last executing test programs:

2m24.755847534s ago: executing program 2 (id=105):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000028000701000000080000090005"], 0x20}}, 0x40080c0)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x42, 0x5c})

2m24.755585699s ago: executing program 2 (id=106):
r0 = socket$kcm(0x2, 0x1, 0x84)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(blowfish))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2)
setsockopt$sock_attach_bpf(r0, 0x84, 0x9, &(0x7f0000000380), 0x98)

2m23.894167929s ago: executing program 2 (id=125):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0xb, 0x2)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000640)="be9980d77270a1f988047f4e9f8f008365bda37227a39df746face84f6661bc64165c3137e312078a5785b09e3d9e57b6ae96528ff26861ab1fe00a35fb3e62465793f83a73616b73bf5039832450c91bc04449cff7aacd36cc75a75b7c4fa68e873ff402a84f7b855baae1c3d36c70cdae0b8884fc2e062bd934770488194a5506fdaae0dbf3adc62ce3601622f75b65e95b41bebe944d19f6c62b488051133562e8bc68d7d8631225105cb3caad26eb85579852b7f44271659b1cc5c8d71cddda33eee24570353833ff61630d5d8e59070", 0xd2}, {&(0x7f0000000380)="12ffc3fb8a3f30f89e3472a03ed5d5631f13b2", 0x13}, {&(0x7f0000000740)="806e11ec67bf9bdbdbe24cb37d283756e6d8688af4e50a683ad150939f0520bcd253e9f7468af5b22610b2b823ff585ac1f8e7bb698f34f71470b15c98389f5809059639b795e7599bd5415f954e883fca279ecf4c94bfa5565b46dfadecc72b9a518735e625f0bd84fa49f35af686e93e5f67e4d667cd47f1d02f8d2ea8640e7b8ec77422548784d2d296fbe0990ec280b1eccdabeaec20cba5fc25ac495f7380b14691e26c9ff6d5e9518ab58463529f21968ab5b3a5b3ebcf3fa528a136e6c86ba804d48e769870c421ffef7d55e8606e0147ad946b07df37", 0xda}], 0x3)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000080)={0x5, 0x1, 0x1, "3a8e07ca5de21f00000000000000000000004b5c00", 0x33424752})
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_GET_REQUEST_TABLE(r3, 0x2275, &(0x7f00000018c0))
ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x7, 0x6}}, './file0\x00'})
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000040)={0x3, 0x2, 0x2, "a70ec4f485059b7208dbaddb944aada10406fff191b686353291cd4a7e8a601c"})
r5 = eventfd2(0xb, 0x80001)
ioctl$KVM_HYPERV_EVENTFD(r0, 0x4018aebd, &(0x7f00000000c0)={0x4, r5})
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_SET_OP_GET_BYNAME(r6, 0x1, 0x5, 0x0, &(0x7f00000008c0))
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
iopl(0x3)
iopl(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x29, &(0x7f0000000440)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x5}, {0x18, 0x8, 0x2, 0x0, r7}, {}, {0x15, 0x0, 0x0, 0x76}}, @snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}], {{}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mount$9p_rdma(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1002080, &(0x7f0000000240)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@timeout={'timeout', 0x3d, 0x6}}, {@rq}, {@timeout={'timeout', 0x3d, 0x9}}, {@common=@noextend}, {@rq={'rq', 0x3d, 0x8}}, {@sq={'sq', 0x3d, 0x3}}, {@rq={'rq', 0x3d, 0xfa74}}, {@common=@cachetag={'cachetag', 0x3d, '('}}], [{@subj_role}, {@appraise_type}, {@flag='rw'}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@appraise_type}, {@euid_lt={'euid<', 0xee00}}]}})

2m23.785513835s ago: executing program 2 (id=127):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@bridge_dellink={0x28, 0x13, 0x5, 0x70bd2a, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_PROMISCUITY={0x8, 0x1e, 0x1ff}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000c4}, 0x20004001)

2m23.71310577s ago: executing program 2 (id=130):
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000080), 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_coalesce={0xe, 0x464, 0x2, 0x1, 0x888, 0x1, 0x7, 0x5, 0x4, 0x1, 0x7, 0x9cdd, 0x2, 0x9, 0x48000, 0xee5, 0xfff, 0x1, 0x5, 0x3, 0x200, 0x8, 0x9}})
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) (async)
r3 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
accept(r3, 0x0, 0x0)

2m23.711861377s ago: executing program 2 (id=131):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
eventfd(0x5)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000080)=""/237, 0xed, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x94}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
eventfd(0x5) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00') (async)
pread64(r1, &(0x7f0000000080)=""/237, 0xed, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x94}}, 0x0) (async)

2m8.695665192s ago: executing program 32 (id=131):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
eventfd(0x5)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000080)=""/237, 0xed, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x94}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
eventfd(0x5) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00') (async)
pread64(r1, &(0x7f0000000080)=""/237, 0xed, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x94}}, 0x0) (async)

1m28.834219044s ago: executing program 0 (id=1057):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x104})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x10})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
write$vhost_msg(r6, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0x7}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x9}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4048115}, 0x0)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

1m27.951662661s ago: executing program 0 (id=1074):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000001640)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000700)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000780)={{}, {0x0, 0x3938700}}, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, @empty, @private1={0xfc, 0x1, '\x00', 0x20}, 0xc1, 0x20, 0x2, 0x2}})
timer_delete(r3)

1m27.814617695s ago: executing program 0 (id=1083):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x104})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x10})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
write$vhost_msg(r6, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0x7}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x9}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4048115}, 0x0)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

1m27.734083376s ago: executing program 0 (id=1085):
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000000)={0x0, <r0=>0xffffffffffffffff, 0x80000})
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @private}}, 0x0, @in=@initdev}}, &(0x7f0000000140)=0xe8)
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=0x4)
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
fchown(r0, r2, r4)
listen(r0, 0x9)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc1004111, &(0x7f0000002240)={0x4, [0x10000, 0x5, 0x3], [{0x9, 0x1339, 0x0, 0x1, 0x0, 0x1}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x9, 0x0, 0x1, 0x0, 0x1}, {0x8, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x8, 0xa, 0x1, 0x1, 0x0, 0x1}, {0xfffffffe, 0x1ff, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x200, 0x1, 0x0, 0x0, 0x1}, {0x7, 0x7, 0x0, 0x0, 0x1}, {0xfff, 0x7fffffff, 0x1}, {0x1e77, 0x809, 0x1, 0x0, 0x1, 0x1}, {0x6, 0x9, 0x1, 0x1, 0x0, 0x1}, {0x5, 0x101, 0x0, 0x1, 0x0, 0x1}], 0x3c})
r6 = openat(r0, &(0x7f0000002340)='./file0\x00', 0x10000, 0xa4)
listen(0xffffffffffffffff, 0x81)
socket$pppoe(0x18, 0x1, 0x0)
ppoll(&(0x7f0000002380), 0x0, &(0x7f00000023c0), &(0x7f0000002400)={[0x7]}, 0x8)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000024c0)={'syztnl0\x00', &(0x7f0000002440)={'ip6gre0\x00', r3, 0x4, 0x1, 0x6, 0x81, 0xf, @private2, @local, 0x7800, 0x7800, 0x2, 0x72}})
sendmsg$can_bcm(r6, &(0x7f0000002600)={&(0x7f0000002500)={0x1d, r1}, 0x10, &(0x7f00000025c0)={&(0x7f0000002540)={0x7, 0x0, 0x3, {}, {0x0, 0xea60}, {0x4, 0x0, 0x1, 0x1}, 0x1, @canfd={{0x3}, 0x2f, 0x1, 0x0, 0x0, "2fb45fcf0add098d0e325b730973c2603990fc91de87a2311998bb6574117ff047d0783b422afc751c45857bc4e9d2f7da521162c43eafdf113c5e23d9b981ec"}}, 0x80}, 0x1, 0x0, 0x0, 0x40801}, 0xc2)
capset(&(0x7f0000002640)={0x20080522, r5}, &(0x7f0000002680)={0x5, 0x6, 0x3, 0x0, 0x5, 0xe3})
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000026c0), 0x0, 0x0)
ioctl$IOMMU_VFIO_GET_API_VERSION(r7, 0x3b64)
r8 = socket$pppoe(0x18, 0x1, 0x0)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002740), r0)
sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000002b80)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002b40)={&(0x7f0000002780)={0x398, r9, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x65}, @ETHTOOL_A_EEE_MODES_OURS={0x2d8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xa2, 0x5, "d3e38d5ff87fb2506fdbd47aa6891c2b18122a7750c63819af49612246f751f916bd791f75fa9706b5ca2e1018605f6d9b82e6be1977deccb11c6291b7fbe236674fc003361304550d4011439f879169fcf23a27a4e5fd2fe26e4dce43bd9e65755ae6e701b2638f486840033f27f3b66235688586399c878377e70c01c0367e1f75a697530b584b2210d8279f795aae45674a9a79741ca125cbb5ccaf3f"}, @ETHTOOL_A_BITSET_MASK={0x79, 0x5, "24d8c18f69381c5cbd4b443878f5eabd1636009e9e435f83892823dd4820b8c8ab25214df6304556ce8ebe5d1d92f18c1c51e108c67685ad84b18d3b23e55bd2a237402251b241661f7f7c443a6dfc82121248fdc0971a4b867674095c091128a29990d377c303df1b30ae3f78efd2854c4789dbcf"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x8}, @ETHTOOL_A_BITSET_MASK={0x34, 0x5, "95160c40e59297170ab1586bb6f0d7cafa28567c5f976b363340f803e32db8e42e6b1394c818035e4822fa2e98a86935"}, @ETHTOOL_A_BITSET_MASK={0x2b, 0x5, "d504487b780ee4bf761dbc54f3a54436eb688e6d17a9c46cad138e83771c9fd34905fd437168c3"}, @ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}, {0x4}]}, @ETHTOOL_A_BITSET_VALUE={0xa7, 0x4, "572461acd0163d5def99001ec72e737ec2c66a406899fd92437b2e3d50ce2953d16c28e5a07cbcc00176828355dcd5b5b0f90db1923b084ebd73d7bbc544bdf59cf99bb101592fcc21ab6e881aa7c51dd46731ad9b038a3a278a5b446e0632eb666b94dd401b4e18f6c29021d436fbe32d5caa926d262bd23ecea1841c6ed3c234aaff969e157913da585173ab655a713dfa940e140ae11ce3ffd5a4ef483e43591879"}, @ETHTOOL_A_BITSET_VALUE={0x8f, 0x4, "64d6ca22f3fc087820b4e9e150d31479aeb40c5cfd0fa2312caf5a27175ab9a4480951460543011d5aa6ef5eaaf78fcc06b516ec3c87e57f4ce6361ebf03b4c958b188340032b7a1802a30813bd75c5d7b4a4ec0e08016af286f3c4576011d2a184ead80d7f44ba04a5e8950b5146d405de6cf6284cdd9f41cad52421afd8cdaabbc317d78c2dfb606d5ad"}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x2}, @ETHTOOL_A_EEE_MODES_OURS={0x9c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x97, 0x5, "5370cd4bfe5a3e9f6b3a0344362b7575d0f2ec603a385abaad77d970a7d173c519a35fa7b702ba4a6b635c5652f4761cedb73a2114abfd5ad82c4e14723d934878c96e13f753ab2d30e0c69c8bb2eff782d950defff85df39595235667b14b4b036e96413bc46fc4837ec714fbcfa9812bc5227e2151996705658132dc8c7be1a68b3db194288cab4e1b20fe35a66fa135881e"}]}]}, 0x398}, 0x1, 0x0, 0x0, 0x8000}, 0x40800)
socket$can_bcm(0x1d, 0x2, 0x2)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000002bc0)={0x2b, 0x6, 0x0, {0x6, 0x6, 0x2, 0x0, ')}'}}, 0x2b)
r10 = getpgrp(r5)
capset(&(0x7f0000002c00)={0x20080522, r10}, &(0x7f0000002c40)={0x8ba, 0xdb, 0x7, 0x6, 0x11058e29, 0xb1b0})
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r6, 0x660c)
ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000002c80)={0x18, 0x0, {0x1, @local, 'veth1_vlan\x00'}})
recvfrom$inet6(r6, &(0x7f0000002cc0)=""/4096, 0x1000, 0x61, &(0x7f0000003cc0)={0xa, 0x4e21, 0x6, @dev={0xfe, 0x80, '\x00', 0x27}, 0x69269cab}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000003d00)={'ipvlan0\x00'})
recvmmsg(r6, &(0x7f0000004440)=[{{&(0x7f0000003d40), 0x80, &(0x7f0000003dc0), 0x0, &(0x7f0000003e00)=""/142, 0x8e}, 0x401}, {{&(0x7f0000003ec0)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000004080)=[{&(0x7f0000003f40)=""/191, 0xbf}, {&(0x7f0000004000)=""/126, 0x7e}], 0x2, &(0x7f00000040c0)=""/199, 0xc7}, 0x9}, {{&(0x7f00000041c0)=@tipc, 0x80, &(0x7f0000004400)=[{&(0x7f0000004240)=""/247, 0xf7}, {&(0x7f0000004340)=""/168, 0xa8}], 0x2}, 0x5}], 0x3, 0x40002002, &(0x7f0000004500))
ioctl$LOOP_CLR_FD(r6, 0x4c01)
ioctl$TIOCOUTQ(r6, 0x5411, &(0x7f0000004540))

1m27.733594026s ago: executing program 0 (id=1087):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000005440)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)='+', 0x1}], 0x1}}], 0x1, 0x400c404)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x6}]})
fanotify_init(0x8, 0x400)
sendmmsg$inet6(r0, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4040005)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

1m27.484138155s ago: executing program 0 (id=1089):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x400, 0x2}, &(0x7f0000002000)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
r4 = io_uring_setup(0x669, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r5)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x40, 0x0, 0xffffffffffffffff, &(0x7f0000001000)={0xd0000011}, r4, 0x3, 0x0, 0x1, {0x0, r5}})
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x1ae)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x20)
mkdir(&(0x7f0000000040)='./bus\x00', 0x50)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000f40)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg$unix(r9, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)=',', 0x1}], 0x1, 0x0, 0x0, 0x4000}, 0xc841)
close(r9)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121042, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r7}})
splice(r6, 0x0, r10, 0x0, 0x2, 0x0)
syz_usb_connect(0x5, 0xc3e, &(0x7f0000000100)={{0x12, 0x1, 0x310, 0x66, 0x97, 0xe, 0x40, 0x7b8, 0x7610, 0x8204, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc2c, 0x3, 0x3, 0x92, 0x40, 0xe1, [{{0x9, 0x4, 0x37, 0x1, 0x10, 0x33, 0x59, 0xc1, 0x1, [], [{{0x9, 0x5, 0x7, 0x8, 0x200, 0x0, 0x1, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0xc3, 0x2, 0x4}]}}, {{0x9, 0x5, 0x9, 0x4, 0x200, 0x3, 0x5, 0x10}}, {{0x9, 0x5, 0xe, 0x0, 0x8, 0x0, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x7f, 0xa}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x1, 0x3}]}}, {{0x9, 0x5, 0x0, 0x10, 0x3ff, 0xf8, 0x1, 0x3, [@generic={0xa9, 0x8, "bc3c2e6cb6a40b4987a69c65a5cc9742fcb30de7b71dd3849eb8218d4657edcc1541c193156a58bd264f28dad2a6ce5473e6074eeb92f26b2169a14a1df1dcac281b2e34a1b36b29ba22b2cbc71643e74783c629c86b044e0bec7fa496fc0ae4fbb8dd8e6fb5645c4f42f1db21e1b6332c745155851bd8e9fbb389bb84c2ffe3ef0d9b4ffc7ecfceb7dc4cc67929f27ed6abf732bece360bb135fa93ba1a640026c16fc30db50d"}, @generic={0xf0, 0x11, "a90c46b0887254f8b3eb5633e5d3d580a95c4ccb3cf3b6c1870f191d83e1bf8f977e46846bbbcb30be1bdf197af00439f5990df4536a134a4460899334e37d94b7d8fd4a427b35d19195f2f70abb5b6ed98974dc6d13c7815ed8aad857fc09cc7c129b05d397c2cd9d3597fe161fd81572e420c788a3d691ceba834db52f741aef9e3a1f8dbad2f1f8fc2ea81143bba5eb8da53372be1d72eef9ec3b6409e207b59a511ca70d7d33e8fdf6bd1f0a5da1711aabf83125397db53427b1c644f23ee8c8a705036e9dcef38306a613938431c5a26949a8824b6add5e2bed13da058465d235875f79459f412cc03e0a00"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x3ff, 0x1, 0x2, 0x1}}, {{0x9, 0x5, 0x2, 0x8, 0x200, 0x7, 0x6, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x102, 0x4, 0x4bc2}, @generic={0xe8, 0x9, "6ef28d9508b751577186020dfa513d5ad5a56faf6328ccbe8399fbc495d59ff63e328bfec8bf52b97130778f6d2aa644d94e93d00567dac6ac16de0fb1bb6a49ed72c901cc1f41c4792e7b63c9b8ce14d9e5e22fddb8d9eb19c3f1c9bdd24b19c7ba8e9a5b63eca19f9e252892b04ff8bd1b6d55b4f71d31be542a8a3a1a6dc65af543ace078ba62d9a5aca9b7343b75b78c47ff750b04b7b2ad8001692813e46f5a64df8c0521441e73c27a951596b7c4f166eabb2957f6147db6c4373b52f7e049b9a5323e05037cd5897947a4bbf29766530b0340d7be839837047ad72be7930adfb4207f"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x200, 0x3, 0x4, 0x1}}, {{0x9, 0x5, 0xc, 0x3, 0x400, 0x10, 0x5, 0x1}}, {{0x9, 0x5, 0x5, 0x8, 0x20, 0xe, 0xa, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xba, 0x8}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x0, 0x4}]}}, {{0x9, 0x5, 0x0, 0x0, 0x8, 0xf9, 0x7, 0x7}}, {{0x9, 0x5, 0xd, 0x2, 0x3ff, 0xff, 0xc, 0x43, [@generic={0xbe, 0x21, "9da877a646cc6d5021fe9662c2b6391ebbacba4f146cf91917b0001c95dedd24bcc7a5d821ea644f5fb9c5c236c91f3fd222caf026d0f592401ede465b2356cdbe64f41dca29bfca1dbe20b7d22c38a2b408cfa4093e93e9bc52af8b6bbb580e3d750d1e7220a08cbce3215a3308fe66ceca8618d0180ca204d5387b36fc6bfaae7962b25a024a3ec40a2d4a48173cea50d5bd6dc1c3b18ab275d02a033b17c1cb2e7e3ad725b3a535de81154ed7f7680c39d3025f2d69186d795cdf"}]}}, {{0x9, 0x5, 0x0, 0x1, 0x20, 0xe, 0x8, 0x6}}, {{0x9, 0x5, 0x80, 0x3, 0x8, 0x6, 0x0, 0x0, [@generic={0x2e, 0x1, "8858f10bfee8ad8ecac91498ea8a2a9346df563b3d6a07cf5d16bc70f4916d015a07ac84ea370260db61b06b"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x60, 0x1}]}}, {{0x9, 0x5, 0x8, 0x1, 0x10, 0x3, 0x6, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x6}]}}, {{0x9, 0x5, 0xf, 0x4, 0x40, 0xfd}}, {{0x9, 0x5, 0x3, 0x18, 0x20, 0x1, 0x9, 0x3f, [@generic={0xcd, 0x21, "8bb10e1a39b4709238caaff0461fe321456d0c002e5ce874d30f8fe3b76ff6f6035647029a07814e8d0855289e6229bf6df5be1a5d3649647986ae86b031229af1173bfddb23016731fde3d1332e54b311050d476a53e7b827c0eb4b861fc812e6f2db7b85cf945ab17b06533979527f55c493298a3b19cd530cd376022655e46d590ba3572c995887392e02450741ffaf8dbda5fa75af9ded85a21b0f64a95ef318b3f36214bd2fa5033f847d0d2fe4ea52eaef630b39ff84bd1eeef548649b7762ac49a4c9ac36848b08"}]}}]}}, {{0x9, 0x4, 0x3b, 0x3, 0x9, 0x99, 0x57, 0x95, 0x4d, [@generic={0x101, 0x30, "fbfd98cb48f476ea654a841948c69a83559aa19c7dea2954eb5b8f6e65995b7affcac53d2a4db5b7e7bd3d0b116477787ac08312c62c3170b9dfb22fd0b2b90e5e45fd13cbfa793a25753d2e6db6403c60cfa2562c1f066e63926f54ec8476a4c3c15973e426c1cecca9296c30e03c17e3bbca422334252321f05dda588a666e33bc5c6d1dd69a4ae0695f520ad5cd73b7405c935553a6ba5602949e64b2e32d24cc3cb96241cc3aedcff8839fe93683d596f240fe5f5bc4b1f440fbbe0002223488258802f67115155aa625e3ccb1e2ccfdd7df298ce56d06195685011d743b1273ac59fa64be406cf8b60a606199d1f8591a8411bdacd3da4b412f9500a4"}], [{{0x9, 0x5, 0x80, 0x0, 0x20, 0x2, 0x81, 0x9}}, {{0x9, 0x5, 0x3, 0x10, 0x3ff, 0xc, 0x80, 0x81}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x0, 0x4, 0x1}}, {{0x9, 0x5, 0xe, 0x0, 0x40, 0x2, 0x3, 0x2}}, {{0x9, 0x5, 0x80, 0x4, 0x400, 0x2, 0x1, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x81}]}}, {{0x9, 0x5, 0x3, 0x3, 0x10, 0x5, 0x6, 0xf8, [@generic={0xb3, 0x4, "e7bb4af474700e22bf83fb073521abb3610b9447032b18a3df64c2caac80103d36418f1e47235c21baa2aec5045a618dfbf25831881cca19ffac826709e6290aaf4174a83fffe12cdf194d14754fef1323d5c893e427b6c2eaf5a6b7183fe7e05b0bde3b5cae6eef74fd4e291e1ee46e7de7864bb4db19a8509193dffb79889ff32054b8ad215ab476680e13b6227041665706b4891b8ef262500025e6e62ad7b77f542566c17742072d36757143966add"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0xcf, 0x88}]}}, {{0x9, 0x5, 0x3, 0x4, 0x8, 0x9, 0x10, 0x4, [@generic={0x6e, 0x23, "25e1f897a1ac337240bf09001d5fe92b62301155723bd79bdace597e149ef7994fd5ff33915912cc801a77a6619146a96c9fed5b5a40f77826184cf0db597fbf5d366656691132f36a5a0ecbd8a965285ba772a649a3439810d0894a72877c26deb0a0c363c8e62b2de3c999"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x7f}]}}, {{0x9, 0x5, 0x4, 0x4, 0x0, 0x22, 0x2, 0x7, [@generic={0x21, 0x6, "6aa0b5881764f6fca9ed3ed7a0aec77e50a9bb08363135bd149d0cd1da19ce"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x8, 0xf, 0x7, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x1, 0x421a}]}}]}}, {{0x9, 0x4, 0xca, 0x5, 0xc, 0xa0, 0xcb, 0xdf, 0x5, [@generic={0x14, 0x11, "7dc4399ee10fe0b864fc919a0e85a7c25dc3"}, @cdc_ecm={{0x5}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0xa7d, 0xffff, 0x30, 0x4}, [@acm={0x4, 0x24, 0x2, 0xc}]}], [{{0x9, 0x5, 0x9, 0x4, 0x200, 0x7, 0x5c, 0xfa, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x88, 0x6}]}}, {{0x9, 0x5, 0x6, 0x0, 0x400, 0x8, 0x5a, 0x7c, [@generic={0x102, 0xb, "a301c196557e978f919c64410f711ac30bfc45d767f7be289985922ff1e90d6f93bbcad7a3c1025aa399b02b48d2a38c8006ed9502b63aaad4c2f0c2d194190f67c3f175548da58b1a7809c03bf8e7f1a8727c124a80551a2a19ec8f4ee39014c432f2f92254379341367ef4fafd3ef5205994df05d422caa05cd257c801b3db2024e50641463abcd673a10580caeea5184536de1d1c23d339d8eded441222e8776ea1f9a1dd20b7744441fd9043b7a20680030634e8f8fa5d965be85e1e39cf50e9d054c49756ea0d5e3395f87a122f4b4a0ec9664824cdaf40c2edab766470141ad4754184ef9ea32d1d4afae219513ac0bd4913c1f6afa265c80c3833f03e"}]}}, {{0x9, 0x5, 0x9, 0x10, 0x400, 0x9, 0x5, 0xe, [@generic={0xdd, 0xa, "087192b9d3085937f5b579d092d4d0bfc7e8805c18e3951560bf6c56f032eb27e7be7a8258e60771b9f4a436619350aa3f7e5096f4c2828b4ab155356c2f728589e8e25da48d0942d300026f304f4c2a98eb6422906c4e4c36638d37a4550c27b2e6bbda846a45774cc6e536dc0f185a7486b0fa1d1afe5941c3f4b0d2e31b531c763d4d6f35f5b75da76a7739d89daf6c7a547d55831560bc6b31799309e33e1d452205c0ed64238b2a62559d3d5cf35a6ddbef1f404870934b8d4e8a7bdd7bd4f23405a7aedda95c22be219705d164e1ecfff1ff056bf672b0b4"}]}}, {{0x9, 0x5, 0x3, 0x10, 0x60, 0x0, 0x8, 0x7, [@generic={0x21, 0x23, "4a22895db03c4f54b3a1cc36889b340a2efe3e5a86e4b9c8ba1bc470e75f27"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0x1}]}}, {{0x9, 0x5, 0xc, 0x0, 0x8, 0x2d, 0x0, 0x9}}, {{0x9, 0x5, 0x5, 0x3, 0x10, 0x0, 0xff, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x23, 0x1ff}]}}, {{0x9, 0x5, 0x9, 0x17, 0x20, 0xa4, 0x3c, 0xea, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x10, 0x9}]}}, {{0x9, 0x5, 0x0, 0x1, 0x10, 0x6, 0xa8, 0x0, [@generic={0x29, 0x31, "6c932f7e49cb6c36dbc3f75d12bf18498ebb686eee676c8340c98e891571eadff87e4bd76ff70b"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x8, 0xf2, 0x1, 0x40}}, {{0x9, 0x5, 0x6, 0x10, 0x20, 0x2, 0x80, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x1}]}}, {{0x9, 0x5, 0x80, 0xe, 0x40, 0x2, 0x0, 0x2, [@generic={0x73, 0xa, "8e21c1f87d676b5c1f314a07422e436c53e8231e799b06bfb8ea82604144a3b68541fd33855372cdad7eb5b17c4e338cb34948a2f9240ce0c5dd5dd33cb84e95029ecc64de33f23dfe63be0c1d74cff99257b0b403072d43432d33bb1eaa5cc49f5f6be06ba53abc1c3a07af536e405249"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x3}]}}, {{0x9, 0x5, 0x3, 0x0, 0x20, 0x6, 0x6, 0x1, [@generic={0xee, 0xe, "9daff48de226faf22b2ff8486f147b5059817dfc17cdd6329470c33121e44e44ac9062f0fc1da103e22a4748d1e29e2cbfefb259e7804c3ba4d8cafc33b808effba5536d800e253277c77600f0e9cb89d74f0a37fdcb91f13a33da4e7d0c5a0b002ee00fd04a3af52bd49897f410d5218c3ac4c32728f99dbb5897471c03c056c5c2093317637a03913b2e144d5886484e45277b60a75f5db36aeda5c5361c019340a73c0146556a59ed2c948a9b2197ca8ac3055ea2cfc9de372f53316db6b331bd687e55d1f39c9543811326848675895d81f41107567e7d462fb50f476efd2428499d67373d44447095ba"}]}}]}}]}}]}}, &(0x7f0000000ec0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x8, 0x4, 0x6, 0xff}, 0x4f, &(0x7f0000000040)={0x5, 0xf, 0x4f, 0x4, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x4, 0x80, 0x3f, 0x5, 0x7, 0x2}, @generic={0x31, 0x10, 0xb, "e09dae2ecc04f3f853329aa185932bf7866c166415ddff22b3d5678dc973057d8395cc26c481849e7a3d847ed8d6"}, @wireless={0xb, 0x10, 0x1, 0x8, 0x8, 0xf, 0x0, 0x9}]}, 0x4, [{0x30, &(0x7f0000000d40)=@string={0x30, 0x3, "016f87944146a84b492ca28a59391d9baa134422ab5d1a1431f6202490ecd70b0d7b9ca61990d52cccc327374053"}}, {0x4, &(0x7f0000000d80)=@lang_id={0x4, 0x3, 0xf4ff}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x1401}}, {0x9c, &(0x7f0000000e00)=@string={0x9c, 0x3, "fbcc7abc69588f11f649342a6244941081fdbf2bbd3f32fced664cff3668387f0c5e685128937c3c3200ce0f22f87bd77a7fc308b16be1d75577357ecfe0346408c9da71a80e76860f73d8a2d2818ccb9452b39af22c863e6d2b5f37baa617039cb93238820c9cbe05eb7af6ed7ecf8239bf62cc9ced61a96fed736397969c99c3d8e51e4248554c79d12eb26f5bc6bf674a9d38486421acb215"}}]})
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x0)

