last executing test programs:

37.045843672s ago: executing program 3 (id=1393):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000800000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000100000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

36.92733657s ago: executing program 3 (id=1394):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0xf8, 0x3c, 0x107, 0x0, 0x4000, {0x1, 0x7c}, [@nested={0x10, 0xfc, 0x0, 0x1, [@typed={0xc, 0x5, 0x0, 0x0, @u64=0x8}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xb4, 0x2, 0x0, 0x1, [@typed={0xad, 0xce, 0x0, 0x0, @binary="c3d28e9ae0913c3c4cdde2ec6a36ac681df060497dffaec2326fa9da216f45c39801a0518c93a3cf43b12dcf3a0b0b805bfe82251da33447c253b548fd1f54b768c97fbf86ed5cfce340bb4d988e646a0222f5c51def3727ddc6f04aa4fa5c7dc112a4ef4b143c1d1394b4ff80cf2f0e44e2db5eea11ca5d9caefec59423d2e9aa5849674892bdb25f0d0a2d7b4980ea21e63f7defe1395c072e00178a80a41c4673d7025b2e2e3b68"}]}, @typed={0x14, 0x7, 0x0, 0x0, @ipv6=@empty}]}, 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

36.855420462s ago: executing program 3 (id=1397):
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2800, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0xd22, 0x529981)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x3b7600)
ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f0000000200)={0x15})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup(r3, &(0x7f0000000080)='syz0\x00', 0x1ff)
openat$cgroup(r3, &(0x7f0000000280)='syz0\x00', 0x200002, 0x0)
syz_usb_connect(0x1, 0xdd, &(0x7f0000000440)=ANY=[@ANYBLOB="12010102ea1f2640f208f400147c010203010902cb00010eb290060904d702026c14eb120c24020200000400048017d410240202080001000300f65d51b0a50b07240147000100090500000002fe050007250102090900072401028208000905800200040101067624b7f2f3fd4fd44abc5909537c459c2e531d4a5e7af6b14dbbac341582d3674921b663e5d5deb6ee50124b71d62324e8441f22fd3177180eec2c628e96b90abaa121c07ac2892f816de7cd3c510ac00b4a11429c5473f19b90e01b29cc2c4d43bf7e317e0fbec93c182cf3ee1e2b76b77deab7524c0edc704659c332c129a1fb9a90f0b4f64a83ee436420d4398e39e7a97a54b35c88515ae9b237d8ee1faf5b0c002c538d1c3cde7f3c"], &(0x7f0000000400)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x200, 0xf, 0x8, 0x7f, 0x8}, 0x3b, &(0x7f0000000240)={0x5, 0xf, 0x3b, 0x5, [@ssp_cap={0x14, 0x10, 0xa, 0x1, 0x2, 0x10000, 0xf000, 0xff, [0xff3fc0, 0x3fc0]}, @wireless={0xb, 0x10, 0x1, 0x8, 0xac, 0x0, 0x0, 0x6, 0x7e}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x5, 0x7, 0xfffd}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xe, 0x7, 0x5}, @ptm_cap={0x3}]}, 0x1, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x422}}]})
r4 = openat$cgroup_type(r3, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000140), 0x9)
write$cgroup_type(r4, &(0x7f0000000100), 0x9)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000180)={0x0, 0x0, 0x6, 0xbf8b, 0x4f6})

33.77697802s ago: executing program 3 (id=1466):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x149400, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xd0)
ftruncate(0xffffffffffffffff, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000240)={{0x1, 0x1, 0x18, r1, {0x83}}, './file0\x00'})
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
read$FUSE(r1, &(0x7f00000029c0)={0x2020, 0x0, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r4=>r1, {<r5=>r2, r3}}, './file1\x00'})
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r6, 0x84, 0x6d, &(0x7f0000001940)=""/4107, &(0x7f0000001040)=0x100b)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r8 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
r9 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r8, r9, r9}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={'sha1-generic\x00'}})
read$FUSE(r4, &(0x7f000000c3c0)={0x2020, 0x0, <r10=>0x0, <r11=>0x0, <r12=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f00000001c0)={0x50, 0x0, r10, {0x7, 0x1f, 0x0, 0x0, 0x0, 0x401, 0x100, 0x400008, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f00000021c0)="388219d25a8985d3a909841c8e956469a15e906a4fad26298b696426a81fcf0d6134c5dfa3dac33b6ea4c5d859c2e1333584935ed9d80c184939089e0cb436417aef5dcfb0c878732c6827d278c2910d390115e202c3162f4711bda810555b179a84d7df9f870f6c7510312f0255ce1bef6e875780543aaaebfbdf8208ee5dfd0de60437108b819a35569013870ba0bd0700000000000000c69ac3d0f174042b37d31f7821f65636376ab7bac88a99fc39c60286cac8d3edb5ac4c768a68a43fc77a52adea3b7397aaa2433cad989958c9a6118c72006208f95199efe7d08508913b00711053120551466066562c00005c6fdb9693ae6c2dc5fa839b808b8789cb1f88514918a6aa1d1a76eb131ebf84a0edaa97fbbcff14101f79a159222f4b4f31942f18bd6f1d393d3e298803a8435d214fe2f7bb31e02e2a75370bffa78d6752c8a6221b50162f7ec7174c258e4b65bf2797b4f7b7fec7488a0675990a075f7ec74b93fd845a6a9e12b0baeda5c81ce23be3b4cc15b493d4b9ae40736c55fcb8266f33760fd09c80bee60e1d5269770dd67c34d6c7ee57d67558f6421b3002c66df981a3114be6e62d4ff999c7985aa767f0a073eb499257c7b1b977f18dfae99f3be0664bb0c0d96fe4f3b1df5d904744570d01b517cccdbf17dada77ad37099ff69c040c0826cb23a80391f341749f2c21c32b5977b796b6af2d7194f1af44f2e0a84bf102b28dff97fa723c6792e16807939429c921dcd26d375fe58c59bb76e3d5227a5c4e2331337c3592a7d84ac45b1bd268a9d66fc2fd03aa23a7bcd7ab711c4fca2958883260b5d5741b145717012d4aa15f2d49b54660a46ec7cd7f9181213acb61074c65189bda02ac65f0e916f9b9260fc4cfc4bad08afb07fde1c2dfbe7807835958ac127021a7a2da901700483f8e5809a51fcb9a455fcc58d4dd8745ad4af3567fa9ee1b8750543117a970bd98d2595da38f3ea455b1611d32870677b0e0605ac387ca068892e1fb81411f901a1137ab9f5b78d350aeec44957e54e28f9ceb6d5ce046237b979ce4f7e7211167a6d3a1e99b151c08bc2a1593174e18196290e16e517e3ac66dceb7b1cabca97c38a6aefe048aff9fb203e1e58e5343062cd36b65198005d0b8ae336a47e8e4372a73aee7131804013d24e3d9bcd5ae2dd7baf036d571ba12ea7f17976e3e20887d8f24db24b2eb3c5e3f3b9ca8611ad4f4be7aa435c9641f290fb478168d3e204edb8181eebe3acb2552ddfa1f01d368d6604c03f84cbe78ce58284dc3b99aef5936adce8fb81118af0ef5a236391b9856bed6d1bc6cf02990c48b7f6c917efdab113ce0851f87258fb0d3f8633c6d41f33cf76f54492c4a1dcd4459153cd28c6473351371c73d73dd8f9a22f175959febadb76a866a9625b926fa1a12b32ba97df3c2e3b5d6893fab9a6352f168c423b38db9d13895afe3a017d27c84b7c20363f4e8a81f0af52c5368b856ecab23f52cf87f1ee3f73bdefc424b253c9c55f91df8a02b7df35a7c7defb7d260e4edf040503ed18f16aaf742b2c30ffb7f0108a48f50a7e603e24e0399c309781689118b2f1c23721e2528a3f020a4a43cf5439d169b4c116c284aac82ca2a5cecafb97d9dffb2b56af3cd73fe9ca2553ad33c12add00f01fbf7e11f8b30d3660da46483bcf884088c171d105ff05e441d018dcc495eb35ea1f921f98ad1f5a0bc0f5cf69450b70bbb2a24d427511baf0638d3b4da0fbdcbe126e2e9e415b81fb12239b424f8f553d73520aff5f212fad8a15760759dd4726bd2d05eda93ddb10cc2ae01977d1030480fddea6045be4a5983fb67a263bdb86f722592880e4feaf9767dc5352cd898da96b647eacb41d7c97a1e2bf1e48b548172a06ff21962e79ff3724b94c3e339dae7ac1e67225846da5e1399639885fea22620c9501dbb4b8ec62292c1b8392e20ad72bdd72c85d5aff8e7432117097bb4cc173de0f8dfed12134024d92c2c8512cbb96b31f156d759770467abf602e3a580bb0ee26137229e11df6986f33c8de3921b81ecc56f600f6fbe39787b72293d567c3d396ea4d65baa3fae1a25df344c5f33ec1fdcafefc0bee2c5cdf59dbb0408e99ca27f7a6872bfd2c20e11bd8c5b9a38fa98f30b5a56eb3dd10be3cfc60f43264a40ba7e91676920540b87d9b4f88b59f6ed8b66d5144930f0f4d3748084923b27082d8a175f955687cc1598d02937af997018a871db6e0c1db1e2e4431e452cdb0110c65bea7da6c8a9e4a66f0957fcdf1b8c7cb4d808b896ff217db472709690bf7ff4d4ca912017fd57812e1dac1c4d1db8d5113739e917bfba37581118e950ba1a77aa124b4de0611ab834f8a82794bbd0b0b14ef6003164aee3b466d3d9780c0c3b47aacaa8630a117b25409bb49af1f4b6105f0002b84325dce613054b6402d68e16bf3baa7ec6e9bc39cf324759f92cb82492e9b653015f1d795145fa911ed77ac5acbcff00cbbc2db04d2753c937dac0d09dbba128dc2f5c5918febb6ffaca8feb5bdd2c54853b9efe9b93f5356ab3bfe67bad1985e4c7e32c23e47140c540acdf30aaa966627923dc904f334a309789e17af70c2094ae28375a9414233115a635bb783ff422cd130b9efd41dd1c667d571241dab5d773f83e897787094f130f51c6c34f5af6d67ec94e57c5f9c37aba10f0a0433fa55b6ca2ce88b5ff1f44985312efc85fd31cfbf2412431763ec5ed6f39a799171aad1db74fa5c04295f5476446e5c148ddd3062a8ec4e773dba59139e9d0eb72b327cdc6b306bd475ca92ee5310d72c0906faab2950cec8f8619e009cb8c52e75fbec8aa4ce2736b3326583d365da32284f2b5f5d3c849623d15da5e6b2d780de22cf3504e5f06bc502a174db330d72214849ebd6887bdf4e7763db928b159668ef4e0755900d3a3508f92f332dae105a4c177d3ece1c7360dbade67e339934509e2f38b4f5022f5584255163d152f07b987ba838e45d1e62f14e46c45fe9e8a34dc4ba572081e96e9a33f31509d9bd0a362dace52d3a877fd238890d658ff776224609529e4ad4dc5d9138b3a2750dcafbd04de7d3d94d2b00128db71571ca361e4e257dcbecafa1f236c5c7990a37933a62ad28f575d5641b672fbd6b67b52075cc8daf420e4fe703326c05795ec388f6bfcdefeedf0d50617e086f749f7c37aaae655c5e059cdf0a1d2140273b3e6a22f6f79f843e3a4d05e92565260d354d068a71cc9ac41556e795c84291490821f5e5134ec03faf8b1073b774eb6e81a48f16ab2c2b4ecc0ca758cfcf4d2301f524a2dafa7a1a0cccf08b325dde92ee365c23ac818e673e60d887f8a24e3395e02379341b2a21959d01812f2d2de3eed3616e1d38249b4ccb0bfff4049725324c5d3dae738673e8849a889badf69237f98878efdb3c3136db8a902b83a7fbf62f08501f1e55c2fdee54fbb8e824648e58bd8f45e729261c6e75637e454b14b3e7175ef81551e9ce6609d7b7e9e53467aec2ce5b34a1761ad6a510838bf2611722885251732ba1aa8782a4316619bd49194fc0ecb67b3ec0f199e6af276bfa9cae0769d2779f6579792dd100bbc9b8bcd94bfe7bf1fb985789917c2d83b14a8b028d79236e0b01f1cfa00b34554148643a9ec25053baa4b56a1dfec6c84c1767989f2a400beaf4373daaa7f578846ba90de1bf47a921a0dd4f22746ea82800bb2d51bb80d916148b1fbe8e7ebb79cf11c8bf588e2a0b95f6984e866c623a9015371d5d3495a3f3d9b42ee7828f1a3dce118a648342d0b0b8e17dc9cbc954f17c7410f5a7ade7bf921279611e6f2cec5c945e4115142075287203b65f8a3b14d026c465b83a4447891dacbc37de3f23b801abd1a628973b5858a9fcfcb1c3923eaddc6fa3787f28f5ed0f2e1df91bf9d7396891b4efbe008e0818cb57d3eb178844e98db8b09fc859c11427adb4a92630aafc2ce7ae644f077bbfe3a899b6014be74be9277177d10c72f0b13998fb666af0cf0b28757c5ae8f5021c00adb414d16aea5cb23f22c7f526d8266e4b67b85f124704769e1187c3415acbf81cb3c2d5cc04d95edbd75bfdd32847e984a55d4dc1a7d3781bad2b6b62a576c10ff471e107add2a74e59ab11071bf5fb57c0cc34a45dc8796fe47000811cfea6cfb22c22e2b4656efd5ced8da97ca0179a6c3a4d58a7bd77260516107a9a72036c92c2dc800d825c3f45c6123a0332d37d7e29f84184e19decc59102950da0b0cef36160153f5a453c9c7fcfe2e145aae343fb9bb726bc3aefb9a604708d3ab1c5f51228ef8987a00ab2abfee2f3c1a38c48797035d43f74d1d6ac26df34926ce8d95d1d57f9e442398822b5014367dd8dde2db00ea5972dc8e782a7a193744d3bfa0298f353207e442716d26ba943821a6b0d2e112bd7033d7df3c99f0d875dca45f466567c198c16039b00f1125b77c1c560ac21ca70db4a642ed58f5f55db9acf206fcb3adb31731d9efb1b7dd9cc124858bc8fd9fe2651e31f152f05d2be376f3854d3de9dc464541bbdab3902773b3b5b2a14a20c0e80ae3a2ca02ddb584fab1767af0428969d4a9035cef9092d8d3bb48b8be88bac57d53c6e50b07fa51e0d9351159eb97741e09f55317c802fdb0cb172fa79b2ad25fd55613dbcad1f070a407facbcce6a229f4bc88de1ab99dea251a677209e9bc08fdb2e0299535beea1189044ab8c69c9196fb9d39b6c609c0c815ec929a01cd974d08b6f0e301991101ccb8c7e591f9cf1dd6fb6cfa17d6925d13bf18508103c44a52efb3701176d31e34207aed48792f5d7c4ddb6bb3bf6f0869f528363b7e0650b06b0e4caf53dc30157e80ae1e2432b60a1c64088eec7013a213ed65340adddf6940d277e87802729c3a6dc9c3d5919d835fd55642e15ffce4a9bd8553be5ec276d0867311f2b0e11173eedf0d7d5dcac0d44f8076ffd9ce8e90f828c4443c8b602db35ca19220f2cbc295e8fda0602e6437a46abc775da4237bede18196bb1e1106220235fd2072fa4375fd8bffa037afeddedc4477b315799176a23f47f48afc652fff5083c917ed1b4097cddd186921531357cd0da18996a152639692f5a2bf4c7745c3b640d7ca69e236edca95934c36ca4b9236d9cbbd3f248b948c942f65dfce17167628b4eb0c5893512c2d8439812bcea8d5fe6a229264723b66e4f2cb6f970139415440dde9946c5ad40032a1c5a18c248d35b73100d8f38aac9c5c302354a9db4e8d99a2d845f54a767c4a0623d40b998e28d454aff7defc9bb4cd3673374a33e641a6614c6b5546b3f70ed288f53def2e49baa32d1afb93b4c04a22b5c9ac3a23f1e0cb423eab40f51e2b3c170b501dc517abbac962784e1bd151815494d04e336ae2f16064ca27c7d776f8c5974a76e9b3d313446336e696e24202b2cb94603e2929906ad4000b13f0f7e7ecf6c2d7243e12d0aba4fb5d4a30de4e2c5a0ea8ade6d79bef8dead7b49ceaf6d7157a427382570771040c084c9feba727019c3b03dae0c5880b0a2dbd8150b743f987b5019b421c5d164150592ae0646217618c92e7876e6c4a2b0ecdfde08f04265e0bfa096a2d6f83953af12209e892a9a326368e0270f8e669ed5aca72579d1d6b806eaba059bb28c7f80fc1ce39b994e6816cac5df5cf9d40582bf9301b12deeb09a2eeab9c8a83a7d44d04a87ae0d4a590cb5f5e3824dc381fc56aca6787be5899aa3694f3b9a872b61dd5876c0f8ff3c81f38b4e52792254edfb954b157abd7b2ae2f4f8caee5b78886894e467e38a93c26cbc546022371b44360a317513341933a0db7ba88929844489e51259a489854f8160ad46594a19cbe799515f396168505520a5288d00f8093d3aef119d94a7863e67c9a7d6f900ba9834fd886044513ee1853713c2a4b511a487db6e7424a0b7f19895e5cf5e41e69c34b3378bae46e2e1c7d29c1cfe1bd0370bc2c0649ea144cd1d4d40fa57160cf856f3fb3dd3cd9ff014b4194837af58189305226b534e1a82297adb14e7af42693fa5065873cbb7fd7ceef5a41d8a63c1ec4a0b214182c5ee3cb9430f6dd7cd57fa56e1b6df932c683905f111867e5bc229bedbb3099a72644d96c38aef3e93268dcab401a2882f1f48c63dc068fc102adf0c8e8a1debdf454919cf7042c6b80955bd63cbc27d785e06ef360feb725748e8359e1fe6d64851ad9faf834d28e6273db6830e9aac4e54af0e8436ab653f8d6580acb7388634f342b36fac1feb35526eeeb8602a31a65843c18a9bd463c365e42192f6aadaa1a6e4991e9340258532f4f4811788d8662925405b76db6aba7965aee669441818c5e96a3d945d81baebd00ba2d97414f1840b3dfc7d34d9fb13877d241744cad6a367dea3ff5c4f29fd41e06f85c67c614cfa307463b3a8550a5a31cadc8c7111f1236c9113b18c631cf9ede683818be932fc0c8f389457a05c1b02e7a380b27b10853c79d9495ffa702aa01a1953f269c952e4ee95b001c5ebbba33c902a7d3aa81ac9ff01b1f9ed97a6f280f3caae24cf236e41993cf991e7d8f3ff50a173997179a190d92a26beaef64eae0ebf824b485962089f8675c2cc176c2c052948176937a4074f2506edb7e60a65149ab319f76fff07cfde46f6799869202d735e5ae9f91f4d23150de807efd933ecab245fe128554664fc8a3f411a9e45e050ea40c68e45f57403dc62b3a6908df7f6d8cf9ef45133e56b5682757415093b49b86630758075103fe98f1d380f58829b796b9ea4f06499beaa81108976a3a70174c3542eb2130070b1c4354166049b412b2256be40a9d20e18a2600540e1e1c15549892310c09870dbf70874be181a0ed4009592bea754fe30ff3cd96a551071d7ce21c6cfd3e449dd8c39bd97ed47b16bf00096578342112fd1aaef915962aa9a3141276c7442aab367fdaa02b2db13bb1e1be5c7486464196541d584096200520a6a57a228466fef61e2f6f678ba9f3733f6ae80bdd6bf67dda5b13bb7c8d05d20825566ee3ddfb9c94dc270aebe3d5a24933ba6befcb65226de3f2d8fc6fb518a36bb655289d2daa616121a4ce08c9f4effc5127c90d93369d8345357c67e3bdc024263fd43d090b8f1643c75236ce000ba02001c5974035f733ecb05f35d3d205027b393b4bf33dd86050a9e2c8f779de8947a38ee7b2b2b39d427cf48a359f10bc0fbd50763c8f4727ba82a55f6c2e944b71f8e05626bef8e7598c55cd4e587686446adf394282e312d48e02b9ce324b8523b33978c9ed7e67b886479c8c36d136d276b34de843ccb98d624daee93cd3d5db695189a5b1f730091b6339d8ecb93485f9091b46e998ff1efad6d647a2b6d5f4647e848358b1d863386a337c9ef4ec0ad827fd0acff7498422f8277052c53f0a7001b3771a19241b1d14021d6dbae44dc7fd92365012d1ced3c4f494699e398c404d8ffa5a6cd824e2f7638a4087693dc5191a7c6fb4fd29967e27988234c015a33db9ac71a416a8469f871b7da09c95f3331576c1b4f4c72b7b127ad2e48a57e28804efe74f8145aeaef16c03e2c3e99fe3ccaddded1da622fc62172e8f55d04e1305df63e789774d3640e6cf36ed53c2fcdeef189178dde1b60c640742c68d8d06cae2538b7b7d0ffe1905037537a754ba44950c4194c8013b5a4eb2a2b6406f9795d70e4321c7ab7e63eb80ce04e2e4f15e49153842118abb5179e246e41ffa49ed2b39b62ea47001f35229be23d332a81b5d47f88a5737b480f27ca75a653efa3afa257ef05e1b4da1cb84653b074e9aace9f6f4b94f48cf50b3fe2b1658d30e3f288b6d6a1164f3c9153b0f185c10a64c861889dc3faf8bebd6caab6f751a31109756cbc8b9a62384faa1a88b2ef8803855414dcc209329752a65b05a0784be9837e3a4a7cdc49b302a1e3e9be08080b6af5049702613b777e55b0033eab3ad76024a6132522289df20d753b595a48b1d116e792b51c9840541f16f56ef185a3c14e64b7e293c178ade690abeffc9d8f908bab3db2460d7f692e48dbdda353b6df648a98411bd8c70f95f6fb27390e6d3241f36fea36c0aea9198cd40fcc23b181d41fd91cf66570aaaf0688a4eff348b6f0e4c8bbda629cf269eafe2d60cab7108dbaeb0119ed441b7c4b379d0198be27dc6de0b53acca37dd9e5a40a558d8405de127fdd4b381a83d6d33b11061ef5428c08a8c64e73a3a6ccb11037cda942aa937f1ec14a9e2088acbb7b5489d173ce08ea04febb1cd93d7c0e1b3fb2facf8536e6568ea349647e2e449fe220516f5e94ab5727a91b92f9ac957cadb2e107b1004cd29e6b7488ac8d149226254976858d25d388eb6842271f051a082e18d0549232dd0fdc8da13aaa44f925dc3f462a188cdc8e1573bf989d25243f975a7765cbe01e84ae4654fa60e20a39f89b53f008796c5360ca8ad4cd9adf0bac7862002f9a02a30aebadb738673bb12edb7f61755ca16defb8aca9bbcbf2fd39cd556369050407d4a7077b14cf922f3597af3e967ae63f1c1e8a6b6d10fcdb8aca23c2596b72155962438889005fb8a835153ac594f1a8edfef2ffc66db8d642beee43524f6f271a1c24824c92ad58531251df443d712615f7fff6a385298183cfce80296dc95ef4728b5b1b98549460efaa2d230453f8156b4c6d76e5bce6aa9e1b4da827a96949af8681edd094d0d63dc3b582a156480b1800130ec5543c40be0c561d90bb379db82a4b59b657b05333c958908bc65b3a26fa8d745d579b09b5fd5e2223e7c182bc7610d414a379ff9a8922909340433ac17b77130ed417bf23e4ae48ca4a834b038f977d0deefe1291e76395c35b4107b2de4178b1051251cacb6bff04fd2d092d6ae2a72b25213605ab08b71fe478927cf82353ebcf382630cee84d03bd38227bf8b12c1bca16686ec9ffe61aed4635328f39ee09aafebf30da052e0e4bf28da6badd62636022b130dc4f1e196ffce2051d3e7f80ae29a38abf6367f2555d93f6ad2ab346f3037737ca141dad639771645fd683361c2b67abf0b04c1846dff0ce319ae12a9c79a7bad5e8e6fac23ce85860d1201e69319c41924d87066f6f320006bb3fe802d04a5bedbf50dd15e22df446cd94be3486047315f9ba0fea5af6915ea399075704308653b03f29d4e99419a1a7f848302a46537a297f6331abc7c36df88bb535096135b971d41c4335eb8d2a9eac87061d16f2e6899662d327deb8fd788661d6d151a7e4d3f8cb8312a0b8b60807cb6abc7bad6b66e8d5a492cef77759055e15c7c37a20c751b9571e02ad40b65c0b17668eda7ef989f8bde821d2e9c7a119cac9ca3e925f51cf6c2bab2a406699555099e016944554222144a3e970220e01bfe3b152c955ee4e21716c1e521a4bb0228dcd9b0a237f8fc2ccf9b4ecd8d6e2eec4508cd6c6453db134def3be0808a9f0df28960e28385611ec490cdabd63cd76bc53fe10d67af82c755721f6ba406969969008dc072d1a3c0a64a95f5265e9529575bf1038fe0df1925bc40bd7d8831e891aab8f888d1906681a08fccac5bb4cb3c7e67ccdeff175b76d9bd7029f53e0ee15d8845504476940d05b87156cce1d5ed93671d5ee0ce0874f0606f7d09d15cf16d98a1cbb456a5704cffc0a3918ef543a6e9a67e965c4fbb8186991ac3ca2218244cdc44af93a08763e04cce549c5ab00146278a63c2c94859a91544efc6559061cf781ce86969f8b1f5b65389ab3b19c0cc41ddd39e614803b06599b8653ed64cf8e3605c69afc879ae03e6cc5f80f88fedae281d1adf53a9204c491204edb99d1106b68ccb21004d51c419842f3e1564b5a4e01e71a47135178d8d045b07c045cba01436cd0ce6a1ce9a480b1bd6eb48fe2888214ca31766f5c5144edf8bdf7edefe015cf95bc6834bb06aa157b76f9fbcbade1ceb547fa678ff33a24ed4cca831654c0b03bd1a52ceca4287171d524e37d42899a4c5c66da0586ffb7b4aead7cdf892ce24d66eaff3530dcca213f70cec1d24cd59bbdc12e3f6f4bd4d0a2b232fa5f9ce2c70aa529fc85d4d2183f4c20f154da58103cfeffd477901d188ea888aad45f778dc48969936ce7519d2e1f0e14b2fc8b02340af1f83119cb69ab38e5122223950d5045479cbfb0b989013e2b1b995d6c45656b8124e8fc54f7daf9409ff4ad5babdc9789e3d420cccb792bf06a75cbf2bcc8b45a394e62dce6ed5188495c0de5a86d00694fc70a41b1cede2e986a33c13a7bc88d9c79775dbb624b9d66c577466547183ca48a0279ccfc7bffe699d0f4f82bca906d0118865e8851b75f9914ae12a368c0e2881fbf8c1f4374c37fce575034bdac4a06e022e62b34874966952f0ffb6c9fc8138eff8e07ad630635772e84993af6d71dc3eb534bdb00475eeb433da5b6cdf9051a8898a8893ef0ea4102aa24968c2c8be9b5b02e07c075f59c3398e08876054135ad6be1c51a5e98e1400edcca8061640a0d20b3f7a92acff856d20703f70c2159f91f9419d34cfb87f890b578bed938ec52eb1b45fbef56828774cba3704e0a22b1fff7ff6bb94620c9f0317728ee32d09615d186138238fc529247e80fcf71e9269e72fa25962695e40a38a816c2eb5d5e3f169e5c54ae20cecdc206b8cc093f6f5d3461268ff8a7154bafe92cf145aa415556cd9c6b4f5693050d00d6e1f5441c67b4c3abf561803ef525f4e199b2cdd03b806c0d8606ecaf25ca51a750dab89d91aaab170fcb7b6f50766ab8f11cf177bd75e58d432c051cdafccde5fd81233f524d37a6ae391da09b381d46b1333a07d5632b9f83c1aa8cd44f417320550d5b9ae5118502ff8fe89fffba8e0cf4f8fa4c096ea4937b7b3ea6f9dc0fc13e2e2b4ca172c97b67a58404a335436658063a9bd1c71422e9ee5ef345df6534be0b0482273c4750b9ae92c463bb87e7de173b40a8709a4018bdbe9e799b0a95c5946dc424efaac67eb3fe869d49e040d94d42c1c7680c47c9bba3344f7034d68394e65f6d31b9e5b21a763429432b91b85e274a5675011b2d5442f1d329ccf1220275ba714738022742135bb9674a2544d23b09c93d1d07f35738abf59f44b894048faf09bf0467b9d8171afe57ee10c828640fed3801dc8711e0b678b30f42f396be642975cc2724110d48a59d3ae7160781b7a3f4973fc2d720440408ffced0e2b62728e7ef1f5228fab181fb9b7a1077e376df6c5aeba81e9fe3fc9f82919bf476f1e97c64da1aaa0fc7d1e0b31d8519717717a1ca1856bae339cb612e4880d0aed31500c80e63fc888389c20be12f13cb3299f7a23cfcfd47834ce9b0d92d7b732d15b2df232158cc9b690a0c7e9fd2c511bbce0a6aced586059a9446019ac26ce6eb9ab507dfb24c58acfe596dc2d67ff19569211078498f31e7998135b47a5e2f39b23e474bf74484690c080fc1b818474094d960fe89d45b43c926cc0e6b60bdf3fed333ade75161441c622005e243964d6603a29888a5e921a713e7403785a86103c7fa700", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x78, 0x0, 0x0, {0xffffffffffffffff, 0x800007ff, 0x0, {0x2, 0x3, 0xffffffffffffffdf, 0x0, 0x800000000040, 0x5, 0x20000200, 0x2, 0x42, 0x8000, 0x5, r11, r12, 0x43}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f00000001c0)={{}, {0x1, 0x960a29282ba2c3bc}, [{0x2, 0x5, r5}, {0x2, 0x5, 0xffffffffffffffff}], {}, [{0x8, 0x3, r3}, {0x8, 0x4, r12}, {0x8, 0x1, r3}], {0x10, 0x2}, {0x20, 0x3}}, 0x4c, 0x1)

