last executing test programs:

2m23.558239462s ago: executing program 1 (id=1322):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
write$tun(r0, &(0x7f0000000c00)={@void, @val={0x2, 0x3, 0x8, 0x100, 0x6, 0x945}, @mpls={[{0x6}], @generic="4ef459256d5540fbc533afcfbebfe81bd211d34931448352880249baa249c33d5543e24f6b496f96b521b81a7c5e7f93ff43e4f404e411126722ed82cde62837aa08985e1393928c27261d47bdf36e758aede53d419d005b49b2de36ea0e0190cec6edb30754a91bc8c7e900ed716269cc2ecacb1b52c6b6a18ab2185e6a70c64ec81d565ee6e6d344ecd8507d6f35f9659f7c78469c9408e7f4525da2e2ddf23b03545ec50473a030b9e2097c177ef3b050925d9032f44e534f3e730ca62982c54bddfb7903b58c6b3b047a01362b92dcc79c52b7324ba96ad150b2d169f33c4a4715fb020e5134079826a8e7f164638caa0765e2a3df0bfa39116fa404917855bcfc9863f83820ba4c6c9dfdd5cb60e2f94440600cbbf5122f2cbb357bd94f839c859abccfd2733c583b4fab23ee6c77f6806bc627e4a3bca1ec805a3928a811116786eb3cdf6e97e339075c04f823d063815a01329dc7c77b2b9fec25a6e51977810077185dbc0e575218c3bc5453110bed6a78fc0a053fdc6191c02929c04339b83de19a16dd66cb41c6acfe7c9e4c435d275cf9e48938c3292d73b65b4e66290efdbeb6eb5cc27086f88e6ef514219c79a793ecd5e8b8ab98de2ee69a65039e23889e116de5fffd0754a3e1c5c7fc36f64d592c5cd35e983ac7761a17286000442423d9f2b697c174c6f82e423ec68c3be088318221ac8fdd9c647f99e0314c0470e541323fc0dcba8dd0784710d26d335070c2002a05a3596e9b6e5bfc8f1075daa2e35ad5e32b35e553c845625e43bd1ac31313b42d55a1d13f94dca96f68d1821a0b8627faa34d187a4159240959a2a58f8ca865c161d59073871646182a89eeaf422d62fa774bea5fd44178f7edc1b244fb6ae6bf5811f46287faa996f35a59b3e893c027f8f6ddf040bd2904282dbc22f2ad7e00544e0fadd53526a7e5a270baef850caf560be720e22ce53c4b66509abe11340fa0a7700690fec3db0f4f81fc3c079dafa2ab854f90506693ce6a3eda65c70f6fb21565bf13a8138f198d55334000a0c037e8b737ab137dc8dd798bc0b7e2d9abe91e16a9d6217d411aeb01e4fcd1b2db8e995ab3e3734931c3a994a3da8f858eff50c734fafa0c5bb068ac54254e6c660a1e5ba4c70137c32b632d0ded8cc4a633dd064f46048faa743ebf2814471b4d54fe89c2a3f7685476cdb325f91780600c13f11c0bbaaee105f1069dc8ac62b12dffd3663fe8f9405d6ae9fb6a374092273280653823c4157c887d81176ea73efaa7bc1851f472a0175f2080988b50621378511718e9ce3a6bae19f802614461395baa13a5f90689283fa4a358b64d87daf6f70dc6c7455dbd4bde68f87b208c61b96b2d5be30fcec879c87e0742477910346caf7951939f4b0c4bd9f1422edab178c2633bb2f457ec41e94e18c93864ea645c6e92f97aa7d6da3741ac13a44a31e1ad849fea421abbc27eedb9e48a5d736dc7404d4877e7544b48a511bf8f839654f3a8f9c1f74352fdc1d9b0f9ad04a0d29476bcef613807508606ffa423861af9d5359185ca1ce654c7f0aa35f4aa2af162095b8328b558e7b3f55738d85d1a99e46a641b8c1c145561c89df3b2050b9b9a41c13b770ab6370ccc56401a6bc80c8649ab9b8208d2964b9095cb9cfce0cbe751f4fa63da7199792c06bf85f4af2cf392713df227dd103ea5a16822a636cace322aec11301217eee6d0bbb0c4d3c455cb4e3fbe331e7090dad3de3a789d561bf327057a0329212db011c7693f70ee24ad6ca355bbcd072f3d866f428228c02598996159daf95dfcd8d424798f6fd1843e9b7836c60d2775f653e02345f2a2e83e8362c5516a3cbebaf557932d09f9bd5890b4db46519326ad6d202e4199fc1306500c5011d0a83102d951b9e5ec58093f8a39b83eb193113de8d94f0da530a3ab560fc6e507e739c3c25d10834385a4457ca5b4ec5fec8a8d84ddc7d8ade1cdde6570773c84c0aa87170a59bc23673f6242f8fea36de345fa591ae64d48cf5ccd4d3b46f64691bf60d8b018f1fa698d8b485d4edaa724be7344871f9107a049fe4d201ef818e3ae0751031a4fa50a300e1a232d6e9afc12591e104ed8f7542a8eef12543bbb9cf1a7497a1c35205a6f6ce799a591624aa2c53b612a7db8c1063d963bdec06ae600319fcbd17cddd3d4cb919feb82199d00548f22ac548566de4b05e1d6f312ec8f6d72746c85fe5ecf442192318eca32bbc5fd3cd1a46175a837a9245427529c6d17ef9bfbe0ba5c604fb945633d52baf649cb12b5a44948c79c3904e18e18e8d5bd518d2480ef52b54296982982a885d5f3a74cbb84f00bc5f28ef38c0937a7929b4c14605d2ca08ac7a05cb4ca3a46995a80c50efa8eb8ddfc52a43106f4f4e9449e7da100471e05ee5218572c4b0d826a95cc5b43e25d72e90e7112a7c15a1a15ab1ce43a2bec0aad1ada3c324e7aac4cfa030925eb404bf249922de3a6a7c86999387c16e47e9dd629711b27d2062c8773e677fc0008ab64664b73162bdc76a984c156d9a9ac54787a8962bbd1a98ba199c1720846ac06feb8a2cffd990884d1103fe68018da322d8bc414f463a3c6624badec0adb1951f6499c965ab0f7e2cc8d667c4193862215daffe0222e82daf487311d23a1e0f4f9b012205d9b4f92cb6e45a12576ce8662146fcbeeb68ede289e74d21622d89038a55cea94bf6740ca4a3b79c47dae6456a76939de9d5e54ffbb7b56fa5a40a7dbd3f16e85726b4872ac3aaafb5397f767360ae2e29a0531d21eed8b4631ebca5bfd19fe5e1384d044c7a64f9fc887a3ee8fc35d71934be89ff372f4911cf9ca6f1e9217c1f2f801c45654bf2d8d2ba38eeb48359bc6eca122838086c5e6414cea116f6861b9916604388cd772658e93f4c1b5251b3be94fba30a4535d7af3aaa29898817b9f7fb0dda5b411171277ba2021e5116af9ac62a2e25e17ded443682240e0ffcf90554a10dd68e20d654b86398fee2ef9a452bd1d2eb7e335039ac3b850b8bf4a082fb379c059aefaf775ac86989c9439fa9ca321ed1b99268c551a8c43ea63dddb45fb509c0bf9d174f11cb2cbd6eab5c67a2c3d071be0db3a26e50e7bfb908c7b0a76439ab65c1057ba8f6021362ec13f69b5148461def4431a33316c1799fbca6fc28360426e7b98e72e60f4279ca6e4e8787790822b40ab8e7a31e21ccd951825e734b353d02132a7c06accd35c51078b538189644e4ee56a27f5321c4f298fb0313f9f2580cee3eb2f9e03689cb36e3bfcfcd193cfbad0d878a265d45ce77555fffbd714df7f4a85a0c57cd5cacff64cccabe1aed9fd585e6a03b24fc9b811c215fbdb5e75fc5c711992945b07d2d6bdddbef65465e21511afed84030559d51bfb41df85918de158123e42b37491f494d14d3b3261f5a6fe73642968992e427f6db461d49bb201bf82a55157dfc780a2a847fd8915d5eac6e8654f61319bada847baa3845d73625c3bc00d5b1dbf0f55fefe75b8dafdf04cb340734193c910d2342359258754c3ca7d48a137054f89a99860f7325990532920d3bcdfbc5b0d24b3c3b30a47a9ee0fe5219b1cfa6af36d25a2b0094e2a61da83945b3a58cfbc50feffbb335fa2e5ddd25d0015fee92fc1834f2c2b6bb2baad472db801c7b0383f80c3a32033984273c60765c246f0335ef4f26ecca6fb7815f5bf579396bdc8f8102200a1dc6628fbed554ce8eb90a5b2e4997c61235b3ea85c2a02fcbcc0643cc2154acec6cb70a80571a2aa1e404325d62ce632e30b808cfaabd6c32f1411a57177014c4a746c611e954a3bd293daa421501279b26ff56ae1c2865027701ccbb286b0e0977b2170ff77547d5ad5ee6ac6767187b9610e25158c79cda526efc3cfbe5723b2d2729cd24cdc087b8e65b4f4223ff34c13a9de57c1320515e19585fa346bf103cd8270dbeba9a79482d63a61badf93e681cfd41e601d2ca975746ab0c0590c1aa5e4f03aa4cb8afb9738726482619a28a3bc190f3e749a10c958f144e3929ba60499e80e3b5554a8ac99b0b71046ce60df27bca5a82333585e161a93a8463fedd9a2397fc192b4e49e491b7999864fefc1d150f11f729b127a41d6f284befc3007466e475f939eaf2bfb603993a91a8997a3e94b6b45ff9294964221ad40c5b12d9021527681a1932660dd505326db49a2d2d765d1e414f3e356f0a0fcaf87760fe10efd751d8d23fd2df989a8da15c2ac8cd05e847a59d730f1eaaca5fb03159bb92164573fee5e9abbc1100af0b91859d0e601fbb57637bd0dd36855f6daa54ed22b83a81912cc96833eccf8be81c7ee946ad52a4dda42412a1df5053e3d0748de0b942bbb3bebb8cb73682678340a0af19830aee65e540b696d95bea8e8efeb6e3a61b0767aea9a73f0523c15eb2bf92db9bbcb1a11b0b6d04c746a1b8d774fee0cde41c51d9d4ccb3cbc43b294694eb325cddbfcea83a1ee471a35cde6f1d59ea3aef2357185413cc4261faf2aafeab58d9b00615b4fe76a7b23ddb4dcb2cb0a69f0b12e8bf0c5f28b348f79e7c12a4285e0a90a175f5b1e71ff51f40242729ebf2db1bad0a499963a891c5ed3e3b4b83d39ff71da4d873af00fd476a1e033559142002f999a1a56c71692d8de0e9628b3cc3b1b6f026f3f2c3812573b2d85bbef7b4c36870a11622f237acfa84a9ab8b3ee09f94082e86235c47cd855fce85f94e22aa8a8b031abf194668df89e156ef4980ef86161db7b9a32bf4a2a067ca7c4e50db761edbac05d8fd5b1f5fb98c9c5fb94b58c5c7f1f6d25be2d19b9ae6908a56572af9486f1320753fd020f47230d6dfb6d6e9312b67cfc1650cc3a4e3feeca9866f781bb1453ca7cd0f689adeeade2228c453bde3280a7b8ba552e48d2c3c9f1550907e898228c6aab14bbd988b01213e486ea07df85337bce67c06464c247725defb5a876980b86a0e3c314c290df9f4dcc4ae56f88bf48198eda2922009ccd9e210549e77384b8eeff38831ca0fc8800c12d305d777557578a0b9fb77a2a4ddcae95634d8f805eeea1dd005c20c060602a6b6002022bd30245b82ba9b5290b971c3db0e2ecde9f929b0288b9bd185d847fd8a21b57978f6aa2935736d24cd8fc57fb1d9c8ca523796384d763a9c09a83ee1ffb8e28b385af5743cec44d6e14a68223dfbeec66e440f4074d193f33f23fb5f0bfa4e6374590054bee52b838293759265e851ea3744a5ad72ce7709cb1f7ba03eb29a9117364bfe1f7e84f5e599d76dfaecf85bcbda3e64f5b028e8ee40305c0d8340c8ca8f72363aae666f1d73181d2b6439cc8e50f38b6748a329e435de091a3f091cdd86c91b862b870821411d30d86a995a76e72c8798fb7be00fd29ed0970c50b503894a0cb43ed0d522a14f1861fbc9107ef3e18b44e25982334653c09b3d44ce0746030137cc08ad27a3004c3019b8c1e89a6e5fa7068e3b59ae5e4a477a0f1c0544172cf581afbbe48f61e9a2f6931ea6f6e7839bb0b030e6747fec73b4ad59efc5ea6e93fc6def5f7228d00812ab2a3822efaf2fc82b3576755286a851582693f3a3cdd67e1fc6adb9af0e79cb0384dc43e2e1ab9e2eac6318b9834a1f9b7deee9f51d77ef0cc7d5313e575c349b87fc3686057abbde3e314e5f9f6ff1cf444ead65c94b964a7f30193978cb10a3b608aab076a87b753625e45c49488333fb218b24a87f56254cb043bdf9ca5f7bb0d9ecff53fa7109a930f5a4cb14007514d61c4a1114b5281b0550730d5a1925275fc4c507a53f3002036b1fef8"}}, 0x100e)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000840)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x1, 0x7f, 0x2002}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x30008014}, 0x4004810)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)