1m21.165384813s ago: executing program 4 (id=1171):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r1=>0x0})
r2 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socket(0x1e, 0x5, 0x6000)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000096, 0x0, 0x3}]})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000180)={[0xd, 0x7, 0x1, 0x5, 0x4, 0x8, 0x4, 0x1, 0x0, 0x6, 0x1, 0x9e08, 0x7fff, 0x401, 0x1, 0x9], 0x6000, 0x2080})
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"])
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000008001400200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r1], 0x50)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'}) (async)
openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
socket(0x1e, 0x5, 0x6000) (async)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) (async)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000096, 0x0, 0x3}]}) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0) (async)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000180)={[0xd, 0x7, 0x1, 0x5, 0x4, 0x8, 0x4, 0x1, 0x0, 0x6, 0x1, 0x9e08, 0x7fff, 0x401, 0x1, 0x9], 0x6000, 0x2080}) (async)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"]) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000008001400200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r1], 0x50) (async)

1m21.005439698s ago: executing program 4 (id=1172):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x6}}, 0x14}}, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
io_destroy(0x0)
preadv(r2, &(0x7f0000000cc0)=[{&(0x7f0000000b40)=""/50, 0x32}], 0x1, 0x40000004, 0x100)
r3 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r4 = dup2(r3, r3)
sendmsg$unix(r4, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000400)="b0a51c529379f346b80fd3bb56d1e7abcaa7d681136e9d", 0x17}, {&(0x7f0000000740)="169d1de13820c151f0a5bf447ff5798b64", 0x11}], 0x2, 0x0, 0x0, 0x10}, 0x20040854)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv4_newrule={0x48, 0x20, 0x301, 0x70bd26, 0x25dfdbfd, {0x2, 0x10, 0x20, 0xa6, 0x0, 0x0, 0x0, 0x0, 0x10008}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0xffffffffffffff00}, @FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8, 0x6, 0x66fc}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e23, 0x4e20}}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x9}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e23, 0x4e20}}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000000}, 0x48886)

1m21.004228432s ago: executing program 4 (id=1173):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r2=>0x0, @loopback, @multicast2}, &(0x7f00000000c0)=0xc)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000100)={'syztnl1\x00', <r3=>0x0, 0x7, 0x10, 0xfffffffc, 0x3, {{0x6, 0x4, 0x2, 0x3b, 0x18, 0x68, 0x0, 0xf7, 0x2f, 0x0, @remote, @remote, {[@end, @end]}}}}})
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x6c, r1, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010102}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x20048006)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), r0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000380)={&(0x7f0000000280), 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r4, 0x20, 0x70bd2c, 0x25dfdbfd, {{}, {}, {0xc, 0x14, 'syz1\x00'}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x24000040)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x78, r5, 0x4, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x5, 0x3e}}}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xb}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x90}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x8670509720a451e7}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x70, 0x0, 0x1, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'H.245\x00'}}, @CTA_SYNPROXY={0x3c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x3ff}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xffff}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x3ff}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x1}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x1}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x5}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000800}, 0x50)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000700)={'batadv_slave_1\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f00000008c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000880)={&(0x7f0000000740)=@ipv6_newroute={0x128, 0x18, 0x1, 0x70bd29, 0x25dfdbfb, {0xa, 0x20, 0x20, 0x80, 0xfe, 0x0, 0xfd, 0x1, 0x2900}, [@RTA_MULTIPATH={0xc, 0x9, {0xff0e, 0x1, 0x8, r9}}, @RTA_METRICS={0xbb, 0x8, 0x0, 0x1, "74c760912cd2fed9469019aa0fbcdfbd4c1714b33522e00ddd0a4f52eb123425c0ce30662b8a0fc4387e37c6ab9738ab868590e19e0cc55c26c6603dd88685e124893b74a9d2fc51423ed919de5bb52f68a3c07a91887d06402457a0315bbb6f69f596b0fde4b4ff2cfb3fbe32a2f91181668350d6caa365fd162eea139d8342690fdd63126f55f9c82e235eb4e24003bf8743c621b395c2e7daa0b9a456064d9085350f907ca2b1aa042d4b2435f72a02f1bce05afe2c"}, @RTA_GATEWAY={0x14, 0x5, @remote}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0x22}}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_TTL={0x5, 0x2, 0x3}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x3}, @RTA_PRIORITY={0x8, 0x6, 0x4}, @RTA_PRIORITY={0x8, 0x6, 0x4}]}, 0x128}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$TIPC_CMD_DISABLE_BEARER(r0, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x2c, r4, 0x0, 0x70bd27, 0x25dfdbff, {{}, {}, {0x10, 0x13, @l2={'ib', 0x3a, 'geneve1\x00'}}}, ["", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4c090)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000a40)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000c40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000a80)={0x15c, r5, 0x20, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x4, 0x13}}}}, [@NL80211_ATTR_QOS_MAP={0x2c, 0xc7, {[{}, {0x8, 0x7}, {0x40, 0x4}, {0x41, 0x5}, {0x3, 0x1}, {0x10, 0x3}, {0x0, 0x6}, {0x9, 0x5}, {0x3, 0x1}, {0x4, 0x4}, {0x0, 0x2}, {0x7, 0x7}, {0x7}, {0x5a, 0x1}, {0x3}, {0x12, 0x2}], "3c84b34551c680fc"}}, @NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0xa6, 0x3}], "b5b25e89f3a48bc6"}}, @NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x6, 0x6}, {0x0, 0x7}, {0x5, 0x2}, {0x6, 0x5}, {0x59, 0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x7e, 0x4}, {0x7}, {0x5, 0x7}, {0x8, 0x7}, {0x8}, {0x6, 0x2}, {0xfd, 0x5}, {0x8, 0x1}, {0x5}, {0x5, 0x5}, {0x22, 0x6}, {0x0, 0x4}], "7093cd5bcb8b7b5b"}}, @NL80211_ATTR_QOS_MAP={0x1c, 0xc7, {[{0x8, 0x4}, {0x1, 0x1}, {0x5, 0x5}, {0xb, 0x3}, {0xf9, 0x4}, {0xa, 0x2}, {0x9, 0x3}, {0x1, 0x3}], "9d515a6edc0a4ed4"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0xc3, 0x5}, {0x6, 0x4}, {0xf7, 0x1}, {0x8, 0x1}, {0x2, 0x3}, {0x5, 0x4}, {0x9, 0x7}, {0xd, 0x7}, {0x9, 0x6}, {0x9a, 0x6}, {0x8, 0x6}, {0x1, 0x1}, {0x8, 0x6}, {0x2, 0x2}, {0x7f, 0x4}, {0x9, 0x3}, {0x26, 0x5}, {0x3, 0x4}], "d9feb34e7caa7631"}}, @NL80211_ATTR_QOS_MAP={0x20, 0xc7, {[{0xf9, 0x6}, {0x7}, {0x2, 0x2}, {0x0, 0x3}, {0x9, 0x3}, {0x80, 0x5}, {0x6, 0x1}, {0x9f, 0x4}, {0x1c, 0x3}, {0x20, 0x6}], "5d9064ec5603e1ef"}}, @NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x4, 0x7}, {0x6}, {0x8, 0x7}, {0xf5}, {0x7, 0x2}, {0x8, 0x2}, {0x80, 0x1}, {0x4c, 0x2}, {0x5, 0x7}, {0x4, 0x6}, {0x8, 0x5}], "c27dcd55019b157e"}}, @NL80211_ATTR_QOS_MAP={0x12, 0xc7, {[{0xc, 0x2}, {0x2, 0x4}, {0x2, 0x6}], "2730b6ae48ef68db"}}, @NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x5, 0x5}, {0x3}, {0x0, 0x6}, {0x81, 0x4}, {0x50, 0x5}, {0x2, 0x3}, {0x10, 0x1}, {0x11}, {0x2, 0x3}], "160879a08bdf6aae"}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x48004}, 0x0)
r11 = syz_open_procfs(0x0, &(0x7f0000000d00)='net/snmp\x00')
r12 = getegid()
statx(0xffffffffffffffff, &(0x7f0000000d40)='./file0\x00', 0x1000, 0x1, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
mount$fuse(0x0, &(0x7f0000000c80)='./file0\x00', &(0x7f0000000cc0), 0x8000, &(0x7f0000000e80)={{'fd', 0x3d, r11}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, 0xee00}, 0x2c, {'group_id', 0x3d, r12}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x2}}, {@default_permissions}, {@default_permissions}, {@allow_other}, {@max_read={'max_read', 0x3d, 0xfdc}}, {@allow_other}, {@blksize}, {@default_permissions}, {@allow_other}], [{@euid_gt={'euid>', r13}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'syz1\x00'}}, {@subj_user={'subj_user', 0x3d, 'geneve1\x00'}}, {@subj_role={'subj_role', 0x3d, '^)/+[]'}}]}})
lstat(&(0x7f0000001000)='./file0\x00', &(0x7f0000001040))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r11, 0xc01864c6, &(0x7f0000001100)={&(0x7f00000010c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, 0x0, <r14=>0xffffffffffffffff})
sendmsg$nl_route(r14, &(0x7f0000001240)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001200)={&(0x7f0000001180)=@bridge_newneigh={0x6c, 0x1c, 0x200, 0x70bd27, 0x25dfdbfc, {0x7, 0x0, 0x0, r2, 0x20, 0x80, 0x9}, [@NDA_FLAGS_EXT={0x8}, @NDA_CACHEINFO={0x14, 0x3, {0xfffffffe, 0x0, 0x3, 0x6}}, @NDA_CACHEINFO={0x14, 0x3, {0x1, 0x2, 0x8, 0x8}}, @NDA_IFINDEX={0x8, 0x8, r9}, @NDA_NH_ID={0x8, 0xd, 0x1ff}, @NDA_LINK_NETNSID={0x8, 0xa, 0x1ff}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x8d0}, 0x0)
recvmsg$unix(r14, &(0x7f0000002740)={&(0x7f0000001280), 0x6e, &(0x7f0000002680)=[{&(0x7f0000001300)=""/204, 0xcc}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/153, 0x99}, {&(0x7f00000024c0)=""/253, 0xfd}, {&(0x7f00000025c0)=""/150, 0x96}], 0x5, &(0x7f0000002700)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r15=>0xffffffffffffffff, <r16=>0xffffffffffffffff]}}], 0x28}, 0x20)
sendmsg$TIPC_CMD_ENABLE_BEARER(r16, &(0x7f0000002840)={&(0x7f0000002780)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002800)={&(0x7f00000027c0)={0x34, r4, 0x2, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x10, 0x80000001, @udp='udp:syz2\x00'}}}, ["", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800)
r17 = openat$mice(0xffffffffffffff9c, &(0x7f0000002a80), 0x2400)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000002b40)={0xe, <r18=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0xf, 0x12, &(0x7f0000002880)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7}, [@jmp={0x5, 0x1, 0x7, 0x7, 0x0, 0xfffffffffffffff0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r16}}, @call={0x85, 0x0, 0x0, 0x33}]}, &(0x7f0000002940)='GPL\x00', 0x1, 0xdd, &(0x7f0000002980)=""/221, 0x41000, 0x20, '\x00', 0x0, @cgroup_device=0x6, r17, 0x8, &(0x7f0000002ac0)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000002b00)={0x4, 0xf, 0x5, 0xd9f}, 0x10, r18, r16, 0x6, &(0x7f0000002b80)=[r15, r14, r15, r11], &(0x7f0000002bc0)=[{0x2, 0x1, 0x9, 0x1}, {0x3, 0x3, 0x2, 0x2}, {0x5, 0x1, 0xf, 0x3}, {0x2, 0x2, 0xf, 0x6}, {0x3, 0x1, 0x6, 0xa}, {0x3, 0x4, 0x10, 0x1}], 0x10, 0x7, @void, @value}, 0x94)

1m20.884867754s ago: executing program 4 (id=1174):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c00000015000100000000000000000005000000040001"], 0x1c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x89901)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
close(0x5)
close(0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe0b, 0x0, 0x0, 0x0, 0x800000}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file0/file0\x00', 0x380)

1m20.785154173s ago: executing program 4 (id=1175):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$kcm(0x21, 0x2, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x110, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1d}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000a40)={{0x0, 0x5, 0x9, 0xf87, '\x00', 0x9}, 0x1, [0x0, 0xf0, 0x3, 0x1ff, 0x40, 0x6, 0x9, 0x4, 0x4, 0x0, 0xf2a, 0x10000, 0x7, 0x6, 0xfffffffffffffe1f, 0x7, 0xf0, 0x7, 0x53700000000000, 0x2, 0x5, 0xeb3a, 0x2, 0x0, 0x7fffffff, 0x4, 0x4, 0x100, 0x7, 0x79fa7ca4, 0x8, 0x4, 0x7fffffffffffffff, 0x4, 0x2, 0x100, 0x6, 0xff, 0xfffffffffffffff7, 0x4, 0x80000001, 0x5, 0x8000000000000000, 0x3, 0x9, 0x4800000000000, 0x9, 0x5, 0x60000000000000, 0x4, 0xa8, 0x1, 0xfffffffffffffffe, 0x4, 0xffffffffffffffff, 0x0, 0x7fffffffffffffff, 0x1, 0xa, 0x10000, 0x6000000000000, 0x40, 0x0, 0x100000001, 0xfffffffffffffffe, 0x987b, 0x1ff, 0x3, 0x1, 0x6, 0x3, 0x7, 0x8, 0xefe3, 0x1, 0x3, 0x0, 0x4, 0x1, 0x2, 0x5, 0x7, 0x40, 0xfd6, 0x5, 0x4, 0xe4c, 0x4, 0x7fffffffffffffff, 0x0, 0x6, 0x0, 0x0, 0x3, 0xb, 0x4, 0x2, 0xffffffffffff772e, 0x6, 0x10001, 0x9, 0x4, 0x1, 0x7fff, 0x4, 0x9, 0x40, 0xbb7, 0x10001, 0xee, 0x4, 0x8ef, 0xfffffffffffffffb, 0x835, 0x55e0, 0xfff, 0x4, 0x1, 0x81, 0x8, 0x0, 0x6, 0x8, 0xf9, 0x5, 0xffffffffffffffff, 0x8000, 0x9]})
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001714010025bd7000fedbff250900020073797a310000f3ff9301e267080005007369770014"], 0x38}, 0x1, 0x0, 0x0, 0xc080}, 0x20000010)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000006111c000000000006000000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000001c0)=@ipv4_delrule={0x24, 0x21, 0xb12becd5a2b54ddf, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x4}]}, 0x24}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r10, @ANYRESOCT=r7], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000001c0)='bbr\x00', 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r10}, &(0x7f0000000080), &(0x7f0000000300)=r11}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r11, 0x5, 0xe, 0x0, &(0x7f0000000000)="6121eed4cd50bb2b01e841acde1a", 0x0, 0x2a1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r5, 0x8983, &(0x7f0000000380))

1m20.505594204s ago: executing program 4 (id=1176):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2c0000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m20.46215508s ago: executing program 33 (id=1176):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2c0000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m12.356749767s ago: executing program 34 (id=1089):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000180)=ANY=[], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x400, 0x2}, &(0x7f0000002000)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
r4 = io_uring_setup(0x669, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r5)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x40, 0x0, 0xffffffffffffffff, &(0x7f0000001000)={0xd0000011}, r4, 0x3, 0x0, 0x1, {0x0, r5}})
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x1ae)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x20)
mkdir(&(0x7f0000000040)='./bus\x00', 0x50)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000f40)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg$unix(r9, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)=',', 0x1}], 0x1, 0x0, 0x0, 0x4000}, 0xc841)
close(r9)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121042, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r7}})
splice(r6, 0x0, r10, 0x0, 0x2, 0x0)
syz_usb_connect(0x5, 0xc3e, &(0x7f0000000100)={{0x12, 0x1, 0x310, 0x66, 0x97, 0xe, 0x40, 0x7b8, 0x7610, 0x8204, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc2c, 0x3, 0x3, 0x92, 0x40, 0xe1, [{{0x9, 0x4, 0x37, 0x1, 0x10, 0x33, 0x59, 0xc1, 0x1, [], [{{0x9, 0x5, 0x7, 0x8, 0x200, 0x0, 0x1, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0xc3, 0x2, 0x4}]}}, {{0x9, 0x5, 0x9, 0x4, 0x200, 0x3, 0x5, 0x10}}, {{0x9, 0x5, 0xe, 0x0, 0x8, 0x0, 0x1, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x7f, 0xa}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x1, 0x3}]}}, {{0x9, 0x5, 0x0, 0x10, 0x3ff, 0xf8, 0x1, 0x3, [@generic={0xa9, 0x8, "bc3c2e6cb6a40b4987a69c65a5cc9742fcb30de7b71dd3849eb8218d4657edcc1541c193156a58bd264f28dad2a6ce5473e6074eeb92f26b2169a14a1df1dcac281b2e34a1b36b29ba22b2cbc71643e74783c629c86b044e0bec7fa496fc0ae4fbb8dd8e6fb5645c4f42f1db21e1b6332c745155851bd8e9fbb389bb84c2ffe3ef0d9b4ffc7ecfceb7dc4cc67929f27ed6abf732bece360bb135fa93ba1a640026c16fc30db50d"}, @generic={0xf0, 0x11, "a90c46b0887254f8b3eb5633e5d3d580a95c4ccb3cf3b6c1870f191d83e1bf8f977e46846bbbcb30be1bdf197af00439f5990df4536a134a4460899334e37d94b7d8fd4a427b35d19195f2f70abb5b6ed98974dc6d13c7815ed8aad857fc09cc7c129b05d397c2cd9d3597fe161fd81572e420c788a3d691ceba834db52f741aef9e3a1f8dbad2f1f8fc2ea81143bba5eb8da53372be1d72eef9ec3b6409e207b59a511ca70d7d33e8fdf6bd1f0a5da1711aabf83125397db53427b1c644f23ee8c8a705036e9dcef38306a613938431c5a26949a8824b6add5e2bed13da058465d235875f79459f412cc03e0a00"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x3ff, 0x1, 0x2, 0x1}}, {{0x9, 0x5, 0x2, 0x8, 0x200, 0x7, 0x6, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x102, 0x4, 0x4bc2}, @generic={0xe8, 0x9, "6ef28d9508b751577186020dfa513d5ad5a56faf6328ccbe8399fbc495d59ff63e328bfec8bf52b97130778f6d2aa644d94e93d00567dac6ac16de0fb1bb6a49ed72c901cc1f41c4792e7b63c9b8ce14d9e5e22fddb8d9eb19c3f1c9bdd24b19c7ba8e9a5b63eca19f9e252892b04ff8bd1b6d55b4f71d31be542a8a3a1a6dc65af543ace078ba62d9a5aca9b7343b75b78c47ff750b04b7b2ad8001692813e46f5a64df8c0521441e73c27a951596b7c4f166eabb2957f6147db6c4373b52f7e049b9a5323e05037cd5897947a4bbf29766530b0340d7be839837047ad72be7930adfb4207f"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x200, 0x3, 0x4, 0x1}}, {{0x9, 0x5, 0xc, 0x3, 0x400, 0x10, 0x5, 0x1}}, {{0x9, 0x5, 0x5, 0x8, 0x20, 0xe, 0xa, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xba, 0x8}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x0, 0x4}]}}, {{0x9, 0x5, 0x0, 0x0, 0x8, 0xf9, 0x7, 0x7}}, {{0x9, 0x5, 0xd, 0x2, 0x3ff, 0xff, 0xc, 0x43, [@generic={0xbe, 0x21, "9da877a646cc6d5021fe9662c2b6391ebbacba4f146cf91917b0001c95dedd24bcc7a5d821ea644f5fb9c5c236c91f3fd222caf026d0f592401ede465b2356cdbe64f41dca29bfca1dbe20b7d22c38a2b408cfa4093e93e9bc52af8b6bbb580e3d750d1e7220a08cbce3215a3308fe66ceca8618d0180ca204d5387b36fc6bfaae7962b25a024a3ec40a2d4a48173cea50d5bd6dc1c3b18ab275d02a033b17c1cb2e7e3ad725b3a535de81154ed7f7680c39d3025f2d69186d795cdf"}]}}, {{0x9, 0x5, 0x0, 0x1, 0x20, 0xe, 0x8, 0x6}}, {{0x9, 0x5, 0x80, 0x3, 0x8, 0x6, 0x0, 0x0, [@generic={0x2e, 0x1, "8858f10bfee8ad8ecac91498ea8a2a9346df563b3d6a07cf5d16bc70f4916d015a07ac84ea370260db61b06b"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x60, 0x1}]}}, {{0x9, 0x5, 0x8, 0x1, 0x10, 0x3, 0x6, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x6}]}}, {{0x9, 0x5, 0xf, 0x4, 0x40, 0xfd}}, {{0x9, 0x5, 0x3, 0x18, 0x20, 0x1, 0x9, 0x3f, [@generic={0xcd, 0x21, "8bb10e1a39b4709238caaff0461fe321456d0c002e5ce874d30f8fe3b76ff6f6035647029a07814e8d0855289e6229bf6df5be1a5d3649647986ae86b031229af1173bfddb23016731fde3d1332e54b311050d476a53e7b827c0eb4b861fc812e6f2db7b85cf945ab17b06533979527f55c493298a3b19cd530cd376022655e46d590ba3572c995887392e02450741ffaf8dbda5fa75af9ded85a21b0f64a95ef318b3f36214bd2fa5033f847d0d2fe4ea52eaef630b39ff84bd1eeef548649b7762ac49a4c9ac36848b08"}]}}]}}, {{0x9, 0x4, 0x3b, 0x3, 0x9, 0x99, 0x57, 0x95, 0x4d, [@generic={0x101, 0x30, "fbfd98cb48f476ea654a841948c69a83559aa19c7dea2954eb5b8f6e65995b7affcac53d2a4db5b7e7bd3d0b116477787ac08312c62c3170b9dfb22fd0b2b90e5e45fd13cbfa793a25753d2e6db6403c60cfa2562c1f066e63926f54ec8476a4c3c15973e426c1cecca9296c30e03c17e3bbca422334252321f05dda588a666e33bc5c6d1dd69a4ae0695f520ad5cd73b7405c935553a6ba5602949e64b2e32d24cc3cb96241cc3aedcff8839fe93683d596f240fe5f5bc4b1f440fbbe0002223488258802f67115155aa625e3ccb1e2ccfdd7df298ce56d06195685011d743b1273ac59fa64be406cf8b60a606199d1f8591a8411bdacd3da4b412f9500a4"}], [{{0x9, 0x5, 0x80, 0x0, 0x20, 0x2, 0x81, 0x9}}, {{0x9, 0x5, 0x3, 0x10, 0x3ff, 0xc, 0x80, 0x81}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x0, 0x4, 0x1}}, {{0x9, 0x5, 0xe, 0x0, 0x40, 0x2, 0x3, 0x2}}, {{0x9, 0x5, 0x80, 0x4, 0x400, 0x2, 0x1, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x81}]}}, {{0x9, 0x5, 0x3, 0x3, 0x10, 0x5, 0x6, 0xf8, [@generic={0xb3, 0x4, "e7bb4af474700e22bf83fb073521abb3610b9447032b18a3df64c2caac80103d36418f1e47235c21baa2aec5045a618dfbf25831881cca19ffac826709e6290aaf4174a83fffe12cdf194d14754fef1323d5c893e427b6c2eaf5a6b7183fe7e05b0bde3b5cae6eef74fd4e291e1ee46e7de7864bb4db19a8509193dffb79889ff32054b8ad215ab476680e13b6227041665706b4891b8ef262500025e6e62ad7b77f542566c17742072d36757143966add"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0xcf, 0x88}]}}, {{0x9, 0x5, 0x3, 0x4, 0x8, 0x9, 0x10, 0x4, [@generic={0x6e, 0x23, "25e1f897a1ac337240bf09001d5fe92b62301155723bd79bdace597e149ef7994fd5ff33915912cc801a77a6619146a96c9fed5b5a40f77826184cf0db597fbf5d366656691132f36a5a0ecbd8a965285ba772a649a3439810d0894a72877c26deb0a0c363c8e62b2de3c999"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x7f}]}}, {{0x9, 0x5, 0x4, 0x4, 0x0, 0x22, 0x2, 0x7, [@generic={0x21, 0x6, "6aa0b5881764f6fca9ed3ed7a0aec77e50a9bb08363135bd149d0cd1da19ce"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x8, 0xf, 0x7, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x1, 0x421a}]}}]}}, {{0x9, 0x4, 0xca, 0x5, 0xc, 0xa0, 0xcb, 0xdf, 0x5, [@generic={0x14, 0x11, "7dc4399ee10fe0b864fc919a0e85a7c25dc3"}, @cdc_ecm={{0x5}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0xa7d, 0xffff, 0x30, 0x4}, [@acm={0x4, 0x24, 0x2, 0xc}]}], [{{0x9, 0x5, 0x9, 0x4, 0x200, 0x7, 0x5c, 0xfa, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x88, 0x6}]}}, {{0x9, 0x5, 0x6, 0x0, 0x400, 0x8, 0x5a, 0x7c, [@generic={0x102, 0xb, "a301c196557e978f919c64410f711ac30bfc45d767f7be289985922ff1e90d6f93bbcad7a3c1025aa399b02b48d2a38c8006ed9502b63aaad4c2f0c2d194190f67c3f175548da58b1a7809c03bf8e7f1a8727c124a80551a2a19ec8f4ee39014c432f2f92254379341367ef4fafd3ef5205994df05d422caa05cd257c801b3db2024e50641463abcd673a10580caeea5184536de1d1c23d339d8eded441222e8776ea1f9a1dd20b7744441fd9043b7a20680030634e8f8fa5d965be85e1e39cf50e9d054c49756ea0d5e3395f87a122f4b4a0ec9664824cdaf40c2edab766470141ad4754184ef9ea32d1d4afae219513ac0bd4913c1f6afa265c80c3833f03e"}]}}, {{0x9, 0x5, 0x9, 0x10, 0x400, 0x9, 0x5, 0xe, [@generic={0xdd, 0xa, "087192b9d3085937f5b579d092d4d0bfc7e8805c18e3951560bf6c56f032eb27e7be7a8258e60771b9f4a436619350aa3f7e5096f4c2828b4ab155356c2f728589e8e25da48d0942d300026f304f4c2a98eb6422906c4e4c36638d37a4550c27b2e6bbda846a45774cc6e536dc0f185a7486b0fa1d1afe5941c3f4b0d2e31b531c763d4d6f35f5b75da76a7739d89daf6c7a547d55831560bc6b31799309e33e1d452205c0ed64238b2a62559d3d5cf35a6ddbef1f404870934b8d4e8a7bdd7bd4f23405a7aedda95c22be219705d164e1ecfff1ff056bf672b0b4"}]}}, {{0x9, 0x5, 0x3, 0x10, 0x60, 0x0, 0x8, 0x7, [@generic={0x21, 0x23, "4a22895db03c4f54b3a1cc36889b340a2efe3e5a86e4b9c8ba1bc470e75f27"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x1, 0x1}]}}, {{0x9, 0x5, 0xc, 0x0, 0x8, 0x2d, 0x0, 0x9}}, {{0x9, 0x5, 0x5, 0x3, 0x10, 0x0, 0xff, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x23, 0x1ff}]}}, {{0x9, 0x5, 0x9, 0x17, 0x20, 0xa4, 0x3c, 0xea, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x10, 0x9}]}}, {{0x9, 0x5, 0x0, 0x1, 0x10, 0x6, 0xa8, 0x0, [@generic={0x29, 0x31, "6c932f7e49cb6c36dbc3f75d12bf18498ebb686eee676c8340c98e891571eadff87e4bd76ff70b"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x8, 0xf2, 0x1, 0x40}}, {{0x9, 0x5, 0x6, 0x10, 0x20, 0x2, 0x80, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x1}]}}, {{0x9, 0x5, 0x80, 0xe, 0x40, 0x2, 0x0, 0x2, [@generic={0x73, 0xa, "8e21c1f87d676b5c1f314a07422e436c53e8231e799b06bfb8ea82604144a3b68541fd33855372cdad7eb5b17c4e338cb34948a2f9240ce0c5dd5dd33cb84e95029ecc64de33f23dfe63be0c1d74cff99257b0b403072d43432d33bb1eaa5cc49f5f6be06ba53abc1c3a07af536e405249"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x3}]}}, {{0x9, 0x5, 0x3, 0x0, 0x20, 0x6, 0x6, 0x1, [@generic={0xee, 0xe, "9daff48de226faf22b2ff8486f147b5059817dfc17cdd6329470c33121e44e44ac9062f0fc1da103e22a4748d1e29e2cbfefb259e7804c3ba4d8cafc33b808effba5536d800e253277c77600f0e9cb89d74f0a37fdcb91f13a33da4e7d0c5a0b002ee00fd04a3af52bd49897f410d5218c3ac4c32728f99dbb5897471c03c056c5c2093317637a03913b2e144d5886484e45277b60a75f5db36aeda5c5361c019340a73c0146556a59ed2c948a9b2197ca8ac3055ea2cfc9de372f53316db6b331bd687e55d1f39c9543811326848675895d81f41107567e7d462fb50f476efd2428499d67373d44447095ba"}]}}]}}]}}]}}, &(0x7f0000000ec0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x8, 0x4, 0x6, 0xff}, 0x4f, &(0x7f0000000040)={0x5, 0xf, 0x4f, 0x4, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x4, 0x80, 0x3f, 0x5, 0x7, 0x2}, @generic={0x31, 0x10, 0xb, "e09dae2ecc04f3f853329aa185932bf7866c166415ddff22b3d5678dc973057d8395cc26c481849e7a3d847ed8d6"}, @wireless={0xb, 0x10, 0x1, 0x8, 0x8, 0xf, 0x0, 0x9}]}, 0x4, [{0x30, &(0x7f0000000d40)=@string={0x30, 0x3, "016f87944146a84b492ca28a59391d9baa134422ab5d1a1431f6202490ecd70b0d7b9ca61990d52cccc327374053"}}, {0x4, &(0x7f0000000d80)=@lang_id={0x4, 0x3, 0xf4ff}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x1401}}, {0x9c, &(0x7f0000000e00)=@string={0x9c, 0x3, "fbcc7abc69588f11f649342a6244941081fdbf2bbd3f32fced664cff3668387f0c5e685128937c3c3200ce0f22f87bd77a7fc308b16be1d75577357ecfe0346408c9da71a80e76860f73d8a2d2818ccb9452b39af22c863e6d2b5f37baa617039cb93238820c9cbe05eb7af6ed7ecf8239bf62cc9ced61a96fed736397969c99c3d8e51e4248554c79d12eb26f5bc6bf674a9d38486421acb215"}}]})
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x0)