33.587758513s ago: executing program 3 (id=1469):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x18a)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0xa000000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

33.194299666s ago: executing program 3 (id=1474):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x700, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0xa}, @private=0xa010100}}}})
r1 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000000)=0x31)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000200)={"aa9c7481", 0x0, 0xf7, 0x0, 0x8, 0x2, "2fbab4cd34744fe00799fe7087dc89", "a998f2c6", "89e9832a", "6f9cff89", ["bd99adaf7e8b7e34f59653cd", "171404168e45b72df3972316", "74cded730c5395ddbf12171b", "734fbd64cf725dfac1dc3171"]})
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
socket$inet(0x2, 0x800, 0x9)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xaece, 0x2)
preadv(r5, &(0x7f0000000100)=[{&(0x7f0000001040)=""/4080, 0xff0}], 0x1, 0x6, 0x1)
ioctl$USBDEVFS_CLEAR_HALT(r2, 0x80045503, &(0x7f0000000340)={0x1, 0x1})

33.1655593s ago: executing program 32 (id=1474):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x700, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0xa}, @private=0xa010100}}}})
r1 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000000)=0x31)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000200)={"aa9c7481", 0x0, 0xf7, 0x0, 0x8, 0x2, "2fbab4cd34744fe00799fe7087dc89", "a998f2c6", "89e9832a", "6f9cff89", ["bd99adaf7e8b7e34f59653cd", "171404168e45b72df3972316", "74cded730c5395ddbf12171b", "734fbd64cf725dfac1dc3171"]})
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
socket$inet(0x2, 0x800, 0x9)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xaece, 0x2)
preadv(r5, &(0x7f0000000100)=[{&(0x7f0000001040)=""/4080, 0xff0}], 0x1, 0x6, 0x1)
ioctl$USBDEVFS_CLEAR_HALT(r2, 0x80045503, &(0x7f0000000340)={0x1, 0x1})

27.183728044s ago: executing program 2 (id=1573):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x2}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x308) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) (async)
ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) (async)
close(r1) (async)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
socket$l2tp6(0xa, 0x2, 0x73) (async)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = syz_open_dev$evdev(&(0x7f0000000200), 0x3, 0x44e000) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4020000000000006118500000000000850000000c00000095000000250000006e208c369a277d74282c672e43b55ee3600b815dab65f7b1b75090986c6758d29d4097f121f368c097470b55d52c40d3f5f958e74e95b181ece9b240d6fbea19c683cf40e1c8dc1ddc1f3313dce7a12c5075170f01b53adfcb8cac040d87a24a00669dfe7830470739d05cd38180cdef9e95c140b03d4ad554c2819992d927690db6df3f70d85019f7446d7b98a9f252a7e3bf39a95f70547586bcc706518908645d64492c221b1d17b2d163634e3eb7175e4c5112ad7e04ee"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x28)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000300)=""/218)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x203, 0x4) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000500000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r6}, 0x10) (async)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) (async)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
io_setup(0x6, &(0x7f0000001380)) (async)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$inet6(r3, &(0x7f0000000280)="02042c08ec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="331601000013"}) (async)
setsockopt$IP_VS_SO_SET_TIMEOUT(r5, 0x0, 0x48a, &(0x7f0000000180)={0x7, 0x7, 0xd}, 0xc)

27.117371148s ago: executing program 2 (id=1577):
socket$netlink(0x10, 0x3, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x1, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000040)={0x0, 0x0, {0x125a8, 0x10, 0x0, 0x5, 0x2, 0x6, 0x2, 0xdd2fcb245114ab72}})
r3 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x1, 0x0)
signalfd4(r0, &(0x7f0000002a80)={[0x101]}, 0x8, 0x100800)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x39, &(0x7f00000003c0)="0022041100ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77a62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9e", 0x8f)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000cc0)=ANY=[], 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000003c00)="ae7bb969113c8d65041f42df99df01eaed06d82a4c65b9307bbe0f95f888a84e6982fd329f445ada7930eed0a45cf5fe2ce9f92fe061cb0a9f0500321201263c642139affd4ebf3c967817979bdb9f0b51e6c590f6325381992acc91713443e0db8d1214e71225615def97de3744e28884de34c6e5ea71a65cd47056f8f8243f1e8b226ffd42be1b7331ceaa15d986e89185e4e24c3787520352a83bf3ce68242ddf1a7c2811784d92568fa6e9c2a28c911a4d2d57d692e40b03caa2ee072dcac558970ef4294cbe7e5278512a8d3d2cefbf9b0de0d0c599db1125d731b485f204b1950ed3fe90036650f696026760cb1a5ef83b37862782f9f948b75f19a6ecd71c5e8292f6594a70682ef04ba04adaab0927efee30ab9974c5cb9e80ff464bce634a5a8615716def0979643c67c58f4bf830ed85210663af015d921a1455378a2701fbe6b19546c7f0448d0ff0efb62fe87dee29d20a5d0ce44c9811a421dfa98b4dfd559b608c0153ca81fd863c4b70d355c08ff8ba9e27bc6e2a80500da63fd09f10a19c53b5cd37adecf7574ae29d76d47ef7d90d3c15ba71fbf9fc5c93e957687fe9a3d3a36bd1e2e0a7cfd2660d591c628d2cf33c5ea4015d30763f0e20e4eee445dd07c6df24e5c7e226bd61fd1b3d2908d9626c1839e00e7c9931c3168a01b104fa4c3ba48445dfb7c120869b21c22333ddbc6d20d3873a22726c2f15c8d90aecd01b9be6e0453b438600d90072b0efc7b4ef812cf6d7beb321168945e0588b9c4050d2eb971ecb27221c99264f6820137bacbb7ecb0d08d696cfad968dbda1111547d7a4ee0000998274e0c419852ab2e852d42b766bfdf6212d7d1b3408c0cdc3b10b47f9eb25c25e09da10254a5d924d2408db6ad6c7b49cca9626e90443913455b09c53a5675961b1d9b0ddd69f42b49e7af13259e79cf5a5091e33efec1593b4ad4867a1378bef2eaf15828134105ad71784465ef5f48fe2f8c76b48b440c571d6c4e38336241561b0b57cb85f3b3dd62c0653930a4bc914dced1f8b3a6bc7f5d69ee7e3f6e70281c349fa6c4de88b4d508e4dc038ad1fe54d66b69eea35ab2b4ec4b07a70fdc4fefd4a63f530e17eb4279fb18234437151c6329880a51913736dd3a547014cf04d0649e1ee07000000000000004f80ad15204abb5d3c1ea37e130c756210703761ea0b8ec8f528399841d1eda55f1a3f6e4cfd229c17200b32c23c5966b69d40fbd8874323f7f1785c26d112986b2408a9d83e5a7fd07204ba131155ce122f792c158f56d78965979704b2fae6c07baf993c00b2dabc51d8fb656a35bf68d78cacd5f29c2118be20f0c09194ffb2dcadcfd83b637fd7d070e7d86a4ec85b7b31db52cc1c2bd8adfb639992330e048632bca081548d5afc8ef2a364b4408b6195abb152c19d821479030a910fe2dcf344966a1bb27955f0bc2fb821702d67088085f3a783182b1728e88af3c60daae73cd31fe239483b0ee945944b8478655a01d24ee270c1897f7b808ca6b4b3c39a7db463904a92f232a89d7db02af02611a133b0420cdf901ada119fe793b08582dc6677b2e599b5c544d57e211628e9e61b196fbeae1263cc0f8d5fb913181ad7b4ca41b9dfcec037414b48bdefdec08d41a2d028a77a924b1fc039df1e5ea5a8ff26c2a24cf8e89fad6e3bf2b2fb7f42ef905d5686dc8ca4a3ac26dcd532b58a0509c70afa5ceefc6f2b38b97cb9c210e587dffd85c01225f578c34341167cf845c8013cd160bc0c02ac00ec389a6765370b6d7f58f4d00f9a09e4d5bd9bdc80079fcae542aeb316c8264b7132476ecc21f4abed9de689b0c7d3b3ff7f6622f7ea794d5fef3758f089ffac6d76fc32c048ed889c9b988378e4154ce7de8ec32e6fddc06d6dab2d5074521e7389aa9bc61c41fe5efd987b7e80f82bca70629d46f7ee9a66e0f7143c4529d64f6104ad4a81dab1daa8167a347a6b742fa44a6c5b38e14c073f532b77407d60040015640b25ba1422a7172921106d30592d3f5e6da261ec8b85e39836ca32ccaf422fcedd0ae932516b41202137ee3f29981215bfb13b8d7ff29dfd98d765e880438cd0f586de900b2ef24d673895fd4b52e8decababec63a7c563317df088918115345f5245b5758145bc553a4075efad3f81516ff740c1f5a1545a90b007319952672682cdd9166075a6cd30689b8df71e5231c9bfa2f0e6d74b7f9989f3e01c8dbe154d23d456a8ac8e553542291df7b7a82657ce96fdc29f695126b8779002869f059d92130820bf0bfa7537fe32e56669ddf5c865cb0d7538837ad38199cf8d86b1ecceb961d7e0c0e3d24cf1c9d5d0bebe91da0bdea22e32463790fb7f8a709a56d2d86c4bcc9c8d3a7f8cc2314b8c4afe2bf884a5fb5994ad2bf8e1d5a495350ffa153a3f96b16fd7348691a5f5fc7b1ab44819c17ea200765f7b60f565182f930d820fa3c92566a0d25371efc985d6484c0c89770d9ee298fb38153ec2912761f6d8ae66db40fa152d819e7a876b7fc441ce7fea450fcfa72c2dff911f5523a05a65cca92fce7bae85532dc494c4ab07872f4e78cc3f637dbff3f43349933f609a37af7b5cf8099ac725be27f1745d4271cd47a16cb47d4e700540fca7ae3e0ba71e969c7d1f9052f1b4f5d369b04eaf8f8a3067230be0687ce9ef11676c533bfd30873f99761034f0b603899021bd05597194a8655d7fd983cd13d939990cb33d7a53c5883a65c0879c5f796876b37144aeef43167f71947f91740adbf538bcb23bde647f73017cacaea598ebde79947ee3bba84f17f52439c1eb97b640d113386f55c442e655481d16be5b4a1bedd311224283a8fbdceaa8a863c1f11fd68893ed5ea3e88030f3afce3da802c887f198159166b504d466c85a4c829d74594072e4e3869e6711e3161010892240b12ec4134dcbd30f980924e3eb21fd51d40365603ff157e115d6f71fc8a951d77feb0c769b4740b029779b5fb73f4d35d3af883732c8e71919b78ee5e4fe2", 0x859}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0xaffffffa)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="20002abd7000fbdbdf250200f00008003f000800000008000c01ff0300008c27e733149b93914422f827e2856f90c2d5763f6b354e64ad511f275222590089a11c53db8005d5b9f5964911dc048e725968e80742c471239026d1413efe"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(r6, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r7, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r8}, @void}}}, 0x28}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000040), 0x55af)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x7a, &(0x7f0000000080), &(0x7f0000000000)=0x8)
socket$inet6_udp(0xa, 0x2, 0x0)

26.455215532s ago: executing program 2 (id=1589):
r0 = socket(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020b06050e020909430009003f00064c0a0000000d0085a168d0bf46d32345653600648d0a000500eb16000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160004000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x700, 0x0, 0x0)

26.455002503s ago: executing program 2 (id=1590):
ftruncate(0xffffffffffffffff, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='mountinfo\x00')
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x40)
close(r2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000c400)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f00000002c0)={0x50, 0x0, r4, {0x7, 0x1f, 0x7fff, 0x4503230, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x14c, 0x94a4}}, 0x50)
lseek(r1, 0x10001, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

26.236269781s ago: executing program 2 (id=1592):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0, 0x8000, 0x0, 0x0, r2, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x2, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x700fbff, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x1001}])
dup3(r0, r3, 0x6700000000000000)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

25.867473448s ago: executing program 2 (id=1602):
syz_clone(0x2a809000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000b00)=ANY=[@ANYBLOB="2c0000002100010000000000000000000a000040000000000000000005001600001b00000800", @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20004894}, 0x20000000)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000004100)={0x2020}, 0x2020)

25.830323856s ago: executing program 33 (id=1602):
syz_clone(0x2a809000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000b00)=ANY=[@ANYBLOB="2c0000002100010000000000000000000a000040000000000000000005001600001b00000800", @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20004894}, 0x20000000)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000004100)={0x2020}, 0x2020)

6.017627842s ago: executing program 0 (id=1998):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
r1 = socket(0x2, 0x2, 0x0)
getsockopt$inet_opts(r1, 0x0, 0x5, 0x0, &(0x7f0000000140))
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}], 0x1c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x9, 0x400)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r5, 0x4144, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r6=>0x0})
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000200)=0xe, 0xc0000)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r8 = dup(r7)
ioctl$BLKROTATIONAL(r8, 0x127e, &(0x7f0000000000))
preadv(r2, &(0x7f00000002c0), 0x0, 0x7ff, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
write$UHID_INPUT(r10, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f91b50090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33396d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe59}}, 0xfa)
socket$inet6_sctp(0xa, 0x1, 0x84)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000580))
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r3], 0x7c}}, 0x0)

5.347168274s ago: executing program 0 (id=2013):
socket$kcm(0x10, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
socket(0x10, 0x80002, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
gettid()
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r0, @ANYBLOB="6d3082610000000008001300"], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

5.127088546s ago: executing program 0 (id=2014):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0xbc48, 0x101000) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(r1, &(0x7f00000000c0)={0x0, 0xfffffffffffffdd4, &(0x7f0000000180)={&(0x7f0000000040)={0x24, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0xb}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x8}]}, 0x24}}, 0x20000000) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}) (async, rerun: 64)
sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}}, 0x28}}, 0x0) (async)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000180)={0x53, 0x0, 0x6, 0xa, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000000)="1201b9000000", 0x0, 0x0, 0x1, 0x0, 0x0})

