last executing test programs:

5m8.252576576s ago: executing program 0 (id=525):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x8, 0x0, 0x0, 'queue0\x00', 0x3})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r4, @ANYRES64=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
syz_usb_connect(0x0, 0x3d1, &(0x7f00000005c0)={{0x12, 0x1, 0x300, 0xd1, 0x7d, 0xf3, 0x8, 0x856, 0xac30, 0xbd9f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3bf, 0x2, 0x1, 0xc, 0x60, 0x1, [{{0x9, 0x4, 0x14, 0x2, 0x0, 0x78, 0x9, 0x33, 0xd, [@uac_control={{0xa, 0x24, 0x1, 0x0, 0x3}, [@input_terminal={0xc, 0x24, 0x2, 0x1, 0x205, 0x6, 0x0, 0x9, 0x1, 0x4}]}, @cdc_ncm={{0x9, 0x24, 0x6, 0x0, 0x1, "1053c9cf"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x7376, 0x2, 0xfff9, 0x3}, {0x6, 0x24, 0x1a, 0x200, 0x2}}]}}, {{0x9, 0x4, 0x6c, 0x0, 0xb, 0xaf, 0x0, 0xcc, 0x7, [], [{{0x9, 0x5, 0x1, 0x10, 0x40, 0x8, 0x3, 0x3, [@generic={0x69, 0xc, "eeae3e2a96ee801941786cf39972252754ea367f87cd30912ee9de54ce978763953866c2820f598a0c81f30103802dcd0f841eb9c6c79700e5df5bc96180551cc1f023112c01efdb8bdbf58cda32ac04ae3f721c1040766e614b07eacc703fde0299ce15a08e95"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x10, 0x0, 0x1, 0xf, [@generic={0xb5, 0x22, "e2236c0d425f31626c792986f4ee30a03a94904b7418e70d3be4f8c6cf15bc3aa8099f9b28cd2bdb81be05858e9e2575657edaf478b9bc08cb9e756b2f8f47f7c7da155db4872748452aeb9fc66b246d9a5c661e37c29dbd4aa3d76aa9f140e017d81665403117c29fac2223701fbe3b05a891ea5a0dd65f38d22e9214c71325f18f17a0647ed441eae154939572506fee86c261d04215a53deb15193811e95860199d76802497824f3c8698957290c17b7aff"}]}}, {{0x9, 0x5, 0x6, 0x10, 0x10, 0x48, 0x4, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0x5798}]}}, {{0x9, 0x5, 0x81, 0x0, 0x3ff, 0x9, 0x1, 0x4}}, {{0x9, 0x5, 0xa, 0x8, 0x8, 0x7e, 0x5, 0x6}}, {{0x9, 0x5, 0xb, 0x3, 0x3ff, 0x8, 0x7f, 0x80, [@generic={0xcf, 0xb, "e01bf7ad8e35a5eb5d65fe5ce8be72c17379be751e9b71bdeaa4eb2787dd9b497394fd7ca6689029d0e38358a44d83b085512ffa5ce26d263d18a24e3e893a39f74c7665b3654ba2996e8c0a06fadb70d9b3c78c14761238e0480b881106d98d0999cc77b219bad840414bb905718e0ba681a5184bc7bd417d72b439e8c046e9c306d77548bd06b12e967fbc839af37ddf3e434a6fa839439246d659c64298b203b3ea890968554d7f314c5209ac0190ac367b2114b1e23189eff130147a027277560ed5d446030ba40e8d6881"}, @generic={0x4a, 0x11, "1666df667927b15cfedb2ef8f6585ad2a2fdf0d05732495a2fee57ce23ea4b7734e68f2428440caf952ae794935b5e0c4974fe1ada22a9bf5c55ca8f75ab4322a71db327415ec42b"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x20, 0x7f, 0x8, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x1}, @generic={0xaa, 0x4, "54b2959c750309ed3d45f7b3f83bbc88b2ca2ccc468dd5d78c6b2ff930c51592b12ab6d1bff019111370ddcdcc84b3fc3598467cca9cfe2c5ec647cf5b11b5d74ac838458ad3abee19ab98f494844bdef8dbbaca943fbb92cfcc6fef38d35a2d7eb31ea81838d6aa8af7944a26d369f44c164f45e3082d91d8a232ef310e771b03c0760deeed36f5282b66d9ef7a2caf65cc145dc07bdfa63b21af83476a8e32a2a3f84e9ecd127b"}]}}, {{0x9, 0x5, 0x5, 0x1, 0x40, 0x5, 0x7, 0xda, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xfd, 0x7f}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x5}]}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0x40, 0xa, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x19, 0x6}]}}, {{0x9, 0x5, 0x0, 0x8, 0x200, 0x1, 0x1, 0x6}}, {{0x9, 0x5, 0x80, 0xc, 0x40, 0x0, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xca, 0x5}]}}]}}]}}]}}, &(0x7f0000000cc0)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x201, 0x6, 0x7, 0x7, 0x10, 0x7f}, 0x39, &(0x7f00000002c0)={0x5, 0xf, 0x39, 0x6, [@ptm_cap={0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0x8, 0xf000, 0x9}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0xb, 0xe, 0x100}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "950fc142aba46adeeff150c83488244d"}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x12, 0xf, 0x4, 0x8}]}, 0x9, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x1401}}, {0x16, &(0x7f0000000380)=@string={0x16, 0x3, "a0c6d48e8a44222232691910a528291783223244"}}, {0xd4, &(0x7f00000003c0)=@string={0xd4, 0x3, "f348c1ccf46a6bb8dfd9339f5b421a10c2ae7eb1695db4e34cf1a09a1baa5f72d8aacf8c8c10c8d15236beb2a3ac6fcd510f3cde598d1eb0c724287d028b88d411c98a8c2eb083e0e12cb20052e4668ce0e605ebf21c462bbd9406bf8d35780ed94384184b5345ad7ad0fc5396dcf1ed851fc47628ecf53bd5c5997b96d63b5ccf6c4f896de696127b3ac8643a7364f635102b78701128190123edcfa879df7d2cfe7029d36597f81523a1913c62b98a7a349bdb4c7e32fe3533dcd4bedee139fdd8de991049cb33a1a0b3b4f6380d5faaa5"}}, {0x4, &(0x7f00000009c0)=@lang_id={0x4, 0x3, 0x83e}}, {0xf, &(0x7f0000000a00)=@string={0xf, 0x3, "96d3d2bb9c3237811d687e5cda"}}, {0xd3, &(0x7f0000000b40)=@string={0xd3, 0x3, "ff20b10eca81b0eebb6419b0dbc2d9b7e594da7f75e02adb8480b6305f737d437986482ec636bc94bb882a6b9e4dea748c7801ad0c75355ff6ae8e53010906458e28ff647ec2d338b199903a372c666062dae6887487e9bbefd02a0de87a97f79d00624694915ae07809cb1c8c1721916b5de97b0eed41ccc2c94fc173d9085a2aa2a948e216f0d835de589c1b573434cf634ee6a16922e25a7338b712948d1a3862a89ec974074bf9287e604e047f85efea6a2bfdf66389324c15c3099c1e5e8e7df96bcb93c615d3b4ac26aeb6b9f8a1"}}, {0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x809}}, {0x5e, &(0x7f0000000c40)=@string={0x5e, 0x3, "2918876328b51d50781ad38022f2d74a4f75b97feb7cabfa5da7748c307e5490989aeae8e3c8b8c0310365d4cba40f70d0a083c420306dcbea5a879783ca265c5c802db8a6d7e4a3b4fd0477042662d953a230290732b285a860fde2"}}, {0x4, &(0x7f0000000a80)=@lang_id={0x4, 0x3, 0x411}}]})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010067656e65766500001400028005000d0002000000050004000100000008000a00", @ANYRES32=r4], 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600, 0x0, 0x2]}}], 0x1c)
accept$netrom(r0, 0x0, &(0x7f0000000d80))
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000500)={0x0, 0xe, 0x1, 'queue0\x00'})

5m6.942449516s ago: executing program 0 (id=537):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c) (async, rerun: 64)
socket$netlink(0x10, 0x3, 0xc) (async, rerun: 64)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x28302, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) (async, rerun: 64)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20) (rerun: 64)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYRES64=r4], 0x44}}, 0x0)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x5000002}, 0xc, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20040804}, 0x20000000) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

5m6.774852043s ago: executing program 0 (id=538):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1000, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580), 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000700)="56623f5b80d9b1b130f34604fc9dd47a371c29774d10620f1a83d99781b3bab665ffafcabbd87fb92ae27c13a89fce5bfb1f6eddca176459c16cb7bffc8af3cc13590a006adab3ba678c93a81f0f16db"})

5m6.773949141s ago: executing program 0 (id=540):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000240)='\x00', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x34, 0x3, 0x8, 0x101, 0x0, 0x0, {0x2, 0x0, 0x3}, [@CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x8001}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004011}, 0x40000)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x8)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0x1000, 0x201)
ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000100)={0x3f0000, 0x1, 0x1983, 0xffffffffffffffff, 0x0, &(0x7f0000000380)={0xa00901, 0xd35b, '\x00', @p_u32=&(0x7f00000003c0)=0x200045d}})
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r1, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000000340)="e4", 0x1}], 0x2}}], 0x2, 0x4000000)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x4, 0xa13ca8e5839881a8, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f0000000200))
r6 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180)
ioctl$CEC_ADAP_S_LOG_ADDRS(r6, 0xc05c6104, &(0x7f00000000c0)={'\x00', 0xfff8, 0x20, 0x2, 0x1, 0xffffff7f, "0000ff0600", '\x00', "0300", "04000005", ["5089986400005cacf10000b6", "8efeff03000000e479db00", "f4ffffffff00", "000300000000000000000100"]})

5m5.914628592s ago: executing program 0 (id=544):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b1500000000fcdbdf25000000ff", @ANYRES32=0x0, @ANYBLOB="45000000015001001800128008000100677470000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0)

5m5.810398758s ago: executing program 0 (id=546):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}, 0x1, 0x700}, 0x0)

5m5.732502105s ago: executing program 32 (id=546):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}, 0x1, 0x700}, 0x0)

4m56.005543453s ago: executing program 3 (id=611):
creat(&(0x7f00000002c0)='./file0\x00', 0x0) (async)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x80000, 0x0) (async)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x80000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write$qrtrtun(r0, &(0x7f0000000400)="0b8ca3756ea769f253", 0x9) (async)
write$qrtrtun(r0, &(0x7f0000000400)="0b8ca3756ea769f253", 0x9)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
getgroups(0x3, &(0x7f0000000c80)=[<r2=>0xee01, <r3=>0xee00, <r4=>0xffffffffffffffff])
setresgid(r4, r2, r3)
setresgid(r4, r4, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) (async)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x10040, 0x0)
close_range(r5, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

4m54.901664963s ago: executing program 3 (id=617):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/pm_trace_dev_match', 0x40000, 0x20)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r1)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x3c, r2, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x6}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000bf0200000000000085000000cc000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
read$FUSE(r0, &(0x7f00000034c0)={0x2020}, 0x2020)

4m54.842650998s ago: executing program 3 (id=619):
r0 = fanotify_init(0x8, 0x80000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x16, 0x80, 0x20005, 0x19, "0076ba7d82000000002700000000f7ff6fd800"})
r3 = syz_open_pts(r2, 0x440)
r4 = dup(r3)
fanotify_mark(r0, 0x1, 0x40001012, r4, 0x0)
ioctl$VIDIOC_DQEVENT(r4, 0x80885659, &(0x7f00000000c0))
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1c9, 0x3f)

4m54.653253735s ago: executing program 3 (id=623):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b1500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="45000000015001001800128008000100677470000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0)

4m54.185942403s ago: executing program 3 (id=625):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x6)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe0000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235004000000f30b9fa000000130f01d9d90f78c4020a1bf7b805000000b90000c0fe0f3cae0a41d941d9000f32ba200000000f30660fc775022e0fba600c9864660ffc76002f3166b857000f00d0", 0x55}], 0x1, 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @remote}, 0x1c)
sendto$inet6(r4, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
setsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000640)=0x3, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000140)={@remote, 0x0, 0x2, 0x2, 0x4}, 0x20)
setsockopt$inet6_udp_int(r4, 0x88, 0x1, &(0x7f0000000080), 0x4)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000001c0)=ANY=[])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
r6 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r6, &(0x7f0000000640)={&(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x0, 0x3}}, 0x10, 0x0}, 0x101)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x8faa0eebd17a34c8}}, './file0\x00'})
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x800000, &(0x7f0000000180)=ANY=[@ANYBLOB="7472041bcad4b5cec722696f2c6163636573733d757365722c00"])

4m52.903455315s ago: executing program 3 (id=632):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1000, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000280)={@flat=@weak_binder={0x77622a85, 0x1009, 0x3}, @fd={0x66642a85, 0x0, r2}, @flat=@weak_binder={0x77622a85, 0x1101, 0x3}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)

4m37.829651887s ago: executing program 33 (id=632):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1000, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000280)={@flat=@weak_binder={0x77622a85, 0x1009, 0x3}, @fd={0x66642a85, 0x0, r2}, @flat=@weak_binder={0x77622a85, 0x1101, 0x3}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)

15.869099493s ago: executing program 4 (id=5077):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f00000000c0)={0xf0f045})
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f00000000c0)=0x800, 0x4)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc0701, 0x0)
write$sequencer(r4, &(0x7f0000002100)=ANY=[@ANYBLOB="04000000000000008108"], 0x10)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c)
write$tun(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="080008000703030002001400"], 0x2a)
r5 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x3}, 0x4)
getsockopt$packet_int(r8, 0x107, 0x15, 0x0, &(0x7f0000001600))
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='qnx4\x00', 0x200000, 0x0)

15.578986269s ago: executing program 4 (id=5082):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x2a242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_DONE(r1, 0x29, 0xc9, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(r0, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000100)={0x2, 0xda}, 0x2)
r2 = socket$inet(0x2, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @loopback}, 0x10)
getsockopt$inet_opts(r2, 0x0, 0x4, 0xfffffffffffffffe, &(0x7f0000000200))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0x7, <r4=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYRES64=r3], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0}, 0x94)

15.308577083s ago: executing program 4 (id=5089):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0xd, @local, 0x9}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001ec0), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="030f000000000000000007"], 0x48}}, 0x0)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000040)={0x0, 0xb, 0x0, 0x1b, 0x0, 0x4f, 0x0, 0xe7})
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000040)=""/173, &(0x7f0000000100)=0xad)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r3 = socket(0xa, 0x2, 0x0)
getsockopt$inet_mreqn(r3, 0x29, 0x3e, 0x0, &(0x7f0000000040)=0x2000)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000080), 0x2, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6469726563cdd74c4274696f2c00"])
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff000000bfa300000000000007030000f0ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d010000000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000f1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8cc658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ad539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c97888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5a444a41bac326ddea7d7b9c90d44f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2a4d39b43878b6ef26ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee92ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93b71db0a2366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00000000000000000000009a8329eb97567787ff28dd96c8e0f9e3c84394afc8f83dc6c6c813fafed61cdd6117092562837a3fa3fc388ab57429a9ecc4fddb0f0a7e4a1415d82d8bac999696d9130e36fc86df796a72559c523fae90d0b742d09cd2edf652c67aa62742e9ce0ff5283f627b622a83576f57d0899e0da8483f9dc296"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48)
read$FUSE(r4, &(0x7f0000000440)={0x2020}, 0x2020)

14.469107687s ago: executing program 4 (id=5095):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x2106f)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@ipv4_newrule={0x34, 0x20, 0x1, 0x70bd25, 0x25dfdbfc, {0x2, 0x10, 0x14, 0x1, 0x9, 0x0, 0x0, 0x3, 0x10013}, [@FRA_DST={0x8, 0x1, @empty}, @FRA_SRC={0x8, 0x2, @multicast2}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x8000}]}, 0x34}}, 0x40800)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r5, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r5, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000300)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fedbdf25030000005800018044000400200001000a000000000000000000000000000000000000000000000100000000200002000a00000000000000fe8000000000000000000000000000bb000000000d0001007564703a73797a300000001b23b348713d03a5e6067a4faf4c0ad60e8f3bcdc89559fad78d4ac73ce99c047ab7e80d1c1ea53cf1ec05322e675b02b0d1ca7ffe7a24b06f51ff2cf466fa69"], 0x6c}}, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4)

14.270614808s ago: executing program 4 (id=5096):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
syz_io_uring_setup(0x6159, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x3b0}, &(0x7f0000000240), 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
pipe2$watch_queue(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x80)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x88fd537e5c114b6e, 0x12, r0, 0x8af7000)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)=@generic={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x18)
mlock(&(0x7f00004e9000/0x1000)=nil, 0x1000)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000500)={'wg1\x00', &(0x7f00000002c0)=@ethtool_rxfh_indir={0x39}})
syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x1)
r3 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r4, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000080)={0x8})
pread64(r1, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000300)