1.369924938s ago: executing program 6 (id=2483):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010000000000000000000100000004000480080002000100000008000b"], 0x28}}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f00000002c0)={0x7, 0x1, 0x1, 0xc06, 0x4, 0x3})

1.369219777s ago: executing program 6 (id=2485):
openat$autofs(0xffffffffffffff9c, 0x0, 0x40100, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
mkdir(0x0, 0x0)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x58595556}})
openat$kvm(0xffffffffffffff9c, 0x0, 0x600980, 0x0)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r6, 0x113, 0x3, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x891c, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000440)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff0100000000000000000000000000010000010000000000000000000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000400060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a814ac82b6ed419542753930f2970861c7fe0825918b8fec302aea776b53f721db51ce4feac82486755aa9fd388b10be1beef3dcabb8d936a569dcbb85785f7133f419e230f01103d0194bedcead9c400000000"], 0x310)
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x8e, 0x6a, 0xd, 0x10, 0x1c04, 0x15, 0xf269, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x72, 0xf, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
r9 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x402)
ioctl$VIDIOC_QUERYSTD(r9, 0x8008563f, &(0x7f0000000400))
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000100), 0x9)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)

1.149543665s ago: executing program 5 (id=2495):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7ff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x811}, 0x80)
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40011}, 0x40000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f00000002c0)={0x7, 0x1, 0x1, 0xc06, 0x4, 0x3})

1.074452182s ago: executing program 5 (id=2498):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0xfff2}, {0x2, 0xfffc}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44045}, 0xc090) (async, rerun: 32)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000015225bb0000000027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000) (rerun: 32)

993.390729ms ago: executing program 5 (id=2499):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000010850007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

992.473075ms ago: executing program 5 (id=2501):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18, 0x0, 0x0, {0xa9}}, 0x18)
write$FUSE_INIT(r4, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x21, 0x1000, 0x14210000, 0x81, 0x1005, 0x0, 0xc, 0x0, 0x0, 0x80}}, 0x50)
r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100), 0x40001, 0x0)
ioctl$IOCTL_START_ACCEL_DEV(r5, 0x40096102, &(0x7f00000004c0)={{}, 0x92})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB='\x00\x00'])

824.390006ms ago: executing program 5 (id=2505):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x2, 0x48e40)
ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000040))
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
writev(r0, &(0x7f0000001140)=[{&(0x7f0000000080)="722b368cb9b21bb1dc09f0c2629ad84193a7049955d4223d4a29d01d84e98b0994fcfeb7e5eb3bb4dd5c191579043f23c6908d892d29bf6e2b09632972494472bbc1659c6e89164658fc3278063ab45e3bcf86f7b3e6a9550930469eba77eae9a3055b73c5450c18bd0a", 0x6a}, {&(0x7f0000000100)="af7747cc7b590736f21d4cb99b1f12340f3d0442c324e8b18c7b65e2a1202f311241dc4bf1e8c93116833eac17e5b8ce4f1b8a86131792ad210ef26f153f03236adae11e3b44bd6c99e0c7ca1bce439f8ba613a79e8923fabcc685ce4242797b7d24c8ef3279679f27f606acfde19c49f9f6a6a1e5139cc30397615bb9104dde6aa96ea5b467b030e25e68e5f69c0e50a421a49f2f75d3725b5dd8c975d020b9cdebef9aabd4568080d15b545e40282566958663455e726ce9bd846130edb42a545ed733dc85b35997601a5c2e55ac1cf2bff6f128b2f0a562ed5bee778987da208530441824ac55e6f7b8d1fd920560f8c783479449ec712c87e581850a681902cb40a703a0ea7f6b08489c0e7f7e98ff4398e0e1f9ca38fa185007cb57000808d87afd49610472d3764169aea9209c68267cb875616c9bf726d96bd51226fecc5fc5a5ea9f6a11271d85d113488b6dd255dac0eccb2b2b85a261fec7e11a02f1d48690942f528d153ffdc65468e68e318d9883eb94081d15bcfc085cc2b73d3f0a8a329ecab3c6d470c860aedea1850f6e491ab19c07dfc2e4be66a3245843011ba35b467365bd69622a17a272a52b737fd4469cd208acd790e9568b3de8e135d72045fa9f32f20ba43ae94663fb4a1646c8ba61363ae121dd7bfc1d4bf14e6a27d0cea92323c197e3c8278fa4453cd48bf75b7aa4dd5f7098d4c1c2bff4a0393a5b2b4b2d9ec09369d20e51a38f51a40b5f3ca5bb86d6ba20e5a4b623f982d8220a286d6b26f4f86844596af5c9494c7b943c63e6cf8e881acf3d9c26b05a50c6624c3f6d1553444c2f0ab173cc9ee8b502cb005e65af1e3fdb908b025c3be41a215619f3021e48d25cfc1eda162940f51749b47de1df087a219ee7849af9cf0dd98a6cb4c61fa1546814ee15910758c9919d493177d5d4c6dfdd9fb2020b60f18d845e6f08a0bf8aaeda35e7c3e4e914c341e56a6e2284ee306c591bee22503c6e06c0047130a2dd3de7372887e1d7db7906589763358a6d00f3f9934166f484eb7d2211661d408ac372992c9b956f0ec7ff447c957e1f6fac3ef8b05d1228c326a330d0245d31cced3301ebe55b36bf9da089bd99887d18ca03fc05cde4b07c3e3bc158151d36d57c13f9623fec41cf1432db5d1089e15457bce3f2d0eace7cbfac600f3cb68640ebcccfa287a822d40ef6952bde41da2aceb515198dce6a285c056bebddd1b766dce90f0a9b5c7e7dfa034fe32cfc3699d928531fe21f02bbf261aab8f0b45649e4d048072002204cc64febd950be457bbf3d2615135d661e6e7b3db4429ef25a98f2252a1fd4613bb179508a9a8e43218976bb4feab4b86fa5577137f7836281b585d53faa20afe9c05a9ac92187ec9fe699a9ef65c6ec620e18d00c5d37a653cdafd29b1851d43d9e9d192af12901fef06796f26f9cb1126a0d73aa3afee149874fb19ddcd191fc0ac275397dfced1a237971e9cc1b3356059840bcb0a52cb8011166f850e42a78379f71fc3a36fbb2d29a5eeab0aa13119ebe56fe1fa76caa7be660282ea475c6d839513e6ead4e5a02ae8cc442c0e37dff592334ec72aaad392058a56b31d9c96502c1f2c198f19d0b920d098c737f88a5686e76d725657af3441d1d682f9a97f856487a4778cf258781f6f86271c9829906bc002c950b758671b1f3b4fb1268e96fdaa36361deceea23f5826604ef8391ca6d52a8e360a01da750d2792baad0b959d5521700fd84209c096f387a2d89732c0f61e8c3db55b4d5ae3af6be8f7d00584948e231fe86306c61d4a6794262c2fd0c22cbb1b3afd8264e5ad659b174534f78e1ccbfed12b6e06ba0bf2d0d0003cac7e7691fda2b015ba1f8cba4f7ad5d5d2fa3f13b122dacfba4a75f456816f659b1d8197ac0be256bc6fa8020b9da11e23bec7d3e1719e87397be3b57679b69090a759ba0793b8d0399721f7880801e8917bdbc6a8a75b0362626891bad1805275bd60ff86d6eb005f54df5ce4293bb81c57fffb979bc36d636ed0737ac594459658430cdb9bbf257247ea18446d7782f319b4107bfd92b9b8b3ec11e246f6e545ab7741bc8bbb7fa2d90dee481ea86e1ae9a4fdf7c3ac870c633f27be69d316312c5076d4ae25468a42a7258c6f4d85e055f1f2e3e9a93daeac2985cdcfef93e0c8ce6d48b9678569780a908b4f3db1287a7b00ed23d259475390f8fc957ccc5876f642e41a2978b1f15c06f16cd5b9e93e96e56bfc0c4aa4a07bfb80705c52d6a8cda988ee0dc7f96bdf8348207b30f84a2021a79b126bc5d3697313323e8848d75ea5e879e689a11738fcd53715edf42877289ba9db4feed668d52cf86195e45c862e9228c86162e760ab494e4b77723950c0bab40090fefa6f708e0e1521280e4276c63f5a297ff65927dfe84939597d4317e27bb697f1b663f840246319c631e0eebb4f9f98440f6709be789722f461c5066b8d34ec403ba045e6d2752f55786bfb45a6f7fe58e2f628c13dff379de593ed693d1644b61069c3bda60fa955f32f42aa4c40c44cd9ebdaac5c56ed3e170eec5a376ba6ed9fe85998b45bd4865308a11aeefe47666ef64b95f83b0a1179e7062b2613fa1fb578fedf989fa6bff7cac4aab739673e540c54f36075e0f754cbdd81ebf4d3d533d363b964405bf324f54b5ca52d77516339049a6867260655a35d8713e7fd33ad0a09cce573c25c7aca74cb4bbf855f7b90b84ff2ce4480137037516cf882abe8dbb73ca8a3e69503c10cdcad0abcf0a70c6b0e3f2c48dfefd233f854c6939553bbcf919688d9e0b3374abbab5bf02f13bdfc00520cf48591f889860652f20abca121eb3edb0cd055615bed469d84312f88947f228a81874573f39709046b6d395670ee6573859fd0e26f791862888c9028be213528f2c30a13ab403cf6097838fbce11a331ac98b558bb6805a70e7feb8e2068312266be2b50f064c7660aba9596b4b5690e7c3671f0cba4407cae3cc6eb056e1d1e700ca1eaaebe53e4e80357d9da24d2f456a9b5c21496f9715e5befd45ea2e71578d66e35d26f3f0e64dae25c35aa0724cf9d0ca88767b08ca9ee9fa40b66a29f5cf0f3602670d7966435cb6711289c55a4ed4dccf9156f24e1fe8b7c13e7b7d9ac20c52578a7ff08c0806a1a1f9d3cc765103e95cabdeede67aade408106b7848d0257dbc2f486eb4ac697e8daf461e7e1511bc08ab25e77c5d97b57ea7036b64d3631262c0fede79c8ea09016a28443a28fd9cc3a32e1328461b651266937aeccf2d2f8d4eb3fa0544ee08878d2844eef24a3e8cefadfd54a18df32ba46b8c6261e5dbbb438ace1f74a20216502dd6077df2a2696976cb5ceedb0ce57e2a4a0ac51da5f59f8ba8522bea68aa8ab7db664733bf484fb0f1831c1ff3286268bc0327da8922c4c02905efe34396d12fecbabdbdf1f40c16d7664d3d13df22dd51146398402c3bd7baaac6f678e8393f6594f44bbb80addaa3ed4c842206a71ae7d4d09b92b5ed50a330a25c1ef25783803dcc12600821dc5665a33c96eb4880462cdcab38c1cde95dc1214b4e81d667a79e0f7dcdca71eb41c4ab6574028ddc2a66804c14311f7aad113aeb5229493242d4b51074df2c91a9ad8338b1bae55cecd1392621db49ef984d7d81d85e2cce2118f702a2da470372fdf77fcec88dadf88d4811d2d7ed54dc1eff6ba012de911c5a68b8fb9a90ad6312316c2c490878d6ef7cd431dbdafabc812f84431bccd562a307d3449d8625b4311b2e754bbddd460797e86d744c1e118806acdbd5439683858f7c6640a31f311103a7c64a1ae356589c72ccf74083768310a6a85e35b3c4147b82a4fa7142a29e7634a6cfc90a27655f13f6a765eb292422ca21c454d76052702dbddc24846689ef9fa20821c9da0da4b06f86fb11c3a413c8fff08cbbcd40fca634ae3cd6b4fcaa1b8b04ec005d77ad467f34d8ea52852162d6878c5336783b5c1ca68812c9cdf9f1ad91a5c6cc05e10767fe5f1c1db2b425daab8eb1d33dd42282ccb936d612fa628ae8caa416f23e75bfd123b5b71f66750d7e0fab2c0d9e041a7dfdd4d03ab5b4e947154af6efbe7a1abb986e262bfd3b6e96714cb3feec1898d50aee22029d9597a9ae47c232d137609250812bf91f24b6027402cc3852d5755d214a72b216fad78040d0f9e46b6b38a9ca723ea5b406bd1677f1ead44a3fdc366d0ce0655f1c8c26887fbd8932207844861a95ce89dfde3186a5716f981f5c4557566e464315f3842d10db872cfa4f819d4e8a556d323674380d8397cb96a47c9cd37810e127a722cdddcf31d93dd26f86f7807af22303c444519552c268c62c0f7bd79e0943687ea174270714ce120af72c426b2a18e4041425049917411089dab681c0ee4a11222bd4ddafe90ce350b617f8f75d48e461507142266f0b4030bd657a6384da789b5a3912ad5ab33639f8abe60b2508de3279571fab00325a464c421caa64aef553f35e1eed250df4e1c4a23ba08475f4c377cf5fba357312a895c37e2279eeed43b06c8f144a24ad63b1fe68711db60cb6115c2a619d6605c8572d847012e050c68f4ee067a97b1ab7302a8d0fe9a23859fbeb23c55d76beff6a3b4bb0fdfe2a9b0eccad09570693a96469df75f21feb361ab0956a04923af2a1ce5f8efc337d50578f65200a988ee5ff135788b78985ddd591f24bb47d3743b22896f6af99f3cdcf6cb7f565b9102c1838a0fa682b08bc5502c69834d1aa368f5db5320bcd2105ceef33a94986c70b9a9d5a9589ee3a9dddf815da551dbb20266a13a213e94dd062ade8ef6cee40181b0fea9bc55b6104ee91b24e0a775abe4cc178e0fdd39983f9465c00b36830b9636af4d0cf3e598304c79bf30fa7daad189bb436030e5ebe678ec19e2ff545365e4de3e598866dfcefdd7a2e1965a2aa3782391d2607fd2200084ce8dcb7229d377e5981ab8077c212434ccd80415024a5532d2aa5804be6a0bd1ef4fcbd080f8095346bd5b3019e9edb05ffdfcd63b5f4d71bf56fc99f2b06139400d53c3c0564e0741394ba4af4424263af5fe6cefcf2e078b6a543b00e5d921b246b2cc2be5e47f720d58dcb797341db4f14c2fe6883877fe3105baf35cd3189f3928353478519b3226541415a135187fe3fee0364de12ae3cbd3110087aad2aee17288d4118a7e506c616ad9222f8ffab58331b4f94f3adf4df2eda03791598c61c1c8151eb8e2da2f9e1d8aea9fedf7341c3f10b6fe52be31be1618558e27684fff3f890c51093127fe770af30a9b431a96f25029bd8b068bf1021c735018ad5e2509f9b551e8d5f26053977791fb34d1a36fe6fe05428bd2fa0d46b20313072db742215c7e1f4b1a09943c3b6ff7753680e669ed3ffb8ad5ac2f7b20b2def50248c3015b45d4938ab7c7fb08831753267da059433e95086f4e580d94222a90c2b799dff267ff06259dd9cabf98057789b2a2b2cf9a9f8f41f0029da46204a3356a76b63d162fc7102fb92cae5629b8e86cc76f416e4a7b055e29298e978719197cdd40377369b65c6420ee59a6df8de6c4f6c406aaf9e94a0b9e47cfed9ed65646860338834ed161fe8eb30053fadcc97c75310afa0c1386f1ae7a69edda729fa09ce8ba8ca7bb4d2567e3f7e6dbccca2bb141efbd8b3a6fbcdb8d25c1898211fe9884111867376c321150f59e750944c3c0feb5dcdff8a32bf8933bdd62066b54bf061d9d425f8fc8924d832bc243f19b5223ab17c18f8c0fe57ab51789da748ae44c4ecb6e45034c7bee68f", 0x1000}, {&(0x7f0000001100)="b5c7366797ed7b6f3f", 0x9}], 0x3)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000001180))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000011c0), 0x200, 0x0)
getpeername$inet(r1, &(0x7f0000001200), &(0x7f0000001240)=0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001280), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_REMOVE(r4, &(0x7f00000013c0)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001380)={&(0x7f0000001300)={0x50, r3, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xd7}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x10}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x9}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x4050)
r5 = syz_open_dev$hiddev(&(0x7f0000001400), 0xfb, 0x101000)
ioctl$HIDIOCSREPORT(r5, 0x400c4808, &(0x7f0000001440)={0x2, 0x0, 0x7fffffff})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001600)={'ip6_vti0\x00', &(0x7f0000001580)={'ip6_vti0\x00', <r6=>0x0, 0x4, 0x8, 0x7, 0x7, 0x4, @loopback, @loopback, 0x700, 0x80, 0xc, 0x9}})
r7 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000016c0), 0x2040c0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001780)={0x6, 0x4, &(0x7f0000001480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@jmp={0x5, 0x0, 0x7, 0xa, 0xa, 0x20}]}, &(0x7f00000014c0)='GPL\x00', 0x80000000, 0x4a, &(0x7f0000001500)=""/74, 0x40f00, 0x12, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001640)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000001680)={0x1, 0x3, 0xfffffff8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001700)=[r0, r7], &(0x7f0000001740)=[{0x4, 0x4, 0xc, 0x1}], 0x10, 0x2, @void, @value}, 0x94)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r7, 0x80984120, &(0x7f0000001840))
ioctl$SNDRV_PCM_IOCTL_USER_PVERSION(r7, 0x40044104, &(0x7f0000001900)=0x2)
getsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f0000001940), &(0x7f0000001980)=0x4)
getsockopt$CAN_RAW_LOOPBACK(r7, 0x65, 0x3, &(0x7f00000019c0), &(0x7f0000001a00)=0x4)
r8 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000ffa000/0x3000)=nil, r8, 0x0, 0x4000010, r9, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000001a40)={<r10=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f0000001a80)={0x7, [0x0, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000001ac0)=0x20)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000001b00)={r11, @in6={{0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x29}, 0x8}}}, &(0x7f0000001bc0)=0x84)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000001c00), 0x1, 0x0)
sendmsg$SOCK_DESTROY(r10, &(0x7f0000001ec0)={&(0x7f0000001c40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001e80)={&(0x7f0000001c80)={0x200, 0x15, 0x800, 0x70bd29, 0x25dfdbfb, {0x1d, 0x7}, [@INET_DIAG_REQ_BYTECODE={0x101, 0x1, "7dd6d990d6e6f70ca5323d6fb2c50dbf2dc8a8f68970d41ff6f70c27c09c21a0233c88fdcbe1342a66c5426d7c898f07a56e781e8c4bd969ddce9fdb78a6192c7e4c1b9fa4dccbbef4309044e3abb34d1664507cfe493b965c535dbf6ece40870014d48d9512f8de9ce2bc089f61dde83d0716b085b4a30d6f0ed067cb2b49b8b8d3e468d8c1a32d6a32f9d8a903f086443d6ff7b7271699ab66164d11dd26d8c65038a0771e9b4ce22fde71ec455c627d54cddfe243821b4c025c632cd7b920d70e6999d7b3766a4ad9e4c013e95f76c944bd8a0b12ff749237eeb771ba0d6fcc8143505a971cab4b59232785298d3930722d0c07577b9f484e16d35f"}, @INET_DIAG_REQ_BYTECODE={0x48, 0x1, "fdf40ea98f703bdb41b7407e8df5afd604528f718d6444be27e628a8ed065e0b68f675fb3ab8f902ac15e8655340d3ffef0ddec3faa1ccae1ea52a300a70e42ed2a33ccb"}, @INET_DIAG_REQ_BYTECODE={0x9f, 0x1, "4b7d99a5c81d4955d823f07fa839142d6fc7350fc2a832b93e0e841b2e0d5099f783cc2f6143971d5f232e2c2145ec5a4db3e9d4d56e15e878185095aa19554b70c29c7cc53d7698fadafbf6eac8a3c059a9c1709df4b3e8205c007c2ef378af3541f8a0a86c6d29c61bab5ff529a4091e52956870555c7e07f83d3cea7bdbe299bf35ff7ac2194fe4312f492bfe8e5c4e1838f57c29925a867844"}]}, 0x200}, 0x1, 0x0, 0x0, 0x800}, 0x800)