5.126970963s ago: executing program 0 (id=2015):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x2838, 0x2f2, 0xffffffffffffffff, 0x385, 0xfffffffa, 0x7})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000100)="3f031c000302140006001e00890000004a1b7880610c0806000088a8000081a8880088a8ffff", 0x71, 0x40891, &(0x7f0000000540)={0xc9, 0x88a8, r1, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)

5.067098357s ago: executing program 0 (id=2016):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000000c0)={0x2838, 0x2f2, 0xffffffffffffffff, 0x385, 0xfffffffa, 0x7})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000100)="3f031c000302140006001e00890000004a1b7880610c0806000088a8000081a8880088a8ffff", 0x71, 0x40891, &(0x7f0000000540)={0xc9, 0x88a8, r1, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)

5.066850069s ago: executing program 0 (id=2017):
syz_emit_ethernet(0x7a, &(0x7f0000000200)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd6076db4000442f00fe800000000000000000000000000021ff020000000000000000000000000001042065580000000000000800000086dd080088be00000000100000080000000000000000080022eb00000000200080100200000000000008000100000800655800000000"], 0x0)
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000001c0), 0x4080, 0x0)
write$USERIO_CMD_REGISTER(r0, &(0x7f0000000280)={0x0, 0x1}, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xaf4, 0x0)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$TCFLSH(r4, 0x400455c8, 0x4)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000100)=0x2)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180))
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000140)=0x3)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000000c0)=0xe)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000200)=0x8)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYRES16=r3, @ANYBLOB="02002bbd7000fcdbdf070c000000840003803e9446e7ea6b0babd0c691bf6ca3c7f8efc4374149f42672456d83022a70b913175d2d560d26569e258a07994337626321d0c29c0b90eb6f388a06ec749dce799409fbea1c07b5bfa2cc60c8a292ccd3b6a11e36eea98cd32f23439e7a7face5eddfc55759ef8daf27dd62957cc4ac69850597bd98c117fd0800020004000000"], 0x98}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004000)

1.097269868s ago: executing program 1 (id=2116):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r0=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="3f031c000302140006001e00890000004a1b7880610c0806000088a8000081a8880088a8ffff", 0x71, 0x40891, &(0x7f0000000540)={0xc9, 0x88a8, r0, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)

1.097098468s ago: executing program 5 (id=2117):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000004", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000100000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.096752024s ago: executing program 1 (id=2119):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TRANSLATE(r0, 0xc018ae85, &(0x7f0000000000)={0x1000, 0x2, 0x1, 0x3, 0x2})
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x3, &(0x7f00000001c0)=0x5, 0x4)

1.095551275s ago: executing program 1 (id=2123):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil})
syz_open_dev$usbfs(&(0x7f00000002c0), 0xc, 0x101b01)
close_range(r0, 0xffffffffffffffff, 0x0)

1.037162192s ago: executing program 4 (id=2120):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xf, 0xfff1}, {0xfff3, 0x2}, {0xd, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x4040801}, 0x20000000)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@local, @in6=@remote}}, {{@in6=@mcast1}}}, &(0x7f0000000100)=0xe8)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
ioctl$SIOCAX25DELUID(r5, 0x89e2, &(0x7f0000000080)={0x3, @default})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDDELIO(r6, 0x4b34, 0x3bf)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000840)={'batadv_slave_0\x00', <r7=>0x0})
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r7, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_ext={0x1c, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="180008853d5d7177b01fe5c5c900080000000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000500)='GPL\x00', 0x7771, 0x0, 0x0, 0xd7b8dbcd861891a2, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xa51c, r8, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)

987.150954ms ago: executing program 1 (id=2121):
socket$kcm(0x10, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
socket(0x10, 0x80002, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = gettid()
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r0, @ANYBLOB, @ANYRES32=r2], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

638.201982ms ago: executing program 4 (id=2122):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r0)
r1 = syz_io_uring_setup(0xa5, &(0x7f0000000340)={0x0, 0xa9c2, 0x1, 0x0, 0x19}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SOUND_PCM_READ_BITS(r4, 0x80045005, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000100)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

535.837213ms ago: executing program 4 (id=2124):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="640000001800010000000000000000000a9e"], 0x64}}, 0xf0ffffffffffff)

535.651483ms ago: executing program 5 (id=2125):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x63a4c2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000001580)={r1})
ioctl$CDROMVOLCTRL(r0, 0x31f, &(0x7f00000001c0)={0xa1, 0x16, 0xc2, 0xff})

477.065532ms ago: executing program 4 (id=2126):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400400, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000003a000b000000000000000000040000e30300008004000980"], 0x1c}}, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

476.724493ms ago: executing program 5 (id=2127):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101801)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000040)={0x770d, 0x1, [{0x1, 0x1}]})
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x7, 0x400, 0x35315241, 0x4, 0xa955, 0x5, 0x0, 0x856, 0x0, 0x3, 0x0, 0x6}})
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x141301)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f00000000c0)={0x80, 0x11, 0x300, 0xffff, 0x0, 0x0, 0x0})

407.065456ms ago: executing program 5 (id=2128):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r0=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="3f031c000302140006001e00890000004a1b7880610c0806000088a8000081a8880088a8ffff", 0x71, 0x40891, &(0x7f0000000540)={0xc9, 0x88a8, r0, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)

406.798876ms ago: executing program 5 (id=2129):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0, 0x8000, 0x0, 0x0, r2, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x2, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000700)=[0x0])
dup3(r0, r3, 0x6700000000000000)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

406.124988ms ago: executing program 1 (id=2130):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500))
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r0, 0x0, 0x2, 0x0, &(0x7f0000000200))
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x14, 0x4, 0x8, 0xd, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f0000000440)=""/237, 0xed, 0x0, 0x0}}, 0x10)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0xffffffffffffffff, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0xd5)
r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r7, 0x1, 0x1, &(0x7f0000000200), 0xd)
writev(r6, &(0x7f0000000740)=[{&(0x7f0000000280)="8815efdb8a7b162e75187869b69e404c002b5cf39a4eec40f93fd687df9509a74e68dc9e7131063a7b74a7abb14b0f55381a2b11f96127a36364d66232277f884b53cf9bce6dec91183d35c31b759109bdde6675ecf6a064ac97183b235a6c9b078b635acba167918c49abb8c2960fb29d6e58f7405b1de95929de9b87da263fc7cfa5698e8958986a857e4318f3d0a3657784abf72550193512f69ae3ffa67696dff858337fae287dc2bb5444dab99d0266832d491e3de574454bd0063eb8bda2f92717c4085dc3441f122b4d7dbb170d00ccaebb", 0xd5}, {&(0x7f0000000380)="63007aa4eaf43690986057ec24e69c14604d8ab3d828428b4a6db71a254910909a954e1821a389948bf66f729b12ee0e250c821244cd6cadba66581e9071b5667d964477459cd279ff3d7033628250b315f6c062c15e3640d7e5c132d98ac247d8053f75733471b9d6cb98f08d8ae6bb4f439c5d8e25f0577022136b15420db64c3e0735d20b9727295eb9b560", 0x8d}, {&(0x7f0000000440)="98d2f2835e04c4a8ebe57bdd7454bb45cf995449d6af240a895e457bee2070e1404f7265d7e9f3d4bc91953629382d5a310a484b2a7a721ee708a83f44b9ead72fd2809b46f104091a62e057b2", 0x4d}, {&(0x7f0000000000)="34d93bf421f6daf8eba124d456578f5eb72c45ec77cbe87c0c8a3409a26abfc18bd71e7162632772a86acf148a9915aa3341c1fff081ae06d2ca52d167", 0x3d}, {&(0x7f00000000c0)="693ee13d39f9e5a40c4dac043c013f42e75b", 0x12}, {&(0x7f0000000540)="82568331e23eea432c025d357d7939efb24b79a1f1bf491d637f81455e1ff69324d60554e6a211ed7c5a461fa436bbf49a7d03bd3477e9b2cf430781b8859b527707571b161620f94358ed1ec471bbd29cfb786d5ffe9de62c7082cfc5a8bed313579752855254034c52478c6e59d21968ac1210c784ed0e7b8e37ba76450594e6045d25b46f3fdd16c4d44617b1a48d57723f278b2c63a315c9459766cd64c1", 0xa0}, {&(0x7f0000000600)="fd4e7d9435e51d976e470ea4f5b38c0b947dbcacf91aaf0786e091fd8a31a97867449864307341e98795c8cdc69e0ab0", 0x30}, {&(0x7f0000000640)="c392fb032a47091b376432068ce92d16c73adbb34bbc2adca5fe96f745e6ca228651152266d424922617f297e80b8f7af52279e6b488332bc51d593ff97c58f902f2a0f0467c48a8c7b6abca587a6da07bd8f8f0e281c00309ebcab46f66abd2c6f88991ba94aa580fe33726c870744e9d33c25fdd9dcfd0a73edb0b934d8a89b232e7527efaa0d6b6893f4ab5dfc57e8e0f9c92ee19143ced5ba68c57d5c3b9b4d654ff683d4dd11b3050a883f7d2fa5e78d1c3673cf9ebb83a059fdb28bda5fcc9c3d11317e3743fca7dafe3623af741a5b1cc16849f9ba06f58e3ad8eb703dea68332b56961cb6da9b95b78f1105a3100b460", 0xf4}], 0x8)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @opaque="24dc6170e1e03185"}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x7, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0xfd, 0x100, @val=0x80}}}}}}}, 0x0)
connect$netrom(r8, &(0x7f0000000700)={{0x6, @rose, 0xffffffff}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @null, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48)

257.188813ms ago: executing program 4 (id=2131):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
close(r1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000094000000060a010400000000000000000100000008000b40000000006c000480140001800b000100657874686472000024000280080001400000000c0800034000000000080004400000002205"], 0x108}}, 0x0)
syz_open_dev$I2C(&(0x7f0000000180), 0x5, 0x20100)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r4, 0x10c, 0x5, &(0x7f00000006c0), &(0x7f0000000700)=0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240), &(0x7f00000001c0)=@v3={0x3000000, [], 0xee01}, 0x18, 0x0)
lgetxattr(&(0x7f0000000440)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0xfffffffffffffe84)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'macvlan0\x00'})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.self_freezing\x00', 0x275a, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r7, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f00000003c0)='lo\x00', 0x10)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r10=>0x0})
setsockopt$inet_mreqn(r8, 0x0, 0x20, &(0x7f0000000280)={@private, @empty, r10}, 0xc)
sendmsg$IPSET_CMD_LIST(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c0000000706010800000000000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r6, 0x0)
openat$cgroup_ro(r6, &(0x7f0000000140)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@getnetconf={0x14, 0x52, 0x200, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)

256.913968ms ago: executing program 5 (id=2132):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="34000000100001080000000c0400000000000000", @ANYRES32=0x0, @ANYBLOB="0040000080a004000c002b8008000100", @ANYRES32, @ANYBLOB="08001b00"], 0x34}}, 0x0)

146.351674ms ago: executing program 1 (id=2133):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd26, 0x8000002, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008004}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x37c, 0x2c, 0xd27, 0x70bd26, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_matchall={{0xd}, {0x348, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x2, 0xb}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x0, 0xfff8}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xd, 0xfff3}}, @TCA_MATCHALL_ACT={0x324, 0x2, [@m_gact={0x60, 0x1e, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9c9, 0x2}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0xa98, 0x1000000d}}]}, {0x19, 0x6, "0043ed5f42b0589fab0788bf6ed8c302ffe655ea84"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_ct={0x17c, 0x1c, 0x0, 0x0, {{0x7}, {0x58, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @broadcast}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e24}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @empty}, @TCA_CT_MARK={0x8, 0x5, 0xfffff800}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x3}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @dev={0xfe, 0x80, '\x00', 0x2a}}, @TCA_CT_PARMS={0x18, 0x1, {0x8, 0xfec, 0x8, 0x5, 0xb}}]}, {0xff, 0x6, "0a6241d6e7cfa79dc21a40e1bfadb0b40ace0818cdc45cf2ab8a08fee588778810f1416ef7ec4d8bfea166bdabee40435def90e1f0d7bc09e29a44a0d429aa38ec12c57b2019994ce047c53e146ff197e32cc1550f248070110f5ba222c272663527742240a4ebc66877cd9838df6e72bf6f94aff76398a5165a9e12b04143c9f5a692963d76416b90d12638a84aef94b150ebd983bf43cb25c16c92481b26b77c5a05a3224dd64e11ab824cfaf7c892080cdb39ea009ecb032f654913addf11f59c61101b3fe6b0e38f903259fc6e733c4cf5a3b2949037fb801277445c80e76372fcb595c93ed7eba9965580eadd35571e3a048e1dadb6357aa1"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_bpf={0x144, 0xa, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xc, 0x6, './file1\x00'}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0xb508, 0x5, 0x7, 0x11b, 0x4}}]}, {0xf7, 0x6, "29af35a502e32f8c7249f9593ce2904d9e02c20ce2338269800ddedda692e13f731bc8421c0fd4f7e98d5466ba68f119dc5ebad69ee439bc2209f5c1725b561892a5cfc06ed52136032f11b6016a3bc682af9dc7b8d2d3785d1b6aa4dc9db6fbc2f9ddd6d1195a0ffcf6afe8f390f995828a6e81892e64caa75a115acab053efd217ea821b3d6b58e630027b33aadf435dc828005c33b2b6a383924946de488e1a0560eff21241b5c850935beb2092f8e2119d313625cbd59089d4cc93739d8cc172baa92cc438b162cc26bf23c8cd5f7da01d045493cb6d6aaa6b553154eedf50570bcd74ebb832d08a41d211f443f96b9ebc"}, {0xc}, {0xc, 0x8, {0x3, 0x5}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x8}]}}]}, 0x37c}}, 0x0)

0s ago: executing program 4 (id=2134):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
socket$packet(0x11, 0x3, 0x300)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}], 0x1c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0xe00, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r1], 0x7c}}, 0x0)

kernel console output (not intermixed with test programs):