13.938637478s ago: executing program 4 (id=5101):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, &(0x7f0000000700)={0x1, 0x0, 0xe, 0x15, 0x18, &(0x7f0000000300)})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4004840)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_int(r6, 0x11, 0x1, &(0x7f0000000040)=0x20e2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d657461000000001400028008000140000000120800024000000019140000001100"], 0xd8}}, 0x80)
syz_emit_ethernet(0x381, &(0x7f0000000d80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaa86dd60000000034b3afffe800000000000000000000000000000ff02000000000000000000000000000186009078000000000000000000000000000aa741e54006598080a8030000004023493b87aafaff0500ffffffe723732472eefa45ad96579269748e254c1e4a948b580a9bc430d3be27df3e34060000ca0a5c15b37adac15084dbaf736b41e5af180200300001000000001995319cff7c9a5d439cd894c1a4065b616960000000005005539a265298cb2dd0b7d585e910f0e50c080000006d5129e9dd2f43038c54773a4a31ec3b497fccc22d866ee12592a8fc7b9369553e0676028eabcbba2ba4e5004e54f6428e712078dca241aa4600fc138e09d03d8ab4a7d13c434558a026047ad26fcdb5a1cf1525c27eb198bb7fd1602b35afb2127a2ab5bc2f8451f1ef6d1498cea708b6d42e6650dbb55946ddf9ef785a368d2617c78ce6cb98362cb9c4ba05785d395ef5f09b3ccd9277d81d91bfe5e27b3156aebb9805cbe464b740280594361fb93183593f96f5b6967efef2dd12fb3712496e80bff9a9e01dcadcc7185c9e7a7628a89925edd6a0570513ecba05359dbbf2a9e36d2796b2fcf88f64c1d41a563f5bd414bba8a0ce41497ec74e64aff59100c402d081a03e4499288f833b079644f472991d5ff663a1eae23771090cd362f3c5ad7577cb5cc3ce502d1f3cc72d81dbedb426c0b2a26462ef1738c74ad928cb4591e7b96f932d36b2a4bcdf49d18a5e0f0000030bd47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0032107fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e3b63ed09bdb581c9fe68a356f542b043059ff05932e740e077e1d16212fb04145e14f0e74d2d42cfb3f27fafb60845f90b6dfc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa76ffff9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4828288e62afbf03269f1f98aea6a58cf45d7c5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353c496740ec09eb850c4d01306ecc2aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c258a6f0005d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88"], 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fd4000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f00000000c0)="f30fe6c166b9320200000f320f01ca660f3808e0baf80c66b818b3138466efbafc0c66b80008000066ef0f20e06635004000000f22e03e660f7cf5363e2e2e0f4ddf0f01cf6475cc", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r5, 0x4048ae9b, &(0x7f00000005c0)={0x3, 0x0, {[0x5, 0x6, 0x3, 0x0, 0x8, 0x8b, 0xb4, 0x2]}})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x80)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x1fd, 0x2, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x28, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r10, 0x1, 0x400000, 0x25dfdbfe, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0xff}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x24}, 0x1, 0x40030000000000, 0x0, 0x800}, 0x20004084)

2.910265937s ago: executing program 1 (id=5228):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b1500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="45000000015001001800128008000100677470000c00028008280100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0)

2.849779804s ago: executing program 1 (id=5229):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x11)

2.018620711s ago: executing program 1 (id=5253):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) (async)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x50000025) (async)
lsetxattr$security_selinux(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:v4l_device_t:s0\x00', 0x22, 0x1) (async)
link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./file1\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file1\x00', 0x0, 0x8}, 0x18)

1.949366353s ago: executing program 1 (id=5254):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000005c0)=ANY=[@ANYBLOB="662d9f0b5aae794896edfbc429b9503b0eef1a5064c99b4ad781bd1fe4bb8d58c7dd41f383ae430526e57f21a28d5c88eb036137874064e43df12e0ba950794368a3d47b5c0458da7e963b730539dc679d08ebb3eea7753decec8f219b6d9a99c31928586142edef129e41c433dbb1a9ce9369c3fad2b6213762d3bbc0ea2bda05f1308e38a7ad6a53a91c2ef56214ff686e6c97601a6ed2314cd3d60cda3144a8015e1021b1810d440c", @ANYRESOCT=r6], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000380)={0x1, 0x2, 0x5, 0x7})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r4, 0x0)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)
add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
syz_clone3(&(0x7f0000000380)={0x2140000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, &(0x7f0000000340)=[r0], 0x1}, 0x58)

1.81035093s ago: executing program 1 (id=5258):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_emit_ethernet(0x29a, &(0x7f0000000200)={@random="e10931d8640a", @empty, @void, {@ipv6={0x86dd, @icmpv6={0x6, 0x6, "b2188b", 0x264, 0x3a, 0x1, @loopback, @ipv4={'\x00', '\xff\xff', @remote}, {[@hopopts={0x1, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x8}]}, @routing={0x29, 0xc, 0x2, 0x6, 0x0, [@loopback, @remote, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x1c}, @mcast1]}, @dstopts={0x84, 0x32, '\x00', [@pad1, @calipso={0x7, 0x10, {0x0, 0x2, 0xb, 0x7, [0x81]}}, @calipso={0x7, 0x58, {0xe9e27e97482a52c, 0x14, 0x9d, 0x4, [0xffffffff, 0x81, 0x69a, 0x7, 0x8, 0x9, 0x8, 0x1, 0x205, 0x9]}}, @pad1, @jumbo={0xc2, 0x4, 0x3}, @pad1, @jumbo, @generic={0x6, 0xcf, "c35f4197c8c7bce643be24c5f585198e0ebf85e9372a81e3e12ba180cff1753f813b08bd262fd886ccd4d2c34ddc5213e772c696a951448ac8efdff01e9b8917b4cb99f351cb6ff83b17a15bb1fc66f0a17ed23dd79c7adccfe3cf46d1ade9b8011fbf669b90c7d5a152012f0fd4106b9a1a4a0a292185e2ef30ca91b820e58fbf946d543d4d35608bbd42edbe3541ea834af5f6b57729cdd2e9735fa9cbac97989705229179e126f81081c0915141fa2dee8def32b22f5ae0a557fe4d2d6351d59f568317b93ff0700bd6f6371587"}, @calipso={0x7, 0x30, {0x0, 0xa, 0x9, 0x2, [0xfffffffffffffff7, 0x7ff, 0x7, 0x6, 0x1]}}, @calipso={0x7, 0x10, {0x2, 0x2, 0x9, 0xef, [0x7]}}]}], @mlv2_query={0x82, 0x0, 0x0, 0x101, 0xf, @local, 0x0, 0x0, 0xb, 0x2, 0x3, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0x1f}]}}}}}}, 0x0)
connect$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000040), 0x0) (async)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000040), 0x0)
r1 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x1, 0x0) (async)
r2 = fsmount(r1, 0x1, 0x0)
fchdir(r2)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r2, 0x1e, &(0x7f0000000040)={r0}, 0x1) (async)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r2, 0x1e, &(0x7f0000000040)={r0}, 0x1)

1.336898542s ago: executing program 1 (id=5270):
r0 = socket$netlink(0x10, 0x3, 0x8000000004) (async)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in=@empty, @in6=@ipv4={""/10, ""/2, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@remote}, 0x0, @in6=@ipv4={""/10, ""/2, @loopback}}}, &(0x7f00000002c0)=0xffffffffffffff78)
chown(&(0x7f0000000140)='./file0\x00', r1, 0xee01)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)
r2 = socket(0xa, 0x1, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x1bd) (async)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',privport,access=', @ANYRESDEC])
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'}) (async)
r7 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) (async)
r9 = accept4$alg(r8, 0x0, 0x0, 0x0)
r10 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
syncfs(r10)
sendmmsg$alg(r9, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000280)="a92e81d0991808e33c2330164cf023df69", 0x11}], 0x1, 0x0, 0x0, 0x880}], 0x1, 0x0)
recvmmsg(r9, &(0x7f000000b480)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001080)=""/4095, 0xfff}], 0x1}, 0x7ff}], 0x1, 0x102, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r11=>0x0})
r12 = open$dir(&(0x7f0000000080)='./file0\x00', 0x2000, 0x110)
mkdirat(r12, &(0x7f00000000c0)='./file0\x00', 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async)
r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r13, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe) (async)
shutdown(r13, 0x1)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000100000001dcf9ffffff000008000100494eaa2396b2a2d92d33219d88fb9fc3db16a3496772f1e02bf4f2c9f1ff4161a7301f10be434985dc32fa5efc5c", @ANYRES32=r11, @ANYBLOB="400002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRESDEC=0x0, @ANYBLOB="34043d3e88470630755c6ac4ae3e822ca241a385dfa0473d0292b36f9f0c6f385282694b82d9fea2c10670e867abbaa53fffbf167bab90fcda93363f4524dc294be79e764dabb448148e54f68297610c5295a0e9b642e9e8a7f50918d3b04ed2c3ddbdaeb9e36c6c238585416a41c1dbcbddad929ad842ae8b166e3fd642f7c8870c815e0000a776d28d8f72253c155d5e328e93b7604396a79129c95c2f6d91e4398ac0ef205b5266d15448761930ce9bf5c155e5a40600000000000000"], 0x5c}}, 0x40010)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000300)={{0x2, 0x4e23, @private=0xa010100}, {0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}, 0x30, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 'ip6gre0\x00'})

1.238539085s ago: executing program 34 (id=5270):
r0 = socket$netlink(0x10, 0x3, 0x8000000004) (async)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in=@empty, @in6=@ipv4={""/10, ""/2, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@remote}, 0x0, @in6=@ipv4={""/10, ""/2, @loopback}}}, &(0x7f00000002c0)=0xffffffffffffff78)
chown(&(0x7f0000000140)='./file0\x00', r1, 0xee01)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)
r2 = socket(0xa, 0x1, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x1bd) (async)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',privport,access=', @ANYRESDEC])
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'}) (async)
r7 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) (async)
r9 = accept4$alg(r8, 0x0, 0x0, 0x0)
r10 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
syncfs(r10)
sendmmsg$alg(r9, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000280)="a92e81d0991808e33c2330164cf023df69", 0x11}], 0x1, 0x0, 0x0, 0x880}], 0x1, 0x0)
recvmmsg(r9, &(0x7f000000b480)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001080)=""/4095, 0xfff}], 0x1}, 0x7ff}], 0x1, 0x102, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r11=>0x0})
r12 = open$dir(&(0x7f0000000080)='./file0\x00', 0x2000, 0x110)
mkdirat(r12, &(0x7f00000000c0)='./file0\x00', 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async)
r13 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r13, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe) (async)
shutdown(r13, 0x1)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000100000001dcf9ffffff000008000100494eaa2396b2a2d92d33219d88fb9fc3db16a3496772f1e02bf4f2c9f1ff4161a7301f10be434985dc32fa5efc5c", @ANYRES32=r11, @ANYBLOB="400002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRESDEC=0x0, @ANYBLOB="34043d3e88470630755c6ac4ae3e822ca241a385dfa0473d0292b36f9f0c6f385282694b82d9fea2c10670e867abbaa53fffbf167bab90fcda93363f4524dc294be79e764dabb448148e54f68297610c5295a0e9b642e9e8a7f50918d3b04ed2c3ddbdaeb9e36c6c238585416a41c1dbcbddad929ad842ae8b166e3fd642f7c8870c815e0000a776d28d8f72253c155d5e328e93b7604396a79129c95c2f6d91e4398ac0ef205b5266d15448761930ce9bf5c155e5a40600000000000000"], 0x5c}}, 0x40010)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000300)={{0x2, 0x4e23, @private=0xa010100}, {0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}, 0x30, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 'ip6gre0\x00'})

939.473025ms ago: executing program 5 (id=5276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x220c2, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000001440)=""/1)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r5, 0x4048ae9b, &(0x7f0000000080)={0xe0003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x83, 0xffffffffefffff15, 0x3, 0x4, 0x4, 0x4]}})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x1a241, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$BLKSECTGET(r6, 0x1267, &(0x7f0000000180))
ioctl$EVIOCREVOKE(0xffffffffffffffff, 0x40044591, &(0x7f00000001c0)=0x802)

840.396182ms ago: executing program 5 (id=5277):
keyctl$set_reqkey_keyring(0xe, 0x5)
r0 = socket$inet(0x2, 0x80001, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000100)=ANY=[@ANYBLOB="7365637572697479000000000000000000000000000000000200"/72], 0x48)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000040)={{0x2, 0x4e22, @local}, {0x1, @random="7d09accaca41"}, 0x60, {0x2, 0x4e23, @rand_addr=0x64010101}, 'wg1\x00'})
r1 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$rds(0x15, 0x5, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000400)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r4, 0x80047437, 0x0)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = fsopen(&(0x7f0000000100)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MPATH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES16=r9, @ANYBLOB="090227bd7010ffdbdf070000000088000300", @ANYRES32], 0x34}}, 0x40)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
recvmmsg(r5, 0x0, 0x0, 0x40010142, 0x0)
ioctl$PPPIOCGCHAN(r5, 0x80047437, &(0x7f0000000080))
bind$rds(r3, &(0x7f0000000240)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r10, 0x40047438, &(0x7f0000000040)=0x2)

749.77071ms ago: executing program 5 (id=5278):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_POLICY={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
read$FUSE(r1, &(0x7f0000004340)={0x2020}, 0x2020)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000080)={0x15, 0x4, 0x9b})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r3, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x1, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

749.619142ms ago: executing program 5 (id=5279):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x11)

688.097077ms ago: executing program 5 (id=5280):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0x614}, 0x8)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2, 0x5)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xd5b, 0x34854c48, 0x0, 0x0, 0x73b, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000052b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005468a9fe52386e52000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000da0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000f7ffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bb33ea699a80e3f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0xa}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8652b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x6, {0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3966, 0x1, 0x8000, 0xfffffffc, r2, r3, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x84901, 0x101)
write$tcp_congestion(r4, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
dup2(r4, r0)

538.031817ms ago: executing program 2 (id=5281):
syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x60842, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
memfd_create(&(0x7f0000000f40)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89*`\xf3\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9m\xe94 \f-\xebNv\x04\xa2Z\x0f\x0e^\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00 \x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x84\xa8\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0&\x8a\x18\xdfH\x80\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x05\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\b\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15>\x8fQ\xc2\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x9b 1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x00p+sh\xf5\xd3\x86i\x01>U\x9d\bT\xcd\xa2\xea\x9c\xec\xea\xf2\'\x8a\x89\x10=\x8eklgW\x8fEOr\xa1\xee\xec\xed1\xa6\xfev\r\x16\x0e\xae\xe6[\xf7p\xd8\xc2\xa5\xa0\xed\x8e\xcc\xfd\xf2*\xc1\x9eD\x8b3Q\xd15\x9f\xf8/ \xa5\x05\xf486A\xc6\xc0Pq;\xeb\xa5\a+\x8d\xed\xb2\xf7\xd4Kd\x0f\x1d_\x96\x80\xfd\xf1i\"\x13\xf1\x19\xf0\xc8\xa6\xd5d&\rx\x90\xa8_\x15g`\xf6\xa0\x85\xa6\xeb\a7\xd8]l\x0f[4]&(b\x12;Y\x04\xa7\xb2E\t[\xf7\xe1\x04\xed\xbd\xa4\xbc\x9a\x8a\xb9q\x86\x88\xaf\xaeK6\xa5\xbb\xd6\x81\x04p\x10\xe8\x80\xeb\x0fM\xae\xed\\L\xf8\xb0/\x0e;\x97\xff\xff\xff\xff\xff\xff\xff\x7f\xf2.\xef\xa8\xfd\r\x84\x80\xf8Yv\xc4\xcb\x00Rb\x0e(\xa3\xcf$\xd8\xd3vqG>\x05Z\xb2\xd0\xf6\x8c\xf77\xf8\x1f\x99\x18wZ\x1e\n\xbd\xb9\xa1\xe4H\xea\xab\x15\x1f\xec\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8e\xe5U\x87H\xc7~\x952 \x1b\xeb\xd8\xff\x17C\xd4/I\x82N\xea\x99k\x9e\x91G\x01\x01\xe7NX\x15%>\xdc\xd6\x85\r\xf2\xc6\x0f\x18wk\xd9\x83\"\x1f\x0f\t\xd0D\x9e\xdf\'\xea#\xcc$V\xfa\xb8%\x0f\x8b\xa2\xa16l\xf626u\xc4\xf7y\xec5\xce\xd9\xe5\xba\x1e\xfb\xc3\xbe\xb0`\x87\x99z\x1b\xcc&\x8d\xf3\x81\x8d\xab\xd7\xa0+\xb1\xd5\xa8c\x8a/1\xc0\xach\xd04se!k\xed\xae\xe0\xa3\x1by\"b\"c\xa25CA\x17\xedc7\x80\xad(S;\x8f2\x00\fS\xc7\xf5eS\xc0\xddc7\x86\x9a\x90nvI\x04g\xab\x88\xf3\xb5\xfaVZ\x02\xf6\x1b\xf2\x9d\b\xe5m*\xe5\x87\xfe\xb7o\x19j\xf5\xd9\x9f~\xe6)\x92h\xfd\xb4\x0e\xea\xfd\x0e\xfc\x02\xce=\xcc\xfc3j\x81\xbb\xfc*h\xf7\xd1\xb1`,x\xb3\x13F\x18\xbb\xa1I\b\xc8\xa5M\x14+_\x8f\xe3\xa3=\x8b}\x85\xf0\x9djE\x99\xfd\x1e\xa0\xc8\xcc\x94\x00\x02\xb9\xbaB\xd1rq\xf7\xe4\xee\x9a\xa1\x88\xa8g\xd0\xf5R\xae\xffne\x87\x1b\x1e\xea\x94\xf8\x98\xbf\xef\x8b\xaby\x8d\xe1\xf7\xb8E~Ou\xc7\xae\x96j\xff\xd3\xe1\xa9\x13\xa2\x061R<1]\xb75\x91\xfa\xc2\a\xc1\xf18\xc3\x977\xaf\x01vzl\xc3\xefex\xc8r\aE\x1d\x11Ld\xa6\xf0\x03\xb2.\xa1;\x05U\xab&\x1bo\x1b\n\x96\x93FO%H\x1fr\xe8\xde&\x95\xd7d\x8d\xde\xa8\xaa\xf3\xc8\x99M\x90V,f\xc1\x9d\x95y\x12\x84\xddw\x87y\x80\x9f/', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
dup(r2)
syz_open_dev$tty1(0xc, 0x4, 0x4)
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x402)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x3, 0x57)
socket$inet6(0xa, 0x2, 0x3a)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20040040}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)