754.597942ms ago: executing program 5 (id=2506):
r0 = syz_open_procfs(0x0, &(0x7f0000002240)='net/udp6\x00')
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYRES64=r0], 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000040)={0xd, {{0x2, 0x4e23, @broadcast}}, {{0x2, 0x4e24, @local}}}, 0x108)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmsg$can_raw(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x1e0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
syz_usb_disconnect(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

754.279544ms ago: executing program 3 (id=2507):
r0 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000026c0)={0x0, &(0x7f0000002600)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000240)={0x3, r1, 0x60, 0x8249, 0xfe, 0xff, 0x8})

754.117ms ago: executing program 3 (id=2508):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000000)=""/7, &(0x7f0000000040)=0x7)
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f00000000c0)={0x1, 0x1, @start={0x25}})

704.913319ms ago: executing program 3 (id=2509):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c014}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0xffff, 0xf}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

594.66553ms ago: executing program 3 (id=2510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200ffffff850007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

594.186834ms ago: executing program 3 (id=2512):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@getnexthop={0x18, 0x76, 0xb0d, 0x4000, 0x0, {0x3}}, 0x18}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})

534.823905ms ago: executing program 3 (id=2514):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/vlan/vlan1\x00')
close(r1)
syz_usb_connect$cdc_ncm(0x3, 0x8a, &(0x7f0000000080)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0xbf, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x78, 0x2, 0x1, 0x8, 0x90, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, "c3"}, {0x5, 0x24, 0x0, 0xae}, {0xd, 0x24, 0xf, 0x1, 0x81, 0x101, 0x3, 0x10}, {0x6, 0x24, 0x1a, 0x5, 0x10}, [@mbim_extended={0x8, 0x24, 0x1c, 0x5, 0x6, 0xd64}, @network_terminal={0x7, 0x24, 0xa, 0x9b, 0xc, 0xe6, 0x1}, @mbim={0xc, 0x24, 0x1b, 0x7, 0xf, 0xb5, 0x6, 0x4, 0x7}]}, {{0x9, 0x5, 0x81, 0x3, 0x300, 0xfb, 0x2, 0x80}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x9, 0x6, 0x2}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x8, 0x97, 0x3}}}}}}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x250, 0x2, 0x67, 0x5, 0x20, 0xde}, 0x5, &(0x7f0000000180)={0x5, 0xf, 0x5}, 0x1, [{0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x300a}}]})
ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000040)={0x8, 0xd5})

412.981684ms ago: executing program 1 (id=2516):
pipe2(&(0x7f0000000000)={0x0, <r0=>0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x4, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x401)
r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r4)
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/user\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
unshare(0x2a020400)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000840)={0x0, 0x0, 0x31b})
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000280), &(0x7f0000001840)=@udp6=r2}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)

354.958971ms ago: executing program 1 (id=2517):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x400, 0x138, 0x168, 0x10, 0x0, 0xb, 0x330, 0x250, 0x250, 0x330, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], [0xffffffff, 0x0, 0xff000000], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {0xff}, 0x3a}, 0x6000000, 0xf8, 0x138, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @inet=@rpfilter={{0x28}, {0x4}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x1, 0x10, "9c6bf4633b688e5c61ae9a21b0b0bfe88a6faa548a8ce8927b5cec9e94d8"}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x3}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x460)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

354.684741ms ago: executing program 1 (id=2518):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c014}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x4, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0xffff, 0xf}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

214.146011ms ago: executing program 1 (id=2519):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x8000000000000000}, {0x0, 0x0, 0x7, 0x0, 0xf, 0x4, 0x0, 0x8}, {0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x80000}], 0x7})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x10003, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

74.195128ms ago: executing program 6 (id=2520):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000340), 0x40, 0x0) (async)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x82801, 0x0)
write$sequencer(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="81040808f9ffffff940f32f0411976ec9402ff"], 0x20)
ioctl$SNDCTL_DSP_GETCAPS(r0, 0x8004500f, &(0x7f0000000380))

73.334625ms ago: executing program 6 (id=2521):
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14, 0x80800)
r1 = signalfd(r0, &(0x7f00000007c0)={[0x5]}, 0x8)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000800)={0x3, 'macvlan0\x00', {0x8}})
getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x14117e, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r2)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x7c, r4, 0x4, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x8001, 0x16}}}}, [@NL80211_ATTR_QOS_MAP={0x2e, 0xc7, {[{}, {0x6d, 0x2}, {0x4a, 0x5}, {0xb3, 0x5}, {0x1, 0x7}, {0x8, 0x1}, {0x2, 0x6}, {0x0, 0x3}, {0x2}, {0x0, 0x6}, {0x2, 0x6}, {0x1d, 0x2}, {0x38}, {0x4, 0x2}, {0x8c, 0x2}, {0x7f, 0x4}, {0x0, 0x6}], "2e32b828046b8259"}}, @NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0x9, 0x2}, {0x2, 0x2}, {0x3, 0x2}, {0x2, 0x6}, {0x0, 0x2}, {0x9, 0xfe}, {0x4, 0x4}, {0xb, 0x4}, {0x8e, 0x5}, {0x2, 0x3}, {0x2a, 0x6}, {0x0, 0x6}, {0x0, 0x4}, {0x0, 0x5}, {0xd6, 0x7}], "6515cc756314eb10"}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20040000}, 0x8000)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000700), &(0x7f0000000740)=0x8)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000580081d34e81f782db44b904e4174345", 0x14}], 0x1}, 0x0)
r6 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r6, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e24, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c05"], 0x30}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000040)=@mangle={'mangle\x00', 0x64, 0x6, 0x648, 0x0, 0x3d0, 0xd0, 0xd0, 0xd0, 0x578, 0x578, 0x578, 0x578, 0x578, 0x6, 0x0, {[{{@ipv6={@private0, @private1, [], [], 'veth1\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @HL={0x28}}, {{@ipv6={@private1, @loopback, [], [], 'tunl0\x00', 'bridge_slave_1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c8}}, {{@ipv6={@private0, @remote, [], [], 'veth0_to_team\x00', 'tunl0\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @private1, @mcast2}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'syzkaller1\x00', 'veth0_to_batadv\x00'}, 0x0, 0x160, 0x1a8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @private0, @local}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6a8)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f00000000c0)={0x48, 0x5, 0x0, 0x0, <r7=>0xffffffffffffffff, 0x1})
fcntl$setstatus(r7, 0x4, 0x4a000)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=ANY=[@ANYBLOB="340000003c0007010000000000000000017c00000400fc800c00018008000600ffff0000080002800400728008000900", @ANYRES32=r2, @ANYBLOB="15b4cb081a216878182d4d0392f1ca51f8797533e54f8fc40805af38cc33c8e942bedd50aaa34d8c8b4ed7d1d04fbff4912366b89c1779efb89aff0ad6efc5d475bb9bd0905f59bc98e2924f15b43e44b542ec8b408eff6e880b2b3ad3520cbf70849a38b570cb387c1c5c98b038c92c6053f5fc923c89b9a6489dbf56a154683494b343da554475e181fd9318efb0904f7d3372dc81a40eabfdab96576cbf19c7f403a1efe3a57a2a05b67239ea9fc0a9a591acc249092b041ee101bbccd0a7540447cbdd747eec2813"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

4.05231ms ago: executing program 6 (id=2522):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200ffffff900007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.632398ms ago: executing program 1 (id=2523):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0xf, 0x9442)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2, 0x11, r1, 0xffffd000)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r2, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x9, 0x0, &(0x7f0000000040), 0x0, 0x0}})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@getnexthop={0x18, 0x76, 0xb0d, 0x4000, 0x0, {0x3}}, 0x18}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace(0x19, r3)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
lseek(r4, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40282}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x104, r5, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x44, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfe}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xffffffff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}]}, @TIPC_NLA_MEDIA={0x70, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9cc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_PRIO={0x8}]}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}]}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x20000801}, 0x24000010)

214.125µs ago: executing program 6 (id=2524):
syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x80580) (async)
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x80580)
ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000180)={&(0x7f0000000040), &(0x7f0000000080)=""/201, 0xc9})
syz_open_dev$usbfs(&(0x7f00000001c0), 0x8e39, 0x200501)
close_range(r0, 0xffffffffffffffff, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@fwd={0xd}]}, {0x0, [0x5f]}}, &(0x7f0000000240)=""/222, 0x27, 0xde, 0x1, 0x6, 0x0, @void, @value}, 0x28)
r1 = openat$nmem0(0xffffffffffffff9c, &(0x7f00000005c0), 0xe000, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000600)={&(0x7f0000000380)="310718c17be9d10ad2f5ca970d145d4d91ed8e823b818e0f0f0009d5da7d4760", &(0x7f00000003c0)=""/250, &(0x7f00000004c0)="61b3cf0515a6c3fae87cdd944ebb5bf1e0e0a5c13861e55dd9632988d7830b7b5b16b5393f321f648385f00c84711612884e6c9dffd212f96989453937e648b0953ca029ebc1138bf74538c5ee198c5263948084d115", &(0x7f0000000540)="6e93e3a2ed6827eefb54f526f3cad454224ef27a483beedf1be42e512d5e184e7cafa825da4681c648258ee7b8d60cd395d0d2b44b1b00ab8d6e2865e8e750307fe321ed39eaf7233c2331785faed54565988c4e01f81fe70c7a13b5061c60b65d5cd18eafaec2a6e6e00b51", 0x10000, r1}, 0x38)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000980)={'erspan0\x00', &(0x7f0000000880)={'erspan0\x00', 0x0, 0x40, 0x10, 0x4, 0x9, {{0x2d, 0x4, 0x3, 0x4, 0xb4, 0x66, 0x0, 0x0, 0x2f, 0x0, @loopback, @empty, {[@generic={0x94, 0xf, "d1f8fb6d239c7a5362765e8ed3"}, @timestamp={0x44, 0x10, 0x34, 0x0, 0x2, [0x4, 0xe33f, 0x6]}, @timestamp={0x44, 0x24, 0x8e, 0x0, 0x6, [0x3, 0xffffffff, 0xa, 0x7fff, 0x6, 0xfffffff2, 0x8000, 0x31a3]}, @rr={0x7, 0xf, 0xb6, [@rand_addr=0x64010102, @rand_addr=0x64010100, @local]}, @timestamp={0x44, 0x10, 0x66, 0x0, 0x4, [0xc9, 0x0, 0x6]}, @timestamp_addr={0x44, 0x3c, 0xed, 0x1, 0x8, [{@broadcast, 0xffffff47}, {@rand_addr=0x64010100, 0x80}, {@multicast2, 0x1}, {@remote, 0x7}, {@empty, 0x8000}, {@multicast2, 0x80000000}, {@local, 0x3ff}]}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000980)={'erspan0\x00', &(0x7f0000000880)={'erspan0\x00', <r2=>0x0, 0x40, 0x10, 0x4, 0x9, {{0x2d, 0x4, 0x3, 0x4, 0xb4, 0x66, 0x0, 0x0, 0x2f, 0x0, @loopback, @empty, {[@generic={0x94, 0xf, "d1f8fb6d239c7a5362765e8ed3"}, @timestamp={0x44, 0x10, 0x34, 0x0, 0x2, [0x4, 0xe33f, 0x6]}, @timestamp={0x44, 0x24, 0x8e, 0x0, 0x6, [0x3, 0xffffffff, 0xa, 0x7fff, 0x6, 0xfffffff2, 0x8000, 0x31a3]}, @rr={0x7, 0xf, 0xb6, [@rand_addr=0x64010102, @rand_addr=0x64010100, @local]}, @timestamp={0x44, 0x10, 0x66, 0x0, 0x4, [0xc9, 0x0, 0x6]}, @timestamp_addr={0x44, 0x3c, 0xed, 0x1, 0x8, [{@broadcast, 0xffffff47}, {@rand_addr=0x64010100, 0x80}, {@multicast2, 0x1}, {@remote, 0x7}, {@empty, 0x8000}, {@multicast2, 0x80000000}, {@local, 0x3ff}]}]}}}}})
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x1c, &(0x7f0000000640)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @exit, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}, @map_idx={0x18, 0x3, 0x5, 0x0, 0xc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x90000, 0x0, 0x0, 0x0, 0xffffcfa8}, @jmp={0x5, 0x0, 0xc, 0x6, 0x0, 0x50}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}], &(0x7f0000000740)='syzkaller\x00', 0x95, 0xe0, &(0x7f0000000780)=""/224, 0x41100, 0x20, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000009c0)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000a00)={0x5, 0x7, 0x8, 0x9}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000a40)=[r1, r1, r1, r1, r1], &(0x7f0000000a80)=[{0x2, 0x3, 0x4, 0x3}, {0x1, 0x5, 0xd, 0x3}, {0x2, 0x3, 0x0, 0x9}, {0x5, 0x5, 0xf, 0x5}, {0x1, 0x3, 0xe, 0xc}, {0x0, 0x4, 0xa, 0x6}, {0x0, 0x3, 0xf, 0xb}], 0x10, 0x3, @void, @value}, 0x94)
landlock_create_ruleset(&(0x7f0000000bc0)={0x800, 0x2, 0x2}, 0x18, 0x0)
mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x7) (async)
mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x7)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000c00)={'vlan1\x00', 0x2}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000c00)={'vlan1\x00', 0x2})
r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000c40), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000cc0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000c80), 0x13f, 0x5}}, 0x20) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000cc0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000c80)={<r5=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r4, &(0x7f0000000d00)={0x9, 0x108, 0xfa00, {r5, 0x4, "cc439d", "d065056862fd069ec92f3b728cdbda918b6cfd2ad5ff5b913c88903944da5cad97a9f8ef6f51a2c9ad2e2b70657b90b67a76f0c7c32a4ab848d378dce2e733bfa9b31f0e5d0508ceae8e95095ef983985915368af81a12aeedb31eed9692829028a7aca89906b9ab7eeaca345a3cb69e36b4b120fd26529210b7539664672a715364e36503ce493413c6890978fb1bbf79a81081db0844173f1b1e4a9452c129d895b054eb2a622da33fb81f709b93683d16600513fc3a225fcae7be9a13c0e61f6e817161e44a0f10553d563a9645c74f765b77757fd43300a44b2f72a6993ecb1acec000f619ba523d5a55070dbef6434d8716b525e1f0424fbbc006b3b2f0"}}, 0x110)
readv(r3, &(0x7f0000001140)=[{&(0x7f0000000e40)=""/171, 0xab}, {&(0x7f0000000f00)=""/241, 0xf1}, {&(0x7f0000001000)=""/6, 0x6}, {&(0x7f0000001040)=""/45, 0x2d}, {&(0x7f0000001080)=""/49, 0x31}, {&(0x7f00000010c0)=""/77, 0x4d}], 0x6)
write$binfmt_format(r1, &(0x7f00000011c0)='-1\x00', 0x3)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000001200)={r1, r4})
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000001240)=0x2)
write$UHID_CREATE2(r1, &(0x7f0000001280)={0xb, {'syz1\x00', 'syz1\x00', 'syz1\x00', 0x3b, 0x27d, 0x7, 0x1ff, 0x1, 0x100, "90246b924c8d654f38e216e58cc9446934eb21a0e5d4f87217c261e34fcc715786c4e0b4f01e82b48773400fcb48f04ee554a42b5efbd9078ba654"}}, 0x153) (async)
write$UHID_CREATE2(r1, &(0x7f0000001280)={0xb, {'syz1\x00', 'syz1\x00', 'syz1\x00', 0x3b, 0x27d, 0x7, 0x1ff, 0x1, 0x100, "90246b924c8d654f38e216e58cc9446934eb21a0e5d4f87217c261e34fcc715786c4e0b4f01e82b48773400fcb48f04ee554a42b5efbd9078ba654"}}, 0x153)
r6 = syz_genetlink_get_family_id$fou(&(0x7f0000001440), r4)
sendmsg$FOU_CMD_GET(r4, &(0x7f0000001540)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0xc0000223}, 0xc, &(0x7f0000001500)={&(0x7f0000001480)={0x50, r6, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x11}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @private=0xa010102}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x20040800}, 0x20000000)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000008, 0x1010, r4, 0x4697000) (async)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000008, 0x1010, r4, 0x4697000)
sendmmsg$inet(r1, &(0x7f0000001e00)=[{{&(0x7f0000001580)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000001800)=[{&(0x7f00000015c0)="4f33d97aee8b9d725e579bbede809d95a3a3cf5c2f95e643ddca00d82ac88b8d0a5c7cecb6d6ba5e780bbc67b89272e4968fa558d8b7b2f3f30cbc4bd5524824669fabbb5801c8994cbdf4767820bd6d1c20d147aad957d8caa5e1341b4846f657ef65585f4c842809c78ea4eee53543a8fc7e7a96b71966658b5574af743276343f21457893d77386d848f2d11401185c9eb9b37e93d46e5801601d27972dbc94da27734e86ca6356b7dc4a85a64e529df5253822887f5b3da0dd7f0d6c86bf363dbbddab347e02112271ef7686af5a08495abdad7dd4c3225b40b49164df0f8ca4ca55d7aa74e2d6ed711645d6d7a83eac70", 0xf3}, {&(0x7f00000016c0)="9d83b1bf0e451e5605153b97b0d2d7296709d510fce12a9fc3be758ac4fde680d82ad8ad907ed4c40d67d90cd8ba7dd07bba3c4fe1c2390e1857ff61e340cc6ac6d8e02c9230a8c85ebbd4e575fafd0416adccfa9762a0948eb574d6153b3d0be677248ac06ccff684461e2ebb146bc4de8c284ee4805c7baf63b92435a07f558679846b6c24dcb01dfa00423b226ca28bb6a23f00c273c4ca7be3995c8cc84a901e0b85dbe8db0b317c9e74d6ec7118926081cc1cb24a629bdfc7983266397f4c446ae3ef9c9ed80cfb145785289f99ad80ac9fab94bd4a70540eaf0abdd02ca756438958598285b1fe1d6e09913ef19c1703173bb4cba428fd7f16085d", 0xfe}, {&(0x7f00000017c0)="04ca73bbd7d912c5926518fb8e0f07d2b4e5011f0d80b2dfb86c4d2e4249fec8bcf62e7ef60bf17ec06d8ccfb31bd5ac7fcd7488c27bfd", 0x37}], 0x3, &(0x7f0000001840)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @broadcast, @empty}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @remote, @loopback}}}, @ip_retopts={{0x78, 0x0, 0x7, {[@generic={0xcd, 0x3, '>'}, @timestamp_addr={0x44, 0x1c, 0x48, 0x1, 0x9, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private=0xa010102, 0x8}, {@broadcast, 0x7}]}, @noop, @noop, @timestamp_addr={0x44, 0x44, 0xfa, 0x1, 0xe, [{@multicast2, 0x6}, {@local, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x200}, {@broadcast, 0x29fc}, {@empty, 0x7804}, {@multicast2}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x2}, {@private=0xa010100, 0x4}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x62}}], 0xe8}}, {{&(0x7f0000001940)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10, &(0x7f0000001ac0)=[{&(0x7f0000001980)="6463888a511d178e620f55c3812c7a077216f5282ad977c700d9de681ef47dbb4c8609c7497c31", 0x27}, {&(0x7f00000019c0)="da0e2819265a0ce52aae923b4dad04d876a8f7b06862fddc9380a4efc2dfe76facba5a1f6dcf51a5d16ceaa2e91dd676da0b6a92c69bfdfd68ae4c3784a00656f25f3e1d63fad46535c1a908bb250c440b38eb601c603f081ca377dd563d12942a16717bed140a699900a09918f0cc62795ac12c6aa3715d072fc992bf750808679d6cca498ddf967c59852645a45419abe9e35db3aaf5121704ce70e738372dc1791c638d9fcf1cf733b53fbe6b70a2510cc4871fd46ba43df0bbbdcce1c6acb30b7457359f013d8373c293a0b7", 0xce}], 0x2, &(0x7f0000001b00)=[@ip_retopts={{0x64, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xfb, [@broadcast]}, @timestamp_addr={0x44, 0x4c, 0x20, 0x1, 0x1, [{@broadcast, 0x7ff}, {@rand_addr=0x64010102, 0x40}, {@local, 0x1}, {@multicast2, 0x6}, {@local, 0x6}, {@multicast1, 0xff}, {@broadcast, 0x3}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x4}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x8001}]}]}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x24, 0x85, 0x1, 0x2, [{@broadcast, 0x4}, {@private=0xa010101, 0x6}, {@empty, 0x6000000}, {@multicast1, 0x9}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @multicast1, @remote}}}, @ip_retopts={{0x40, 0x0, 0x7, {[@generic={0x83, 0x3, "b9"}, @timestamp_addr={0x44, 0x2c, 0x68, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0xd}, 0x3}, {@local, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfff}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6f4}, {@empty, 0x660df34e}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @dev={0xac, 0x14, 0x14, 0x36}, @rand_addr=0x64010102}}}], 0x138}}, {{&(0x7f0000001c40)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001d00)=[{&(0x7f0000001c80)="2e388fefafbb8236a2a64c4ecedf622f25193e563f179a7d9bcdc321001c790eec1f0b3032848aefa007126d750973fdf827917eed46ac264159a4e891f1f842e244637de51ed926fca08bb934c34d8031cfcb6531d3b49257a5fff9e1f494481428", 0x62}], 0x1, &(0x7f0000001d40)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_retopts={{0x28, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0xc6, [@dev={0xac, 0x14, 0x14, 0x1f}]}, @ssrr={0x89, 0xf, 0x3b, [@remote, @multicast2, @dev={0xac, 0x14, 0x14, 0x2b}]}]}}}, @ip_ttl={{0x14}}, @ip_retopts={{0x50, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0xe, [@local]}, @timestamp={0x44, 0x28, 0xe4, 0x0, 0x5, [0x6, 0x5, 0x2, 0x800, 0x5, 0xbfe, 0xffffcb24, 0x5, 0x6]}, @noop, @ra={0x94, 0x4}, @rr={0x7, 0xb, 0x7b, [@dev={0xac, 0x14, 0x14, 0x18}, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}], 0xa8}}], 0x3, 0x5) (async)
sendmmsg$inet(r1, &(0x7f0000001e00)=[{{&(0x7f0000001580)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000001800)=[{&(0x7f00000015c0)="4f33d97aee8b9d725e579bbede809d95a3a3cf5c2f95e643ddca00d82ac88b8d0a5c7cecb6d6ba5e780bbc67b89272e4968fa558d8b7b2f3f30cbc4bd5524824669fabbb5801c8994cbdf4767820bd6d1c20d147aad957d8caa5e1341b4846f657ef65585f4c842809c78ea4eee53543a8fc7e7a96b71966658b5574af743276343f21457893d77386d848f2d11401185c9eb9b37e93d46e5801601d27972dbc94da27734e86ca6356b7dc4a85a64e529df5253822887f5b3da0dd7f0d6c86bf363dbbddab347e02112271ef7686af5a08495abdad7dd4c3225b40b49164df0f8ca4ca55d7aa74e2d6ed711645d6d7a83eac70", 0xf3}, {&(0x7f00000016c0)="9d83b1bf0e451e5605153b97b0d2d7296709d510fce12a9fc3be758ac4fde680d82ad8ad907ed4c40d67d90cd8ba7dd07bba3c4fe1c2390e1857ff61e340cc6ac6d8e02c9230a8c85ebbd4e575fafd0416adccfa9762a0948eb574d6153b3d0be677248ac06ccff684461e2ebb146bc4de8c284ee4805c7baf63b92435a07f558679846b6c24dcb01dfa00423b226ca28bb6a23f00c273c4ca7be3995c8cc84a901e0b85dbe8db0b317c9e74d6ec7118926081cc1cb24a629bdfc7983266397f4c446ae3ef9c9ed80cfb145785289f99ad80ac9fab94bd4a70540eaf0abdd02ca756438958598285b1fe1d6e09913ef19c1703173bb4cba428fd7f16085d", 0xfe}, {&(0x7f00000017c0)="04ca73bbd7d912c5926518fb8e0f07d2b4e5011f0d80b2dfb86c4d2e4249fec8bcf62e7ef60bf17ec06d8ccfb31bd5ac7fcd7488c27bfd", 0x37}], 0x3, &(0x7f0000001840)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @broadcast, @empty}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @remote, @loopback}}}, @ip_retopts={{0x78, 0x0, 0x7, {[@generic={0xcd, 0x3, '>'}, @timestamp_addr={0x44, 0x1c, 0x48, 0x1, 0x9, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private=0xa010102, 0x8}, {@broadcast, 0x7}]}, @noop, @noop, @timestamp_addr={0x44, 0x44, 0xfa, 0x1, 0xe, [{@multicast2, 0x6}, {@local, 0x7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x200}, {@broadcast, 0x29fc}, {@empty, 0x7804}, {@multicast2}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x2}, {@private=0xa010100, 0x4}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x62}}], 0xe8}}, {{&(0x7f0000001940)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10, &(0x7f0000001ac0)=[{&(0x7f0000001980)="6463888a511d178e620f55c3812c7a077216f5282ad977c700d9de681ef47dbb4c8609c7497c31", 0x27}, {&(0x7f00000019c0)="da0e2819265a0ce52aae923b4dad04d876a8f7b06862fddc9380a4efc2dfe76facba5a1f6dcf51a5d16ceaa2e91dd676da0b6a92c69bfdfd68ae4c3784a00656f25f3e1d63fad46535c1a908bb250c440b38eb601c603f081ca377dd563d12942a16717bed140a699900a09918f0cc62795ac12c6aa3715d072fc992bf750808679d6cca498ddf967c59852645a45419abe9e35db3aaf5121704ce70e738372dc1791c638d9fcf1cf733b53fbe6b70a2510cc4871fd46ba43df0bbbdcce1c6acb30b7457359f013d8373c293a0b7", 0xce}], 0x2, &(0x7f0000001b00)=[@ip_retopts={{0x64, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xfb, [@broadcast]}, @timestamp_addr={0x44, 0x4c, 0x20, 0x1, 0x1, [{@broadcast, 0x7ff}, {@rand_addr=0x64010102, 0x40}, {@local, 0x1}, {@multicast2, 0x6}, {@local, 0x6}, {@multicast1, 0xff}, {@broadcast, 0x3}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x4}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x8001}]}]}}}, @ip_retopts={{0x38, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x24, 0x85, 0x1, 0x2, [{@broadcast, 0x4}, {@private=0xa010101, 0x6}, {@empty, 0x6000000}, {@multicast1, 0x9}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @multicast1, @remote}}}, @ip_retopts={{0x40, 0x0, 0x7, {[@generic={0x83, 0x3, "b9"}, @timestamp_addr={0x44, 0x2c, 0x68, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0xd}, 0x3}, {@local, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfff}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6f4}, {@empty, 0x660df34e}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @dev={0xac, 0x14, 0x14, 0x36}, @rand_addr=0x64010102}}}], 0x138}}, {{&(0x7f0000001c40)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001d00)=[{&(0x7f0000001c80)="2e388fefafbb8236a2a64c4ecedf622f25193e563f179a7d9bcdc321001c790eec1f0b3032848aefa007126d750973fdf827917eed46ac264159a4e891f1f842e244637de51ed926fca08bb934c34d8031cfcb6531d3b49257a5fff9e1f494481428", 0x62}], 0x1, &(0x7f0000001d40)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_retopts={{0x28, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0xc6, [@dev={0xac, 0x14, 0x14, 0x1f}]}, @ssrr={0x89, 0xf, 0x3b, [@remote, @multicast2, @dev={0xac, 0x14, 0x14, 0x2b}]}]}}}, @ip_ttl={{0x14}}, @ip_retopts={{0x50, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0xe, [@local]}, @timestamp={0x44, 0x28, 0xe4, 0x0, 0x5, [0x6, 0x5, 0x2, 0x800, 0x5, 0xbfe, 0xffffcb24, 0x5, 0x6]}, @noop, @ra={0x94, 0x4}, @rr={0x7, 0xb, 0x7b, [@dev={0xac, 0x14, 0x14, 0x18}, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}], 0xa8}}], 0x3, 0x5)
socket$unix(0x1, 0x5, 0x0) (async)
socket$unix(0x1, 0x5, 0x0)
r7 = syz_open_dev$vcsu(&(0x7f0000003000), 0xf7, 0x976fe75b9dbe4899)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003100)={0x6, 0xe, &(0x7f0000001ec0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x299}, [@cb_func={0x18, 0x1, 0x4, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x3}, @map_val={0x18, 0x8, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x5}, @map_val={0x18, 0x7, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x8000}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x200}]}, &(0x7f0000001f40)='GPL\x00', 0x5, 0x1000, &(0x7f0000001f80)=""/4096, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000002f80)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000002fc0)={0x3, 0x9, 0x0, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000003040)=[r7], &(0x7f0000003080)=[{0x1, 0x2, 0x8, 0x4}, {0x4, 0x3, 0x0, 0x7}, {0x0, 0x2, 0x6}, {0x4, 0x5, 0x3}, {0x1, 0x4, 0x0, 0xa}, {0x5, 0x4, 0x4, 0x9}, {0x5, 0x3, 0xe, 0x6}], 0x10, 0x5, @void, @value}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003100)={0x6, 0xe, &(0x7f0000001ec0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x299}, [@cb_func={0x18, 0x1, 0x4, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x3}, @map_val={0x18, 0x8, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x5}, @map_val={0x18, 0x7, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x8000}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x200}]}, &(0x7f0000001f40)='GPL\x00', 0x5, 0x1000, &(0x7f0000001f80)=""/4096, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000002f80)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000002fc0)={0x3, 0x9, 0x0, 0x4}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000003040)=[r7], &(0x7f0000003080)=[{0x1, 0x2, 0x8, 0x4}, {0x4, 0x3, 0x0, 0x7}, {0x0, 0x2, 0x6}, {0x4, 0x5, 0x3}, {0x1, 0x4, 0x0, 0xa}, {0x5, 0x4, 0x4, 0x9}, {0x5, 0x3, 0xe, 0x6}], 0x10, 0x5, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000031c0)={0x7, 0x8, 0xfa00, {r5, 0x7fff}}, 0x10)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f00000032c0)={&(0x7f0000003200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000003280)={&(0x7f0000003240)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x80)

