last executing test programs:

20.550443727s ago: executing program 2 (id=402):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x0, &(0x7f0000000500))
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x4, 0x1, 0x3}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
mkdir(&(0x7f0000000380)='./bus\x00', 0x2)
mount$overlay(0x0, &(0x7f00000003c0)='./file1\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)={[{@nfs_export_off}, {@userxattr}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})

20.478910447s ago: executing program 2 (id=403):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) (async)
chdir(&(0x7f0000000240)='./file0\x00') (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x800448d2, 0x0) (async, rerun: 32)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x0, 0x3}]}, 0x10) (async, rerun: 32)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) (async, rerun: 64)
chdir(&(0x7f0000000100)='./file1\x00') (async, rerun: 64)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x0) (async, rerun: 32)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

20.475605215s ago: executing program 2 (id=406):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0xe) (fail_nth: 3)

20.410228648s ago: executing program 2 (id=409):
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(0xffffffffffffffff, 0x7a6, &(0x7f0000000400)={0x9, 0x8, 0x100000001, 0xad, 0xfffffff7, 0x3})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000000000)={"ac273db58caa065ef0b223092ba14b739c3623b47db195fd11139a5b772e2de86991ffa972f8d6ffdd364a931fe98a3b6ee2d1fc219576593e5b1e5f60e43000cd73596c878bbf05dcf472405573741ade512481a965bcc7cb3d9ba8a15c3bb209b63fa8964609fcb85b059bd10ffd507333d5e6389a0941aa001aaaf40965c40f4a2e13888f35cf2c72c0357fd49b636586819be362c06c70f1d6e9040b184aaca6db082be0bdaee1fe3458aa0e826422cabac1ee2ec531ca840d851d9506767ec19d86451761efe09d65fa6a32eba8bcd18616934c4d13425243f996ef6bae03357695146a54862f5d99d177edfc6c3d4adcbf1c2fe3b5398b5006f2bb7cb7294484eda46daf4917540c44e134ed87a3a2d6140a585346a2203b168f13574f5d5b48f28e67c87a6324f7d6f5272788138f99d9ff78145f97513328a2273e93aae6e94d30ac28b0dc294189af97f78097eb95aa2a5da47389524781774357a0cf694f0f77a2cc8ff7fd706460e05ae629084519a23dcaee3a644bddd976d680ad9dae34add6f52da6f0cfaa95abd378e4e0e04248eae138eec2a37fd35f969bcf102169725f1339e24db1d7b7d5c4c6a4aa453305f49b0379ae832d69e25990a28e5e11afcb8875b553956a87bed81420dfbafcf3c4020d2cca6227809cf9ed4f3850472ca092b086715bc9c2191f5eab8c9921ae8d4df4153b966c9cc9e934efa2dd8ea8ff4a9c94a83ac13effd27cfebc3c3063e7a5402b7d72bdf6cfc604fb7e2263ac54c6bd312fd08918f122590ad57954176cc67042222031883e6a9659383dde59aaa74be2dc32041462c6cef4eecdfac7cdafc52b230e33470885a4a8d4a1215430bc9425ac5c7322c3b7f3d6f31dccc00c9fdea39158e7928ec9c47728b2b812793ca72485f86bc663b245627e9acfc924303388c450308ec6aba1eb3e4c67ce08efbd2c6102f9f2487a74ecf491cbce2e26df777ef65233f287cd7ce453db790ff0535e7f49543c6632cdc3787596abb90c3376cffd8973ec82e85e4ef2438c28932e7fed00e2fb1c005f74d1d334a9ec0d03a25c5b60d5db64cc058695c4016b3c2ff24a93417b1f2e0bffa963ccbd6e301420a22e57564576503e9b428147c4d785dd9177dcf0e17782d58295b6affa67091074286778839f258e806a8dbe6cf2f6cedbf3971e85aaa7e036f8590e3c60e1d732e225c09019f01378dc71687616c71a3767ef68358f28467fe9ab79a8775eb560c3eb867a12144e1fe6ac34898703029b684e0fba17dc541102b13026d8d3f858ad9b9205f75d2b4bcccb7cf1d40c5dca4dffc78647428d80e876c5727b791074e37a3c49e84ade3c03086d9bbe1edce7e256338ed8b0d6c2fef61843fd2ab8a95c23cb12e7df6a71ac236da1e7b32445799334476467c83f913b2d6d6082f1236cd34192b7cf"}) (async)
syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioprio_get$pid(0x2, 0x0)

20.331228425s ago: executing program 2 (id=410):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x40)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x400, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async)
mount$fuse(0x0, 0x0, 0x0, 0x400, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0) (async)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x28, &(0x7f0000000040)=""/40}, &(0x7f0000000140)="a0ef12c9e843", 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x28, &(0x7f0000000040)=""/40}, &(0x7f0000000140)="a0ef12c9e843", 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0xd39, 0x0, 0x0, {{@in6=@empty, @in=@broadcast, 0x1, 0x0, 0x3, 0x0, 0x2, 0x0, 0x100, 0xff}}, [@migrate={0x50, 0x11, [{@in=@local, @in=@local, @in=@broadcast, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x4, 0x0, 0x3000000, 0xa, 0x2}]}]}, 0xa0}}, 0x0) (async)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0xd39, 0x0, 0x0, {{@in6=@empty, @in=@broadcast, 0x1, 0x0, 0x3, 0x0, 0x2, 0x0, 0x100, 0xff}}, [@migrate={0x50, 0x11, [{@in=@local, @in=@local, @in=@broadcast, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x4, 0x0, 0x3000000, 0xa, 0x2}]}]}, 0xa0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00') (async)
chdir(&(0x7f0000000080)='./file0\x00')
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x4) (async)
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x4)
syz_io_uring_setup(0x3e92, &(0x7f0000001680)={0x0, 0x4627, 0x20, 0x803, 0x326}, &(0x7f0000000000), &(0x7f0000001740)) (async)
syz_io_uring_setup(0x3e92, &(0x7f0000001680)={0x0, 0x4627, 0x20, 0x803, 0x326}, &(0x7f0000000000), &(0x7f0000001740))

20.330714662s ago: executing program 2 (id=411):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000640)=ANY=[@ANYBLOB='\t'], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
setreuid(0xee01, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0xfd2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.34452911s ago: executing program 32 (id=411):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000640)=ANY=[@ANYBLOB='\t'], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
setreuid(0xee01, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0xfd2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.260335426s ago: executing program 0 (id=461):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0x8, 0x0, 0x0, 0x1002]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}]}}]}, 0xa4}}, 0x0)
pread64(r0, &(0x7f0000000080)=""/33, 0x21, 0xffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', r2, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x1, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
io_setup(0x2, &(0x7f0000000000))

4.246077681s ago: executing program 0 (id=462):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000100000000000000000008000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32], 0x24}], 0x1}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x44, r3, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x2, 0x44}}}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x10, 0xcd, [0xc39, 0x9b, 0x3, 0x0, 0x7, 0x4]}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xafd}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=ANY=[@ANYBLOB="00ac1414aa000000000000000000000000ff0100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc00000000000000000000000000000000000000330000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000026bd700000000000020002006a000000000000004c001400636d6163286165732900"/244], 0x13c}}, 0x0)

4.190791505s ago: executing program 0 (id=463):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000070009500000000000000bf020000000000007b9af8ff00000000b609080089ffffff7baaf0ff00000000bf8700000000000007090000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004600020076004000bf980000000000007e080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

4.190270206s ago: executing program 0 (id=466):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000004, 0x42032, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000ae000000000000001800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r1}, 0x10)
r2 = socket(0x1d, 0x3, 0x1)
getsockopt$nfc_llcp(r2, 0x65, 0x4, 0x0, 0x20001008)

4.116967468s ago: executing program 0 (id=470):
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010f500000000000000000000000000c1ab9b2986b2f3a4184acb8557623b00", @ANYRES32=0x0, @ANYBLOB="00000000000000001c001280090001007866726d000000000c0002800800010000000000"], 0x3c}}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x8}]}, 0x24}}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
syz_usb_disconnect(r1)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000200)={0x7, 0x3, 0x1, 0x0, 0x0, [{{r1}}]})
syz_usb_connect(0x5, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r1, 0x83c0550b, 0x0)