537.529971ms ago: executing program 5 (id=5282):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000680)=@usbdevfs_driver={0x7, 0x8000, &(0x7f00000005c0)="59a9d1b82768fc5603a7c6c358f5965bf4209a882aa3310a86ae5e737a4244d770a9a018f488745df3039c96f80df4bf95dd99b49f00db34ef3f9002c5f58fa6d682b0a4016626d3411fb8b2558b173361b70e93f208251d8b3ee8076bd8b38f2274ca1bb38bb3a33950838cad5bc24d954e1bb502a592bf80187f62eb932ed6ef903d2cb12be529feef172f3c47fa0f9ebb6cfc467dcc816aaeec1783a12b7d9a8854811c89f7b6e31f2979673d644f122905dd70e62e3e3305e0c86bd7fe"})
pipe(&(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000000)='fd', 0x0, r1)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f00000001c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$xdp(0x2c, 0x3, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2, 0x0)
syz_clone3(&(0x7f0000000540)={0x40000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x16}, &(0x7f0000000380)=""/178, 0xb2, &(0x7f0000000480)=""/122, &(0x7f0000000500)=[r5], 0x1, {r2}}, 0x58)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)

380.298361ms ago: executing program 2 (id=5283):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e0001000000000000000000fffffffffffff0000000000a0060"], 0xb8}}, 0x20040014)

329.934432ms ago: executing program 2 (id=5284):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000010000305000000000000000000001610", @ANYRES32=0x0, @ANYBLOB="15460100ef0000001c0012800b0001006d616373656300000c000280050003000800000008000500", @ANYRES32=r1], 0x44}}, 0x0)

130.389456ms ago: executing program 2 (id=5285):
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100000000000000000000000000000000007fffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "9001001c551265406c7f306003d8a0f4bd0000000300"}})

72.651898ms ago: executing program 2 (id=5286):
io_uring_setup(0x162a, &(0x7f0000000280)={0x0, 0x2b6c, 0x44007, 0x80000002, 0x2ae})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

0s ago: executing program 2 (id=5287):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000005c0)=ANY=[], 0x20}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x1c9)
mkdirat(r1, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0xf00, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl(0xffffffffffffffff, 0xb8, &(0x7f0000000000)="15e0185428227964d1")
r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x40300, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000340)={0x1fe, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x85, 0x2, 0x0, 0x4002004c8, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0x4, 0x0, 0x80000004000000, 0x200000000c], 0x100000, 0x2010d3})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
fanotify_mark(r4, 0x1, 0x5000003a, r3, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)=',-,(\x00', &(0x7f00000001c0)='gre\x00', 0x0)
mkdirat(r2, &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffcbf)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3106000000000000000a00000011000300686173683a69702c706f727400000000"], 0x4c}}, 0x2)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5c0000000000070000000900020073797a3100000000050001971d000000340007801800018014000240fe8000000000000000000000000000bb060004e79cf86a28ff6d400e9700000000070088000000060005404e22000093a88d95dbcd85ecf4bebed3725500011b9a343c70fe03f20a4ce864d5791b45ad7c9327a5714fca1b633812d03e78f95e1c5da9d096f77659836882da09b264b47138c697bf088cba0b9c9879d17c668614c5d8b6f90f0280e8ff709ed83346079325fe10376cc8f0b8a285880e6c557e634e9c91cca39e06ed97fa3cb40606c7bb1ae43617defba5f406c06875b4aa42e520459396c964615b81d7e795ef"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x0)
open(&(0x7f0000000200)='.\x00', 0xc4002, 0x122)

kernel console output (not intermixed with test programs):