0s ago: executing program 1 (id=2525):
creat(&(0x7f0000000240)='./file0\x00', 0x148)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chmod(&(0x7f0000000340)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0)
r4 = open$dir(&(0x7f0000000040)='./file0\x00', 0x216900, 0x0)
statx(r4, &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000000380))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r5, 0x57)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000080)=0x8400, 0x4)
sendfile(r3, r5, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

823513][ T5990] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  151.827743][ T5990] usb 8-1: config 0 interface 0 has no altsetting 0
[  151.831649][ T5990] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  151.834501][ T5990] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  151.837340][ T5990] usb 8-1: Product: syz
[  151.838735][ T5990] usb 8-1: Manufacturer: syz
[  151.840218][ T5990] usb 8-1: SerialNumber: syz
[  151.843443][ T5990] usb 8-1: config 0 descriptor??
[  151.846672][ T5990] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  151.850577][ T5990] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  151.979097][  T836] usb 6-1: USB disconnect, device number 15
[  152.002434][T10836] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1594'.
[  152.005414][T10836] tipc: Invalid UDP bearer configuration
[  152.005946][T10836] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  152.035172][T10838] IPv6: NLM_F_CREATE should be specified when creating new route
[  152.039835][T10838] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1595'.
[  152.048655][ T1023] usb 8-1: USB disconnect, device number 9
[  152.053264][ T1023] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  152.072320][   T40] audit: type=1400 audit(1748176295.219:702): avc:  denied  { read } for  pid=10839 comm="syz.5.1596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  152.089826][T10841] IPv6: sit1: Disabled Multicast RS
[  152.092014][   T40] audit: type=1400 audit(1748176295.239:703): avc:  denied  { create } for  pid=10839 comm="syz.5.1596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  152.093722][T10841] sit1: entered allmulticast mode
[  152.544325][T10871] syz.1.1605: attempt to access beyond end of device
[  152.544325][T10871] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0
[  152.553128][T10871] syz.1.1605: attempt to access beyond end of device
[  152.553128][T10871] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0
[  152.562802][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  152.570193][T10871] syz.1.1605: attempt to access beyond end of device
[  152.570193][T10871] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0
[  152.579357][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  152.585244][T10871] syz.1.1605: attempt to access beyond end of device
[  152.585244][T10871] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0
[  152.594203][T10871] syz.1.1605: attempt to access beyond end of device
[  152.594203][T10871] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0
[  152.601520][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  152.605201][T10871] syz.1.1605: attempt to access beyond end of device
[  152.605201][T10871] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  152.610358][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  152.614695][T10871] syz.1.1605: attempt to access beyond end of device
[  152.614695][T10871] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0
[  152.621959][T10871] syz.1.1605: attempt to access beyond end of device
[  152.621959][T10871] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  152.630384][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  152.633455][T10871] syz.1.1605: attempt to access beyond end of device
[  152.633455][T10871] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  152.638562][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  152.642342][T10871] syz.1.1605: attempt to access beyond end of device
[  152.642342][T10871] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  152.657300][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256
[  152.661326][T10871] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512
[  152.664938][T10898] netlink: 'syz.5.1611': attribute type 11 has an invalid length.
[  152.665239][T10871] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1)
[  152.667910][T10898] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1611'.
[  152.697166][T10900] kvm: pic: non byte read
[  152.799985][ T5973] kernel write not supported for file /nvme-fabrics (pid: 5973 comm: kworker/1:4)
[  152.896335][T10931] binder: 10930:10931 ioctl c0306201 0 returned -14
[  152.899734][T10931] binder: 10930:10931 ioctl c0306201 0 returned -14
[  152.926530][T10928] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1623'.
[  152.930684][T10928] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1623'.
[  152.950326][T10939] netlink: 6 bytes leftover after parsing attributes in process `syz.5.1626'.
[  152.961550][   T40] audit: type=1400 audit(1748176296.119:704): avc:  denied  { bind } for  pid=10938 comm="syz.5.1626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  153.095604][T10956] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1633'.
[  153.393333][   T40] audit: type=1326 audit(1748176296.539:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10978 comm="syz.3.1638" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1625f8e969 code=0x7ffc0000
[  153.402736][   T40] audit: type=1326 audit(1748176296.539:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10978 comm="syz.3.1638" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1625f8e969 code=0x7ffc0000
[  153.410191][   T40] audit: type=1326 audit(1748176296.549:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10978 comm="syz.3.1638" exe="/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f1625f8e969 code=0x7ffc0000
[  153.417611][   T40] audit: type=1326 audit(1748176296.549:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10978 comm="syz.3.1638" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1625f8e969 code=0x7ffc0000
[  153.425519][   T40] audit: type=1326 audit(1748176296.549:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10978 comm="syz.3.1638" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1625f8e969 code=0x7ffc0000
[  153.793988][T11007] xt_hashlimit: max too large, truncated to 1048576
[  153.800016][T11007] xt_bpf: check failed: parse error
[  153.836009][T11009] 9pnet: p9_errstr2errno: server reported unknown error tio,ignoreqv,
[  154.088073][T11018] NILFS (nullb0): couldn't find nilfs on the device
[  154.148873][T11020] macvlan2: entered promiscuous mode
[  154.150622][T11020] bridge0: entered promiscuous mode
[  154.366367][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1650'.
[  154.525405][T11043] vlan2: entered promiscuous mode
[  154.527830][T11043] veth1_virt_wifi: entered promiscuous mode
[  154.728963][T11050] input: syz1 as /devices/virtual/input/input15
[  155.199060][T11073] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11073 comm=syz.6.1665
[  155.212801][T11077] xfrm0: left allmulticast mode
[  155.405564][ T9328] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  155.483235][T11074] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  155.485509][T11074] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  155.499597][T11074] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  155.501465][T11074] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  155.508059][T11074] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  155.509990][T11074] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  155.565733][ T9328] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  155.575552][ T9328] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  155.578618][ T9328] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  155.581376][ T9328] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.587037][T11067] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  155.598591][   T40] kauditd_printk_skb: 69 callbacks suppressed
[  155.598603][   T40] audit: type=1326 audit(1748176298.749:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11085 comm="syz.3.1668" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1625f8e969 code=0x0
[  155.606837][ T9328] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  155.618782][T11090] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  155.709778][T11098] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11098 comm=syz.5.1672
[  155.795538][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.795674][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.796024][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.796149][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.796489][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.796611][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.796956][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.797085][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.797557][T11067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.797727][T11067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.803019][ T6100] usb 6-1: USB disconnect, device number 16
[  155.854181][T11109] input: syz0 as /devices/virtual/input/input16
[  155.893620][   T40] audit: type=1400 audit(1748176299.039:780): avc:  denied  { read } for  pid=11111 comm="syz.3.1676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  155.925924][   T40] audit: type=1400 audit(1748176299.079:781): avc:  denied  { append } for  pid=11117 comm="syz.6.1678" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  156.057554][   T40] audit: type=1400 audit(1748176299.209:782): avc:  denied  { write } for  pid=11134 comm="syz.6.1683" lport=45752 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  156.067027][   T40] audit: type=1400 audit(1748176299.209:783): avc:  denied  { setopt } for  pid=11134 comm="syz.6.1683" lport=45752 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  156.074669][   T40] audit: type=1400 audit(1748176299.209:784): avc:  denied  { map } for  pid=11136 comm="syz.1.1684" path="socket:[41612]" dev="sockfs" ino=41612 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  156.082356][   T40] audit: type=1400 audit(1748176299.209:785): avc:  denied  { read accept } for  pid=11136 comm="syz.1.1684" path="socket:[41612]" dev="sockfs" ino=41612 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  156.166474][T11149] netlink: 'syz.1.1688': attribute type 1 has an invalid length.
[  156.169610][T11149] netlink: 'syz.1.1688': attribute type 1 has an invalid length.
[  156.172082][T11149] netlink: 'syz.1.1688': attribute type 2 has an invalid length.
[  156.835812][ T9328] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  156.984759][T11162] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  156.995641][ T9328] usb 8-1: Using ep0 maxpacket: 8
[  156.998705][ T9328] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  157.001364][ T9328] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  157.004386][ T9328] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  157.008457][ T9328] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.011672][ T9328] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.015777][ T9328] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  157.018610][ T9328] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.120261][T11169] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  157.224914][ T9328] usb 8-1: usb_control_msg returned -32
[  157.225792][T11171] syzkaller1: entered promiscuous mode
[  157.226948][ T9328] usbtmc 8-1:16.0: can't read capabilities
[  157.228463][T11171] syzkaller1: entered allmulticast mode
[  157.440585][T11176] openvswitch: netlink: Duplicate or invalid key (type 0).
[  157.443541][T11176] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  157.576546][T11178] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode broadcast(3)
[  157.705648][T11182] netlink: 'syz.6.1699': attribute type 1 has an invalid length.
[  157.708757][T11182] __nla_validate_parse: 3 callbacks suppressed
[  157.708766][T11182] netlink: 244 bytes leftover after parsing attributes in process `syz.6.1699'.
[  157.753346][   T40] audit: type=1400 audit(1748176300.899:786): avc:  denied  { getopt } for  pid=11183 comm="syz.6.1700" lport=49773 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  157.753559][T11184] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1700'.
[  157.767548][T11184] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1700'.
[  157.943872][   T40] audit: type=1400 audit(1748176301.089:787): avc:  denied  { execute } for  pid=11199 comm="syz.6.1705" path="/dev/snd/timer" dev="devtmpfs" ino=1303 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  158.011573][T11205] netlink: 'syz.5.1706': attribute type 10 has an invalid length.
[  158.018884][T11205] team0: Device hsr_slave_0 failed to register rx_handler
[  158.127742][T11212] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1709'.
[  159.272547][   T40] audit: type=1800 audit(1748176302.419:788): pid=11149 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.1688" name="/" dev="fuse" ino=0 res=0 errno=0
[  159.473657][T11255] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  159.601538][ T1958] usb 8-1: USB disconnect, device number 10
[  159.706054][T11261] QAT: Invalid ioctl -2144835806
[  159.855562][T11267] ALSA: seq fatal error: cannot create timer (-22)
[  160.011322][T11274] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1729'.
[  160.054062][T11283] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1732'.
[  160.057562][T11283] netlink: 'syz.3.1732': attribute type 7 has an invalid length.
[  160.060035][T11283] netlink: 'syz.3.1732': attribute type 8 has an invalid length.
[  160.062678][T11283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1732'.
[  160.082740][T11287] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1733'.
[  160.110922][T11289] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  160.114827][T11289] team0: Device ipvlan2 is already an upper device of the team interface
[  160.211999][T11291] binder: BINDER_SET_CONTEXT_MGR already set
[  160.214682][T11291] binder: 11290:11291 ioctl 4018620d 200000000040 returned -16
[  160.267103][T11296] program syz.3.1737 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  160.357680][ T1121] sr 2:0:0:0: [sr0] tag#21 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  160.360712][ T1121] sr 2:0:0:0: [sr0] tag#21 Sense Key : Illegal Request [current] 
[  160.363091][ T1121] sr 2:0:0:0: [sr0] tag#21 Add. Sense: Invalid command operation code
[  160.365842][ T1121] sr 2:0:0:0: [sr0] tag#21 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00
[  160.368842][ T1121] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[  160.372132][ T1121] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  160.374870][ T1121] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  160.574001][T11328] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1748'.
[  160.581772][T11328] erspan0: left allmulticast mode
[  160.640120][T11335] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  160.642313][T11335] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  160.645064][T11335] vhci_hcd vhci_hcd.0: Device attached
[  160.647855][T11336] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0
[  160.650449][T11335] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1750'.
[  160.655770][ T8388] vhci_hcd: stop threads
[  160.657522][ T8388] vhci_hcd: release socket
[  160.660299][ T8388] vhci_hcd: disconnect device
[  160.860162][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  160.860176][   T40] audit: type=1400 audit(1748176304.009:800): avc:  denied  { write } for  pid=11343 comm="syz.5.1754" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  160.865723][   T66] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  160.906125][ T5973] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  160.957281][   T40] audit: type=1400 audit(1748176304.109:801): avc:  denied  { ioctl } for  pid=11354 comm="syz.3.1760" path="socket:[40891]" dev="sockfs" ino=40891 ioctlcmd=0x9401 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  160.998837][   T40] audit: type=1400 audit(1748176304.149:802): avc:  denied  { create } for  pid=11359 comm="syz.3.1762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  161.005221][   T40] audit: type=1400 audit(1748176304.149:803): avc:  denied  { setopt } for  pid=11359 comm="syz.3.1762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  161.008261][T11360] netlink: 'syz.3.1762': attribute type 10 has an invalid length.
[  161.014286][T11360] team0: Device hsr_slave_0 failed to register rx_handler
[  161.015695][   T66] usb 6-1: Using ep0 maxpacket: 8
[  161.029544][   T66] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  161.034124][   T66] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  161.038673][   T66] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  161.042645][   T66] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  161.047631][   T66] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  161.053591][   T66] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  161.058333][   T66] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.067460][ T5973] usb 11-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  161.070982][   T40] audit: type=1400 audit(1748176304.219:804): avc:  denied  { connect } for  pid=11363 comm="syz.3.1764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  161.072877][ T5973] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.089012][ T5973] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.092773][ T5973] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  161.099136][ T5973] usb 11-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  161.102296][ T5973] usb 11-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  161.104809][ T5973] usb 11-1: Manufacturer: syz
[  161.110012][ T5973] usb 11-1: config 0 descriptor??
[  161.267061][   T66] usb 6-1: GET_CAPABILITIES returned 0
[  161.268864][   T66] usbtmc 6-1:16.0: can't read capabilities
[  161.281539][T11382] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  161.283622][T11382] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  161.288479][T11382] vhci_hcd vhci_hcd.0: Device attached
[  161.293115][T11382] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5)
[  161.295177][T11382] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  161.298165][T11382] vhci_hcd vhci_hcd.0: Device attached
[  161.308363][T11389] vhci_hcd: connection closed
[  161.308463][T11383] vhci_hcd: connection closed
[  161.310248][ T8389] vhci_hcd: stop threads
[  161.313285][ T8389] vhci_hcd: release socket
[  161.314725][ T8389] vhci_hcd: disconnect device
[  161.317032][T11392] lo: left allmulticast mode
[  161.317186][T11392] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  161.324149][ T8389] vhci_hcd: stop threads
[  161.326013][ T8389] vhci_hcd: release socket
[  161.327519][ T8389] vhci_hcd: disconnect device
[  161.473503][T11334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.476567][T11334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.488468][T11401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.491784][T11401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.517839][ T5973] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  161.520563][ T5973] appleir 0003:05AC:8243.0006: No inputs registered, leaving
[  161.527573][ T5973] appleir 0003:05AC:8243.0006: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[  161.585110][  T836] usb 6-1: USB disconnect, device number 17
[  161.602709][T11409] program syz.1.1775 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  161.827893][   T40] audit: type=1400 audit(1748176304.979:805): avc:  denied  { write } for  pid=11422 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  161.832956][T11423] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  161.895546][ T1958] usb 8-1: new low-speed USB device number 11 using dummy_hcd
[  161.916211][T11431] tmpfs: Unknown parameter 'usrqiota'
[  162.059206][ T1958] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.062489][ T1958] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  162.065274][ T1958] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  162.068851][ T1958] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.071855][ T1958] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  162.074686][ T1958] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.080418][ T1958] hub 8-1:1.0: bad descriptor, ignoring hub
[  162.082340][ T1958] hub 8-1:1.0: probe with driver hub failed with error -5
[  162.084738][ T1958] cdc_wdm 8-1:1.0: skipping garbage
[  162.086756][ T1958] cdc_wdm 8-1:1.0: skipping garbage
[  162.089131][ T1958] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  162.091019][ T1958] cdc_wdm 8-1:1.0: Unknown control protocol
[  162.106974][   T40] audit: type=1400 audit(1748176305.259:806): avc:  denied  { bind } for  pid=11438 comm="syz.5.1784" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  162.119376][ T8389] tipc: Subscription rejected, illegal request
[  162.119404][   T40] audit: type=1326 audit(1748176305.269:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11438 comm="syz.5.1784" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6598f8e969 code=0x0
[  162.387222][ T1958] usb 8-1: USB disconnect, device number 11
[  162.579538][T11463] bio_check_eod: 2 callbacks suppressed
[  162.579550][T11463] syz.1.1794: attempt to access beyond end of device
[  162.579550][T11463] loop1: rw=0, sector=16, nr_sectors = 1 limit=0
[  162.585393][T11463] qnx6: unable to read the first superblock
[  162.587518][T11463] syz.1.1794: attempt to access beyond end of device
[  162.587518][T11463] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[  162.591439][T11463] qnx6: unable to read the first superblock
[  162.593280][T11463] qnx6: unable to read the first superblock
[  162.735513][ T6100] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  162.905577][ T6100] usb 8-1: Using ep0 maxpacket: 8
[  162.908663][ T6100] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.911963][ T6100] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  162.914713][ T6100] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.918643][ T6100] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.921690][ T6100] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  162.924448][ T6100] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.929979][ T6100] hub 8-1:1.0: bad descriptor, ignoring hub
[  162.931873][ T6100] hub 8-1:1.0: probe with driver hub failed with error -5
[  162.934297][ T6100] cdc_wdm 8-1:1.0: skipping garbage
[  162.936142][ T6100] cdc_wdm 8-1:1.0: skipping garbage
[  162.938538][ T6100] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  162.940492][ T6100] cdc_wdm 8-1:1.0: Unknown control protocol
[  163.064429][T11483] SET target dimension over the limit!
[  163.139493][T11413] __nla_validate_parse: 2 callbacks suppressed
[  163.139504][T11413] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1776'.
[  163.256029][ T5973] usb 8-1: USB disconnect, device number 12
[  163.719255][ T5973] usb 11-1: USB disconnect, device number 4
[  163.733844][T11494] netlink: 'syz.3.1802': attribute type 39 has an invalid length.
[  163.813839][   T40] audit: type=1326 audit(1748176306.959:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11498 comm="syz.6.1804" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x0
[  163.900005][T11524] netlink: 'syz.6.1810': attribute type 142 has an invalid length.
[  163.901682][T11523] tmpfs: Unknown parameter 'e'
[  163.904907][T11523] tmpfs: Unknown parameter 'e'
[  163.910333][T11523] tmpfs: Unknown parameter 'e'
[  163.950539][T11531] nbd: must specify a device to reconfigure
[  163.958418][T11533] cgroup: none used incorrectly
[  164.127712][T11562] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11562 comm=syz.1.1821
[  164.231419][   T40] audit: type=1400 audit(1748176307.379:809): avc:  denied  { bind } for  pid=11575 comm="syz.1.1826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  164.323053][T11588] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.478165][T11595] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1831'.
[  164.480954][T11595] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1831'.
[  164.483715][T11595] netlink: 'syz.6.1831': attribute type 13 has an invalid length.
[  164.880025][T11602] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  164.911262][T11607] overlayfs: overlapping lowerdir path
[  164.919332][T11607] overlayfs: missing 'lowerdir'
[  165.460659][T11632] sctp: [Deprecated]: syz.1.1840 (pid 11632) Use of struct sctp_assoc_value in delayed_ack socket option.
[  165.460659][T11632] Use struct sctp_sack_info instead
[  165.513927][T11639] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1844'.
[  165.518130][T11639] xt_hashlimit: overflow, try lower: 0/0
[  165.537449][T11635] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1846'.
[  165.555759][T11644] dvmrp8: entered allmulticast mode
[  165.557611][T11644] dvmrp8: left allmulticast mode
[  165.666744][T11656] netlink: 448 bytes leftover after parsing attributes in process `syz.1.1851'.
[  165.669734][T11656] unsupported nla_type 14345
[  165.741155][T11668] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  165.766930][T11669] syz.1.1855: attempt to access beyond end of device
[  165.766930][T11669] sr0: rw=0, sector=4, nr_sectors = 4 limit=0
[  165.772515][T11669] vxfs: unable to read disk superblock at 1
[  165.786188][T11669] syz.1.1855: attempt to access beyond end of device
[  165.786188][T11669] sr0: rw=0, sector=32, nr_sectors = 4 limit=0
[  165.790407][T11669] vxfs: unable to read disk superblock at 8
[  165.792333][T11669] vxfs: can't find superblock.
[  165.843133][T11674] netlink: 'syz.3.1857': attribute type 17 has an invalid length.
[  165.950395][T11682] SELinux:  policydb string length 14080 does not match expected length 8
[  165.953494][T11682] SELinux: failed to load policy
[  165.999246][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  165.999258][   T40] audit: type=1400 audit(1748176309.149:818): avc:  denied  { mount } for  pid=11688 comm="syz.1.1861" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  166.018007][T11689] xt_nat: multiple ranges no longer supported
[  166.043556][T11694] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1862'.
[  166.050263][T11694] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1862'.
[  166.072493][T11694] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1862'.
[  166.075408][T11694] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1862'.
[  166.527171][   T40] audit: type=1400 audit(1748176309.679:819): avc:  denied  { unmount } for  pid=5929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  166.553691][T11735] sctp: [Deprecated]: syz.5.1869 (pid 11735) Use of int in maxseg socket option.
[  166.553691][T11735] Use struct sctp_assoc_value instead
[  166.586086][   T40] audit: type=1400 audit(1748176309.739:820): avc:  denied  { listen } for  pid=11742 comm="syz.1.1870" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  166.594152][T11748] program syz.3.1871 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  166.601304][   T40] audit: type=1400 audit(1748176309.749:821): avc:  denied  { audit_control } for  pid=11750 comm="syz.5.1872" capability=30  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  166.633522][T11756] netlink: 'syz.3.1873': attribute type 10 has an invalid length.
[  166.637029][T11756] veth0_vlan: left promiscuous mode
[  166.640405][T11756] veth0_vlan: entered promiscuous mode
[  166.643160][T11756] team0: Device veth0_vlan failed to register rx_handler
[  166.761780][T11779] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11779 comm=syz.1.1879
[  166.766160][T11779] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11779 comm=syz.1.1879
[  166.891250][T11790] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  166.950197][T11797] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  166.961856][T11799] vxcan1: MTU too low for tipc bearer
[  166.963681][T11799] tipc: Enabling of bearer <eth:vxcan1> rejected, failed to enable media
[  167.319711][T11833] 9pnet_fd: Insufficient options for proto=fd
[  167.362841][T11837] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  167.368145][T11837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=11837 comm=syz.1.1896
[  167.503987][   T40] audit: type=1400 audit(1748176310.649:822): avc:  denied  { setattr } for  pid=11849 comm="syz.6.1901" name="SCO" dev="sockfs" ino=48283 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  167.505810][T11850] @: renamed from vlan0 (while UP)
[  167.540532][T11852] tmpfs: Unknown parameter 'usrquota_inoa_hardlimit'
[  167.606757][T11862] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11862 comm=syz.5.1905
[  168.873399][T11888] __nla_validate_parse: 68 callbacks suppressed
[  168.873415][T11888] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1915'.
[  168.924246][T11892] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1916'.
[  168.930079][T11892] atomic_op ffff888044955998 conn xmit_atomic 0000000000000000
[  168.959734][   T40] audit: type=1400 audit(1748176312.109:823): avc:  denied  { create } for  pid=11893 comm="syz.6.1918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  169.010152][T11898] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1920'.
[  169.183053][   T40] audit: type=1400 audit(1748176312.329:824): avc:  denied  { ioctl } for  pid=11901 comm="syz.6.1922" path="socket:[45796]" dev="sockfs" ino=45796 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  169.331458][T11910] netlink: 'syz.6.1925': attribute type 4 has an invalid length.
[  169.339961][   T40] audit: type=1400 audit(1748176312.489:825): avc:  denied  { write } for  pid=11909 comm="syz.6.1925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.348561][T11910] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11910 comm=syz.6.1925
[  169.627447][T11923] overlay: Unknown parameter 'euid'
[  169.635377][T11923] o2cb: This node has not been configured.
[  169.637783][T11923] o2cb: Cluster check failed. Fix errors before retrying.
[  169.640303][T11923] (syz.1.1930,11923,3):user_dlm_register:674 ERROR: status = -22
[  169.642812][T11923] (syz.1.1930,11923,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  169.647647][T11923] o2cb: This node has not been configured.
[  169.649586][T11923] o2cb: Cluster check failed. Fix errors before retrying.
[  169.651816][T11923] (syz.1.1930,11923,2):user_dlm_register:674 ERROR: status = -22
[  169.654269][T11923] (syz.1.1930,11923,2):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  169.776124][T11925] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[  169.779248][T11925] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1931'.
[  169.795547][ T1958] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  169.817947][T11927] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1932'.
[  169.844186][T11929] netlink: 'syz.1.1933': attribute type 1 has an invalid length.
[  169.878748][   T40] audit: type=1326 audit(1748176313.029:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.1.1934" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f080a78e969 code=0x0
[  169.964918][ T1958] usb 11-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  169.968401][ T1958] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.971044][ T1958] usb 11-1: Product: syz
[  169.972379][ T1958] usb 11-1: Manufacturer: syz
[  169.974845][ T1958] usb 11-1: SerialNumber: syz
[  169.981264][ T1958] usb 11-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  169.987131][   T40] audit: type=1400 audit(1748176313.129:827): avc:  denied  { firmware_load } for  pid=836 comm="kworker/2:2" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  170.004002][  T836] usb 11-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  170.127032][T11943] netlink: 388 bytes leftover after parsing attributes in process `syz.1.1937'.
[  170.130354][T11943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1937'.
[  170.760052][T11944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.763826][T11944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.035679][  T836] ath9k_htc 11-1:1.0: ath9k_htc: Target is unresponsive
[  171.039365][  T836] ath9k_htc: Failed to initialize the device
[  171.060744][  T836] usb 11-1: ath9k_htc: USB layer deinitialized
[  171.066191][ T5990] usb 11-1: USB disconnect, device number 5
[  171.228636][T11951] netlink: 'syz.3.1939': attribute type 1 has an invalid length.
[  171.232020][T11951] netlink: 'syz.3.1939': attribute type 2 has an invalid length.
[  171.280952][T11955] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1940'.
[  171.289231][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  171.289247][   T40] audit: type=1400 audit(1748176314.439:831): avc:  denied  { ioctl } for  pid=11954 comm="syz.1.1940" path="socket:[46879]" dev="sockfs" ino=46879 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  171.290034][T11955] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1940'.
[  171.305232][T11955] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1940'.
[  171.312967][T11955] ip6gretap0: entered promiscuous mode
[  171.319420][T11955] syz_tun: entered promiscuous mode
[  171.400990][T11961] afs: Unknown parameter 'dynring'
[  171.523395][T11965] netlink: 'syz.3.1943': attribute type 21 has an invalid length.
[  171.526153][T11965] netlink: 'syz.3.1943': attribute type 6 has an invalid length.
[  171.594742][T11970] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  171.888596][T11982] sch_tbf: burst 0 is lower than device geneve0 mtu (1464) !
[  172.488691][   T40] audit: type=1400 audit(1748176315.639:832): avc:  denied  { append } for  pid=12014 comm="syz.1.1961" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  172.775653][  T836] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  172.951945][  T836] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  172.956275][  T836] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  172.960137][  T836] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  172.962963][  T836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.967332][T12020] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  172.971266][  T836] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  173.144214][T12040] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  173.148261][T12040] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  173.152696][T12040] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  173.156352][T12040] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  173.160652][T12040] geneve2: entered promiscuous mode
[  173.162896][T12040] geneve2: entered allmulticast mode
[  173.234740][   T66] usb 6-1: USB disconnect, device number 18
[  173.281615][   T40] audit: type=1400 audit(1748176316.429:833): avc:  denied  { getopt } for  pid=12056 comm="syz.5.1979" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  173.349484][T12064] bridge2: entered promiscuous mode
[  173.443326][   T40] audit: type=1400 audit(1748176316.589:834): avc:  denied  { execute } for  pid=12074 comm="syz.5.1983" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  173.492638][T12082] xt_l2tp: v2 doesn't support IP mode
[  174.403193][T12099] FAULT_INJECTION: forcing a failure.
[  174.403193][T12099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.408075][T12099] CPU: 1 UID: 0 PID: 12099 Comm: syz.3.1990 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  174.408090][T12099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  174.408097][T12099] Call Trace:
[  174.408101][T12099]  <TASK>
[  174.408105][T12099]  dump_stack_lvl+0x16c/0x1f0
[  174.408126][T12099]  should_fail_ex+0x512/0x640
[  174.408144][T12099]  _copy_from_user+0x2e/0xd0
[  174.408161][T12099]  vmci_host_unlocked_ioctl+0x10df/0x2010
[  174.408178][T12099]  ? do_vfs_ioctl+0x512/0x1990
[  174.408196][T12099]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  174.408217][T12099]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  174.408236][T12099]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  174.408255][T12099]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  174.408283][T12099]  ? selinux_file_ioctl+0x180/0x270
[  174.408300][T12099]  ? selinux_file_ioctl+0xb4/0x270
[  174.408317][T12099]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  174.408336][T12099]  __x64_sys_ioctl+0x190/0x200
[  174.408352][T12099]  do_syscall_64+0xcd/0x260
[  174.408369][T12099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.408381][T12099] RIP: 0033:0x7f1625f8e969
[  174.408391][T12099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.408401][T12099] RSP: 002b:00007f1626d15038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  174.408411][T12099] RAX: ffffffffffffffda RBX: 00007f16261b5fa0 RCX: 00007f1625f8e969
[  174.408418][T12099] RDX: 00002000000002c0 RSI: 00000000000007a6 RDI: 0000000000000003
[  174.408424][T12099] RBP: 00007f1626d15090 R08: 0000000000000000 R09: 0000000000000000
[  174.408431][T12099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.408437][T12099] R13: 0000000000000000 R14: 00007f16261b5fa0 R15: 00007ffd6a5aade8
[  174.408451][T12099]  </TASK>
[  174.620245][T12115] overlayfs: failed to resolve './file0': -2
[  174.762729][T12131] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.785781][ T5990] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  174.840539][T12131] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.899574][T12131] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.957089][ T5990] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  174.960587][ T5990] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  174.963695][ T5990] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  174.966654][ T5990] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.971191][T12106] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  174.975018][ T5990] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  175.006869][T12131] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.093053][T12131] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.103483][T12131] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.115076][T12131] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.124835][T12131] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.178464][T12106] program syz.5.1993 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  175.183764][ T5990] usb 10-1: USB disconnect, device number 4