2m23.477087785s ago: executing program 1 (id=1326):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x82100, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8d80, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x10000}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$DVD_READ_STRUCT(r0, 0x5390, &(0x7f0000000440)=@physical={0x0, 0x3, [{0x8, 0x5, 0x5, 0x7, 0x3, 0x0, 0x1, 0x7, 0x6, 0x1, 0x8, 0x8, 0x7}, {0x4, 0x8, 0x3, 0x6, 0x1, 0x0, 0x1, 0x8, 0x7, 0x1, 0x4, 0x7, 0x7}, {0x1, 0xf, 0x0, 0x6, 0x4, 0x1, 0x1, 0x3, 0xc, 0x0, 0x0, 0x4, 0x1}, {0x7, 0x1, 0x3, 0x7, 0x6, 0x1, 0x1, 0xd, 0x0, 0x0, 0x9, 0xe, 0xfffffff9}]})

2m23.476365138s ago: executing program 1 (id=1328):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000002700), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
recvmmsg(r2, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=""/10, 0xa}, 0x3}], 0x2, 0x10122, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000240)={0x2, 'veth1_to_bridge\x00', {0x5}, 0x5})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x83, &(0x7f0000000140), 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'rr\x00', 0x1d, 0x1000, 0x4a}, 0x2c)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000014000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2m23.207231962s ago: executing program 1 (id=1338):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
writev(r0, &(0x7f0000001440)=[{&(0x7f0000000940)="03000000000201", 0x7}], 0x1)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) (async)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x1c, 0x15, 0x301, 0x0, 0x0, {0xc}, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000) (async)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x1c, 0x15, 0x301, 0x0, 0x0, {0xc}, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8}) (async)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000005c003f80110001006272696467655f736c617665000000"], 0x7c}}, 0x80)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000bd9000/0x3000)=nil, &(0x7f0000883000/0x3000)=nil, 0x3000, 0x3})

2m23.058718666s ago: executing program 1 (id=1341):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000057c0)=[{{&(0x7f00000002c0)={0xa, 0x4e23, 0x509, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8}, 0x1c, 0x0}}], 0x1, 0x20004808)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010029bd7000ffdbdf25010000000806"], 0x1c}, 0x1, 0x0, 0x0, 0x4008800}, 0x440)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x4, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000000c0)={0x0, "08000000000000000000000000000000000000b582000000010000000100"})
ioctl$SW_SYNC_IOC_INC(r2, 0x40045701, &(0x7f00000001c0)=0x9)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r3, 0x80480911, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

2m22.538641572s ago: executing program 1 (id=1345):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000400)=0x110494)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000500000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

2m22.432428026s ago: executing program 32 (id=1345):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000400)=0x110494)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000500000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

1m0.839556409s ago: executing program 2 (id=2441):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) (async)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) (rerun: 64)
r2 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) (async)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty=0xb00, @multicast2=0xe0000001}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000240), &(0x7f00000001c0)}, 0x20) (async)
setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000001600), 0x4) (async)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000001040)) (async)
writev(r3, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

1m0.836638808s ago: executing program 2 (id=2444):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000480)={0x0, "b500e2279c2996817bb959eb2b238deda525e1dbdeffafbf2500"})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'syzkaller0\x00'})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x1a, r2, 0x1, 0x1, 0x6, @broadcast}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$cgroup2(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800010, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
r3 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000001100)={&(0x7f0000001200)=[{0x0, 0x0, 0x0, 0x0}, {0x0, 0xf5ff, 0x1, &(0x7f0000001140)="b5"}], 0x2})
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa25404, 0x0)
removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@known='system.sockprotoname\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
preadv2(r5, &(0x7f0000000040)=[{&(0x7f0000000100)=""/65, 0x41}], 0x1, 0x2, 0x0, 0x1)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00')

1m0.719425334s ago: executing program 2 (id=2448):
ioprio_set$uid(0x3, 0xee01, 0x4000)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_setup(0x3450, &(0x7f0000000080))
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0) (async, rerun: 32)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) (async)
listen(r4, 0x0) (async)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x40, 0x4) (async)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) (async, rerun: 64)
listen(r5, 0x0) (rerun: 64)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) (async, rerun: 64)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (rerun: 64)
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000182000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000240)="662ef30f1ef966b80500000066b96d0000000f01d90f01c30f01cb3ef30f6f0c2e0fc71a650f090f20e06635100000000f22e0b877008ec80f0135", 0x3b}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0) (async)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000340)={[0x3ffffd, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x213f85fe, 0x101, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x5, 0x4, 0x100000000], 0x3000, 0x280384}) (async, rerun: 64)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r8, 0x0) (rerun: 64)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00032cbd7000fedbdf250f0000000c00060001000000010000000c00060003000000000000000c00060001000000010000009e8e19610cf3fd862eb5a7a30929d3ba1c7d6dfb7b3c424e7c40e2a059365feac662d1688b0bd4d7410daec2d556870c2ddcf5b4d1306513e478ef287195e1b2ca931468242c8cb91b0e13f873e6c641d6a108ef26518b19898970a4f87d68042e08b7ea612f2cf9d3424802db491c04375c6ced43887b78d9390b60310c6da7c69f68a6f2b2c4f7de65295e9d09c13493221910d6bad0f9ffc2aabfeed051e2d3e04921ed4e2418ffab73d7f18a238f417d145ac57e3c576bc57b14159cbfaf3ce20929881d9d44704c0550863f1652602b123676b2e4740ed5fa478654"], 0x38}}, 0x4)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0)
sendmsg$IEEE802154_LIST_IFACE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002cbd7000ffdbdf251f0000000a0001007770616e31"], 0x20}, 0x1, 0x0, 0x0, 0x48800}, 0x24000800)

1m0.719093907s ago: executing program 2 (id=2450):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x15001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x40}, 0x1, 0x0, 0x0, 0x14000084}, 0x20004080)
dup2(0xffffffffffffffff, r0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]})

1m0.57992029s ago: executing program 2 (id=2451):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000140)=0x1)
open_tree(r0, &(0x7f0000000100)='./file1\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x810c5a, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=virtio,posixacl'])
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x1a3)
ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000000))
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

1m0.329135662s ago: executing program 2 (id=2454):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1d4, r0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0x12a, 0x2a, [@perr={0x84, 0x9b, {0xc1, 0x9, [{{0x0, 0x1}, @device_b, 0xfffffd3a, @value=@broadcast, 0x31}, {{0x0, 0x1}, @device_b, 0x5, @value=@broadcast, 0x2a}, {{0x0, 0x1}, @device_a, 0x4, @value=@device_b, 0x16}, {{}, @device_a, 0x7, @void, 0x2f}, {{}, @broadcast, 0xfffffffa, @void, 0x3b}, {{0x0, 0x1}, @device_b, 0x0, @value=@device_b, 0x8}, {{0x0, 0x1}, @device_b, 0x5, @value, 0x16}, {{0x0, 0x1}, @device_b, 0x7, @value=@device_b, 0x2}, {{}, @device_b, 0x4, @void, 0x3c}]}}, @mesh_id={0x72, 0x6}, @gcr_ga={0xbd, 0x6, @broadcast}, @sec_chan_ofs={0x3e, 0x1, 0x1}, @tim={0x5, 0x74, {0x1, 0x35, 0x9, "f84615dba5b4f0ec0fa169ceb8187ecbe2336298c5103b87e57fb40de7ec48e20d15608676b5a46b82c8d63fabea50fab6615649ee98e4dacbd9c4747441390749d375a3a4d445974656a1690008e4de567ad690950a2fad48b2cadc71fc21c36f84b17f3f7d6179c8488b856017d5c01e"}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x94, 0x80, [@dsss={0x3, 0x1, 0x7c}, @perr={0x84, 0x7b, {0x2, 0x7, [{{}, @broadcast, 0xe5, @void, 0x28}, {{0x0, 0x1}, @device_a, 0x7, @value=@broadcast, 0x28}, {{0x0, 0x1}, @device_a, 0x4, @value=@broadcast, 0x42}, {{}, @broadcast, 0x406a728b, @void, 0x3a}, {{0x0, 0x1}, @broadcast, 0x9, @value=@device_b, 0x37}, {{0x0, 0x1}, @device_b, 0x9, @value=@device_b, 0x6}, {{0x0, 0x1}, @device_a, 0xa, @value, 0x7}]}}, @gcr_ga={0xbd, 0x6, @device_b}, @cf={0x4, 0x6, {0x1, 0xc4, 0xaf30, 0x8}}]}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x4004000}, 0x80) (async)
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x18, 0x3f9, 0x4, 0x70bd25, 0x25dfdbfe, {0x0, 0x1}, ["", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x4048050}, 0x4004800) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r1=>0x0}) (rerun: 64)
sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x64, r0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7, 0x6e}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "b9e17822234514b3862279546fc4a878"}, @NL80211_ATTR_PMK={0x14, 0xfe, "712f4e913641c9c5e3c1039d412a1f84"}, @NL80211_ATTR_PMK={0x14, 0xfe, "bc1102163285455841a013722e1eb2fb"}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) (async, rerun: 32)
r2 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 32)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000580)=0x1002, 0x4) (async, rerun: 64)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0xfffffff8, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x50) (rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)}, 0x20) (async)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/zoneinfo\x00', 0x0, 0x0) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0x20, &(0x7f0000000b00)={&(0x7f0000000980)=""/134, 0x86, <r6=>0x0, &(0x7f0000000a40)=""/187, 0xbb}}, 0x10) (async)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000d80)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe14a, 0x0, 0x0, 0x0, 0x6}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x4}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x8}]}, &(0x7f0000000bc0)='syzkaller\x00', 0x3, 0xb1, &(0x7f0000000c00)=""/177, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000cc0)={0x0, 0x10, 0x10000, 0x3}, 0x10, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000d00)=[0x1], &(0x7f0000000d40)=[{0x0, 0x4, 0xa, 0x9}], 0x10, 0xe}, 0x94) (async, rerun: 64)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e40)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x3}, 0x50) (async, rerun: 64)
r9 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000ec0)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000f80)={{0xffffffffffffffff, <r10=>0xffffffffffffffff}, &(0x7f0000000f00), &(0x7f0000000f40)='%pK    \x00'}, 0x20) (async)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000fc0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x2}, 0x50)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001040)={0x0, 0xfffffff7, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x3, 0x20, &(0x7f0000000700)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ldst={0x0, 0x0, 0x4, 0x3, 0x2, 0xfffffffffffffffe, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x6}, @btf_id={0x18, 0xd, 0x3, 0x0, 0x5}, @exit, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffe}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000800)='GPL\x00', 0x80000000, 0xa9, &(0x7f0000000840)=""/169, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x37, r5, 0x8, &(0x7f0000000940)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x0, &(0x7f0000001080)=[r8, r9, r10, r11, r12]}, 0x94)
r13 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_MCAST_MSFILTER(r13, 0x29, 0x30, &(0x7f0000001180)={0xfffffffb, {{0xa, 0x4e24, 0x3, @remote, 0x10000}}, 0x1, 0x2, [{{0xa, 0x4e24, 0x6, @loopback, 0x1}}, {{0xa, 0x4e24, 0x10000, @empty, 0xfffffffd}}]}, 0x190)
r14 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r13, 0x8983, &(0x7f0000001340)={0x2, 'veth0\x00', {0x8}, 0xc}) (async)
r15 = syz_genetlink_get_family_id$tipc(&(0x7f00000013c0), r9)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x30, r15, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x9, @bearer=@udp='udp:syz1\x00'}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x8004040)
socket$inet6_icmp(0xa, 0x2, 0x3a) (async)
bind$inet6(r14, &(0x7f00000014c0)={0xa, 0x4e22, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8}, 0x1c) (async)
r16 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
getsockopt$inet_mreqn(r9, 0x0, 0x23, &(0x7f0000001540)={@dev, @private, <r17=>0x0}, &(0x7f0000001580)=0xc) (rerun: 64)
sendmsg$nl_route(r16, &(0x7f00000016c0)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001680)={&(0x7f00000015c0)=@bridge_getlink={0x88, 0x12, 0x800, 0x70bd28, 0x25dfdbfe, {0x7, 0x0, 0x0, r17, 0x480, 0x20080}, [@IFLA_OPERSTATE={0x5, 0x10, 0x4}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x3e57}, @IFLA_TXQLEN={0x8, 0xd, 0x10}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x6}, @IFLA_EXT_MASK={0x8, 0x1d, 0xfffffffe}, @IFLA_PROP_LIST={0x40, 0x34, 0x0, 0x1, [{0x14}, {0x14, 0x35, 'bond_slave_1\x00'}, {0x14, 0x35, 'veth0_to_hsr\x00'}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x40000) (async)
sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f00000017c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x20, r0, 0x300, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x575, 0x2b}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