.129567][ T8780] vhci_hcd: connection closed
[  116.139521][ T1145] vhci_hcd: stop threads
[  116.143104][ T1145] vhci_hcd: release socket
[  116.144738][ T1145] vhci_hcd: disconnect device
[  116.216039][ T8787] binder: BINDER_SET_CONTEXT_MGR already set
[  116.218540][ T8787] binder: 8786:8787 ioctl 4018620d 200000000100 returned -16
[  116.223056][ T8787] binder: 8786:8787 ioctl c0306201 2000000003c0 returned -22
[  116.251740][ T5934] Bluetooth: hci3: unexpected event for opcode 0x0405
[  116.540127][ T8797] netlink: 'syz.2.1025': attribute type 4 has an invalid length.
[  116.746545][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  116.746560][   T40] audit: type=1400 audit(1748785370.567:480): avc:  denied  { watch watch_reads } for  pid=8807 comm="syz.0.1029" path="/bus" dev="proc" ino=4026531855 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  116.836856][ T8813] usb usb8: usbfs: process 8813 (syz.0.1032) did not claim interface 0 before use
[  116.967997][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout
[  117.205594][ T8848] usb usb8: usbfs: process 8848 (syz.1.1043) did not claim interface 0 before use
[  117.317510][   T40] audit: type=1800 audit(1748785371.137:481): pid=8852 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.1045" name="bus" dev="9p" ino=36047829 res=0 errno=0
[  117.319838][ T8853] netfs: Couldn't get user pages (rc=-14)
[  117.607893][ T5934] Bluetooth: hci2: command 0x0c1a tx timeout
[  117.613520][ T8855] usb usb8: usbfs: process 8855 (syz.1.1046) did not claim interface 0 before use
[  117.658701][ T8857] FAULT_INJECTION: forcing a failure.
[  117.658701][ T8857] name failslab, interval 1, probability 0, space 0, times 0
[  117.664878][ T8857] CPU: 3 UID: 0 PID: 8857 Comm: syz.1.1047 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  117.664902][ T8857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.664919][ T8857] Call Trace:
[  117.664926][ T8857]  <TASK>
[  117.664932][ T8857]  dump_stack_lvl+0x16c/0x1f0
[  117.664987][ T8857]  should_fail_ex+0x512/0x640
[  117.665018][ T8857]  ? fs_reclaim_acquire+0xae/0x150
[  117.665044][ T8857]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  117.665068][ T8857]  should_failslab+0xc2/0x120
[  117.665089][ T8857]  __kmalloc_noprof+0xd2/0x510
[  117.665112][ T8857]  tomoyo_realpath_from_path+0xc2/0x6e0
[  117.665141][ T8857]  ? tomoyo_profile+0x47/0x60
[  117.665160][ T8857]  tomoyo_path_number_perm+0x245/0x580
[  117.665180][ T8857]  ? tomoyo_path_number_perm+0x237/0x580
[  117.665204][ T8857]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  117.665227][ T8857]  ? find_held_lock+0x2b/0x80
[  117.665264][ T8857]  ? find_held_lock+0x2b/0x80
[  117.665279][ T8857]  ? hook_file_ioctl_common+0x145/0x410
[  117.665301][ T8857]  ? __fget_files+0x20e/0x3c0
[  117.665325][ T8857]  security_file_ioctl+0x9b/0x240
[  117.665351][ T8857]  __x64_sys_ioctl+0xb7/0x210
[  117.665379][ T8857]  do_syscall_64+0xcd/0x4c0
[  117.665402][ T8857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.665419][ T8857] RIP: 0033:0x7f75bb18e969
[  117.665435][ T8857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.665450][ T8857] RSP: 002b:00007f75bc019038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  117.665466][ T8857] RAX: ffffffffffffffda RBX: 00007f75bb3b5fa0 RCX: 00007f75bb18e969
[  117.665477][ T8857] RDX: 0000200000000340 RSI: 0000000080045503 RDI: 0000000000000003
[  117.665487][ T8857] RBP: 00007f75bc019090 R08: 0000000000000000 R09: 0000000000000000
[  117.665497][ T8857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.665506][ T8857] R13: 0000000000000000 R14: 00007f75bb3b5fa0 R15: 00007ffc005024b8
[  117.665525][ T8857]  </TASK>
[  117.665532][ T8857] ERROR: Out of memory at tomoyo_realpath_from_path.
[  117.739234][ T8857] usb usb8: usbfs: process 8857 (syz.1.1047) did not claim interface 0 before use
[  117.805920][ T8866] libceph: resolve '
[  117.805920][ T8866] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[  117.805920][ T8866] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[  117.820905][   T40] audit: type=1400 audit(1748785371.647:482): avc:  denied  { ioctl } for  pid=8865 comm="syz.1.1049" path="socket:[32340]" dev="sockfs" ino=32340 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  117.821553][ T8866] usb usb8: usbfs: process 8866 (syz.1.1049) did not claim interface 0 before use
[  118.072706][ T8878] 1·: renamed from 
70· (while UP)
[  118.081681][ T8878] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  118.165963][ T8884] FAULT_INJECTION: forcing a failure.
[  118.165963][ T8884] name failslab, interval 1, probability 0, space 0, times 0
[  118.171668][ T8884] CPU: 2 UID: 0 PID: 8884 Comm: syz.2.1058 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  118.171685][ T8884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.171692][ T8884] Call Trace:
[  118.171697][ T8884]  <TASK>
[  118.171701][ T8884]  dump_stack_lvl+0x16c/0x1f0
[  118.171719][ T8884]  should_fail_ex+0x512/0x640
[  118.171735][ T8884]  ? fs_reclaim_acquire+0xae/0x150
[  118.171754][ T8884]  ? tomoyo_encode2+0x100/0x3e0
[  118.171773][ T8884]  should_failslab+0xc2/0x120
[  118.171788][ T8884]  __kmalloc_noprof+0xd2/0x510
[  118.171800][ T8884]  ? d_absolute_path+0x136/0x1a0
[  118.171820][ T8884]  tomoyo_encode2+0x100/0x3e0
[  118.171838][ T8884]  tomoyo_encode+0x29/0x50
[  118.171854][ T8884]  tomoyo_realpath_from_path+0x18f/0x6e0
[  118.171882][ T8884]  tomoyo_path_number_perm+0x245/0x580
[  118.171899][ T8884]  ? tomoyo_path_number_perm+0x237/0x580
[  118.171914][ T8884]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  118.171930][ T8884]  ? find_held_lock+0x2b/0x80
[  118.171954][ T8884]  ? find_held_lock+0x2b/0x80
[  118.171964][ T8884]  ? hook_file_ioctl_common+0x145/0x410
[  118.171979][ T8884]  ? __fget_files+0x20e/0x3c0
[  118.171995][ T8884]  security_file_ioctl+0x9b/0x240
[  118.172013][ T8884]  __x64_sys_ioctl+0xb7/0x210
[  118.172033][ T8884]  do_syscall_64+0xcd/0x4c0
[  118.172049][ T8884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.172062][ T8884] RIP: 0033:0x7f045298e969
[  118.172071][ T8884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.172082][ T8884] RSP: 002b:00007f0453830038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  118.172093][ T8884] RAX: ffffffffffffffda RBX: 00007f0452bb5fa0 RCX: 00007f045298e969
[  118.172099][ T8884] RDX: 0000200000000340 RSI: 0000000080045503 RDI: 0000000000000003
[  118.172106][ T8884] RBP: 00007f0453830090 R08: 0000000000000000 R09: 0000000000000000
[  118.172112][ T8884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.172119][ T8884] R13: 0000000000000000 R14: 00007f0452bb5fa0 R15: 00007ffd14a08c98
[  118.172133][ T8884]  </TASK>
[  118.172158][ T8884] ERROR: Out of memory at tomoyo_realpath_from_path.
[  118.231779][ T8889] usb usb8: usbfs: process 8889 (syz.0.1060) did not claim interface 0 before use
[  118.250149][ T8884] usb usb8: usbfs: process 8884 (syz.2.1058) did not claim interface 0 before use
[  118.328727][ T8896] futex_wake_op: syz.3.1063 tries to shift op by -1; fix this program
[  118.368164][ T8901] 0·: renamed from 
71· (while UP)
[  118.383788][ T8901] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  118.425749][ T8903] bridge_slave_1: left allmulticast mode
[  118.428484][ T8903] bridge_slave_1: left promiscuous mode
[  118.430548][ T8903] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.438450][ T8903] bridge_slave_0: left allmulticast mode
[  118.440982][ T8903] bridge_slave_0: left promiscuous mode
[  118.443140][ T8903] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.539629][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  118.680506][ T8910] Illegal XDP return value 4294967262 on prog  (id 47) dev N/A, expect packet loss!
[  118.738921][   T40] audit: type=1400 audit(1748785372.537:483): avc:  denied  { getopt } for  pid=8909 comm="syz.2.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  118.746493][   T40] audit: type=1400 audit(1748785372.537:484): avc:  denied  { accept } for  pid=8909 comm="syz.2.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  118.770706][   T10] usb 5-1: Using ep0 maxpacket: 8
[  118.789295][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  118.795537][   T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  118.800777][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.859438][   T10] usb 5-1: config 0 descriptor??
[  119.017987][ T8923] usb usb8: usbfs: process 8923 (syz.3.1072) did not claim interface 0 before use
[  119.071179][   T10] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  119.340912][ T8892] __nla_validate_parse: 10 callbacks suppressed
[  119.340927][ T8892] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1061'.
[  119.375814][ T8931] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  119.421907][   T40] audit: type=1400 audit(1748785373.237:485): avc:  denied  { validate_trans } for  pid=8891 comm="syz.0.1061" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  119.502999][   T40] audit: type=1400 audit(1748785373.327:486): avc:  denied  { map } for  pid=8935 comm="syz.1.1075" path="socket:[30670]" dev="sockfs" ino=30670 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  119.519039][   T40] audit: type=1400 audit(1748785373.327:487): avc:  denied  { read accept } for  pid=8935 comm="syz.1.1075" path="socket:[30670]" dev="sockfs" ino=30670 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  119.520268][ T8937] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1074'.
[  119.531667][ T8925] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  119.533721][ T8925] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  119.537995][ T8925] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  119.540113][ T8925] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  119.540594][ T5979] usb 5-1: USB disconnect, device number 10
[  119.544122][ T8937] No such timeout policy "syz0"
[  119.563009][ T8939] netlink: 'syz.1.1076': attribute type 5 has an invalid length.
[  119.565488][ T8939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1076'.
[  119.993318][ T5946] Bluetooth: hci3: unexpected event for opcode 0x0405
[  120.028936][ T5946] Bluetooth: hci3: unexpected event for opcode 0x0405
[  120.038548][ T8947] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1079'.
[  120.092745][   T40] audit: type=1400 audit(1748785373.917:488): avc:  denied  { setopt } for  pid=8950 comm="syz.0.1081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  120.116253][ T8957] usb usb8: usbfs: process 8957 (syz.3.1082) did not claim interface 0 before use
[  120.122300][ T8957] FAULT_INJECTION: forcing a failure.
[  120.122300][ T8957] name failslab, interval 1, probability 0, space 0, times 0
[  120.126694][ T8957] CPU: 1 UID: 0 PID: 8957 Comm: syz.3.1082 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  120.126711][ T8957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.126717][ T8957] Call Trace:
[  120.126722][ T8957]  <TASK>
[  120.126726][ T8957]  dump_stack_lvl+0x16c/0x1f0
[  120.126745][ T8957]  should_fail_ex+0x512/0x640
[  120.126761][ T8957]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  120.126776][ T8957]  should_failslab+0xc2/0x120
[  120.126790][ T8957]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  120.126803][ T8957]  ? __kernfs_new_node+0xd2/0x8e0
[  120.126820][ T8957]  __kernfs_new_node+0xd2/0x8e0
[  120.126847][ T8957]  ? __pfx___kernfs_new_node+0x10/0x10
[  120.126867][ T8957]  ? find_held_lock+0x2b/0x80
[  120.126879][ T8957]  ? kernfs_root+0xee/0x2a0
[  120.126896][ T8957]  kernfs_new_node+0x13c/0x1e0
[  120.126916][ T8957]  kernfs_create_link+0xcc/0x240
[  120.126933][ T8957]  sysfs_do_create_link_sd+0x90/0x140
[  120.126949][ T8957]  sysfs_create_link+0x61/0xc0
[  120.126963][ T8957]  driver_sysfs_add+0x91/0x2d0
[  120.126977][ T8957]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  120.126992][ T8957]  device_bind_driver+0x16/0x70
[  120.127008][ T8957]  usb_driver_claim_interface+0x228/0x400
[  120.127025][ T8957]  claimintf+0x181/0x240
[  120.127042][ T8957]  checkintf+0x161/0x1d0
[  120.127059][ T8957]  usbdev_ioctl+0x1f99/0x4070
[  120.127071][ T8957]  ? __pfx_usbdev_ioctl+0x10/0x10
[  120.127081][ T8957]  ? do_vfs_ioctl+0x523/0x1a60
[  120.127099][ T8957]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  120.127120][ T8957]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  120.127139][ T8957]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  120.127157][ T8957]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  120.127179][ T8957]  ? hook_file_ioctl_common+0x145/0x410
[  120.127195][ T8957]  ? selinux_file_ioctl+0x180/0x270
[  120.127211][ T8957]  ? selinux_file_ioctl+0xb4/0x270
[  120.127227][ T8957]  ? __pfx_usbdev_ioctl+0x10/0x10
[  120.127238][ T8957]  __x64_sys_ioctl+0x18b/0x210
[  120.127257][ T8957]  do_syscall_64+0xcd/0x4c0
[  120.127273][ T8957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.127284][ T8957] RIP: 0033:0x7f305438e969
[  120.127294][ T8957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.127306][ T8957] RSP: 002b:00007f30521f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  120.127317][ T8957] RAX: ffffffffffffffda RBX: 00007f30545b5fa0 RCX: 00007f305438e969
[  120.127324][ T8957] RDX: 0000200000000340 RSI: 0000000080045503 RDI: 0000000000000003
[  120.127330][ T8957] RBP: 00007f30521f6090 R08: 0000000000000000 R09: 0000000000000000
[  120.127337][ T8957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.127343][ T8957] R13: 0000000000000000 R14: 00007f30545b5fa0 R15: 00007fff8cf8dc58
[  120.127357][ T8957]  </TASK>
[  120.228187][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1086'.
[  120.231565][ T8965] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1086'.
[  120.234546][ T8965] netlink: 'syz.1.1086': attribute type 6 has an invalid length.
[  120.352881][ T8975] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1090'.
[  120.398026][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  120.757922][ T8999] input: syz0 as /devices/virtual/input/input12
[  120.884412][ T9005] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  120.967709][ T9017] FAULT_INJECTION: forcing a failure.
[  120.967709][ T9017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.972757][ T9017] CPU: 3 UID: 0 PID: 9017 Comm: syz.0.1108 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  120.972773][ T9017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.972780][ T9017] Call Trace:
[  120.972784][ T9017]  <TASK>
[  120.972788][ T9017]  dump_stack_lvl+0x16c/0x1f0
[  120.972807][ T9017]  should_fail_ex+0x512/0x640
[  120.972826][ T9017]  _copy_to_user+0x32/0xd0
[  120.972845][ T9017]  simple_read_from_buffer+0xcb/0x170
[  120.972858][ T9017]  proc_fail_nth_read+0x197/0x270
[  120.972872][ T9017]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  120.972885][ T9017]  ? rw_verify_area+0xcf/0x680
[  120.972903][ T9017]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  120.972915][ T9017]  vfs_read+0x1e4/0xc60
[  120.972928][ T9017]  ? __pfx___mutex_lock+0x10/0x10
[  120.972943][ T9017]  ? __pfx_vfs_read+0x10/0x10
[  120.972959][ T9017]  ? __fget_files+0x20e/0x3c0
[  120.972976][ T9017]  ksys_read+0x12a/0x250
[  120.972988][ T9017]  ? __pfx_ksys_read+0x10/0x10
[  120.973000][ T9017]  ? fput+0x70/0xf0
[  120.973017][ T9017]  do_syscall_64+0xcd/0x4c0
[  120.973032][ T9017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.973044][ T9017] RIP: 0033:0x7fe653b8d37c
[  120.973053][ T9017] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  120.973063][ T9017] RSP: 002b:00007fe6519f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  120.973074][ T9017] RAX: ffffffffffffffda RBX: 00007fe653db5fa0 RCX: 00007fe653b8d37c
[  120.973081][ T9017] RDX: 000000000000000f RSI: 00007fe6519f60a0 RDI: 0000000000000004
[  120.973087][ T9017] RBP: 00007fe6519f6090 R08: 0000000000000000 R09: 0000000000000000
[  120.973093][ T9017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.973099][ T9017] R13: 0000000000000000 R14: 00007fe653db5fa0 R15: 00007ffec36e99c8
[  120.973113][ T9017]  </TASK>
[  121.067066][ T9025] netlink: 'syz.3.1111': attribute type 4 has an invalid length.
[  121.214680][ T9031] futex_wake_op: syz.3.1113 tries to shift op by -1; fix this program
[  121.219906][ T9031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1113'.
[  121.344482][ T9047] usb usb8: usbfs: process 9047 (syz.1.1119) did not claim interface 0 before use
[  121.347496][ T9047] FAULT_INJECTION: forcing a failure.
[  121.347496][ T9047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.354656][ T9047] CPU: 3 UID: 0 PID: 9047 Comm: syz.1.1119 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  121.354673][ T9047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.354681][ T9047] Call Trace:
[  121.354685][ T9047]  <TASK>
[  121.354690][ T9047]  dump_stack_lvl+0x16c/0x1f0
[  121.354709][ T9047]  should_fail_ex+0x512/0x640
[  121.354729][ T9047]  _copy_from_user+0x2e/0xd0
[  121.354749][ T9047]  kstrtouint_from_user+0xd6/0x1d0
[  121.354763][ T9047]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  121.354777][ T9047]  ? __lock_acquire+0xb8a/0x1c90
[  121.354800][ T9047]  proc_fail_nth_write+0x83/0x250
[  121.354814][ T9047]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  121.354831][ T9047]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  121.354844][ T9047]  vfs_write+0x29d/0x1150
[  121.354863][ T9047]  ? __pfx___mutex_lock+0x10/0x10
[  121.354883][ T9047]  ? __pfx_vfs_write+0x10/0x10
[  121.354909][ T9047]  ? __fget_files+0x20e/0x3c0
[  121.354928][ T9047]  ksys_write+0x12a/0x250
[  121.354940][ T9047]  ? __pfx_ksys_write+0x10/0x10
[  121.354953][ T9047]  ? fput+0x70/0xf0
[  121.354971][ T9047]  do_syscall_64+0xcd/0x4c0
[  121.354988][ T9047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.355000][ T9047] RIP: 0033:0x7f75bb18d41f
[  121.355011][ T9047] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  121.355022][ T9047] RSP: 002b:00007f75bc019030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  121.355034][ T9047] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f75bb18d41f
[  121.355041][ T9047] RDX: 0000000000000001 RSI: 00007f75bc0190a0 RDI: 0000000000000004
[  121.355048][ T9047] RBP: 00007f75bc019090 R08: 0000000000000000 R09: 0000000000000000
[  121.355054][ T9047] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  121.355061][ T9047] R13: 0000000000000000 R14: 00007f75bb3b5fa0 R15: 00007ffc005024b8
[  121.355076][ T9047]  </TASK>
[  121.598022][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  121.598652][ T5934] Bluetooth: hci0: command 0x0c1a tx timeout
[  121.599051][ T5295] Bluetooth: hci1: command 0x0c1a tx timeout
[  121.933555][   T40] audit: type=1400 audit(1748785375.757:489): avc:  denied  { create } for  pid=9072 comm="syz.3.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  121.943575][   T40] audit: type=1400 audit(1748785375.757:490): avc:  denied  { sys_admin } for  pid=9072 comm="syz.3.1130" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  121.986756][   T40] audit: type=1400 audit(1748785375.807:491): avc:  denied  { setattr } for  pid=9080 comm="syz.2.1131" name="QIPCRTR" dev="sockfs" ino=33672 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  121.998543][ T9081] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1132'.
[  122.010901][   T40] audit: type=1400 audit(1748785375.837:492): avc:  denied  { write } for  pid=9079 comm="syz.1.1132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  122.017258][   T40] audit: type=1400 audit(1748785375.837:493): avc:  denied  { ioctl } for  pid=9079 comm="syz.1.1132" path="socket:[31698]" dev="sockfs" ino=31698 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  122.019446][ T9087] 9pnet_virtio: no channels available for device syz
[  122.062354][ T9090] binder: BINDER_SET_CONTEXT_MGR already set
[  122.064366][ T9090] binder: 9089:9090 ioctl 4018620d 200000000100 returned -16
[  122.243451][ T9118] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9118 comm=syz.2.1144
[  122.249898][ T9121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1145'.
[  122.545804][ T9142] FAULT_INJECTION: forcing a failure.
[  122.545804][ T9142] name failslab, interval 1, probability 0, space 0, times 0
[  122.550689][ T9142] CPU: 3 UID: 0 PID: 9142 Comm: syz.3.1147 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  122.550713][ T9142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.550723][ T9142] Call Trace:
[  122.550729][ T9142]  <TASK>
[  122.550735][ T9142]  dump_stack_lvl+0x16c/0x1f0
[  122.550761][ T9142]  should_fail_ex+0x512/0x640
[  122.550784][ T9142]  ? fs_reclaim_acquire+0xae/0x150
[  122.550806][ T9142]  should_failslab+0xc2/0x120
[  122.550828][ T9142]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  122.550847][ T9142]  ? p9_tag_alloc+0x9c/0x640
[  122.550871][ T9142]  p9_tag_alloc+0x9c/0x640
[  122.550893][ T9142]  ? __pfx_p9_tag_alloc+0x10/0x10
[  122.550911][ T9142]  ? __lock_acquire+0x622/0x1c90
[  122.550939][ T9142]  p9_client_prepare_req+0x19b/0x4d0
[  122.550962][ T9142]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  122.550987][ T9142]  ? __lock_acquire+0x622/0x1c90
[  122.551011][ T9142]  p9_client_zc_rpc.constprop.0+0x104/0x880
[  122.551036][ T9142]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  122.551061][ T9142]  ? __lock_acquire+0xb8a/0x1c90
[  122.551091][ T9142]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  122.551109][ T9142]  p9_client_read_once+0x3d2/0x860
[  122.551135][ T9142]  ? __pfx_p9_client_read_once+0x10/0x10
[  122.551162][ T9142]  ? __lock_acquire+0xb8a/0x1c90
[  122.551186][ T9142]  p9_client_read+0x13f/0x1b0
[  122.551213][ T9142]  v9fs_issue_read+0x117/0x380
[  122.551231][ T9142]  ? __pfx_v9fs_issue_read+0x10/0x10
[  122.551250][ T9142]  ? netfs_unbuffered_read_iter_locked+0x80a/0x1600
[  122.551270][ T9142]  ? iov_iter_advance+0x380/0x6c0
[  122.551298][ T9142]  netfs_unbuffered_read_iter_locked+0xaea/0x1600
[  122.551328][ T9142]  netfs_unbuffered_read_iter+0xc5/0x100
[  122.551345][ T9142]  v9fs_file_read_iter+0xbf/0x100
[  122.551366][ T9142]  vfs_read+0x8bf/0xc60
[  122.551387][ T9142]  ? __pfx___mutex_lock+0x10/0x10
[  122.551407][ T9142]  ? __pfx_vfs_read+0x10/0x10
[  122.551441][ T9142]  ksys_read+0x12a/0x250
[  122.551455][ T9142]  ? __pfx_ksys_read+0x10/0x10
[  122.551477][ T9142]  do_syscall_64+0xcd/0x4c0
[  122.551500][ T9142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.551516][ T9142] RIP: 0033:0x7f305438e969
[  122.551530][ T9142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.551545][ T9142] RSP: 002b:00007f30521d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  122.551558][ T9142] RAX: ffffffffffffffda RBX: 00007f30545b6080 RCX: 00007f305438e969
[  122.551568][ T9142] RDX: 0000000000002020 RSI: 00002000000029c0 RDI: 0000000000000003
[  122.551577][ T9142] RBP: 00007f30521d5090 R08: 0000000000000000 R09: 0000000000000000
[  122.551587][ T9142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.551597][ T9142] R13: 0000000000000001 R14: 00007f30545b6080 R15: 00007fff8cf8dc58
[  122.551619][ T9142]  </TASK>
[  123.246509][ T9180] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  123.249065][ T9180] IPv6: NLM_F_CREATE should be set when creating new route
[  123.310777][   T40] audit: type=1400 audit(1748785377.137:494): avc:  denied  { setopt } for  pid=9188 comm="syz.0.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  123.310938][ T9189] usb usb8: usbfs: process 9189 (syz.0.1158) did not claim interface 0 before use
[  123.333621][ T5934] Bluetooth: hci1: unexpected event for opcode 0x0405
[  123.427080][ T9199] usb usb8: usbfs: process 9199 (syz.1.1162) did not claim interface 0 before use
[  123.481531][ T9202] FAULT_INJECTION: forcing a failure.
[  123.481531][ T9202] name failslab, interval 1, probability 0, space 0, times 0
[  123.485642][ T9202] CPU: 1 UID: 0 PID: 9202 Comm: syz.0.1160 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  123.485658][ T9202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.485665][ T9202] Call Trace:
[  123.485670][ T9202]  <TASK>
[  123.485675][ T9202]  dump_stack_lvl+0x16c/0x1f0
[  123.485699][ T9202]  should_fail_ex+0x512/0x640
[  123.485715][ T9202]  ? fs_reclaim_acquire+0xae/0x150
[  123.485733][ T9202]  ? p9_fcall_init+0x97/0x260
[  123.485747][ T9202]  should_failslab+0xc2/0x120
[  123.485761][ T9202]  __kmalloc_noprof+0xd2/0x510
[  123.485774][ T9202]  ? rcu_is_watching+0x12/0xc0
[  123.485786][ T9202]  ? trace_kmem_cache_alloc+0x28/0xc0
[  123.485803][ T9202]  p9_fcall_init+0x97/0x260
[  123.485818][ T9202]  p9_tag_alloc+0x161/0x640
[  123.485834][ T9202]  ? __pfx_p9_tag_alloc+0x10/0x10
[  123.485855][ T9202]  p9_client_prepare_req+0x19b/0x4d0
[  123.485871][ T9202]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  123.485886][ T9202]  ? v9fs_file_read_iter+0xbf/0x100
[  123.485903][ T9202]  ? __lock_acquire+0x622/0x1c90
[  123.485920][ T9202]  p9_client_zc_rpc.constprop.0+0x104/0x880
[  123.485940][ T9202]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  123.485959][ T9202]  ? __lock_acquire+0xb8a/0x1c90
[  123.485978][ T9202]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  123.485991][ T9202]  p9_client_read_once+0x3d2/0x860
[  123.486012][ T9202]  ? __pfx_p9_client_read_once+0x10/0x10
[  123.486031][ T9202]  ? __lock_acquire+0xb8a/0x1c90
[  123.486047][ T9202]  p9_client_read+0x13f/0x1b0
[  123.486067][ T9202]  v9fs_issue_read+0x117/0x380
[  123.486081][ T9202]  ? __pfx_v9fs_issue_read+0x10/0x10
[  123.486095][ T9202]  ? netfs_unbuffered_read_iter_locked+0x80a/0x1600
[  123.486109][ T9202]  ? iov_iter_advance+0x380/0x6c0
[  123.486129][ T9202]  netfs_unbuffered_read_iter_locked+0xaea/0x1600
[  123.486150][ T9202]  netfs_unbuffered_read_iter+0xc5/0x100
[  123.486164][ T9202]  v9fs_file_read_iter+0xbf/0x100
[  123.486179][ T9202]  vfs_read+0x8bf/0xc60
[  123.486193][ T9202]  ? __pfx___mutex_lock+0x10/0x10