[  328.722283][T16649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.722304][T16649] RSP: 002b:00007f57734b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  328.722319][T16649] RAX: ffffffffffffffda RBX: 00007f57727e5fa0 RCX: 00007f577258f6c9
[  328.722330][T16649] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  328.722341][T16649] RBP: 00007f57734b9090 R08: 0000000000000000 R09: 0000000000000000
[  328.722350][T16649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.722360][T16649] R13: 00007f57727e6038 R14: 00007f57727e5fa0 R15: 00007fffa5a6b738
[  328.722386][T16649]  </TASK>
[  329.012024][T16669] dummy0: entered allmulticast mode
[  329.018815][T16651] MINIX-fs: blocksize too small for device
[  329.020176][T16669] batadv0: entered promiscuous mode
[  329.025960][T16666] veth1_macvtap: left promiscuous mode
[  329.027750][T16666] macsec0: entered promiscuous mode
[  329.038004][T16667] batadv0: left promiscuous mode
[  329.102626][T16682] binder_alloc: 16679: binder_alloc_buf, no vma
[  329.167675][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  329.167686][   T40] audit: type=1400 audit(329.073:22635): avc:  denied  { listen } for  pid=16694 comm="syz.5.4021" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  329.357769][T16720] netlink: 'syz.4.4030': attribute type 4 has an invalid length.
[  329.366235][T16720] netlink: 'syz.4.4030': attribute type 4 has an invalid length.
[  329.411503][T16733] xt_ipcomp: unknown flags 1D
[  329.665558][T16764] loop2: detected capacity change from 0 to 7
[  329.670785][T16764]  loop2: [POWERTEC] p1
[  329.673000][T16764] loop2: p1 start 1110023006 is beyond EOD, truncated
[  329.754761][T16771] netlink: 'syz.4.4048': attribute type 17 has an invalid length.
[  329.757079][T16771] macvtap0: entered allmulticast mode
[  329.758699][T16771] veth0_macvtap: entered allmulticast mode
[  329.760840][T16771] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check.
[  329.792723][T16777] overlayfs: failed to clone upperpath
[  329.815410][   T40] audit: type=1400 audit(329.723:22636): avc:  denied  { getopt } for  pid=16779 comm="syz.2.4051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  329.857172][T16790] loop2: detected capacity change from 0 to 7
[  329.857529][T16790]  loop2: [POWERTEC] p1
[  329.857583][T16790] loop2: p1 start 1110023006 is beyond EOD, truncated
[  329.924138][T16807] overlayfs: failed to clone upperpath
[  330.032829][T16827] loop2: detected capacity change from 0 to 7
[  330.035280][T16827]  loop2: [POWERTEC] p1
[  330.036842][T16827] loop2: p1 start 1110023006 is beyond EOD, truncated
[  330.079335][T16833] bond0: (slave bond_slave_0): Releasing backup interface
[  330.085815][T16833] bond0: (slave bond_slave_1): Releasing backup interface
[  330.098067][T16833] team0: Port device team_slave_0 removed
[  330.104675][T16833] team0: Port device team_slave_1 removed
[  330.107014][T16833] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.109411][T16833] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.115959][T16833] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.118344][T16833] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.123720][T16833] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  330.157239][T16833] team0: Mode changed to "broadcast"
[  330.159126][T16833] vlan0: entered promiscuous mode
[  330.163867][T16833] team0: Port device vlan0 added
[  330.166146][T16833] tipc: Started in network mode
[  330.170009][T16833] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  330.172601][T16833] tipc: Enabled bearer <eth:team0>, priority 0
[  330.364535][   T40] audit: type=1326 audit(330.273:22637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.373976][   T40] audit: type=1326 audit(330.273:22638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.382596][   T40] audit: type=1326 audit(330.273:22639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.390142][   T40] audit: type=1326 audit(330.273:22640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.398047][   T40] audit: type=1326 audit(330.273:22641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.406323][   T40] audit: type=1326 audit(330.273:22642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.414392][   T40] audit: type=1326 audit(330.273:22643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.422297][   T40] audit: type=1326 audit(330.273:22644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16856 comm="syz.1.4075" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x7ffc0000
[  330.446308][T16864] Bluetooth: hci4: Frame reassembly failed (-84)
[  330.454651][T10934] Bluetooth: hci4: Frame reassembly failed (-84)
[  330.501793][T16873] netlink: 'syz.1.4079': attribute type 11 has an invalid length.
[  330.561704][T16873] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  330.569553][T16873] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  330.827575][T16893] __nla_validate_parse: 26 callbacks suppressed
[  330.827715][T16893] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4081'.
[  330.834282][T16893] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4081'.
[  331.021061][ T6015] usb 6-1: new low-speed USB device number 43 using dummy_hcd
[  331.123703][T16915] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4091'.
[  331.181119][   T53] tipc: Node number set to 11578026
[  331.193417][ T6015] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  331.196717][ T6015] usb 6-1: config 0 has no interface number 0
[  331.199218][ T6015] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  331.202772][ T6015] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  331.205944][ T6015] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  331.209379][ T6015] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  331.214217][ T6015] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  331.218530][ T6015] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  331.223366][ T6015] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  331.226698][ T6015] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.231255][ T6015] usb 6-1: config 0 descriptor??
[  331.233426][T16888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  331.235646][T16888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  331.239379][ T6015] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  331.496639][T16931] overlayfs: failed to resolve './file1': -2
[  331.598667][T16941] overlayfs: failed to clone upperpath
[  331.913971][T16968] IPv4: Oversized IP packet from 172.20.20.24
[  331.917444][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  331.920312][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  332.286632][T16980] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4115'.
[  332.293061][T16980] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4115'.
[  332.434918][T16988] comedi comedi3: comedi_config --init_data is deprecated
[  332.438783][T16988] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4118'.
[  332.501090][ T5934] Bluetooth: hci4: command 0x1003 tx timeout
[  332.504962][   T64] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  332.544686][   T64] Bluetooth: hci2: adv larger than maximum supported
[  332.544731][   T64] Bluetooth: hci2: Malformed LE Event: 0x0d
[  332.544968][T17000] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4123'.
[  332.588522][T17004] loop2: detected capacity change from 0 to 7
[  332.591841][T17004]  loop2: [POWERTEC] p1
[  332.593274][T17004] loop2: p1 start 1110023006 is beyond EOD, truncated
[  332.654588][T17006] netlink: 'syz.5.4127': attribute type 1 has an invalid length.
[  332.672891][T17006] 8021q: adding VLAN 0 to HW filter on device bond3
[  332.678049][T16999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4124'.
[  332.681330][T16999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4124'.
[  332.686402][T17006] bond3: (slave geneve2): making interface the new active one
[  332.689947][T17006] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  332.763456][T17014] random: crng reseeded on system resumption
[  332.773444][T17014] Restarting kernel threads ...
[  332.778302][T17014] Done restarting kernel threads.
[  333.146590][   T64] Bluetooth: hci1: unexpected event 0x2f length: 1017 > 260
[  333.329244][T17059] overlayfs: failed to clone upperpath
[  333.368419][T17061] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4148'.
[  333.576410][T17085] overlayfs: failed to clone upperpath
[  333.660935][T17089] xfrm0 speed is unknown, defaulting to 1000
[  333.731770][ T6015] usb 6-1: USB disconnect, device number 43
[  333.742192][ T6015] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  334.333903][T17080] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  334.336432][T17080] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  334.344590][T17080] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  334.348073][T17080] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  334.349962][T17080] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  334.354423][T17080] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  334.357265][T17080] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  334.359150][T17080] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  334.362073][T17080] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  334.601356][T12681] usb 10-1: new low-speed USB device number 5 using dummy_hcd
[  334.752266][T12681] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  334.752284][T12681] usb 10-1: config 0 has no interface number 0
[  334.752301][T12681] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  334.752313][T12681] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  334.752325][T12681] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  334.752337][T12681] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  334.752350][T12681] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  334.752362][T12681] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  334.752380][T12681] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  334.752392][T12681] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.753624][T12681] usb 10-1: config 0 descriptor??
[  334.754385][T17114] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  334.754525][T17114] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  334.756252][T12681] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  334.961201][T17160] geneve2: entered promiscuous mode
[  335.213149][ T6015] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  335.220024][T17179] bridge2: the hash_elasticity option has been deprecated and is always 16
[  335.292590][T17186] overlayfs: failed to clone upperpath
[  335.361180][ T6015] usb 6-1: Using ep0 maxpacket: 16
[  335.365331][T17193] 9pnet: Unknown protocol version 9p4Ñ00.u²ßƒu¸œ=«qIîf
—F‘›Á	†òl}€Q©&B-‚âá	¸3òfÇ!<Æ>Ë1K™‡ÀÞèf4!8¡Ñ®Âtr1´äÄèE�‡ÖÖ¸Ô�o'ãõ…Ìò>Ú£‰
[  335.368891][ T6015] usb 6-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[  335.374580][ T6015] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24
[  335.377095][ T6015] usb 6-1: Product: syz
[  335.378349][ T6015] usb 6-1: Manufacturer: syz
[  335.379825][ T6015] usb 6-1: SerialNumber: syz
[  335.384550][ T6015] usb 6-1: config 0 descriptor??
[  335.413099][T17196] overlayfs: failed to resolve './file0': -2
[  335.414674][T17197] overlayfs: failed to resolve './file0': -2
[  335.591592][ T5934] Bluetooth: hci3: Malformed LE Event: 0x0d
[  335.592739][ T6015] usb 6-1: USB disconnect, device number 44
[  335.621115][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout
[  335.754400][T17230] kAFS: No cell specified
[  335.888767][T17235] __nla_validate_parse: 12 callbacks suppressed
[  335.888778][T17235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4215'.
[  335.895987][T17235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4215'.
[  335.969279][T17239] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4216'.
[  335.972680][T17239] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4216'.
[  335.975945][T17239] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4216'.
[  336.003004][T17241] overlayfs: failed to clone upperpath
[  336.311220][T17254] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4223'.
[  336.371523][T17265] loop2: detected capacity change from 0 to 7
[  336.374119][T17265]  loop2: [POWERTEC] p1
[  336.375518][T17265] loop2: p1 start 1110023006 is beyond EOD, truncated
[  336.431482][ T5934] Bluetooth: hci2: command 0x0c1a tx timeout
[  336.431782][ T5941] Bluetooth: hci3: command 0x0c1a tx timeout
[  336.549838][T17278] x_tables: duplicate underflow at hook 2
[  336.552926][   T40] kauditd_printk_skb: 44 callbacks suppressed
[  336.552938][   T40] audit: type=1400 audit(336.463:22689): avc:  denied  { setattr } for  pid=17277 comm="syz.4.4231" name="SMC" dev="sockfs" ino=87554 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  336.564240][   T40] audit: type=1400 audit(336.463:22690): avc:  denied  { getopt } for  pid=17277 comm="syz.4.4231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  336.592496][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0407
[  336.619771][   T40] audit: type=1400 audit(336.523:22691): avc:  denied  { setopt } for  pid=17281 comm="syz.2.4233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  336.709364][T17293] loop2: detected capacity change from 0 to 7
[  336.712093][T17293]  loop2: [POWERTEC] p1
[  336.713464][T17293] loop2: p1 start 1110023006 is beyond EOD, truncated
[  336.820160][T17303] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4242'.
[  336.874095][T17304] cgroup: Unknown subsys name 'cpuset'
[  336.874170][T17307] cgroup: Unknown subsys name 'cpuset'
[  336.985651][ T5941] Bluetooth: hci1: unexpected event for opcode 0x0428
[  337.139697][   T24] usb 10-1: USB disconnect, device number 5
[  337.144150][   T24] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[  337.300668][T17317] bridge2: the hash_elasticity option has been deprecated and is always 16
[  337.307135][T17317] Bluetooth: hci0: invalid len left 7, exp >= 118
[  337.408857][T17319] loop2: detected capacity change from 0 to 7
[  337.412378][T17319]  loop2: [POWERTEC] p1
[  337.414324][T17319] loop2: p1 start 1110023006 is beyond EOD, truncated
[  337.456655][ T5941] Bluetooth: hci3: unexpected event for opcode 0x0c25
[  337.707441][T17327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4250'.
[  337.710865][T17327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4250'.
[  337.803823][T17332] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  337.946583][T17341] overlayfs: failed to clone upperpath
[  338.016842][T17349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4260'.
[  338.053483][T17353] IPVS: Unknown mcast interface: bridge_slave_0
[  338.057036][T17353] loop2: detected capacity change from 0 to 7
[  338.060147][T17353]  loop2:
[  338.061568][T17353] loop2: partition table partially beyond EOD, truncated
[  338.300581][T17387] bridge0: the hash_elasticity option has been deprecated and is always 16
[  338.308519][T17387] Bluetooth: hci0: unsupported parameter 255
[  338.311384][T17387] Bluetooth: hci0: unsupported parameter 255
[  338.361299][T12681] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  338.465479][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0428
[  338.469743][ T5941] Bluetooth: hci3: unexpected event for opcode 0x0804
[  338.491614][T12681] usb 7-1: device descriptor read/64, error -71
[  338.496248][T17414] cgroup: Unknown subsys name 'cpuset'
[  338.532573][T17418] bridge1: the hash_elasticity option has been deprecated and is always 16
[  338.761188][T12681] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  338.901044][T12681] usb 7-1: device descriptor read/64, error -71
[  339.011697][T12681] usb usb7-port1: attempt power cycle
[  339.351186][T12681] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  339.372664][T12681] usb 7-1: device descriptor read/8, error -71
[  339.430683][T17447] netlink: 'syz.1.4298': attribute type 1 has an invalid length.
[  339.486676][T17455] loop2: detected capacity change from 0 to 7
[  339.490093][T17455]  loop2: [POWERTEC] p1
[  339.494303][T17455] loop2: p1 start 1110023006 is beyond EOD, truncated
[  339.503525][T17461] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  339.595771][ T5941] Bluetooth: hci3: unexpected event for opcode 0x0428
[  339.611627][T12681] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  339.636300][T12681] usb 7-1: device descriptor read/8, error -71
[  339.742011][T12681] usb usb7-port1: unable to enumerate USB device
[  339.792476][T17491] loop2: detected capacity change from 0 to 7
[  339.795756][T17491]  loop2: [POWERTEC] p1
[  339.797657][T17491] loop2: p1 start 1110023006 is beyond EOD, truncated
[  339.873218][ T5941] Bluetooth: hci1: command 0x0c1a tx timeout
[  340.094593][   T40] audit: type=1400 audit(340.003:22692): avc:  denied  { mounton } for  pid=17514 comm="syz.1.4327" path="/431/file0" dev="rpc_pipefs" ino=89614 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  340.101321][T17517] loop2: detected capacity change from 0 to 7
[  340.106785][T17517]  loop2: [POWERTEC] p1
[  340.108290][T17517] loop2: p1 start 1110023006 is beyond EOD, truncated
[  340.146859][ T5941] Bluetooth: hci2: unexpected event for opcode 0x5f28
[  340.224012][   T40] audit: type=1400 audit(340.133:22693): avc:  denied  { unmount } for  pid=12535 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  340.336950][T17535] binder: BINDER_SET_CONTEXT_MGR already set
[  340.339483][T17535] binder: 17534:17535 ioctl 4018620d 2000000001c0 returned -16
[  340.522743][ T5941] Bluetooth: hci2: Malformed LE Event: 0x0d
[  341.252933][T17574] __nla_validate_parse: 17 callbacks suppressed
[  341.252947][T17574] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4350'.
[  341.258804][T17574] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4350'.
[  341.276822][T17576] loop2: detected capacity change from 0 to 7
[  341.279337][T17576]  loop2: [POWERTEC] p1
[  341.281371][T17576] loop2: p1 start 1110023006 is beyond EOD, truncated
[  341.327595][T17584] xfrm0 speed is unknown, defaulting to 1000
[  341.363869][T17589] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4354'.
[  341.386548][T17591] netlink: 'syz.5.4358': attribute type 10 has an invalid length.
[  341.389406][T17591] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4358'.
[  341.580509][   T40] audit: type=1400 audit(341.483:22694): avc:  denied  { listen } for  pid=17611 comm="syz.2.4364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  341.588720][T17617] overlayfs: failed to clone upperpath
[  341.592838][   T40] audit: type=1400 audit(341.493:22695): avc:  denied  { accept } for  pid=17611 comm="syz.2.4364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  341.599580][ T5941] Bluetooth: hci3: unexpected event for opcode 0x0804
[  341.618991][T17621] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4368'.
[  341.668854][T17624] netlink: 184 bytes leftover after parsing attributes in process `syz.2.4364'.
[  341.712957][T17630] loop2: detected capacity change from 0 to 7
[  341.716289][T17630] Dev loop2: unable to read RDB block 7
[  341.718554][T17630]  loop2: unable to read partition table
[  341.721140][T17630] loop2: partition table beyond EOD, truncated
[  341.723712][T17630] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  341.820472][T17646] overlayfs: failed to clone upperpath
[  341.863075][T17650] loop2: detected capacity change from 0 to 7
[  341.865576][T17650]  loop2: [POWERTEC] p1
[  341.866945][T17650] loop2: p1 start 1110023006 is beyond EOD, truncated
[  341.883398][T17652] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4382'.
[  342.062985][T17664] netlink: 'syz.4.4387': attribute type 12 has an invalid length.
[  342.065557][T17664] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4387'.
[  342.069277][   T40] audit: type=1400 audit(341.973:22696): avc:  denied  { read } for  pid=17663 comm="syz.4.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  342.122064][   T40] audit: type=1400 audit(342.033:22697): avc:  denied  { setopt } for  pid=17663 comm="syz.4.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  342.124199][T17662] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4386'.
[  342.133528][T17662] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4386'.
[  342.660721][   T40] audit: type=1326 audit(342.563:22698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17698 comm="syz.5.4401" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7cb478f6c9 code=0x0
[  342.751072][   T53] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  342.911046][   T53] usb 7-1: Using ep0 maxpacket: 16
[  342.916386][   T53] usb 7-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[  342.919891][   T53] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24
[  342.923177][   T53] usb 7-1: Product: syz
[  342.924877][   T53] usb 7-1: Manufacturer: syz
[  342.926698][   T53] usb 7-1: SerialNumber: syz
[  342.929905][   T53] usb 7-1: config 0 descriptor??
[  343.138668][ T5941] Bluetooth: hci1: Malformed LE Event: 0x0d
[  343.193512][T17722] MTD: Attempt to mount non-MTD device "/dev/nbd2"
[  343.196854][T17722] cramfs: wrong magic
[  343.241125][   T24] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  343.249335][T17726] lo speed is unknown, defaulting to 1000
[  343.252407][T17726] lo speed is unknown, defaulting to 1000
[  343.254640][T17726] lo speed is unknown, defaulting to 1000
[  343.306287][T17727] netlink: 'syz.4.4412': attribute type 5 has an invalid length.
[  343.331482][T17726] infiniband syz2: set active
[  343.333143][ T5976] lo speed is unknown, defaulting to 1000
[  343.333224][T17726] infiniband syz2: added lo
[  343.369389][T17726] RDS/IB: syz2: added
[  343.371607][T17726] smc: adding ib device syz2 with port count 1
[  343.374502][T17726] smc:    ib device syz2 port 1 has no pnetid
[  343.377995][ T5997] lo speed is unknown, defaulting to 1000
[  343.380908][T17726] lo speed is unknown, defaulting to 1000
[  343.391059][   T24] usb 6-1: Using ep0 maxpacket: 8
[  343.394851][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  343.399044][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  343.402620][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  343.406115][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  343.409181][   T24] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  343.412439][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.417702][   T24] hub 6-1:1.0: bad descriptor, ignoring hub
[  343.419605][   T24] hub 6-1:1.0: probe with driver hub failed with error -5
[  343.422857][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  343.424567][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  343.427642][   T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  343.429593][   T24] cdc_wdm 6-1:1.0: Unknown control protocol
[  343.472416][T17726] lo speed is unknown, defaulting to 1000
[  343.554042][T17726] lo speed is unknown, defaulting to 1000
[  343.632280][T17726] lo speed is unknown, defaulting to 1000
[  343.715897][T17726] lo speed is unknown, defaulting to 1000
[  343.721239][T12681] usb 6-1: USB disconnect, device number 45
[  343.763877][T17738] netlink: 'syz.5.4416': attribute type 1 has an invalid length.
[  343.847483][T17747] overlayfs: failed to clone upperpath
[  344.075255][T17764] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3821099475 (7642198950 ns) > initial count (2842047336 ns). Using initial count to start timer.
[  344.214785][T17775]  pmem0: [POWERTEC]
[  344.279280][T17783] random: crng reseeded on system resumption
[  344.345274][T17791] loop2: detected capacity change from 0 to 7
[  344.347835][T17791]  loop2: [POWERTEC] p1
[  344.349330][T17791] loop2: p1 start 1110023006 is beyond EOD, truncated
[  344.396416][T17797] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  344.609222][T17819] sp0: Synchronizing with TNC
[  344.696087][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0804
[  344.756304][T17837] overlayfs: failed to clone upperpath
[  344.794026][T17840] overlayfs: failed to clone upperpath
[  344.798517][T17840] overlayfs: failed to clone lowerpath
[  344.914957][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0428
[  344.953927][   T40] audit: type=1400 audit(344.863:22699): avc:  denied  { map } for  pid=17848 comm="syz.5.4461" path="socket:[90448]" dev="sockfs" ino=90448 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  344.961397][   T40] audit: type=1400 audit(344.863:22700): avc:  denied  { read } for  pid=17848 comm="syz.5.4461" path="socket:[90448]" dev="sockfs" ino=90448 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  345.178186][T17879] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=259 sclass=netlink_route_socket pid=17879 comm=syz.1.4471
[  345.188641][T17879] usb usb8: usbfs: process 17879 (syz.1.4471) did not claim interface 0 before use
[  345.208022][T17872] sctp: [Deprecated]: syz.5.4469 (pid 17872) Use of struct sctp_assoc_value in delayed_ack socket option.
[  345.208022][T17872] Use struct sctp_sack_info instead
[  345.238987][T17883] loop2: detected capacity change from 0 to 7
[  345.243178][T17883]  loop2: [POWERTEC] p1
[  345.245092][T17883] loop2: p1 start 1110023006 is beyond EOD, truncated
[  345.246702][T17885] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  345.518360][T12681] usb 7-1: USB disconnect, device number 26
[  346.052670][T17981] usb usb9: usbfs: process 17981 (syz.5.4508) did not claim interface 0 before use
[  346.262077][T17988] __nla_validate_parse: 26 callbacks suppressed
[  346.262089][T17988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4510'.
[  346.285345][T17999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4514'.
[  346.289169][T17999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4514'.
[  346.416181][   T40] audit: type=1400 audit(346.323:22701): avc:  denied  { mount } for  pid=18024 comm="syz.1.4522" name="/" dev="9p" ino=71827781 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  346.428118][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0804
[  346.445945][   T40] audit: type=1400 audit(346.353:22702): avc:  denied  { unmount } for  pid=12535 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  346.567871][T18036] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  346.608715][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.614070][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.617412][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.618135][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  346.625223][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.625276][T18053] loop2: detected capacity change from 0 to 7
[  346.625350][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.625367][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.625624][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.625712][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.625723][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.625963][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.626049][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.626059][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.626238][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.626346][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.626358][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.626502][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.626585][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.626596][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.626727][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.626808][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.626818][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.627065][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.627152][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.627163][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.627302][T18046] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.627385][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.627395][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.627596][T18046] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  346.627606][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.627808][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.628083][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.628296][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.628504][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.628712][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.633391][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.633976][T18053]  loop2: [POWERTEC] p1
[  346.634050][T18053] loop2: p1 start 1110023006 is beyond EOD, truncated
[  346.636172][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.641106][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(7)
[  346.644727][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.647002][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.647085][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.650368][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.658299][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(9)
[  346.659167][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.662160][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.663499][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.668063][T18058] vhci_hcd vhci_hcd.0: port 0 already used
[  346.668495][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.668716][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.668919][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.669130][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.669338][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.669545][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.669749][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.669974][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.676439][T18061] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32 sclass=netlink_tcpdiag_socket pid=18061 comm=syz.4.4532
[  346.678779][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.683626][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(11)
[  346.684820][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.689762][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.690022][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.692954][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.699259][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(14)
[  346.701049][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.703454][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.706098][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.707150][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.735424][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(17)
[  346.833841][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.836531][    C2] vkms_vblank_simulate: vblank timer overrun