1m0.276257842s ago: executing program 33 (id=2454):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1d4, r0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0x12a, 0x2a, [@perr={0x84, 0x9b, {0xc1, 0x9, [{{0x0, 0x1}, @device_b, 0xfffffd3a, @value=@broadcast, 0x31}, {{0x0, 0x1}, @device_b, 0x5, @value=@broadcast, 0x2a}, {{0x0, 0x1}, @device_a, 0x4, @value=@device_b, 0x16}, {{}, @device_a, 0x7, @void, 0x2f}, {{}, @broadcast, 0xfffffffa, @void, 0x3b}, {{0x0, 0x1}, @device_b, 0x0, @value=@device_b, 0x8}, {{0x0, 0x1}, @device_b, 0x5, @value, 0x16}, {{0x0, 0x1}, @device_b, 0x7, @value=@device_b, 0x2}, {{}, @device_b, 0x4, @void, 0x3c}]}}, @mesh_id={0x72, 0x6}, @gcr_ga={0xbd, 0x6, @broadcast}, @sec_chan_ofs={0x3e, 0x1, 0x1}, @tim={0x5, 0x74, {0x1, 0x35, 0x9, "f84615dba5b4f0ec0fa169ceb8187ecbe2336298c5103b87e57fb40de7ec48e20d15608676b5a46b82c8d63fabea50fab6615649ee98e4dacbd9c4747441390749d375a3a4d445974656a1690008e4de567ad690950a2fad48b2cadc71fc21c36f84b17f3f7d6179c8488b856017d5c01e"}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x94, 0x80, [@dsss={0x3, 0x1, 0x7c}, @perr={0x84, 0x7b, {0x2, 0x7, [{{}, @broadcast, 0xe5, @void, 0x28}, {{0x0, 0x1}, @device_a, 0x7, @value=@broadcast, 0x28}, {{0x0, 0x1}, @device_a, 0x4, @value=@broadcast, 0x42}, {{}, @broadcast, 0x406a728b, @void, 0x3a}, {{0x0, 0x1}, @broadcast, 0x9, @value=@device_b, 0x37}, {{0x0, 0x1}, @device_b, 0x9, @value=@device_b, 0x6}, {{0x0, 0x1}, @device_a, 0xa, @value, 0x7}]}}, @gcr_ga={0xbd, 0x6, @device_b}, @cf={0x4, 0x6, {0x1, 0xc4, 0xaf30, 0x8}}]}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x4004000}, 0x80) (async)
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x18, 0x3f9, 0x4, 0x70bd25, 0x25dfdbfe, {0x0, 0x1}, ["", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x4048050}, 0x4004800) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00', <r1=>0x0}) (rerun: 64)
sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x64, r0, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7, 0x6e}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "b9e17822234514b3862279546fc4a878"}, @NL80211_ATTR_PMK={0x14, 0xfe, "712f4e913641c9c5e3c1039d412a1f84"}, @NL80211_ATTR_PMK={0x14, 0xfe, "bc1102163285455841a013722e1eb2fb"}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) (async, rerun: 32)
r2 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 32)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000580)=0x1002, 0x4) (async, rerun: 64)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0xfffffff8, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x2}, 0x50) (rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)}, 0x20) (async)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/zoneinfo\x00', 0x0, 0x0) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0x20, &(0x7f0000000b00)={&(0x7f0000000980)=""/134, 0x86, <r6=>0x0, &(0x7f0000000a40)=""/187, 0xbb}}, 0x10) (async)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000d80)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe14a, 0x0, 0x0, 0x0, 0x6}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x4}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x8}]}, &(0x7f0000000bc0)='syzkaller\x00', 0x3, 0xb1, &(0x7f0000000c00)=""/177, 0x40f00, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000cc0)={0x0, 0x10, 0x10000, 0x3}, 0x10, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000d00)=[0x1], &(0x7f0000000d40)=[{0x0, 0x4, 0xa, 0x9}], 0x10, 0xe}, 0x94) (async, rerun: 64)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e40)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x3}, 0x50) (async, rerun: 64)
r9 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000ec0)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000f80)={{0xffffffffffffffff, <r10=>0xffffffffffffffff}, &(0x7f0000000f00), &(0x7f0000000f40)='%pK    \x00'}, 0x20) (async)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000fc0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x2}, 0x50)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001040)={0x0, 0xfffffff7, 0x10}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x3, 0x20, &(0x7f0000000700)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@ldst={0x0, 0x0, 0x4, 0x3, 0x2, 0xfffffffffffffffe, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x6}, @btf_id={0x18, 0xd, 0x3, 0x0, 0x5}, @exit, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffe}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000800)='GPL\x00', 0x80000000, 0xa9, &(0x7f0000000840)=""/169, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x37, r5, 0x8, &(0x7f0000000940)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, r6, r7, 0x0, &(0x7f0000001080)=[r8, r9, r10, r11, r12]}, 0x94)
r13 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_MCAST_MSFILTER(r13, 0x29, 0x30, &(0x7f0000001180)={0xfffffffb, {{0xa, 0x4e24, 0x3, @remote, 0x10000}}, 0x1, 0x2, [{{0xa, 0x4e24, 0x6, @loopback, 0x1}}, {{0xa, 0x4e24, 0x10000, @empty, 0xfffffffd}}]}, 0x190)
r14 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r13, 0x8983, &(0x7f0000001340)={0x2, 'veth0\x00', {0x8}, 0xc}) (async)
r15 = syz_genetlink_get_family_id$tipc(&(0x7f00000013c0), r9)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x30, r15, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x9, @bearer=@udp='udp:syz1\x00'}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x8004040)
socket$inet6_icmp(0xa, 0x2, 0x3a) (async)
bind$inet6(r14, &(0x7f00000014c0)={0xa, 0x4e22, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8}, 0x1c) (async)
r16 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
getsockopt$inet_mreqn(r9, 0x0, 0x23, &(0x7f0000001540)={@dev, @private, <r17=>0x0}, &(0x7f0000001580)=0xc) (rerun: 64)
sendmsg$nl_route(r16, &(0x7f00000016c0)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001680)={&(0x7f00000015c0)=@bridge_getlink={0x88, 0x12, 0x800, 0x70bd28, 0x25dfdbfe, {0x7, 0x0, 0x0, r17, 0x480, 0x20080}, [@IFLA_OPERSTATE={0x5, 0x10, 0x4}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x3e57}, @IFLA_TXQLEN={0x8, 0xd, 0x10}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x6}, @IFLA_EXT_MASK={0x8, 0x1d, 0xfffffffe}, @IFLA_PROP_LIST={0x40, 0x34, 0x0, 0x1, [{0x14}, {0x14, 0x35, 'bond_slave_1\x00'}, {0x14, 0x35, 'veth0_to_hsr\x00'}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x40000) (async)
sendmsg$NL80211_CMD_GET_SCAN(r5, &(0x7f00000017c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x20, r0, 0x300, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x575, 0x2b}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

52.792796783s ago: executing program 3 (id=2552):
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000100)='blkio.bfq.sectors\x00', 0x0, 0x0)
preadv(r5, &(0x7f00000000c0)=[{&(0x7f0000000240)=""/140, 0x8c}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r5, 0x84, 0x12, &(0x7f0000000080), &(0x7f0000000140)=0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x2}]}}, &(0x7f0000000540)=""/132, 0x26, 0x84, 0x1}, 0x20)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x6, 0x4, 0x8, 0xd}, 0x50)
syz_kvm_setup_cpu$x86(r5, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@textreal={0x8, &(0x7f0000000340)="baf80c66b8f8f5fb8b66efbafc0c66ed660f38813d640f4fc5dd360e000f01c4abf30f019b99ab64260fc72a0f01c9440f20c066350f000000440f22c0", 0x3d}], 0x1, 0x0, &(0x7f0000000300)=[@vmwrite={0x8, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, @dstype0={0x6, 0x4}], 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000108000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000001d00"/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r7}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r6, <r8=>0xffffffffffffffff}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r8, &(0x7f00000007c0), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x13c}, 0x1c)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x20000005, @remote, 0x2}, 0x1c)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x3, 0x0, 0x40, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3, 0xfffffffffffffffc], 0xeeee8000})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