2.700533209s ago: executing program 0 (id=484):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000006280)="382c1fedaf023bd55640c316e44c011327f97924e5d5aac258e1e9fcc3cffdcf5f122c531cfa765707f6a50737c263545180dc10a69056b9deca02cc4be9d32a61c296609f783cc29340d5b7cc6e5131f7f51a47ab78febd6816a0659e028b99ace9ba3d1e8fee7949b4aa018ab813ce9e82da65eb7726cbd554a005b10415c9cba49179d75c558fda1e000eb35a5a9ac6bb7f4748e7bc56bcfd6d4d4cd1efef20d8b6a6deeddef38571289bb76f4d360bf36976244ebdc1533c2a4137d908165f48676b9f836aa2dc55d88579b908e91021b240cd64df75c16b643d8ef612fcfcbe064e4f404c1d82cd562b1d998dc3880cea8c973035b67b0b5e6d258b883bf936a731fccd463755a2720052b27cdd6bb8aff9838e88d993631288c2724aa377c977df238ca6061091da4b303a59472aadb97f44850c5eb4cf20b8a03a48b836c55b065e98f8ebd5c270483864c5f34862bd223e5df209b0cdc2fa4ea718b186d7c7716532af6b1d8ebc1eca23b7d2439340f1b906ad0aab6cbf0c7e716f8b6e26168e53ce83211a69048e2fa208ce49e4fa75db7adcd1954e72bd926529cbd2919f55d12cea56ac71729a7c3c31bfd05fd646f36e1e093bbd76038b9aa43536e2320415f7e44df57a3f3da057020f4a4032dc2f5dd6b9215af91917abfc0247817536762693a405908267bbcf16f24cada76f604933970c4dc6acbcac02df7a6bddd993336a226890081aea7b782f56bc0f3c334923a524f189fa13ff6f91c3e2f9bea34899e4e883e97a1debe3b192940c383b93174a330c0d2467ec845d8c14184c89c3980b042078a03e394f96ca8deea0c31d19c7687ff60c1013e7fd1f674f6d247933484a73e4a7474fba3fabfffcac470ff5084d068b7feec8f316e570e65dec305db4005173f7cee2c6c10c4b36bc1ea98862eb1c36507803cc6a91df4499ee183d6f126b063f2be49721c0edd84acdcfea536c4cd6119d08d6dea98b9cf4d5e2e868bde6be00bb9f6843b711481e7b3cc2b9a29580f042b620ceb4dbba0a3984edb1d82268ad737146c3bec6c8be1e327c4fa172ddce39aabe36ca0254855d3e3cb90835e87e1c0ae20dd2e4e2012851f5be5e92d23ff4f292d877be28afbf9eebfffbfc7602b41ce880b27622c62382be5a504dc077702fe7e06f99e35b7888b099178a372abdf4b00d6976a0af7cbe791416628e9e2bc67448cd72bfea6d0a546f6ada8049be8df153b6ce60d3fbad52c6ac5dfca71992f2310922df1f39ed1606992752bcb947101ec49fef2be2f88e118421091431179bfc876851955416955d245b646fb43df614cc4f0282f7e022ed3dd46654e644961df8875f3d7d7d3b07e2296aa13455db1a71e97d56fa82ec94d47df23d722b2bd76acd9f9becff5ddd23a724af924b856ab3ae509685155682ff4bdffb139d3c19545d1c9aea088828c1140d5a0b6b698f96a04948f47b4777767e387419c03f19ef05e8f7f90c9fea399dd07297f701dc19aa9b570d96570d59f5158eaeb01e300127ac98edb726c3ead2b57c478621348d160943a5ac1fbde6de36f3d7bfd32a78475033e3e7e1e1a51f7d781aa4f6cb05dcaef23390b07960f3d594482d1fb435af8d031b94923b4a95d71a92fc4385c6155a1bb251374912a74bb9a93ea49c32dceb79ee7b039332fcc2474d80ae668a750914b26eddfedc1b6775829c3b167c1bbc27fc2a286c61217baea3a084411df433a64d7385880e6da85869286bc08a584769875837ede54874c11f38ed3722a18abd45746149fa59f79db25fb51649f7483faec28569ed058a0bdfaabefc062ca8ea6ad45bf5759725aa62e249131b33951e2bdce3055d357ff3138204f62b37236434bcc54180ba8e1329b8c5b6b7d4b5d5dbfa473030c2a289fff573ddf7c9e5cbcb6907c836c8a1ee2605bdec36e29c6681e16628f2cf5c53fdbacca60e5a497885d8a53f74775e716aac7d6e8a2d8c6e901f8fab75d7f689b031add22a5776b186d9efe3890b0d48497addb21ea971d3a463eb4fd44ad209ae5a4b0e13d28c6838689019f5c09bee0ec2c97bd8495f761f07de47d85c64250373eff1e5dcefb8d44ff1d5ca5dc9954096d18d64fc146d93647a1fb0612962a07946305f7a8329611569bb0fee5ca5d9bb3574a07336dfd4dbd185a55fc9acdaa97481664c7a3f1fd0afc23d545a704f76c8b684656a2567a5dc3d1ee0385a003dfcbbfc988990a11871b8825073f11f3e596ec4cbd310649299e9e9a569215eae227964086a3aeb327c477b10bdb6263c0ec83a1364d0d45392c8dc4322ad5a9095548c7f2a90e2c858dca72a4376133dd3bcabf752428424c3dfdd45eaf6686c88971825849905e82de9a18a65a539cf61affad7f06368ac9cdab53e8754cf6bae6ac927ec177fc320d22d0b3da9c88284c45563066f4f194a35387238b592048dcf58873c9307cf803e3badf0ad53222825a172e00a4c678b3b6aa1785c92841b98a3be17c6becbae8dc6fc1bd3a14516780c4bf372a565a89cb8d136aa268721bfe9a988e94eb2d9ada00cd44b4815bff09d2273776a483d10e4b902fe10d3b7e5abb70bb899ed2eebabc739a2826cfe8613430210e8d9055600f61293290c767c104e881985c5db9442e0421c8013c46c70ac4719fc709b6a4d061b9d61e43914f4e2fdcea52f49086001ee848fa3a3b187229e556dc6cdb612261e57f81833fff4cf5b87fe4a6644996b5813af2e223f6bcdfa60934d195dab4413659aadac5879e0a2bbcd7074d2a2572cad5a8c57e54c658d6ef8e5ec12a18a5e3b639528931f9edb8b48f558beac97e4a361107217fde4f6cdb3977bf6153137a0de01f4537d172466e33c4a144678eac1d66f3739421592bb29aa1a82d79905c92ded53294b99b32bda357f9e5c54c0446cef03f9094920a8f12cf9b20a0532d8bf3807a5cd8cda48c65c1d076ead4f4294e2611be2bf259f1c130ddf4dd529d91bc89c5e00976d6426529515455d9beb4e5e8017f0462e5df4564b80f30c8d1dc5f5952bb8ebec67e9ac32d9bea7766b13299bbd795e086574826d67e8995ceec28b5e9f4910b2406dde7e4f0785173d955186f8cac8e0bf1998334fe9038cb6c1d2a78748d608e6931094946d69fa39a1a975e76cddb0760e5f385116c504863df0e0e46577f56f3651c2933de50072783752d48b72e160b00bd43504968e4c10eaa78b3d817efbb5e0801c807ad6706f40b0ee2a6d7b8c1380160052cdccb92d85da00612f2c117f4a7c478d1542ce4bb2b1a98d51080244256bb81195095249fabf5c8145dd2877726a3460fab386fae85ea817ae9727af519788a9e609e2c7af7b05dafa86e46acaa0d4db68a8ca1f3141a9a9f30913c9cfee4ee77b07c173701e6ac1782f7c0fcd04ec8dc857d63385e5334d2c6257b026bd1693c1a5873fcb0f47758516a252a36d192e223bde5ac01172e34b219b1973357f46191841490cce974753e16585f52c76302c1f0dca863e173490ef04562f7be29a89075b1edbbd6aca69ac55a657679853044a932ae0a1680703cd63360408d5b95b3cf88aac3647a4e7f9e0aa164f6ea15caa3d7a322a135838e21148ce3e2c6094df711e1b9929cecd2849fc8853b9577e7b2746856b2765ee9d25f76c5c1dd2eb50a6637445d14769dd50f89de41750f5386b62bb11bc40771290bff2688066979a9287ef3bdbc03c147a63fa65de0093a8e051fee9bd1b6cb6b08e854d786de031d5b7725b8c425d1fe449496e4ba2a7c074b1776a27b3e12120a909800ff2c0a0170e3a2ab3bf287428b3ce2e2cc4e2033a69a1e7f2079a2433b65f82baee57fc56a7f61e120951af47eeae897bdce10567a0ca23bedd75b0d5bcd1762082bd49e50260b1f70321f8d9b189093a8911f41b85ba9837c9d2ce20d714bf5031aff30c1e8980eb78b9443b42b4540f5bd199d24a11a4000f85a61378dd6639712e136b0f22ba72e9611e7622dd63ab955ace811a940205067f4436a835d9697e5c05b9172769d09f5b5ed476baff9a02d25ec9ddb649d14329c98d5cccd3e8aede4148560a464f3ebf72c871400ee9fb3c080ad237de65483cc828fb7afab7accd4cd6662cfe4aec487e36fb0acdda8dafae7d87691be9de4b606409b4017fe0acfa096e70d3eb6c910a9892133ee009a5469aff6de342615650237a4b56d713cec4cbe9e4a6c1ec8e7e8ffd56335d2396221b88e9a0c80612647917dcfc70f7e4a379d7be34e4370df2bfa3c1be04e8da937c6be893ff236578a8006ea09cfb2f9834e695010ebddf7521c3452ded726d8e4ecd30fc64369a555daf78339a297312e3de18a8ec54f0ea2c08a5539666913bddf24e3aee03d96675a69dc0fe359db6ed5cd8ffcc6fb3d5ea8e10cd2c6ec8f0309ab88f70d46cbe94d97e8fb9f63fcae87614fdedb83d0974a4ab3a7444591cbc7b801d9f8720d0bb97af6c6f7ddbae27266c60ad327085c5b04e33523628f5925bd15364398a6d76a257289fc6dd5512f1cd3a6352bc9b5801edcb517519185dc57f2c14627f21c98afb94a477a437cd8a3a48a37e76d1b31ddf29576abcaf16c9d2a2c22ea33e0c144bcfa13d556cda8de376e22625f7aec285289f18b75855f041e6e8c6582e9bc923d0b1c488f1a2b7969b5327978d2c762e9a657fff6902d5cd8708a8e1132b8146001b456ec33645ec4205b6e6e1430c38f3107c2fdbb3ad02d6856104c6a7fe7fc6d654af773e3da3453d0ffbb217feafd7490f2ab83ca7f50fc89f3ed3adff4e61ffdb62d50fb91ba4072a18a800492d8eea8a8f1114f91b150c725f5082520ae5aca257c42cdf35f30700a697f299fa5b02ca4c5cc8bb2972672c76a72efb89b8b1ae3ce10cb9c5a1f3bf975ee430a2f22a7124a733c83a9e7e8c1c49f824d4d57a30b7626e670ccf6ad3d547930a99e48fe17fae0a0568a090df479ecd2d1897d625b7921543c81d8e0badd93917e2265c50ecd2f343a9cc542d86890062c305084b12c1c6c6c32c5379d0f0c1af0703d9560b23f1109bd8fcaa77bb0777cd06ae3344ca53e67c8f749627711182b4a323b267894c1fe5b549181b60f92008a9eaf520a8b372e2e60e9353c46a68bd83aeb0e82ce226d1a268a288a3b3869f4bd279a85e9ed1a803cda7155f97f22c3bd36c6ab0a33fb57fdba1807557797dc8b85e9d73ef2da20769fd5d8b5928a6a14b3dde35b77b1924f6e0671b3d9059f9909f8139b9a0baf5e21a0161363ec9b6277a9e6c7bc5483575607d2c3762bf5be86a3c0d1e47c62856bb9691eea45f491ad34c73ddee85ac578ba491de427709626b8fa6d5766615d301650d4f1b606acefe1a49ede6972c561878237c913f81ec39a6ffc4c17e0c1f10c9de8aed2e157a22636f8646f3d78fd29b9a7bbc43ab7b7e8ed9ad2c583e57727b2bd9e7a124706ae25b9326883fbd18d534865c5155e1781e42173095c8db6e0fc9237e48a7c1a24d7698f458caad66c1ef8d8e386e4737a18be478c124ca0030b41ae22104cbd1e2aa336c59b0acafbb40e0def248804230a0f59082bb35c183c482906c8d45e73a5020f10428696dc4048ad8ee7cf5fbb41c735ac05633f1937e1aec67a309ba58bde0afb0829520eeae6084a0c8928950ad25966950608e087e7565f1aae5787b5107395dd39bb50c18e3f8890bec7298795213e28cadfd22972bd99e7ad3aec85762fee9ce414aa89308d8d412190adf2703b2888aebee775d531e846af311e1dac7ff5ffc993c5ac2035fc3a8453184d2d692155eaa641a2fa415a0d38dfb2d99de15cde91e9e104859f17e784a27fcf79e5c43174a6af10f4b6882ada6ce4b1285c0fdeaf661f80f2be78351f3d363143c5c21ac447d57829e949212c5525a939b7f51bece42bb372ce7e8cf370f9c3591b0fbce47d420ccc3958116fbe8cc7dbfdb45cbd350227ce48a395782668fedc203d812bbbc322f6d475b9d2cdd28964344fd29f9bb954704ba383a1db119f68f89b37d2aaa7f86a18dbf7435fc39f3eddb1644f2e10460f8f32ea90983eb6b7ea941c6d0f94165408999d548caa84ff46c38d86d1419602784d22e1a54e881f71df4cbe943acded1d18ffb8db8765bec4be8feea691aafbf137a6cd42f1fff228e27b6b82fcd486663a8dd7c91a562c05b3e6de94ef6f8711c1e023e1ca2020f452ba0ea83ac5f64ba5c4c766471eade35889930c38e6ea18ae96fe74dcd0fd304cc1cfac04082fd59fcfd735742e95b2f33b07fe018d23ee2400d91532b08bff3bea8304a6e941fcd0c58391a6a2f5c1aefb9e61c08a62914eb638f192ae3ad55a3203ae31945fb2d32fafad0dc28e11bce85797cacbfbda6b6a3d4ce680c0f0569c8292970b02926be030bff5c4d62e93a5f2ce6eb606494d640b6669c2f8370964c0676a586f06480739043d30c5d83d1aa3395fecc3d2f068fd0fde71baab4c26bca0192334c8e28dbe97212c931a8a089ebd7f10d63729a2185dd669cf2569c498cf2e89014b1bd60e44f8026397f61c36bc447b040ef6e944f140bf876a3e8ec6a0ce521d20f96f2b106740400f9136ceb9217b43839cc7557568b749d66bf7488a720e18d25f5dc81c928950e32006558558243e2c002422ef729197c718ede15990fbde8dfb5cd08beec0a1e8cdcdd474193c7869e4556803511088c9f323924d82c540fabc29231da2cb0a4aa3f998232f3452d7e7e26ce5de5198403c71203d0ff4a544fb97bf52f61038b61c4370be5619c9711f5f613a735edfd5eb881344cb2aef5e6aad12983e35c0ac93b6a9d29f2891129bc03da2030960f35958c6766c46b1498cc326cf8942b60a7debb27604897ee84c8458d0368a152e425ca346b5e929a22e6cf1dbfd15377089b8e2a9052e084435ac7e3d0bafecf7a4532bdad29883adac4b75ff764ff64ae7b5600836c0ca5a43eb0469a886c21f4c4fcaf9771e985c8355a2dcdb178c08664a9dda356e0f50791c90ba0c94a2336e8b995259de8a68a9d7ed4d35aea75bbde772c0b9281d907e2f4eaabc1fc4f492dc761f3a1f881e2eabcbbf120f03e143962fcb247cddff91ba9dffee9ffb471c73a59c2b5f19e297cf27d10474049b8b446f31ba33e2d955d4acf213720f7490af581797a806aa46a2e107dd79108ed179e9e3cf3dbc3e14939eb546690b1adea764db66fedb74424b6d4b64911b1ddbb0e0913268211ca3ca100d504a330ca7008e5981071bdac88d445e950cb8b8d4451b020ccc22670639d36baee55c30d55a204cf17434504b7eb0ab7dc1881a02579c7bb7967b8406994b446130eb3271a465792b7b99bce8028235864ba14c27eb0d4a1a4d45b20e9ba38936aa4ce5ccff19cc6346b91b36776198cc702c984fa547ddcd6ded7151fed93dfccd08d5da74884122c649170f994fb5eafc1f662b6185a78a8da314e5742124665bd56fd88c1091d93d4f2d4d59c730793f832b5d61f8fdb0697b1a16caae9a62ac4b1d796c9e003d88b1de3626609bc2b56add42752361540001eb0faea64218663313a273b77ca91028786737a1417050a3bf1476ca841fc9c6c366af214b9d0cd1578f0bfdf085e7ad2ca4531d062d99005f4017bed4634a883b2a29b7c7bd74e29430e799e63cfc2a9d1428d201a16f91eff77f2cbf759286c0208910b3a4dec4d172c8cdf8c268d008473d68d497174b692e342a7a02aa53e64130e2b8cfab79e398cb31c32343ff741f0067909e7e1ad6aeafa82efa6b8afeb7a4a46d48b967d0fb6b701a76510b99ccc7ee5f8de307e09b3a7ccf11fd209cf21402e83cad1b6bb5f66afcb612ea266a8850fc4bf2543bba7666460fd88db849de13d3c52b72e1b6e6c452dc3ac224f20407e44909f7f8f4fc3d57284b29300d74d11cab87ba0da9b8845d80dc1e3096cb5dc8411c5786a9c24edbe9870fba22f5379fe16b97b022ca02f5e329bc6e828e7035bf91985c9bfe4da82478b102f1515530883d0da0fe983f468c69e4cede1b219540ddf3b41e1adb5923f93a3f20b2de186aac8a70976c5a93ae5116c91b9dc47544cffca0926369f050f38573c2674ac91eca23e279ac8dab712e752c63959f77c578544e38b3dd4e9f55baf5bde26c1685fabef020cefc99932ecbc66d6840223ec0d37a2897e727a0e1d51233181c5f8079257994f0a3a83aabba189f84499923dde93356c330854a0bc4e8c21e01979688d8213ad442c98cc8e3b43fbb76e043e1c3b296fec481c0c9bc2413cb41f4a141efc27d8d3d602d715228c94d2abc18cafde56f2f500eeb33e103b4b7efc424168c2002ca64181938b45d13ea35a0df6496f5222bc7c35f5e43c3293128e2d20aaf01c939fe7b30e656e73961ed17f5f30a4016120993569e54e47d745d4a0b83e1a637d59784794c619176d1f44e791e6baee751e07a5d75147d783cd9518226178bac8063ffe80e1039d6df6d68522f29740a2880e0e60959af462b6d4cfca81c8535c29a1a3ab9e2cf1e9fe40d8617eab67f4d7e623c29feec5f7e2be4f0f3a24632e680b99070ea2c4f9beca376cbe243bdbf7ab6529e920b59723d0934adc1820e988663c9398fd3e939aea005b15f86d0d2f33d3507b79b58e418bf99abc2bf2e07193ae2dc6378ec021acfd7b9327b0cfa4c4f5d5e0e544ccc3567693436a3dbda2c1611c56a5b9c05b43bb6885246a6691063e0a6e0fe3b37cdfadc42564ddbe68e940e218335c7211561fcc9f3a3fdf68126b66a16546c0a7e889faff0b4089a7f9a6f74ceebafdb4cae66530a9b6876b1710b79069496ae71d5ba00de8e68fa57c3a409d3a6fbf87298f31a82a379ea3888689901119b2c1ff5956fc0181c497f0d5adac827ca77c0ae1af06c3aa0012bce0364f91381fcb85eba00887212d9d12cc342f30a7a13f360a4ed9434b9ace6e1ad15f4ac938a550b7daabe5bf03b5aebd4d7baf590e8f9f28198ec0a35ebd715c9743f4dc6454034aac4a18045cd7c965bf0de14f3a90657706d25eb47152eca1cc7ee96910851ab48fd22c77bb09286fb17669dd88655694552678d671c5f6621e6ae2c699dad5ab49ea98d1ae9329d3cc46b10b9a21801dc9004ed4ca0784f6dba45a7010915c6a3dc9c71213b56be981882efa196b697439d855fe358a95ade507873a39faf60c4f2831d65cc8ecaa9bfd62a8ecc4f414a410600ba20bdb721e7cd0cd814db4493921c4bdd7855797ebf803a73783405e8afbfd63a15dcc5abafcf45ac17c1cc320c9694003785951a75066ff5863b217d15af6fd403442e91e7b06b4753757586bc6940b51d9cceffcd5fcb8c00e2b72a971eb874712c40e52e770120fe35e6aaae1e11dcd00611dfbc435dddaa52c64c857b10cdb43fa8b05aed2d931f8df74b12a358d1d7cecf4b06f42e227dabd8772b40e076e666e5158d12c010159f9a0716d47625ed7018afa1ba8756184db30c14157a600e2667a4e45fc3f4c251a1bd9f4f32e455db6b1bc13331a91bd8fd7fe657996b6d8ab41c966cdfbbd70e2fcb8a31613a0f6ebb1038bc048957db55e91739298676306f719abe01624cb72b93908ee1f738c4bbd8a51d942dfd86d80e97361a426eaf1bd39513fc34f200d3b5e953b870a9b03c3a6a9b7f10e8b6382f3ca7ff1ab1b8811e11099d0e676be5325ba4186a2bc6e838658ebc53b9ec6880096fe33afda5f567f0deeaf79bf68816eabf2af1f38e872bbd563188f1ac50d716d8ce13089e1976c8cfc54a86090cd6d4f78deaaed0f2fba3556741968032e4ef476d05b8b97bd53fa387b8877929732577311bd1d23bbcd082b3a91a081122e3211a61fd03399cdeff80dca65ce877bd945b37dca482687309536d0b19d20ed38a9648131ff8230a57c43a0ac711eaa2adc34a0df475db73343556014043723307987d897590a1ce6525a226b28ff482a45412b9037d23dcbb67b37a5e93bba88dcb827f7822762e4c1ead43c43ab49b086745a92d37246674b582fb8954613b3937011a048e9ca2de3f1eb0598b2aa24a0dcb998c6240f44b98595da8a636386c5e3917d2f8c0057266d13efe7ffaac554d6b906724b4e83b52632ba1ef27c6c0e940ceb92a36eaf302594abdde5d7dbad905a8ada88e8d28b55b85a776227644db813ecd62daac1eacbab70c16ff5e200c8a9287b939350b2f88ab3ea3c081edfbb24822c76a33e1b3b1df00b2bf4104fdfa680ee2e5e02ccd2b2f6ca97de2ce621f778564dd45a0ac72fb0264e4b23c5c6e06d25aff17388a41e5e33e3d2b9324b9a0f30a02ee43544ae5ab476a46a93d85eda215326c45bb4dffd9bea409fd04523910a86183a0b03a052c0c22fadb62216dea93f3b95ff53a863144110c3473d4c05d39dd8136209c811b44de92ac63467fd514b748b76796ea16329263dbc0740bf8fe0d0ef5add510794c46b51a6386fdd3bbaded99905458170d1730b697ac0aac3ab9c8d47054640f57c88b7f4192f10ae394c25a13fb1f82ed1af56cc59ace39bbc9981a272cb77ad9d1c69eaf07581705d869687256a71f9c205f415afa3097efaa181ff2cb8f23459e7fbcdfef40cf4e74b0756aa56e2fe7d9981f27f6987185abb5b56753343c337e7570b900f07a710832bce233032de7443c2f32152782b79a92aee101cb1f5663b46caf068becafea95a1ec6e5306ce3a8b611b2a99274ee431ed22619ad8517c486534e106cb792b6ad70dbb53e73aefbd81138541560d9e5b8d9a0ff1982bf6bedf7e71c94638bd11c68c31ecd49d77e63b19fcbc0076e32c6e598e497a0ab546b7fe7987791cdac866b92823a424e4c480acd30f2059d9f9fc46e42882cba81fa80c30c941d0913e8e677bddb8609301b2806b977f9796630168c4449aad8f6503385f17307ab015207384c55da1123e24c7c6ea50e70b4ac039b155271a48759cacfb61554cd7e57a732e7d6e5b0c6f68fdae987af62977c2deb5633c8d55847114c094410002d47b00ecfaaa5eb9c34101e7de63452d26df77994f1a1d457448a9d4acd0bbeca5c2278c406edfe841a01ef7294346e3dc4953cb6f15c61f3f796b83397c0d2f10ff1841ce3456443aba74bc666b98cecc1759f8bdc8cbfd2c19ff2a57ac4524c6d5cf8fe33fd54789e3992f64d35926f0661171dd343ee42113b0f79ed142d328e7ac4968081e04b25b1a279a3fdaa07b78a0ce443fd72fb026a20acda3240339ef36cd156c93d7dc937ccc9e031f61c76f2af8972287033f74f90030bc36d04dcaa842ea773d116b25773458053d89b5b30583fe1194662c91bbc59a95fec4a4eb1481c8623e5aff0d48b7979c1f15bc55cee72dc536d68ba0fbfeb98c0fc8838bbdee38405782b25a0bd2fa501aa82d0b97b857d48c2548624869fed43bbe8599361ea8db3a6c86df42da6c8c8ad40c989db6bf860d5fa5219f6fc667c8076936fec1fb46ef6e2e677ff404cf17c2d478424c8e01b2cbb4f3bb6526d773db7bae4a5d26a50d081c6e2f16ad1f36e7d3b7e79a9f39a389b438ea150c14bdeec8dcd46488ab6eca454c3e5a2eddc", 0x2000, &(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)={0x90, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50)
mount$fuse(0x0, &(0x7f0000000080)='./file0/../file0/file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r2])
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff})
r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000001440)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETOFFLOAD(r5, 0x400454c9, 0x9)
ioctl$TUNSETCARRIER(r5, 0x400454ce, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xec, 0x13, 0xb2, 0x10, 0x46d, 0x8d3, 0xb28, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x69, 0x0, 0x0, 0xe, 0x1}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000020000000f10"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
writev(r4, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
recvmsg(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000500)=""/92, 0x5c}], 0x1}, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)

320.712279ms ago: executing program 3 (id=509):
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x18)
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x40080)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000000)=0xc)

320.213744ms ago: executing program 3 (id=510):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_io_uring_setup(0x7b79, &(0x7f0000000140)={0x0, 0x6, 0x40, 0x0, 0xfffffffd}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_open_dev$sndmidi(&(0x7f0000000080), 0x2, 0xa8882)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0})
io_uring_enter(r1, 0x8aa, 0x0, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

319.03289ms ago: executing program 3 (id=511):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0xc0303, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0xfe, [0x8, 0x4], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x6, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x2}]}]}]}}]}, 0xac}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000040)={0x1, 0x1, 0x1, 0x8000040000000001, 0xffffffffffffffff})
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x28011, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0xc0303, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
socket(0x11, 0x800000003, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0xfe, [0x8, 0x4], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x6, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x2}]}]}]}}]}, 0xac}}, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) (async)
fcntl$lock(r1, 0x25, &(0x7f0000000040)={0x1, 0x1, 0x1, 0x8000040000000001, 0xffffffffffffffff}) (async)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b) (async)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x28011, r5, 0x0) (async)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) (async)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)