[  346.838078][T18046] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  346.843029][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.845739][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(19)
[  346.848038][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.851583][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.856830][T18047] vhci_hcd vhci_hcd.0: pdev(1) rhport(7) sockfd(21)
[  346.858938][T18047] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.863718][T18047] vhci_hcd vhci_hcd.0: Device attached
[  346.869139][T18047] vhci_hcd vhci_hcd.0: port 0 already used
[  346.876201][T18068] vhci_hcd: connection closed
[  346.876325][T18063] vhci_hcd: connection closed
[  346.878291][ T1237] vhci_hcd: stop threads
[  346.878354][T18054] vhci_hcd: connection closed
[  346.880352][T18066] vhci_hcd: connection closed
[  346.881047][T18056] vhci_hcd: connection closed
[  346.881221][ T1237] vhci_hcd: release socket
[  346.881716][T18070] vhci_hcd: connection closed
[  346.882115][ T1237] vhci_hcd: disconnect device
[  346.883116][T18051] vhci_hcd: connection closed
[  346.889367][T18073] vhci_hcd: connection closed
[  346.889862][ T1237] vhci_hcd: stop threads
[  346.897279][ T1237] vhci_hcd: release socket
[  346.898742][ T1237] vhci_hcd: disconnect device
[  346.900888][ T1237] vhci_hcd: stop threads
[  346.902515][ T1237] vhci_hcd: release socket
[  346.904436][ T1237] vhci_hcd: disconnect device
[  346.906333][ T1237] vhci_hcd: stop threads
[  346.908161][ T1237] vhci_hcd: release socket
[  346.910737][ T1237] vhci_hcd: disconnect device
[  346.914294][ T1237] vhci_hcd: stop threads
[  346.916003][ T1237] vhci_hcd: release socket
[  346.917435][ T1237] vhci_hcd: disconnect device
[  346.919242][ T1237] vhci_hcd: stop threads
[  346.921109][ T1237] vhci_hcd: release socket
[  346.922857][ T1237] vhci_hcd: disconnect device
[  346.924623][ T1237] vhci_hcd: stop threads
[  346.926304][ T1237] vhci_hcd: release socket
[  346.927918][ T1237] vhci_hcd: disconnect device
[  346.929499][ T1237] vhci_hcd: stop threads
[  346.932772][ T1237] vhci_hcd: release socket
[  346.934820][ T1237] vhci_hcd: disconnect device
[  347.447213][T18095] loop2: detected capacity change from 0 to 7
[  347.449953][T18095]  loop2: [POWERTEC] p1
[  347.451668][T18095] loop2: p1 start 1110023006 is beyond EOD, truncated
[  347.477625][T18099] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4544'.
[  347.480661][T18099] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4544'.
[  347.482487][T18100] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4541'.
[  347.647409][T18109] binder: 18108:18109 ioctl c0306201 200000000380 returned -22
[  347.753683][T18114] overlayfs: failed lookup in lower (newroot/381, name='bus', err=-40): overlapping layers
[  348.179316][T18138] xfrm0 speed is unknown, defaulting to 1000
[  348.282391][T18138] lo speed is unknown, defaulting to 1000
[  348.291024][T18156] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4565'.
[  348.294261][T18156] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4565'.
[  348.303090][T18159] netlink: 128 bytes leftover after parsing attributes in process `syz.4.4564'.
[  348.307546][T10937] tipc: Resetting bearer <eth:team0>
[  348.317789][T18161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4564'.
[  348.352975][ T5941] Bluetooth: hci2: unexpected event for opcode 0x0804
[  348.404772][   T40] audit: type=1400 audit(348.313:22703): avc:  denied  { read } for  pid=18177 comm="syz.5.4571" dev="sockfs" ino=91475 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  348.406020][T18178] 9pnet_fd: Insufficient options for proto=fd
[  348.449026][   T40] audit: type=1400 audit(348.353:22704): avc:  denied  { accept } for  pid=18183 comm="syz.2.4573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  348.475983][   T40] audit: type=1400 audit(348.383:22705): avc:  denied  { setopt } for  pid=18181 comm="syz.4.4572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  348.522181][T18194] overlayfs: failed to clone upperpath
[  348.586174][T18206] tmpfs: Unknown parameter 'mpe<mp�|'
[  348.634943][   T40] audit: type=1400 audit(348.543:22706): avc:  denied  { getopt } for  pid=18212 comm="syz.2.4584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  348.680189][T18221] overlay: ./file0 is not a directory
[  348.696661][   T40] audit: type=1804 audit(348.603:22707): pid=18221 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4583" name="/newroot/488/bus/file0" dev="tmpfs" ino=2769 res=1 errno=0
[  348.780494][T18228] overlayfs: failed to clone upperpath
[  348.806240][   T40] audit: type=1400 audit(348.713:22708): avc:  denied  { shutdown } for  pid=18218 comm="syz.2.4586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  349.087821][T18256] 9pnet_fd: Insufficient options for proto=fd
[  349.127416][T18259] overlayfs: failed to clone upperpath
[  349.242305][T18266] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  349.249590][   T64] Bluetooth: hci2: unexpected event for opcode 0x0804
[  349.651107][T18305] loop2: detected capacity change from 0 to 7
[  349.653533][T18305]  loop2: [POWERTEC] p1
[  349.655352][T18305] loop2: p1 start 1110023006 is beyond EOD, truncated
[  350.121887][T18339] overlayfs: failed to clone upperpath
[  350.229037][   T40] audit: type=1400 audit(350.133:22709): avc:  denied  { getopt } for  pid=18344 comm="syz.4.4636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  350.436860][T18365] cgroup: noprefix used incorrectly
[  350.442100][T18365] xt_l2tp: v2 doesn't support IP mode
[  350.869219][T18400] xfrm0 speed is unknown, defaulting to 1000
[  351.006437][T18400] lo speed is unknown, defaulting to 1000
[  351.111202][   T10] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  351.271434][   T10] usb 10-1: Using ep0 maxpacket: 32
[  351.276815][T18421] __nla_validate_parse: 15 callbacks suppressed
[  351.276826][T18421] netlink: 9 bytes leftover after parsing attributes in process `syz.4.4664'.
[  351.282077][T18421] 0·: renamed from hsr0 (while UP)
[  351.282310][   T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  351.287812][   T10] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  351.288725][T18421] 0·: entered allmulticast mode
[  351.294378][T18421] hsr_slave_0: entered allmulticast mode
[  351.296244][T18421] hsr_slave_1: entered allmulticast mode
[  351.297299][   T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  351.298315][T18421] net_ratelimit: 26 callbacks suppressed
[  351.298323][T18421] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  351.302154][   T10] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  351.313938][   T10] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  351.319074][   T10] usb 10-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  351.327480][   T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.334816][   T10] usb 10-1: config 0 descriptor??
[  351.354384][T18424] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  351.540293][   T10] usblp 10-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  351.704160][T18443] batadv_slave_1: entered promiscuous mode
[  351.905582][ T1472] usb 10-1: USB disconnect, device number 6
[  351.912006][ T1472] usblp0: removed
[  352.106274][T18442] batadv_slave_1: left promiscuous mode
[  352.139583][T18467] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4680'.
[  352.142511][T18467] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4680'.
[  352.145413][T18467] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4680'.
[  352.320372][T18477] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4684'.
[  352.332432][T18477] bond4: Invalid ad_actor_system MAC address.
[  352.334730][T18477] bond4: option ad_actor_system: invalid value (255)
[  352.339835][T18477] bond4 (unregistering): Released all slaves
[  352.440689][T18488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4688'.
[  352.623661][   T64] Bluetooth: hci2: unexpected event for opcode 0x0428
[  352.762911][T18528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4702'.
[  352.766800][T18528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4702'.
[  352.770537][T18528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4702'.
[  352.816628][T18532] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4705'.
[  352.833125][   T40] audit: type=1400 audit(352.743:22710): avc:  denied  { execute } for  pid=18531 comm="syz.1.4705" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  352.949788][   T40] audit: type=1400 audit(352.853:22711): avc:  denied  { map } for  pid=18544 comm="syz.1.4711" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  353.021061][T18555] overlayfs: failed to clone upperpath
[  353.093240][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  353.217594][T18569] can0: slcan on ttyS3.
[  353.282260][ T5997] usb 6-1: new low-speed USB device number 46 using dummy_hcd
[  353.287879][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  353.303418][T18567] can0 (unregistered): slcan off ttyS3.
[  353.421862][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  353.445833][ T5997] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  353.448594][ T5997] usb 6-1: config 0 has no interface number 0
[  353.450804][ T5997] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  353.454792][ T5997] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  353.459013][ T5997] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  353.463619][ T5997] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  353.467736][ T5997] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  353.472126][ T5997] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  353.477517][ T5997] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  353.481250][ T5997] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.489733][ T5997] usb 6-1: config 0 descriptor??
[  353.495764][T18556] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  353.499055][T18556] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  353.515407][ T5997] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  353.515735][T18577] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18577 comm=syz.5.4724
[  353.771032][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  353.781045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  354.278955][T18601] /dev/nullb0: Can't lookup blockdev
[  354.365141][T18610] overlayfs: failed to clone upperpath
[  354.405797][T18613] macvlan2: entered promiscuous mode
[  354.408170][T18613] macvlan2: entered allmulticast mode
[  354.411965][T18613] bond0: (slave macvlan2): Opening slave failed
[  354.512492][   T40] audit: type=1400 audit(354.423:22712): avc:  denied  { map } for  pid=18620 comm="syz.2.4741" path="socket:[93121]" dev="sockfs" ino=93121 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  354.514019][T18622] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  354.682731][T18634] overlayfs: failed to clone upperpath
[  354.901921][T18655] overlayfs: failed to clone upperpath
[  355.109264][T10947] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  355.113463][T10947] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  355.117360][T10947] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  355.119434][   T40] audit: type=1400 audit(355.023:22713): avc:  denied  { getopt } for  pid=18665 comm="syz.2.4758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  355.119830][T18666] nilfs2: Unknown parameter 'discard%»å­`'
[  355.121117][T10947] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  355.457280][T18684] x_tables: duplicate underflow at hook 1
[  355.702857][ T5934] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  355.706025][ T5934] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  355.710530][ T5934] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  355.714584][ T5934] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  355.718504][ T5934] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  355.743403][T18686] xfrm0 speed is unknown, defaulting to 1000
[  355.819059][T18686] lo speed is unknown, defaulting to 1000
[  356.043610][   T10] usb 6-1: USB disconnect, device number 46
[  356.047568][T18686] chnl_net:caif_netlink_parms(): no params data found
[  356.049140][   T10] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  356.065214][    C3] IPv4: Oversized IP packet from 172.20.20.24
[  356.142737][   T40] audit: type=1400 audit(356.053:22714): avc:  denied  { map } for  pid=18699 comm="syz.1.4769" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  356.152703][   T40] audit: type=1400 audit(356.053:22715): avc:  denied  { execute } for  pid=18699 comm="syz.1.4769" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  356.168647][T18686] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.172468][T18686] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.175565][T18686] bridge_slave_0: entered allmulticast mode
[  356.179492][T18686] bridge_slave_0: entered promiscuous mode
[  356.184131][T18686] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.187279][T18686] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.190276][T18686] bridge_slave_1: entered allmulticast mode
[  356.194729][T18686] bridge_slave_1: entered promiscuous mode
[  356.243953][T18686] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  356.249074][T18686] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  356.302073][T18686] team0: Port device team_slave_0 added
[  356.305478][T18686] team0: Port device team_slave_1 added
[  356.335831][T18686] batman_adv: batadv0: Adding interface: batadv_slave_0
[  356.335848][T18686] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  356.335870][T18686] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.337301][T18686] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.337313][T18686] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  356.337335][T18686] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  356.406068][T18686] hsr_slave_0: entered promiscuous mode
[  356.408982][T18686] hsr_slave_1: entered promiscuous mode
[  356.411104][T18686] debugfs: 'hsr0' already exists in 'hsr'
[  356.412962][T18686] Cannot create hsr debugfs directory
[  356.528292][T18686] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  356.533161][T18686] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.609169][T18686] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  356.613473][T18686] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.643634][T18752] __nla_validate_parse: 14 callbacks suppressed
[  356.643646][T18752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4786'.
[  356.652992][T18752] erspan0: entered promiscuous mode
[  356.655344][T18752] macvtap1: entered promiscuous mode
[  356.657392][T18752] macvtap1: entered allmulticast mode
[  356.659071][T18752] erspan0: entered allmulticast mode
[  356.698321][T18686] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  356.702497][T18686] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.774297][T18686] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  356.778098][T18686] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.866360][T18761] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4790'.
[  356.938059][T18686] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  356.945196][T18686] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  356.949489][T18686] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  356.954525][T18686] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  357.028502][T18686] 8021q: adding VLAN 0 to HW filter on device bond0
[  357.045579][T18686] 8021q: adding VLAN 0 to HW filter on device team0
[  357.056643][ T6866] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.059750][ T6866] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.067049][ T6866] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.070099][ T6866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  357.080504][T18787] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4797'.
[  357.233601][T18686] 8021q: adding VLAN 0 to HW filter on device batadv0
[  357.273438][T18686] veth0_vlan: entered promiscuous mode
[  357.283423][T18686] veth1_vlan: entered promiscuous mode
[  357.305217][T18686] veth0_macvtap: entered promiscuous mode
[  357.311254][T18686] veth1_macvtap: entered promiscuous mode
[  357.325304][T18686] batman_adv: batadv0: Interface activated: batadv_slave_0
[  357.331630][T18686] batman_adv: batadv0: Interface activated: batadv_slave_1
[  357.338217][T18811] overlayfs: failed to clone upperpath
[  357.338708][T10946] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.357459][T10946] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.388603][ T6874] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.399059][ T6874] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.427998][T10946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  357.428531][T18821] overlayfs: failed to resolve './file1/file0': -2
[  357.430783][T10946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  357.453703][ T6866] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  357.457306][ T6866] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  357.471035][   T40] audit: type=1400 audit(357.373:22716): avc:  denied  { mounton } for  pid=18686 comm="syz-executor" path="/syzkaller.xTi8qh/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=97067 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  357.674957][   T40] audit: type=1326 audit(357.583:22717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18827 comm="syz.2.4765" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e0478f6c9 code=0x0
[  357.716943][T18844] FAULT_INJECTION: forcing a failure.
[  357.716943][T18844] name failslab, interval 1, probability 0, space 0, times 0
[  357.721635][T18844] CPU: 0 UID: 0 PID: 18844 Comm: syz.1.4819 Not tainted syzkaller #0 PREEMPT(full) 
[  357.721650][T18844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  357.721657][T18844] Call Trace:
[  357.721673][T18844]  <TASK>
[  357.721678][T18844]  dump_stack_lvl+0x16c/0x1f0
[  357.721712][T18844]  should_fail_ex+0x512/0x640
[  357.721730][T18844]  ? fs_reclaim_acquire+0xae/0x150
[  357.721744][T18844]  should_failslab+0xc2/0x120
[  357.721756][T18844]  __kmalloc_noprof+0xdd/0x880
[  357.721770][T18844]  ? tomoyo_encode2+0x100/0x3e0
[  357.721785][T18844]  ? tomoyo_encode2+0x100/0x3e0
[  357.721795][T18844]  tomoyo_encode2+0x100/0x3e0
[  357.721808][T18844]  tomoyo_encode+0x29/0x50
[  357.721823][T18844]  tomoyo_realpath_from_path+0x18f/0x6e0
[  357.721836][T18844]  ? tomoyo_profile+0x47/0x60
[  357.721850][T18844]  tomoyo_path_number_perm+0x245/0x580
[  357.721866][T18844]  ? tomoyo_path_number_perm+0x237/0x580
[  357.721884][T18844]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  357.721900][T18844]  ? find_held_lock+0x2b/0x80
[  357.721925][T18844]  ? find_held_lock+0x2b/0x80
[  357.721937][T18844]  ? hook_file_ioctl_common+0x145/0x410
[  357.721954][T18844]  ? __fget_files+0x20e/0x3c0
[  357.721967][T18844]  security_file_ioctl+0x9b/0x240
[  357.721979][T18844]  __x64_sys_ioctl+0xb7/0x210
[  357.721995][T18844]  do_syscall_64+0xcd/0xfa0
[  357.722006][T18844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.722016][T18844] RIP: 0033:0x7f577258f6c9
[  357.722025][T18844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.722036][T18844] RSP: 002b:00007f57734b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  357.722047][T18844] RAX: ffffffffffffffda RBX: 00007f57727e5fa0 RCX: 00007f577258f6c9
[  357.722053][T18844] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  357.722060][T18844] RBP: 00007f57734b9090 R08: 0000000000000000 R09: 0000000000000000
[  357.722066][T18844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.722072][T18844] R13: 00007f57727e6038 R14: 00007f57727e5fa0 R15: 00007fffa5a6b738
[  357.722085][T18844]  </TASK>
[  357.722096][T18844] ERROR: Out of memory at tomoyo_realpath_from_path.
[  357.786439][   T64] Bluetooth: hci1: command tx timeout
[  357.949673][T18870] netlink: 116 bytes leftover after parsing attributes in process `syz.4.4829'.
[  357.950576][T18864] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  357.953190][T18870] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4829'.
[  357.953576][T18870] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4829'.
[  357.999328][T18875] validate_nla: 28 callbacks suppressed
[  357.999339][T18875] netlink: 'syz.5.4832': attribute type 5 has an invalid length.
[  358.005460][   T64] Bluetooth: hci3: unexpected event for opcode 0x0804
[  358.052320][T18888] overlayfs: failed to resolve './file1': -2
[  358.139562][T18902] FAULT_INJECTION: forcing a failure.
[  358.139562][T18902] name failslab, interval 1, probability 0, space 0, times 0
[  358.145812][T18902] CPU: 0 UID: 0 PID: 18902 Comm: syz.2.4840 Not tainted syzkaller #0 PREEMPT(full) 
[  358.145835][T18902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.145846][T18902] Call Trace:
[  358.145852][T18902]  <TASK>
[  358.145860][T18902]  dump_stack_lvl+0x16c/0x1f0
[  358.145898][T18902]  should_fail_ex+0x512/0x640
[  358.145918][T18902]  ? fs_reclaim_acquire+0xae/0x150
[  358.145941][T18902]  should_failslab+0xc2/0x120
[  358.145962][T18902]  __kmalloc_noprof+0xdd/0x880
[  358.145986][T18902]  ? tomoyo_encode2+0x100/0x3e0
[  358.146011][T18902]  ? tomoyo_encode2+0x100/0x3e0
[  358.146045][T18902]  tomoyo_encode2+0x100/0x3e0
[  358.146069][T18902]  tomoyo_encode+0x29/0x50
[  358.146088][T18902]  tomoyo_realpath_from_path+0x18f/0x6e0
[  358.146110][T18902]  ? tomoyo_profile+0x47/0x60
[  358.146133][T18902]  tomoyo_path_number_perm+0x245/0x580
[  358.146160][T18902]  ? tomoyo_path_number_perm+0x237/0x580
[  358.146189][T18902]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  358.146218][T18902]  ? find_held_lock+0x2b/0x80
[  358.146263][T18902]  ? find_held_lock+0x2b/0x80
[  358.146284][T18902]  ? hook_file_ioctl_common+0x145/0x410
[  358.146312][T18902]  ? __fget_files+0x20e/0x3c0
[  358.146334][T18902]  security_file_ioctl+0x9b/0x240
[  358.146356][T18902]  __x64_sys_ioctl+0xb7/0x210
[  358.146382][T18902]  do_syscall_64+0xcd/0xfa0
[  358.146400][T18902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.146417][T18902] RIP: 0033:0x7f6e0478f6c9
[  358.146432][T18902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.146448][T18902] RSP: 002b:00007f6e056a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  358.146465][T18902] RAX: ffffffffffffffda RBX: 00007f6e049e5fa0 RCX: 00007f6e0478f6c9
[  358.146477][T18902] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  358.146487][T18902] RBP: 00007f6e056a2090 R08: 0000000000000000 R09: 0000000000000000
[  358.146498][T18902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.146508][T18902] R13: 00007f6e049e6038 R14: 00007f6e049e5fa0 R15: 00007ffd7ea70658
[  358.146534][T18902]  </TASK>
[  358.146678][T18902] ERROR: Out of memory at tomoyo_realpath_from_path.
[  358.285404][   T64] Bluetooth: hci3: unexpected event for opcode 0x0804
[  358.326766][T18912] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18912 comm=syz.1.4844
[  358.333123][T18912] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18912 comm=syz.1.4844
[  358.338215][T18912] netlink: 'syz.1.4844': attribute type 1 has an invalid length.
[  358.358623][T18912] bond3: (slave bridge3): making interface the new active one
[  358.361792][T18912] bond3: (slave bridge3): Enslaving as an active interface with an up link
[  358.460644][T18926] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4849'.
[  358.467661][T18926] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4849'.
[  358.517461][T18932] loop2: detected capacity change from 0 to 7
[  358.520763][T18932]  loop2: [POWERTEC] p1
[  358.522921][T18932] loop2: p1 start 1110023006 is beyond EOD, truncated
[  358.865076][T18973] netlink: 'syz.1.4865': attribute type 1 has an invalid length.
[  358.867571][T18973] netlink: 14436 bytes leftover after parsing attributes in process `syz.1.4865'.
[  358.874516][T18973] netlink: 'syz.1.4865': attribute type 30 has an invalid length.
[  358.897393][T18976] openvswitch: netlink: nsh attribute has 65512 unknown bytes.
[  358.900661][T18976] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  358.949785][T18985] netlink: 'syz.4.4869': attribute type 30 has an invalid length.
[  359.026141][T18997] : entered promiscuous mode
[  359.067739][T19008] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvtap0, syncid = 0, id = 0
[  359.113074][T19011] xfrm0 speed is unknown, defaulting to 1000
[  359.162658][T19022] netlink: 'syz.5.4877': attribute type 4 has an invalid length.
[  359.165254][T19022] netlink: 17 bytes leftover after parsing attributes in process `syz.5.4877'.
[  359.206321][T19011] lo speed is unknown, defaulting to 1000
[  359.285924][   T40] audit: type=1400 audit(359.193:22718): avc:  denied  { write } for  pid=19031 comm="syz.4.4883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  359.396433][   T64] Bluetooth: hci2: unexpected event for opcode 0x0804
[  359.661040][ T1472] usb 10-1: new low-speed USB device number 7 using dummy_hcd
[  359.822989][ T1472] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  359.825736][ T1472] usb 10-1: config 0 has no interface number 0
[  359.827803][ T1472] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  359.831481][ T1472] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  359.834799][ T1472] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  359.837750][ T1472] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.841824][ T1472] usb 10-1: config 0 descriptor??
[  359.844219][T19041] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  359.849706][ T1472] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  359.861185][   T64] Bluetooth: hci1: command tx timeout
[  360.010057][T19062] bridge0: entered promiscuous mode
[  360.049507][T19041] netlink: 'syz.5.4885': attribute type 4 has an invalid length.
[  360.088807][  T895] usb 10-1: USB disconnect, device number 7
[  360.471132][ T6020] usb 6-1: new low-speed USB device number 47 using dummy_hcd
[  360.515129][T19076] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19076 comm=syz.2.4898
[  360.622713][ T6020] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  360.626025][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  360.630839][ T6020] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  360.635755][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  360.640338][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  360.646485][ T6020] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  360.649585][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  360.654102][ T6020] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  360.658803][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  360.663691][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  360.669398][ T6020] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  360.673098][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  360.677557][ T6020] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  360.681433][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  360.685226][ T6020] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  360.692896][ T6020] usb 6-1: string descriptor 0 read error: -22
[  360.695660][ T6020] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  360.698605][ T6020] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.705076][ T6020] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  360.747064][T19085] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19085 comm=syz.5.4902
[  360.903475][T19095] "syz.5.4906" (19095) uses obsolete ecb(arc4) skcipher
[  360.924681][T19074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.927636][T19074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  361.185102][ T1472] usb 6-1: USB disconnect, device number 47
[  361.390017][T19103] cgroup: fork rejected by pids controller in /syz2
[  361.757769][T19155] __nla_validate_parse: 4 callbacks suppressed
[  361.757779][T19155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4910'.
[  361.951182][   T64] Bluetooth: hci1: command tx timeout
[  362.433965][T19188] loop2: detected capacity change from 0 to 7
[  362.437024][T19188]  loop2: [POWERTEC] p1
[  362.438875][T19188] loop2: p1 start 1110023006 is beyond EOD, truncated
[  362.661717][T19194] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  362.665040][T19193] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  362.665177][T19194] overlayfs: missing 'lowerdir'
[  362.668430][T19193] overlayfs: missing 'lowerdir'
[  362.673947][T19194] tmpfs: Unknown parameter 'usrquota^'
[  362.702854][T19193] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  362.947798][T19218] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4927'.
[  363.132815][T19240] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4934'.
[  363.249236][T19250] loop7: detected capacity change from 0 to 7
[  363.255548][T19242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4935'.
[  363.256445][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.263017][    C2] buffer_io_error: 6 callbacks suppressed
[  363.263028][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.268495][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.271834][   T40] audit: type=1326 audit(363.183:22719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19241 comm="syz.2.4935" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e0478f6c9 code=0x0
[  363.271841][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.281398][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.284820][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.288216][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.291153][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.295508][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.298370][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.301157][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.304196][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.306922][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.310638][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.314034][T19250] ldm_validate_partition_table(): Disk read failed.
[  363.316269][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.319653][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.323030][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.326241][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.329278][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  363.332383][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  363.335716][T19250] Dev loop7: unable to read RDB block 0
[  363.338740][T19250]  loop7: unable to read partition table
[  363.341499][T19250] loop7: partition table beyond EOD, truncated
[  363.344120][T19250] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  363.568267][T19262] netlink: 'syz.1.4941': attribute type 4 has an invalid length.
[  363.604530][T19265] loop2: detected capacity change from 0 to 7
[  363.607338][T19265]  loop2: [POWERTEC] p1