[  175.339956][   T40] audit: type=1400 audit(1748176318.489:835): avc:  denied  { execute } for  pid=12137 comm="syz.6.2003" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  175.433146][T12141] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  175.433203][   T40] audit: type=1400 audit(1748176318.579:836): avc:  denied  { mounton } for  pid=12139 comm="syz.6.2004" path="/159/file0" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=fifo_file permissive=1
[  175.547444][T12141] /dev/sr0: Can't open blockdev
[  175.625963][   T40] audit: type=1400 audit(1748176318.779:837): avc:  denied  { remount } for  pid=12139 comm="syz.6.2004" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  175.637831][T12151] kAFS: No cell specified
[  175.637842][T12150] kAFS: No cell specified
[  175.723186][T12154] __nla_validate_parse: 8 callbacks suppressed
[  175.723197][T12154] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2008'.
[  175.807554][T12171] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2012'.
[  175.981898][   T40] audit: type=1400 audit(1748176319.129:838): avc:  denied  { ioctl } for  pid=12196 comm="syz.3.2022" path="socket:[47065]" dev="sockfs" ino=47065 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  175.992421][T12199] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2023'.
[  175.998083][T12199] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2023'.
[  176.000920][T12199] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2023'.
[  176.105936][ T5973] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  176.258563][ T5973] usb 6-1: Using ep0 maxpacket: 8
[  176.263533][ T5973] usb 6-1: config 6 has an invalid interface number: 252 but max is 2
[  176.267142][ T5973] usb 6-1: config 6 has an invalid interface number: 241 but max is 2
[  176.269696][ T5973] usb 6-1: config 6 has an invalid interface number: 217 but max is 2
[  176.272213][ T5973] usb 6-1: config 6 contains an unexpected descriptor of type 0x1, skipping
[  176.274903][ T5973] usb 6-1: config 6 has no interface number 0
[  176.277699][ T5973] usb 6-1: config 6 has no interface number 1
[  176.279743][ T5973] usb 6-1: config 6 has no interface number 2
[  176.281660][ T5973] usb 6-1: config 6 interface 252 altsetting 127 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  176.284957][ T5973] usb 6-1: config 6 interface 252 altsetting 127 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  176.289463][ T5973] usb 6-1: config 6 interface 241 altsetting 8 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  176.292785][ T5973] usb 6-1: config 6 interface 241 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[  176.298650][ T5973] usb 6-1: config 6 interface 241 altsetting 8 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  176.301949][ T5973] usb 6-1: config 6 interface 241 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[  176.303182][   T40] audit: type=1400 audit(1748176319.449:839): avc:  denied  { setcurrent } for  pid=12223 comm="syz.6.2032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  176.305254][ T5973] usb 6-1: config 6 interface 241 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[  176.311858][T12225] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  176.314992][ T5973] usb 6-1: config 6 interface 241 altsetting 8 has a duplicate endpoint with address 0x9, skipping
[  176.322268][ T5973] usb 6-1: config 6 interface 241 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[  176.326588][ T5973] usb 6-1: config 6 interface 241 altsetting 8 has a duplicate endpoint with address 0xB, skipping
[  176.330039][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  176.333437][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x8C, skipping
[  176.337290][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[  176.340573][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  176.343873][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x6, skipping
[  176.347787][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  176.351123][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[  176.354444][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0x5, skipping
[  176.358176][ T5973] usb 6-1: config 6 interface 217 altsetting 7 has a duplicate endpoint with address 0xE, skipping
[  176.361488][ T5973] usb 6-1: config 6 interface 252 has no altsetting 0
[  176.363595][ T5973] usb 6-1: config 6 interface 241 has no altsetting 0
[  176.366148][ T5973] usb 6-1: config 6 interface 217 has no altsetting 0
[  176.369951][ T5973] usb 6-1: Dual-Role OTG device on HNP port
[  176.371980][ T5973] usb 6-1: New USB device found, idVendor=1b3d, idProduct=9306, bcdDevice=45.04
[  176.374787][ T5973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.377662][ T5973] usb 6-1: Product: syz
[  176.379033][ T5973] usb 6-1: Manufacturer: syz
[  176.380492][ T5973] usb 6-1: SerialNumber: syz
[  176.588138][T12177] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2015'.
[  176.594420][ T5973] ftdi_sio 6-1:6.252: FTDI USB Serial Device converter detected
[  176.597983][ T5973] ftdi_sio ttyUSB0: unknown device type: 0x4504
[  176.602343][ T5973] ftdi_sio 6-1:6.241: FTDI USB Serial Device converter detected
[  176.605307][ T5973] ftdi_sio ttyUSB1: unknown device type: 0x4504
[  176.611359][ T5973] ftdi_sio 6-1:6.217: FTDI USB Serial Device converter detected
[  176.614208][ T5973] ftdi_sio ttyUSB2: unknown device type: 0x4504
[  176.618530][ T5973] usb 6-1: USB disconnect, device number 19
[  176.622233][ T5973] ftdi_sio 6-1:6.252: device disconnected
[  176.630139][ T5973] ftdi_sio 6-1:6.241: device disconnected
[  176.633478][ T5973] ftdi_sio 6-1:6.217: device disconnected
[  177.136386][T12232] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2035'.
[  177.367753][T12249] netlink: 'syz.6.2041': attribute type 10 has an invalid length.
[  177.373816][T12249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.380659][T12249] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  177.465572][   T66] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  177.542495][   T40] audit: type=1401 audit(1748176320.689:840): op=setxattr invalid_context="system_u:object_r:crond_var_run_t:s0"
[  177.625675][   T66] usb 8-1: Using ep0 maxpacket: 32
[  177.629752][   T66] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  177.635582][   T66] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  177.639100][   T66] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  177.647530][   T66] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  177.650428][   T66] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  177.653035][   T66] usb 8-1: Product: syz
[  177.654355][   T66] usb 8-1: Manufacturer: syz
[  177.658123][   T66] usb 8-1: SerialNumber: syz
[  177.664419][   T66] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input19
[  177.869965][T12242] bridge4: entered promiscuous mode
[  177.891903][ T5990] usb 8-1: USB disconnect, device number 13
[  177.900958][ T5990] appletouch 8-1:1.0: input: appletouch disconnected
[  178.355550][ T5990] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  178.515543][ T5990] usb 8-1: Using ep0 maxpacket: 16
[  178.518487][ T5990] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  178.521455][ T5990] usb 8-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  178.524210][ T5990] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.527989][ T5990] usb 8-1: config 0 descriptor??
[  178.612290][T12317] 9pnet_virtio: no channels available for device syz
[  178.734384][ T5973] usb 8-1: USB disconnect, device number 14
[  178.734610][   T40] audit: type=1400 audit(1748176321.879:841): avc:  denied  { create } for  pid=12325 comm="syz.1.2064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  179.231663][T12329] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2065'.
[  179.417283][T12344] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2070'.
[  179.579912][T12363] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2075'.
[  179.629359][T12369] IPv6: sit1: Disabled Multicast RS
[  179.631522][T12369] sit1: entered allmulticast mode
[  179.671512][   T40] audit: type=1400 audit(1748176322.819:842): avc:  denied  { write } for  pid=12372 comm="syz.3.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  179.763990][   T40] audit: type=1400 audit(1748176322.909:843): avc:  denied  { shutdown } for  pid=12385 comm="syz.3.2082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  179.883234][   T40] audit: type=1400 audit(1748176323.029:844): avc:  denied  { shutdown } for  pid=12398 comm="syz.5.2086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  180.233248][T12429] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (8), value rounded to 0 ms
[  180.387096][T12438] XFS (nullb0): Invalid superblock magic number
[  180.426416][T12446] binder: binder_mmap: 12437 200000ffd000-200001000000 bad vm_flags failed -1
[  180.452791][T12454] binfmt_misc: register: failed to install interpreter file ./file0
[  180.457677][T12449] ieee802154 phy0 wpan0: encryption failed: -22
[  180.513828][T12464] overlayfs: workdir and upperdir must reside under the same mount
[  180.689255][   T40] audit: type=1400 audit(1748176323.839:845): avc:  denied  { append } for  pid=12481 comm="syz.6.2108" name="usbmon4" dev="devtmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  180.923099][T12506] 9pnet_virtio: no channels available for device syz
[  180.944359][T12505] qrtr: Invalid version 255
[  181.215847][   T40] audit: type=1400 audit(1748176324.369:846): avc:  denied  { write } for  pid=12507 comm="syz.3.2116" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  181.328940][T12491] syz.6.2111 (12491): drop_caches: 2
[  181.329767][T12517] tmpfs: Bad value for 'size'
[  181.334283][T12517] mac80211_hwsim hwsim9 `ëÿÿ: renamed from wlan1
[  181.403983][T12491] syz.6.2111 (12491): drop_caches: 2
[  181.460547][   T40] audit: type=1400 audit(1748176324.609:847): avc:  denied  { map } for  pid=12522 comm="syz.3.2122" path="/dev/ptyqa" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  181.468750][   T40] audit: type=1400 audit(1748176324.609:848): avc:  denied  { execute } for  pid=12522 comm="syz.3.2122" path="/dev/ptyqa" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  181.477090][   T40] audit: type=1326 audit(1748176324.619:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.478778][T12525] __nla_validate_parse: 1 callbacks suppressed
[  181.478788][T12525] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2123'.
[  181.484105][   T40] audit: type=1326 audit(1748176324.619:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.484137][   T40] audit: type=1326 audit(1748176324.619:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.504755][   T40] audit: type=1326 audit(1748176324.619:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.511858][   T40] audit: type=1326 audit(1748176324.619:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.519160][   T40] audit: type=1326 audit(1748176324.619:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.526343][   T40] audit: type=1326 audit(1748176324.619:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.533519][   T40] audit: type=1326 audit(1748176324.619:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12524 comm="syz.6.2123" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e78e969 code=0x7ffc0000
[  181.610392][T12531] netlink: 'syz.5.2125': attribute type 6 has an invalid length.
[  181.613562][T12531] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.2125'.
[  181.756685][T12505] syz.1.2115 (12505) used greatest stack depth: 20488 bytes left
[  181.789057][T12543] rtc_cmos 00:05: Alarms can be up to one day in the future
[  181.812470][T12543] syzkaller0: entered promiscuous mode
[  181.814235][T12543] syzkaller0: entered allmulticast mode
[  181.895805][ T5990] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  181.968819][ T6100] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  181.982353][T12548] overlayfs: lower data-only dirs require metacopy support.
[  182.050619][ T5990] usb 11-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  182.054478][ T5990] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.057762][ T5990] usb 11-1: Product: syz
[  182.059597][ T5990] usb 11-1: Manufacturer: syz
[  182.061657][ T5990] usb 11-1: SerialNumber: syz
[  182.066739][ T5990] usb 11-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  182.099344][ T5990] usb 11-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  182.139558][ T6100] usb 10-1: Using ep0 maxpacket: 8
[  182.149273][ T6100] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  182.153337][ T6100] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  182.156723][ T6100] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  182.160863][ T6100] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  182.166859][ T6100] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  182.170827][ T6100] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.310298][ T5973] usb 11-1: USB disconnect, device number 6
[  182.386071][ T6100] usb 10-1: GET_CAPABILITIES returned 0
[  182.387940][ T6100] usbtmc 10-1:16.0: can't read capabilities
[  182.668699][ T1023] usb 10-1: USB disconnect, device number 5
[  183.043092][T12547] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2131'.
[  183.110862][T12550] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2132'.
[  183.121714][T12556] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2134'.
[  183.185650][ T5990] ath9k_htc 11-1:1.0: ath9k_htc: Target is unresponsive
[  183.190704][ T5990] ath9k_htc: Failed to initialize the device
[  183.193768][ T5973] usb 11-1: ath9k_htc: USB layer deinitialized
[  183.209585][T12563] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  183.388193][T12583] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2142'.
[  183.571598][T12597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2146'.
[  183.575243][T12597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2146'.
[  183.579662][T12597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2146'.
[  183.734228][T12611] openvswitch: netlink: IPv4 tun info is not correct
[  183.954384][T12639] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2159'.
[  184.241428][T12664] ISOFS: Unable to identify CD-ROM format.
[  184.269946][T12662] : entered promiscuous mode
[  184.383652][T12682] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  184.388621][T12682] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  184.922414][ T5935] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  184.925847][ T5935] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  184.929065][ T5935] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  184.932015][ T5935] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  184.934861][ T5935] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  184.942561][ T5940] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  184.945872][ T5940] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  184.949080][ T5940] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  184.953100][ T5940] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  184.955660][ T5940] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  185.074468][T12701] chnl_net:caif_netlink_parms(): no params data found
[  185.145565][T12701] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.148087][T12701] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.150709][T12701] bridge_slave_0: entered allmulticast mode
[  185.153562][T12701] bridge_slave_0: entered promiscuous mode
[  185.157095][T12701] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.159314][T12710] netlink: 'syz.6.2178': attribute type 32 has an invalid length.
[  185.159496][T12701] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.164998][T12701] bridge_slave_1: entered allmulticast mode
[  185.168457][T12701] bridge_slave_1: entered promiscuous mode
[  185.190072][ T8389] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.193307][ T8389] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0
[  185.194431][T12712] block nbd0: not configured, cannot reconfigure
[  185.232656][T12717] overlayfs: failed to resolve './bus': -2
[  185.254277][T12701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.265607][ T5947] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  185.266176][ T5935] Bluetooth: hci5: command 0x1003 tx timeout
[  185.268601][T12701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.289187][ T8389] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.292558][ T8389] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0
[  185.357020][ T8389] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.360952][ T8389] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0
[  185.403912][T12701] team0: Port device team_slave_0 added
[  185.408987][T12701] team0: Port device team_slave_1 added
[  185.447440][T12701] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.449673][T12701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.457794][T12701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.462001][T12701] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.464158][T12701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.472151][T12701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.490805][ T8389] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.494288][ T8389] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0
[  185.516434][T12733] program syz.1.2185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  185.533271][T12701] hsr_slave_0: entered promiscuous mode
[  185.535500][T12701] hsr_slave_1: entered promiscuous mode
[  185.537481][T12701] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  185.539771][T12701] Cannot create hsr debugfs directory
[  185.555649][ T1958] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  185.690938][ T8389] bridge_slave_1: left allmulticast mode
[  185.692729][ T8389] bridge_slave_1: left promiscuous mode
[  185.694509][ T8389] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.700062][ T8389] bridge_slave_0: left allmulticast mode
[  185.701793][ T8389] bridge_slave_0: left promiscuous mode
[  185.704501][ T8389] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.712095][ T8389] veth3: left allmulticast mode
[  185.713743][ T8389] bridge3: port 1(veth3) entered disabled state
[  185.715551][ T1958] usb 11-1: Using ep0 maxpacket: 16
[  185.719976][ T1958] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  185.723925][ T1958] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  185.727390][ T1958] usb 11-1: config 0 interface 0 has no altsetting 0
[  185.731221][ T1958] usb 11-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  185.734803][ T1958] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.738607][ T1958] usb 11-1: Product: syz
[  185.739920][ T1958] usb 11-1: Manufacturer: syz
[  185.741441][ T1958] usb 11-1: SerialNumber: syz
[  185.744466][ T1958] usb 11-1: config 0 descriptor??
[  185.950436][T12726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.954476][ T8389] bridge0 (unregistering): left promiscuous mode
[  185.956075][T12726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.967257][ T1958] input: syz syz as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/input/input22
[  186.161535][   T66] usb 11-1: USB disconnect, device number 7
[  186.298142][ T8389] bond0 (unregistering): left allmulticast mode
[  186.304517][ T8389] team0: Port device bond0 removed
[  186.310252][ T8389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.313743][ T8389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.317115][ T8389] bond0 (unregistering): Released all slaves
[  186.402766][ T8389] bond1 (unregistering): (slave dummy0): Releasing active interface
[  186.406891][ T8389] bond1 (unregistering): Released all slaves
[  186.413456][ T8389] bond2 (unregistering): Released all slaves
[  186.420215][ T8389] bond3 (unregistering): Released all slaves
[  186.427582][ T8389] bond4 (unregistering): Released all slaves
[  186.497041][ T8389] tipc: Left network mode
[  186.536876][ T8389] IPVS: stopping backup sync thread 11970 ...
[  186.740770][T12701] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  186.755492][T12701] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  186.761096][T12701] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  186.778704][ T8389] hsr_slave_0: left promiscuous mode
[  186.781220][ T8389] hsr_slave_1: left promiscuous mode
[  186.783212][ T8389] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.786335][ T8389] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.934874][T12761] No source specified
[  186.949565][T12761] netlink: 'syz.6.2194': attribute type 23 has an invalid length.
[  186.958460][T12762] netlink: 'syz.6.2194': attribute type 23 has an invalid length.
[  187.037452][ T5947] Bluetooth: hci6: command tx timeout
[  187.086308][ T6100] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  187.247093][ T6100] usb 10-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  187.251883][ T6100] usb 10-1: config 1 interface 0 has no altsetting 0
[  187.257390][ T6100] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  187.261088][ T6100] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.263521][ T6100] usb 10-1: Product: syz
[  187.264831][ T6100] usb 10-1: Manufacturer: syz
[  187.267362][ T6100] usb 10-1: SerialNumber: syz
[  187.270743][T12759] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  187.322199][T12772] __nla_validate_parse: 6 callbacks suppressed
[  187.322217][T12772] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2196'.
[  187.489178][ T8389] team0 (unregistering): Port device team_slave_1 removed
[  187.565088][ T8389] team0 (unregistering): Port device team_slave_0 removed
[  187.605573][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  188.142687][T12701] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  188.161802][T12759] wg0: entered allmulticast mode
[  188.228354][T12701] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.239799][T12701] 8021q: adding VLAN 0 to HW filter on device team0
[  188.246017][ T8384] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.248630][ T8384] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.256863][ T8374] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.259639][ T8374] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.270045][T12782] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  188.396090][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[  188.403347][T12701] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.406729][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  188.444221][T12796] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2201'.
[  188.445786][T12701] veth0_vlan: entered promiscuous mode
[  188.447461][T12796] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2201'.
[  188.458590][T12701] veth1_vlan: entered promiscuous mode
[  188.476991][T12701] veth0_macvtap: entered promiscuous mode
[  188.482796][T12701] veth1_macvtap: entered promiscuous mode
[  188.497517][T12701] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.507367][T12701] batman_adv: batadv0: Interface activated: batadv_slave_1
[  188.514559][T12701] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.518965][T12701] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.522525][T12701] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.527019][T12701] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.573407][ T8374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.575949][ T8374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.592146][ T8374] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.594689][ T8374] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.602613][   T40] kauditd_printk_skb: 48 callbacks suppressed
[  188.602672][   T40] audit: type=1400 audit(1748176331.749:905): avc:  denied  { mounton } for  pid=12701 comm="syz-executor" path="/syzkaller.adzjBQ/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=53147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  189.055483][  T835] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  189.105587][ T5947] Bluetooth: hci6: command tx timeout
[  189.136246][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  189.190520][   T40] audit: type=1400 audit(1748176332.339:906): avc:  denied  { setattr } for  pid=12807 comm="syz.1.2204" name="QIPCRTR" dev="sockfs" ino=50908 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  189.227226][  T835] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  189.230591][  T835] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  189.234039][  T835] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  189.237155][  T835] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  189.240685][  T835] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  189.246060][  T835] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  189.249045][  T835] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  189.251649][  T835] usb 8-1: Product: syz
[  189.253065][  T835] usb 8-1: Manufacturer: syz
[  189.257973][  T835] cdc_wdm 8-1:1.0: skipping garbage
[  189.259693][  T835] cdc_wdm 8-1:1.0: skipping garbage
[  189.263440][  T835] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  189.265409][  T835] cdc_wdm 8-1:1.0: Unknown control protocol
[  189.603341][T12811] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  189.704552][T12813] fuse: Bad value for 'user_id'
[  189.706403][T12813] fuse: Bad value for 'user_id'
[  189.713901][T12813] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2206'.
[  189.777278][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  189.834567][T12817] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2207'.
[  189.855983][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  189.864092][T12818] bond1: entered promiscuous mode
[  189.866239][T12818] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  189.882194][ T6100] usb 10-1: USB disconnect, device number 6
[  189.886645][T12818] bond1: left promiscuous mode
[  190.022093][T12815] xt_hashlimit: size too large, truncated to 1048576
[  190.026391][T12826] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2211'.
[  190.031704][T12826] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  190.040083][T12826] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  190.061955][T12828] kvm: MWAIT instruction emulated as NOP!
[  190.079732][   T40] audit: type=1400 audit(1748176333.229:907): avc:  denied  { ioctl } for  pid=12825 comm="syz.1.2211" path="socket:[55304]" dev="sockfs" ino=55304 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  190.251570][T12851] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12851 comm=syz.5.2218
[  190.256092][T12851] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12851 comm=syz.5.2218
[  190.284065][T12854] xt_l2tp: missing protocol rule (udp|l2tpip)
[  190.401259][T12863] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1027 sclass=netlink_route_socket pid=12863 comm=syz.5.2221
[  190.415576][ T1958] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  190.586031][ T1958] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  190.592908][ T1958] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.596294][ T1958] usb 6-1: Product: syz
[  190.598274][ T1958] usb 6-1: Manufacturer: syz
[  190.600471][ T1958] usb 6-1: SerialNumber: syz
[  190.610070][ T1958] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  190.624953][  T836] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  190.842164][ T1023] usb 6-1: USB disconnect, device number 20
[  190.845391][T12884] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  190.847517][T12884] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  190.848437][T12884] vhci_hcd vhci_hcd.0: Device attached
[  190.852727][T12885] vhci_hcd: connection closed
[  190.853618][ T8388] vhci_hcd: stop threads
[  190.860858][ T8388] vhci_hcd: release socket
[  190.862281][ T5991] IPVS: starting estimator thread 0...
[  190.863956][ T8388] vhci_hcd: disconnect device
[  190.955881][T12888] IPVS: using max 44 ests per chain, 105600 per kthread
[  191.019838][T12898] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2231'.
[  191.144656][T12908] netlink: 'syz.1.2235': attribute type 1 has an invalid length.
[  191.164220][T12908] bond2: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  191.183217][T12908] veth7: entered promiscuous mode
[  191.185943][ T5947] Bluetooth: hci6: command tx timeout
[  191.187119][T12908] bond2: (slave veth7): Enslaving as a backup interface with a down link
[  191.196422][ T8388] IPVS: stop unused estimator thread 0...
[  191.221750][T12911] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2236'.
[  191.226412][   T40] audit: type=1400 audit(1748176334.379:908): avc:  denied  { append } for  pid=12910 comm="syz.1.2236" name="pfkey" dev="proc" ino=4026532986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  191.421666][T12920] netlink: 'syz.6.2239': attribute type 21 has an invalid length.
[  191.424248][T12920] netlink: 128 bytes leftover after parsing attributes in process `syz.6.2239'.
[  191.427299][T12920] netlink: 'syz.6.2239': attribute type 5 has an invalid length.
[  191.429723][T12920] netlink: 'syz.6.2239': attribute type 6 has an invalid length.
[  191.432189][T12920] netlink: 3 bytes leftover after parsing attributes in process `syz.6.2239'.
[  191.439654][T12920] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  191.444280][T12920] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  191.548052][T12931] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.553756][T12929] netlink: 'syz.1.2241': attribute type 1 has an invalid length.
[  191.553891][T12931] bond0: (slave rose0): Enslaving as an active interface with an up link
[  191.559971][T12929] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  191.675552][  T836] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  191.695839][  T836] ath9k_htc: Failed to initialize the device
[  191.706072][ T1023] usb 6-1: ath9k_htc: USB layer deinitialized
[  191.744432][   T40] audit: type=1400 audit(1748176334.889:909): avc:  denied  { lock } for  pid=12948 comm="syz.1.2244" path="time:[4026531834]" dev="nsfs" ino=4026531834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  191.773828][  T837] usb 8-1: USB disconnect, device number 15
[  191.823325][T12958] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8192 sclass=netlink_xfrm_socket pid=12958 comm=syz.1.2246
[  191.858383][   T40] audit: type=1400 audit(1748176335.009:910): avc:  denied  { listen } for  pid=12963 comm="syz.5.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  192.120718][ T5940] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  192.125694][ T5940] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  192.129401][ T5940] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  192.132624][ T5940] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  192.137740][ T5940] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  192.285253][T12981] chnl_net:caif_netlink_parms(): no params data found
[  192.352934][T12395] syz_tun (unregistering): left promiscuous mode
[  192.427387][T12981] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.429667][T12981] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.431865][T12981] bridge_slave_0: entered allmulticast mode
[  192.434498][T12981] bridge_slave_0: entered promiscuous mode
[  192.440324][T12981] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.442567][T12981] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.444754][T12981] bridge_slave_1: entered allmulticast mode
[  192.449964][T12981] bridge_slave_1: entered promiscuous mode
[  192.484167][T12981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  192.492219][T12981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  192.502177][T13000] netlink: 'syz.3.2256': attribute type 1 has an invalid length.
[  192.538946][T12981] team0: Port device team_slave_0 added
[  192.561493][ T8400] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  192.564862][ T8400] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.576069][T12981] team0: Port device team_slave_1 added
[  192.605296][T12981] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.608303][T12981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.616648][T12981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.620834][T12981] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.622949][T12981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.630835][T12981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.646469][   T40] audit: type=1400 audit(1748176335.789:911): avc:  denied  { connect } for  pid=12999 comm="syz.3.2256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  192.665672][ T8400] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  192.669300][ T8400] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.731610][ T8400] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  192.736245][ T8400] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.749791][T12981] hsr_slave_0: entered promiscuous mode
[  192.753019][T12981] hsr_slave_1: entered promiscuous mode
[  192.759432][T12981] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  192.762540][T12981] Cannot create hsr debugfs directory
[  192.851640][ T8400] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  192.854857][ T8400] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.864307][T13007] IPv6: NLM_F_CREATE should be specified when creating new route
[  193.037656][T13032] input: syz0 as /devices/virtual/input/input23
[  193.039828][ T8400] ip6gretap0 (unregistering): left promiscuous mode
[  193.068194][ T8400] bond0 (unregistering): (slave ip6gre1): Releasing backup interface
[  193.070823][ T8400] ip6gre1 (unregistering): left promiscuous mode
[  193.080505][ T8400] bond2 (unregistering): (slave ip6gretap2): Releasing backup interface
[  193.083100][ T8400] bond2 (unregistering): (slave ip6gretap2): the permanent HWaddr of slave - 2a:f1:8f:f0:50:96 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  193.154270][ T8400] erspan0 (unregistering): left promiscuous mode
[  193.158996][T13042] __nla_validate_parse: 4 callbacks suppressed
[  193.159008][T13042] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2267'.
[  193.169990][T13038] Invalid source name
[  193.171307][T13038] UBIFS error (pid: 13038): cannot open "/dev/sg0", error -22
[  193.171778][   T40] audit: type=1400 audit(1748176336.329:912): avc:  denied  { ioctl } for  pid=13037 comm="syz.5.2267" path="/dev/input/mice" dev="devtmpfs" ino=939 ioctlcmd=0x3ba0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  193.266776][ T5935] Bluetooth: hci6: command tx timeout
[  193.309346][   T40] audit: type=1400 audit(1748176336.459:913): avc:  denied  { accept } for  pid=13045 comm="syz.5.2269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  193.316636][ T8400] bond0 (unregistering): Released all slaves
[  193.326713][ T8400] bond1 (unregistering): Released all slaves
[  193.335851][ T8400] bond2 (unregistering): (slave veth7): Releasing backup interface
[  193.339467][ T8400] bond2 (unregistering): Released all slaves
[  193.510114][T13057] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2271'.
[  193.580586][T13064] misc userio: Invalid payload size
[  193.586713][ T5947] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  193.746710][T13080] CIFS mount error: No usable UNC path provided in device string!
[  193.746710][T13080] 
[  193.750309][T13080] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  193.788390][T13088] Malformed UNC in devname
[  193.788390][T13088] 
[  193.791196][T13088] CIFS: VFS: Malformed UNC in devname
[  193.877618][T13104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2282'.
[  193.880400][T13104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2282'.
[  193.889455][T13106] netlink: 'syz.3.2282': attribute type 29 has an invalid length.
[  193.891970][T13104] netlink: 'syz.3.2282': attribute type 29 has an invalid length.
[  193.934352][T13114] mkiss: ax0: crc mode is auto.
[  193.992954][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  193.995050][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  193.996774][T12981] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  194.014550][T12981] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  194.019185][T12981] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  194.023758][T12981] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  194.061732][T12981] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.075100][T12981] 8021q: adding VLAN 0 to HW filter on device team0
[  194.082117][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.084360][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.092943][ T8374] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.095202][ T8374] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.130115][   T40] audit: type=1400 audit(1748176337.279:914): avc:  denied  { listen } for  pid=13129 comm="syz.3.2288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  194.132156][T12981] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  194.221778][   T40] audit: type=1400 audit(1748176337.369:915): avc:  denied  { connect } for  pid=13144 comm="syz.5.2292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  194.229519][ T5947] Bluetooth: hci5: command tx timeout
[  194.244683][T12981] 8021q: adding VLAN 0 to HW filter on device batadv0
[  194.261096][T13146] fuse: Unknown parameter '¾2£™ÑºÇCÖtæMY¸Q:Õë»þ5é4îþÛÚ>¶BŠyÃ"uŸá—} '
[  194.261257][   T40] audit: type=1400 audit(1748176337.409:916): avc:  denied  { write } for  pid=13137 comm="syz.3.2290" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  194.275399][T12981] veth0_vlan: entered promiscuous mode
[  194.284205][T12981] veth1_vlan: entered promiscuous mode
[  194.303359][T12981] veth0_macvtap: entered promiscuous mode
[  194.308986][T12981] veth1_macvtap: entered promiscuous mode
[  194.323803][T12981] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.330586][T12981] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.336113][T12981] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.339621][T12981] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.342990][T12981] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.346529][T12981] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.571529][T13150] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  194.601777][T13152] syz.3.2294: attempt to access beyond end of device
[  194.601777][T13152] loop3: rw=0, sector=16, nr_sectors = 1 limit=0
[  194.607008][T13152] qnx6: unable to read the first superblock
[  194.609096][T13152] syz.3.2294: attempt to access beyond end of device
[  194.609096][T13152] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  194.613257][T13152] qnx6: unable to read the first superblock
[  194.615221][T13152] qnx6: unable to read the first superblock
[  195.665659][ T6100] Bluetooth: hci6: Opcode 0x0c1a failed: -110
[  195.666178][ T5947] Bluetooth: hci6: command 0x0c1a tx timeout
[  195.668404][ T6100] Bluetooth: hci6: Error when powering off device on rfkill (-110)