251.096947ms ago: executing program 1 (id=513):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=@newlink={0x30, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, [@IFLA_NET_NS_FD={0x8}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x2}]}, 0x30}}, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4010, r0, 0x2f7fa000)

249.753742ms ago: executing program 1 (id=514):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x9003000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x2, 0x3, 0x2c8, 0x178, 0x178, 0x178, 0x0, 0x178, 0x230, 0x230, 0x230, 0x230, 0x230, 0x3, 0x0, {[{{@uncond, 0x0, 0x158, 0x178, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "d9d9e63590ab5471c46924e95540949f0cd7e2b0a94d71d9d944acb7f0a129b989a95b30cee19d7cc1725572ba928385b1635c89b58ae9a0e1ea500b26f006da3fa8a13455e799e191835d7d5ea776f03aef524e22f0bb6ed4b00f44ceb936943e13fa1caa6b4b159c673db1efa9a08b1ddc74ce6c00", 0x19, 0x3}}, @inet=@rpfilter={{0x28}, {0x3}}]}, @unspec=@NOTRACK={0x20}}, {{@ip={@remote, @rand_addr=0x64010101, 0xff000000, 0xff000000, 'nicvf0\x00', 'geneve1\x00', {0xff}, {}, 0xff, 0x0, 0x7}, 0x0, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x328)
r1 = socket$kcm(0x29, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r3, 0x11, 0x68, &(0x7f0000003a80)=0x2, 0x4)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000013c0)=0x2, 0x4)
r4 = socket(0x8, 0x2, 0xa2ea)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x48, 0x2, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
write$binfmt_aout(r8, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad00", @ANYRES8=r9], 0x125)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r5, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r5], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x30, 0x10, 0x439, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r5, 0x0, 0x2242}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gre={{0x8}, {0x4}}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x844)
sendmsg$kcm(r1, &(0x7f0000000100)={&(0x7f0000000000)=@xdp={0x2c, 0x5, r5, 0x16}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="938bd52541bb0872dc3362fd77bdd7e4c156c2ebacfee7e634b3d92f851f254190f0d0f089b313c406d6c2cdcecfa89f", 0x30}], 0x1, &(0x7f0000000680)=[{0xb8, 0x10a, 0x34, "c6813aa185de7eade496a6e0fd45f25e92f0a23e1453afa00b2dcfb0b47726b47b34a465b755375379aed564f9455e91587905e10b3a65b171ccc105eb59083809750c811df3eadd3a83b4c30df6ca4c2eecad5ce513f78141107a5f45c05f03043572566a108d340abcbebcded0234b5958398cf7f43bdb0a9f9d50e9326ee8fda427ab63f2f9350f509d0284ac720b281f69a5049535a455f8aa7b72ce361dc6408ac8d8cd"}, {0xb8, 0x113, 0x7f, "ec3c2a0a3ffd3ff5a0c0deae995ec982fa8e6113524f1a6c9deb682a55f3b51eb3161f0168a186bef7e3e9ceabc320b5b90d8b09f0a9f17327c2c2329a30515a902e88fad1547b1ab99d4d7be1d32d6da148f6d17be734e690be4e39486d80a226d084f2fc4341546ed4ce019c10ec88baa0c88231d5278362c49691584d808847895e2e7d71ade9944a843ba8981a9a65c1bc2e379f8fe235683187c32a2baf897982"}, {0x70, 0x0, 0xc, "a9ff53125c9377a24cad583c140925398b453d2ef3713e91776ad520f7798226987fdd309213183cefecdf004b92a45a84c952ea5e8b3050365cc0d603e73efa2d81336cc2595a1e25124913715f43a62a3a22c5eacaa3277d9a1ec4"}, {0xb8, 0x104, 0xfffffc00, "aebdd6b21cdc0e4cd02f3209a9d5905600f94fcb855dc691a673a4139c81ff807be664f32ab1e58c347ab3360d0acd65ecf17e98e72c690ddd39117acf765886d438607853d711a82e9e12ac04c15403460df0296a767178000b774c1140fb6f1f75b76c4b8cd981d1424aa54dc7691809da5d924ab6b69ade715837131142417884ac611954e34893a1ba465716000ddd0b85fa0c802d89ac65500e5700d7fe0d"}, {0xa8, 0x10c, 0x4, "27b04317ad7a7d08f18c2fdab4c0e9a3e648a9910a253f3a1a3cd8137e1284bf3ccc79caadbbade5eca49bdc63fad5d40851760e8bba1083e3fab28a291a2f9051d551db5f358da85832bf46ab5fac7830fb57d7323958dba30e3588ac5edc4fdba655d282404c0ec0e58ac40cf0f7db96fba30ba0a79efcd378f869eeb11019a8a8d12654792562d7c160cfabcdbf428b03"}], 0x340}, 0x8010)

201.165687ms ago: executing program 1 (id=515):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f00000001c0))
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x1})
sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="ed4cc7fe148d8b06bc720d3ac43fe613e2f48959e632ef0203c52baa3265dd70be22520cbab878f889c176832c7003b63e30bc86a56eda3833bca93c832e16aecb7695a4c6149b282d196e94c825bf79749d108c54a04fc0fd1538838f9b2748018603007459e8b1526a0c4b23241f9b46bb0115292f39cd307c062593c0d97112def7807b8e26bd557ded9a67082890f6929aa34eaf1e3af6c69d2ae7b3381608ef781daffd", @ANYRES16=0x0, @ANYBLOB="dda32bbd7000fedbdf253d000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c74696361737400080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c74696361737400"], 0x1a4}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
r2 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0xe)

200.723009ms ago: executing program 1 (id=516):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
recvmmsg(r1, &(0x7f0000006140)=[{{0x0, 0x0, 0x0}, 0x2f6}], 0x1, 0x0, 0x0)
r2 = io_uring_setup(0x1de0, &(0x7f0000000440)={0x0, 0xffffffff, 0x400, 0x0, 0x0, 0x0, r0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0x36, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc", 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000700)="0102", 0x0}, 0x50)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000180)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x3}], 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000793000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f00000000c0)="0f01c866b8010000000f01c1650f01c366b80500000066b9498943b20f01c166b9e70b000066b80a00000066ba000000000f30660f3882be0b002e70140f30660ff5420666b9800000c00f326635000100000f30", 0x54}], 0x1, 0x28, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r7, 0x5761, &(0x7f0000000f40)={0x5, 0x0, [{0x8000, 0x7, 0xfffff714, [0x9, 0x9, 0x1af, 0xb9a2, 0x1, 0x10, 0x8, 0x2]}, {0xfffff78a, 0x6, 0x9, [0x9f7, 0x3, 0x1, 0x0, 0x4, 0xf, 0x8, 0x200]}, {0x1ff, 0x9, 0x1ff, [0x94f, 0x1, 0x73e5d9cb, 0x9, 0x0, 0x9, 0xfffffff7, 0x400]}, {0x5, 0x7fffffff, 0xf, [0xbf, 0x100, 0x0, 0x10000, 0x8001, 0xca, 0x100, 0xf08b9bb]}, {0x2e, 0x3, 0x8, [0x8, 0x6, 0xb1, 0x7, 0x7, 0x0, 0x100, 0x4]}]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f0000000080)={0x0, 0x0, &(0x7f00007a4000/0x4000)=nil})

200.310471ms ago: executing program 1 (id=517):
modify_ldt$write(0x1, &(0x7f0000000040)={0x1000, 0x0, 0x1000}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB='7'], 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x8, 0x2, &(0x7f0000001140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001180)=[0x0, 0x0], 0x0, 0x8f, &(0x7f00000011c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000001200), &(0x7f0000001240), 0x8, 0x25, 0x8, 0x8, &(0x7f0000001280)}}, 0x10)
pipe2(&(0x7f0000001400)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84080)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001480)={0x1, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x10, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x2, 0x3, 0xb, 0x0, 0x0, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @jmp={0x5, 0x1, 0xd, 0x3, 0x5, 0xc, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x7}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x1000, &(0x7f0000000100)=""/4096, 0x41100, 0x35, '\x00', r3, @fallback=0x13, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001440)={0x1, 0xa, 0x3ff, 0x9}, 0x10, r5, 0xffffffffffffffff, 0x2, 0x0, &(0x7f00000014c0)=[{0x1, 0x4, 0x8, 0x8}, {0x5, 0x3, 0xc, 0x1}], 0x10, 0x3, @void, @value}, 0x94)
r6 = syz_clone(0x62000000, 0x0, 0xffffffffffffff88, 0x0, 0x0, 0x0)
syz_open_procfs(r6, &(0x7f00000015c0)='smaps_rollup\x00')

70.053757ms ago: executing program 3 (id=518):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x4)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x4}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

69.057064ms ago: executing program 1 (id=519):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
timer_create(0x0, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000001340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4085)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x48000009, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_QUANTUM={0x5, 0xf}]}}]}, 0x78}}, 0x0)

724.987µs ago: executing program 3 (id=520):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
listen(r1, 0xa1)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r2, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000180)=""/172, 0xac}], 0x2)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
accept4$bt_l2cap(r1, 0x0, 0x0, 0x0) (async)
shutdown(r1, 0x1)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000080), 0x4) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000003b0007010000000000000000017c0000040008800c02008006000600800a000004000280670751e89e4e33b9692149da561f65a4a6db7d"], 0x28}}, 0xc000) (async)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1a}, @hci_ev_le_ext_adv_report={{}, {0x1, [{0x13, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7, 0x3, 0x6, 0xa, 0x8, 0x9, 0x4}]}}}}, 0x1d) (async)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r0)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r3, 0x4, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x800)

479.051µs ago: executing program 3 (id=521):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf09000000000000550901000000f0009500000000000000bf020000000000007b9af8ff00000000b609080089ffffff7baaf0ff00000000bf8700000000000007090000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004600020076004000bf980000000000007e080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

0s ago: executing program 4 (id=457):
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x40100, 0x0)
fsetxattr$security_selinux(r0, &(0x7f0000000040), &(0x7f0000000080)='system_u:object_r:vmware_device_t:s0\x00', 0x25, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r1=>0x0, 0x0, 0x4, 0x3, 0x1, 0x11, @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x10, 0x8000, 0x10001, 0x6}})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={@remote, 0x39, r1})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', <r2=>r1, 0x29, 0x7, 0x3, 0x52f, 0x0, @loopback, @private1, 0x8, 0x1, 0xc, 0x200}})
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000280), 0x20400, 0x0)
getsockopt$inet6_tcp_buf(r3, 0x6, 0xb, &(0x7f00000002c0)=""/168, &(0x7f0000000380)=0xa8)
socket$netlink(0x10, 0x3, 0x4)
lseek(r0, 0x9, 0x2)
setsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f00000003c0)=0x1, 0x4)
preadv(r0, &(0x7f0000000780)=[{&(0x7f0000000400)=""/210, 0xd2}, {&(0x7f0000000500)=""/143, 0x8f}, {&(0x7f00000005c0)=""/143, 0x8f}, {&(0x7f0000000680)=""/241, 0xf1}], 0x4, 0x40, 0x9)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b00)={r0, 0x20, &(0x7f0000000ac0)={&(0x7f0000000980)=""/92, 0x5c, <r4=>0x0, &(0x7f0000000a00)=""/174, 0xae}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x15, 0xd, &(0x7f00000007c0)=@raw=[@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x7f}, @alu={0x4, 0x0, 0xa, 0xb, 0x0, 0x18, 0xfffffffffffffffc}, @func, @ldst={0x2, 0x3, 0x0, 0x5, 0x7, 0xffffffffffffffe0, 0xffffffffffffffef}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}], &(0x7f0000000840)='syzkaller\x00', 0x5, 0x47, &(0x7f0000000880)=""/71, 0x41100, 0x2b, '\x00', r2, @sk_reuseport=0x28, r0, 0x8, &(0x7f0000000900)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000940)={0x0, 0x0, 0x8, 0x7}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000000b40)=[r0, r3, r3], 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = add_key$fscrypt_provisioning(&(0x7f0000000c40), &(0x7f0000000c80)={'syz', 0x0}, &(0x7f0000000cc0)={0x2, 0x0, @b}, 0x48, 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000000d80), &(0x7f0000000dc0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$instantiate(0xc, r6, &(0x7f0000000d40)=@encrypted_update={'update ', 'ecryptfs', 0x20, 'user:'}, 0x16, r7)
ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f0000000f00)={{{0x5, 0x1}}, 0xcb, 0x10, &(0x7f0000000e00)="53bb3acf7afd4270477bdbd1cab50fb7d6498eff740d153e535c5dcb6ea1819d2ad96da695ce307234523354d8e0b1fd42b589318692a37fcaebd166ac64d5d66fdb89977181a4b40bc4699ab604ffbdf6721efba212f87ea19056e30ad2e04c3a8d88098fb57f6e18eaea694e716797623c6580ab50fe1775d028aa6b0399d28af49f229b47ba69750437633c8bdac94c0113dd1f8cc4ec33d9b9e12c7cb5a118a39d8892ef3f036f43d333a56a43da26a0609b698a20fdd59ed599deb79c04a173e0fe128bf99fd8fe00"})
fcntl$notify(r5, 0x402, 0x8)
ioctl$VIDIOC_ENCODER_CMD(r3, 0xc028564d, &(0x7f0000000f40)={0x3, 0x0, [0x1000, 0x1, 0x4, 0xffed, 0x1000, 0x2c, 0x1, 0x101]})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000f80)={0x3})
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000fc0)={0x101, 0x0, 0x7, 0x3, 0x8000, 0x3, 0x5, 0xb5, <r8=>0x0}, &(0x7f0000001000)=0x20)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000001040)={r8, 0x0, 0x5, 0x1, 0x2, 0xc9a}, &(0x7f0000001080)=0x14)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001380)={r0, 0xe0, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f00000010c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000001100)=[0x0, 0x0, 0x0], &(0x7f0000001140)=[0x0], <r9=>0x0, 0x58, &(0x7f0000001180)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000011c0), &(0x7f0000001200), 0x8, 0x44, 0x8, 0x8, &(0x7f0000001240)}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000013c0)=r9, 0x4)
getsockname$inet6(r0, &(0x7f0000001400)={0xa, 0x0, 0x0, @private1}, &(0x7f0000001440)=0x1c)
r10 = getpid()
r11 = syz_open_procfs(r10, &(0x7f0000001480)='cgroup\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f00000014c0)={0x10200, 0x1, 0xeee64000, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000001600)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000015c0)={&(0x7f0000001580)={0x14, r12, 0x400, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x44000)

kernel console output (not intermixed with test programs):