[  363.608902][T19265] loop2: p1 start 1110023006 is beyond EOD, truncated
[  363.886536][   T40] audit: type=1326 audit(363.793:22720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19268 comm="syz.1.4944" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f577258f6c9 code=0x0
[  364.021227][   T64] Bluetooth: hci1: command tx timeout
[  364.128451][T19276] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4946'.
[  364.132612][T19277] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4947'.
[  364.136179][T19277] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4947'.
[  364.463110][T19295] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.484206][T19296] tipc: Resetting bearer <eth:syzkaller0>
[  364.771625][T19305] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4958'.
[  364.776518][T19305] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4958'.
[  364.820825][T19308] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4959'.
[  365.723609][T19296] tipc: Disabling bearer <eth:syzkaller0>
[  365.774250][T19314] bridge0: entered allmulticast mode
[  365.958230][   T40] audit: type=1800 audit(365.863:22721): pid=19345 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.4973" name="bus" dev="tmpfs" ino=3306 res=0 errno=0
[  366.094548][T19347] could not open pipe file descriptor
[  366.110243][T19366] netlink: 'syz.4.4980': attribute type 18 has an invalid length.
[  366.113970][T19366] netlink: 'syz.4.4980': attribute type 18 has an invalid length.
[  366.141316][ T5976] libceph: connect (1)[c::]:6789 error -101
[  366.144330][ T5976] libceph: mon0 (1)[c::]:6789 connect error
[  366.249868][T19347] ceph: No mds server is up or the cluster is laggy
[  366.300450][T19390] netlink: 'syz.4.4987': attribute type 5 has an invalid length.
[  366.430018][T19404] loop2: detected capacity change from 0 to 7
[  366.434638][T19404]  loop2: [POWERTEC] p1
[  366.436621][T19404] loop2: p1 start 1110023006 is beyond EOD, truncated
[  366.468168][T19401] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  366.471459][T19401] overlayfs: missing 'lowerdir'
[  366.507262][T19409] usb 2-1: USB disconnect, device number 2
[  366.543712][T19409] hub 2-0:1.0: USB hub found
[  366.545906][T19409] hub 2-0:1.0: 6 ports detected
[  366.626603][ T5934] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  366.632562][ T5934] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  366.638403][ T5934] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  366.642051][ T5934] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  366.644945][ T5934] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  366.721105][ T1472] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  366.790998][T19415] xfrm0 speed is unknown, defaulting to 1000
[  366.905526][ T1472] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  366.909244][ T1472] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  366.913076][ T1472] usb 2-1: Product: QEMU USB Tablet
[  366.915659][ T1472] usb 2-1: Manufacturer: QEMU
[  366.917664][ T1472] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  366.948167][ T1472] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0020/input/input48
[  366.954073][T19415] lo speed is unknown, defaulting to 1000
[  366.960195][   T40] audit: type=1400 audit(366.863:22722): avc:  denied  { read } for  pid=5330 comm="acpid" name="mouse1" dev="devtmpfs" ino=3252 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  366.961888][ T1472] hid-generic 0003:0627:0001.0020: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  366.975074][   T40] audit: type=1400 audit(366.863:22723): avc:  denied  { open } for  pid=5330 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=3252 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  367.021274][   T40] audit: type=1400 audit(366.933:22724): avc:  denied  { ioctl } for  pid=5330 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=3252 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  367.183058][   T40] audit: type=1400 audit(367.083:22725): avc:  denied  { create } for  pid=19427 comm="syz.5.4999" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  367.222874][T19415] chnl_net:caif_netlink_parms(): no params data found
[  367.312841][T19415] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.315269][T19415] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.317651][T19415] bridge_slave_0: entered allmulticast mode
[  367.324819][T19415] bridge_slave_0: entered promiscuous mode
[  367.329453][T19415] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.332694][T19415] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.335009][T19415] bridge_slave_1: entered allmulticast mode
[  367.337870][T19415] bridge_slave_1: entered promiscuous mode
[  367.378610][T19415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  367.385595][T19415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  367.437044][T19415] team0: Port device team_slave_0 added
[  367.442618][T19415] team0: Port device team_slave_1 added
[  367.474239][T19415] batman_adv: batadv0: Adding interface: batadv_slave_0
[  367.476817][T19415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  367.487278][T19415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.487379][T19450] __nla_validate_parse: 11 callbacks suppressed
[  367.487388][T19450] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5003'.
[  367.493976][T19415] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.500143][T19415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  367.504588][T19450] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5003'.
[  367.511143][T19415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.578357][T19415] hsr_slave_0: entered promiscuous mode
[  367.581476][T19415] hsr_slave_1: entered promiscuous mode
[  367.584208][T19415] debugfs: 'hsr0' already exists in 'hsr'
[  367.586520][T19415] Cannot create hsr debugfs directory
[  367.646688][   T40] audit: type=1804 audit(367.553:22726): pid=19462 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.5006" name="bus" dev="ramfs" ino=102462 res=1 errno=0
[  367.664657][   T40] audit: type=1804 audit(367.563:22727): pid=19461 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.5006" name="bus" dev="ramfs" ino=102462 res=1 errno=0
[  367.741085][T19415] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.908545][T19415] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.063326][T19415] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.229244][T19415] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.352684][T19415] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  368.360710][T19415] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  368.376909][T19415] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  368.387980][T19415] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  368.446140][T19415] 8021q: adding VLAN 0 to HW filter on device bond0
[  368.456383][T19415] 8021q: adding VLAN 0 to HW filter on device team0
[  368.462139][T10947] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.465223][T10947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  368.483387][T10947] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.485690][T10947] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.608651][T19477] can: request_module (can-proto-4) failed.
[  368.640671][T19415] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.661113][ T5934] Bluetooth: hci4: command tx timeout
[  368.777242][T19495] o2cb: This node has not been configured.
[  368.779729][T19495] o2cb: Cluster check failed. Fix errors before retrying.
[  368.783231][T19495] (syz.5.5012,19495,0):user_dlm_register:674 ERROR: status = -22
[  368.786444][T19495] (syz.5.5012,19495,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  368.833359][T19415] veth0_vlan: entered promiscuous mode
[  368.844859][T19415] veth1_vlan: entered promiscuous mode
[  368.867033][T19415] veth0_macvtap: entered promiscuous mode
[  368.872326][T19415] veth1_macvtap: entered promiscuous mode
[  368.884436][T19415] batman_adv: batadv0: Interface activated: batadv_slave_0
[  368.892490][T19415] batman_adv: batadv0: Interface activated: batadv_slave_1
[  368.900010][T10947] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  368.905845][T10947] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  368.910788][T10947] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  368.914614][T10947] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  368.951086][ T5997] usb 7-1: new low-speed USB device number 27 using dummy_hcd
[  368.957708][T10942] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.961095][T10942] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.977466][T10942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.980477][T10942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  369.115264][ T5997] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  369.118547][ T5997] usb 7-1: config 0 has no interface number 0
[  369.121073][ T5997] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  369.125284][ T5997] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  369.129610][ T5997] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  369.134510][ T5997] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  369.135421][T19508] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5016'.
[  369.138141][ T5997] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  369.142427][T19508] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5016'.
[  369.145646][ T5997] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  369.155061][ T5997] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  369.158424][ T5997] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.165263][ T5997] usb 7-1: config 0 descriptor??
[  369.167943][T19488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  369.170737][T19488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  369.176170][ T5997] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  369.384559][ T5997] usb 7-1: USB disconnect, device number 27
[  369.389382][ T5997] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  369.391947][T19522] loop2: detected capacity change from 0 to 7
[  369.394698][T19522]  loop2: [POWERTEC] p1
[  369.396200][T19522] loop2: p1 start 1110023006 is beyond EOD, truncated
[  369.728581][T19538] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5026'.
[  369.735264][T19538] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5026'.
[  369.814338][T19551] loop2: detected capacity change from 0 to 7
[  369.816837][T19551]  loop2: [POWERTEC] p1
[  369.818392][T19551] loop2: p1 start 1110023006 is beyond EOD, truncated
[  370.727966][T19566] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5035'.
[  370.741399][ T5934] Bluetooth: hci4: command tx timeout
[  370.789906][T19572] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5038'.
[  370.794499][T19572] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5038'.
[  370.835533][T19575] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5039'.
[  371.067817][T19591] NILFS (loop1): device size too small
[  371.198797][T19596] SELinux: syz.1.5043 (19596) set checkreqprot to 1. This is no longer supported.
[  371.214166][   T40] audit: type=1400 audit(371.123:22728): avc:  denied  { accept } for  pid=19590 comm="syz.1.5043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  371.744702][T19584] syz.4.5044 (19584): drop_caches: 1
[  371.928945][T19607] loop2: detected capacity change from 0 to 7
[  371.933620][T19607]  loop2: [POWERTEC] p1
[  371.935110][T19607] loop2: p1 start 1110023006 is beyond EOD, truncated
[  371.970151][T19614] usb usb8: usbfs: process 19614 (syz.1.5053) did not claim interface 0 before use
[  372.050095][   T40] audit: type=1400 audit(371.953:22729): avc:  denied  { name_connect } for  pid=19623 comm="syz.5.5058" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  372.173045][  T895] usb 7-1: new low-speed USB device number 28 using dummy_hcd
[  372.346561][  T895] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  372.346589][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  372.346603][  T895] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  372.346615][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  372.346627][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  372.347643][  T895] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  372.368888][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  372.373252][  T895] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  372.373267][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  372.373280][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  372.376390][  T895] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  372.388592][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  372.392849][  T895] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  372.392873][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  372.392892][  T895] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  372.396582][  T895] usb 7-1: string descriptor 0 read error: -22
[  372.409554][  T895] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  372.409577][  T895] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.416491][  T895] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  372.638165][T19609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  372.638579][T19609] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  372.747598][T12681] usb 7-1: USB disconnect, device number 28
[  372.821571][ T5934] Bluetooth: hci4: command tx timeout
[  372.881633][T19659] comedi comedi0: Cannot bond this driver to itself!
[  373.059980][T19670] __nla_validate_parse: 4 callbacks suppressed
[  373.059997][T19670] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5071'.
[  373.172092][T19677] loop2: detected capacity change from 0 to 7
[  373.175373][T19677]  loop2: [POWERTEC] p1
[  373.175532][T19676] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  373.177283][T19677] loop2: p1 start 1110023006 is beyond EOD, truncated
[  373.221821][T19684] netlink: 68 bytes leftover after parsing attributes in process `syz.1.5075'.
[  373.234607][T19686] syzkaller1: entered promiscuous mode
[  373.236514][T19686] syzkaller1: entered allmulticast mode
[  373.245548][T19686] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5077'.
[  373.287190][   T40] audit: type=1804 audit(373.193:22730): pid=19688 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.5075" name="/newroot/590/file0" dev="tmpfs" ino=3337 res=1 errno=0
[  373.296461][   T40] audit: type=1800 audit(373.193:22731): pid=19688 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.5075" name="file0" dev="tmpfs" ino=3337 res=0 errno=0
[  373.393494][T19686] /dev/sr0: Can't open blockdev
[  373.509551][T19701] misc userio: Invalid payload size
[  373.562907][T19705] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5084'.
[  373.677190][T19709] loop2: detected capacity change from 0 to 7
[  373.680068][T19709]  loop2: [POWERTEC] p1
[  373.682098][T19709] loop2: p1 start 1110023006 is beyond EOD, truncated
[  373.759627][T19719] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5088'.
[  373.765610][T19719] binder: 19717:19719 ioctl 4018620d 0 returned -22
[  373.767931][T19719] binder: 19717:19719 ioctl c0306201 200000000240 returned -11
[  373.775909][   T40] audit: type=1400 audit(373.683:22732): avc:  denied  { setattr } for  pid=19717 comm="syz.1.5088" name="binder1" dev="binder" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  373.778170][T19719] netlink: 'syz.1.5088': attribute type 1 has an invalid length.
[  373.811970][T19720] netlink: 52 bytes leftover after parsing attributes in process `syz.4.5089'.
[  373.848388][T19721] vlan2: entered allmulticast mode
[  373.850621][T19721] veth1: entered allmulticast mode
[  373.931944][   T53] usb 7-1: new low-speed USB device number 29 using dummy_hcd
[  374.082424][   T53] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  374.085016][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  374.088435][   T53] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.092408][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  374.095849][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  374.100294][   T53] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  374.103232][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  374.106529][   T53] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.110418][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  374.115976][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  374.120439][   T53] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  374.123006][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  374.126310][   T53] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.130054][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  374.133761][   T53] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  374.139502][   T53] usb 7-1: string descriptor 0 read error: -22
[  374.141712][   T53] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  374.144511][   T53] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.151783][   T53] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  374.366328][T19711] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  374.369328][T19711] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  374.453045][ T1472] usb 7-1: USB disconnect, device number 29
[  374.683435][ T6874] tipc: Subscription rejected, illegal request
[  374.764951][T19742] tipc: Started in network mode
[  374.767206][T19742] tipc: Node identity 7f000001, cluster identity 4711
[  374.770396][T19742] tipc: Enabled bearer <udp:syz2>, priority 10
[  374.774177][T19742] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  374.777178][T19742] tipc: Enabled bearer <udp:syz0>, priority 10
[  374.901190][ T5934] Bluetooth: hci4: command tx timeout
[  375.021303][   T40] audit: type=1400 audit(374.933:22733): avc:  denied  { execute } for  pid=19743 comm="syz.4.5096" path="pipe:[105581]" dev="pipefs" ino=105581 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  375.082666][T19751] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31091 sclass=netlink_route_socket pid=19751 comm=syz.2.5099
[  375.088194][T19751] netlink: 'syz.2.5099': attribute type 29 has an invalid length.
[  375.092750][T19751] netlink: 'syz.2.5099': attribute type 29 has an invalid length.
[  375.096890][T19751] netlink: 500 bytes leftover after parsing attributes in process `syz.2.5099'.
[  375.220275][T19760] loop2: detected capacity change from 0 to 7
[  375.224000][T19760]  loop2: [POWERTEC] p1
[  375.225620][T19760] loop2: p1 start 1110023006 is beyond EOD, truncated
[  375.323308][T19765] syzkaller0: entered promiscuous mode
[  375.325636][T19765] syzkaller0: entered allmulticast mode
[  375.584032][T19777] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5110'.
[  375.587015][T19777] 0·: renamed from hsr0 (while UP)
[  375.593033][T19777] 0·: entered allmulticast mode
[  375.594692][T19777] hsr_slave_0: entered allmulticast mode
[  375.596597][T19777] hsr_slave_1: entered allmulticast mode
[  375.598998][T19777] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  375.635947][T19779] netlink: 'syz.5.5111': attribute type 1 has an invalid length.
[  375.766877][T19781] bond4: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  375.773304][T10942] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  375.773576][T19781] 8021q: adding VLAN 0 to HW filter on device bond4
[  375.801857][T19781] veth7: entered promiscuous mode
[  375.807543][T19781] bond4: (slave veth7): Enslaving as a backup interface with a down link
[  375.892129][ T6874] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  375.911352][T12681] tipc: Node number set to 2130706433
[  375.919065][T19739] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5094'.
[  376.244668][T19788] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5113'.
[  376.488760][   T64] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  376.495894][   T64] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  376.500133][   T64] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  376.504923][   T64] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  376.508384][   T64] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  376.548392][T19790] xfrm0 speed is unknown, defaulting to 1000
[  376.669501][T19790] lo speed is unknown, defaulting to 1000
[  376.703646][T19801] sp0: Synchronizing with TNC
[  376.706017][T19801] sp0: Found TNC
[  376.780204][T19800] [U] è`
[  376.883544][T19790] chnl_net:caif_netlink_parms(): no params data found
[  376.957848][T19790] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.961027][T19790] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.964138][T19790] bridge_slave_0: entered allmulticast mode
[  376.968100][T19790] bridge_slave_0: entered promiscuous mode
[  376.974487][T19790] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.977505][T19790] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.980546][T19790] bridge_slave_1: entered allmulticast mode
[  376.987940][T19790] bridge_slave_1: entered promiscuous mode
[  377.034884][ T6874] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  377.039391][ T6874] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.109946][T19790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  377.120183][T19790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  377.142732][ T6874] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  377.147192][ T6874] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.216303][T19790] team0: Port device team_slave_0 added
[  377.220719][T19790] team0: Port device team_slave_1 added
[  377.288629][ T6874] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  377.294639][ T6874] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.313676][T19790] batman_adv: batadv0: Adding interface: batadv_slave_0
[  377.316597][T19790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  377.328661][T19790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  377.335575][T19790] batman_adv: batadv0: Adding interface: batadv_slave_1
[  377.338465][T19790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  377.350393][T19790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  377.376720][ T6874] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  377.382316][ T6874] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.452676][T19790] hsr_slave_0: entered promiscuous mode
[  377.455806][T19790] hsr_slave_1: entered promiscuous mode
[  377.625647][ T6874] bridge_slave_1: left allmulticast mode
[  377.627902][ T6874] bridge_slave_1: left promiscuous mode
[  377.631516][ T6874] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.636433][ T6874] bridge_slave_0: left allmulticast mode
[  377.638917][ T6874] bridge_slave_0: left promiscuous mode
[  377.643408][ T6874] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.854529][ T6874] dvmrp0 (unregistering): left allmulticast mode
[  377.867650][ T6874] bond2 (unregistering): (slave geneve2): Releasing backup interface
[  378.159958][ T6874] bond3 (unregistering): (slave bridge3): Releasing active interface
[  378.223851][ T6874] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.229180][ T6874] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.234574][ T6874] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  378.240807][ T6874] bond0 (unregistering): Released all slaves
[  378.250010][ T6874] bond1 (unregistering): Released all slaves
[  378.258671][ T6874] bond2 (unregistering): Released all slaves
[  378.272023][ T6874] bond3 (unregistering): Released all slaves
[  378.283023][ T6874] bond4 (unregistering): Released all slaves
[  378.582034][   T64] Bluetooth: hci5: command tx timeout
[  378.793602][ T6874] hsr_slave_0: left promiscuous mode
[  378.796023][ T6874] hsr_slave_1: left promiscuous mode
[  378.840263][ T6874] veth1_to_batadv: left promiscuous mode
[  378.842646][ T6874] veth0_macvtap: left promiscuous mode
[  378.844552][ T6874] veth1_vlan: left promiscuous mode
[  378.846399][ T6874] veth0_vlan: left promiscuous mode
[  379.688157][ T6874] team0 (unregistering): Port device team_slave_1 removed
[  379.784224][ T6874] team0 (unregistering): Port device team_slave_0 removed
[  380.091512][T19848] __nla_validate_parse: 1 callbacks suppressed
[  380.091528][T19848] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5131'.
[  380.455931][T19834] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5126'.
[  380.461090][T19836] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5126'.
[  380.495141][T19790] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  380.502100][T19790] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  380.525248][T19790] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  380.530550][T19790] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  380.582479][T19790] 8021q: adding VLAN 0 to HW filter on device bond0
[  380.593496][T19790] 8021q: adding VLAN 0 to HW filter on device team0
[  380.599268][T10947] bridge0: port 1(bridge_slave_0) entered blocking state
[  380.601585][T10947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  380.608897][T10948] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.611201][T10948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  380.662711][   T64] Bluetooth: hci5: command tx timeout
[  380.708351][T19871] loop2: detected capacity change from 0 to 7
[  380.710762][T19871]  loop2: [POWERTEC] p1
[  380.712445][T19871] loop2: p1 start 1110023006 is beyond EOD, truncated
[  380.748336][T19790] 8021q: adding VLAN 0 to HW filter on device batadv0
[  380.789557][T19790] veth0_vlan: entered promiscuous mode
[  380.795211][T19790] veth1_vlan: entered promiscuous mode
[  380.818184][T19790] veth0_macvtap: entered promiscuous mode
[  380.824936][T19790] veth1_macvtap: entered promiscuous mode
[  380.827316][ T6874] IPVS: stop unused estimator thread 0...
[  380.840693][T19790] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.850192][T19790] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.860845][T10946] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.864427][T10946] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.869313][T10946] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.874340][T10942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.921868][T10946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.924923][T10946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.937734][T10946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.940271][T10946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.313929][T19884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5139'.
[  381.591381][T19907] loop2: detected capacity change from 0 to 7
[  381.594903][T18686]  loop2: [POWERTEC] p1
[  381.596721][T18686] loop2: p1 start 1110023006 is beyond EOD, truncated
[  381.601857][T19907]  loop2: [POWERTEC] p1
[  381.603765][T19907] loop2: p1 start 1110023006 is beyond EOD, truncated
[  381.706381][T19914] tipc: Enabled bearer <udp:syz2>, priority 10
[  381.708986][T19914] tipc: Enabled bearer <ib:ip6gretap0>, priority 8
[  381.959106][T19932] Cannot find add_set index 0 as target
[  381.993914][T19935] loop2: detected capacity change from 0 to 7
[  381.996367][T19935]  loop2: [POWERTEC] p1
[  381.998106][T19935] loop2: p1 start 1110023006 is beyond EOD, truncated
[  382.029497][   T40] audit: type=1400 audit(381.933:22734): avc:  denied  { write } for  pid=19936 comm="syz.2.5159" lport=30586 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  382.080672][T19937] xt_socket: unknown flags 0x20
[  382.222107][T19946] FAULT_INJECTION: forcing a failure.
[  382.222107][T19946] name failslab, interval 1, probability 0, space 0, times 0
[  382.226134][T19946] CPU: 1 UID: 0 PID: 19946 Comm: syz.2.5161 Not tainted syzkaller #0 PREEMPT(full) 
[  382.226149][T19946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  382.226155][T19946] Call Trace:
[  382.226170][T19946]  <TASK>
[  382.226174][T19946]  dump_stack_lvl+0x16c/0x1f0
[  382.226207][T19946]  should_fail_ex+0x512/0x640
[  382.226227][T19946]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  382.226245][T19946]  should_failslab+0xc2/0x120
[  382.226257][T19946]  kmem_cache_alloc_noprof+0x75/0x6e0
[  382.226272][T19946]  ? vm_area_dup+0x27/0x8d0
[  382.226288][T19946]  ? vm_area_dup+0x27/0x8d0
[  382.226301][T19946]  vm_area_dup+0x27/0x8d0
[  382.226315][T19946]  __split_vma+0x18e/0x1070
[  382.226331][T19946]  ? __pfx___split_vma+0x10/0x10
[  382.226344][T19946]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[  382.226367][T19946]  vms_gather_munmap_vmas+0x3aa/0x1340
[  382.226383][T19946]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  382.226399][T19946]  ? mas_walk+0x6f5/0x980
[  382.226418][T19946]  __mmap_region+0x434/0x27a0
[  382.226434][T19946]  ? __pfx___mmap_region+0x10/0x10
[  382.226452][T19946]  ? find_held_lock+0x2b/0x80
[  382.226469][T19946]  ? kernel_text_address+0x8d/0x100
[  382.226481][T19946]  ? __kernel_text_address+0xd/0x40
[  382.226492][T19946]  ? unwind_get_return_address+0x59/0xa0
[  382.226504][T19946]  ? arch_stack_walk+0xa6/0x100
[  382.226536][T19946]  ? __lock_acquire+0xb8a/0x1c90
[  382.226555][T19946]  mmap_region+0x32b/0x3f0
[  382.226572][T19946]  do_mmap+0xa3e/0x1210
[  382.226586][T19946]  ? __pfx_do_mmap+0x10/0x10
[  382.226597][T19946]  ? __pfx_down_write_killable+0x10/0x10
[  382.226611][T19946]  vm_mmap_pgoff+0x29e/0x470
[  382.226625][T19946]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  382.226638][T19946]  ? __fget_files+0x20e/0x3c0
[  382.226669][T19946]  ksys_mmap_pgoff+0x32c/0x5c0
[  382.226680][T19946]  ? __pfx_ksys_write+0x10/0x10
[  382.226692][T19946]  __x64_sys_mmap+0x125/0x190
[  382.226703][T19946]  do_syscall_64+0xcd/0xfa0
[  382.226714][T19946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.226725][T19946] RIP: 0033:0x7f6e0478f6c9
[  382.226734][T19946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.226744][T19946] RSP: 002b:00007f6e05681038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  382.226754][T19946] RAX: ffffffffffffffda RBX: 00007f6e049e6090 RCX: 00007f6e0478f6c9
[  382.226761][T19946] RDX: 0000000001000003 RSI: 0000000000003000 RDI: 0000200000000000
[  382.226767][T19946] RBP: 00007f6e05681090 R08: 0000000000000005 R09: 0000000000000000
[  382.226773][T19946] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[  382.226779][T19946] R13: 00007f6e049e6128 R14: 00007f6e049e6090 R15: 00007ffd7ea70658
[  382.226793][T19946]  </TASK>
[  382.651566][T19952] EXT4-fs (nbd1): unable to read superblock
[  382.741229][   T64] Bluetooth: hci5: command tx timeout
[  382.786273][T19959] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5167'.
[  382.794025][T19959] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5167'.
[  382.804987][T19961] syz_tun: entered allmulticast mode
[  382.808900][T19961] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«=
[  382.853762][T19964] bridge0: entered promiscuous mode
[  382.860279][T19960] [U] J"—E:ÀÆ"