52.580055598s ago: executing program 3 (id=2555):
setitimer(0x0, &(0x7f00000000c0)={{}, {0x1}}, 0x0)
getitimer(0x0, &(0x7f0000001740))
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000002000010027bd7000000000000a002040000000070000000014000200fe88000000000000000000000000010108000d"], 0x40}, 0x1, 0x0, 0x0, 0x24048844}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_BMAP(r0, &(0x7f0000000080)={0x18, 0x0, r3, {0x7}}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg/2:0:0:0\x00', 0x80, 0x0)
ioctl$BSG_IO(r5, 0x2285, &(0x7f0000000280)={0x51, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xcd6, 0xbffff6df, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x9144e6a29fca871a, 0x0, 0x304})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000380), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYRESDEC=r4, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r7 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000001, 0x13, r7, 0x27d69000)
write$FUSE_INIT(r6, &(0x7f0000000000)={0x50, 0x0, 0x0, {0x7, 0x27, 0x0, 0x12a34729, 0x0, 0x0, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x20}}, 0x50)
setitimer(0x2, &(0x7f0000000100)={{0x0, 0x2710}, {0x77359400}}, 0x0)

51.721198626s ago: executing program 3 (id=2567):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}, 0x1, 0x0, 0x0, 0x68840}, 0x4)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0x10e0}, {&(0x7f0000001580)=""/238, 0xf0}], 0x4, 0x0, 0x353}}], 0x40000000000002e, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="700000000009010100000000000000000a000007080005400000000c0900010073797a310000ff000c00048008090000000000063c0002000c00028005000100010000002c0001"], 0x70}}, 0x80)

51.720022385s ago: executing program 3 (id=2569):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
faccessat2(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x11, 0x0)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x3a, 0x2f, 0x1, 0xe, 0x3, 0x3, 0x1, 0xfb, 0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r2 = dup2(r1, r0)
flock(r2, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x41, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
setfsgid(0xee00)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f0000000140)={0x7, &(0x7f00000000c0)=[{0x8, 0x8}, {0x7fff, 0xff}, {0x5, 0xf9}, {}, {0x3, 0xf}, {0x34fa, 0x4}, {0x2, 0x3}]})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(r5, &(0x7f0000000040)='syscall\x00')
pread64(r6, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x10000, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c6d61785f726561643d30783030303030303030303030303046f4373439"])
ioctl$VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000040)={0x53, 0xa, 0x0, "3258c546dacccfae1e008faa00000000f4ff4000"})
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="400009000906010800184500005ba93edcfc2ec2000000000200ffff180007800c00018008000140e0000002081e9b788f15000a40000000020900020073797a31000e0000050001"], 0x40}, 0x1, 0x0, 0x0, 0xcb58c9f2fa78421b}, 0x40c0080)

51.652455338s ago: executing program 3 (id=2572):
socket$nl_route(0x10, 0x3, 0x0)

51.257385805s ago: executing program 3 (id=2580):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x6, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000001c0))
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0x6}]}]}, 0x4c}}, 0x0) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x38, r3, 0x801, 0x0, 0x3, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_KEY={0x1c, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "7ec1d5adfd"}, @NL80211_KEY_TYPE={0xfffffffffffffd69, 0x7, 0x2}]}]}, 0x38}}, 0x20000000) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r7 = io_uring_setup(0x7939, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x1, 0x215})
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2, 0x0, 0x1}, 0x48)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r8, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r9}, 0x3f) (async)
recvfrom(r9, &(0x7f00000004c0)=""/186, 0xba, 0x10021, 0x0, 0x0) (async)
close_range(r7, 0xffffffffffffffff, 0x0) (async)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), r4)
sendmsg$DEVLINK_CMD_PORT_SET(r4, &(0x7f0000000700)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x40, r12, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x6}}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x10)
r13 = dup3(r11, r10, 0x80000)
ioctl$BINDER_WRITE_READ(r13, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r13, 0x80585414, &(0x7f0000000140)) (async)
sendmsg$NFT_MSG_GETSETELEM(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
r14 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$vim2m_VIDIOC_G_FMT(r14, 0xc0d05604, &(0x7f0000000300)={0x1, @vbi={0x1c, 0x5, 0x96b, 0x64737664, [0x5, 0x5], [0x3, 0x4], 0x108}})

51.184206459s ago: executing program 34 (id=2580):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x6, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000001c0))
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0x6}]}]}, 0x4c}}, 0x0) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x38, r3, 0x801, 0x0, 0x3, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_KEY={0x1c, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "7ec1d5adfd"}, @NL80211_KEY_TYPE={0xfffffffffffffd69, 0x7, 0x2}]}]}, 0x38}}, 0x20000000) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r7 = io_uring_setup(0x7939, &(0x7f00000004c0)={0x0, 0x0, 0x2, 0x1, 0x215})
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2, 0x0, 0x1}, 0x48)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r8, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r9}, 0x3f) (async)
recvfrom(r9, &(0x7f00000004c0)=""/186, 0xba, 0x10021, 0x0, 0x0) (async)
close_range(r7, 0xffffffffffffffff, 0x0) (async)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), r4)
sendmsg$DEVLINK_CMD_PORT_SET(r4, &(0x7f0000000700)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x40, r12, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x6}}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x10)
r13 = dup3(r11, r10, 0x80000)
ioctl$BINDER_WRITE_READ(r13, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r13, 0x80585414, &(0x7f0000000140)) (async)
sendmsg$NFT_MSG_GETSETELEM(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
r14 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$vim2m_VIDIOC_G_FMT(r14, 0xc0d05604, &(0x7f0000000300)={0x1, @vbi={0x1c, 0x5, 0x96b, 0x64737664, [0x5, 0x5], [0x3, 0x4], 0x108}})

21.329911436s ago: executing program 0 (id=3083):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000050cb5340450cd0773ac0ce6c00a2090a1b7f04173e5397f5770002010035040009058d7b86", @ANYBLOB="c3718f6405bfc2690fff0e32b3e9bbc8c2dc5d5af328d70121059ecb877c6339f02cd8f6cf2dd0b737a2ce39ed5daeeb7d1ae66b6b1888a5142d2b7a2377283ec89bcfeb9ae05a46f942ed722665cfbba6bcc2e7cfe0447820ed6cd2a7c8bcfd4dd756871631ac2e45400e6efc8420ebd1be3918e0c04259cb0c5e3b5f3a3164be5645044c067a8328a3d36291d74c77d044196b77c00dcf8d313e7694e774d1160e3a9150e8f15a60ee6693f9a9e089ea8c2f532e4e49bfdac772981a10a31793af7ca3ddecf2e5", @ANYBLOB], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
setsockopt$inet6_int(r0, 0x29, 0x31, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