[   31.167157][   T39] audit: type=1400 audit(1731403179.913:82): avc:  denied  { siginh } for  pid=5850 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:19010' (ED25519) to the list of known hosts.
[   31.906883][   T39] audit: type=1400 audit(1731403180.683:83): avc:  denied  { name_bind } for  pid=5854 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   31.937195][   T39] audit: type=1400 audit(1731403180.713:84): avc:  denied  { execute } for  pid=5856 comm="sh" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   31.942938][   T39] audit: type=1400 audit(1731403180.713:85): avc:  denied  { execute_no_trans } for  pid=5856 comm="sh" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   33.106901][   T39] audit: type=1400 audit(1731403181.873:86): avc:  denied  { read } for  pid=5339 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   33.112990][   T39] audit: type=1400 audit(1731403181.883:87): avc:  denied  { append } for  pid=5339 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   33.622102][ T5856] cgroup: Unknown subsys name 'net'
[   33.731392][ T5856] cgroup: Unknown subsys name 'cpuset'
[   33.734646][ T5856] cgroup: Unknown subsys name 'rlimit'
[   33.895876][ T5904] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   34.535918][ T5856] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   37.042835][   T39] kauditd_printk_skb: 17 callbacks suppressed
[   37.042845][   T39] audit: type=1400 audit(1731403185.813:105): avc:  denied  { execmem } for  pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   37.180894][   T39] audit: type=1400 audit(1731403185.953:106): avc:  denied  { create } for  pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   37.187347][   T39] audit: type=1400 audit(1731403185.953:107): avc:  denied  { read write } for  pid=5937 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.195533][   T39] audit: type=1400 audit(1731403185.953:108): avc:  denied  { open } for  pid=5937 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   37.206315][   T39] audit: type=1400 audit(1731403185.973:109): avc:  denied  { ioctl } for  pid=5937 comm="syz-executor" path="socket:[6388]" dev="sockfs" ino=6388 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   37.229469][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   37.240251][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   37.243724][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   37.246387][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   37.250053][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   37.252929][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   37.256285][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   37.258610][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   37.261110][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   37.263209][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   37.263833][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   37.264258][ T5953] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   37.264759][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   37.264834][ T5953] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   37.265253][ T5953] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   37.265563][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   37.265777][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   37.265888][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   37.267733][ T5950] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   37.269643][   T64] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   37.271276][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   37.272680][   T39] audit: type=1400 audit(1731403186.043:110): avc:  denied  { read } for  pid=5937 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   37.272748][   T64] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   37.273703][   T64] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   37.274012][   T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   37.296015][   T39] audit: type=1400 audit(1731403186.043:111): avc:  denied  { open } for  pid=5937 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   37.302094][   T39] audit: type=1400 audit(1731403186.043:112): avc:  denied  { mounton } for  pid=5937 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   37.378988][   T39] audit: type=1400 audit(1731403186.153:113): avc:  denied  { module_request } for  pid=5949 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   37.403716][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   37.510795][ T5937] chnl_net:caif_netlink_parms(): no params data found
[   37.570431][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.572667][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.574656][ T5949] bridge_slave_0: entered allmulticast mode
[   37.576885][ T5949] bridge_slave_0: entered promiscuous mode
[   37.581998][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.583877][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.585731][ T5949] bridge_slave_1: entered allmulticast mode
[   37.587890][ T5949] bridge_slave_1: entered promiscuous mode
[   37.617111][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   37.624960][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   37.644728][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.699024][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.723581][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.726317][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.731073][ T5937] bridge_slave_0: entered allmulticast mode
[   37.734902][ T5937] bridge_slave_0: entered promiscuous mode
[   37.738879][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.741368][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.743934][ T5937] bridge_slave_1: entered allmulticast mode
[   37.746923][ T5937] bridge_slave_1: entered promiscuous mode
[   37.813137][ T5949] team0: Port device team_slave_0 added
[   37.850246][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.853446][ T5949] team0: Port device team_slave_1 added
[   37.856308][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.858880][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.860759][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.862792][ T5941] bridge_slave_0: entered allmulticast mode
[   37.864870][ T5941] bridge_slave_0: entered promiscuous mode
[   37.867264][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.869822][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.872221][ T5943] bridge_slave_0: entered allmulticast mode
[   37.875124][ T5943] bridge_slave_0: entered promiscuous mode
[   37.911063][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.913481][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.916077][ T5941] bridge_slave_1: entered allmulticast mode
[   37.918285][ T5941] bridge_slave_1: entered promiscuous mode
[   37.930247][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.932454][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.934870][ T5943] bridge_slave_1: entered allmulticast mode
[   37.937517][ T5943] bridge_slave_1: entered promiscuous mode
[   37.958882][ T5937] team0: Port device team_slave_0 added
[   37.983235][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.985093][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.992457][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.996846][ T5937] team0: Port device team_slave_1 added
[   38.007111][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.010481][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.013077][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.014937][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.022492][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.035007][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.053575][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.072272][ T5941] team0: Port device team_slave_0 added
[   38.074150][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.075970][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.083059][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.102434][ T5943] team0: Port device team_slave_0 added
[   38.105466][ T5943] team0: Port device team_slave_1 added
[   38.109040][ T5941] team0: Port device team_slave_1 added
[   38.123024][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.125420][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.133945][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.185480][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.187407][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.194061][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.199367][ T5949] hsr_slave_0: entered promiscuous mode
[   38.201408][ T5949] hsr_slave_1: entered promiscuous mode
[   38.217461][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.219304][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.225775][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.229450][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.231966][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.241215][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.259219][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.261695][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.270689][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.296185][ T5937] hsr_slave_0: entered promiscuous mode
[   38.298867][ T5937] hsr_slave_1: entered promiscuous mode
[   38.300925][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.303052][ T5937] Cannot create hsr debugfs directory
[   38.390321][ T5943] hsr_slave_0: entered promiscuous mode
[   38.392305][ T5943] hsr_slave_1: entered promiscuous mode
[   38.394067][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.396091][ T5943] Cannot create hsr debugfs directory
[   38.402954][ T5941] hsr_slave_0: entered promiscuous mode
[   38.404821][ T5941] hsr_slave_1: entered promiscuous mode
[   38.406898][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.408914][ T5941] Cannot create hsr debugfs directory
[   38.614645][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   38.619099][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   38.622087][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   38.629637][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   38.648650][ T5937] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   38.654244][ T5937] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   38.658765][ T5937] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   38.663071][ T5937] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   38.699198][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   38.704551][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   38.708316][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   38.711489][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   38.739046][ T5943] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   38.742137][ T5943] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   38.745225][ T5943] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   38.748493][ T5943] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   38.769406][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.783299][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   38.798702][ T1208] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.800995][ T1208] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.812570][ T1208] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.814429][ T1208] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.819543][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.840168][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.845080][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.848556][ T5937] 8021q: adding VLAN 0 to HW filter on device team0
[   38.862930][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.865522][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.870317][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   38.875773][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.877992][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.883504][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   38.887863][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.889730][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.908426][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.911050][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.914379][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.916975][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.923575][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.926147][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.971328][   T39] audit: type=1400 audit(1731403187.743:114): avc:  denied  { sys_module } for  pid=5949 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   39.013414][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.029984][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.042777][ T5949] veth0_vlan: entered promiscuous mode
[   39.047753][ T5949] veth1_vlan: entered promiscuous mode
[   39.063553][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.073020][ T5943] veth0_vlan: entered promiscuous mode
[   39.076478][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.086436][ T5943] veth1_vlan: entered promiscuous mode
[   39.091751][ T5949] veth0_macvtap: entered promiscuous mode
[   39.095891][ T5949] veth1_macvtap: entered promiscuous mode
[   39.102986][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.113321][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.117817][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.120292][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.122697][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.124975][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.143014][ T5941] veth0_vlan: entered promiscuous mode
[   39.148415][ T5943] veth0_macvtap: entered promiscuous mode
[   39.152281][ T5943] veth1_macvtap: entered promiscuous mode
[   39.159217][ T5937] veth0_vlan: entered promiscuous mode
[   39.162843][ T5937] veth1_vlan: entered promiscuous mode
[   39.168204][ T5941] veth1_vlan: entered promiscuous mode
[   39.182577][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.185534][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.189632][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.202287][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.205716][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.210207][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.217155][ T5941] veth0_macvtap: entered promiscuous mode
[   39.222023][ T5943] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.222302][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.224293][ T5943] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.226261][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.229714][ T5943] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.233242][ T5943] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.249316][ T5941] veth1_macvtap: entered promiscuous mode
[   39.258673][ T5937] veth0_macvtap: entered promiscuous mode
[   39.265263][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.267666][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.270135][ T5937] veth1_macvtap: entered promiscuous mode
[   39.276127][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.279228][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.281780][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.284462][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.288465][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.297920][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.301311][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.304899][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.308371][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.311703][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.317047][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.319331][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.321613][ T5941] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.323861][ T5941] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.327075][ T5299] Bluetooth: hci3: command tx timeout
[   39.327079][ T5950] Bluetooth: hci0: command tx timeout
[   39.327083][ T5940] Bluetooth: hci1: command tx timeout
[   39.327338][ T5940] Bluetooth: hci2: command tx timeout
[   39.329617][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.336163][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.338998][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.341240][ T5949] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   39.341895][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.341902][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.351445][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.355159][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.365866][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.370300][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.372731][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.375409][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.378315][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.381012][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.384159][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.395967][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.398860][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.402270][ T5937] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.405232][ T5937] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.408917][ T5937] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.411914][ T5937] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.443384][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.445479][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.451364][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.454519][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.471818][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.473934][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.484564][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.488437][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.505483][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.509173][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.546358][ T6015] bond0: option ad_select: unable to set because the bond device is up
[   39.644298][ T6032] program syz.1.9 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   39.734912][ T6047] MPI: mpi too large (187712 bits)
[   39.737786][ T6047] IPVS: length: 24 != 1190616
[   39.771826][ T6054] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16'.
[   39.774332][ T6054] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16'.
[   39.778300][ T6054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=6054 comm=syz.0.16
[   39.783600][ T6054] overlayfs: failed to resolve './file0': -2
[   39.794170][ T6056] Invalid logical block size (65535)
[   39.835631][ T6073] bond0: option ad_select: unable to set because the bond device is up
[   39.846411][ T6079] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   39.873433][ T6083] capability: warning: `syz.0.25' uses deprecated v2 capabilities in a way that may be insecure
[   39.877113][ T6082] netlink: 4 bytes leftover after parsing attributes in process `syz.1.23'.
[   39.901855][ T6086] Context (ID=0x1) not attached to queue pair (handle=0x2:0x0)
[   39.910781][ T6087] netlink: 52 bytes leftover after parsing attributes in process `syz.3.22'.
[   39.913179][ T6087] netlink: 52 bytes leftover after parsing attributes in process `syz.3.22'.
[   39.917590][ T6087] netlink: 32 bytes leftover after parsing attributes in process `syz.3.22'.
[   39.921484][ T6087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   40.034446][ T6098] Zero length message leads to an empty skb
[   40.070107][ T6102] sp0: Synchronizing with TNC
[   40.114379][ T6102] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   40.142791][ T6107] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.255088][ T6118] netlink: 72 bytes leftover after parsing attributes in process `syz.1.35'.
[   41.052602][ T6121] 9pnet_fd: Insufficient options for proto=fd
[   41.055389][ T6125] netlink: 16 bytes leftover after parsing attributes in process `syz.2.37'.
[   41.055600][ T6121] netlink: 16 bytes leftover after parsing attributes in process `syz.2.37'.
[   41.057766][ T6124] bond0: option ad_select: unable to set because the bond device is up
[   41.125084][ T6132] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.159800][ T6135] capability: warning: `syz.0.40' uses 32-bit capabilities (legacy support in use)
[   41.208621][ T6145] netlink: 12 bytes leftover after parsing attributes in process `syz.3.42'.
[   41.215641][ T6145] No control pipe specified
[   41.268891][  T829] kernel read not supported for file /audio1 (pid: 829 comm: kworker/1:2)
[   41.406770][ T5299] Bluetooth: hci3: command tx timeout
[   41.406806][ T5950] Bluetooth: hci2: command tx timeout
[   41.406833][ T5945] Bluetooth: hci1: command tx timeout
[   41.406855][ T5945] Bluetooth: hci0: command tx timeout
[   41.455604][ T6187] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.614616][ T6218] pim6reg: entered allmulticast mode
[   41.617401][ T6218] pim6reg: left allmulticast mode
[   41.843373][ T6249] pim6reg: entered allmulticast mode
[   41.847251][ T6249] pim6reg: left allmulticast mode
[   41.921410][ T6251] warning: `syz.2.65' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   41.933820][ T6253] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   42.004605][ T6259] fuse: Unknown parameter 'Fo'
[   42.065269][   T39] kauditd_printk_skb: 152 callbacks suppressed
[   42.065280][   T39] audit: type=1400 audit(1731403190.833:267): avc:  denied  { name_connect } for  pid=6269 comm="syz.1.71" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   42.072194][   T39] audit: type=1400 audit(1731403190.843:268): avc:  denied  { listen } for  pid=6269 comm="syz.1.71" lport=42030 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   42.077435][   T39] audit: type=1400 audit(1731403190.843:269): avc:  denied  { accept } for  pid=6269 comm="syz.1.71" lport=42030 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   42.079090][ T6273] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.082639][   T39] audit: type=1400 audit(1731403190.843:270): avc:  denied  { map } for  pid=6269 comm="syz.1.71" path="socket:[10624]" dev="sockfs" ino=10624 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[   42.091014][ T6273] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[   42.091896][   T39] audit: type=1400 audit(1731403190.853:271): avc:  denied  { create } for  pid=6274 comm="syz.2.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   42.101376][   T39] audit: type=1400 audit(1731403190.853:272): avc:  denied  { bind } for  pid=6274 comm="syz.2.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   42.128385][   T39] audit: type=1400 audit(1731403190.903:273): avc:  denied  { create } for  pid=6276 comm="syz.2.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   42.134159][   T39] audit: type=1400 audit(1731403190.903:274): avc:  denied  { write } for  pid=6276 comm="syz.2.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   42.139260][   T39] audit: type=1400 audit(1731403190.903:275): avc:  denied  { execute } for  pid=6276 comm="syz.2.73" path="/17/cpu.stat" dev="tmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   42.162670][   T39] audit: type=1400 audit(1731403190.933:276): avc:  denied  { read } for  pid=6278 comm="syz.2.74" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   42.163575][ T6279] netlink: 'syz.2.74': attribute type 11 has an invalid length.
[   42.238089][ T6284] netlink: 'syz.0.76': attribute type 2 has an invalid length.
[   42.240086][ T6284] netlink: 'syz.0.76': attribute type 7 has an invalid length.
[   42.303759][ T6295] process 'syz.2.79' launched '/dev/fd/12' with NULL argv: empty string added
[   42.462006][ T6307] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.496739][  T829] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   42.552965][ T6309] infiniband syz1: set active
[   42.554370][ T6309] infiniband syz1: added team_slave_0
[   42.556847][ T6309] syz1: rxe_create_cq: returned err = -12
[   42.558730][ T6309] infiniband syz1: Couldn't create ib_mad CQ
[   42.560456][ T6309] infiniband syz1: Couldn't open port 1
[   42.572848][ T6309] RDS/IB: syz1: added
[   42.574108][ T6309] smc: adding ib device syz1 with port count 1
[   42.575819][ T6309] smc:    ib device syz1 port 1 has pnetid 
[   42.659812][  T829] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[   42.662173][  T829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   42.665386][  T829] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[   42.667810][  T829] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[   42.669913][  T829] usb 5-1: Manufacturer: syz
[   42.673094][  T829] usb 5-1: config 0 descriptor??
[   42.716635][  T829] rc_core: IR keymap rc-hauppauge not found
[   42.718470][  T829] Registered IR keymap rc-empty
[   42.720939][  T829] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[   42.725781][  T829] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input5
[   42.756395][ T6316] mmap: syz.3.84 (6316) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   42.893310][  T829] usb 5-1: USB disconnect, device number 2
[   43.014983][   T55] IPVS: starting estimator thread 0...
[   43.030187][ T6337] tipc: Started in network mode
[   43.031608][ T6337] tipc: Node identity ac1414aa, cluster identity 4711
[   43.034161][ T6337] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   43.036193][ T6337] tipc: Enabled bearer <udp:s>, priority 10
[   43.078525][ T6347] batman_adv: batadv0: Adding interface: dummy0
[   43.080232][ T6347] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   43.086688][ T6347] batman_adv: batadv0: Interface activated: dummy0
[   43.091770][ T6347] batadv0: mtu less than device minimum
[   43.094428][ T6347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.097988][ T6347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.101470][ T6347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.104889][ T6347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.107916][ T6338] IPVS: using max 35 ests per chain, 84000 per kthread
[   43.108457][ T6347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.113394][ T6347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   43.136541][ T6354] loop2: detected capacity change from 0 to 7
[   43.143728][ T5943] Dev loop2: unable to read RDB block 7
[   43.145297][ T5943]  loop2: AHDI p2
[   43.146286][ T5943] loop2: partition table partially beyond EOD, truncated
[   43.152302][ T6354] Dev loop2: unable to read RDB block 7
[   43.153772][ T6354]  loop2: AHDI p2
[   43.154751][ T6354] loop2: partition table partially beyond EOD, truncated
[   43.207144][ T5983] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   43.226463][ T6365] netlink: 'syz.2.99': attribute type 5 has an invalid length.
[   43.272929][ T6377] syz.3.105 uses obsolete (PF_INET,SOCK_PACKET)
[   43.311770][ T6384] Cannot find del_set index 0 as target
[   43.333084][ T6386] xt_l2tp: wrong L2TP version: 0
[   43.356657][ T5983] usb 6-1: Using ep0 maxpacket: 8
[   43.359717][ T5983] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[   43.361880][ T5983] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   43.364447][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   43.367573][ T5983] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   43.370453][ T5983] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   43.373754][ T5983] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   43.376155][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.486965][ T5299] Bluetooth: hci1: command tx timeout
[   43.487158][ T5950] Bluetooth: hci2: command tx timeout
[   43.583061][ T5983] usb 6-1: usb_control_msg returned -32
[   43.584606][ T5983] usbtmc 6-1:16.0: can't read capabilities
[   43.606643][ T5317] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   43.756632][ T5317] usb 5-1: Using ep0 maxpacket: 8
[   43.759535][ T5317] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[   43.762197][ T5317] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   43.765167][ T5317] usb 5-1: config 0 has no interface number 0
[   43.767064][ T5317] usb 5-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   43.770121][ T5317] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   43.772955][ T5317] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   43.776256][ T5317] usb 5-1: config 0 interface 52 has no altsetting 0
[   43.778063][ T5317] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[   43.780458][ T5317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.783552][ T5317] usb 5-1: config 0 descriptor??
[   43.942964][ T6408] usbtmc 6-1:16.0: usb_control_msg returned -71
[   43.943570][ T5972] usb 6-1: USB disconnect, device number 2
[   43.988739][ T5317] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.52/input/input6
[   44.157176][ T5317] tipc: Node number set to 2886997162
[   44.164497][ T6386] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   44.265116][  T829] usb 5-1: USB disconnect, device number 3
[   44.356946][ T6435] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.393238][ T6435] infiniband syz1: set down
