cbb06239c046363733f25594e94d002605ba02b0c06b348ecb6ccfe87994a9cf0aa2e0df2671ed67106d1a0e217a5e0c3efe5c974b5ac17871735a4b3bd0337512c8b25bd177f693714a6fbb5994236d8fe7886ac0d89f15388fc448943d47876d60fab984e71ef3e81b30c6b8bb4c99cf69164263bfd2fed8094fcf0144ed56064e2b01c5f08707996754b20328826de8a7b05b6812aee1979daa5e6a74afe58fb36b5f81ae0959cd181a974f0243fcf74b68d6cfb041914147b24687c5a15867534f350dcb6e228f0180a960ee8e5e0fbb762d092e34f6f03fcd64da0894941adc982831178dc93048fd203d94a535a818ef2cbdf649ab17fc2a7070cfa8e3aeca845ccd8ef227ebd350fae468178438d6c28315fc8866b52a907adc0f86586aa78d70f31e544fb917a388dee6cea0d5baf6"}]}}}}}}, 0x0)

[  305.633172][ T9864] Write of size 4 at addr ffff888021fef2bc by task syz-executor.1/9864
[  305.667205][ T9864] 
[  305.667205][ T9864] CPU: 2 PID: 9864 Comm: syz-executor.1 Not tainted 5.10.0-rc5-syzkaller #0
02:54:42 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
recvmmsg(r0, &(0x7f0000004a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002061, 0x0)

02:54:42 executing program 0:
timer_create(0x0, &(0x7f0000066000)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0)
readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/65, 0x20000101}], 0x1)

[  305.696233][ T9864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  305.725072][ T9864] Call Trace:
[  305.743180][ T9864]  dump_stack+0x107/0x163
[  305.743180][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  305.764439][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  305.764439][ T9864]  print_address_description.constprop.0.cold+0xae/0x4c8
[  305.764439][ T9864]  ? _raw_spin_lock_irqsave+0x4e/0x50
[  305.764439][ T9864]  ? vprintk_func+0x95/0x1e0
[  305.764439][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  305.764439][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  305.764439][ T9864]  kasan_report.cold+0x1f/0x37
[  305.764439][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  305.764439][ T9864]  check_memory_region+0x13d/0x180
[  305.764439][ T9864]  memset+0x20/0x40
[  305.764439][ T9864]  xfrm_attr_cpy32+0x15a/0x1d0
[  305.764439][ T9864]  xfrm_user_rcv_msg_compat+0x76b/0x1040
[  305.764439][ T9864]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  305.937094][ T9864]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  305.937094][ T9864]  ? mark_lock+0xf7/0x1730
[  305.937094][ T9864]  ? security_capable+0x8f/0xc0
[  305.937094][ T9864]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  305.937094][ T9864]  xfrm_user_rcv_msg+0x55b/0x8b0
[  305.937094][ T9864]  ? xfrm_do_migrate+0x800/0x800
[  305.937094][ T9864]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  305.937094][ T9864]  ? lock_release+0x710/0x710
[  305.937094][ T9864]  ? __local_bh_enable_ip+0x9c/0x110
[  305.937094][ T9864]  ? __mutex_lock+0x626/0x10e0
[  305.937094][ T9864]  netlink_rcv_skb+0x153/0x420
[  305.937094][ T9864]  ? xfrm_do_migrate+0x800/0x800
[  305.937094][ T9864]  ? netlink_ack+0xaa0/0xaa0
[  305.937094][ T9864]  xfrm_netlink_rcv+0x6b/0x90
[  305.937094][ T9864]  netlink_unicast+0x533/0x7d0
[  305.937094][ T9864]  ? netlink_attachskb+0x810/0x810
[  305.937094][ T9864]  ? __phys_addr_symbol+0x2c/0x70
[  305.937094][ T9864]  ? __check_object_size+0x171/0x3f0
[  305.937094][ T9864]  netlink_sendmsg+0x856/0xd90
[  305.937094][ T9864]  ? netlink_unicast+0x7d0/0x7d0
[  305.937094][ T9864]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  305.937094][ T9864]  ? netlink_unicast+0x7d0/0x7d0
[  305.937094][ T9864]  sock_sendmsg+0xcf/0x120
[  305.937094][ T9864]  ____sys_sendmsg+0x6e8/0x810
[  305.937094][ T9864]  ? kernel_sendmsg+0x50/0x50
[  305.937094][ T9864]  ? do_recvmmsg+0x6c0/0x6c0
[  305.937094][ T9864]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  305.937094][ T9864]  ___sys_sendmsg+0xf3/0x170
[  305.937094][ T9864]  ? sendmsg_copy_msghdr+0x160/0x160