18.281939221s ago: executing program 0 (id=3115):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000000000000000200000000000000036071ba0219cade8ef2c54ff5c8b7f90376652cf5696e95fcb8756b8e978f0aa1ddbef26f94643b01a1182"], 0x24, 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x80, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x1, 0x5000003a, r0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x4000, &(0x7f0000000600)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
statfs(&(0x7f0000000040)='./file0\x00', 0x0)
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000380)={0x50, 0x0, r3}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000004280)="a8698fe7c840998ff296b8001083e08d47cea0b5f5f1d62a6ba00c56a0c7171b20205ff3584fc355d27b14eecab7f12ad31242e982fb39b2743e97a2fc6ef560628457aa60837cb3a82d524d5caf117589c672270bf81f62c59472b483f2611fccddc7e33bf672b042e6709191976c6e9b5e972b810283e6b0fc9397d6cfecc0a8d185070efa26b5f303e6d6f044724e6e8a06649fbc5386996890d81987967aee5b6d6c44b4227237dea6b294a61de053bc506515a72c42bc4f94d0dd6bc3ab26864e5a4bbff035d710fc1577fb49f54030f1b53ac978447740c20a124afe33a0bbe2453a3a7f8eeb6ae566d1ebb17181e275c76f687b003d5237d5005ce73c184233ca8a9602d6636302cf562104a968be14bb18a1b4a2e218af0f2ea71a14bfae6ddbed7aa920110602bfd51a5cb2250c54ca9b14e40dbea16326b331e33d4eba3553405901cedcbbc1fdb615359eba07771e56ef6acc517728df5f84c3d014fd273e9d89df12869cd21dc1d1515c064ff3dba3b6c8440b78c3c4dad9eb09333ba216b3d6d8babdc59d347e09d25cba13b1a691921a756d4e0f935a216293214b50339552a8a2fc4ef5b5513916c152004a2219f6052a74263b8d216c6cd2c84cff6d3e5ab8a2f0f2800c6974f31bd1dbbcfc3d014f31a7f9846c43521c23b96d6e2c7cc2bd5dc1749dd004ce2ee9c4e2638b0b5033a9e188f537b0c26a82612504b2af4e26ea39c743ef3a459162e4fddfaad79b85044d88d94774a50963114ab30d22ddda2b47ea713157bd770f4bdd0f9b829e6d44637b5a417c8880b62cfa51ade109a13e4906d86619252724f0bd8ba90f02154725470f144e3942de0749ee3f5eef7f5d63097739623f110a9eb4b21d2f74b34bb392f373e4d8ec727d65424b2b660c9abf1f668d7ccb04be1b76242412ed884df954679aa3746a34e011bd122a0d46c3a3bf9b6b436c96eb5993735b2cb4b56d376f0278a7b259e29f19e385198ba64810e5b8cc258edb07306077806fc261699f838a57db56359cec57e2cbf664b642348ecf74b0b5a08badc0d10ee9d04857c5524cb6589b481c44324ea73f2dc26a87883b89decea3bd3fb28a1959db90e239cd98215bfdf0b7e932582a6ac7d15c154a9e5143be9a499402ffeed79b21516c09f5837b55f118ca2d224ad6022c58af48e12c2d2dfa0299a2c2c0165d09de9180dbd9c201623f672387154011d878ab2817663553e3ab9c1c0507e0129261751318a6e07d54d1b90c90a097d994c551b552c88d418b127ed130de600f74ca3c23451abf5f09537851ca657e14bc6409bb511eafd812253b582f130294da973acb9e00700000aae980d211e40bc73c0a098cc349f90e5f3292f4873ce1cfb1c0d3aa92a510970f43d2772b57487cfe2e3cb70861aeb3efaf9efe735d10d9249043212a961348c1d7fdf36660927245a5bb079def6e5c9a1d8f54689e45573790c2155df64aa06c093e1fc974127e80d5b9da02954e18c292a52f962bb9f8785599b7e1a35fe153b6022f7bb195f8e3c609dafa52aa3eb6fb2eb82d9a09ab0de0a47f92ee97b05b279e55720e3c4743a6d56f151e5363473d46ce5fb1c5162601856f8c0b3eb7f4f5502928e4bb3ed94ce7446f64578c9faec8a8133e041df740acf6ce510ef7b70dcf7f12e7024ebdd115895f40e684f91003fad967935be2ac19cfa057f2b61a6e2a988e0381f23ea1b204013b0111db5f9b9d018598577acefd7c719b366b8bc575de20ee497c8ed02760275ea9ceb38568f78919df95765296d75a7ccce394016cb02881a3d37de32caf64972cfea2554a591f1b1600a9b5a834af504851fcb400156df3448d671c488e3aebd152d0cc81bf8e8bb57b1d045f11b558cbea0519757025fae2fc2d06250e689743eb8f138711194bfaecbe3512bf32959bc683e84ad6f85b5d7333961c2e5d609255ef0db2b8af4d9f1f80103ff6cb130e0b4d7a9570382683222b709fd6b34aa5884bf7f43e00c4060daae2426bc0c5557057ccd1127e156b5dcd4022d823fc4b10905ad08f956ff0e1e03eadee4b60a325ec1d97193beb3f0c060ac37f05f33a9d5336743178a195e36751b959e47e8fd3cbe8ef3b35da1a5da92f21c50ab22649e95df6533f306314b8b216421f8767fd460550cd759dd6449e31a4b587338ff11eec3080b2bd5c3b0e4882289f6bd4d6e722275c3e2be2520ab3416c7ea85fa8838fa988524fc2f64e3ac7db344b83e095a343ad16d607b4aa5abc687264ce36d4068d712850a47be005c28c07ee71abbe40927a3db0afa1f235e3133cb2743db39404f6ab7925a800fe5e2e2d7b2cc1cb20f53aeb418c1a2cd19ef2a92b9cf21ffb78c5278179132cf93e4e266fef95bce9d3b4bd3cbd6a030b6b8684fead87c1793e72c0b4c7baaca7372faf429ed2b73387b5aec20d9fc4ea6232ebf6cb0101660d8c7a4f8b44aa2f92a3609c1634df6e304e9629bd3c0b2e829490037a3af8129e5526ef1618aade56b9dc083a417f21e5ce3b7582060b610d4a002a3508f9b8f0b700440c79eaaa604984bf8334af9adcc04d8463a17db03683c029e1d6835d210730b308b413eb6ef86dc9769bcb51c6769bee39de193666fd9acdc7f66b7d07403117e43f47a0bc06544069720951eaba218ce8d07a825b0ce5270988ab67f53aaeec00f8f3eeeae428aaa5b8cb1bb14c85e664f7fad1cbe0edbb06e23ce924554ba09a570531ea1363cf257eee4c029ed38f18bdfebb0cc65f40bbe9827b1fe573efd1583187f3b55c7c5a0afbf40f5aa01e145a109bb5e9e75e8f3df23744c6ac79d61baa1164f8a3241d4e232dd6ad622d9a31ccf52686e261601c41895172b957ee12ac62fb53a70e18e597c553c02e49eb62283b39264971782b225f5f92bd87d6252bf87ea5643b167414ffc3b437053747163de0d47bfd60181817ec961a3202f374489826bff503fc342c8c42cd3a662efefd48644cacf9d9af8403ddb8bb75a1db603bb7cb106a9d3a0aafabf5b94a7430658ded8606fdc5ad179a6de2c0f8bca762a482682353ecdbb61b37a62c955fa0767d936d7af967ae19557827b931e7d78f740f8e04920e97e644e0bdbe04a6129fd502fc3105f9847bbe2aee780bf8c2c04814b5d1eb7a2914f55d962391c48e159a3068d0ba0d9fffeabbd3c5c614586fcae265131f5b5ee7722f08389402ed49030e233f163c4a9bf2fe2edb40c62a0b444df6d1f71d06143d0eaf77c2f21e18e87f515496d95ed5371375f5049809606ae868e8432f5faa150d55ca279a108e2a699c2f3c17da228c3d04c249e176a9e1417191313f87486683bfd76e0d22f6dc28293a2ffc0ed382b232e452100d54b7246c86ee78fa94523f523ac18102e9ab3be1001863552bc2aff00232341e90af12ac093bad608ad8e7f14662756cdde565ab4afad649fdbe4beaaee1a84b0e6feb5ce315c5b9758ff16660984b1e3e8d0fdc55fafd8c9e2776f8a2fd4b47cea52a4266a40e4a6f35dfb7d648857a1dcd2d3bbf5a97e11f4ea34a961b84b278fac3db0d898528514b6fa237bcc0e6244fb79d6bf65c45833cbed0a2909934d85c67dd48be04894c39c58e46993f8237d1a48db2bb799826fab1fe81cff37a11ce45fcac5f91ce6d2fd83189501434be495147f8263566a471c2872be6d1ab7587cd8db97e5f45b1cfee6a9ef315d79d30c3a2d2ae72c9d9bb20daaeea1b701d4a8437411fc6c26193b0fc1e477b4c467b0096e5b210d85a270fc72860ed79808e0f77f7742d6318dff9b4274a4972ff652a0f0c22533f00000019f339d7be0503a55aaf462e02d63f8b8651dddfa69373bb9856bdc549bc5248acdc0274ab5af5582047f235083b4a1d2f42162eb1d4bb2b31402c5126e4dc18a0af93f0e71fa036518eab354dfd56f5d0dff6bcfb300b673dd575389f7ec97329d31f94505a34ddbc307a8d428963f97cd548a2380ada5998e24243804777283d993f5bffca4b8775782ce58d8e8390d590455d0914413616b7b9fe90b929029ef89ea983fea1af656653841dd8d479fa1b2ed31baf83aa0da4f6c8fb37affecaab651d211cea279599f0b58707e86a979da10833079d9bd8cd1b7e9cfa7509a600b650dbb62fe3e8d91411baee677dd9eec3707ca3ea2a3fb30f4f4fef55e3bbfe09c0f25340d7bc414ca99b2bcfdfca87015cce9b2e2cdf8aab550185897270d862eb345db7df4286cfb85a9cfba5826d5d045d5696d75838ab4760caea3a20617734bf61e667356cee8cdbfecccd5f022500cecc844b804b65f5320b4841a4b18841cb6a1c684b539a2eae2f6f30d4c21f3dd3de6a1032b62d062c6a005c9b7a218f70de341dbf3cf18cb2b6262eff861eb979ccf88746cf100e04dc31cd26f115f8d504d71c43a03ce250dc29cb3a5bb984cdd3b63e1b5bc399075997a41b8bb463ab781661f2cba9801534fd3e4563eae755f2c077da501289dc81b9e6ec66911b1a019e9a48385feaebcbd2a792f615ea0f250876dc0e0f7bb62bb0eea9bfbf6fe5037178e4bd1354011edec082ae14e15e23174baa8eb4a27179181f656efe516db695358690b754ae31af5e4dc5f497a81281abc3cee25ad685ec660dcecd650f603fc39f626aabea34248cf67457bfb3d9fbf1e5c199dae306d272dffbc77a68cc7297cf9282912ed53e26b5bf0918e4eb01771c0cd637ca97c9368a5825ec364277872f9eb2a9d3642b09655eeb8e17718fcfc6de927705d919024916f2055e0b5ad201ac1dad1029e16b15f2b9d8dc60194f539f5af00adf01b1726e95e906226b53137a642ded6d86d1af43340e2ac88c5d3bd784beeab2a07a36f00736a01760118f7731c49a305b37b5510137efa315ce719f319f99e8b0d46ddc30922c548aa4ab0ad793da1e69ad7f1cda860e8bb11da86ce7cc35fe484aad7c9a213b1d6ac1e3472fbdd6ca17b4f8338a7ced68c257af1b46082f6561924727d90651967aff85b19153d67a6f16a6c1de1db5ffb6237f9d6c2b9d3e74fb4837c0015bdfa8dbbb6dc2f5a87e34ff5169a61c7ced56e508a7f46dc58c8c1d683c8ec27380e7a6fa896ada95212da08fc3036c4c002cb1a89116e668344a933fd14c786a163d5d2ec9039345d25d6583957be83869549b76b3355e787b4649b7698ce7870cd04a2315be98c3e84a12e4299c9c167022c7ee8e9bf49ecba1a490ec35c1c1e0eeba5cc2f53e38b6aa28c00501153a7c492d38808c2a999e07787b558ee387cccce009cc59b56d6c9eefefc9a0c99a86eb2ec036bf3a3e5335caa04ac55b9b4389ef620c57ce2128bec024fe8f23fdbcd751ae49d84bd7d769b1fc30927468b93ad331d29c3118546dd76f553754bc7c4669a845700038daece7fb64d4321ed4dd77a52eb14e89c05557a5b4ebd683b22a536a7010336fc19e9a6e50ba14d31222dc75c0fba29f74eadae35dd337d4f52caa75dce4405f81883b6f5c2912cd8cc4cc14123c001a8cc043a740250c78d369231ec7a3e79918453c604a10e3b5ab01232ef9446333b6a2fb08c18170d78883ec57f94c892f8d1fd56b0915d3de8df85266a0386e58cad506027c7b4c3350b0b598ef39fb1751b9f43eb30b5f218a4e4bda562d9d537b0a1d6a342e6a44a11b207f64bc63956f1d115e84b3a6ec05d9ffa92463aca8c524e50ed559f02327a1c4c6e6cb4181c2a2f4b02b342f3a5dce66c9df0e737b330f1e02fe6782187e88ab7362723519c828dab49fe864a84621f17380d84b1fa1876b04d5eae3becff186e38dfbe64cd10b02d43fd526f4ee740d9a9a2de6fe867596cdf8cda87dffb1ff63bcc82b0700073102bc6424cd4ff4b25b0730bbbacf982efc4d7ade1283b04469813dd93f8f880978c897eddff942c391e1bc4b66ce1796a507668dd00b900acb226709f0c0d40b379783f4f1ba2f7d76c1d4e2aa5d2daf986f7562d40b3fa0e37c87a0a3a35d14d84ff4e56371adde7f9c827fce74b63c8aba9b44