[   44.401579][ T6435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.407335][ T6435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.441513][ T6435] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   44.443894][ T6435] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   44.446233][ T6435] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   44.455469][ T6435] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   44.640099][ T6461] kvm: emulating exchange as write
[   44.660060][ T6447] ptm ptm0: ldisc open failed (-12), clearing slot 0
[   44.716802][   T25] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   44.852708][   T25] usb 6-1: device descriptor read/64, error -71
[   44.933815][ T6485] netlink: 'syz.0.130': attribute type 10 has an invalid length.
[   44.942534][ T6485] batman_adv: batadv0: Adding interface: team0
[   44.944309][ T6485] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.951732][ T6485] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   44.956021][ T6485] netlink: 'syz.0.130': attribute type 10 has an invalid length.
[   44.958477][ T6485] __nla_validate_parse: 17 callbacks suppressed
[   44.958489][ T6485] netlink: 2 bytes leftover after parsing attributes in process `syz.0.130'.
[   44.962549][ T6485] team0: entered promiscuous mode
[   44.963929][ T6485] team_slave_0: entered promiscuous mode
[   44.965611][ T6485] team_slave_1: entered promiscuous mode
[   44.968056][ T6485] 8021q: adding VLAN 0 to HW filter on device team0
[   44.970496][ T6485] batman_adv: batadv0: Interface activated: team0
[   44.987459][ T6485] batman_adv: batadv0: Interface deactivated: team0
[   45.004928][ T6485] batman_adv: batadv0: Removing interface: team0
[   45.008386][ T6485] bridge0: port 3(team0) entered blocking state
[   45.010062][ T6485] bridge0: port 3(team0) entered disabled state
[   45.011847][ T6485] team0: entered allmulticast mode
[   45.013160][ T6485] team_slave_0: entered allmulticast mode
[   45.014616][ T6485] team_slave_1: entered allmulticast mode
[   45.017324][ T6485] bridge0: port 3(team0) entered blocking state
[   45.019679][ T6485] bridge0: port 3(team0) entered forwarding state
[   45.096711][   T25] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   45.112880][ T6486] netlink: 12 bytes leftover after parsing attributes in process `syz.0.130'.
[   45.226651][   T25] usb 6-1: device descriptor read/64, error -71
[   45.301126][ T6502] pim6reg1: entered promiscuous mode
[   45.302713][ T6502] pim6reg1: entered allmulticast mode
[   45.327442][ T5950] Bluetooth: hci3: command tx timeout
[   45.337206][   T25] usb usb6-port1: attempt power cycle
[   45.412270][ T6505] sch_fq: defrate 0 ignored.
[   45.527985][ T6519] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6519 comm=syz.3.140
[   45.543263][ T6522] netlink: 12 bytes leftover after parsing attributes in process `syz.0.139'.
[   45.566838][ T5950] Bluetooth: hci2: command tx timeout
[   45.578028][ T5950] Bluetooth: hci1: command tx timeout
[   45.579846][ T6513] ptrace attach of "/syz-executor exec"[6527] was attempted by "/syz-executor exec"[6513]
[   45.618181][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.3.142'.
[   45.620601][ T6536] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[   45.622833][ T6536] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (1)
[   45.658157][ T6541] xt_hashlimit: size too large, truncated to 1048576
[   45.676454][ T6543] 9pnet_fd: Insufficient options for proto=fd
[   45.676677][   T25] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   45.699901][   T25] usb 6-1: device descriptor read/8, error -71
[   45.720386][ T6550] devtmpfs: Cannot change global quota limit on remount
[   45.727731][ T6546] ubi0: attaching mtd0
[   45.732232][ T6546] ubi0: scanning is finished
[   45.734827][ T6546] ubi0: empty MTD device detected
[   45.781754][ T6552] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[   45.784216][ T6552] overlayfs: missing 'lowerdir'
[   45.804377][ T6546] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   45.806483][ T6546] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3520 bytes
[   45.809804][ T6546] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   45.811689][ T6546] ubi0: VID header offset: 512 (aligned 512), data offset: 576
[   45.813726][ T6546] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   45.815569][ T6546] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 20
[   45.818255][ T6546] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3218190178
[   45.820967][ T6546] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   45.826682][ T6553] ubi0: background thread "ubi_bgt0d" started, PID 6553
[   45.848016][ T6555] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[   45.849824][ T6555] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   45.853150][ T6555] vhci_hcd vhci_hcd.0: Device attached
[   45.855112][ T6555] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   45.855558][ T6558] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   45.868120][ T6556] vhci_hcd: connection closed
[   45.869501][ T1167] vhci_hcd: stop threads
[   45.872213][ T1167] vhci_hcd: release socket
[   45.873519][ T1167] vhci_hcd: disconnect device
[   45.937309][   T25] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   45.957302][   T25] usb 6-1: device descriptor read/8, error -71
[   46.066778][   T25] usb usb6-port1: unable to enumerate USB device
[   46.126615][    C2] net_ratelimit: 64 callbacks suppressed
[   46.126628][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   46.226655][ T3218] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   46.356684][ T3218] usb 5-1: device descriptor read/64, error -71
[   46.597139][ T3218] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[   46.625407][ T6605] netlink: 256 bytes leftover after parsing attributes in process `syz.3.160'.
[   46.642891][ T6607] xt_l2tp: invalid flags combination: c
[   46.726649][ T3218] usb 5-1: device descriptor read/64, error -71
[   46.846997][ T3218] usb usb5-port1: attempt power cycle
[   47.166621][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   47.206652][ T3218] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[   47.228984][ T3218] usb 5-1: device descriptor read/8, error -71
[   47.487089][ T3218] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[   47.511831][   T39] kauditd_printk_skb: 259 callbacks suppressed
[   47.511847][   T39] audit: type=1400 audit(2000000002.659:536): avc:  denied  { shutdown } for  pid=6626 comm="syz.3.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   47.528440][ T3218] usb 5-1: device descriptor read/8, error -71
[   47.534489][   T39] audit: type=1400 audit(2000000002.679:537): avc:  denied  { read } for  pid=6628 comm="syz.1.169" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   47.540766][   T39] audit: type=1400 audit(2000000002.679:538): avc:  denied  { open } for  pid=6628 comm="syz.1.169" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   47.547753][   T39] audit: type=1400 audit(2000000002.679:539): avc:  denied  { ioctl } for  pid=6628 comm="syz.1.169" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   47.636797][ T3218] usb usb5-port1: unable to enumerate USB device
[   47.791430][   T39] audit: type=1400 audit(2000000002.939:540): avc:  denied  { ioctl } for  pid=6640 comm="syz.3.172" path="socket:[11484]" dev="sockfs" ino=11484 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   47.801394][ T6643] netlink: 'syz.3.172': attribute type 9 has an invalid length.
[   47.803379][ T6643] netlink: 134660 bytes leftover after parsing attributes in process `syz.3.172'.
[   47.878747][ T6621] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   47.904055][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   47.905801][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.907914][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.910072][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(7)
[   47.911802][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.914190][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.916336][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(9)
[   47.918045][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.920631][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.923255][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(11)
[   47.925025][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.927578][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.930659][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(13)
[   47.932475][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.935623][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.940441][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(15)
[   47.942720][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.947817][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.952555][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(17)
[   47.954829][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.957177][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.959435][ T6646] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(19)
[   47.961194][ T6646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   47.964644][ T6646] vhci_hcd vhci_hcd.0: Device attached
[   47.969647][ T6646] vhci_hcd vhci_hcd.0: port 0 already used
[   47.975815][ T6661] vhci_hcd: connection closed
[   47.975875][ T6657] vhci_hcd: connection closed
[   47.975926][ T6655] vhci_hcd: connection closed
[   47.976181][ T6653] vhci_hcd: connection closed
[   47.977249][ T6651] vhci_hcd: connection closed
[   47.977401][ T6659] vhci_hcd: connection closed
[   47.977747][ T1167] vhci_hcd: stop threads
[   47.977763][ T1167] vhci_hcd: release socket
[   47.977771][ T1167] vhci_hcd: disconnect device
[   47.977913][ T1167] vhci_hcd: stop threads
[   47.977917][ T1167] vhci_hcd: release socket
[   47.977924][ T1167] vhci_hcd: disconnect device
[   47.978284][ T1167] vhci_hcd: stop threads
[   47.978291][ T1167] vhci_hcd: release socket
[   47.978298][ T1167] vhci_hcd: disconnect device
[   47.978852][ T1167] vhci_hcd: stop threads
[   47.978882][ T6664] vhci_hcd: connection closed
[   47.979920][ T6649] vhci_hcd: connection closed
[   47.981032][ T1167] vhci_hcd: release socket
[   47.981042][ T1167] vhci_hcd: disconnect device
[   48.000812][ T1167] vhci_hcd: stop threads
[   48.001943][ T1167] vhci_hcd: release socket
[   48.003113][ T1167] vhci_hcd: disconnect device
[   48.004844][ T1167] vhci_hcd: stop threads
[   48.005962][ T1167] vhci_hcd: release socket
[   48.007770][ T1167] vhci_hcd: disconnect device
[   48.009800][ T1167] vhci_hcd: stop threads
[   48.010971][ T1167] vhci_hcd: release socket
[   48.012535][ T1167] vhci_hcd: disconnect device
[   48.013920][ T1167] vhci_hcd: stop threads
[   48.015457][ T1167] vhci_hcd: release socket
[   48.016775][ T1167] vhci_hcd: disconnect device
[   48.038201][   T39] audit: type=1400 audit(2000000003.189:541): avc:  denied  { connect } for  pid=6674 comm="syz.1.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   48.045175][   T39] audit: type=1400 audit(2000000003.189:542): avc:  denied  { write } for  pid=6674 comm="syz.1.176" path="socket:[12808]" dev="sockfs" ino=12808 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   48.092077][   T39] audit: type=1400 audit(2000000003.239:543): avc:  denied  { read } for  pid=6674 comm="syz.1.176" path="socket:[12808]" dev="sockfs" ino=12808 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   48.153563][ T6676] xt_hashlimit: invalid rate
[   48.206623][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   48.515126][   T39] audit: type=1400 audit(2000000003.659:544): avc:  denied  { append } for  pid=6677 comm="syz.2.177" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   48.528886][ T6678] netlink: 28 bytes leftover after parsing attributes in process `syz.2.177'.
[   48.662776][ T6687] fuse: Bad value for 'fd'
[   48.976707][   T30] usb 7-1: new low-speed USB device number 2 using dummy_hcd
[   48.992587][ T6705] support for cryptoloop has been removed.  Use dm-crypt instead.
[   49.000195][ T6706] tty tty3: ldisc open failed (-12), clearing slot 2
[   49.023018][ T6711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.188'.
[   49.077485][ T6711] hsr_slave_1 (unregistering): left promiscuous mode
[   49.122016][   T39] audit: type=1400 audit(2000000004.269:545): avc:  denied  { create } for  pid=6716 comm="syz.0.190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   49.140352][   T30] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   49.143048][   T30] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[   49.145336][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.148120][   T30] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   49.148366][ T6719] xt_hashlimit: size too large, truncated to 1048576
[   49.150437][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.156908][   T30] hub 7-1:1.0: bad descriptor, ignoring hub
[   49.158464][   T30] hub 7-1:1.0: probe with driver hub failed with error -5
[   49.160456][   T30] cdc_wdm 7-1:1.0: skipping garbage
[   49.161809][   T30] cdc_wdm 7-1:1.0: skipping garbage
[   49.164472][   T30] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   49.166010][   T30] cdc_wdm 7-1:1.0: Unknown control protocol
[   49.246616][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   49.392198][ T6727] netlink: 24 bytes leftover after parsing attributes in process `syz.0.194'.
[   49.504691][ T6747] netlink: 'syz.0.201': attribute type 8 has an invalid length.
[   49.506964][ T6747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.201'.
[   49.796683][ T5972] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   49.875476][ T6797] ip6gre1: entered allmulticast mode
[   49.920029][ T6684] cdc_wdm 7-1:1.0: Error autopm - -16
[   49.926785][   T30] usb 7-1: USB disconnect, device number 2
[   49.950282][ T5972] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   49.950297][ T5972] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   49.950306][ T5972] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[   49.950322][ T5972] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   49.950334][ T5972] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   49.951494][ T5972] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   49.954360][ T6800] xt_AUDIT: Audit type out of range (valid range: 0..2)
[   49.954633][ T5972] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   49.972840][ T5972] usb 8-1: Product: syz
[   49.973933][ T5972] usb 8-1: Manufacturer: syz
[   49.978641][ T5972] cdc_wdm 8-1:1.0: skipping garbage
[   49.980708][ T5972] cdc_wdm 8-1:1.0: skipping garbage
[   49.981178][ T5972] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[   49.981188][ T5972] cdc_wdm 8-1:1.0: Unknown control protocol
[   50.076672][   T30] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   50.206633][   T30] usb 7-1: device descriptor read/64, error -71
[   50.232679][   T55] usb 8-1: USB disconnect, device number 2
[   50.232739][    C2] cdc_wdm 8-1:1.0: nonzero urb status received: -71
[   50.236083][    C2] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes
[   50.237687][    C2] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   50.286612][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   50.406745][ T6819] i2c i2c-1: Invalid block write size 34
[   50.432905][ T6825] netlink: 'syz.0.222': attribute type 1 has an invalid length.
[   50.447093][   T30] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   50.577302][   T30] usb 7-1: device descriptor read/64, error -71
[   50.697132][   T30] usb usb7-port1: attempt power cycle
[   50.722006][ T6847] ipvlan2: entered promiscuous mode
[   50.725888][ T6847] batman_adv: batadv0: Adding interface: ipvlan2
[   50.727919][ T6847] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.734628][ T6847] batman_adv: batadv0: Interface activated: ipvlan2
[   50.736335][ T6847] batadv0: mtu less than device minimum
[   50.739298][ T6847] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   50.742844][ T6847] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   50.746247][ T6847] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   50.750157][ T6847] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   51.047380][   T30] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   51.067321][   T30] usb 7-1: device descriptor read/8, error -71
[   51.326625][   T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   51.326721][    C0] net_ratelimit: 15 callbacks suppressed
[   51.326732][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   51.358989][   T30] usb 7-1: device descriptor read/8, error -71
[   51.466791][   T30] usb usb7-port1: unable to enumerate USB device
[   51.677550][ T6889] __nla_validate_parse: 1 callbacks suppressed
[   51.677564][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.681959][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.684716][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.687699][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.690239][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.692826][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.695201][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.697839][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.700202][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.702514][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'.
[   51.787110][ T6868] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   51.803422][ T6897] ufs: failed to set blocksize
[   51.872223][ T6916] o2cb: This node has not been configured.
[   51.873889][ T6916] o2cb: Cluster check failed. Fix errors before retrying.
[   51.875766][ T6916] (syz.2.245,6916,0):user_dlm_register:674 ERROR: status = -22
[   51.878591][ T6916] (syz.2.245,6916,0):dlmfs_mkdir:436 ERROR: Error -22 could not register domain "file0"
[   52.030975][ T6948] Bluetooth: MGMT ver 1.23
[   52.118723][ T6951] /dev/sr0: Can't open blockdev
[   52.118810][ T6969] mac80211_hwsim hwsim6 wlan0: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[   52.158916][ T6976] (syz.2.261,6976,3):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   52.161313][ T6976] (syz.2.261,6976,3):ocfs2_fill_super:1178 ERROR: status = -22
[   52.321029][ T7001] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[   52.322909][ T7001] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[   52.335497][ T7003] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[   52.365165][ T7003] batman_adv: The newly added mac address (08:02:11:00:00:01) already exists on: ipvlan2
[   52.368432][ T7003] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.376664][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   52.381522][ T7014] nbd: must specify an index to disconnect
[   52.383405][ T7014] 9pnet_fd: Insufficient options for proto=fd
[   52.410779][ T7016] usb 1-1: USB disconnect, device number 2
[   52.488193][ T7009] random: crng reseeded on system resumption
[   52.676722][ T7033] netem: change failed
[   52.696754][   T55] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   52.817668][   T39] kauditd_printk_skb: 47 callbacks suppressed
[   52.817683][   T39] audit: type=1400 audit(2000000007.969:593): avc:  denied  { sys_chroot } for  pid=7048 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   52.825566][   T39] audit: type=1400 audit(2000000007.969:594): avc:  denied  { setgid } for  pid=7048 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   52.831796][   T39] audit: type=1400 audit(2000000007.969:595): avc:  denied  { setuid } for  pid=7048 comm="dhcpcd" capability=7  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[   52.847021][   T55] usb 5-1: Using ep0 maxpacket: 32
[   52.850016][   T55] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[   52.852157][   T55] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   52.854400][   T55] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[   52.857074][   T55] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   52.859965][   T55] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   52.862466][   T55] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   52.865847][   T55] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   52.868415][   T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.871494][   T55] usb 5-1: config 0 descriptor??
[   53.041507][ T7068] 9pnet_fd: Insufficient options for proto=fd
[   53.076032][   T39] audit: type=1400 audit(2000000008.219:596): avc:  denied  { bind } for  pid=7076 comm="syz.3.290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   53.081921][   T55] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   53.084352][   T39] audit: type=1326 audit(2000000008.229:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7019 comm="syz.0.274" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe9d3b7e719 code=0x0
[   53.131349][   T39] audit: type=1400 audit(2000000008.279:598): avc:  denied  { append } for  pid=7084 comm="syz.3.292" name="btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   53.138336][   T39] audit: type=1400 audit(2000000008.289:599): avc:  denied  { read write } for  pid=7019 comm="syz.0.274" name="lp0" dev="devtmpfs" ino=2823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[   53.144552][   T39] audit: type=1400 audit(2000000008.289:600): avc:  denied  { open } for  pid=7019 comm="syz.0.274" path="/dev/usb/lp0" dev="devtmpfs" ino=2823 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[   53.144828][    C0] usblp0: nonzero read bulk status received: -71
[   53.153648][    T9] usb 5-1: USB disconnect, device number 8
[   53.193736][   T39] audit: type=1400 audit(2000000008.339:601): avc:  denied  { setopt } for  pid=7091 comm="syz.2.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   53.212425][ T7093] netlink: 'syz.3.293': attribute type 12 has an invalid length.
[   53.221006][ T7095] 9pnet_fd: Insufficient options for proto=fd
[   53.225699][ T7093] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   53.229147][ T7093] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   53.232178][ T7093] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   53.235129][ T7093] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   53.238509][ T7093] vxlan0: entered promiscuous mode
[   53.281910][   T39] audit: type=1400 audit(2000000008.429:602): avc:  denied  { ioctl } for  pid=7101 comm="syz.3.298" path="socket:[12094]" dev="sockfs" ino=12094 ioctlcmd=0x9431 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   53.288677][ T7102] dlm: no locking on control device
[   53.389045][ T1208] Bluetooth: hci4: Frame reassembly failed (-84)
[   53.406651][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   53.447173][ T7124] gre1: entered promiscuous mode
[   53.448861][ T7124] team0: Device gre1 is of different type
[   54.378528][ T1167] wlan0: Trigger new scan to find an IBSS to join
[   54.446680][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   54.646310][ T7161] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7161 comm=syz.1.317
[   54.974729][ T7176] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   55.185123][ T7189] xt_CT: You must specify a L4 protocol and not use inversions on it
[   55.406697][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   55.468262][ T7086] usblp0: removed
[   55.486616][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   55.501794][ T7205] Bluetooth: hci4: Frame reassembly failed (-84)
[   55.505814][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[   55.509042][ T7205] Bluetooth: hci4: Frame reassembly failed (-84)
[   55.511138][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[   55.546076][ T5299] Bluetooth: Wrong link type (-22)
[   55.848337][ T7245] trusted_key: syz.1.343 sent an empty control message without MSG_MORE.
[   56.009669][ T7251] 9pnet_fd: Insufficient options for proto=fd
[   56.034312][ T7256] netlink: 'syz.1.346': attribute type 1 has an invalid length.
[   56.120650][ T7257] netlink: 'syz.1.346': attribute type 1 has an invalid length.
[   56.173699][ T7259] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=7259 comm=syz.1.347
[   56.340520][ T7263] pim6reg1: entered promiscuous mode
[   56.341970][ T7263] pim6reg1: entered allmulticast mode
[   56.526640][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   56.580760][ T7281] bridge_slave_1: left allmulticast mode
[   56.582263][ T7281] bridge_slave_1: left promiscuous mode
[   56.583786][ T7281] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.591883][ T7281] bridge_slave_0: left allmulticast mode
[   56.593407][ T7281] bridge_slave_0: left promiscuous mode
[   56.594997][ T7281] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.639747][ T7285] [U] 
[   56.763276][ T7292] =======================================================
[   56.763276][ T7292] WARNING: The mand mount option has been deprecated and
[   56.763276][ T7292]          and is ignored by this kernel. Remove the mand
[   56.763276][ T7292]          option from the mount to silence this warning.
[   56.763276][ T7292] =======================================================
[   56.773671][ T7292] syz.1.359: attempt to access beyond end of device
[   56.773671][ T7292] loop1: rw=0, sector=2, nr_sectors = 2 limit=0
[   56.777442][ T7292] syz.1.359: attempt to access beyond end of device
[   56.777442][ T7292] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[   56.806678][    T8] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   56.956669][    T8] usb 7-1: Using ep0 maxpacket: 8
[   56.959102][    T8] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[   56.961073][    T8] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   56.963395][    T8] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   56.965662][    T8] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   56.968247][    T8] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   56.971761][    T8] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   56.974424][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.036714][    T9] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[   57.181839][    T8] usb 7-1: usb_control_msg returned -32
[   57.183268][    T8] usbtmc 7-1:16.0: can't read capabilities
[   57.197854][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   57.200825][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.203321][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   57.206839][    T9] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[   57.209259][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.212513][    T9] usb 6-1: config 0 descriptor??
[   57.216409][    T9] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input7
[   57.220448][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.223649][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.225907][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.228640][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.245213][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.252697][ T5948] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.255628][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.259137][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.262702][ T5342] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[   57.419042][  T829] usb 6-1: USB disconnect, device number 7
[   57.486706][   T12] wlan0: Trigger new scan to find an IBSS to join
[   57.566644][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   57.566685][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   57.566729][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[   57.598487][ T7305] __nla_validate_parse: 139 callbacks suppressed
[   57.598498][ T7305] netlink: 36 bytes leftover after parsing attributes in process `syz.3.364'.
[   57.603079][ T7305] netlink: 16 bytes leftover after parsing attributes in process `syz.3.364'.
[   57.607708][ T7305] netlink: 36 bytes leftover after parsing attributes in process `syz.3.364'.
[   57.887422][ T7279] usbtmc 7-1:16.0: CHECK_CLEAR_STATUS returned 0
[   58.022641][   T39] kauditd_printk_skb: 33 callbacks suppressed
[   58.022656][   T39] audit: type=1400 audit(2000000013.169:636): avc:  denied  { connect } for  pid=7325 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   58.031933][   T39] audit: type=1400 audit(2000000013.179:637): avc:  denied  { read } for  pid=7325 comm="syz.1.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   58.074760][   T39] audit: type=1400 audit(2000000013.219:638): avc:  denied  { relabelfrom } for  pid=7330 comm="syz.1.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   58.080827][   T39] audit: type=1400 audit(2000000013.219:639): avc:  denied  { relabelto } for  pid=7330 comm="syz.1.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   58.094185][   T55] usb 7-1: USB disconnect, device number 7
[   58.178458][   T39] audit: type=1400 audit(2000000013.329:640): avc:  denied  { write } for  pid=7338 comm="syz.1.373" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   58.178726][ T7339] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7339 comm=syz.1.373
[   58.183575][   T39] audit: type=1400 audit(2000000013.329:641): avc:  denied  { setattr } for  pid=7338 comm="syz.1.373" name="vcsu" dev="devtmpfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[   58.192578][   T39] audit: type=1400 audit(2000000013.339:642): avc:  denied  { ioctl } for  pid=7338 comm="syz.1.373" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x5381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   58.210329][ T7345] netlink: 'syz.1.374': attribute type 4 has an invalid length.
[   58.219780][ T7346] netlink: 'syz.1.374': attribute type 17 has an invalid length.
[   58.320887][ T7357] xt_l2tp: missing protocol rule (udp|l2tpip)
[   58.321619][ T7358] xt_l2tp: missing protocol rule (udp|l2tpip)