[  123.486208][ T9202]  ? __pfx_vfs_read+0x10/0x10
[  123.486229][ T9202]  ksys_read+0x12a/0x250
[  123.486241][ T9202]  ? __pfx_ksys_read+0x10/0x10
[  123.486257][ T9202]  do_syscall_64+0xcd/0x4c0
[  123.486273][ T9202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.486284][ T9202] RIP: 0033:0x7fe653b8e969
[  123.486294][ T9202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.486304][ T9202] RSP: 002b:00007fe6519d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.486315][ T9202] RAX: ffffffffffffffda RBX: 00007fe653db6080 RCX: 00007fe653b8e969
[  123.486322][ T9202] RDX: 0000000000002020 RSI: 00002000000029c0 RDI: 0000000000000003
[  123.486329][ T9202] RBP: 00007fe6519d5090 R08: 0000000000000000 R09: 0000000000000000
[  123.486335][ T9202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.486341][ T9202] R13: 0000000000000001 R14: 00007fe653db6080 R15: 00007ffec36e99c8
[  123.486356][ T9202]  </TASK>
[  123.543992][   T40] audit: type=1400 audit(1748785377.377:495): avc:  denied  { map } for  pid=9205 comm="syz.1.1165" path="socket:[34904]" dev="sockfs" ino=34904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  123.562502][ T9204] binder: BINDER_SET_CONTEXT_MGR already set
[  123.595644][ T9204] binder: 9203:9204 ioctl 4018620d 200000000100 returned -16
[  123.600085][ T9204] binder: 9203:9204 ioctl c0306201 2000000003c0 returned -14
[  123.649203][ T9210] futex_wake_op: syz.3.1168 tries to shift op by -1; fix this program
[  123.678082][ T5934] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.713989][ T9212] program syz.2.1169 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.755996][ T9222] netlink: 'syz.0.1172': attribute type 39 has an invalid length.
[  123.876553][ T9234] 9pnet_virtio: no channels available for device syz
[  124.064437][ T9240] 0·: renamed from 
71· (while UP)
[  124.067646][ T9240] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  124.323504][ T9252] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  124.325773][ T9266] usb usb8: usbfs: process 9266 (syz.3.1186) did not claim interface 0 before use
[  124.371042][ T9268] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  124.376555][ T9268] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  124.407602][ T9270] CUSE: unknown device info "ÿ
"
[  124.409384][ T9270] CUSE: zero length info key specified
[  124.448006][ T9279] netlink: 'syz.0.1190': attribute type 4 has an invalid length.
[  124.465931][ T9281] __nla_validate_parse: 5 callbacks suppressed
[  124.465945][ T9281] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1191'.
[  124.494203][   T40] audit: type=1400 audit(1748785378.317:496): avc:  denied  { kexec_image_load } for  pid=9284 comm="syz.2.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  124.499091][ T9283] futex_wake_op: syz.0.1192 tries to shift op by -1; fix this program
[  124.505661][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1192'.
[  124.524895][ T9287] binder: BINDER_SET_CONTEXT_MGR already set
[  124.526834][ T9287] binder: 9286:9287 ioctl 4018620d 200000000100 returned -16
[  124.530305][ T9287] binder: 9286:9287 ioctl c0306201 2000000003c0 returned -14
[  124.614024][   T40] audit: type=1400 audit(1748785378.437:497): avc:  denied  { create } for  pid=9291 comm="syz.3.1196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  124.626872][   T40] audit: type=1400 audit(1748785378.437:498): avc:  denied  { write } for  pid=9291 comm="syz.3.1196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  124.753215][ T9298] usb usb8: usbfs: process 9298 (syz.3.1198) did not claim interface 0 before use
[  124.784039][ T9301] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  124.792055][ T9295] netlink: 'syz.1.1197': attribute type 12 has an invalid length.
[  125.009814][ T9317] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1205'.
[  125.009908][ T9317] 1·: renamed from 
70· (while UP)
[  125.016710][ T9317] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  125.075836][ T9321] FAULT_INJECTION: forcing a failure.
[  125.075836][ T9321] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.082399][ T9321] CPU: 2 UID: 0 PID: 9321 Comm: syz.3.1207 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  125.082438][ T9321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.082446][ T9321] Call Trace:
[  125.082451][ T9321]  <TASK>
[  125.082456][ T9321]  dump_stack_lvl+0x16c/0x1f0
[  125.082476][ T9321]  should_fail_ex+0x512/0x640
[  125.082496][ T9321]  _copy_from_user+0x2e/0xd0
[  125.082515][ T9321]  do_sock_getsockopt+0x5f4/0x800
[  125.082535][ T9321]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  125.082552][ T9321]  ? __fget_files+0x204/0x3c0
[  125.082574][ T9321]  __sys_getsockopt+0x12f/0x260
[  125.082591][ T9321]  __x64_sys_getsockopt+0xbd/0x160
[  125.082605][ T9321]  ? do_syscall_64+0x91/0x4c0
[  125.082620][ T9321]  ? lockdep_hardirqs_on+0x7c/0x110
[  125.082634][ T9321]  do_syscall_64+0xcd/0x4c0
[  125.082651][ T9321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.082663][ T9321] RIP: 0033:0x7f305438e969
[  125.082674][ T9321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.082686][ T9321] RSP: 002b:00007f30521f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  125.082697][ T9321] RAX: ffffffffffffffda RBX: 00007f30545b5fa0 RCX: 00007f305438e969
[  125.082709][ T9321] RDX: 0000000000000007 RSI: 000000000000011b RDI: 0000000000000003
[  125.082716][ T9321] RBP: 00007f30521f6090 R08: 0000200000000280 R09: 0000000000000000
[  125.082723][ T9321] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  125.082729][ T9321] R13: 0000000000000000 R14: 00007f30545b5fa0 R15: 00007fff8cf8dc58
[  125.082745][ T9321]  </TASK>
[  125.140460][    C2] vkms_vblank_simulate: vblank timer overrun
[  125.174162][ T9328] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  125.225964][ T5934] Bluetooth: hci3: unexpected event for opcode 0x0405
[  125.250286][ T9337] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1213'.
[  125.312579][ T9347] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1216'.
[  125.361555][ T9352] futex_wake_op: syz.0.1218 tries to shift op by -1; fix this program
[  125.365460][ T9352] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1218'.
[  125.707207][ T9363] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1222'.
[  125.768225][   T34] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  125.791702][ T9372] trusted_key: encrypted_key: insufficient parameters specified
[  125.795561][ T9371] trusted_key: encrypted_key: insufficient parameters specified
[  125.808419][ T9371] tap0: tun_chr_ioctl cmd 1074025675
[  125.810348][ T9371] tap0: persist enabled
[  125.812544][ T9372] tap0: tun_chr_ioctl cmd 1074025675
[  125.814158][ T9372] tap0: persist enabled
[  125.820145][ T9371] tap0: tun_chr_ioctl cmd 1074025675
[  125.822063][ T9371] tap0: persist enabled
[  125.824310][ T9372] tap0: tun_chr_ioctl cmd 1074025675
[  125.825938][ T9372] tap0: persist enabled
[  125.871657][ T9381] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  125.901920][ T9383] netlink: 146840 bytes leftover after parsing attributes in process `syz.3.1228'.
[  125.996901][ T5934] Bluetooth: hci3: unexpected event for opcode 0x0405
[  126.017422][ T9391] trusted_key: syz.3.1232 sent an empty control message without MSG_MORE.
[  126.080514][ T9399] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1235'.
[  126.178256][   T34] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  126.247966][ T9408] futex_wake_op: syz.0.1238 tries to shift op by -1; fix this program
[  126.337312][ T9327] Set syz1 is full, maxelem 65536 reached
[  126.405374][ T5934] Bluetooth: hci3: unexpected event for opcode 0x0405
[  126.574872][ T9424] xt_ecn: cannot match TCP bits for non-tcp packets
[  126.580557][ T9424] tmpfs: Unknown parameter 'mpoê·bin¢Cr�d:0-1:1/N'
[  126.628281][   T34] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  126.800266][   T34] usb 7-1: config 1 has an invalid descriptor of length 155, skipping remainder of the config
[  126.804439][   T34] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  126.811429][   T34] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  126.815283][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.818636][   T34] usb 7-1: Product: syz
[  126.820703][   T34] usb 7-1: Manufacturer: syz
[  126.822539][   T34] usb 7-1: SerialNumber: syz
[  127.711219][ T9493] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  127.763702][ T9498] sp0: Synchronizing with TNC
[  127.766904][ T9498] sp0: Found TNC
[  127.785436][ T9502] syz.1.1276: attempt to access beyond end of device
[  127.785436][ T9502] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  127.790918][ T9502] syz.1.1276: attempt to access beyond end of device
[  127.790918][ T9502] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[  127.911543][ T9510] 1·: renamed from 
70· (while UP)
[  127.914884][ T9510] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  127.958751][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  127.958767][   T40] audit: type=1400 audit(1748785381.787:508): avc:  denied  { connect } for  pid=9513 comm="syz.0.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  128.009199][   T40] audit: type=1400 audit(1748785381.837:509): avc:  denied  { read } for  pid=9513 comm="syz.0.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  128.052358][ T9524] usb usb8: usbfs: process 9524 (syz.0.1283) did not claim interface 0 before use
[  128.065989][ T9520] netlink: 'syz.3.1282': attribute type 10 has an invalid length.
[  128.073213][ T9520] 8021q: adding VLAN 0 to HW filter on device team0
[  128.077204][ T9520] bond0: (slave team0): Enslaving as an active interface with an up link
[  128.195618][ T9536] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  128.354405][   T40] audit: type=1400 audit(1748785382.177:510): avc:  denied  { shutdown } for  pid=9545 comm="syz.0.1291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  128.380237][   T40] audit: type=1400 audit(1748785382.207:511): avc:  denied  { accept } for  pid=9533 comm="syz.1.1288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  128.381711][ T9541] tipc: Started in network mode
[  128.389639][ T9541] tipc: Node identity 764a427a35a9, cluster identity 4711
[  128.392150][ T9541] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  128.394420][ T9551] 0·: renamed from 
71· (while UP)
[  128.397478][ T9551] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  128.538185][ T9533] tipc: Resetting bearer <eth:syzkaller0>
[  129.033729][ T9580] overlayfs: workdir and upperdir must reside under the same mount
[  129.075299][ T9582] netlink: 'syz.0.1301': attribute type 10 has an invalid length.
[  129.383730][ T9533] tipc: Disabling bearer <eth:syzkaller0>
[  129.449900][ T9590] netlink: 'syz.0.1303': attribute type 30 has an invalid length.
[  129.480472][ T9592] __nla_validate_parse: 13 callbacks suppressed
[  129.480483][ T9592] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1304'.
[  129.513385][ T9598] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1307'.
[  129.516112][ T9598] 0·: renamed from 
71· (while UP)
[  129.520487][   T34] usb 7-1: USB disconnect, device number 10
[  129.524081][ T9598] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  129.584812][ T9606] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1310'.
[  129.875697][ T9625] overlayfs: workdir and upperdir must reside under the same mount
[  129.950517][   T34] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  130.058489][   T40] audit: type=1400 audit(1748785383.887:512): avc:  denied  { execute } for  pid=9654 comm="syz.0.1330" path="/398/file0/file1" dev="9p" ino=36047777 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  130.084522][ T9657] unknown channel width for channel at 909000KHz?
[  130.089848][ T9657] netlink: 1932 bytes leftover after parsing attributes in process `syz.2.1331'.
[  130.099073][ T9657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1331'.
[  130.371566][ T9687] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1343'.
[  130.381302][ T9687] 1·: renamed from 
70· (while UP)
[  130.389376][ T9687] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  130.680812][ T9718] netlink: 'syz.1.1348': attribute type 30 has an invalid length.
[  130.694453][ T9715] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  130.738720][ T9728] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1355'.
[  130.738782][ T9728] 0·: renamed from 
71· (while UP)
[  130.742832][ T9728] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  130.746863][ T9724] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  130.969914][   T34] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  131.180938][ T9748] netlink: 'syz.0.1360': attribute type 30 has an invalid length.
[  131.183354][ T9748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1360'.
[  131.208242][ T9759] FAULT_INJECTION: forcing a failure.
[  131.208242][ T9759] name failslab, interval 1, probability 0, space 0, times 0
[  131.212186][ T9759] CPU: 0 UID: 0 PID: 9759 Comm: syz.2.1365 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  131.212202][ T9759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.212209][ T9759] Call Trace:
[  131.212213][ T9759]  <TASK>
[  131.212217][ T9759]  dump_stack_lvl+0x16c/0x1f0
[  131.212248][ T9759]  should_fail_ex+0x512/0x640
[  131.212268][ T9759]  ? fs_reclaim_acquire+0xae/0x150
[  131.212286][ T9759]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  131.212303][ T9759]  should_failslab+0xc2/0x120
[  131.212318][ T9759]  __kmalloc_noprof+0xd2/0x510
[  131.212334][ T9759]  tomoyo_realpath_from_path+0xc2/0x6e0
[  131.212352][ T9759]  ? tomoyo_profile+0x47/0x60
[  131.212364][ T9759]  tomoyo_path_number_perm+0x245/0x580
[  131.212378][ T9759]  ? tomoyo_path_number_perm+0x237/0x580
[  131.212393][ T9759]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.212409][ T9759]  ? find_held_lock+0x2b/0x80
[  131.212433][ T9759]  ? find_held_lock+0x2b/0x80
[  131.212443][ T9759]  ? hook_file_ioctl_common+0x145/0x410
[  131.212458][ T9759]  ? __fget_files+0x20e/0x3c0
[  131.212473][ T9759]  security_file_ioctl+0x9b/0x240
[  131.212491][ T9759]  __x64_sys_ioctl+0xb7/0x210
[  131.212513][ T9759]  do_syscall_64+0xcd/0x4c0
[  131.212536][ T9759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.212558][ T9759] RIP: 0033:0x7f045298e969
[  131.212572][ T9759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.212588][ T9759] RSP: 002b:00007f0453830038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.212604][ T9759] RAX: ffffffffffffffda RBX: 00007f0452bb5fa0 RCX: 00007f045298e969
[  131.212615][ T9759] RDX: 0000200000000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  131.212625][ T9759] RBP: 00007f0453830090 R08: 0000000000000000 R09: 0000000000000000
[  131.212635][ T9759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.212646][ T9759] R13: 0000000000000000 R14: 00007f0452bb5fa0 R15: 00007ffd14a08c98
[  131.212665][ T9759]  </TASK>
[  131.212670][ T9759] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.318218][   T40] audit: type=1400 audit(1748785385.127:513): avc:  denied  { setopt } for  pid=9760 comm="syz.2.1367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  131.414277][   T40] audit: type=1400 audit(1748785385.237:514): avc:  denied  { write } for  pid=9768 comm="syz.0.1370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  131.429001][ T5972] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  131.643314][   T40] audit: type=1400 audit(1748785385.467:515): avc:  denied  { append } for  pid=9786 comm="syz.3.1377" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  131.648043][ T9787] program syz.3.1377 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  131.672467][ T9792] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1378'.
[  131.693141][ T9787] program syz.3.1377 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  131.724305][ T9794] overlayfs: workdir and upperdir must reside under the same mount
[  131.777135][ T9796] futex_wake_op: syz.2.1382 tries to shift op by -1; fix this program
[  131.778167][   T40] audit: type=1400 audit(1748785385.597:516): avc:  denied  { watch watch_reads } for  pid=9797 comm="syz.0.1380" path="pipe:[36612]" dev="pipefs" ino=36612 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  131.781245][ T9796] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1382'.
[  132.025568][ T9819] netlink: 'syz.1.1388': attribute type 4 has an invalid length.
[  132.234054][ T9833] overlayfs: workdir and upperdir must reside under the same mount
[  132.400593][ T9837] netlink: 'syz.3.1394': attribute type 5 has an invalid length.
[  132.403014][ T9837] netlink: 'syz.3.1394': attribute type 2 has an invalid length.
[  132.405425][ T9837] netlink: 'syz.3.1394': attribute type 7 has an invalid length.
[  132.473668][ T9837] : entered promiscuous mode
[  132.479208][ T5972] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  132.582719][ T9841] nbd: illegal input index -16777216
[  132.810698][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  132.908365][ T9858] futex_wake_op: syz.0.1404 tries to shift op by -1; fix this program
[  133.074032][ T9865] overlayfs: workdir and upperdir must reside under the same mount
[  133.186665][ T9873] 1·: renamed from 
70· (while UP)
[  133.190988][ T9873] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  133.221297][   T40] audit: type=1400 audit(1748785387.047:517): avc:  denied  { ioctl } for  pid=9874 comm="syz.1.1411" path="socket:[38572]" dev="sockfs" ino=38572 ioctlcmd=0xb101 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  133.221892][ T9875] netlink: 'syz.1.1411': attribute type 11 has an invalid length.
[  133.280989][ T9884] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  133.285334][   T40] audit: type=1400 audit(1748785387.107:518): avc:  denied  { accept } for  pid=9883 comm="syz.1.1414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  133.336233][ T9888] usb usb8: usbfs: process 9888 (syz.2.1416) did not claim interface 0 before use
[  133.398435][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  133.493853][ T9896] FAULT_INJECTION: forcing a failure.
[  133.493853][ T9896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.499264][ T9896] CPU: 3 UID: 0 PID: 9896 Comm: syz.2.1419 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  133.499288][ T9896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.499298][ T9896] Call Trace:
[  133.499304][ T9896]  <TASK>
[  133.499310][ T9896]  dump_stack_lvl+0x16c/0x1f0
[  133.499337][ T9896]  should_fail_ex+0x512/0x640
[  133.499364][ T9896]  _copy_from_user+0x2e/0xd0
[  133.499390][ T9896]  userfaultfd_ioctl+0x200f/0x38e0
[  133.499422][ T9896]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  133.499445][ T9896]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  133.499470][ T9896]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  133.499504][ T9896]  ? hook_file_ioctl_common+0x145/0x410
[  133.499527][ T9896]  ? selinux_file_ioctl+0x180/0x270
[  133.499549][ T9896]  ? selinux_file_ioctl+0xb4/0x270
[  133.499572][ T9896]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  133.499601][ T9896]  ? __x64_sys_ioctl+0x18b/0x210
[  133.499627][ T9896]  __x64_sys_ioctl+0x18b/0x210
[  133.499655][ T9896]  do_syscall_64+0xcd/0x4c0
[  133.499679][ T9896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.499696][ T9896] RIP: 0033:0x7f045298e969
[  133.499710][ T9896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.499725][ T9896] RSP: 002b:00007f0453830038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  133.499743][ T9896] RAX: ffffffffffffffda RBX: 00007f0452bb5fa0 RCX: 00007f045298e969
[  133.499754][ T9896] RDX: 0000200000000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  133.499770][ T9896] RBP: 00007f0453830090 R08: 0000000000000000 R09: 0000000000000000
[  133.499779][ T9896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.499789][ T9896] R13: 0000000000000000 R14: 00007f0452bb5fa0 R15: 00007ffd14a08c98
[  133.499814][ T9896]  </TASK>
[  133.531594][ T9900] overlayfs: workdir and upperdir must reside under the same mount
[  133.615874][ T5934] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  133.620092][   T40] audit: type=1400 audit(1748785387.457:519): avc:  denied  { append } for  pid=9903 comm="syz.0.1423" name="ocfs2_control" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.629770][ T5934] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  133.919421][ T9926] FAULT_INJECTION: forcing a failure.
[  133.919421][ T9926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.925743][ T9926] CPU: 2 UID: 0 PID: 9926 Comm: syz.0.1432 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  133.925759][ T9926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.925766][ T9926] Call Trace:
[  133.925770][ T9926]  <TASK>
[  133.925775][ T9926]  dump_stack_lvl+0x16c/0x1f0
[  133.925793][ T9926]  should_fail_ex+0x512/0x640
[  133.925812][ T9926]  _copy_from_user+0x2e/0xd0
[  133.925831][ T9926]  userfaultfd_ioctl+0x200f/0x38e0
[  133.925852][ T9926]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  133.925869][ T9926]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  133.925887][ T9926]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  133.925910][ T9926]  ? hook_file_ioctl_common+0x145/0x410
[  133.925926][ T9926]  ? selinux_file_ioctl+0x180/0x270
[  133.925942][ T9926]  ? selinux_file_ioctl+0xb4/0x270
[  133.925958][ T9926]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  133.925977][ T9926]  ? __x64_sys_ioctl+0x18b/0x210
[  133.925994][ T9926]  __x64_sys_ioctl+0x18b/0x210
[  133.926013][ T9926]  do_syscall_64+0xcd/0x4c0
[  133.926029][ T9926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.926041][ T9926] RIP: 0033:0x7fe653b8e969
[  133.926049][ T9926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.926060][ T9926] RSP: 002b:00007fe6519f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  133.926071][ T9926] RAX: ffffffffffffffda RBX: 00007fe653db5fa0 RCX: 00007fe653b8e969
[  133.926078][ T9926] RDX: 0000200000000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  133.926084][ T9926] RBP: 00007fe6519f6090 R08: 0000000000000000 R09: 0000000000000000
[  133.926090][ T9926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.926096][ T9926] R13: 0000000000000000 R14: 00007fe653db5fa0 R15: 00007ffec36e99c8
[  133.926110][ T9926]  </TASK>
[  133.932993][ T9928] overlayfs: workdir and upperdir must reside under the same mount
[  134.244688][ T9948] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  134.254622][   T40] audit: type=1400 audit(1748785388.077:520): avc:  denied  { mounton } for  pid=9947 comm="syz.2.1441" path="/337/file0/file0" dev="9p" ino=36047774 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  134.395401][ T9953] FAULT_INJECTION: forcing a failure.
[  134.395401][ T9953] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.401919][ T9953] CPU: 2 UID: 0 PID: 9953 Comm: syz.2.1443 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  134.401938][ T9953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.401944][ T9953] Call Trace:
[  134.401949][ T9953]  <TASK>
[  134.401953][ T9953]  dump_stack_lvl+0x16c/0x1f0
[  134.401972][ T9953]  should_fail_ex+0x512/0x640
[  134.401991][ T9953]  _copy_from_user+0x2e/0xd0
[  134.402009][ T9953]  kstrtouint_from_user+0xd6/0x1d0
[  134.402022][ T9953]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  134.402036][ T9953]  ? __lock_acquire+0xb8a/0x1c90
[  134.402058][ T9953]  proc_fail_nth_write+0x83/0x250
[  134.402071][ T9953]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  134.402087][ T9953]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  134.402099][ T9953]  vfs_write+0x29d/0x1150
[  134.402113][ T9953]  ? __pfx___mutex_lock+0x10/0x10
[  134.402128][ T9953]  ? __pfx_vfs_write+0x10/0x10
[  134.402144][ T9953]  ? __fget_files+0x20e/0x3c0
[  134.402162][ T9953]  ksys_write+0x12a/0x250
[  134.402173][ T9953]  ? __pfx_ksys_write+0x10/0x10
[  134.402185][ T9953]  ? fput+0x70/0xf0
[  134.402202][ T9953]  do_syscall_64+0xcd/0x4c0
[  134.402218][ T9953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.402230][ T9953] RIP: 0033:0x7f045298d41f
[  134.402239][ T9953] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  134.402250][ T9953] RSP: 002b:00007f0453830030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  134.402260][ T9953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f045298d41f
[  134.402268][ T9953] RDX: 0000000000000001 RSI: 00007f04538300a0 RDI: 0000000000000004
[  134.402274][ T9953] RBP: 00007f0453830090 R08: 0000000000000000 R09: 0000000000000000
[  134.402280][ T9953] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  134.402286][ T9953] R13: 0000000000000000 R14: 00007f0452bb5fa0 R15: 00007ffd14a08c98
[  134.402300][ T9953]  </TASK>
[  134.473079][ T5972] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  134.477964][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  134.599949][ T5972] usb 6-1: device descriptor read/64, error -71
[  134.713855][   T40] audit: type=1400 audit(1748785388.537:521): avc:  denied  { bind } for  pid=9968 comm="syz.0.1450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  134.764179][ T9973] __nla_validate_parse: 9 callbacks suppressed
[  134.764190][ T9973] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1452'.
[  134.848864][ T5972] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  134.988267][ T5972] usb 6-1: device descriptor read/64, error -71
[  135.002081][ T9987] overlayfs: workdir and upperdir must reside under the same mount
[  135.030792][ T9989] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1458'.
[  135.097600][   T40] audit: type=1400 audit(1748785388.917:522): avc:  denied  { nlmsg_read } for  pid=9994 comm="syz.0.1461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  135.098146][ T5972] usb usb6-port1: attempt power cycle