c97631c5fe0fb4a51999c4c286f71cb57614eb3f353dfc7f4cdf82013afb20c9160fccc88e441902784969b5d243971ad012e2fd86bc2503f82beb63fab1416fab838b07e6550aefe2ee4ee55e9178cc18dfa1b8b818a4546882eb9375e12832bb179f556b28b6ca30852747be53923a5c1d0e0a9230006462d2e3cb40225773e504be673772c6606c3661b7d2e3d200ede07f75d776873a1120a114b89df7cc086895a7b69392d18098b2effa55721bcfc79a95e72dbd639f1b9f0a4dac34a1152b0c046885e7601c39a0f3e806cac7c4067ddb9bb7680acf58ea1d64a55a5b01346333999d0cc28243ee99d753b21f7da22d64e565ab6a4f454b6b95cba622831c9713b116869b9e50efca995fbe4373e85cbb95cd830868ef3efa01423982c62c0d6cb4ed0a50ceff560e613369c6b372cc4e506b314e8fca6a81c77aecbfb83c54b1202a1606116305face655d14f35d231ca016bfa2fa268f6a05def53430ad4fbfc9169d57fa5588c4931e068cdf63ddc33bfd0fba54adc80c853a5e7cdde0b1ff435c35939c2fb132090265e66138cd8639702ee285b4e9634545443607a9a84f8c15709eb967c2062b1dd01827091d12bb697db53f68a375dee36e021c99a698bc6d928a930a1418e74662c613b2829a367eb408993851f24cc393f2cc07840c9e73cd2f9ca7ded0bfac8a17bc03fc6195eb86a094c69edd41d5f0f9bd31b56d5d2e43572f3f8d2f26ad626ee9eaafaa571ded286e5c80d56581254c64a930c6cd6506fd59aa6e7878040d6471893a1b4d5c80b2a20a95af45b0f0665616296229bb2633f33c185f47176e3f86b10aedaae4b24adad936c0cc7512b90cf7e7de270edb58713b7ba93a1cf2b47d8cd1c00411bd201064558d21631f8e57ad46780ebd942a8b668fc692415f617408cb14faf49ea43f20bbb8185f0c0df8e4e457faca531d316a127bdc125e24d8c061c0f4e07ef38a4ddca42e5ed9e8b77d7545c8859a02dd8726f708183f8b11272bd79920cf646d5f4b37705b2c67467be9f46096eaea79510b34c54db1747241dffb94d984edd0b1607bc88cb4f3ad63ba90f4676c1e5383c1f4505da4b7945219e32ac1cd5ef7398c3a63c8c28e7bed523491b83a27c86245879f2c462cca3f45e82fd8345ee7770e13d3d30641c8a523d8270fdec3a03be1e962642d9394bafb8f0e930a6b7f5ed1e405699b8ad69a6221744582033aa473967e10e9fa16c78db5612f76cb966b3dbee2bde31ec1e941becb54e0bd771fc688f6e716925aa5fdb2aa5c4d5f950c2e0ab252fa9cb52528f52a000501a93aee20152c526a301585fb169cc57aac9b6ff17110420b73978a785d4bdad47b4ee0fbaabb3e3cc57ab9ef43d740eeafa693ab3266941c6bc2266e33ceb46c941e92543ad5428d9f140223658f796f9e53b5507a0983b81d1a916b1104783e5493b78c9999a4dcfdca7675f9711cab87f7f99fd7be5fc1513bead550bd4c61690b527481c650d540fe8888b245c0d35f1a55914a321f13344f4be45cfc07d106c547cec05debc344c506b8c3adb0728a3f1923be535eeac5492758bd51ea3aab0d8df79168d885748644ba3f616ef15fba79d818a45c4da4478e5a1a682cd07505e3b5c2ef2255a8fc058e1a4c0683c70ccf0b38e74e6ca88408266dd090409bad6c75212192804dc013d3dadc4ae0dae0fabb9627e65f6218f3ad09f2f436b52844aa0d63c5bf9845588e8a1b6ceb38d0dc025eca4995e90cf3c7acd801cc543f6c26ed92c8082537d72063d173f48c4fd7aab447e33a72836bfcedb8acaadab1ce9162d82e5b797fda854c90f7028c3137e6ea72815b5a73103efb913ad9b5185ebbd0174a71e87c1283f52021b9c1b443c2d0ad2d97512af2e91e9d302a246b4f1adefba69155144ae0bde1ead8826641105b74519826fe55fb2030cc04f64c336980620bf23dde2d521a8ab0e1743848f1bf53f75373c7bbd57279893754a44119055fd1278cea2fbd324ec614488419b789c931ebfacbd42c9ef910a7bfa9f53170667ae227a31316b9783c109e6d9172debdac681bb0e287185ddf85854d7679cb8022fd26efcd55dc80be8ba2f3e62668f18186a9d90324e36ad8e30bff59d2e9745ca43be7be9e24fa3896d883491f79e72e7e2e4e2d012169d21c2e7b70edd707b1144ff87e8299b232594549a340a1a5e4a2f302f738d1266473516d2ce1a128af47d6136254163c8224a0c65921684d33b6330eea4551aa8cb6d853097d98123accab534d5878970dcf7dd9bbc92461b4c4ace67f5ce435203e6b39f2dba9ff504e639d744e6c3ddb53fcefec0b28df235c2e27b37d0f66ec19edc6acc9b710293851fb4f6d1b324de851aa368c4c25720676d8cf8cba3a1fcdda9053d915758c76b0018398da4f6c9ae6d8ccb384ce51402b4ffcd168a4b2e81e2c6423dbb74221ee5f6a21e9874f3f0000268e1e28cec744b449e8bd0951349186a9a9168a462982ae681e70eaed9ff0da0a91ba37e10428440e2b6fb53ad34445f86b400b687c3e412107de6c49adfd29370714be66132c43a588748ee9e88189f4b1a366657ce74b9281533e129d432d6f8aaceabe9953cadb0f2c1808d7630dec47b4305559ed0a2f4e17c49e1906b0febec47b4dad5017503b112441e8804c6b1ea252bd2d44876ccbecdc37ac70a21fdc4d2a5baac174db70e3e1370e01ebf1a42272500cd840aaa99d3120adcd30897d76e4a77a6244e46e0b4b5d7153a0c4148716b8c71ac1b88c6da412a2331ba0ae4d660db37505fca4c8a75362e71a424c168fc18e1e58a1175b18852620661d2476d20ab5e8a935dd9b72bea4e481182ceef04f5ab274727c37841d99b8aa3d3272487540f457db07178091ad49e50b7bf8351909a83c5bc8a3abc5d941d6b8d628ed74832c21c93a65bef1cefb74a2038737bb8d03fa998208331a8cdb67b05ca225ed0e56eb6f76ec2c221d9c9d0059ff098efa801168000964aee15aac2c652fe2ae84a71a0c51b7eae1cc95779dd5c564909ca5ce99e9ee437d8732238c0dc386f5b0313bbf3ef2504f881a9c84c005fc7232be24c8f1ac6505d8d45f0d5af15628841bc385fc532ae8f900d7ae218fb1b152cdaf9d5c06191ada4b0f6ae9763cb763ae991d9dc28de27edb25f649ae9eb57150e95469e1a4fb4f52d3266a2c3aecefb5d2d6b17d483172edcd2fd5349f0b5cb038175110e85b0f4e1a0e645160f6c63381002cb75751f7290c8452a7febf264278f0b556831b78851598904a49754558a40dc36c5594e305a5f9938e6a0e63e39742b3c1b4fe30cd2102c12c55fe00424de2568b5a67ab138411c7e7e94f70bdbf09df60dacc12f7a72eba90e10eb73f8f3cd7b54438f32653186c71975fedc5c822ebbd0197dff5cc7eb2942c8abde04b570e77d72cfe1126d430732903dcfcc4bd137c05ee93b58a2730abc496c6fc9a34f509b43d69e5c1a3c18b47af168f4a129dc1f243eea9fe95739ddc5e02691eebae8147019b27b72e0c3b3469fcea1a65097af93a5220fa024474094976e52b5a374a18b2fc3b437748dd7c46c42f607c74e39ef5ffa3764aa6badc1a6da195a6239c6d5aafb0122f955708281087ec0d6ed0caf98413cabbd2b9b5b1342b3e1cb85caae60292c861af200bd7939efabb69dbf27cb44a23ca6f669820f70d1975de267f58e2b2e64ef0b17bb0b074b5c91adba8f3205650b783105d2a43c798c72160f28715f7032226efaaeab6f39a57e0837a1d7ac9df2a4059e51b8b0e8f0387aaaecf925398d006e94fb98db879cd5f4192640866c283775561375ac76b3aaa3f9e228b30b6e327393abe17d7659a3d5ab89598161127d2a43acb57319c9cc987a2bed86546d45be92d7904d10307d9f2fecf33bfb3c4f29331e49b38a959585ac98254efa4bb0841e63b079bae1d069d50f08758489e699f06016188b55ccf9ecb97f6d75198d9576c2ee81d3ef1ac3db748a6bf1afba6d10f6bd6a9a589cffbb348d4aa091369706e26011e80a8fd5d57fa38d6b8328de98b3f748a54f21a7d0d646a8179f9ff0f71f5d030246a85c6828fa7fdc04a9f51a742e33175e181712da01d2cdba35f82cf836cbcb84e1da57b6a0c2a90946c7065f0425b015ec436175e2220c273b8aa6848fe235142c43ca8df9db45659fc5ce84ffcda9ad058b9a83e778d77896a60a4d1f51ad14b9b840cb11a325e70740847f1fea6143d4f8193abbceb2e7d986900000100538759ca1e81b4a5e4f8688774eb594f28117fb11efde05a94e4371b960ee05ff5bdd55d485c38de17d566ccd7ac38a1cfa427badbb9d648fb0a29b04f1d90ac9a521dc1e1ba40f46cc436b6b66e980608ed73f43e536f5ded2637da3b0b56f00faf03c9350669cfac4e8873b9e50c2d78b7f3160f54367c4e01100a30d12beee2e98fd8a70d07e1cc20b3db2adf9766d74806f320313fb92c56a2a879b7c9d03fe3b24b6ab1b3e8e8ad5c153303afabd871aac88b7efdd48c3fb47848f98e3d176a3ab6b3cca846ea32d950cb605517982f6844958b928302470a780d98c4b1a4b5ab01adc895c844fb9ac78ae8998de1f2ab8d0b21a81e5585601ef2fee598fef5c0ca9f0d749c156ed77d858f372023db32079ab1d44d75eae1b74101a3d31c885211152664a2dd0b3a9952f1d64c9a9ffd7480d48ceec13e0fa18bee849e3b0dffe05073cfe76fcdae647ca64e2c4864d9c080ba1f86c9c7ae632fbb3f9c0de1df72c372122321dfb969bed743ff4a6809cd4b8af60d8bb48f6fafc080bb4a7e55430796ad7e1ab7a0170b9259e14ab2875a6f9de4597aa5781f0a12fcd6588485be3bc6f15ab5d228b1144f616f5a0fde66943e5cbdfb511dca3c35222f53d6ce02c3c354b5071929c174d65f03e9501c481b1e4d223fe9424b469b907a821ef6ead43c8852cea298b1baf1ca39932526d9a1cbf5706ba47d694bf6a451dbff9727f8184c38b3c2f6c50f3459e6f7c32bd829c12d370fcd1940c583b28863e718dbe737662aa67147c9073ddb3ea47442fb4f8cb3db2c486cde6a480ba798362309269b06eb5f36465692899599db8b8f928b0d5ffd650737b18c0dc6a2b4a22ff842355f047f314f224e890a67ad8d92fe6fa4cca60859fa50779f3639bd20c6522a84680de3f181671ce762505f723930fddddea9884468f0349c3ef43468746914af91511db05b2e8ea31804c3cb78c411ab23df80edac64bd6a40711e5ed9146dfd0e090c84c4d6af48629ae746eddd57f93fa2b718245992a0c441ed7828c35522ff1943f2c46c2ade0267c2c811171c13f6b5a9704b126884c10a1c4671908b55b3dd1dc8b9b16dfaa17dc286c723a5f5edd878673b3ebe9d7170513179dea4d1081869e81ee4a01a9b4bb8cb2cae6679bb6871b1e95462cbef80f35076efc3e554f8d7c60ff6c704d5ec9a44c42f2bceb95c71bf5538557722948e9b552ea000a9756c3d84bc40c32ee97de6a9c900", 0x2000, &(0x7f0000004200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x60, 0x0, 0x6, {{0x0, 0xdc5, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffa, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80001)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x100000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mount$cgroup(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000400), 0x1008000, &(0x7f0000000440)={[{@noprefix}, {@subsystem='cpu'}, {@cpuset_v2_mode}, {@release_agent={'release_agent', 0x3d, './bus'}}, {@release_agent={'release_agent', 0x3d, './file0'}}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@subj_role={'subj_role', 0x3d, '.}(\xbb\\{'}}, {@context={'context', 0x3d, 'system_u'}}, {@flag='async'}, {@obj_role={'obj_role', 0x3d, '#^%![\'&]#%\\1-/$'}}, {@fowner_lt={'fowner<', r4}}]})
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001b80), r6)
sendmsg$IEEE802154_LIST_IFACE(r6, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="bbdf35bd7000fedbdf251f"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
r8 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x19d)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r9, 0x2000009)
sendfile(r8, r9, 0x0, 0x6)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='./bus\x00', &(0x7f0000000200), 0x1000080, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)