[   58.480646][ T7371] sp0: Synchronizing with TNC
[   58.490453][ T7371] program syz.1.383 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   58.494834][   T39] audit: type=1400 audit(2000000013.639:643): avc:  denied  { read } for  pid=7370 comm="syz.1.383" name="fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   58.506121][   T39] audit: type=1400 audit(2000000013.649:644): avc:  denied  { open } for  pid=7370 comm="syz.1.383" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   58.506158][   T39] audit: type=1400 audit(2000000013.649:645): avc:  denied  { ioctl } for  pid=7370 comm="syz.1.383" path="/dev/fb1" dev="devtmpfs" ino=640 ioctlcmd=0x4610 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[   58.606699][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   58.619906][ T7377] misc userio: Begin command sent, but we're already running
[   58.730110][ T7389] evm: overlay not supported
[   58.767292][ T7391] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.389'.
[   58.770747][ T7391] openvswitch: netlink: Geneve option length err (len 3060, max 255).
[   58.819016][ T7394] overlayfs: missing 'workdir'
[   59.233382][ T7399] syz.2.392 (7399): drop_caches: 2
[   59.302027][ T7399] syz.2.392 (7399): drop_caches: 2
[   59.316707][    T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   59.350117][ T7410] netlink: 12 bytes leftover after parsing attributes in process `syz.2.395'.
[   59.400661][ T7419] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20000
[   59.430306][ T7421] netlink: 24 bytes leftover after parsing attributes in process `syz.2.398'.
[   59.435751][ T7421] openvswitch: netlink: nsh attribute has 65512 unknown bytes.
[   59.439900][ T7421] openvswitch: netlink: Actions may not be safe on all matching packets
[   59.469983][ T7425] gadgetfs: Unknown parameter 'trans'
[   59.478333][    T8] usb 6-1: config index 0 descriptor too short (expected 4096, got 36)
[   59.481253][    T8] usb 6-1: config 0 has an invalid descriptor of length 72, skipping remainder of the config
[   59.484800][    T8] usb 6-1: config 0 has no interfaces?
[   59.487001][    T8] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   59.490197][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.498532][    T8] usb 6-1: config 0 descriptor??
[   59.508983][ T7429] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   59.511269][ T7429] overlayfs: missing 'lowerdir'
[   59.535145][ T7436] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   59.538003][ T7436] overlayfs: failed to set xattr on upper
[   59.539564][ T7436] overlayfs: ...falling back to redirect_dir=nofollow.
[   59.541416][ T7436] overlayfs: ...falling back to index=off.
[   59.542965][ T7436] overlayfs: ...falling back to uuid=null.
[   59.575268][ T7443] FAULT_INJECTION: forcing a failure.
[   59.575268][ T7443] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   59.579282][ T7443] CPU: 3 UID: 0 PID: 7443 Comm: syz.2.406 Not tainted 6.12.0-rc7-syzkaller #0
[   59.581624][ T7443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.584544][ T7443] Call Trace:
[   59.585472][ T7443]  <TASK>
[   59.586318][ T7443]  dump_stack_lvl+0x16c/0x1f0
[   59.587613][ T7443]  should_fail_ex+0x497/0x5b0
[   59.588847][ T7443]  _copy_from_user+0x2e/0xd0
[   59.590046][ T7443]  video_usercopy+0xed4/0x1600
[   59.591310][ T7443]  ? __pfx___video_do_ioctl+0x10/0x10
[   59.592708][ T7443]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   59.594486][ T7443]  ? __pfx_video_usercopy+0x10/0x10
[   59.595847][ T7443]  v4l2_ioctl+0x1ba/0x250
[   59.597013][ T7443]  ? __pfx_v4l2_ioctl+0x10/0x10
[   59.598293][ T7443]  __x64_sys_ioctl+0x18f/0x220
[   59.599556][ T7443]  do_syscall_64+0xcd/0x250
[   59.600752][ T7443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.602032][ T7445] MTD: Couldn't look up 'mountinfo': -2
[   59.602316][ T7443] RIP: 0033:0x7f080937e719
[   59.604947][ T7443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.610638][ T7443] RSP: 002b:00007f080a17f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   59.612803][ T7443] RAX: ffffffffffffffda RBX: 00007f0809535f80 RCX: 00007f080937e719
[   59.614884][ T7443] RDX: 00000000200000c0 RSI: 00000000c0045627 RDI: 0000000000000004
[   59.616953][ T7443] RBP: 00007f080a17f090 R08: 0000000000000000 R09: 0000000000000000
[   59.619036][ T7443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.621080][ T7443] R13: 0000000000000000 R14: 00007f0809535f80 R15: 00007ffe6b198738
[   59.623159][ T7443]  </TASK>
[   59.646630][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   59.668153][ T5317] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   59.710089][    T8] usb 6-1: string descriptor 0 read error: -71
[   59.714647][    T8] usb 6-1: USB disconnect, device number 8
[   59.806722][ T5317] usb 5-1: device descriptor read/64, error -71
[   60.046752][ T5317] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[   60.176741][ T5317] usb 5-1: device descriptor read/64, error -71
[   60.287715][ T5317] usb usb5-port1: attempt power cycle
[   60.357096][ T7461] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   60.367451][ T1208] wlan0: Creating new IBSS network, BSSID 36:e5:bf:f1:7a:a0
[   60.392644][ T7461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'.
[   60.395691][ T7461] netlink: 'syz.1.413': attribute type 3 has an invalid length.
[   60.399863][ T7461] batman_adv: batadv0: Adding interface: dummy0
[   60.402126][ T7461] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.410986][ T7461] batman_adv: batadv0: Interface activated: dummy0
[   60.417508][ T7461] batadv0: mtu less than device minimum
[   60.421072][ T7461] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   60.424943][ T7461] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   60.637359][ T5317] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[   60.668090][ T5317] usb 5-1: device descriptor read/8, error -71
[   60.676292][ T7473] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   60.839699][ T7482] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:20000
[   60.917812][ T5317] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   60.936932][ T7486] SELinux:  Context system_u:object_r:vmware_device_t:s0 is not valid (left unmapped).
[   60.949406][ T5317] usb 5-1: device descriptor read/8, error -71
[   61.067020][ T5317] usb usb5-port1: unable to enumerate USB device
[   61.150803][ T7500] sp0: Synchronizing with TNC
[   61.178532][ T7502] ptm ptm1: ldisc open failed (-12), clearing slot 1
[   61.299935][ T7508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.427'.
[   61.445855][ T7518] support for cryptoloop has been removed.  Use dm-crypt instead.
[   61.736614][    C2] net_ratelimit: 18 callbacks suppressed
[   61.736626][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   61.754556][ T7528] netlink: 16 bytes leftover after parsing attributes in process `syz.1.440'.
[   61.794606][ T3218] hid (null): unknown global tag 0xd
[   61.796146][ T3218] hid (null): bogus close delimiter
[   61.798351][ T3218] hid (null): unknown global tag 0xd
[   61.799834][ T3218] hid (null): bogus close delimiter
[   61.801205][ T3218] hid (null): unknown global tag 0xd
[   61.802617][ T3218] hid (null): invalid report_count 56104
[   61.804083][ T3218] hid (null): unknown global tag 0xe
[   61.805475][ T3218] hid (null): unknown global tag 0xb4
[   61.807884][ T3218] hid (null): global environment stack underflow
[   61.810180][ T3218] hid (null): invalid report_count -1364820288
[   61.811870][ T3218] hid (null): unknown global tag 0xc
[   61.813270][ T3218] hid (null): unknown global tag 0xd
[   61.814661][ T3218] hid (null): invalid report_count 53245
[   61.816120][ T3218] hid (null): unknown global tag 0xc
[   61.818146][ T3218] hid (null): invalid report_size -171628200
[   61.820043][ T3218] hid (null): unknown global tag 0xe
[   61.821420][ T3218] hid (null): unknown global tag 0xc
[   61.822827][ T3218] hid (null): unknown global tag 0x5a
[   61.824228][ T3218] hid (null): unknown global tag 0xe
[   61.825951][ T3218] hid (null): global environment stack underflow
[   61.827792][ T3218] hid (null): unknown global tag 0xe
[   61.829209][ T3218] hid (null): invalid report_size 17161
[   61.831057][ T3218] hid (null): unknown global tag 0xc
[   61.832449][ T3218] hid (null): unknown global tag 0x90
[   61.834281][ T3218] hid (null): report_id 1187369701 is invalid
[   61.835893][ T3218] hid (null): unknown global tag 0xe
[   61.837463][ T3218] hid (null): unknown global tag 0xe
[   61.838931][ T3218] hid (null): unknown global tag 0xd
[   61.840464][ T3218] hid (null): unknown global tag 0xc
[   61.841950][ T3218] hid (null): unknown global tag 0xd
[   61.843335][ T3218] hid (null): global environment stack underflow
[   61.844979][ T3218] hid (null): global environment stack underflow
[   61.846707][ T3218] hid (null): invalid report_count -1093648239
[   61.848321][ T3218] hid (null): report_id 0 is invalid
[   61.849702][ T3218] hid (null): bogus close delimiter
[   61.851145][ T3218] hid (null): invalid report_count -1287799731
[   61.852795][ T3218] hid (null): unknown global tag 0xd
[   61.854195][ T3218] hid (null): unknown global tag 0x88
[   61.855602][ T3218] hid (null): invalid report_count -108576922
[   61.857399][ T3218] hid (null): unknown global tag 0xff
[   61.858823][ T3218] hid (null): unknown global tag 0xe
[   61.860259][ T3218] hid (null): report_id 0 is invalid
[   61.861654][ T3218] hid (null): unknown global tag 0x80
[   61.863135][ T3218] hid (null): report_id 7622 is invalid
[   61.883433][ T3218] hid-generic 0000:0000:0000.0002: unknown global tag 0xd
[   61.885766][ T3218] hid-generic 0000:0000:0000.0002: item 0 2 1 13 parsing failed
[   61.888091][ T3218] hid-generic 0000:0000:0000.0002: probe with driver hid-generic failed with error -22
[   62.046719][ T5317] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   62.207669][ T5317] usb 8-1: too many configurations: 173, using maximum allowed: 8
[   62.217339][ T5317] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   62.219866][ T5317] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.222019][ T5317] usb 8-1: Product: syz
[   62.223317][ T5317] usb 8-1: Manufacturer: syz
[   62.225064][ T5317] usb 8-1: SerialNumber: syz
[   62.230696][ T5317] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   62.253917][ T5317] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   62.662965][   T55] usb 8-1: USB disconnect, device number 3
[   62.752945][ T7552] netlink: 'syz.1.441': attribute type 3 has an invalid length.
[   62.754922][ T7552] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.441'.
[   62.758299][ T7553] netlink: 'syz.1.441': attribute type 3 has an invalid length.
[   62.760200][ T7553] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.441'.
[   62.776621][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   62.847457][ T3218] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[   62.976684][ T3218] usb 5-1: device descriptor read/64, error -71
[   63.226664][ T3218] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[   63.376699][ T3218] usb 5-1: device descriptor read/64, error -71
[   63.496673][ T5317] usb 8-1: Service connection timeout for: 256
[   63.497124][ T3218] usb usb5-port1: attempt power cycle
[   63.498785][ T5317] ath9k_htc 8-1:1.0: ath9k_htc: Unable to initialize HTC services
[   63.500804][ T5317] ath9k_htc: Failed to initialize the device
[   63.504296][   T55] usb 8-1: ath9k_htc: USB layer deinitialized
[   63.806721][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   63.836756][ T3218] usb 5-1: new low-speed USB device number 15 using dummy_hcd
[   63.857033][ T3218] usb 5-1: device descriptor read/8, error -71
[   64.106678][ T3218] usb 5-1: new low-speed USB device number 16 using dummy_hcd
[   64.127126][ T3218] usb 5-1: device descriptor read/8, error -71
[   64.237149][ T3218] usb usb5-port1: unable to enumerate USB device
[   64.846801][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   65.514684][   T39] kauditd_printk_skb: 38 callbacks suppressed
[   65.514695][   T39] audit: type=1400 audit(2000000020.659:684): avc:  denied  { create } for  pid=7576 comm="syz.0.443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   65.525306][   T39] audit: type=1400 audit(2000000020.669:685): avc:  denied  { map } for  pid=7578 comm="syz.1.446" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   65.532169][   T39] audit: type=1400 audit(2000000020.669:686): avc:  denied  { execute } for  pid=7578 comm="syz.1.446" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   65.599938][   T12] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1
[   65.603285][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[   65.612575][ T7591] bond1: entered promiscuous mode
[   65.614475][ T7591] bond1: entered allmulticast mode
[   65.616162][ T7591] 8021q: adding VLAN 0 to HW filter on device bond1
[   65.674602][ T7591] bond1 (unregistering): Released all slaves
[   65.858691][   T39] audit: type=1400 audit(2000000021.009:687): avc:  denied  { ioctl } for  pid=7598 comm="syz.3.451" path="socket:[15934]" dev="sockfs" ino=15934 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   65.886917][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   66.450734][ T7605] input: syz0 as /devices/virtual/input/input11
[   66.470987][   T39] audit: type=1400 audit(2000000021.619:688): avc:  denied  { write } for  pid=7604 comm="syz.0.453" path="socket:[16924]" dev="sockfs" ino=16924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   66.477448][   T39] audit: type=1400 audit(2000000021.619:689): avc:  denied  { setopt } for  pid=7604 comm="syz.0.453" lport=51102 faddr=::ffff:10.1.1.2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   66.529840][   T39] audit: type=1400 audit(2000000021.679:690): avc:  denied  { bind } for  pid=7608 comm="syz.0.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   66.530556][   T74] IPVS: starting estimator thread 0...
[   66.535678][   T39] audit: type=1400 audit(2000000021.679:691): avc:  denied  { ioctl } for  pid=7608 comm="syz.0.455" path="socket:[16925]" dev="sockfs" ino=16925 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   66.539071][ T7609] tipc: Started in network mode
[   66.545620][ T7609] tipc: Node identity ac1414aa, cluster identity 4711
[   66.547745][ T7609] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   66.549538][ T7609] tipc: Enabled bearer <udp:s>, priority 10
[   66.636782][ T7610] IPVS: using max 35 ests per chain, 84000 per kthread
[   66.644578][   T39] audit: type=1400 audit(2000000021.789:692): avc:  denied  { shutdown } for  pid=7614 comm="syz.3.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   66.686653][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   66.826683][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   66.926660][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   66.966984][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   67.106633][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   67.256697][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   67.396661][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   67.536752][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   67.656812][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   67.658072][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[   67.679340][   T74] tipc: Node number set to 2886997162
[   67.816675][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   67.966759][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   68.086688][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   71.011158][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[   72.126626][    C2] net_ratelimit: 7 callbacks suppressed
[   72.126639][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   72.766639][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   73.166639][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   73.806696][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   74.206646][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   74.846708][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   75.246639][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   75.705213][   T39] audit: type=1400 audit(2000000030.849:693): avc:  denied  { execute } for  pid=7617 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   75.711600][   T39] audit: type=1400 audit(2000000030.849:694): avc:  denied  { execute_no_trans } for  pid=7617 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   75.802665][ T5299] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   75.806341][ T5299] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   75.811824][ T5299] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   75.815146][ T5299] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   75.822375][ T5299] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   75.824750][ T5299] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   75.829581][   T39] audit: type=1400 audit(2000000030.979:695): avc:  denied  { mounton } for  pid=7632 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   75.869180][   T39] audit: type=1400 audit(2000000031.019:696): avc:  denied  { setopt } for  pid=7642 comm="syz.3.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   75.896617][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   75.906787][   T39] audit: type=1400 audit(2000000031.049:697): avc:  denied  { getopt } for  pid=7640 comm="syz.0.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   75.914991][   T39] audit: type=1400 audit(2000000031.059:698): avc:  denied  { read write } for  pid=7647 comm="syz.3.469" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   75.924493][   T39] audit: type=1400 audit(2000000031.059:699): avc:  denied  { open } for  pid=7647 comm="syz.3.469" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   75.931165][   T39] audit: type=1400 audit(2000000031.059:700): avc:  denied  { map } for  pid=7647 comm="syz.3.469" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   75.943373][   T39] audit: type=1400 audit(2000000031.059:701): avc:  denied  { execute } for  pid=7647 comm="syz.3.469" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   75.965416][ T7632] chnl_net:caif_netlink_parms(): no params data found
[   76.033016][ T7632] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.035594][ T7632] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.037997][ T7632] bridge_slave_0: entered allmulticast mode
[   76.043185][ T7632] bridge_slave_0: entered promiscuous mode
[   76.045905][ T7632] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.048427][ T7632] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.050653][ T7632] bridge_slave_1: entered allmulticast mode
[   76.053421][ T7632] bridge_slave_1: entered promiscuous mode
[   76.091588][ T7632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.095879][ T7632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.108169][   T39] audit: type=1400 audit(2000000031.259:702): avc:  denied  { mount } for  pid=7670 comm="syz.3.474" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   76.130367][   T57] cfg80211: failed to load regulatory.db
[   76.147458][ T7632] team0: Port device team_slave_0 added
[   76.171131][ T5317] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[   76.182429][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.193176][ T7632] team0: Port device team_slave_1 added
[   76.223761][ T7632] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.226154][ T7632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.234869][ T7632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.240097][ T7632] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.242557][ T7632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.253147][ T7632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.286648][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   76.287927][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.294967][ T7632] hsr_slave_0: entered promiscuous mode
[   76.297253][ T7632] hsr_slave_1: entered promiscuous mode
[   76.299061][ T7632] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.301041][ T7632] Cannot create hsr debugfs directory
[   76.317463][ T5317] usb 5-1: Using ep0 maxpacket: 8
[   76.321667][ T5317] usb 5-1: config 0 has no interfaces?
[   76.323799][ T5317] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   76.327315][ T5317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.340032][ T5317] usb 5-1: config 0 descriptor??
[   76.394598][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.404425][ T7632] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   76.412171][ T7632] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   76.415954][ T7632] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   76.428749][ T7632] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   76.439551][ T7632] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.441487][ T7632] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.443566][ T7632] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.445461][ T7632] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.468683][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.482833][ T7632] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.490958][ T1208] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.494590][ T1208] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.506264][ T7632] 8021q: adding VLAN 0 to HW filter on device team0
[   76.514268][ T1208] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.516238][ T1208] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.520180][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.522222][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.542530][ T7685] 9pnet_fd: p9_fd_create_tcp (7685): problem connecting socket to 127.0.0.1
[   76.556165][ T7651] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.470'.
[   76.559651][ T7651] openvswitch: netlink: Tunnel attr 0 has unexpected len 1 expected 8
[   76.594434][   T12] bridge_slave_1: left allmulticast mode
[   76.596516][   T12] bridge_slave_1: left promiscuous mode
[   76.600215][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.607010][   T12] bridge_slave_0: left allmulticast mode
[   76.609155][   T12] bridge_slave_0: left promiscuous mode
[   76.609290][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.774557][ T7651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.778930][ T7651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.781833][   T30] usb 5-1: USB disconnect, device number 17
[   76.963450][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   76.969560][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   76.973344][   T12] bond0 (unregistering): Released all slaves
[   76.979941][ T7691] IPv6: Can't replace route, no match found
[   77.068443][ T7632] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.083061][ T7706] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[   77.211162][ T7632] veth0_vlan: entered promiscuous mode
[   77.223570][ T7632] veth1_vlan: entered promiscuous mode
[   77.246030][ T7632] veth0_macvtap: entered promiscuous mode
[   77.256831][   T30] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   77.273791][ T7632] veth1_macvtap: entered promiscuous mode
[   77.280278][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.283267][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.285778][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.288709][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.291659][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.294727][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.298076][ T7632] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.303049][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.305922][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.308733][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.312949][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.315582][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.318364][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.321829][ T7632] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.325828][ T7632] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.328243][    C2] net_ratelimit: 1 callbacks suppressed
[   77.328252][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   77.334717][ T7632] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.337139][ T7632] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.339927][ T7632] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.413207][   T12] hsr_slave_0: left promiscuous mode
[   77.415502][   T12] hsr_slave_1: left promiscuous mode
[   77.419098][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.421162][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.424678][   T30] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   77.426809][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.429810][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.432490][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.434617][   T30] usb 8-1: Product: syz
[   77.435834][   T30] usb 8-1: Manufacturer: syz
[   77.440318][   T30] usb 8-1: SerialNumber: syz
[   77.442526][   T30] usb 8-1: config 0 descriptor??
[   77.452956][   T12] veth1_macvtap: left promiscuous mode
[   77.454966][   T12] veth0_macvtap: left promiscuous mode
[   77.456451][   T12] veth1_vlan: left promiscuous mode
[   77.458235][   T12] veth0_vlan: left promiscuous mode
[   77.659935][   T55] usb 8-1: USB disconnect, device number 4
[   77.756675][   T30] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[   77.888404][ T5950] Bluetooth: hci4: command tx timeout
[   77.917785][   T30] usb 5-1: Using ep0 maxpacket: 16
[   77.923863][   T30] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[   77.926048][   T30] usb 5-1: config 0 has no interface number 0
[   77.929537][   T30] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[   77.931898][   T30] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.934181][   T30] usb 5-1: Product: syz
[   77.935256][   T30] usb 5-1: Manufacturer: syz
[   77.936467][   T30] usb 5-1: SerialNumber: syz
[   77.946973][   T30] usb 5-1: config 0 descriptor??
[   77.953649][   T30] usb 5-1: Found UVC 0.00 device syz (046d:08d3)
[   77.955977][   T30] usb 5-1: No valid video chain found.
[   77.967002][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   78.144794][   T12] team0 (unregistering): Port device team_slave_1 removed
[   78.218374][   T12] team0 (unregistering): Port device team_slave_0 removed
[   78.366673][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   78.678814][ T7732] tap0: tun_chr_ioctl cmd 1074025678
[   78.680646][ T7732] tap0: group set to 0
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth4: IAID 06:e8:5e:e4
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth4: adding address fe80::4fc5:ae25:fec5:49a
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth2: soliciting an IPv6 router
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth3: solici[   79.006669][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
ting an IPv6 router
May 18 03:33:54 syzkaller kern.err kernel: [   79.006669][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth2: soliciting a DHCP lease
May 18 03:33:54 syzkaller daemon.err dhcpcd[7786]: ps_dropprivs: chroot: /: Operation not permitted
May 18 03:33:54 syzkaller daemon.err dhcpcd[7786]: failed to drop privileges: Operation not permitted
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth4: soliciting an IPv6 router
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth3: soliciting a DHCP lease
May 18 03:33:54 syzkaller daemon.err dhcpcd[7787]: ps_dropprivs: chroot: /: Operation not permitted
May 18 03:33:54 syzkaller daemon.err dhcpcd[7787]: failed to drop privileges: Operation not permitted
[   79.406720][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
May 18 03:33:54 syzkaller kern.err kernel: [   79.406720][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
May 18 03:33:54 syzkaller daemon.info dhcpcd[5657]: eth4: soliciting a DHCP lease
May 18 03:33:54 syzkaller daemon.err dhcpcd[7815]: ps_dropprivs: chroot: /: Operation not permitted
May 18 03:33:54 syzkaller daemon.err dhcpcd[7815]: failed to drop privileges: Operation not permitted
[   80.046617][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
May 18 03:33:55 syzkaller kern.err kernel: [   80.046617][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
May 18 03:33:55 syzkaller auth.info sshd[5854]: Received disconnect from 10.0.2.2 port 42068:11: disconnected by user
May 18 03:33:55 syzkaller auth.info sshd[5854]: Disconnected from user root 10.0.2.2 port 42068
May 18 03:33:55 syzkaller daemon.info dhcpcd[5657]: lapb7: carrier lost
[   80.296222][ T6866] ==================================================================
[   80.298951][ T6866] BUG: KASAN: slab-use-after-free in device_for_each_child+0x18f/0x1a0
[   80.301697][ T6866] Read of size 8 at addr ffff888034441308 by task kbnepd ¹’4»1./6866
[   80.305372][ T6866] 
[   80.306361][ T6866] CPU: 1 UID: 0 PID: 6866 Comm: kbnepd ¹’4»1. Not tainted 6.12.0-rc7-syzkaller #0
[   80.308713][ T6866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.308721][ T6866] Call Trace:
May 18 03:33:55 [   80.308726][ T6866]  <TASK>
syzkaller daemon[   80.308730][ T6866]  dump_stack_lvl+0x116/0x1f0
[   80.308751][ T6866]  print_report+0xc3/0x620
.err dhcpcd[5657[   80.318088][ T6866]  ? __virt_addr_valid+0x5e/0x590
]: libudev: rece[   80.320382][ T6866]  ? __phys_addr+0xc6/0x150
ived NULL device[   80.322601][ T6866]  kasan_report+0xd9/0x110