[  382.867949][T19960] syz_tun: left allmulticast mode
[  383.353489][T19986] random: crng reseeded on system resumption
[  383.354064][T19984] sp0: Synchronizing with TNC
[  383.364928][T19986] Unrecognized hibernate image header format!
[  383.367153][T19986] PM: hibernation: Image mismatch: architecture specific data
[  383.418820][T19980] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  383.470902][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  383.645135][T19999] xfs: Unknown parameter 'grpquota'
[  383.713935][T20006] FAULT_INJECTION: forcing a failure.
[  383.713935][T20006] name failslab, interval 1, probability 0, space 0, times 0
[  383.717820][T20006] CPU: 3 UID: 0 PID: 20006 Comm: syz.2.5184 Not tainted syzkaller #0 PREEMPT(full) 
[  383.717834][T20006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  383.717845][T20006] Call Trace:
[  383.717849][T20006]  <TASK>
[  383.717853][T20006]  dump_stack_lvl+0x16c/0x1f0
[  383.717872][T20006]  should_fail_ex+0x512/0x640
[  383.717884][T20006]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  383.717902][T20006]  should_failslab+0xc2/0x120
[  383.717914][T20006]  kmem_cache_alloc_noprof+0x75/0x6e0
[  383.717928][T20006]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  383.717942][T20006]  ? mas_preallocate+0xe6a/0x11f0
[  383.717954][T20006]  ? mas_preallocate+0xe6a/0x11f0
[  383.717963][T20006]  mas_preallocate+0xe6a/0x11f0
[  383.717976][T20006]  ? __pfx_mas_preallocate+0x10/0x10
[  383.717985][T20006]  ? rcu_is_watching+0x12/0xc0
[  383.718002][T20006]  ? anon_vma_name+0x81/0x2f0
[  383.718017][T20006]  __split_vma+0x34a/0x1070
[  383.718033][T20006]  ? __pfx___split_vma+0x10/0x10
[  383.718046][T20006]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[  383.718069][T20006]  vms_gather_munmap_vmas+0x3aa/0x1340
[  383.718086][T20006]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  383.718103][T20006]  ? mas_walk+0x6f5/0x980
[  383.718121][T20006]  __mmap_region+0x434/0x27a0
[  383.718138][T20006]  ? __pfx___mmap_region+0x10/0x10
[  383.718156][T20006]  ? find_held_lock+0x2b/0x80
[  383.718173][T20006]  ? kernel_text_address+0x8d/0x100
[  383.718185][T20006]  ? __kernel_text_address+0xd/0x40
[  383.718196][T20006]  ? unwind_get_return_address+0x59/0xa0
[  383.718209][T20006]  ? arch_stack_walk+0xa6/0x100
[  383.718240][T20006]  ? __lock_acquire+0xb8a/0x1c90
[  383.718259][T20006]  mmap_region+0x32b/0x3f0
[  383.718277][T20006]  do_mmap+0xa3e/0x1210
[  383.718291][T20006]  ? __pfx_do_mmap+0x10/0x10
[  383.718303][T20006]  ? __pfx_down_write_killable+0x10/0x10
[  383.718318][T20006]  vm_mmap_pgoff+0x29e/0x470
[  383.718332][T20006]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  383.718346][T20006]  ? __fget_files+0x20e/0x3c0
[  383.718359][T20006]  ksys_mmap_pgoff+0x32c/0x5c0
[  383.718370][T20006]  ? __pfx_ksys_write+0x10/0x10
[  383.718382][T20006]  __x64_sys_mmap+0x125/0x190
[  383.718393][T20006]  do_syscall_64+0xcd/0xfa0
[  383.718404][T20006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.718414][T20006] RIP: 0033:0x7f6e0478f6c9
[  383.718423][T20006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.718432][T20006] RSP: 002b:00007f6e05681038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  383.718443][T20006] RAX: ffffffffffffffda RBX: 00007f6e049e6090 RCX: 00007f6e0478f6c9
[  383.718449][T20006] RDX: 0000000001000003 RSI: 0000000000003000 RDI: 0000200000000000
[  383.718456][T20006] RBP: 00007f6e05681090 R08: 0000000000000005 R09: 0000000000000000
[  383.718462][T20006] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[  383.718468][T20006] R13: 00007f6e049e6128 R14: 00007f6e049e6090 R15: 00007ffd7ea70658
[  383.718481][T20006]  </TASK>
[  384.044026][T20017] 9pnet: Could not find request transport: vm
[  384.046262][T20016] 9pnet: Could not find request transport: vm
[  384.067220][T20017] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5188'.
[  384.075458][T20017] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  384.077899][T20017] team0: Device ipvlan2 is already an upper device of the team interface
[  384.232848][T20025] binder: 20024:20025 ioctl c0306201 200000000040 returned -14
[  384.248155][T20025] binder: 20024:20025 ioctl 8048ae66 200000000240 returned -22
[  384.274035][T20025] binder: 20024:20025 ioctl ae80 0 returned -22
[  384.422990][T20027] netlink: 'syz.5.5190': attribute type 2 has an invalid length.
[  384.425528][T20027] netlink: 68 bytes leftover after parsing attributes in process `syz.5.5190'.
[  384.577670][T20043] input: syz0 as /devices/virtual/input/input50
[  384.590559][   T40] audit: type=1400 audit(384.493:22735): avc:  denied  { setattr } for  pid=20042 comm="syz.5.5196" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  384.594897][T20043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  384.757637][T20058] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5199'.
[  384.831246][   T64] Bluetooth: hci5: command tx timeout
[  385.004549][T20068] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5202'.
[  385.205359][T20081] loop2: detected capacity change from 0 to 7
[  385.208205][T20081]  loop2: [POWERTEC] p1
[  385.209658][T20081] loop2: p1 start 1110023006 is beyond EOD, truncated
[  385.232126][T20083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5208'.
[  385.259287][T20087] can0: slcan on ttyprintk.
[  385.321881][T20084] can0 (unregistered): slcan off ttyprintk.
[  385.598891][T20114] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5219'.
[  385.627431][T20117] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5220'.
[  385.637291][T20117] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5220'.
[  385.888621][T20130] FAULT_INJECTION: forcing a failure.
[  385.888621][T20130] name failslab, interval 1, probability 0, space 0, times 0
[  385.894042][T20130] CPU: 2 UID: 0 PID: 20130 Comm: syz.1.5225 Not tainted syzkaller #0 PREEMPT(full) 
[  385.894065][T20130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  385.894076][T20130] Call Trace:
[  385.894099][T20130]  <TASK>
[  385.894108][T20130]  dump_stack_lvl+0x16c/0x1f0
[  385.894153][T20130]  should_fail_ex+0x512/0x640
[  385.894181][T20130]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  385.894209][T20130]  should_failslab+0xc2/0x120
[  385.894230][T20130]  kmem_cache_alloc_noprof+0x75/0x6e0
[  385.894256][T20130]  ? vm_area_alloc+0x1f/0x160
[  385.894284][T20130]  ? vm_area_alloc+0x1f/0x160
[  385.894305][T20130]  vm_area_alloc+0x1f/0x160
[  385.894327][T20130]  __mmap_region+0xf85/0x27a0
[  385.894356][T20130]  ? __pfx___mmap_region+0x10/0x10
[  385.894386][T20130]  ? find_held_lock+0x2b/0x80
[  385.894417][T20130]  ? kernel_text_address+0x8d/0x100
[  385.894482][T20130]  ? __lock_acquire+0xb8a/0x1c90
[  385.894516][T20130]  mmap_region+0x32b/0x3f0
[  385.894546][T20130]  do_mmap+0xa3e/0x1210
[  385.894570][T20130]  ? __pfx_do_mmap+0x10/0x10
[  385.894597][T20130]  ? __pfx_down_write_killable+0x10/0x10
[  385.894641][T20130]  vm_mmap_pgoff+0x29e/0x470
[  385.894667][T20130]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  385.894692][T20130]  ? __fget_files+0x20e/0x3c0
[  385.894714][T20130]  ksys_mmap_pgoff+0x32c/0x5c0
[  385.894734][T20130]  ? __pfx_ksys_write+0x10/0x10
[  385.894754][T20130]  __x64_sys_mmap+0x125/0x190
[  385.894775][T20130]  do_syscall_64+0xcd/0xfa0
[  385.894795][T20130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.894813][T20130] RIP: 0033:0x7f062498f6c9
[  385.894829][T20130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.894846][T20130] RSP: 002b:00007f0625822038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  385.894863][T20130] RAX: ffffffffffffffda RBX: 00007f0624be6090 RCX: 00007f062498f6c9
[  385.894876][T20130] RDX: 0000000001000003 RSI: 0000000000003000 RDI: 0000200000000000
[  385.894886][T20130] RBP: 00007f0625822090 R08: 0000000000000005 R09: 0000000000000000
[  385.894897][T20130] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[  385.894909][T20130] R13: 00007f0624be6128 R14: 00007f0624be6090 R15: 00007ffe048a5a28
[  385.894934][T20130]  </TASK>
[  386.029681][T20132] overlayfs: conflicting options: nfs_export=on,index=off
[  386.076084][T20134] netlink: 'syz.5.5227': attribute type 1 has an invalid length.
[  386.119025][T20134] 8021q: adding VLAN 0 to HW filter on device bond7
[  386.124398][T20134] bond6: (slave bond7): making interface the new active one
[  386.127892][T20134] bond6: (slave bond7): Enslaving as an active interface with an up link
[  386.135964][T20134] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5227'.
[  386.143233][T20134] bond6 (unregistering): (slave bond7): Releasing backup interface
[  386.148884][T20134] bond6 (unregistering): Released all slaves
[  386.173848][T20138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5228'.
[  386.555513][T20159] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.560718][T20159] batadv_slave_0: entered promiscuous mode
[  386.563658][T20159] batadv_slave_0: entered allmulticast mode
[  386.587977][T20163] netlink: 'syz.5.5238': attribute type 11 has an invalid length.
[  386.592512][T20163] netlink: 'syz.5.5238': attribute type 11 has an invalid length.
[  386.595759][T20163] netlink: 204 bytes leftover after parsing attributes in process `syz.5.5238'.
[  386.602306][T20163] netlink: 'syz.5.5238': attribute type 1 has an invalid length.
[  386.638136][T20163] 8021q: adding VLAN 0 to HW filter on device bond6
[  386.727618][T20176] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5242'.
[  386.804199][T20184] netlink: 68 bytes leftover after parsing attributes in process `syz.5.5245'.
[  387.025506][   T64] block nbd0: Receive control failed (result -32)
[  387.059391][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.062471][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.065678][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.068590][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.072619][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.075978][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.079179][T20200] netlink: 'syz.5.5252': attribute type 3 has an invalid length.
[  387.129565][T20207] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  387.277954][T20216] /dev/nullb0: Can't open blockdev
[  387.580409][T20230] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20230 comm=syz.2.5264
[  387.580876][T20231] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20231 comm=syz.2.5264
[  387.614824][T20233] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5265'.
[  387.759525][ T6874] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.861607][ T6874] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.946178][ T6874] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.957937][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.961119][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.965511][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.969136][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.976037][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.980090][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.984487][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.988543][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.994754][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  387.998825][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  388.002983][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  388.006640][ T5934] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  388.006946][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  388.012795][ T5934] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  388.013435][T20248] program syz.5.5273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  388.016786][ T5934] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  388.025360][ T5934] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  388.028982][ T5934] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  388.037504][ T6874] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.062464][T20249] xfrm0 speed is unknown, defaulting to 1000
[  388.157301][ T6874] bridge_slave_1: left allmulticast mode
[  388.159110][ T6874] bridge_slave_1: left promiscuous mode
[  388.161392][ T6874] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.166007][ T6874] bridge_slave_0: left allmulticast mode
[  388.167734][ T6874] bridge_slave_0: left promiscuous mode
[  388.169541][ T6874] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.233247][   T40] audit: type=1400 audit(388.143:22736): avc:  denied  { bind } for  pid=20259 comm="syz.5.5277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  388.286291][T20260] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  388.460325][ T6874] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  388.465488][ T6874] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  388.469424][ T6874] bond0 (unregistering): Released all slaves
[  388.481239][T20249] lo speed is unknown, defaulting to 1000
[  388.615088][T20273] usb 2-1: USB disconnect, device number 3
[  388.636215][T20273] hub 2-0:1.0: USB hub found
[  388.637926][T20273] hub 2-0:1.0: 6 ports detected
[  388.675725][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.679586][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.691583][T12681] usb usb2-port1: Cannot enable. Maybe the USB cable is bad?
[  388.695232][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.697725][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.700069][T12681] usb usb2-port1: Cannot enable. Maybe the USB cable is bad?
[  388.703288][T12681] usb usb2-port1: attempt power cycle
[  388.723408][T20249] chnl_net:caif_netlink_parms(): no params data found
[  388.781842][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.784936][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.787478][T12681] usb usb2-port1: Cannot enable. Maybe the USB cable is bad?
[  388.795293][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.798030][T12681] usb usb2-port1: cannot reset (err = -32)
[  388.804834][T12681] usb usb2-port1: Cannot enable. Maybe the USB cable is bad?
[  388.811077][T12681] usb usb2-port1: unable to enumerate USB device
[  388.885906][T20249] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.889267][T20249] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.892694][T20249] bridge_slave_0: entered allmulticast mode
[  388.896684][T20249] bridge_slave_0: entered promiscuous mode
[  388.901625][T20249] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.904752][T20249] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.907944][T20249] bridge_slave_1: entered allmulticast mode
[  388.922528][T20249] bridge_slave_1: entered promiscuous mode
[  389.075353][T20249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.079979][T20249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.081328][ T1954] usb 1-1: new full-speed USB device number 2 using uhci_hcd
[  389.098089][ T6874] hsr_slave_0: left promiscuous mode
[  389.102084][ T6874] hsr_slave_1: left promiscuous mode
[  389.104326][ T6874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.106596][ T6874] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.117217][ T6874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.119454][ T6874] batman_adv: batadv0: Removing interface: batadv_slave_1
[  389.150769][ T6874] veth1_macvtap: left promiscuous mode
[  389.152886][ T6874] veth0_macvtap: left promiscuous mode
[  389.154701][ T6874] veth1_vlan: left promiscuous mode
[  389.156458][ T6874] veth0_vlan: left promiscuous mode
[  389.232360][  T895] ------------[ cut here ]------------
[  389.234656][  T895] workqueue: cannot queue hci_conn_timeout on wq hci2
[  389.236991][  T895] WARNING: CPU: 2 PID: 895 at kernel/workqueue.c:2257 __queue_work+0xd03/0x1160
[  389.240487][  T895] Modules linked in:
[  389.242332][  T895] CPU: 2 UID: 0 PID: 895 Comm: kworker/2:2 Not tainted syzkaller #0 PREEMPT(full) 
[  389.247559][  T895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.251771][  T895] Workqueue: events l2cap_chan_timeout
[  389.254024][  T895] RIP: 0010:__queue_work+0xd03/0x1160
[  389.256256][  T895] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 20 27 8c 8b e8 1e 15 f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 9f e2 38 00 90 0f 0b 90 e9 b4 f5 ff
[  389.264203][  T895] RSP: 0018:ffffc90004d67a38 EFLAGS: 00010086
[  389.266745][  T895] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817b2cd8
[  389.270049][  T895] RDX: ffff888026662480 RSI: ffffffff817b2ce5 RDI: 0000000000000001
[  389.273397][  T895] RBP: ffff8880626bc948 R08: 0000000000000001 R09: 0000000000000000
[  389.276680][  T895] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  389.279916][  T895] R13: ffff88803f478000 R14: ffff8880626bc990 R15: ffff88803f478178
[  389.283073][  T895] FS:  0000000000000000(0000) GS:ffff8880d6c08000(0000) knlGS:0000000000000000
[  389.286361][  T895] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  389.288780][  T895] CR2: 000000110c345957 CR3: 000000002ae73000 CR4: 0000000000352ef0
[  389.291627][  T895] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  389.294128][  T895] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  389.296636][  T895] Call Trace:
[  389.297705][  T895]  <TASK>
[  389.298721][  T895]  ? __cancel_work+0x2c8/0x370
[  389.300289][  T895]  ? clear_pending_if_disabled+0xa8/0x210
[  389.302091][  T895]  ? __pfx_clear_pending_if_disabled+0x10/0x10
[  389.304244][  T895]  __queue_delayed_work+0x35b/0x460
[  389.305837][  T895]  queue_delayed_work_on+0x1b5/0x200
[  389.307566][  T895]  l2cap_chan_del+0x5a0/0x8f0
[  389.309084][  T895]  l2cap_chan_close+0xfe/0xa30
[  389.310626][  T895]  ? __pfx_l2cap_chan_close+0x10/0x10
[  389.312325][  T895]  l2cap_chan_timeout+0x196/0x310
[  389.313943][  T895]  process_one_work+0x9cf/0x1b70
[  389.315546][  T895]  ? __pfx_process_one_work+0x10/0x10
[  389.317256][  T895]  ? assign_work+0x1a0/0x250
[  389.318686][  T895]  worker_thread+0x6c8/0xf10
[  389.320116][  T895]  ? __kthread_parkme+0x19e/0x250
[  389.321745][  T895]  ? __pfx_worker_thread+0x10/0x10
[  389.323361][  T895]  kthread+0x3c5/0x780
[  389.324654][  T895]  ? __pfx_kthread+0x10/0x10
[  389.326129][  T895]  ? rcu_is_watching+0x12/0xc0
[  389.327656][  T895]  ? __pfx_kthread+0x10/0x10
[  389.329088][  T895]  ret_from_fork+0x675/0x7d0
[  389.330536][  T895]  ? __pfx_kthread+0x10/0x10
[  389.332034][  T895]  ret_from_fork_asm+0x1a/0x30
[  389.333572][  T895]  </TASK>
[  389.334529][  T895] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  389.336778][  T895] CPU: 2 UID: 0 PID: 895 Comm: kworker/2:2 Not tainted syzkaller #0 PREEMPT(full) 
[  389.339651][  T895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.342955][  T895] Workqueue: events l2cap_chan_timeout
[  389.344645][  T895] Call Trace:
[  389.345699][  T895]  <TASK>
[  389.346644][  T895]  dump_stack_lvl+0x3d/0x1f0
[  389.348121][  T895]  vpanic+0x640/0x6f0
[  389.349391][  T895]  ? __queue_work+0xd03/0x1160
[  389.350885][  T895]  panic+0xca/0xd0
[  389.352060][  T895]  ? __pfx_panic+0x10/0x10
[  389.353466][  T895]  ? check_panic_on_warn+0x1f/0xb0
[  389.355069][  T895]  check_panic_on_warn+0xab/0xb0
[  389.356628][  T895]  __warn+0xf6/0x3c0
[  389.357855][  T895]  ? __queue_work+0xd03/0x1160
[  389.359399][  T895]  report_bug+0x3c3/0x580
[  389.360804][  T895]  ? __queue_work+0xd03/0x1160
[  389.362302][  T895]  handle_bug+0x184/0x210
[  389.363689][  T895]  exc_invalid_op+0x17/0x50
[  389.365120][  T895]  asm_exc_invalid_op+0x1a/0x20
[  389.366617][  T895] RIP: 0010:__queue_work+0xd03/0x1160
[  389.368278][  T895] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 20 27 8c 8b e8 1e 15 f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 9f e2 38 00 90 0f 0b 90 e9 b4 f5 ff
[  389.374012][  T895] RSP: 0018:ffffc90004d67a38 EFLAGS: 00010086
[  389.375984][  T895] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817b2cd8
[  389.378501][  T895] RDX: ffff888026662480 RSI: ffffffff817b2ce5 RDI: 0000000000000001
[  389.381017][  T895] RBP: ffff8880626bc948 R08: 0000000000000001 R09: 0000000000000000
[  389.383471][  T895] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  389.385914][  T895] R13: ffff88803f478000 R14: ffff8880626bc990 R15: ffff88803f478178
[  389.388453][  T895]  ? __warn_printk+0x198/0x350
[  389.390011][  T895]  ? __warn_printk+0x1a5/0x350
[  389.391544][  T895]  ? __queue_work+0xd02/0x1160
[  389.393061][  T895]  ? __cancel_work+0x2c8/0x370
[  389.394564][  T895]  ? clear_pending_if_disabled+0xa8/0x210
[  389.396378][  T895]  ? __pfx_clear_pending_if_disabled+0x10/0x10
[  389.398324][  T895]  __queue_delayed_work+0x35b/0x460
[  389.400002][  T895]  queue_delayed_work_on+0x1b5/0x200
[  389.401680][  T895]  l2cap_chan_del+0x5a0/0x8f0
[  389.403215][  T895]  l2cap_chan_close+0xfe/0xa30
[  389.404738][  T895]  ? __pfx_l2cap_chan_close+0x10/0x10
[  389.406448][  T895]  l2cap_chan_timeout+0x196/0x310
[  389.408058][  T895]  process_one_work+0x9cf/0x1b70
[  389.409612][  T895]  ? __pfx_process_one_work+0x10/0x10
[  389.411317][  T895]  ? assign_work+0x1a0/0x250
[  389.412742][  T895]  worker_thread+0x6c8/0xf10
[  389.414222][  T895]  ? __kthread_parkme+0x19e/0x250
[  389.415809][  T895]  ? __pfx_worker_thread+0x10/0x10
[  389.417384][  T895]  kthread+0x3c5/0x780
[  389.418689][  T895]  ? __pfx_kthread+0x10/0x10
[  389.420161][  T895]  ? rcu_is_watching+0x12/0xc0
[  389.421685][  T895]  ? __pfx_kthread+0x10/0x10
[  389.423173][  T895]  ret_from_fork+0x675/0x7d0
[  389.424660][  T895]  ? __pfx_kthread+0x10/0x10
[  389.426203][  T895]  ret_from_fork_asm+0x1a/0x30
[  389.428233][  T895]  </TASK>
[  389.430311][  T895] Kernel Offset: disabled
[  389.432153][  T895] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:50:12  Registers:
info registers vcpu 0