[  305.937094][ T9864]  ? __fget_files+0x272/0x400
[  305.937094][ T9864]  ? lock_downgrade+0x6d0/0x6d0
[  305.937094][ T9864]  ? find_held_lock+0x2d/0x110
[  305.937094][ T9864]  ? __fget_files+0x294/0x400
[  305.937094][ T9864]  ? __fget_light+0xea/0x280
[  305.937094][ T9864]  __sys_sendmsg+0xe5/0x1b0
[  305.937094][ T9864]  ? __sys_sendmsg_sock+0xb0/0xb0
[  305.937094][ T9864]  ? syscall_enter_from_user_mode_prepare+0x13/0x20
[  305.937094][ T9864]  __do_fast_syscall_32+0x56/0x80
[  305.937094][ T9864]  do_fast_syscall_32+0x2f/0x70
[  305.937094][ T9864]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  305.937094][ T9864] RIP: 0023:0xf7fcd549
[  305.937094][ T9864] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  305.937094][ T9864] RSP: 002b:00000000f55c70bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  305.937094][ T9864] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000980
[  305.937094][ T9864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  305.937094][ T9864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.937094][ T9864] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  305.937094][ T9864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.937094][ T9864] 
[  305.937094][ T9864] Allocated by task 9864:
[  305.937094][ T9864]  kasan_save_stack+0x1b/0x40
[  305.937094][ T9864]  __kasan_kmalloc.constprop.0+0xc2/0xd0
[  305.937094][ T9864]  kvmalloc_node+0x61/0xf0
[  305.937094][ T9864]  xfrm_user_rcv_msg_compat+0x3cd/0x1040
[  305.937094][ T9864]  xfrm_user_rcv_msg+0x55b/0x8b0
[  305.937094][ T9864]  netlink_rcv_skb+0x153/0x420
[  305.937094][ T9864]  xfrm_netlink_rcv+0x6b/0x90
[  305.937094][ T9864]  netlink_unicast+0x533/0x7d0
[  305.937094][ T9864]  netlink_sendmsg+0x856/0xd90
[  305.937094][ T9864]  sock_sendmsg+0xcf/0x120
[  305.937094][ T9864]  ____sys_sendmsg+0x6e8/0x810
[  305.937094][ T9864]  ___sys_sendmsg+0xf3/0x170
[  305.937094][ T9864]  __sys_sendmsg+0xe5/0x1b0
[  305.937094][ T9864]  __do_fast_syscall_32+0x56/0x80
[  305.937094][ T9864]  do_fast_syscall_32+0x2f/0x70
[  305.937094][ T9864]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  305.937094][ T9864] 
[  305.937094][ T9864] The buggy address belongs to the object at ffff888021fef200
[  305.937094][ T9864]  which belongs to the cache kmalloc-192 of size 192
[  305.937094][ T9864] The buggy address is located 188 bytes inside of
[  305.937094][ T9864]  192-byte region [ffff888021fef200, ffff888021fef2c0)
[  305.937094][ T9864] The buggy address belongs to the page:
[  305.937094][ T9864] page:00000000417f9822 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888021fee200 pfn:0x21fee
[  305.937094][ T9864] head:00000000417f9822 order:1 compound_mapcount:0
[  305.937094][ T9864] flags: 0xfff00000010200(slab|head)
[  305.937094][ T9864] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888010043540
[  305.937094][ T9864] raw: ffff888021fee200 000000008020001f 00000001ffffffff 0000000000000000
[  305.937094][ T9864] page dumped because: kasan: bad access detected
[  305.937094][ T9864] 
[  305.937094][ T9864] Memory state around the buggy address:
[  305.937094][ T9864]  ffff888021fef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  305.937094][ T9864]  ffff888021fef200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  305.937094][ T9864] >ffff888021fef280: 00 00 00 00 00 00 00 04 fc fc fc fc fc fc fc fc
[  305.937094][ T9864]                                         ^
[  305.937094][ T9864]  ffff888021fef300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  305.937094][ T9864]  ffff888021fef380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[  305.937094][ T9864] ==================================================================
[  305.937094][ T9864] Disabling lock debugging due to kernel taint
[  307.088743][ T9864] Kernel panic - not syncing: panic_on_warn set ...