[  135.124207][ T9997] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  135.126751][ T9997] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  135.130124][ T9997] vhci_hcd vhci_hcd.0: Device attached
[  135.133422][ T9997] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1460'.
[  135.136248][ T9997] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  135.138917][ T9997] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  135.368138][ T5979] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  135.448036][ T5972] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  135.468589][ T5972] usb 6-1: device descriptor read/8, error -71
[  135.546139][   T40] audit: type=1400 audit(1748785389.367:523): avc:  denied  { read } for  pid=10011 comm="syz.3.1466" name="file1" dev="9p" ino=36047777 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.554024][   T40] audit: type=1400 audit(1748785389.367:524): avc:  denied  { open } for  pid=10011 comm="syz.3.1466" path="/322/file0/file1" dev="9p" ino=36047777 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.708006][ T5972] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  135.728452][ T5972] usb 6-1: device descriptor read/8, error -71
[  135.838166][ T5972] usb usb6-port1: unable to enumerate USB device
[  135.884403][T10022] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1471'.
[  135.901672][ T9998] vhci_hcd: connection reset by peer
[  135.904377][ T1144] vhci_hcd: stop threads
[  135.905760][ T1144] vhci_hcd: release socket
[  135.909182][ T1144] vhci_hcd: disconnect device
[  135.923889][   T40] audit: type=1400 audit(1748785389.747:525): avc:  denied  { read write } for  pid=10023 comm="syz.0.1472" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  135.933173][   T40] audit: type=1400 audit(1748785389.747:526): avc:  denied  { open } for  pid=10023 comm="syz.0.1472" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  136.158807][ T6545] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  136.165392][ T1145] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.292917][ T1145] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.320977][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  136.324219][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  136.327380][ T5946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  136.331503][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  136.333977][ T5946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  136.341189][ T1145] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.408751][ T1145] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.432539][T10043] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1478'.
[  136.436909][T10043] 0·: renamed from 
71· (while UP)
[  136.440325][T10043] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  136.456246][T10046] sp0: Synchronizing with TNC
[  136.460776][T10035] chnl_net:caif_netlink_parms(): no params data found
[  136.567496][T10035] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.571883][T10035] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.574228][T10035] bridge_slave_0: entered allmulticast mode
[  136.577172][T10035] bridge_slave_0: entered promiscuous mode
[  136.586301][T10035] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.589323][T10035] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.592163][T10035] bridge_slave_1: entered allmulticast mode
[  136.597616][T10035] bridge_slave_1: entered promiscuous mode
[  136.651181][T10035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.660953][T10035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.678360][ T1145] bridge_slave_1: left allmulticast mode
[  136.680281][ T1145] bridge_slave_1: left promiscuous mode
[  136.682976][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.690327][ T1145] bridge_slave_0: left allmulticast mode
[  136.692026][ T1145] bridge_slave_0: left promiscuous mode
[  136.694141][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.959707][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.965870][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.970931][ T1145] bond0 (unregistering): (slave team0): Releasing backup interface
[  136.975071][ T1145] bond0 (unregistering): Released all slaves
[  136.982530][ T1145] bond1 (unregistering): Released all slaves
[  137.027497][T10035] team0: Port device team_slave_0 added
[  137.034250][T10035] team0: Port device team_slave_1 added
[  137.068930][ T1145] : left promiscuous mode
[  137.087759][T10035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.091005][T10035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.100600][T10035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.105484][T10035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.108179][T10035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.117164][T10035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.164622][T10065] xt_ecn: cannot match TCP bits for non-tcp packets
[  137.193469][T10035] hsr_slave_0: entered promiscuous mode
[  137.195682][T10035] hsr_slave_1: entered promiscuous mode
[  137.251022][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  137.257002][T10072] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1486'.
[  137.322410][T10082] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1489'.
[  137.377324][T10082] 1·: renamed from 
70· (while UP)
[  137.385018][T10082] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  137.477136][T10098] hfsplus: unable to find HFS+ superblock
[  137.549428][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  137.585226][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.587616][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  137.592280][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  137.594685][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  137.616900][ T1145] veth1_macvtap: left promiscuous mode
[  137.619071][ T1145] veth0_macvtap: left promiscuous mode
[  137.620875][ T1145] veth1_vlan: left promiscuous mode
[  137.622690][ T1145] veth0_vlan: left promiscuous mode
[  137.680225][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  137.682335][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  137.933630][T10116] overlayfs: conflicting options: userxattr,redirect_dir=on
[  137.968041][ T5972] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  138.137870][ T5972] usb 5-1: Invalid ep0 maxpacket: 16
[  138.151977][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  138.215722][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  138.277936][ T5972] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[  138.398576][ T5946] Bluetooth: hci3: command tx timeout
[  138.429557][ T5972] usb 5-1: Invalid ep0 maxpacket: 16
[  138.431504][ T5972] usb usb5-port1: attempt power cycle
[  138.673547][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  138.673564][   T40] audit: type=1400 audit(1748785392.497:530): avc:  denied  { relabelfrom } for  pid=10100 comm="syz.2.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  138.683962][   T40] audit: type=1400 audit(1748785392.497:531): avc:  denied  { relabelto } for  pid=10100 comm="syz.2.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  138.695581][T10109] netlink: 'syz.2.1495': attribute type 4 has an invalid length.
[  138.762281][T10035] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  138.768779][T10035] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  138.775326][T10035] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  138.782884][T10035] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  138.789269][ T5972] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  138.803947][T10128] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1502'.
[  138.808730][T10128] 1·: renamed from 
70· (while UP)
[  138.814352][T10128] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  138.814443][ T5972] usb 5-1: Invalid ep0 maxpacket: 16
[  138.874773][T10035] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.889252][T10035] 8021q: adding VLAN 0 to HW filter on device team0
[  138.894534][ T1180] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.896725][ T1180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.903652][ T5992] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  138.922959][ T1180] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.925204][ T1180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.968045][ T5972] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[  138.979291][T10139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1506'.
[  139.010065][ T5972] usb 5-1: Invalid ep0 maxpacket: 16
[  139.011984][ T5972] usb usb5-port1: unable to enumerate USB device
[  139.016235][T10146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1507'.
[  139.026950][T10151] overlayfs: workdir and upperdir must reside under the same mount
[  139.072134][T10035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.268296][ T5972] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  139.287663][T10035] veth0_vlan: entered promiscuous mode
[  139.296351][T10035] veth1_vlan: entered promiscuous mode
[  139.330195][T10035] veth0_macvtap: entered promiscuous mode
[  139.335759][T10035] veth1_macvtap: entered promiscuous mode
[  139.348630][T10035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.356732][T10035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.361795][T10035] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.364681][T10035] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.367374][T10035] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.370057][T10035] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.389286][   T40] audit: type=1400 audit(1748785393.217:532): avc:  denied  { append } for  pid=10174 comm="syz.2.1511" name="file0" dev="9p" ino=36047774 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  139.415147][ T1180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.417709][ T1180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.436281][ T1180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.438766][ T1180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.451063][   T40] audit: type=1400 audit(1748785393.277:533): avc:  denied  { mounton } for  pid=10035 comm="syz-executor" path="/syzkaller.SzVeaQ/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  139.465144][   T40] audit: type=1400 audit(1748785393.297:534): avc:  denied  { mounton } for  pid=10035 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  139.715864][T10190] vivid-000: =================  START STATUS  =================
[  139.720871][T10190] vivid-000: Test Pattern: 75% Colorbar
[  139.723683][T10190] vivid-000: Fill Percentage of Frame: 100
[  139.725805][T10190] vivid-000: Horizontal Movement: No Movement
[  139.730859][T10190] vivid-000: Vertical Movement: No Movement
[  139.733298][T10190] vivid-000: OSD Text Mode: All
[  139.735277][T10190] vivid-000: Show Border: false
[  139.737272][T10190] vivid-000: Show Square: false
[  139.741480][T10190] vivid-000: Sensor Flipped Horizontally: false
[  139.743717][T10190] vivid-000: Sensor Flipped Vertically: false
[  139.745593][T10190] vivid-000: Insert SAV Code in Image: false
[  139.747709][T10190] vivid-000: Insert EAV Code in Image: false
[  139.750246][T10190] vivid-000: Insert Video Guard Band: false
[  139.752406][T10190] vivid-000: Reduced Framerate: false
[  139.754532][T10190] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  139.757212][T10190] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  139.760857][T10190] vivid-000: Enable Capture Cropping: true grabbed
[  139.763431][T10190] vivid-000: Enable Capture Composing: true grabbed
[  139.765807][T10190] vivid-000: Enable Capture Scaler: true grabbed
[  139.768573][T10190] vivid-000: Timestamp Source: End of Frame
[  139.771026][T10190] vivid-000: Colorspace: Rec. 709
[  139.772990][T10190] vivid-000: Transfer Function: Default
[  139.775143][T10190] vivid-000: Y'CbCr Encoding: Default
[  139.777091][T10190] vivid-000: HSV Encoding: Hue 0-179
[  139.779350][T10190] vivid-000: Quantization: Full Range
[  139.781227][T10190] vivid-000: Apply Alpha To Red Only: false
[  139.783659][T10190] vivid-000: Standard Aspect Ratio: 4x3
[  139.785930][T10190] vivid-000: DV Timings Signal Mode: Current DV Timings
[  139.790649][T10190] vivid-000: DV Timings: 640x480p59 inactive
[  139.793157][T10190] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  139.795834][T10190] vivid-000: Maximum EDID Blocks: 2
[  139.797666][T10190] vivid-000: Limited RGB Range (16-235): true
[  139.800912][T10190] vivid-000: Rx RGB Quantization Range: Automatic
[  139.803499][T10190] vivid-000: Power Present: 0x00000001
[  139.805273][T10190] tpg source WxH: 1280x720 (Y'CbCr)
[  139.806915][T10190] tpg field: 1
[  139.808529][T10190] tpg crop: (0,0)/1280x720
[  139.810138][T10190] tpg compose: (0,0)/1280x720
[  139.811642][T10190] tpg colorspace: 3
[  139.812839][T10190] tpg transfer function: 0/1
[  139.814349][T10190] tpg Y'CbCr encoding: 0/2
[  139.815985][T10190] tpg quantization: 1/1
[  139.817268][T10190] tpg RGB range: 0/1
[  139.820093][T10190] vivid-000: ==================  END STATUS  ==================
[  139.894667][T10214] netlink: 'syz.4.1517': attribute type 4 has an invalid length.
[  140.013940][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1521'.
[  140.215238][   T40] audit: type=1400 audit(1748785394.037:535): avc:  denied  { read append } for  pid=10237 comm="syz.4.1522" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.217073][T10238] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10238 comm=syz.4.1522
[  140.223875][   T40] audit: type=1400 audit(1748785394.037:536): avc:  denied  { open } for  pid=10237 comm="syz.4.1522" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.477992][ T5946] Bluetooth: hci3: command tx timeout
[  140.488628][ T5979] vhci_hcd: vhci_device speed not set
[  140.598418][    T9] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  140.680788][T10260] netlink: 'syz.1.1529': attribute type 4 has an invalid length.
[  140.711079][T10264] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1530'.
[  140.760893][T10273] overlayfs: workdir and upperdir must reside under the same mount
[  140.790049][   T40] audit: type=1326 audit(1748785394.617:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10275 comm="syz.0.1536" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe653b8e969 code=0x0
[  140.874045][T10294] netlink: 'syz.4.1540': attribute type 4 has an invalid length.
[  140.878434][T10295] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1541'.
[  140.928098][    T9] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  140.937210][T10306] overlayfs: workdir and upperdir must reside under the same mount
[  140.938780][T10303] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1544'.
[  141.061358][   T40] audit: type=1400 audit(1748785394.887:538): avc:  denied  { ioctl } for  pid=10320 comm="syz.0.1549" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  141.123921][ T5946] Bluetooth: hci1: unexpected Set CIG Parameters response data
[  141.124041][T10328] netlink: 'syz.0.1551': attribute type 2 has an invalid length.
[  141.131138][ T5946] Bluetooth: hci1: unexpected event for opcode 0x2062
[  141.159212][   T40] audit: type=1400 audit(1748785394.987:539): avc:  denied  { read } for  pid=10296 comm="syz.2.1542" path="socket:[40941]" dev="sockfs" ino=40941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  141.188117][T10333] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1552'.
[  141.520673][T10352] netlink: 'syz.4.1556': attribute type 4 has an invalid length.
[  141.657974][T10358] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1559'.
[  141.694477][T10355] Bluetooth: MGMT ver 1.23
[  141.767137][T10369] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1564'.
[  141.781718][T10369] 0·: renamed from 
71· (while UP)
[  141.785083][T10369] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  141.925461][T10382] overlayfs: workdir and upperdir must reside under the same mount
[  141.945439][T10377] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1563'.
[  142.130328][T10402] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1574'.
[  142.180374][T10406] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1575'.
[  142.190152][T10406] 0·: renamed from hsr0 (while UP)
[  142.195877][T10406] 0·: failed to rename
[  142.197226][T10406] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  142.863556][T10445] netlink: 'syz.2.1589': attribute type 4 has an invalid length.
[  143.195847][T10457] usb usb8: usbfs: process 10457 (syz.1.1595) did not claim interface 0 before use
[  143.310695][T10467] ALSA: seq fatal error: cannot create timer (-16)
[  143.450382][ T1180] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.537105][ T1180] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.555068][T10471] 9pnet_virtio: no channels available for device syz
[  143.618851][ T1180] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.658427][ T5934] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  143.665530][ T5934] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  143.669286][ T5934] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  143.672942][ T5934] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  143.676423][ T5934] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  143.685207][ T1180] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.770226][ T5934] Bluetooth: hci3: command tx timeout
[  143.796202][T10476] chnl_net:caif_netlink_parms(): no params data found
[  143.810797][T10484] netlink: 'syz.0.1605': attribute type 10 has an invalid length.
[  143.821404][T10484] veth0_vlan: left promiscuous mode
[  143.826021][T10484] veth0_vlan: entered promiscuous mode
[  143.833991][T10484] team0: Device veth0_vlan failed to register rx_handler
[  143.899277][T10490] netlink: 'syz.0.1608': attribute type 4 has an invalid length.
[  143.924735][ T1180] bridge_slave_1: left allmulticast mode
[  143.926534][ T1180] bridge_slave_1: left promiscuous mode
[  143.928672][ T1180] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.933897][ T1180] bridge_slave_0: left allmulticast mode
[  143.935897][ T1180] bridge_slave_0: left promiscuous mode
[  143.938090][ T1180] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.980767][ T5934] Bluetooth: hci1: unexpected event for opcode 0x1001
[  143.986360][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  143.986371][   T40] audit: type=1400 audit(1748785397.807:545): avc:  denied  { write } for  pid=10501 comm="syz.1.1612" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  144.014325][   T40] audit: type=1400 audit(1748785397.837:546): avc:  denied  { associate } for  pid=10498 comm="syz.0.1611" name="0" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  144.243084][ T1180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.248766][ T1180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.253455][ T1180] bond0 (unregistering): Released all slaves
[  144.263649][ T1180] bond1 (unregistering): Released all slaves
[  144.274630][ T1180] bond2 (unregistering): (slave bond3): Releasing backup interface
[  144.280630][ T1180] bond2 (unregistering): Released all slaves
[  144.346455][ T1180] bond3 (unregistering): Released all slaves
[  144.352737][ T1180] bond4 (unregistering): Released all slaves
[  144.377294][T10499] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (8), value rounded to 0 ms
[  144.487769][T10476] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.490230][T10476] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.492458][T10476] bridge_slave_0: entered allmulticast mode
[  144.495082][T10476] bridge_slave_0: entered promiscuous mode
[  144.504487][T10476] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.507557][T10476] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.510893][T10476] bridge_slave_1: entered allmulticast mode
[  144.514803][T10476] bridge_slave_1: entered promiscuous mode
[  144.550703][T10476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.556321][T10476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.632341][T10476] team0: Port device team_slave_0 added
[  144.672102][T10476] team0: Port device team_slave_1 added
[  144.725393][T10523] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=10523 comm=syz.1.1617
[  144.755133][T10476] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.757428][T10476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.780939][T10476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.785160][T10476] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.787308][T10476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.797196][T10476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  144.824698][ T1180] hsr_slave_0: left promiscuous mode
[  144.826292][T10534] netlink: 'syz.0.1619': attribute type 4 has an invalid length.
[  144.829139][ T1180] hsr_slave_1: left promiscuous mode
[  144.831725][ T1180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  144.834006][ T1180] batman_adv: batadv0: Removing interface: batadv_slave_0
[  144.837034][ T1180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  144.841262][ T1180] batman_adv: batadv0: Removing interface: batadv_slave_1
[  144.870376][ T1180] veth1_macvtap: left promiscuous mode
[  144.872692][ T1180] veth0_macvtap: left promiscuous mode
[  144.875345][ T1180] veth1_vlan: left promiscuous mode
[  144.878103][ T1180] veth0_vlan: left promiscuous mode
[  145.585218][ T1180] team0 (unregistering): Port device team_slave_1 removed
[  145.650013][ T1180] team0 (unregistering): Port device team_slave_0 removed
[  145.758009][ T5934] Bluetooth: hci2: command tx timeout
[  146.113387][T10536] __nla_validate_parse: 6 callbacks suppressed
[  146.113399][T10536] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1620'.
[  146.159095][T10542] ./bus: Can't lookup blockdev
[  146.160097][   T40] audit: type=1400 audit(1748785399.987:547): avc:  denied  { mounton } for  pid=10541 comm="syz.0.1621" path="/482/bus" dev="tmpfs" ino=2652 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  146.222961][T10476] hsr_slave_0: entered promiscuous mode
[  146.226009][T10476] hsr_slave_1: entered promiscuous mode
[  146.229282][T10476] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  146.232373][T10476] Cannot create hsr debugfs directory
[  146.361044][T10553] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1626'.
[  146.422459][T10476] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  146.430133][T10476] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  146.437618][T10476] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  146.448152][T10476] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  146.517669][T10569] netlink: 'syz.4.1629': attribute type 4 has an invalid length.
[  146.525695][T10476] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.540149][T10575] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  146.563307][T10476] 8021q: adding VLAN 0 to HW filter on device team0
[  146.571985][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.574457][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.654393][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.657423][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.864803][T10598] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1635'.
[  146.915023][T10602] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1636'.
[  146.969228][   T40] audit: type=1400 audit(1748785400.787:548): avc:  denied  { setopt } for  pid=10605 comm="syz.4.1637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  146.976018][   T40] audit: type=1400 audit(1748785400.787:549): avc:  denied  { bind } for  pid=10605 comm="syz.4.1637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  147.040696][T10617] netlink: 'syz.0.1639': attribute type 4 has an invalid length.
[  147.076573][T10476] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.230437][ T5979] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  147.307484][T10476] veth0_vlan: entered promiscuous mode
[  147.315815][T10476] veth1_vlan: entered promiscuous mode
[  147.339990][T10476] veth0_macvtap: entered promiscuous mode
[  147.347042][T10476] veth1_macvtap: entered promiscuous mode
[  147.364855][T10476] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.378034][T10476] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.410618][ T5979] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  147.412393][T10476] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.415335][ T5979] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  147.422798][ T5979] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  147.426778][ T5979] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.428259][T10476] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.433803][T10476] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.437247][T10476] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.438742][T10606] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  147.455962][ T5979] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  147.538173][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.541228][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.588801][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.591278][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.674875][ T5979] usb 9-1: USB disconnect, device number 2
[  147.838241][ T5934] Bluetooth: hci2: command tx timeout
[  147.891691][T10662] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1644'.
[  148.027406][T10676] xt_hashlimit: size too large, truncated to 1048576
[  148.095970][T10681] overlayfs: failed to resolve './file0': -2
[  148.334610][T10710] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1653'.
[  148.382121][T10712] ./cgroup: Can't lookup blockdev
[  148.416448][T10714] FAT-fs (nullb0): bogus number of reserved sectors