[  196.306146][ T5947] Bluetooth: hci5: command tx timeout
[  197.745988][ T6100] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[  197.747974][ T6100] Bluetooth: hci5: Error when powering off device on rfkill (-110)
[  197.812984][ T8386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.813685][T13166] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2298'.
[  197.815794][ T8386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.842502][T13166] bond2: entered promiscuous mode
[  197.844141][T13166] bond2: entered allmulticast mode
[  197.861129][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.863672][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.863760][ T8400] batadv_slave_1: left promiscuous mode
[  197.875484][ T8400] hsr_slave_0: left promiscuous mode
[  197.877638][ T8400] hsr_slave_1: left promiscuous mode
[  197.879680][ T8400] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.882141][ T8400] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.884953][ T8400] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.888894][ T8400] batman_adv: batadv0: Removing interface: batadv_slave_1
[  197.919106][ T8400] veth1_macvtap: left promiscuous mode
[  197.920909][ T8400] veth0_macvtap: left promiscuous mode
[  197.922673][ T8400] veth1_vlan: left promiscuous mode
[  197.924323][ T8400] veth0_vlan: left promiscuous mode
[  197.929117][T13184] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2304'.
[  197.932561][T13182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2304'.
[  198.686564][ T8400] team0 (unregistering): Port device team_slave_1 removed
[  198.736994][ T8400] team0 (unregistering): Port device team_slave_0 removed
[  199.536761][T13210] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(4)
[  199.538913][T13210] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  199.541321][T13210] vhci_hcd vhci_hcd.0: Device attached
[  199.544831][T13212] vhci_hcd: connection closed
[  199.547110][ T1150] vhci_hcd: stop threads
[  199.552554][ T1150] vhci_hcd: release socket
[  199.553919][ T1150] vhci_hcd: disconnect device
[  199.678973][ T8400] IPVS: stop unused estimator thread 0...
[  199.788778][T13223] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0
[  199.826033][ T5935] Bluetooth: hci1: command 0x1003 tx timeout
[  199.828330][ T5947] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  199.837810][T13147] mkiss: ax0: crc mode is auto.
[  199.908272][T13233] netlink: del zone limit has 4 unknown bytes
[  200.070805][T13240] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2324'.
[  200.073924][T13240] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2324'.
[  200.165829][   T66] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  200.196732][T13250] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2327'.
[  200.202078][T13251] netlink: 'syz.6.2327': attribute type 11 has an invalid length.
[  200.204620][T13251] netlink: 'syz.6.2327': attribute type 11 has an invalid length.
[  200.213267][T13251] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2327'.
[  200.216272][T13250] netlink: 'syz.6.2327': attribute type 11 has an invalid length.
[  200.219320][T13250] netlink: 'syz.6.2327': attribute type 11 has an invalid length.
[  200.222544][T13250] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2327'.
[  200.316373][   T66] usb 6-1: Using ep0 maxpacket: 32
[  200.319799][   T66] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.323695][   T66] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  200.331299][   T66] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  200.334852][   T66] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  200.338596][   T66] usb 6-1: Product: syz
[  200.340629][   T66] usb 6-1: Manufacturer: syz
[  200.342461][   T66] usb 6-1: SerialNumber: syz
[  200.350601][   T66] input: appletouch as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input24
[  200.385984][ T9328] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  200.423713][T13268] FAULT_INJECTION: forcing a failure.
[  200.423713][T13268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.428273][T13268] CPU: 2 UID: 0 PID: 13268 Comm: syz.3.2332 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  200.428299][T13268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.428306][T13268] Call Trace:
[  200.428310][T13268]  <TASK>
[  200.428314][T13268]  dump_stack_lvl+0x16c/0x1f0
[  200.428342][T13268]  should_fail_ex+0x512/0x640
[  200.428366][T13268]  _copy_from_user+0x2e/0xd0
[  200.428390][T13268]  copy_msghdr_from_user+0x98/0x160
[  200.428407][T13268]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  200.428427][T13268]  ___sys_sendmsg+0xfe/0x1d0
[  200.428440][T13268]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.428504][T13268]  __sys_sendmsg+0x16d/0x220
[  200.428525][T13268]  ? __pfx___sys_sendmsg+0x10/0x10
[  200.428548][T13268]  do_syscall_64+0xcd/0x260
[  200.428565][T13268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.428583][T13268] RIP: 0033:0x7fad2138e969
[  200.428597][T13268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.428611][T13268] RSP: 002b:00007fad22189038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.428626][T13268] RAX: ffffffffffffffda RBX: 00007fad215b5fa0 RCX: 00007fad2138e969
[  200.428635][T13268] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  200.428641][T13268] RBP: 00007fad22189090 R08: 0000000000000000 R09: 0000000000000000
[  200.428647][T13268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.428655][T13268] R13: 0000000000000000 R14: 00007fad215b5fa0 R15: 00007ffdeb06ecd8
[  200.428678][T13268]  </TASK>
[  200.516357][T13273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2335'.
[  200.551521][ T9328] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  200.556158][ T9328] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  200.560281][ T9328] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  200.561961][T13233] smc: net device bond0 applied user defined pnetid SYZ2
[  200.564019][ T9328] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.570095][   T40] audit: type=1400 audit(1748176343.719:917): avc:  denied  { read } for  pid=5328 comm="acpid" name="event7" dev="devtmpfs" ino=3124 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  200.572724][T13252] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  200.577303][   T40] audit: type=1400 audit(1748176343.719:918): avc:  denied  { open } for  pid=5328 comm="acpid" path="/dev/input/event7" dev="devtmpfs" ino=3124 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  200.583741][ T9328] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  200.588874][   T40] audit: type=1400 audit(1748176343.719:919): avc:  denied  { ioctl } for  pid=5328 comm="acpid" path="/dev/input/event7" dev="devtmpfs" ino=3124 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  200.589103][ T1958] usb 6-1: USB disconnect, device number 21
[  200.612679][ T1958] appletouch 6-1:1.0: input: appletouch disconnected
[  200.695236][   T58] libceph: mon0 (1)[::]:6789 socket error on write
[  200.700781][   T58] libceph: mon0 (1)[::]:6789 socket error on write
[  200.796928][ T1958] usb 10-1: USB disconnect, device number 7
[  200.847482][   T40] audit: type=1400 audit(1748176343.999:920): avc:  denied  { append } for  pid=13294 comm="syz.6.2342" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  200.928850][T13301] FAULT_INJECTION: forcing a failure.
[  200.928850][T13301] name failslab, interval 1, probability 0, space 0, times 0
[  200.933580][T13301] CPU: 3 UID: 0 PID: 13301 Comm: syz.6.2344 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  200.933595][T13301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.933602][T13301] Call Trace:
[  200.933606][T13301]  <TASK>
[  200.933611][T13301]  dump_stack_lvl+0x16c/0x1f0
[  200.933631][T13301]  should_fail_ex+0x512/0x640
[  200.933647][T13301]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  200.933660][T13301]  should_failslab+0xc2/0x120
[  200.933673][T13301]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  200.933684][T13301]  ? __alloc_skb+0x2b2/0x380
[  200.933699][T13301]  __alloc_skb+0x2b2/0x380
[  200.933711][T13301]  ? __pfx___alloc_skb+0x10/0x10
[  200.933724][T13301]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  200.933742][T13301]  netlink_alloc_large_skb+0x69/0x130
[  200.933757][T13301]  netlink_sendmsg+0x6a1/0xdd0
[  200.933774][T13301]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.933794][T13301]  ____sys_sendmsg+0xa95/0xc70
[  200.933810][T13301]  ? copy_msghdr_from_user+0x10a/0x160
[  200.933822][T13301]  ? __pfx_____sys_sendmsg+0x10/0x10
[  200.933844][T13301]  ___sys_sendmsg+0x134/0x1d0
[  200.933858][T13301]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.933887][T13301]  __sys_sendmsg+0x16d/0x220
[  200.933900][T13301]  ? __pfx___sys_sendmsg+0x10/0x10
[  200.933921][T13301]  do_syscall_64+0xcd/0x260
[  200.933939][T13301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.933951][T13301] RIP: 0033:0x7fbd6e78e969
[  200.933960][T13301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.933970][T13301] RSP: 002b:00007fbd6c5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.933981][T13301] RAX: ffffffffffffffda RBX: 00007fbd6e9b5fa0 RCX: 00007fbd6e78e969
[  200.933988][T13301] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  200.933994][T13301] RBP: 00007fbd6c5f6090 R08: 0000000000000000 R09: 0000000000000000
[  200.934000][T13301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.934006][T13301] R13: 0000000000000000 R14: 00007fbd6e9b5fa0 R15: 00007ffef1678518
[  200.934024][T13301]  </TASK>
[  200.957782][   T58] libceph: mon0 (1)[::]:6789 socket error on write
[  201.131525][T13311] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2347'.
[  201.134272][T13311] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2347'.
[  201.138070][T13311] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2347'.
[  201.140823][T13311] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2347'.
[  201.355116][T13332] netlink: 'syz.5.2357': attribute type 1 has an invalid length.
[  201.447396][T13346] sp0: Synchronizing with TNC
[  201.471931][T13352] FAULT_INJECTION: forcing a failure.
[  201.471931][T13352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.476687][T13352] CPU: 3 UID: 0 PID: 13352 Comm: syz.1.2365 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  201.476703][T13352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.476709][T13352] Call Trace:
[  201.476713][T13352]  <TASK>
[  201.476717][T13352]  dump_stack_lvl+0x16c/0x1f0
[  201.476742][T13352]  should_fail_ex+0x512/0x640
[  201.476760][T13352]  _copy_from_iter+0x2a4/0x15b0
[  201.476777][T13352]  ? __alloc_skb+0x200/0x380
[  201.476790][T13352]  ? __pfx__copy_from_iter+0x10/0x10
[  201.476807][T13352]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  201.476827][T13352]  netlink_sendmsg+0x829/0xdd0
[  201.476843][T13352]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.476863][T13352]  ____sys_sendmsg+0xa95/0xc70
[  201.476879][T13352]  ? copy_msghdr_from_user+0x10a/0x160
[  201.476891][T13352]  ? __pfx_____sys_sendmsg+0x10/0x10
[  201.476913][T13352]  ___sys_sendmsg+0x134/0x1d0
[  201.476926][T13352]  ? __pfx____sys_sendmsg+0x10/0x10
[  201.476956][T13352]  __sys_sendmsg+0x16d/0x220
[  201.476968][T13352]  ? __pfx___sys_sendmsg+0x10/0x10
[  201.476985][T13352]  ? rcu_is_watching+0x12/0xc0
[  201.477003][T13352]  do_syscall_64+0xcd/0x260
[  201.477020][T13352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.477032][T13352] RIP: 0033:0x7fc29738e969
[  201.477041][T13352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.477052][T13352] RSP: 002b:00007fc298239038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.477062][T13352] RAX: ffffffffffffffda RBX: 00007fc2975b5fa0 RCX: 00007fc29738e969
[  201.477069][T13352] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  201.477076][T13352] RBP: 00007fc298239090 R08: 0000000000000000 R09: 0000000000000000
[  201.477082][T13352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.477088][T13352] R13: 0000000000000000 R14: 00007fc2975b5fa0 R15: 00007ffdb09df228
[  201.477102][T13352]  </TASK>
[  201.478248][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.508764][T13287] ceph: No mds server is up or the cluster is laggy
[  201.510289][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.556498][ T1958] libceph: mon0 (1)[::]:6789 socket error on write
[  201.558712][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.561129][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.563747][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.566858][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.569703][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.572413][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.574982][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.577500][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.579943][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.582385][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.584732][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.585679][   T40] audit: type=1400 audit(1748176344.729:921): avc:  denied  { listen } for  pid=13358 comm="syz.1.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  201.588041][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.595208][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.597571][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.599919][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.602452][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.604910][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.607497][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.610293][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.612733][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.615156][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.617826][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.620283][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.622658][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.625117][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.627716][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.630461][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.632917][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.635355][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.638068][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.640527][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.640780][T13364] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  201.642929][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.648441][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.650981][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.653430][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.655980][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.658455][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.660855][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.663316][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.666472][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.668972][   T58] hid-generic 0000:007F:FFFFFFFE.0007: unknown main item tag 0x0
[  201.676723][   T58] hid-generic 0000:007F:FFFFFFFE.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  201.717132][T13370] delete_channel: no stack
[  201.804207][   T40] audit: type=1400 audit(1748176344.949:922): avc:  denied  { create } for  pid=13373 comm="syz.5.2372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  201.811125][   T40] audit: type=1400 audit(1748176344.949:923): avc:  denied  { read } for  pid=13373 comm="syz.5.2372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  201.938837][T13392] FAULT_INJECTION: forcing a failure.
[  201.938837][T13392] name failslab, interval 1, probability 0, space 0, times 0
[  201.942835][T13392] CPU: 1 UID: 0 PID: 13392 Comm: syz.6.2377 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  201.942850][T13392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.942857][T13392] Call Trace:
[  201.942861][T13392]  <TASK>
[  201.942866][T13392]  dump_stack_lvl+0x16c/0x1f0
[  201.942885][T13392]  should_fail_ex+0x512/0x640
[  201.942903][T13392]  should_failslab+0xc2/0x120
[  201.942917][T13392]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  201.942928][T13392]  ? skb_clone+0x190/0x3f0
[  201.942944][T13392]  skb_clone+0x190/0x3f0
[  201.942957][T13392]  netlink_deliver_tap+0xabd/0xd30
[  201.942975][T13392]  netlink_unicast+0x5df/0x7f0
[  201.942990][T13392]  ? __pfx_netlink_unicast+0x10/0x10
[  201.943009][T13392]  netlink_sendmsg+0x8d1/0xdd0
[  201.943026][T13392]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.943046][T13392]  ____sys_sendmsg+0xa95/0xc70
[  201.943063][T13392]  ? copy_msghdr_from_user+0x10a/0x160
[  201.943075][T13392]  ? __pfx_____sys_sendmsg+0x10/0x10
[  201.943098][T13392]  ___sys_sendmsg+0x134/0x1d0
[  201.943111][T13392]  ? __pfx____sys_sendmsg+0x10/0x10
[  201.943141][T13392]  __sys_sendmsg+0x16d/0x220
[  201.943154][T13392]  ? __pfx___sys_sendmsg+0x10/0x10
[  201.943171][T13392]  ? rcu_is_watching+0x12/0xc0
[  201.943188][T13392]  do_syscall_64+0xcd/0x260
[  201.943205][T13392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.943217][T13392] RIP: 0033:0x7fbd6e78e969
[  201.943226][T13392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.943236][T13392] RSP: 002b:00007fbd6c5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.943247][T13392] RAX: ffffffffffffffda RBX: 00007fbd6e9b5fa0 RCX: 00007fbd6e78e969
[  201.943254][T13392] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  201.943260][T13392] RBP: 00007fbd6c5f6090 R08: 0000000000000000 R09: 0000000000000000
[  201.943266][T13392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.943272][T13392] R13: 0000000000000000 R14: 00007fbd6e9b5fa0 R15: 00007ffef1678518
[  201.943286][T13392]  </TASK>
[  202.033791][T13390] xt_hashlimit: max too large, truncated to 1048576
[  202.038427][T13390] Cannot find set identified by id 0 to match
[  202.112160][T13400] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  202.359797][T13422] FAULT_INJECTION: forcing a failure.
[  202.359797][T13422] name failslab, interval 1, probability 0, space 0, times 0
[  202.363751][T13422] CPU: 0 UID: 0 PID: 13422 Comm: syz.5.2388 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  202.363766][T13422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.363773][T13422] Call Trace:
[  202.363778][T13422]  <TASK>
[  202.363782][T13422]  dump_stack_lvl+0x16c/0x1f0
[  202.363802][T13422]  should_fail_ex+0x512/0x640
[  202.363818][T13422]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  202.363831][T13422]  should_failslab+0xc2/0x120
[  202.363844][T13422]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  202.363855][T13422]  ? __alloc_skb+0x2b2/0x380
[  202.363870][T13422]  __alloc_skb+0x2b2/0x380
[  202.363882][T13422]  ? __pfx___alloc_skb+0x10/0x10
[  202.363893][T13422]  ? __mutex_trylock_common+0xd0/0x250
[  202.363912][T13422]  ? __pfx___mutex_trylock_common+0x10/0x10
[  202.363933][T13422]  netlink_dump+0x698/0xd00
[  202.363948][T13422]  ? __mutex_lock+0x1ca/0xb90
[  202.363964][T13422]  ? __pfx_netlink_dump+0x10/0x10
[  202.363977][T13422]  ? __rhashtable_lookup.constprop.0+0x3a5/0x760
[  202.363994][T13422]  ? __netlink_dump_start+0x150/0x990
[  202.364012][T13422]  ? netlink_lookup+0x258/0x520
[  202.364025][T13422]  ? __pfx_netlink_lookup+0x10/0x10
[  202.364043][T13422]  __netlink_dump_start+0x6d6/0x990
[  202.364058][T13422]  ? __pfx_rtm_dump_nexthop_bucket+0x10/0x10
[  202.364072][T13422]  rtnetlink_rcv_msg+0xb3e/0xe90
[  202.364086][T13422]  ? __pfx_rtm_dump_nexthop_bucket+0x10/0x10
[  202.364100][T13422]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  202.364113][T13422]  ? __pfx_rtnl_dumpit+0x10/0x10
[  202.364129][T13422]  ? __pfx_rtm_dump_nexthop_bucket+0x10/0x10
[  202.364148][T13422]  netlink_rcv_skb+0x16a/0x440
[  202.364162][T13422]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  202.364176][T13422]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  202.364199][T13422]  ? netlink_deliver_tap+0x1ae/0xd30
[  202.364215][T13422]  netlink_unicast+0x53d/0x7f0
[  202.364231][T13422]  ? __pfx_netlink_unicast+0x10/0x10
[  202.364249][T13422]  netlink_sendmsg+0x8d1/0xdd0
[  202.364266][T13422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.364286][T13422]  ____sys_sendmsg+0xa95/0xc70
[  202.364302][T13422]  ? copy_msghdr_from_user+0x10a/0x160
[  202.364314][T13422]  ? __pfx_____sys_sendmsg+0x10/0x10
[  202.364340][T13422]  ___sys_sendmsg+0x134/0x1d0
[  202.364358][T13422]  ? __pfx____sys_sendmsg+0x10/0x10
[  202.364404][T13422]  __sys_sendmsg+0x16d/0x220
[  202.364423][T13422]  ? __pfx___sys_sendmsg+0x10/0x10
[  202.364448][T13422]  ? rcu_is_watching+0x12/0xc0
[  202.364489][T13422]  do_syscall_64+0xcd/0x260
[  202.364515][T13422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.364531][T13422] RIP: 0033:0x7f6598f8e969
[  202.364545][T13422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.364560][T13422] RSP: 002b:00007f6599ed2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.364574][T13422] RAX: ffffffffffffffda RBX: 00007f65991b5fa0 RCX: 00007f6598f8e969
[  202.364583][T13422] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  202.364593][T13422] RBP: 00007f6599ed2090 R08: 0000000000000000 R09: 0000000000000000
[  202.364602][T13422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.364611][T13422] R13: 0000000000000000 R14: 00007f65991b5fa0 R15: 00007ffe8ccad748
[  202.364632][T13422]  </TASK>
[  202.521131][T13432] delete_channel: no stack
[  202.522952][T13432] delete_channel: no stack
[  202.739773][T13459] netlink: 'syz.3.2401': attribute type 14 has an invalid length.
[  202.798660][   T40] audit: type=1400 audit(1748176345.949:924): avc:  denied  { remount } for  pid=13463 comm="syz.3.2402" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=filesystem permissive=1
[  203.033268][T13483] FAULT_INJECTION: forcing a failure.
[  203.033268][T13483] name failslab, interval 1, probability 0, space 0, times 0
[  203.037722][T13483] CPU: 0 UID: 0 PID: 13483 Comm: syz.1.2409 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  203.037741][T13483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.037757][T13483] Call Trace:
[  203.037763][T13483]  <TASK>
[  203.037769][T13483]  dump_stack_lvl+0x16c/0x1f0
[  203.037814][T13483]  should_fail_ex+0x512/0x640
[  203.037847][T13483]  should_failslab+0xc2/0x120
[  203.037866][T13483]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  203.037883][T13483]  ? skb_clone+0x190/0x3f0
[  203.037907][T13483]  skb_clone+0x190/0x3f0
[  203.037926][T13483]  netlink_deliver_tap+0xabd/0xd30
[  203.037953][T13483]  netlink_dump+0xb6d/0xd00
[  203.037976][T13483]  ? __pfx_netlink_dump+0x10/0x10
[  203.037994][T13483]  ? __rhashtable_lookup.constprop.0+0x3a5/0x760
[  203.038013][T13483]  ? __netlink_dump_start+0x150/0x990
[  203.038042][T13483]  ? netlink_lookup+0x258/0x520
[  203.038061][T13483]  ? __pfx_netlink_lookup+0x10/0x10
[  203.038087][T13483]  __netlink_dump_start+0x6d6/0x990
[  203.038111][T13483]  ? __pfx_rtm_dump_nexthop_bucket+0x10/0x10
[  203.038130][T13483]  rtnetlink_rcv_msg+0xb3e/0xe90
[  203.038150][T13483]  ? __pfx_rtm_dump_nexthop_bucket+0x10/0x10
[  203.038171][T13483]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  203.038189][T13483]  ? __pfx_rtnl_dumpit+0x10/0x10
[  203.038212][T13483]  ? __pfx_rtm_dump_nexthop_bucket+0x10/0x10
[  203.038242][T13483]  netlink_rcv_skb+0x16a/0x440
[  203.038263][T13483]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  203.038284][T13483]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  203.038319][T13483]  ? netlink_deliver_tap+0x1ae/0xd30
[  203.038357][T13483]  netlink_unicast+0x53d/0x7f0
[  203.038384][T13483]  ? __pfx_netlink_unicast+0x10/0x10
[  203.038412][T13483]  netlink_sendmsg+0x8d1/0xdd0
[  203.038438][T13483]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.038469][T13483]  ____sys_sendmsg+0xa95/0xc70
[  203.038494][T13483]  ? copy_msghdr_from_user+0x10a/0x160
[  203.038512][T13483]  ? __pfx_____sys_sendmsg+0x10/0x10
[  203.038547][T13483]  ___sys_sendmsg+0x134/0x1d0
[  203.038567][T13483]  ? __pfx____sys_sendmsg+0x10/0x10
[  203.038621][T13483]  __sys_sendmsg+0x16d/0x220
[  203.038639][T13483]  ? __pfx___sys_sendmsg+0x10/0x10
[  203.038677][T13483]  do_syscall_64+0xcd/0x260
[  203.038703][T13483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.038721][T13483] RIP: 0033:0x7fc29738e969
[  203.038734][T13483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.038755][T13483] RSP: 002b:00007fc298239038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.038771][T13483] RAX: ffffffffffffffda RBX: 00007fc2975b5fa0 RCX: 00007fc29738e969
[  203.038781][T13483] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  203.038790][T13483] RBP: 00007fc298239090 R08: 0000000000000000 R09: 0000000000000000
[  203.038800][T13483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.038809][T13483] R13: 0000000000000000 R14: 00007fc2975b5fa0 R15: 00007ffdb09df228
[  203.038834][T13483]  </TASK>
[  203.460152][T13512] netlink: 'syz.5.2418': attribute type 11 has an invalid length.
[  203.492046][T13520] FAULT_INJECTION: forcing a failure.
[  203.492046][T13520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.497718][T13520] CPU: 2 UID: 0 PID: 13520 Comm: syz.5.2420 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  203.497734][T13520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.497741][T13520] Call Trace:
[  203.497745][T13520]  <TASK>
[  203.497749][T13520]  dump_stack_lvl+0x16c/0x1f0
[  203.497769][T13520]  should_fail_ex+0x512/0x640
[  203.497787][T13520]  _copy_to_user+0x32/0xd0
[  203.497805][T13520]  simple_read_from_buffer+0xcb/0x170
[  203.497823][T13520]  proc_fail_nth_read+0x197/0x270
[  203.497841][T13520]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.497858][T13520]  ? rw_verify_area+0xcf/0x680
[  203.497873][T13520]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.497890][T13520]  vfs_read+0x1e1/0xc70
[  203.497912][T13520]  ? __pfx___mutex_lock+0x10/0x10
[  203.497929][T13520]  ? __pfx_vfs_read+0x10/0x10
[  203.497949][T13520]  ? __fget_files+0x20e/0x3c0
[  203.497964][T13520]  ksys_read+0x12a/0x240
[  203.497980][T13520]  ? __pfx_ksys_read+0x10/0x10
[  203.498001][T13520]  do_syscall_64+0xcd/0x260
[  203.498018][T13520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.498029][T13520] RIP: 0033:0x7f6598f8d37c
[  203.498038][T13520] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  203.498049][T13520] RSP: 002b:00007f6599ed2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  203.498060][T13520] RAX: ffffffffffffffda RBX: 00007f65991b5fa0 RCX: 00007f6598f8d37c
[  203.498067][T13520] RDX: 000000000000000f RSI: 00007f6599ed20a0 RDI: 0000000000000004
[  203.498073][T13520] RBP: 00007f6599ed2090 R08: 0000000000000000 R09: 0000000000000000
[  203.498079][T13520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.498085][T13520] R13: 0000000000000000 R14: 00007f65991b5fa0 R15: 00007ffe8ccad748
[  203.498099][T13520]  </TASK>
[  203.524690][T13524] netlink: 'syz.1.2421': attribute type 20 has an invalid length.
[  203.799753][T13561] ip6gretap2: entered promiscuous mode
[  203.801570][T13561] ip6gretap2: entered allmulticast mode
[  203.829731][T13565] xt_CHECKSUM: unsupported CHECKSUM operation f4
[  203.849825][   T40] audit: type=1400 audit(1748176346.999:925): avc:  denied  { execute } for  pid=13567 comm="syz.5.2433" path="/selinux/status" dev="selinuxfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=file permissive=1
[  203.872235][ T8386] Bluetooth: hci0: Frame reassembly failed (-84)
[  203.873742][ T5935] Bluetooth: hci0: unexpected event 0x02 length: 0 < 1
[  203.978584][T13573] tmpfs: User quota block hardlimit too large.
[  204.062680][T13581] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  204.064813][T13581] overlayfs: failed to set xattr on upper
[  204.067182][T13581] overlayfs: ...falling back to redirect_dir=nofollow.
[  204.069328][T13581] overlayfs: ...falling back to index=off.
[  204.071162][T13581] overlayfs: ...falling back to uuid=null.
[  204.238820][   T40] audit: type=1400 audit(1748176347.389:926): avc:  denied  { getopt } for  pid=13592 comm="syz.5.2443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  204.413181][T13602] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(72)
[  204.415168][T13602] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  204.420396][T13602] vhci_hcd vhci_hcd.0: Device attached
[  204.480413][T13612] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13612 comm=syz.3.2449
[  204.487376][T13612] netlink: 'syz.3.2449': attribute type 32 has an invalid length.
[  204.489896][T13612] (unnamed net_device) (uninitialized): option coupled_control: invalid value (31)
[  204.651077][T13614] veth1_macvtap: left promiscuous mode
[  204.653213][T13614] macsec0: entered promiscuous mode
[  204.655168][T13614] macsec0: entered allmulticast mode
[  204.660587][ T6100] usb 47-1: new low-speed USB device number 3 using vhci_hcd
[  205.313126][T13647] __nla_validate_parse: 8 callbacks suppressed
[  205.313141][T13647] netlink: 512 bytes leftover after parsing attributes in process `syz.1.2462'.
[  205.428003][T13658] 8021q: VLANs not supported on vxcan1
[  205.709958][T13604] vhci_hcd: connection reset by peer
[  205.711769][ T8388] vhci_hcd: stop threads
[  205.713127][ T8388] vhci_hcd: release socket
[  205.715018][ T8388] vhci_hcd: disconnect device
[  205.751374][T13688] xt_hashlimit: size too large, truncated to 1048576
[  205.860006][T13693] nft_compat: unsupported protocol 0
[  205.907784][ T5947] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  206.985124][T13720] netlink: 'syz.1.2482': attribute type 12 has an invalid length.
[  206.989230][T13720] netlink: 'syz.1.2482': attribute type 29 has an invalid length.
[  206.991634][T13720] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2482'.
[  206.994349][T13720] netlink: 'syz.1.2482': attribute type 2 has an invalid length.
[  206.996827][T13720] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2482'.
[  207.001852][T13720] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.2482'.
[  207.015638][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  207.196169][T13751] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2493'.
[  207.286281][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2498'.
[  207.289033][T13767] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2498'.
[  207.291753][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.296376][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2498'.
[  207.299163][T13767] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2498'.
[  207.301997][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.304381][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2498'.
[  207.308810][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.311341][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.314483][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.318356][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.321749][T13767] netlink: 'syz.5.2498': attribute type 5 has an invalid length.
[  207.345937][ T9328] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  207.495716][ T9328] usb 11-1: Using ep0 maxpacket: 16
[  207.500095][ T9328] usb 11-1: config 0 has an invalid interface number: 114 but max is 0
[  207.502678][ T9328] usb 11-1: config 0 has no interface number 0
[  207.504475][ T9328] usb 11-1: config 0 interface 114 has no altsetting 0
[  207.508955][ T9328] usb 11-1: New USB device found, idVendor=1c04, idProduct=0015, bcdDevice=f2.69
[  207.511668][ T9328] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.514023][ T9328] usb 11-1: Product: syz
[  207.515307][ T9328] usb 11-1: Manufacturer: syz
[  207.517104][ T9328] usb 11-1: SerialNumber: syz
[  207.519775][ T9328] usb 11-1: config 0 descriptor??
[  207.548937][T13782] program syz.1.2503 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  207.731327][ T1958] usb 11-1: USB disconnect, device number 8
[  207.805478][   T40] audit: type=1400 audit(1748176350.949:927): avc:  denied  { cmd } for  pid=13807 comm="syz.1.2513" path="socket:[60125]" dev="sockfs" ino=60125 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  207.835845][ T9328] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  207.963922][T13816] program syz.1.2516 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  207.975729][ T9328] usb 10-1: device descriptor read/64, error -71
[  208.225995][ T9328] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  208.357158][ T9328] usb 10-1: device descriptor read/64, error -71
[  208.394462][   T40] audit: type=1400 audit(1748176351.539:928): avc:  denied  { setattr } for  pid=13839 comm="syz.1.2525" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  208.400832][T13840] sock: sock_timestamping_bind_phc: sock not bind to device
[  208.405007][T13840] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI
[  208.408568][T13840] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  208.411524][T13840] CPU: 1 UID: 0 PID: 13840 Comm: syz.1.2525 Not tainted 6.15.0-rc7-syzkaller-00152-gd0c22de9995b #0 PREEMPT(full) 
[  208.415817][T13840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.419080][T13840] RIP: 0010:iter_file_splice_write+0xa4e/0x1150
[  208.421084][T13840] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 1a 05 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 ee 04 00 00 49 8b 54 24 08 4c 89 ee 4c 89 f7 83
[  208.427431][T13840] RSP: 0018:ffffc9000351f918 EFLAGS: 00010202
[  208.429589][T13840] RAX: 0000000000000a2d RBX: dffffc0000000000 RCX: ffffc9003800c000
[  208.432508][T13840] RDX: 0000000000000001 RSI: ffffffff82434266 RDI: 0000000000000008
[  208.434924][T13840] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[  208.437359][T13840] R10: 7fffffffffffffa8 R11: 0000000000000000 R12: 0000000000000000
[  208.439719][T13840] R13: ffff888025ae5828 R14: ffff8880271ba400 R15: 7fffffffffffffa8
[  208.442195][T13840] FS:  00007fc2982396c0(0000) GS:ffff8880d6ada000(0000) knlGS:0000000000000000
[  208.444847][T13840] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.446840][T13840] CR2: 0000001b2d65ffff CR3: 000000004a830000 CR4: 0000000000352ef0
[  208.449264][T13840] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  208.451709][T13840] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  208.454116][T13840] Call Trace:
[  208.455138][T13840]  <TASK>
[  208.456084][T13840]  ? __pfx_iter_file_splice_write+0x10/0x10
[  208.458002][T13840]  ? __pfx_iter_file_splice_write+0x10/0x10
[  208.459775][T13840]  direct_splice_actor+0x192/0x6c0
[  208.461325][T13840]  splice_direct_to_actor+0x345/0xa30
[  208.462994][T13840]  ? __pfx_direct_splice_actor+0x10/0x10
[  208.464725][T13840]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  208.466501][T13840]  ? __pfx___might_resched+0x10/0x10
[  208.468159][T13840]  do_splice_direct+0x174/0x240
[  208.469708][T13840]  ? __pfx_do_splice_direct+0x10/0x10
[  208.471396][T13840]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  208.473243][T13840]  ? rw_verify_area+0xcf/0x680
[  208.474734][T13840]  do_sendfile+0xafd/0xe50
[  208.476120][T13840]  ? __pfx_do_sendfile+0x10/0x10
[  208.477703][T13840]  ? __x64_sys_futex+0x1e0/0x4c0
[  208.479258][T13840]  ? __x64_sys_futex+0x1e9/0x4c0
[  208.480809][T13840]  __x64_sys_sendfile64+0x1d8/0x220
[  208.482418][T13840]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  208.484164][T13840]  do_syscall_64+0xcd/0x260
[  208.485579][T13840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.487365][T13840] RIP: 0033:0x7fc29738e969
[  208.488762][T13840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.494567][T13840] RSP: 002b:00007fc298239038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  208.495983][ T9328] usb usb10-port1: attempt power cycle
[  208.497052][T13840] RAX: ffffffffffffffda RBX: 00007fc2975b5fa0 RCX: 00007fc29738e969
[  208.501183][T13840] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007
[  208.503603][T13840] RBP: 00007fc297410ab1 R08: 0000000000000000 R09: 0000000000000000
[  208.506031][T13840] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000
[  208.507085][   T40] audit: type=1400 audit(1748176351.649:929): avc:  denied  { read } for  pid=5325 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  208.508458][T13840] R13: 0000000000000000 R14: 00007fc2975b5fa0 R15: 00007ffdb09df228
[  208.515331][   T40] audit: type=1400 audit(1748176351.649:930): avc:  denied  { search } for  pid=5325 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  208.517692][T13840]  </TASK>
[  208.517699][T13840] Modules linked in:
[  208.518436][T13840] ---[ end trace 0000000000000000 ]---
[  208.529080][   T40] audit: type=1400 audit(1748176351.649:931): avc:  denied  { write } for  pid=5325 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  208.530366][T13840] RIP: 0010:iter_file_splice_write+0xa4e/0x1150
[  208.536958][   T40] audit: type=1400 audit(1748176351.649:932): avc:  denied  { add_name } for  pid=5325 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  208.536979][   T40] audit: type=1400 audit(1748176351.649:933): avc:  denied  { create } for  pid=5325 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  208.536996][   T40] audit: type=1400 audit(1748176351.649:934): avc:  denied  { append open } for  pid=5325 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  208.537014][   T40] audit: type=1400 audit(1748176351.649:935): avc:  denied  { getattr } for  pid=5325 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  208.566466][T13840] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 1a 05 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 ee 04 00 00 49 8b 54 24 08 4c 89 ee 4c 89 f7 83
[  208.572189][T13840] RSP: 0018:ffffc9000351f918 EFLAGS: 00010202
[  208.574032][T13840] RAX: 0000000000000a2d RBX: dffffc0000000000 RCX: ffffc9003800c000
[  208.576847][T13840] RDX: 0000000000000001 RSI: ffffffff82434266 RDI: 0000000000000008
[  208.579327][T13840] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[  208.581738][T13840] R10: 7fffffffffffffa8 R11: 0000000000000000 R12: 0000000000000000
[  208.584158][T13840] R13: ffff888025ae5828 R14: ffff8880271ba400 R15: 7fffffffffffffa8
[  208.587047][T13840] FS:  00007fc2982396c0(0000) GS:ffff8880d6ada000(0000) knlGS:0000000000000000
[  208.589824][T13840] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.591842][T13840] CR2: 0000001b2d65ffff CR3: 000000004a830000 CR4: 0000000000352ef0
[  208.594246][T13840] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  208.597005][T13840] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  208.599404][T13840] Kernel panic - not syncing: Fatal exception
[  208.601779][T13840] Kernel Offset: disabled
[  208.603073][T13840] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:23:59  Registers:
info registers vcpu 0