[  307.108499][ T9864] CPU: 2 PID: 9864 Comm: syz-executor.1 Tainted: G    B             5.10.0-rc5-syzkaller #0
[  307.138239][ T9864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[  307.168135][ T9864] Call Trace:
[  307.168135][ T9864]  dump_stack+0x107/0x163
[  307.168135][ T9864]  ? xfrm_attr_cpy32+0x90/0x1d0
[  307.168135][ T9864]  panic+0x306/0x73d
[  307.218264][ T9864]  ? __warn_printk+0xf3/0xf3
[  307.218264][ T9864]  ? preempt_schedule_common+0x59/0xc0
[  307.258193][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  307.278220][ T9864]  ? preempt_schedule_thunk+0x16/0x18
[  307.278220][ T9864]  ? trace_hardirqs_on+0x51/0x1c0
[  307.278220][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  307.278220][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  307.278220][ T9864]  end_report+0x58/0x5e
[  307.278220][ T9864]  kasan_report.cold+0xd/0x37
[  307.278220][ T9864]  ? xfrm_attr_cpy32+0x15a/0x1d0
[  307.278220][ T9864]  check_memory_region+0x13d/0x180
[  307.278220][ T9864]  memset+0x20/0x40
[  307.278220][ T9864]  xfrm_attr_cpy32+0x15a/0x1d0
[  307.278220][ T9864]  xfrm_user_rcv_msg_compat+0x76b/0x1040
[  307.278220][ T9864]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  307.278220][ T9864]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  307.278220][ T9864]  ? mark_lock+0xf7/0x1730
[  307.278220][ T9864]  ? security_capable+0x8f/0xc0
[  307.278220][ T9864]  ? xfrm_alloc_compat+0x10d0/0x10d0
[  307.278220][ T9864]  xfrm_user_rcv_msg+0x55b/0x8b0
[  307.278220][ T9864]  ? xfrm_do_migrate+0x800/0x800
[  307.278220][ T9864]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  307.278220][ T9864]  ? lock_release+0x710/0x710
[  307.278220][ T9864]  ? __local_bh_enable_ip+0x9c/0x110
[  307.278220][ T9864]  ? __mutex_lock+0x626/0x10e0
[  307.278220][ T9864]  netlink_rcv_skb+0x153/0x420
[  307.278220][ T9864]  ? xfrm_do_migrate+0x800/0x800
[  307.278220][ T9864]  ? netlink_ack+0xaa0/0xaa0
[  307.278220][ T9864]  xfrm_netlink_rcv+0x6b/0x90
[  307.278220][ T9864]  netlink_unicast+0x533/0x7d0
[  307.278220][ T9864]  ? netlink_attachskb+0x810/0x810
[  307.278220][ T9864]  ? __phys_addr_symbol+0x2c/0x70
[  307.278220][ T9864]  ? __check_object_size+0x171/0x3f0
[  307.278220][ T9864]  netlink_sendmsg+0x856/0xd90
[  307.278220][ T9864]  ? netlink_unicast+0x7d0/0x7d0
[  307.278220][ T9864]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  307.278220][ T9864]  ? netlink_unicast+0x7d0/0x7d0
[  307.278220][ T9864]  sock_sendmsg+0xcf/0x120
[  307.278220][ T9864]  ____sys_sendmsg+0x6e8/0x810
[  307.278220][ T9864]  ? kernel_sendmsg+0x50/0x50
[  307.278220][ T9864]  ? do_recvmmsg+0x6c0/0x6c0
[  307.278220][ T9864]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  307.278220][ T9864]  ___sys_sendmsg+0xf3/0x170
[  307.278220][ T9864]  ? sendmsg_copy_msghdr+0x160/0x160
[  307.278220][ T9864]  ? __fget_files+0x272/0x400
[  307.278220][ T9864]  ? lock_downgrade+0x6d0/0x6d0
[  307.278220][ T9864]  ? find_held_lock+0x2d/0x110
[  307.278220][ T9864]  ? __fget_files+0x294/0x400
[  307.278220][ T9864]  ? __fget_light+0xea/0x280
[  307.278220][ T9864]  __sys_sendmsg+0xe5/0x1b0
[  307.278220][ T9864]  ? __sys_sendmsg_sock+0xb0/0xb0
[  307.278220][ T9864]  ? syscall_enter_from_user_mode_prepare+0x13/0x20
[  307.278220][ T9864]  __do_fast_syscall_32+0x56/0x80
[  307.278220][ T9864]  do_fast_syscall_32+0x2f/0x70
[  307.278220][ T9864]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  307.278220][ T9864] RIP: 0023:0xf7fcd549
[  307.278220][ T9864] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  307.278220][ T9864] RSP: 002b:00000000f55c70bc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  307.278220][ T9864] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000980