[  148.419394][T10714] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  148.452147][T10720] usb usb8: usbfs: process 10720 (syz.0.1656) did not claim interface 0 before use
[  148.498661][T10725] netlink: 'syz.0.1658': attribute type 4 has an invalid length.
[  148.662616][   T40] audit: type=1400 audit(1748785402.487:550): avc:  denied  { ioctl } for  pid=10737 comm="syz.0.1664" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  148.820061][   T40] audit: type=1400 audit(1748785402.647:551): avc:  denied  { write } for  pid=10756 comm="syz.0.1667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  148.882720][T10762] usb usb8: usbfs: process 10762 (syz.4.1669) did not claim interface 0 before use
[  148.888955][ T5934] Bluetooth: hci0: unexpected event for opcode 0x0405
[  149.160386][   T40] audit: type=1400 audit(1748785402.987:552): avc:  denied  { read } for  pid=10787 comm="syz.0.1676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  149.174578][   T40] audit: type=1400 audit(1748785402.987:553): avc:  denied  { setopt } for  pid=10787 comm="syz.0.1676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  149.185313][   T40] audit: type=1400 audit(1748785403.007:554): avc:  denied  { accept } for  pid=10787 comm="syz.0.1676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  149.185804][T10795] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1677'.
[  149.229218][T10798] usb usb8: usbfs: process 10798 (syz.4.1678) did not claim interface 0 before use
[  149.281308][   T40] audit: type=1400 audit(1748785403.097:555): avc:  denied  { mount } for  pid=10800 comm="syz.0.1679" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  149.286033][   T40] audit: type=1400 audit(1748785403.107:556): avc:  denied  { search } for  pid=10800 comm="syz.0.1679" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1
[  149.363001][T10812] netlink: 'syz.5.1682': attribute type 4 has an invalid length.
[  149.393224][   T40] audit: type=1400 audit(1748785403.217:557): avc:  denied  { unmount } for  pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  149.469723][   T40] audit: type=1400 audit(1748785403.297:558): avc:  denied  { setopt } for  pid=10815 comm="syz.1.1683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  149.476962][T10823] tmpfs: Bad value for 'mpol'
[  149.482587][T10823] netlink: 'syz.1.1683': attribute type 10 has an invalid length.
[  149.491808][T10823] hsr_slave_0: left promiscuous mode
[  149.494559][T10823] hsr_slave_1: left promiscuous mode
[  149.575339][T10832] usb usb8: usbfs: process 10832 (syz.4.1689) did not claim interface 0 before use
[  149.613314][T10837] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1691'.
[  149.655311][   T40] audit: type=1400 audit(1748785403.477:559): avc:  denied  { write } for  pid=10842 comm="syz.4.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  149.746048][   T40] audit: type=1400 audit(1748785403.567:560): avc:  denied  { write } for  pid=10842 comm="syz.4.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  149.784660][T10852] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10852 comm=syz.5.1697
[  149.788859][T10852] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1697'.
[  149.791863][T10852] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1697'.
[  149.800087][T10852] macsec1: entered promiscuous mode
[  149.856720][T10865] usb usb8: usbfs: process 10865 (syz.1.1701) did not claim interface 0 before use
[  149.888074][ T5972] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  150.010720][   T40] audit: type=1400 audit(1748785403.837:561): avc:  denied  { map } for  pid=10874 comm="syz.1.1705" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  150.037943][ T5972] usb 5-1: Using ep0 maxpacket: 8
[  150.041284][ T5972] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  150.044003][ T5972] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  150.047090][ T5972] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  150.051745][ T5972] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  150.055893][ T5972] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  150.060454][ T5972] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  150.063618][ T5972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.111654][T10887] sp0: Synchronizing with TNC
[  150.114532][T10886] [U] è
[  150.274634][ T5972] usb 5-1: usb_control_msg returned -32
[  150.276479][ T5972] usbtmc 5-1:16.0: can't read capabilities
[  150.305616][T10890] usb usb8: usbfs: process 10890 (syz.5.1711) did not claim interface 0 before use
[  150.355762][T10892] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  150.362438][T10892] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  150.769802][T10901] ip6tnl1: entered promiscuous mode
[  150.771578][T10901] ip6tnl1: entered allmulticast mode
[  150.774874][T10901] team0: Device ip6tnl1 is of different type
[  151.250642][ T5973] usb 5-1: USB disconnect, device number 15
[  151.631872][T10941] netlink: 'syz.1.1723': attribute type 4 has an invalid length.
[  151.728114][T10949] __nla_validate_parse: 3 callbacks suppressed
[  151.728126][T10949] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1725'.
[  151.734251][T10949] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1725'.
[  151.912151][T10972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1730'.
[  152.003565][T10979] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1732'.
[  152.034268][T10982] usb usb8: usbfs: process 10982 (syz.0.1733) did not claim interface 0 before use
[  152.366245][T11002] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  152.477991][ T5934] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  152.579368][T11018] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1742'.
[  152.636175][T11027] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1740'.
[  152.692394][T11030] netlink: 'syz.4.1746': attribute type 11 has an invalid length.
[  152.695435][T11030] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1746'.
[  152.723018][T11024] netlink: 'syz.5.1744': attribute type 10 has an invalid length.
[  152.725842][T11024] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.728747][T11024] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.736008][T11024] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.738302][T11024] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.740711][T11024] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.741732][T11033] usb usb8: usbfs: process 11033 (syz.4.1747) did not claim interface 0 before use
[  152.742932][T11024] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.752397][T11024] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  152.757112][T11024] bridge_slave_1: left allmulticast mode
[  152.759497][T11024] bridge_slave_1: left promiscuous mode
[  152.761115][T11036] netlink: 'syz.0.1748': attribute type 4 has an invalid length.
[  152.762072][T11024] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.771373][T11024] bridge_slave_0: left allmulticast mode
[  152.773154][T11024] bridge_slave_0: left promiscuous mode
[  152.775018][T11024] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.786001][T11024] bond0: (slave bridge0): Releasing backup interface
[  152.906646][T11048] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1753'.
[  153.023405][T11063] usb usb8: usbfs: process 11063 (syz.0.1758) did not claim interface 0 before use
[  153.120609][T11070] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1761'.
[  153.199883][ T5934] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  153.203489][ T5934] Bluetooth: hci2: Injecting HCI hardware error event
[  153.209100][ T5946] Bluetooth: hci2: hardware error 0x00
[  153.269006][T11080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1763'.
[  153.372088][T11086] 1·: renamed from 
70· (while UP)
[  153.381776][T11086] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  153.444039][T11093] netlink: 'syz.4.1768': attribute type 4 has an invalid length.
[  153.621136][T11106] usb usb8: usbfs: process 11106 (syz.5.1774) did not claim interface 0 before use
[  153.980039][T11132] option changes via remount are deprecated (pid=11131 comm=syz.0.1783)
[  154.007654][T11136] usb usb8: usbfs: process 11136 (syz.1.1784) did not claim interface 0 before use
[  154.180848][T11156] 0·: renamed from hsr0 (while UP)
[  154.183674][T11156] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  154.260254][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  154.260269][   T40] audit: type=1400 audit(1748785408.087:579): avc:  denied  { ioctl } for  pid=11160 comm="syz.5.1794" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x70cd scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  154.459591][T11172] usb usb8: usbfs: process 11172 (syz.0.1797) did not claim interface 0 before use
[  154.658005][ T5992] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  154.730693][T11190] netlink: 'syz.0.1805': attribute type 4 has an invalid length.
[  154.812263][ T5992] usb 9-1: Using ep0 maxpacket: 8
[  154.815988][ T5992] usb 9-1: config index 0 descriptor too short (expected 5924, got 36)
[  154.819768][ T5992] usb 9-1: config 250 has an invalid interface number: 228 but max is -1
[  154.823294][ T5992] usb 9-1: config 250 has 1 interface, different from the descriptor's value: 0
[  154.827055][ T5992] usb 9-1: config 250 has no interface number 0
[  154.830634][ T5992] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  154.834960][ T5992] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  154.838631][ T5992] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  154.841811][ T5992] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  154.846582][ T5992] usb 9-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  154.852696][ T5992] usb 9-1: config 250 interface 228 has no altsetting 0
[  154.856976][ T5992] usb 9-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  154.860434][ T5992] usb 9-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  154.863210][ T5992] usb 9-1: Product: syz
[  154.864958][ T5992] usb 9-1: SerialNumber: syz
[  154.874219][ T5992] hub 9-1:250.228: bad descriptor, ignoring hub
[  154.876820][ T5992] hub 9-1:250.228: probe with driver hub failed with error -5
[  155.012153][   T40] audit: type=1400 audit(1748785408.837:580): avc:  denied  { wake_alarm } for  pid=11213 comm="syz.0.1812" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  155.077074][ T5992] usblp 9-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  155.109331][ T5992] usb 9-1: USB disconnect, device number 3
[  155.123852][ T5992] usblp0: removed
[  155.277960][ T5946] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  155.349699][T11231] 1·: renamed from 
70· (while UP)
[  155.353916][T11231] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  155.401743][T11233] usb usb8: usbfs: process 11233 (syz.0.1818) did not claim interface 0 before use
[  155.587926][ T5992] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  155.660702][T11250] SELinux:  policydb magic number 0x301bff8c does not match expected magic number 0xf97cff8c
[  155.664093][T11250] SELinux: failed to load policy
[  155.753160][ T5992] usb 9-1: Using ep0 maxpacket: 8
[  155.761056][ T5992] usb 9-1: config index 0 descriptor too short (expected 5924, got 36)
[  155.764035][ T5992] usb 9-1: config 250 has an invalid interface number: 228 but max is -1
[  155.767388][ T5992] usb 9-1: config 250 has 1 interface, different from the descriptor's value: 0
[  155.771431][ T5992] usb 9-1: config 250 has no interface number 0
[  155.779583][ T5992] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  155.784223][ T5992] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  155.788513][ T5992] usb 9-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  155.792640][ T5992] usb 9-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  155.796626][ T5992] usb 9-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  155.805710][ T5992] usb 9-1: config 250 interface 228 has no altsetting 0
[  155.812888][ T5992] usb 9-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  155.816621][ T5992] usb 9-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  155.820106][ T5992] usb 9-1: Product: syz
[  155.821818][ T5992] usb 9-1: SerialNumber: syz
[  155.831695][T11254] kvm_pr_unimpl_wrmsr: 555 callbacks suppressed
[  155.831708][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[  155.839733][ T5992] hub 9-1:250.228: bad descriptor, ignoring hub
[  155.842275][ T5992] hub 9-1:250.228: probe with driver hub failed with error -5
[  155.857557][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[  155.882301][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[  155.912565][   T40] audit: type=1400 audit(1748785409.737:581): avc:  denied  { nosuid_transition } for  pid=11262 comm="syz.5.1828" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process2 permissive=1
[  155.914601][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[  155.922797][   T40] audit: type=1400 audit(1748785409.737:582): avc:  denied  { transition } for  pid=11262 comm="syz.5.1828" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  155.948372][   T40] audit: type=1400 audit(1748785409.737:583): avc:  denied  { entrypoint } for  pid=11262 comm="syz.5.1828" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=31 scontext=system_u:object_r:hugetlbfs_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  155.949171][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[  155.949477][T11266] 1·: renamed from 
70· (while UP)
[  155.963239][   T40] audit: type=1400 audit(1748785409.737:584): avc:  denied  { share } for  pid=11262 comm="syz.5.1828" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  155.965527][T11266] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  155.972409][   T40] audit: type=1400 audit(1748785409.737:585): avc:  denied  { noatsecure } for  pid=11262 comm="syz.5.1828" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  155.982226][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[  156.008430][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[  156.029423][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[  156.041732][ T5992] usblp 9-1:250.228: usblp0: USB Bidirectional printer dev 4 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  156.046226][   T40] audit: type=1400 audit(1748785409.867:586): avc:  denied  { ioctl } for  pid=11169 comm="syz.4.1796" path="/dev/ptyqc" dev="devtmpfs" ino=139 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  156.061049][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[  156.068307][ T5992] usb 9-1: USB disconnect, device number 4
[  156.074492][ T5992] usblp0: removed
[  156.088996][T11254] kvm: kvm [11253]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe706111
[  156.379684][T11274] usb usb8: usbfs: process 11274 (syz.5.1832) did not claim interface 0 before use
[  156.494776][T11280] netlink: 'syz.5.1835': attribute type 4 has an invalid length.
[  156.595291][T11284] netlink: 'syz.4.1837': attribute type 2 has an invalid length.
[  156.781860][T11306] vivid-003: disconnect
[  156.874521][   T40] audit: type=1326 audit(1748785410.697:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11312 comm="syz.5.1849" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7331b8e969 code=0x0
[  157.028013][ T6175] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  157.059341][   T40] audit: type=1400 audit(1748785410.887:588): avc:  denied  { mounton } for  pid=11327 comm="syz.0.1856" path="/554/file0" dev="9p" ino=36047773 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  157.059403][T11328] 9pnet_virtio: no channels available for device syz
[  157.073676][T11328] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  157.187949][ T6175] usb 6-1: Using ep0 maxpacket: 8
[  157.191388][ T6175] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  157.194238][ T6175] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  157.197519][ T6175] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  157.201231][ T6175] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.204557][ T6175] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.207131][T11332] __nla_validate_parse: 21 callbacks suppressed
[  157.207143][T11332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1857'.
[  157.209644][ T6175] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  157.227422][ T6175] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.255979][T11335] netlink: 'syz.4.1858': attribute type 4 has an invalid length.
[  157.303910][T11342] sctp: [Deprecated]: syz.5.1861 (pid 11342) Use of struct sctp_assoc_value in delayed_ack socket option.
[  157.303910][T11342] Use struct sctp_sack_info instead
[  157.424840][T11354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1866'.
[  157.445822][ T6175] usb 6-1: usb_control_msg returned -32
[  157.447617][ T6175] usbtmc 6-1:16.0: can't read capabilities
[  157.592802][T11366] netlink: 'syz.5.1871': attribute type 4 has an invalid length.
[  157.708727][T11373] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1874'.
[  157.855400][T11384] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1879'.
[  157.884388][T11387] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1880'.
[  157.887281][T11387] 1·: entered allmulticast mode
[  157.889153][T11387] hsr_slave_0: entered allmulticast mode
[  157.890958][T11387] hsr_slave_1: entered allmulticast mode
[  157.919557][T11390] netlink: 'syz.5.1881': attribute type 4 has an invalid length.
[  158.374417][T11414] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1887'.
[  158.804808][T11434] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1893'.
[  158.839026][T11436] usb usb8: usbfs: process 11436 (syz.4.1894) did not claim interface 0 before use
[  158.872367][T11439] netlink: 'syz.4.1895': attribute type 4 has an invalid length.
[  159.167879][ T5992] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  159.328025][ T5992] usb 9-1: Using ep0 maxpacket: 8
[  159.335573][ T5992] usb 9-1: config 2 interface 0 has no altsetting 0
[  159.339884][ T5992] usb 9-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  159.342720][ T5992] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.348126][ T5992] usb 9-1: Product: syz
[  159.349493][ T5992] usb 9-1: Manufacturer: syz
[  159.350988][ T5992] usb 9-1: SerialNumber: syz
[  159.482753][T11480] netlink: 'syz.0.1906': attribute type 4 has an invalid length.
[  159.576962][ T5992] usb 9-1: USB disconnect, device number 5
[  159.670090][T11501] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1911'.
[  159.837458][T11522] netlink: 'syz.5.1915': attribute type 4 has an invalid length.
[  159.843993][T11524] ipvlan0: entered allmulticast mode
[  159.845707][T11524] veth0_vlan: entered allmulticast mode
[  159.893362][T11530] 9pnet: Could not find request transport: virt
[  159.958872][T11539] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1920'.
[  160.002932][T11545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1919'.
[  160.007280][T11545] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  160.290727][T11578] netlink: 'syz.5.1929': attribute type 48 has an invalid length.
[  160.323572][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  160.323589][   T40] audit: type=1400 audit(1748785414.147:592): avc:  denied  { getopt } for  pid=11580 comm="syz.4.1930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  160.603862][T11602] netlink: 'syz.4.1937': attribute type 4 has an invalid length.
[  160.764881][T11607] bridge: RTM_NEWNEIGH with invalid ether address
[  160.770979][T11607] netlink: 'syz.0.1939': attribute type 7 has an invalid length.
[  160.773519][T11607] netlink: 'syz.0.1939': attribute type 8 has an invalid length.
[  160.781107][T11607] team0: entered promiscuous mode
[  160.783643][T11607] team_slave_0: entered promiscuous mode
[  160.787158][T11607] team_slave_1: entered promiscuous mode
[  160.790553][T11607] bond0: entered promiscuous mode
[  160.792587][T11607] bond_slave_0: entered promiscuous mode
[  160.794849][T11607] bond_slave_1: entered promiscuous mode
[  160.797349][T11607] 0ªX¹¦D: entered promiscuous mode
[  160.800344][T11607] 8021q: adding VLAN 0 to HW filter on device hsr0
[  160.879477][T11616] usb usb8: usbfs: process 11616 (syz.0.1943) did not claim interface 0 before use
[  161.090076][   T40] audit: type=1400 audit(1748785414.917:593): avc:  denied  { write } for  pid=11639 comm="syz.5.1953" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  161.179345][T11653] 1·: entered allmulticast mode
[  161.181130][T11653] hsr_slave_0: entered allmulticast mode
[  161.182884][T11653] hsr_slave_1: entered allmulticast mode
[  161.415049][   T40] audit: type=1400 audit(1748785415.237:594): avc:  denied  { mount } for  pid=11672 comm="syz.0.1961" name="/" dev="autofs" ino=47780 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  161.415551][T11674] trusted_key: encrypted_key: keylen parameter is missing
[  161.490637][   T40] audit: type=1400 audit(1748785415.317:595): avc:  denied  { unmount } for  pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  161.613423][T11711] usb usb8: usbfs: process 11711 (syz.0.1970) did not claim interface 0 before use
[  161.734555][T11725] netlink: 'syz.4.1974': attribute type 7 has an invalid length.
[  161.788621][   T40] audit: type=1400 audit(1748785415.607:596): avc:  denied  { mount } for  pid=11732 comm="syz.5.1978" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  162.291646][T11741] __nla_validate_parse: 13 callbacks suppressed
[  162.291659][T11741] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1981'.
[  162.322949][T11745] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1982'.
[  162.477318][   T40] audit: type=1400 audit(1748785416.297:597): avc:  denied  { getopt } for  pid=11752 comm="syz.5.1985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  162.481268][T11762] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1987'.
[  162.530445][   T40] audit: type=1326 audit(1748785416.357:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11764 comm="syz.5.1988" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7331b8e969 code=0x0
[  162.633564][T11781] netlink: 'syz.0.1991': attribute type 4 has an invalid length.
[  162.649467][T11780] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1992'.
[  162.799312][T11786] netlink: 'syz.0.1994': attribute type 7 has an invalid length.
[  162.801796][T11786] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1994'.
[  163.288468][T11403] usbtmc 6-1:16.0: usb_control_msg returned -110
[  163.306450][ T5979] usb 6-1: USB disconnect, device number 15
[  163.313631][T11403] vivid-003: reconnect
[  163.388730][T11799] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1999'.
[  163.417517][T11806] netlink: 'syz.4.2002': attribute type 4 has an invalid length.
[  163.435025][T11797] netlink: 'syz.0.1998': attribute type 8 has an invalid length.
[  163.437521][T11797] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1998'.
[  163.478392][T11811] vlan2: entered promiscuous mode
[  163.481481][T11811] hsr_slave_1: entered promiscuous mode
[  163.483294][T11811] vlan2: entered allmulticast mode
[  163.707041][T11827] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2010'.
[  163.906528][T11829] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2011'.
[  163.937998][    T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  163.983320][T11833] overlayfs: failed to clone upperpath
[  164.089546][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.092857][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.096033][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  164.101132][    T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  164.103901][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.107569][    T9] usb 6-1: config 0 descriptor??
[  164.199914][T11840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2014'.
[  164.344154][T11848] Bluetooth: hci4: Frame reassembly failed (-90)
[  164.349250][ T1072] Bluetooth: hci4: Frame reassembly failed (-84)
[  164.500103][T11852] program syz.4.2019 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  164.514346][   T40] audit: type=1400 audit(1748785418.337:599): avc:  denied  { mount } for  pid=11851 comm="syz.4.2019" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  164.517723][    T9] plantronics 0003:047F:FFFF.0002: reserved main item tag 0xd
[  164.527865][    T9] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  164.542149][    T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  164.689902][   T40] audit: type=1400 audit(1748785418.517:600): avc:  denied  { unmount } for  pid=10035 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  164.786353][ T5973] usb 6-1: USB disconnect, device number 16
[  164.968926][T11863] ip6_vti0: entered promiscuous mode
[  165.149539][T11883] vxcan2: entered allmulticast mode
[  165.238132][   T40] audit: type=1400 audit(1748785419.067:601): avc:  denied  { read } for  pid=11879 comm="syz.4.2027" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  165.603193][T11905] validate_nla: 3 callbacks suppressed
[  165.603203][T11905] netlink: 'syz.5.2037': attribute type 21 has an invalid length.
[  165.607902][   T40] audit: type=1400 audit(1748785419.427:602): avc:  denied  { audit_read } for  pid=11904 comm="syz.5.2037" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  165.632515][T11907] netlink: 'syz.5.2038': attribute type 4 has an invalid length.
[  165.670253][T11909] program syz.1.2039 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  165.674403][   T40] audit: type=1400 audit(1748785419.497:603): avc:  denied  { ioctl } for  pid=11908 comm="syz.1.2039" path="socket:[49637]" dev="sockfs" ino=49637 ioctlcmd=0x9425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  165.789871][T11922] netlink: 'syz.4.2045': attribute type 32 has an invalid length.