[   80.322625][ T6866]  ? device_for_each_child+0x18f/0x1a0
[   80.326583][ T6866]  ? device_for_each_child+0x18f/0x1a0
May 18 03:33:55 [   80.328619][ T6866]  ? __pfx_dev_memalloc_noio+0x10/0x10
syzkaller daemon[   80.331202][ T6866]  device_for_each_child+0x18f/0x1a0
.err dhcpcd[5657[   80.333740][ T6866]  ? __pfx_device_for_each_child+0x10/0x10
]: libudev: rece[   80.333770][ T6866]  pm_runtime_set_memalloc_noio+0xf2/0x180
ived NULL device[   80.338946][ T6866]  netdev_unregister_kobject+0x1ed/0x270

May 18 03:33:55 [   80.341481][ T6866]  unregister_netdevice_many_notify+0x1055/0x1e50
syzkaller daemon[   80.345333][ T6866]  ? do_raw_spin_lock+0x12d/0x2c0
.err dhcpcd[5657]: libudev: rece[   80.345348][ T6866]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
ived NULL device[   80.345360][ T6866]  ? __pfx_do_raw_spin_lock+0x10/0x10

[   80.345372][ T6866]  ? do_raw_spin_unlock+0x172/0x230
May 18 03:33:55 [   80.355533][ T6866]  ? _raw_spin_unlock+0x28/0x50
syzkaller daemon[   80.357802][ T6866]  ? __mutex_lock+0x1a6/0x9c0
.err dhcpcd[5657[   80.360002][ T6866]  ? unregister_netdev+0x12/0x30
]: libudev: rece[   80.362305][ T6866]  unregister_netdevice_queue+0x307/0x3f0
ived NULL device[   80.364855][ T6866]  ? __pfx_unregister_netdevice_queue+0x10/0x10

[   80.364877][ T6866]  ? down_write+0x14e/0x200
[   80.364894][ T6866]  ? __pfx_down_write+0x10/0x10
[   80.364912][ T6866]  unregister_netdev+0x1c/0x30
May 18 03:33:55 [   80.372653][ T6866]  bnep_session+0x2210/0x2d60
syzkaller daemon[   80.374877][ T6866]  ? __schedule+0xe5d/0x5740
.err dhcpcd[5657[   80.377032][ T6866]  ? __pfx___lock_acquire+0x10/0x10
[   80.379425][ T6866]  ? __pfx_bnep_session+0x10/0x10
]: libudev: rece[   80.381204][ T6866]  ? __kthread_parkme+0xb7/0x220
ived NULL device[   80.383521][ T6866]  ? __pfx_lock_release+0x10/0x10

[   80.383539][ T6866]  ? __pfx_woken_wake_function+0x10/0x10
[   80.383563][ T6866]  ? lockdep_hardirqs_on+0x7c/0x110
[   80.389664][ T6866]  ? __kthread_parkme+0x148/0x220
May 18 03:33:55 [   80.391454][ T6866]  ? __pfx_bnep_session+0x10/0x10
syzkaller daemon[   80.393826][ T6866]  kthread+0x2c1/0x3a0
.err dhcpcd[5657[   80.395826][ T6866]  ? _raw_spin_unlock_irq+0x23/0x50
]: libudev: rece[   80.398235][ T6866]  ? __pfx_kthread+0x10/0x10
ived NULL device[   80.398257][ T6866]  ret_from_fork+0x45/0x80
[   80.398272][ T6866]  ? __pfx_kthread+0x10/0x10
[   80.398291][ T6866]  ret_from_fork_asm+0x1a/0x30

[   80.398318][ T6866]  </TASK>
[   80.398324][ T6866] 
[   80.398327][ T6866] Allocated by task 5949:
[   80.398335][ T6866]  kasan_save_stack+0x33/0x60
[   80.398352][ T6866]  kasan_save_track+0x14/0x30
May 18 03:33:55 [   80.398366][ T6866]  __kasan_kmalloc+0xaa/0xb0
syzkaller daemon[   80.398382][ T6866]  __kmalloc_noprof+0x1e8/0x400
[   80.398399][ T6866]  hci_alloc_dev_priv+0x1d/0x2820
.err dhcpcd[5657[   80.398419][ T6866]  __vhci_create_device+0xef/0x7d0
[   80.398438][ T6866]  vhci_write+0x2c3/0x470
]: libudev: rece[   80.398452][ T6866]  vfs_write+0x5ae/0x1150
[   80.398472][ T6866]  ksys_write+0x12f/0x260
ived NULL device[   80.398484][ T6866]  do_syscall_64+0xcd/0x250

[   80.398498][ T6866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.398519][ T6866] 
[   80.398523][ T6866] Freed by task 7103:
[   80.398530][ T6866]  kasan_save_stack+0x33/0x60
[   80.398545][ T6866]  kasan_save_track+0x14/0x30
[   80.398560][ T6866]  kasan_save_free_info+0x3b/0x60
[   80.398581][ T6866]  __kasan_slab_free+0x51/0x70
[   80.398597][ T6866]  kfree+0x14f/0x4b0
[   80.398610][ T6866]  hci_release_dev+0x4d9/0x600
[   80.398627][ T6866]  bt_host_release+0x6a/0xb0
[   80.398647][ T6866]  device_release+0xa1/0x240
[   80.398664][ T6866]  kobject_put+0x1e4/0x5a0
[   80.444888][ T6866]  put_device+0x1f/0x30
[   80.444915][ T6866]  vhci_release+0x81/0xf0
[   80.444930][ T6866]  __fput+0x3f6/0xb60
[   80.446673][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
May 18 03:33:55 [   80.447723][ T6866]  task_work_run+0x14e/0x250
syzkaller daemon[   80.453762][ T6866]  do_exit+0xadd/0x2d70
.err dhcpcd[5657[   80.455589][ T6866]  do_group_exit+0xd3/0x2a0
]: libudev: rece[   80.457568][ T6866]  get_signal+0x25fb/0x2770
[   80.457581][ T6866]  arch_do_signal_or_restart+0x90/0x7e0
ived NULL device[   80.457593][ T6866]  syscall_exit_to_user_mode+0x150/0x2a0
[   80.457608][ T6866]  do_syscall_64+0xda/0x250