[  307.278220][ T9864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  307.278220][ T9864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  307.278220][ T9864] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  307.278220][ T9864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.278220][ T9864] Kernel Offset: disabled
[  307.278220][ T9864] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:54:44  Registers:
info registers vcpu 0
RAX=000000000000009d RBX=0000000000000000 RCX=ffffffff84b97ec0 RDX=ffffc9000da60000
RSI=ffff8880135f4ef0 RDI=ffff8880135f50c0 RBP=ffff8880135f54a8 RSP=ffffc90000007d30
R8 =0000000000000000 R9 =ffff8880135f54af R10=0000000000000000 R11=0000000000000001
R12=0000000000000001 R13=0000000000004e20 R14=ffff8880135f4e70 R15=ffff8880135f4ef0
RIP=ffffffff84b97f02 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe569c967c0 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4e43178000 CR3=000000001264d000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0a0a29307830202c7d7d7d7d7d7d5d7d XMM01=697475636578652032343a34353a3230
XMM02=78302826286e65706f5f746e6576655f XMM03=667265700a3a33206d6172676f727020
XMM04=676e697475636578652032343a34353a XMM05=697475636578652032343a34353a3230
XMM06=65700a3a33206d6172676f727020676e XMM07=697475636578652032343a34353a3230
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=000000000000000e RCX=ffffffff837fed4a RDX=000000000000000e
RSI=ffff888013180000 RDI=0000000000000001 RBP=ffff888013eb7580 RSP=ffffc90000fd7908
R8 =0000000000000001 R9 =ffffffff8f189b47 R10=0000000000000010 R11=0000000000000001
R12=0000000000000022 R13=00000000000003fe R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff816ffbcf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4e431717a0 ffffffff 00c00000
GS =0000 ffff88802cd00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000003c000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffc5ede1cf8 CR3=00000000189a9000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000000000ff0000ff00ff00000000 XMM01=ffff000000000000ffff00ff00000000
XMM02=00000000000000000000000000000000 XMM03=00000000ff00000000000000ff000000
XMM04=75722f766564752f62696c2f002f2a2f XMM05=5b6d626974627c2a5d392d305b646d7c
XMM06=2d305b6d626974627c2a5d392d305b64 XMM07=2d63707276633a3174633a554d45516e
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff840e8681 RDI=ffffffff8fad6ae0 RBP=ffffffff8fad6aa0 RSP=ffffc9002a48eec0
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000
R12=0000000000000037 R13=0000000000000037 R14=ffffffff8fad6aa0 R15=dffffc0000000000
RIP=ffffffff840e86d8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802ce00000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000077000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020000980 CR3=000000006a134000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000002
XMM02=00000140000000000000000400000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=0000000000000001 RBX=ffff888010a74a40 RCX=ffffffff88e6e43b RDX=ffffed100214e955
RSI=0000000000000004 RDI=ffff888010a74aa0 RBP=ffffc90001557738 RSP=ffffc90001557670
R8 =0000000000000001 R9 =ffff888010a74aa3 R10=ffffed100214e954 R11=0000000000000000
R12=ffff88802cf34940 R13=ffff888011e70000 R14=ffff888011e70458 R15=ffff888017be2180
RIP=ffffffff88e6e43f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802cf00000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000b2000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000815e1d0 CR3=0000000065e5b000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000052
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000