[  165.901468][T11937] netlink: 'syz.4.2050': attribute type 4 has an invalid length.
[  165.938772][T11940] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11940 comm=syz.4.2051
[  165.945534][T11940] sctp: [Deprecated]: syz.4.2051 (pid 11940) Use of int in maxseg socket option.
[  165.945534][T11940] Use struct sctp_assoc_value instead
[  165.951561][T11940] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8229 sclass=netlink_route_socket pid=11940 comm=syz.4.2051
[  166.019642][T11931] ip_vti0: entered promiscuous mode
[  166.186138][   T40] audit: type=1400 audit(1748785420.007:604): avc:  denied  { write } for  pid=11957 comm="syz.1.2058" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  166.188839][T11959] MTD: Attempt to mount non-MTD device "/dev/nbd1"
[  166.196612][T11959] cramfs: wrong magic
[  166.294752][T11956] openvswitch: netlink: Tunnel attr 16383 out of range max 16
[  166.395543][   T40] audit: type=1400 audit(1748785420.217:605): avc:  denied  { mount } for  pid=11979 comm="syz.5.2063" name="/" dev="configfs" ino=2091 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  166.398184][ T5934] Bluetooth: hci4: command 0x1003 tx timeout
[  166.403637][   T40] audit: type=1400 audit(1748785420.227:606): avc:  denied  { search } for  pid=11979 comm="syz.5.2063" name="/" dev="configfs" ino=2091 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  166.405733][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  166.459004][T11988] netlink: 'syz.4.2066': attribute type 4 has an invalid length.
[  166.618647][T12006] netlink: 'syz.4.2074': attribute type 10 has an invalid length.
[  166.822987][T12022] netlink: 'syz.1.2080': attribute type 4 has an invalid length.
[  166.882536][T12031] netlink: 'syz.5.2084': attribute type 58 has an invalid length.
[  167.231941][T12053] netlink: 'syz.4.2093': attribute type 4 has an invalid length.
[  167.431225][T12066] __nla_validate_parse: 19 callbacks suppressed
[  167.431237][T12066] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2100'.
[  167.492142][ T5934] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  167.496706][ T5934] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  167.502180][ T5934] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  167.509120][ T5934] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  167.512587][ T5934] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  167.593520][ T1180] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.640629][T12077] netlink: 92 bytes leftover after parsing attributes in process `syz.5.2103'.
[  167.674841][ T1180] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.698599][T12068] chnl_net:caif_netlink_parms(): no params data found
[  167.743763][ T1180] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.800310][T12068] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.802567][T12068] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.804772][T12068] bridge_slave_0: entered allmulticast mode
[  167.807369][T12068] bridge_slave_0: entered promiscuous mode
[  167.812074][T12068] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.814310][T12068] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.816527][T12068] bridge_slave_1: entered allmulticast mode
[  167.822530][T12068] bridge_slave_1: entered promiscuous mode
[  167.852557][ T1180] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.876952][T12068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  167.885377][T12068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.890372][T12096] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2109'.
[  167.927489][T12068] team0: Port device team_slave_0 added
[  167.939622][T12068] team0: Port device team_slave_1 added
[  167.976670][T12068] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.979347][T12068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.987482][T12068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.992702][T12068] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.994831][T12068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.002901][T12068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.091594][T12068] hsr_slave_0: entered promiscuous mode
[  168.094655][T12068] hsr_slave_1: entered promiscuous mode
[  168.098719][T12068] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  168.102089][T12068] Cannot create hsr debugfs directory
[  168.176408][T12112] pimreg3: entered allmulticast mode
[  168.185572][ T1180] bridge_slave_1: left allmulticast mode
[  168.187309][ T1180] bridge_slave_1: left promiscuous mode
[  168.190146][ T1180] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.195166][ T1180] bridge_slave_0: left allmulticast mode
[  168.196857][ T1180] bridge_slave_0: left promiscuous mode
[  168.198866][ T1180] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.242275][   T40] audit: type=1400 audit(1748785422.067:607): avc:  denied  { setopt } for  pid=12121 comm="syz.1.2119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  168.259468][T12126] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2117'.
[  168.343540][ T1180] 0ªX¹¦D (unregistering): left promiscuous mode
[  168.381329][ T1180] dvmrp1 (unregistering): left allmulticast mode
[  168.501523][T12134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2121'.
[  168.560851][ T1180] bond0 (unregistering): left promiscuous mode
[  168.563610][ T1180] bond_slave_0: left promiscuous mode
[  168.566094][ T1180] bond_slave_1: left promiscuous mode
[  168.570064][ T1180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.576435][ T1180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.582175][ T1180] bond0 (unregistering): Released all slaves
[  168.652583][ T1180] bond1 (unregistering): (slave veth3): Releasing active interface
[  168.655656][ T1180] dummy0: entered promiscuous mode
[  168.659919][ T1180] bond1 (unregistering): (slave dummy0): Releasing active interface
[  168.664967][ T1180] bond1 (unregistering): Released all slaves
[  168.671284][ T1180] bond2 (unregistering): Released all slaves
[  168.798313][ T1180] tipc: Left network mode
[  169.037269][ T1180] team0: left promiscuous mode
[  169.039436][ T1180] team_slave_0: left promiscuous mode
[  169.041466][ T1180] team_slave_1: left promiscuous mode
[  169.048634][ T1180] hsr_slave_0: left promiscuous mode
[  169.050945][ T1180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.053732][ T1180] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.056840][ T1180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.059620][ T1180] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.084493][ T1180] veth1_macvtap: left promiscuous mode
[  169.086288][ T1180] veth0_macvtap: left promiscuous mode
[  169.088579][ T1180] veth1_vlan: left promiscuous mode
[  169.106514][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2131'.
[  169.111693][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2131'.
[  169.114697][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2131'.
[  169.117417][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2131'.
[  169.615494][ T5946] Bluetooth: hci4: command tx timeout
[  169.731548][ T1180] team0 (unregistering): Port device team_slave_1 removed
[  169.796870][ T1180] team0 (unregistering): Port device team_slave_0 removed
[  170.349432][T12174] netlink: 'syz.4.2134': attribute type 7 has an invalid length.
[  170.351881][T12174] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2134'.
[  170.354695][T12174] ==================================================================
[  170.357091][T12174] BUG: KASAN: global-out-of-bounds in fib6_clean_node+0x51c/0x5b0
[  170.359761][T12174] Read of size 8 at addr ffffffff9b218508 by task syz.4.2134/12174
[  170.363511][T12174] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  170.364700][T12174] CPU: 3 UID: 0 PID: 12174 Comm: syz.4.2134 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  170.364715][T12174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.364723][T12174] Call Trace:
[  170.364727][T12174]  <TASK>
[  170.364732][T12174]  dump_stack_lvl+0x116/0x1f0
[  170.364750][T12174]  print_report+0xcd/0x680
[  170.364764][T12174]  ? __virt_addr_valid+0x81/0x610
[  170.364782][T12174]  ? __phys_addr+0xe8/0x180
[  170.364800][T12174]  ? fib6_clean_node+0x51c/0x5b0
[  170.364820][T12174]  kasan_report+0xe0/0x110
[  170.364835][T12174]  ? fib6_clean_node+0x51c/0x5b0
[  170.364853][T12174]  fib6_clean_node+0x51c/0x5b0
[  170.364869][T12174]  ? __pfx_fib6_clean_node+0x10/0x10
[  170.364887][T12174]  fib6_walk_continue+0x452/0x8d0
[  170.364902][T12174]  fib6_walk+0x182/0x370
[  170.364916][T12174]  ? __pfx_fib6_ifup+0x10/0x10
[  170.364931][T12174]  fib6_clean_tree+0xd4/0x110
[  170.364944][T12174]  ? __pfx_fib6_clean_tree+0x10/0x10
[  170.364958][T12174]  ? mod_delayed_work_on+0x1a7/0x1c0
[  170.364975][T12174]  ? __pfx_fib6_clean_node+0x10/0x10
[  170.364992][T12174]  ? __pfx_fib6_ifup+0x10/0x10
[  170.365009][T12174]  ? __pfx_fib6_ifup+0x10/0x10
[  170.365024][T12174]  __fib6_clean_all+0x107/0x2d0
[  170.365040][T12174]  rt6_sync_up+0xc9/0x170
[  170.365052][T12174]  ? __pfx_rt6_sync_up+0x10/0x10
[  170.365066][T12174]  addrconf_notify+0x1709/0x19e0
[  170.365077][T12174]  ? ip6mr_device_event+0x1bc/0x230
[  170.365089][T12174]  notifier_call_chain+0xbc/0x410
[  170.365101][T12174]  ? __pfx_addrconf_notify+0x10/0x10
[  170.365113][T12174]  call_netdevice_notifiers_info+0xbe/0x140
[  170.365132][T12174]  netif_state_change+0x165/0x3b0
[  170.365148][T12174]  ? __pfx_netif_state_change+0x10/0x10
[  170.365165][T12174]  ? prb_read_valid+0x78/0xa0
[  170.365180][T12174]  ? __pfx_prb_read_valid+0x10/0x10
[  170.365201][T12174]  do_setlink.constprop.0+0x3570/0x4380
[  170.365218][T12174]  ? __pfx_console_unlock+0x10/0x10
[  170.365229][T12174]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  170.365245][T12174]  ? __wake_up_klogd.part.0+0x99/0xf0
[  170.365262][T12174]  ? vprintk_emit+0x1e6/0x6d0
[  170.365273][T12174]  ? __pfx_vprintk_emit+0x10/0x10
[  170.365286][T12174]  ? _printk+0xc7/0x100
[  170.365300][T12174]  ? br_switchdev_set_port_flag+0x134/0x380
[  170.365312][T12174]  ? __pfx_br_switchdev_set_port_flag+0x10/0x10
[  170.365324][T12174]  ? __pfx____ratelimit+0x10/0x10
[  170.365338][T12174]  ? br_port_flags_change+0x6b/0x1d0
[  170.365355][T12174]  ? br_setport+0x1180/0x17d0
[  170.365366][T12174]  ? __pfx_br_setport+0x10/0x10
[  170.365377][T12174]  ? do_raw_spin_lock+0x12c/0x2b0
[  170.365394][T12174]  ? __local_bh_enable_ip+0xa4/0x120
[  170.365405][T12174]  ? br_port_slave_changelink+0xd9/0x190
[  170.365416][T12174]  ? __local_bh_enable_ip+0xa4/0x120
[  170.365427][T12174]  ? __pfx_br_port_slave_changelink+0x10/0x10
[  170.365439][T12174]  rtnl_newlink+0x1446/0x2000
[  170.365455][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.365470][T12174]  ? find_held_lock+0x2b/0x80
[  170.365480][T12174]  ? avc_has_perm_noaudit+0x117/0x3b0
[  170.365500][T12174]  ? avc_has_perm_noaudit+0x149/0x3b0
[  170.365513][T12174]  ? cred_has_capability.isra.0+0x193/0x2f0
[  170.365536][T12174]  ? find_held_lock+0x2b/0x80
[  170.365546][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.365561][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.365575][T12174]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  170.365591][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.365606][T12174]  rtnetlink_rcv_msg+0x95e/0xe90
[  170.365622][T12174]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  170.365639][T12174]  ? ref_tracker_free+0x37c/0x830
[  170.365657][T12174]  netlink_rcv_skb+0x155/0x420
[  170.365674][T12174]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  170.365689][T12174]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  170.365707][T12174]  ? netlink_deliver_tap+0x1ae/0xd30
[  170.365724][T12174]  netlink_unicast+0x53a/0x7f0
[  170.365741][T12174]  ? __pfx_netlink_unicast+0x10/0x10
[  170.365760][T12174]  netlink_sendmsg+0x8d1/0xdd0
[  170.365777][T12174]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.365796][T12174]  ____sys_sendmsg+0xa98/0xc70
[  170.365814][T12174]  ? copy_msghdr_from_user+0x10a/0x160
[  170.365827][T12174]  ? __pfx_____sys_sendmsg+0x10/0x10
[  170.365846][T12174]  ? __pfx_futex_wake_mark+0x10/0x10
[  170.365863][T12174]  ___sys_sendmsg+0x134/0x1d0
[  170.365876][T12174]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.365889][T12174]  ? __lock_acquire+0x622/0x1c90
[  170.365910][T12174]  __sys_sendmsg+0x16d/0x220
[  170.365923][T12174]  ? __pfx___sys_sendmsg+0x10/0x10
[  170.365936][T12174]  ? __x64_sys_futex+0x1e0/0x4c0
[  170.365953][T12174]  do_syscall_64+0xcd/0x4c0
[  170.365968][T12174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.365979][T12174] RIP: 0033:0x7fadf618e969
[  170.365988][T12174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.366029][T12174] RSP: 002b:00007fadf7076038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.366043][T12174] RAX: ffffffffffffffda RBX: 00007fadf63b5fa0 RCX: 00007fadf618e969
[  170.366050][T12174] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  170.366058][T12174] RBP: 00007fadf6210ab1 R08: 0000000000000000 R09: 0000000000000000
[  170.366065][T12174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.366071][T12174] R13: 0000000000000000 R14: 00007fadf63b5fa0 R15: 00007fffcc1ab968
[  170.366083][T12174]  </TASK>
[  170.366087][T12174] 
[  170.526831][T12174] The buggy address belongs to the variable:
[  170.528693][T12174]  binder_devices+0x8/0x40
[  170.530241][T12174] 
[  170.531183][T12174] The buggy address belongs to the physical page:
[  170.533352][T12174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b218
[  170.535983][T12174] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  170.538426][T12174] raw: 00fff00000002000 ffffea00006c8608 ffffea00006c8608 0000000000000000
[  170.541082][T12174] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  170.543749][T12174] page dumped because: kasan: bad access detected
[  170.545791][T12174] page_owner info is not present (never set?)
[  170.547672][T12174] 
[  170.548431][T12174] Memory state around the buggy address:
[  170.550158][T12174]  ffffffff9b218400: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  170.552604][T12174]  ffffffff9b218480: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  170.555157][T12174] >ffffffff9b218500: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  170.557615][T12174]                       ^
[  170.559009][T12174]  ffffffff9b218580: 00 00 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  170.561426][T12174]  ffffffff9b218600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9
[  170.563869][T12174] ==================================================================
[  170.566445][T12174] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  170.568670][T12174] CPU: 3 UID: 0 PID: 12174 Comm: syz.4.2134 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  170.572269][T12174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.575540][T12174] Call Trace:
[  170.576646][T12174]  <TASK>
[  170.577590][T12174]  dump_stack_lvl+0x3d/0x1f0
[  170.579050][T12174]  panic+0x71c/0x800
[  170.580280][T12174]  ? __pfx_panic+0x10/0x10
[  170.581811][T12174]  ? mark_held_locks+0x49/0x80
[  170.583319][T12174]  ? fib6_clean_node+0x51c/0x5b0
[  170.584842][T12174]  ? fib6_clean_node+0x51c/0x5b0
[  170.586389][T12174]  check_panic_on_warn+0xab/0xb0
[  170.587914][T12174]  end_report+0x107/0x170
[  170.589258][T12174]  kasan_report+0xee/0x110
[  170.590653][T12174]  ? fib6_clean_node+0x51c/0x5b0
[  170.592134][T12174]  fib6_clean_node+0x51c/0x5b0
[  170.593618][T12174]  ? __pfx_fib6_clean_node+0x10/0x10
[  170.595364][T12174]  fib6_walk_continue+0x452/0x8d0
[  170.596999][T12174]  fib6_walk+0x182/0x370
[  170.598338][T12174]  ? __pfx_fib6_ifup+0x10/0x10
[  170.599853][T12174]  fib6_clean_tree+0xd4/0x110
[  170.601323][T12174]  ? __pfx_fib6_clean_tree+0x10/0x10
[  170.602986][T12174]  ? mod_delayed_work_on+0x1a7/0x1c0
[  170.605029][T12174]  ? __pfx_fib6_clean_node+0x10/0x10
[  170.607027][T12174]  ? __pfx_fib6_ifup+0x10/0x10
[  170.608513][T12174]  ? __pfx_fib6_ifup+0x10/0x10
[  170.610044][T12174]  __fib6_clean_all+0x107/0x2d0
[  170.611561][T12174]  rt6_sync_up+0xc9/0x170
[  170.612910][T12174]  ? __pfx_rt6_sync_up+0x10/0x10
[  170.614446][T12174]  addrconf_notify+0x1709/0x19e0
[  170.615983][T12174]  ? ip6mr_device_event+0x1bc/0x230
[  170.617595][T12174]  notifier_call_chain+0xbc/0x410
[  170.619167][T12174]  ? __pfx_addrconf_notify+0x10/0x10
[  170.620777][T12174]  call_netdevice_notifiers_info+0xbe/0x140
[  170.622664][T12174]  netif_state_change+0x165/0x3b0
[  170.624494][T12174]  ? __pfx_netif_state_change+0x10/0x10
[  170.626621][T12174]  ? prb_read_valid+0x78/0xa0
[  170.628474][T12174]  ? __pfx_prb_read_valid+0x10/0x10
[  170.630493][T12174]  do_setlink.constprop.0+0x3570/0x4380
[  170.632641][T12174]  ? __pfx_console_unlock+0x10/0x10
[  170.634650][T12174]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  170.636928][T12174]  ? __wake_up_klogd.part.0+0x99/0xf0
[  170.639022][T12174]  ? vprintk_emit+0x1e6/0x6d0
[  170.640847][T12174]  ? __pfx_vprintk_emit+0x10/0x10
[  170.642808][T12174]  ? _printk+0xc7/0x100
[  170.644451][T12174]  ? br_switchdev_set_port_flag+0x134/0x380
[  170.646735][T12174]  ? __pfx_br_switchdev_set_port_flag+0x10/0x10
[  170.649102][T12174]  ? __pfx____ratelimit+0x10/0x10
[  170.651071][T12174]  ? br_port_flags_change+0x6b/0x1d0
[  170.653112][T12174]  ? br_setport+0x1180/0x17d0
[  170.654986][T12174]  ? __pfx_br_setport+0x10/0x10
[  170.656876][T12174]  ? do_raw_spin_lock+0x12c/0x2b0
[  170.658829][T12174]  ? __local_bh_enable_ip+0xa4/0x120
[  170.660866][T12174]  ? br_port_slave_changelink+0xd9/0x190
[  170.663041][T12174]  ? __local_bh_enable_ip+0xa4/0x120
[  170.665082][T12174]  ? __pfx_br_port_slave_changelink+0x10/0x10
[  170.667396][T12174]  rtnl_newlink+0x1446/0x2000
[  170.669256][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.671223][T12174]  ? find_held_lock+0x2b/0x80
[  170.673054][T12174]  ? avc_has_perm_noaudit+0x117/0x3b0
[  170.675132][T12174]  ? avc_has_perm_noaudit+0x149/0x3b0
[  170.677158][T12174]  ? cred_has_capability.isra.0+0x193/0x2f0
[  170.679481][T12174]  ? find_held_lock+0x2b/0x80
[  170.681298][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.683296][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.685267][T12174]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  170.687298][T12174]  ? __pfx_rtnl_newlink+0x10/0x10
[  170.689238][T12174]  rtnetlink_rcv_msg+0x95e/0xe90
[  170.691150][T12174]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  170.693207][T12174]  ? ref_tracker_free+0x37c/0x830
[  170.695164][T12174]  netlink_rcv_skb+0x155/0x420
[  170.696752][T12174]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  170.698429][T12174]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  170.700100][T12174]  ? netlink_deliver_tap+0x1ae/0xd30
[  170.701695][T12174]  netlink_unicast+0x53a/0x7f0
[  170.703177][T12174]  ? __pfx_netlink_unicast+0x10/0x10
[  170.704826][T12174]  netlink_sendmsg+0x8d1/0xdd0
[  170.706270][T12174]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.707935][T12174]  ____sys_sendmsg+0xa98/0xc70
[  170.709427][T12174]  ? copy_msghdr_from_user+0x10a/0x160
[  170.711076][T12174]  ? __pfx_____sys_sendmsg+0x10/0x10
[  170.712724][T12174]  ? __pfx_futex_wake_mark+0x10/0x10
[  170.714372][T12174]  ___sys_sendmsg+0x134/0x1d0
[  170.715838][T12174]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.717418][T12174]  ? __lock_acquire+0x622/0x1c90
[  170.718985][T12174]  __sys_sendmsg+0x16d/0x220
[  170.720415][T12174]  ? __pfx___sys_sendmsg+0x10/0x10
[  170.721947][T12174]  ? __x64_sys_futex+0x1e0/0x4c0
[  170.723488][T12174]  do_syscall_64+0xcd/0x4c0
[  170.724911][T12174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.726724][T12174] RIP: 0033:0x7fadf618e969
[  170.728069][T12174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.733879][T12174] RSP: 002b:00007fadf7076038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.736428][T12174] RAX: ffffffffffffffda RBX: 00007fadf63b5fa0 RCX: 00007fadf618e969
[  170.739015][T12174] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  170.741475][T12174] RBP: 00007fadf6210ab1 R08: 0000000000000000 R09: 0000000000000000
[  170.743919][T12174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.746340][T12174] R13: 0000000000000000 R14: 00007fadf63b5fa0 R15: 00007fffcc1ab968
[  170.748812][T12174]  </TASK>
[  170.750496][T12174] Kernel Offset: disabled
[  170.751857][T12174] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:39:28  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000183545 RBX=0000000000000000 RCX=ffffffff8b7d6ca9 RDX=0000000000000000
RSI=ffffffff8de092c5 RDI=ffffffff8c1544a0 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed100d48663d R10=ffff88806a4331eb R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a7b350 R15=0000000000000000
RIP=ffffffff8b7d580f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6765000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fff87981f32 CR3=00000000562aa000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1330b50c12d54468 1dbbaf9aa49db1b4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a4cebd98bb0c4811 23d430dca7b30983
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a71e9b65fd35e897 7164016985151f59
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 14627b106108a948 03cb205462cac77b
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fadf6211a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fadf6211a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000420000ff 0100000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a4cebd98bb0c4811 23d430dca7b30983
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b20657479622d32 3320646e61707865
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f31fbef782de9feb 88bae4a82b82d362
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9b92f6961b42bc3c 0011d015625a5ac9
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000018 0000000000000001
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88806a743a00 RCX=ffffffff81afe5ad RDX=ffff8880254ec880
RSI=ffffffff81afe589 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90003e2f518
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d4e8741 R15=ffff88806a53cf00
RIP=ffffffff81afe58b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6865000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f46face7d60 CR3=00000000277a3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46fa1836a3 00007f46fa1836a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc3fa92340 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555595118551 00005555951183c0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555951142c4 0000555595113e60
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555595116964 0000555595116960
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007c0805b00301 000006080605a803 0000000000000000 0000000004010010
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100000040100 00080806060167b4 0008006003001000 5003001000400302
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1000300301f81000 0490030100000202 0606ac0300060000 0000000800050000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001002000050000 0000000500058005 0044000000006576 616c735f65676469
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7262000100118012 005c000000000000 00007c0805b00301 000006080605a803
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001a5f4d RBX=0000000000000002 RCX=ffffffff8b7d6ca9 RDX=0000000000000000
RSI=ffffffff8de092c5 RDI=ffffffff8c1544a0 RBP=ffffed1003bd1910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c663d R10=ffff88806a6331eb R11=0000000000000001
R12=0000000000000002 R13=ffff88801de8c880 R14=ffffffff90a7b350 R15=0000000000000000
RIP=ffffffff8b7d580f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6965000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000559d13e79660 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000121 Opmask01=0000000000000001 Opmask02=0000000001010037 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc246c9b20 0000559d35852ae0
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc246c9b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69622f3a6e6962 732f7273752f3a6e 69622f7273752f00 0a732520202d2000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b4c470a1f4b4c47 560a5756500a1f4b 4c470a5756500a00 0a56000505080500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 803e000400000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80410004803e0004 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000e002400000001 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000003e800002710 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 646e646220310a20 6368642032200a36 205f206965656400 5f5f20393500635f
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8559a465 RDI=ffffffff9b0772e0 RBP=ffffffff9b0772a0 RSP=ffffc900069765f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3966666666666666
R12=0000000000000000 R13=0000000000000033 R14=ffffffff9b0772a0 R15=ffffffff8559a400
RIP=ffffffff8559a48f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fadf70766c0 ffffffff 00c00000
GS =0000 ffff8880d6a65000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000559d13e79660 CR3=0000000061d89000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=3a810b1eb6134bdc 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc00502840 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75bb211a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75bb211a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75bb211a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75bb211aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75bb211b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f75bb211c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000c4
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000