CPU#0
RAX=00000000001a080c RBX=0000000000000000 RCX=ffffffff8b6d4419 RDX=ffffed100d4865be
RSI=ffffffff8bf4a460 RDI=ffffffff8191adf1 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10
R8 =0000000000000000 R9 =ffffed100d4865bd R10=ffff88806a432deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90853110 R15=0000000000000000
RIP=ffffffff8b6d2caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69da000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001900 CR3=00000000305c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdeb06f060 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad21411a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad21411a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad21411a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad21411aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad21411b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad21411c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854faab5 RDI=ffffffff9adfe5a0 RBP=ffffffff9adfe560 RSP=ffffc9000351f280
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552031203a555043
R12=0000000000000000 R13=0000000000000038 R14=ffffffff9adfe560 R15=ffffffff854faa50
RIP=ffffffff854faadf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fc2982396c0 ffffffff 00c00000
GS =0000 ffff8880d6ada000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2d65ffff CR3=000000004a830000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297583488 00007fc297583480 00007fc297583478 00007fc297583450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2980ed100 00007fc297583440 00007fc297583458 00007fc2975834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297583498 00007fc297583490 00007fc297583488 00007fc297583480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000017b364 RBX=0000000000000002 RCX=ffffffff8b6d4419 RDX=ffffed100d4c65be
RSI=ffffffff8bf4a460 RDI=ffffffff8191adf1 RBP=ffffed1003b5b910 RSP=ffffc90000187df8
R8 =0000000000000000 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801dadc880 R14=ffffffff90853110 R15=0000000000000000
RIP=ffffffff8b6d2caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bda000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c422c61 CR3=000000002e006000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055a416855600 000055a416855600
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe665f6020 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 205d31235b203030 3030203a31303030 3030303030306366 6666666478302073
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4954504f4e204e41 53414b20504d5320 5d31235b20303030 30203a3130303030
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303030636666 6666647830207373 6572646461206c61 63696e6f6e61632d
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e6f6e20726f6620 796c6261626f7270 202c746c75616620 6e6f69746365746f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7270206c6172656e 6567203a73706f4f 205d303438333154 5b5d373030353034
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001a26d4 RBX=0000000000000003 RCX=ffffffff8b6d4419 RDX=ffffed100d4e65be
RSI=ffffffff8bf4a460 RDI=ffffffff8191adf1 RBP=ffffed1003b5e000 RSP=ffffc90000197df8
R8 =0000000000000000 R9 =ffffed100d4e65bd R10=ffff88806a732deb R11=0000000000000000
R12=0000000000000003 R13=ffff88801daf0000 R14=ffffffff90853110 R15=0000000000000000
RIP=ffffffff8b6d2caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6cda000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005555727b1808 CR3=000000005ddcf000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb09df5b0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc297411c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000