18.191056101s ago: executing program 0 (id=3118):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000600)={r1}, &(0x7f00000003c0)=0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r3, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r5 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x20000)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000001240), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="f597000000000000000013000000"], 0x14}}, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r3, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x3c, r8, 0x8, 0x70bd2c, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x42000)
r9 = syz_io_uring_setup(0xbda, &(0x7f00000005c0)={0x0, 0xec25, 0x8, 0x3, 0x40000333}, &(0x7f0000000dc0)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r9, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="05002abd7000e0dbfaa35f"], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x10)

17.631729832s ago: executing program 6 (id=3126):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x183, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x400000f5, 0x0, 0x32feb97c}]}) (async, rerun: 64)
r3 = socket$inet_tcp(0x2, 0x1, 0x0) (async, rerun: 64)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r7, @ANYBLOB="0c000280060001"], 0x24}}, 0x0) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r8}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
pipe2$9p(&(0x7f00000000c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0) (async)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r11}, 0x10) (async)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}}) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x7c, 0x0, @multicast1}}}}}, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getsockopt$inet_buf(r3, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x91)

17.472187899s ago: executing program 6 (id=3129):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)
r2 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x82)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x5, 0x12, r2, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x7f}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}}}}}}}}, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) (async)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800) (async)
syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x82) (async)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x5, 0x12, r2, 0x0) (async)
syz_emit_ethernet(0x6a, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x7f}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}}}}}}}}, 0x0) (async)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000040)) (async)

17.391984757s ago: executing program 6 (id=3131):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000cf0800004503"])
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x1002, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)
sendmsg$inet(r1, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
r5 = epoll_create(0x7)
r6 = epoll_create1(0x0)
r7 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000180))
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f00000000c0))
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r8, &(0x7f0000000240)={0x60000000})
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000100))
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25017c0000100036800c00020004000000000000000c000180060006008848"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

16.862037736s ago: executing program 5 (id=3139):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r3, 0xc0285628, &(0x7f00000001c0)={0x3, 0x1, 0x0, '\x00', 0x0}) (async)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x2}, 0x2000000) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x6, 0x8000, 0x40, 0x0, 0xffffffffffffffff, 0x2004cb, 0x0, 0xffffffffffff7ffe, 0x0, 0x0, 0x100000000004, 0x0, 0x0, 0x2, 0x7fffffff], 0x80a0000})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r2, 0x9362, 0x0)

16.749448022s ago: executing program 5 (id=3142):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @rand_addr=0x64010101}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8, 0xc, 0x40}]}}}]}, 0x40}}, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',acc,\x00'])

16.52797635s ago: executing program 6 (id=3146):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000002700), r0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
recvmmsg(r2, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=""/10, 0xa}, 0x3}], 0x2, 0x10122, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000240)={0x2, 'veth1_to_bridge\x00', {0x5}, 0x5})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x83, &(0x7f0000000140), 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'rr\x00', 0x1d, 0x1000, 0x4a}, 0x2c)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000003000000400001802c000400140001002d000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

16.527582122s ago: executing program 5 (id=3147):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x14)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000440)=0x5)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffffff, r0, &(0x7f0000000180)={[&(0x7f00000000c0)='/dev/nbd', &(0x7f0000000100)='cramfs\x00', &(0x7f0000000280)='\x93\x86\xb3Lh\xa4\xda.\x88XU\xddgr_mD\xa0n']}, &(0x7f0000000340)={[&(0x7f00000001c0)=',\x00', &(0x7f0000000200)='cramfs\x00', &(0x7f0000000140)='\x00', &(0x7f00000002c0)='#\\./\x00', &(0x7f0000000300)='\'\x00']}, 0x1000)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='cramfs\x00', 0x204001, 0x0)

6.88043737s ago: executing program 4 (id=3148):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000001c40), 0x4) (async)
syz_emit_ethernet(0x237, &(0x7f0000000080)=ANY=[@ANYBLOB="f3ac0f8d50cb454214521dba3eb100f9cc7be2c37ea3f08a1a0e71a6326f1e6637561834137f1f061e9c54f286c7fc509329f21b445b0309b46dabfbc3ee11cd33396400cba779e9e6891cec85da00976069e75381394afb8389166bdac1d80922f532a470ceaa7239cc5e8b56cfa24f26d99d2c8f1eb2d85e15"], 0x0)

6.880208552s ago: executing program 5 (id=3149):
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xe, "fe4042c317ae82c6d1a51a1e45a7"}, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000))
mknod(&(0x7f0000000080)='./bus\x00', 0x4, 0x6)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='ext2\x00', 0x8080, &(0x7f00000001c0)='discard')
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xe, "fe4042c317ae82c6d1a51a1e45a7"}, 0x0) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7}) (async)
ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000)) (async)
mknod(&(0x7f0000000080)='./bus\x00', 0x4, 0x6) (async)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='ext2\x00', 0x8080, &(0x7f00000001c0)='discard') (async)

29.387703ms ago: executing program 4 (id=3150):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$can_j1939(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x1d, 0x0, 0x2, {0x1, 0xf0, 0x2}, 0xfd}, 0x18, &(0x7f0000000080)={&(0x7f0000000100)="8a5e4fcc77299c58d753ba295410d091d14c7897c481ac6c021ed1c0b5f4999e7a6c8f96310eb49827320a9c9cbbda92228c896fa53fa82c7076a5480f8e892149cf4797e7ccd824b618e7b0df45cd330e4d33a1f6587f8fee3c2ab87fb86d7dd96030df574f6f1dc15604d370c0e0df974e8179cdd1a5e714574bd1be9e7468def43c6a9d556d7c0238d9cb77bc09e2c3094478c2354901891c8b3c7487f1fb5353e3c2944f4ea1a201ca7aabd7c31141950a809c28a8797c0f354de3beda4050bb4cf485fff12f98b76ce61d4ed8a8203bcee1a036534920dbe6abbd6eabedac4a76d5755d32a924ab3247b60455bee50b8d056ba8b47b5205f64d5a", 0xfd}, 0x1, 0x0, 0x0, 0x4000040}, 0x40001)
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r1, &(0x7f0000000200)={0x1d, 0x0, 0x4, {0x0, 0xff, 0x4}, 0xfe}, 0x18)

27.983998ms ago: executing program 0 (id=3151):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r0 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffc000/0x4000)=nil)
shmctl$SHM_LOCK(r0, 0xb)
statx(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100, 0x829, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010400000000000000000500fffe0900010073797a30000000002c000000030a01020000000000000000050000000900010073797a30000000000900030073797a3200000000e4040000060a010400000000000000000500000008000b40000000000900010073797a300000000008000940000000020c0005800800014000000000c4000740ab487b1b512f33a8dbd67a8b35f2405127f309901ea13e31d5810f85eae8f528c938c24abb1b1abbda2e7fa6e0758629bb09ed64a8ba5b2ef3c3591fd06d7e10d93c0857ecac854ac51ad69639d98adb2c1464e444cc1a6a2e7ee244622433b51f58606b063f4938101a7e764c957eba2e913b2ac10435471fa769740a1275cb467e5264b71bc8727fc12e9aba46e4a8abf3dda91e0da608d6a0a35573d5524fb25451cc23051887de4df85c8e771260c4943e78905aa1e7493027366ed1bea0d80304804800018008000100667764003c000280080001"], 0x558}}, 0x40)
r4 = semget$private(0x0, 0x207, 0x0)
semctl$SETALL(r4, 0x0, 0x11, &(0x7f00000003c0))
semctl$SEM_INFO(r4, 0x3, 0x13, &(0x7f00000010c0)=""/92)
read$FUSE(r2, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000001040)=ANY=[@ANYBLOB="1806000000000000000000000000000095000000000000002be112f70126c3a0978680a8c7aa7b78e24212ad9204a86aee03eca272f6e1f02adf1cd9f3099a0c4bdf1c7754ce9c8e953852a3310830e95801d1c2f83f16056583de49985d33491cd6ab3f123f545e395fbefe0b6cf204df"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS2(r7, 0x402c542b, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x3, 0xfc, "92b37108b47180a82c02e37c3b69568d3ccdd1", 0xfffffffc, 0x1})
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b32346d090890e0878f0e1ac6e7049b3371959b719a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_fuse_handle_req(r2, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, {0x40, 0x3, 0x0, 0xffff, 0x0, 0x100, 0x1, 0x1ff, 0x120, 0x6000, 0x0, 0x0, r5, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@empty}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, <r11=>0x0}, &(0x7f00000002c0)=0xc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={<r12=>0x0}, &(0x7f0000000340)=0xc)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = getpid()
getsockopt$SO_TIMESTAMP(r13, 0x1, 0x40, &(0x7f0000000440), &(0x7f0000000480)=0x4)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000600)={&(0x7f00007d1000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/205, 0xcd, 0x0, &(0x7f00000005c0)=""/33, 0x21}, &(0x7f0000000640)=0x40)
sendmsg$nl_generic(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x44, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x1, 0x0, 0x0, @pid=r14}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
shmctl$IPC_SET(r0, 0x1, &(0x7f0000000380)={{0x0, r1, r5, r10, r11, 0xb, 0x5ac7}, 0xfff, 0x4, 0x8, 0xfffffffffffffff9, r12, r14, 0x4})

27.712716ms ago: executing program 4 (id=3152):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x15, 0x0, 'lblcr\x00'}, 0x2c)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0x36f, 0x7}, &(0x7f0000000100)=0x8)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}})
umount2(&(0x7f0000000000)='./file0\x00', 0x3)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000001c00128009000100766c616e"], 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

27.533188ms ago: executing program 6 (id=3153):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
write(r1, &(0x7f0000000000)="b8d2b38d", 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x228102, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x20)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = open(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0000, 0x120)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x1, 0x0, 0x2000, &(0x7f0000ec3000/0x2000)=nil})
syz_kvm_setup_syzos_vm$x86(r3, &(0x7f0000c00000/0x400000)=nil)
fcntl$lock(r0, 0x24, 0x0)

27.366622ms ago: executing program 4 (id=3154):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000800000000000000004000000180100002020702500000000002020207b1af8ff00000000bfa108000000000047010000f6ffffffb702000008001000b703000000000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0x1}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x8, 0x0, 0x0, @private2, @local, {[@routing={0x0, 0x0, 0x0, 0x0, 0x31}]}}}}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x100000c2, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x16, 0x2, 0x1, "18e889d15b38429faa8ff62438eaed752e68f3a6d09382b392b049e33958b16c"})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000040)=0xd, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe0000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, &(0x7f0000000180)="0f09c744240033010000c744240200000000ff2c24640f21a13e66410fc7b4de2b2a16cc0fc71f0f983ec44229acce262e64660f38810af30f3266baf80cb84a44458aef66bafc0cec", 0x49}], 0x1, 0x80, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6d506f6c3d62696e643d7374617469633a302c008a0b0d8ca5417958502857158298c706c4c2b86833a0d0ca844bba1b9700"/69])

27.244899ms ago: executing program 5 (id=3155):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r2, 0x40305652, &(0x7f00000000c0)={0x0, 0x1, 0x10, 0x0, 0x2, 0x2080, 0x6ae0})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000005c0)={'wlan0\x00', <r3=>0x0})
r4 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2713, 0x0, &(0x7f0000000400))
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="21012cbd7000000000001400000008000300", @ANYRES32=r3], 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x5668a5a41429f6ce)

26.982007ms ago: executing program 0 (id=3156):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f000000040b2100000095f5758483"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x72, 0xa0, 0x66, 0x10, 0x2058, 0x1005, 0xe81f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xb4, 0x2, 0x0, 0x90, 0x27, 0xd0, 0x80}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000600), 0x4, 0x400000)
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
syz_usb_control_io$uac1(r2, 0x0, &(0x7f0000000a80)={0x44, &(0x7f0000000900)={0x0, 0xe, 0x1, "9e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$hiddev(r1, &(0x7f00000000c0)=""/122, 0x7a)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, &(0x7f0000000300)={0x20, 0xe, 0x2, '\x00\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
ioctl$HIDIOCSFLAG(r1, 0x4004480f, &(0x7f0000000080)=0x3)
ioctl$HIDIOCGUSAGES(r1, 0xd01c4813, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x67, 0xe, 0x59, 0x20, 0x55f, 0xc420, 0xc3ff, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x75, 0x0, 0x0, 0x11, 0x57, 0x98}}]}}]}}, 0x0)