CPU#0
RAX=ffff88806a4332a8 RBX=ffff88806a4332a8 RCX=0000000000000002 RDX=0000000000000000
RSI=ffffffff8bf07040 RDI=ffffffff8dcd5ee0 RBP=0000000000000000 RSP=ffffc900264bf630
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=000000000000a7f6
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81a1c953 RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2de5dc CR3=000000002ae73000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc73bfb0f0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb4813050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb481305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb4813057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb481306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb48130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb48131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffed10038f5819 RBX=ffffed10038f581a RCX=ffffffff8461d114 RDX=ffffed10038f581a
RSI=0000000000000008 RDI=ffff88801c7ac0c8 RBP=ffffed10038f5819 RSP=ffffc90003ed7bc0
R8 =0000000000000000 R9 =ffffed10038f5819 R10=ffff88801c7ac0cf R11=0000000000000001
R12=ffffc90003ed7ca0 R13=ffff88801c7ac0b0 R14=00000000000000fe R15=0000000000000000
RIP=ffffffff82258119 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555905e0500 ffffffff 00c00000
GS =0000 ffff8880d6b08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001180 CR3=00000000630b7000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000020081 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdbe736bb0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f28e2613050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f28e261305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f28e2613057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f28e261306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f28e26130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f28e26131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000d8
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff852963f0 RDI=ffffffff9add8780 RBP=ffffffff9add8740 RSP=ffffc90004d67348
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35bb142 R15=dffffc0000000000
RIP=ffffffff85296417 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6c08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c345957 CR3=000000002ae73000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc73bfb0f0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb4813050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb481305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb4813057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb481306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb48130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7cb48131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff88806a642700 RCX=ffffffff81b0ec11 RDX=0000000000000001
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc90005827630
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=ffffed100d4c84e1 R14=0000000000000001 R15=0000000000000002
RIP=ffffffff81bcf41a RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6d08000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3285ba CR3=0000000044dd5000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7ea709e0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e04813050
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e0481305d
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e04813057
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e0481306b
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e048130f1
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e048131cf
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000