[   80.457616][ T6866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
May 18 03:33:55 [   80.457630][ T6866] 
syzkaller daemon[   80.457633][ T6866] Last potentially related work creation:
.err dhcpcd[5657[   80.457637][ T6866]  kasan_save_stack+0x33/0x60
]: libudev: rece[   80.457648][ T6866]  __kasan_record_aux_stack+0xba/0xd0
[   80.457660][ T6866]  insert_work+0x36/0x230
ived NULL device[   80.457680][ T6866]  __queue_work+0x97e/0x1080
[   80.457695][ T6866]  queue_work_on+0x11a/0x140

[   80.457709][ T6866]  hci_recv_frame+0x23f/0x7e0
[   80.457730][ T6866]  vhci_write+0x385/0x470
[   80.478624][ T6866]  vfs_write+0x5ae/0x1150
[   80.478640][ T6866]  ksys_write+0x12f/0x260
[   80.478648][ T6866]  do_syscall_64+0xcd/0x250
[   80.478656][ T6866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.478670][ T6866] 
May 18 03:33:55 [   80.478672][ T6866] Second to last potentially related work creation:
[   80.478676][ T6866]  kasan_save_stack+0x33/0x60
syzkaller daemon[   80.488100][ T6866]  __kasan_record_aux_stack+0xba/0xd0
.err dhcpcd[5657[   80.488116][ T6866]  insert_work+0x36/0x230
]: libudev: rece[   80.488129][ T6866]  __queue_work+0x97e/0x1080
ived NULL device[   80.488137][ T6866]  queue_work_on+0x11a/0x140
[   80.488144][ T6866]  hci_recv_frame+0x23f/0x7e0

[   80.496264][ T6866]  vhci_write+0x385/0x470
May 18 03:33:55 [   80.497446][ T6866]  vfs_write+0x5ae/0x1150
syzkaller daemon[   80.499155][ T6866]  ksys_write+0x12f/0x260
.err dhcpcd[5657[   80.500660][ T6866]  do_syscall_64+0xcd/0x250
]: libudev: rece[   80.500671][ T6866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
ived NULL device[   80.500685][ T6866] 
[   80.500687][ T6866] The buggy address belongs to the object at ffff888034440000
[   80.500687][ T6866]  which belongs to the cache kmalloc-8k of size 8192

[   80.500695][ T6866] The buggy address is located 4872 bytes inside of
[   80.500695][ T6866]  freed 8192-byte region [ffff888034440000, ffff888034442000)
[   80.512876][ T6866] 
May 18 03:33:55 [   80.513569][ T6866] The buggy address belongs to the physical page:
syzkaller daemon[   80.515675][ T6866] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34440
[   80.518399][ T6866] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
.err dhcpcd[5657[   80.520715][ T6866] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   80.523321][ T6866] page_type: f5(slab)
]: libudev: rece[   80.524390][ T6866] raw: 00fff00000000040 ffff88801b043180 ffffea0000965400 dead000000000003
[   80.527042][ T6866] raw: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
ived NULL device[   80.529433][ T6866] head: 00fff00000000040 ffff88801b043180 ffffea0000965400 dead000000000003

[   80.529443][ T6866] head: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[   80.529451][ T6866] head: 00fff00000000003 ffffea0000d11001 ffffffffffffffff 0000000000000000
[   80.529459][ T6866] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   80.529464][ T6866] page dumped because: kasan: bad access detected
[   80.529469][ T6866] page_owner tracks the page as allocated
[   80.529471][ T6866] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5644, tgid 5644 (S35iptables), ts 20304618083, free_ts 20294994496
May 18 03:33:55 [   80.548318][ T6866]  post_alloc_hook+0x2d1/0x350
syzkaller daemon[   80.550132][ T6866]  get_page_from_freelist+0xfce/0x2f80
.err dhcpcd[5657[   80.551966][ T6866]  __alloc_pages_noprof+0x223/0x25a0
]: libudev: rece[   80.551978][ T6866]  alloc_pages_mpol_noprof+0x2c9/0x610
ived NULL device[   80.551991][ T6866]  new_slab+0x2c9/0x410

[   80.551999][ T6866]  ___slab_alloc+0xdac/0x1880
May 18 03:33:55 [   80.552007][ T6866]  __slab_alloc.constprop.0+0x56/0xb0
syzkaller daemon[   80.552016][ T6866]  __kmalloc_cache_noprof+0x2b4/0x300
.err dhcpcd[5657[   80.552025][ T6866]  tomoyo_init_log+0xcb3/0x2170
]: libudev: rece[   80.564751][ T6866]  tomoyo_supervisor+0x30c/0xea0
[   80.564769][ T6866]  tomoyo_env_perm+0x193/0x210
ived NULL device[   80.564780][ T6866]  tomoyo_find_next_domain+0xe8e/0x2070
[   80.564793][ T6866]  tomoyo_bprm_check_security+0x12b/0x1d0

[   80.564805][ T6866]  security_bprm_check+0x1b9/0x1e0
May 18 03:33:55 [   80.564818][ T6866]  bprm_execve+0x642/0x1960
syzkaller daemon[   80.564831][ T6866]  do_execveat_common.isra.0+0x4f1/0x630
.err dhcpcd[5657[   80.576899][ T6866] page last free pid 5643 tgid 5643 stack trace:
]: libudev: rece[   80.576908][ T6866]  free_unref_page+0x5f4/0xdc0
ived NULL device[   80.576919][ T6866]  __put_partials+0x14c/0x170

[   80.576927][ T6866]  qlist_free_all+0x4e/0x120
May 18 03:33:55 [   80.576936][ T6866]  kasan_quarantine_reduce+0x192/0x1e0
[   80.576945][ T6866]  __kasan_slab_alloc+0x69/0x90
syzkaller daemon[   80.576954][ T6866]  kmem_cache_alloc_noprof+0x121/0x2f0
.err dhcpcd[5657[   80.589743][ T6866]  getname_flags.part.0+0x4c/0x550
]: libudev: rece[   80.591637][ T6866]  getname+0x8d/0xe0
ived NULL device[   80.591651][ T6866]  do_sys_openat2+0x104/0x1e0

[   80.591662][ T6866]  __x64_sys_openat+0x175/0x210
[   80.591672][ T6866]  do_syscall_64+0xcd/0x250
[   80.591681][ T6866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
May 18 03:33:55 [   80.599021][ T6866] 
syzkaller kern.e[   80.600084][ T6866] Memory state around the buggy address:
rr kernel: [   8[   80.602084][ T6866]  ffff888034441200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
0.296222][ T6866[   80.604690][ T6866]  ffff888034441280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.604698][ T6866] >ffff888034441300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
] ==============[   80.604702][ T6866]                       ^
[   80.604707][ T6866]  ffff888034441380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
================[   80.604713][ T6866]  ffff888034441400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.604718][ T6866] ==================================================================
================[   80.604777][    C1] vkms_vblank_simulate: vblank timer overrun
====================
May 18 03:33:55 syzkaller kern.err kernel: [   80.298951][ T6866] BUG: KASAN: slab-use-after-free in device_for_each_child+0x18f/0x1a0
May 18 03:33:55 syzkaller kern.err kernel: [   80.301697][ T6866] Read of size 8 at addr ffff888034441308 by task kbnepd ¹’4»1./6866
May 18 03:33:55 syzkaller kern.err kernel: [   80.305372][ T6866] 
May 18 03:33:55 syzkaller kern.err kernel: [   80.306361][ T6866] CPU: 1 UID: 0 PID: 6866 Comm: kbnepd ¹’4»1. Not tainted 6.12.0-rc7-syzkaller #0
May 18 03:33:55 syzkaller kern.err kernel: [   80.308713][ T6866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
May 18 03:33:55 syzkaller kern.err kernel: [   80.308721][ T6866] Call Trace:
May 18 03:33:55 syzkaller kern.err kernel: [   80.308726][ T6866]  <TASK>
May 18 03:33:55 syzkaller kern.err kernel: [   80.308730][ T6866]  dump_stack_lvl+0x116/0x1f0
May 18 03:33:55 syzkaller kern.err kernel: [   80.308751][ T6866]  print_report+0xc3/0x620
May 18 03:33:55 syzkaller kern.err kernel: [   80.318088][ T6866]  ? __virt_addr_valid+0x5e/0x590
May 18 03:33:55 syzkaller kern.err kernel: [   80.320382][ T6866]  ? __phys_addr+0xc6/0x150
[   80.660569][ T6866] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   80.662483][ T6866] CPU: 1 UID: 0 PID: 6866 Comm: kbnepd ¹’4»1. Not tainted 6.12.0-rc7-syzkaller #0
[   80.664912][ T6866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.667651][ T6866] Call Trace:
[   80.668519][ T6866]  <TASK>
[   80.669297][ T6866]  dump_stack_lvl+0x3d/0x1f0
[   80.670539][ T6866]  panic+0x71d/0x800
[   80.671583][ T6866]  ? __pfx_panic+0x10/0x10
[   80.672754][ T6866]  ? preempt_schedule_thunk+0x1a/0x30
[   80.674160][ T6866]  ? preempt_schedule_common+0x44/0xc0
[   80.675521][ T6866]  ? check_panic_on_warn+0x1f/0xb0
[   80.676829][ T6866]  check_panic_on_warn+0xab/0xb0
[   80.678075][ T6866]  end_report+0x117/0x180
[   80.679201][ T6866]  kasan_report+0xe9/0x110
[   80.680352][ T6866]  ? device_for_each_child+0x18f/0x1a0
[   80.681699][ T6866]  ? device_for_each_child+0x18f/0x1a0
[   80.683067][ T6866]  ? __pfx_dev_memalloc_noio+0x10/0x10
[   80.684432][ T6866]  device_for_each_child+0x18f/0x1a0
[   80.685750][ T6866]  ? __pfx_device_for_each_child+0x10/0x10
[   80.687178][ T6866]  pm_runtime_set_memalloc_noio+0xf2/0x180
[   80.688672][ T6866]  netdev_unregister_kobject+0x1ed/0x270
[   80.690166][ T6866]  unregister_netdevice_many_notify+0x1055/0x1e50
[   80.691865][ T6866]  ? do_raw_spin_lock+0x12d/0x2c0
[   80.693195][ T6866]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   80.694904][ T6866]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   80.696291][ T6866]  ? do_raw_spin_unlock+0x172/0x230
[   80.697682][ T6866]  ? _raw_spin_unlock+0x28/0x50
[   80.698992][ T6866]  ? __mutex_lock+0x1a6/0x9c0
[   80.700206][ T6866]  ? unregister_netdev+0x12/0x30
[   80.701495][ T6866]  unregister_netdevice_queue+0x307/0x3f0
[   80.703001][ T6866]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   80.704654][ T6866]  ? down_write+0x14e/0x200
[   80.705860][ T6866]  ? __pfx_down_write+0x10/0x10
[   80.707165][ T6866]  unregister_netdev+0x1c/0x30
[   80.708436][ T6866]  bnep_session+0x2210/0x2d60
[   80.709626][ T6866]  ? __schedule+0xe5d/0x5740
[   80.710782][ T6866]  ? __pfx___lock_acquire+0x10/0x10
[   80.712155][ T6866]  ? __pfx_bnep_session+0x10/0x10
[   80.713395][ T6866]  ? __kthread_parkme+0xb7/0x220
[   80.714651][ T6866]  ? __pfx_lock_release+0x10/0x10
[   80.715928][ T6866]  ? __pfx_woken_wake_function+0x10/0x10
[   80.717355][ T6866]  ? lockdep_hardirqs_on+0x7c/0x110
[   80.718732][ T6866]  ? __kthread_parkme+0x148/0x220
[   80.720062][ T6866]  ? __pfx_bnep_session+0x10/0x10
[   80.721386][ T6866]  kthread+0x2c1/0x3a0
[   80.722426][ T6866]  ? _raw_spin_unlock_irq+0x23/0x50
[   80.723782][ T6866]  ? __pfx_kthread+0x10/0x10
[   80.725831][ T6866]  ret_from_fork+0x45/0x80
[   80.727034][ T6866]  ? __pfx_kthread+0x10/0x10
[   80.728220][ T6866]  ret_from_fork_asm+0x1a/0x30
[   80.729464][ T6866]  </TASK>
[   80.730701][ T6866] Kernel Offset: disabled
[   80.731822][ T6866] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:20:29  Registers:
info registers vcpu 0

CPU#0
RAX=f8f8f8f8f8f8f8f8 RBX=ffff88801fe1bc00 RCX=0000000000000b9f RDX=0000000000040000
RSI=00000000000000f8 RDI=fffff52001aa4000 RBP=ffff888020300750 RSP=ffffc900036cfa08
R8 =0000000000000007 R9 =0000000000000000 R10=fffff52001a92800 R11=0000000000000000
R12=0000000000200000 R13=ffff88801fe1bc08 R14=ffff88801fe1bc10 R15=ffff88801fe1bc18
RIP=ffffffff8b2397d3 RFL=00010216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb806c74108 CR3=0000000031166000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=0000000001ffffff Opmask03=0104100080810010
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000563863279270 0000563863273070
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffff0000000000ff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 96a12a3ba3a7bd93 7373254e73db357c
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737302 7373405d07161473
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 0000000000000000 44455a494c414954 494e495f43455355
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617237 7170622f74656e2f 6c6175747269762f 736563697665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000040 0000000000000030 2d78742f73657565
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5d25948d0d4cee0 0000563d00ac1009 0000000000000041 0000000000000031
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5d25948d0d4cee0 0000563d00a002d3 00000000000000f1 0000000000007974
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 3a2433273f397b27 697a787c69303b7e
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 1

CPU#1
RAX=0000000000000062 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850b9b05 RDI=ffffffff9aaebc40 RBP=ffffffff9aaebc00 RSP=ffffc9000270f3e8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3434333038386552
R12=0000000000000000 R13=0000000000000062 R14=ffffffff850b9aa0 R15=0000000000000000
RIP=ffffffff850b9b2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f0c0026e5e8 CR3=0000000031166000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=0000000003ffffff Opmask03=0104100080810010
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056386325fb80 00005638632523f0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffff0000000000ff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 96a12a3ba3a7bd93 7373254e73db357c
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737302 7373405d07161473
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 44455a494c414954 494e495f43455355
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079613762 70616c2f74656e2f 6c6175747269762f 736563697665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000040 000000000000302d 78742f7365756575
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5d25948d0d4cee0 0000563d00ac1009 0000000000000041 0000000000000031
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5d25948d0d4cee0 0000563d00a002d3 00000000000000f1 0000000000007974
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 3a2433273f397b27 697a787c69303b7e
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffffc90003cafd68 RCX=0000000000000002 RDX=0000000000000020
RSI=0000000000000000 RDI=ffffc90003cafc78 RBP=ffffc90003cafc70 RSP=ffffc90003cafbb8
R8 =0000000000000001 R9 =0000000000000000 R10=ffffc90003cafc70 R11=0000000000000000
R12=ffff88802a24d400 R13=000000000000003f R14=1ffff92000795f86 R15=ffff88802a24d400
RIP=ffffffff8b239815 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f73f3ace740 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffe3e209f60 CR3=00000000261b4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000060000000 Opmask01=0000000001100000 Opmask02=000000000fffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e20c090 0000003000000008
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e20c090 0000003000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff00000000 ff0000000000ff00
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7325006563697665 64204c4c554e2064 6576696563657220 3a7665647562696c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 56000040464c5340 41054c4c554e0541 40534c4046405705 1f53404150474c49
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000181 0000000000000000 356874652f74656e 2f326d6973766564
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000071 0000000000000000 00306e6170772f74 656e2f307968702f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055c054a54233 73656d5f70636864
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f1687a25661 72610f6dfbed737f 656775f377f57fff 7f7f7d7f75777965
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 762f0073253a7325 2d73253a73252d73 250073252d732500 747365757165726f
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 3

CPU#3
RAX=0000000000085c07 RBX=0000000000000003 RCX=ffffffff8b238489 RDX=0000000000000000
RSI=ffffffff8b6ccfa0 RDI=ffffffff8bd1b380 RBP=ffffed1003b5b488 RSP=ffffc900001a7e08
R8 =0000000000000001 R9 =ffffed100d527025 R10=ffff88806a93812b R11=0000000000000000
R12=0000000000000003 R13=ffff88801dada440 R14=ffffffff905f5988 R15=0000000000000000
RIP=ffffffff8b23986f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7e20b75440 CR3=0000000031166000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000010000000 Opmask02=00000000ffffffff Opmask03=0104100080810010
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe53439050 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 00000000ff000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffff0000000000ff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 96a12a3ba3a7bd93 7373254e73db357c
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737302 7373405d07161473
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65756575712f3031 7170622f74656e00 44455a494c414954 494e495f43455355
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302d78742f736575 6575712f2e31bb34 92b92f74656e2f30 30323a336963682f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000c1 00000000302d7874 2f7365756575712f 2e31bb3492b92f74
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5d25948d0d4cee0 0000563d00ac1009 0000000000000041 0000000000000031
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5d25948d0d4cee0 0000563d00a002d3 00000000000000f1 0000000000007974
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 3a2433273f397b27 697a787c69303b7e
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020