26.779388ms ago: executing program 4 (id=3157):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="800000001000ffff24bd7000f8fadf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000000030000600012800b000100697036746e6c00005000028008000700"], 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'geneve0\x00', <r2=>0x0})
sendto$packet(r1, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x8100, r2}, 0x14)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00806d81e8f6877ea6241156c7e0b1dde0e88086f8c8a93df846c0dedadf30d07586670178d0a9fa699eaa87c0c377d4f71f429f71", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4, 0x0)
ioctl$DVD_WRITE_STRUCT(r5, 0x5390, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000000c0)=<r6=>0xffffffffffffffff)
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000001c0)=@multiplanar_overlay={0x4, 0x2, 0x4, 0x70000, 0x2, {}, {0x8701c4a3a7888587, 0xc, 0x3, 0x9, 0x1, 0x52, "3b7f61a8"}, 0xfff, 0x3, {&(0x7f0000000140)=[{0x6, 0xffff8001, {0x7}, 0x6}, {0xed0, 0x0, {0x59d}, 0x10001}]}, 0x14c, 0x0, r6})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000100)=0x1)

3.028722ms ago: executing program 0 (id=3158):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r1, &(0x7f0000001300)='7', 0x1)
read$char_usb(r1, &(0x7f0000000100)=""/204, 0xcc)
syz_usb_connect(0x1, 0x24, &(0x7f0000000200)=ANY=[], 0x0)
write$char_usb(r1, &(0x7f0000000bc0)="be", 0x1)
syz_usb_disconnect(r0)
syz_open_dev$evdev(0x0, 0x2, 0x400000)
syz_usb_connect$cdc_ncm(0x2, 0xfffffffffffffd14, 0x0, 0x0)

2.365293ms ago: executing program 4 (id=3159):
r0 = epoll_create1(0x0)
epoll_pwait(r0, 0xfffffffffffffffd, 0x21, 0x40, 0x0, 0x55)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x9b99}, 0x9, [0x7, 0x8, 0x5, 0x9, 0x5, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x9, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x8, 0x9, 0xd, 0x2, 0x12a3, 0x6, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x558e0d31, 0x4, 0x82, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7fff, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x3, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0xf], [0x8, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x7, 0x5, 0x2, 0x9, 0x4, 0x5, 0x1000, 0x0, 0x300b398, 0xebc9, 0xe, 0x39, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x80, 0xf1, 0x4, 0xab00000, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0x8000, 0x5, 0xfffffff9, 0x200004, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x5, 0x491, 0x8cf, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x40, 0x6, 0x7, 0x7, 0x5, 0x80000001, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x7, 0x3435, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd80, 0x10001, 0x17fc, 0x9d26, 0x5, 0x6, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x477, 0x9, 0xfffffffc, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0xfffffff8, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0x4, 0x9, 0x91, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x101, 0x80000005, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x7, 0xc, 0x7f, 0xffe, 0x1ff, 0x2000005, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x1400, 0x6, 0xb, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x13ffd, 0x1, 0x1b18]}, 0x45c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x101000)
ioctl$CEC_TRANSMIT(r3, 0xc0386105, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x6, 0x6, 0xe30, 0x3ff, "c2a0da871813beebb98f6cd3bde10363", 0x8, 0x91, 0x9, 0x2, 0x0, 0x0, 0xfc})
ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f0000000080)=0x0)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f00000001c0)=0x10001)
read$dsp(r4, &(0x7f00000000c0)=""/108, 0x6c)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_tracing={0x1a, 0x13, &(0x7f0000000b40)=ANY=[@ANYBLOB="180000000080ffff000000000200000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000183b000002000000000000000000000018180000", @ANYRES8=r1, @ANYBLOB="0000000000000000bf91000000a90000b7020000000000008500000084000000b700000000000000950000000049fb00980ba402d44b82725fb579a55b75a022f8fcd7d1a3492bd449a42ffb86eff61b28cf75e0e97ea97583e45e83302a3c728c64ed213ead79bfd4a5abfa05b77b9a1ed777263801b40125adf3d318038ddad866ce8b732d86ff13639a849d7571a094e3b907aa65a511b61c5cbff36262a113e838e696e179fdda016e28f78ab6a1456c4dfe81c7f6a118cb8d2c8b256169183c04c380b80eb2c773fdbccfc3c1c108835b9f34b9171396e2d469929f91b9", @ANYRESOCT=r4, @ANYRES16=r4], &(0x7f0000000140)='GPL\x00', 0x6, 0x7, &(0x7f0000000300)=""/7, 0x41000, 0x1, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000480)={0x8, 0x5, 0x564, 0x8}, 0x10, 0xbc3a, 0xffffffffffffffff, 0x4, &(0x7f0000000b00)=[0x1, r2, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000500)=[{0x0, 0x2, 0xd, 0x1}, {0x5, 0x1, 0x9, 0x8}, {0x0, 0x5, 0x7, 0x1}, {0x4, 0x1, 0x3, 0xa}], 0x10, 0x8}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000880)={0x0, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x4, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x30, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000740), &(0x7f0000000780), 0x8, 0x16, 0x8, 0x8, &(0x7f00000007c0)}}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="030000002800007a70ab2946f848a62ccdeb00", @ANYRES32=r6, @ANYRES64=0x0], 0x20)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000004300090000000000000000000300000008000200", @ANYRES32=r7], 0x1c}}, 0x24000044)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f00000002c0)=0x1)
read$dsp(r4, &(0x7f0000000200)=""/168, 0xa8)
r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r10 = dup(r9)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000440)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0xfffffffffffffe84)
syz_kvm_setup_cpu$x86(r9, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

2.228862ms ago: executing program 5 (id=3160):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x18, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x6, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x1ff}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x3, 0x4, 0x4}, {0x6, 0x24, 0x1a, 0xc, 0x14}}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0xe, 0x9f}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0xa, 0xb, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xb, 0x3, 0x7}}}}}}}]}}, 0x0)
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x4004550d, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x0, 0x0, 0x83, 0xec}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 6 (id=3161):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000240)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0)
ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068)

kernel console output (not intermixed with test programs):

 'hsr'
[  225.723507][T13774] Cannot create hsr debugfs directory
[  225.741483][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  225.791518][   T54] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  225.799279][ T1144] tipc: Disabling bearer <udp:s>
[  225.808081][ T1144] tipc: Left network mode
[  225.904377][T13816] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.951951][   T54] usb 9-1: Using ep0 maxpacket: 8
[  225.967755][   T54] usb 9-1: config 179 has an invalid interface number: 65 but max is 0
[  225.971239][   T54] usb 9-1: config 179 has no interface number 0
[  225.974837][   T54] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  225.975215][T13833] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !å¯fIZEô¿¹ô,ô =©ÜÝ$)²% Ä‚L
[  225.979396][   T54] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  225.988848][   T54] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 102, changing to 10
[  225.996651][   T54] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 24624, setting to 1024
[  226.001482][   T54] usb 9-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  226.001589][ T1144] batadv_slave_1: left promiscuous mode
[  226.007288][   T54] usb 9-1: config 179 interface 65 has no altsetting 0
[  226.007330][   T54] usb 9-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  226.007350][   T54] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.030880][ T1144] hsr_slave_0: left promiscuous mode
[  226.036748][ T1144] hsr_slave_1: left promiscuous mode
[  226.038893][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  226.044686][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  226.050972][   T54] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:179.65/input/input45
[  226.062587][ T5982] Bluetooth: hci3: command tx timeout
[  226.090131][ T1144] pimreg3 (unregistering): left allmulticast mode
[  226.109218][ T5366] input input45: unable to receive magic message: -110
[  226.127403][ T5366] input input45: unable to receive magic message: -32
[  226.131337][ T5366] input input45: unable to receive magic message: -32
[  226.132460][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  226.161403][ T5366] input input45: unable to receive magic message: -32
[  226.170267][ T5990] input input45: unable to receive magic message: -32
[  226.186950][ T5366] input input45: unable to receive magic message: -32
[  226.236370][    C2] xpad 9-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  226.250319][   T54] usb 9-1: USB disconnect, device number 15
[  226.447146][T13805] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2349'.
[  226.533613][ T5982] Bluetooth: hci4: command 0x0c1a tx timeout
[  227.120579][T13852] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pid=13852 comm=syz.4.2357
[  227.175104][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  227.995792][   T40] audit: type=1401 audit(1757273187.979:62376): op=setxattr invalid_context="system_u:object_r:crond_var_run_t:s0"
[  228.108593][   T40] audit: type=1400 audit(1757273188.098:62377): avc:  denied  { setattr } for  pid=13866 comm="syz.4.2359" name="sr0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1
[  228.140585][ T5982] Bluetooth: hci3: command tx timeout
[  228.228160][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  228.244131][T13879] XFS (nullb0): Invalid superblock magic number
[  228.423868][T13893] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2366'.
[  228.430869][T13774] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  228.436465][T13894] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2366'.
[  228.455906][T13774] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  228.463449][T13894] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2366'.
[  228.466603][T13774] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  228.467331][T13893] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2366'.
[  228.478969][T13774] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  228.542580][T13774] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.566093][T13774] 8021q: adding VLAN 0 to HW filter on device team0
[  228.574691][ T1144] IPVS: stop unused estimator thread 0...
[  228.587463][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.590438][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.596154][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.598570][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.711606][ T1144] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.808276][ T1144] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.841343][T13774] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.870246][T13774] veth0_vlan: entered promiscuous mode
[  228.877828][T13774] veth1_vlan: entered promiscuous mode
[  228.925295][ T1144] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.954916][T13774] veth0_macvtap: entered promiscuous mode
[  228.962998][T13774] veth1_macvtap: entered promiscuous mode
[  228.976889][T13774] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.988567][T13774] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.995372][ T1256] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.998359][ T1256] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.002834][ T1256] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.005742][ T1256] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.040247][ T1144] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.109298][ T1256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.113358][ T1256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.138211][ T1256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.142731][ T1256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.268454][   T40] audit: type=1400 audit(1757273189.256:62378): avc:  denied  { unmount } for  pid=10532 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  229.269900][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  229.333686][T13953] 9pnet: p9_errstr2errno: server reported unknown error ?ãØnª
[  229.333686][T13953] k‡l
[  229.366374][ T1144] erspan0 (unregistering): left promiscuous mode
[  229.566242][   T40] audit: type=1400 audit(1757273189.545:62379): avc:  denied  { read } for  pid=13965 comm="syz.2.2380" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  229.576489][   T40] audit: type=1400 audit(1757273189.545:62380): avc:  denied  { open } for  pid=13965 comm="syz.2.2380" path="/dev/rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  229.580523][   T54] page_pool_release_retry() stalled pool shutdown: id 29, 3329 inflight 121 sec
[  229.587157][   T40] audit: type=1400 audit(1757273189.545:62381): avc:  denied  { ioctl } for  pid=13965 comm="syz.2.2380" path="/dev/rtc0" dev="devtmpfs" ino=944 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  229.602378][   T40] audit: type=1400 audit(1757273189.575:62382): avc:  denied  { accept } for  pid=13958 comm="syz.4.2379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  229.724792][ T5982] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1
[  229.754489][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.761382][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.767716][ T1144] bond0 (unregistering): Released all slaves
[  229.860317][ T1144] tipc: Disabling bearer <udp:s>
[  229.866087][ T1144] tipc: Left network mode
[  230.124625][   T40] audit: type=1326 audit(1757273190.104:62383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.2.2384" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6b8b8ebe9 code=0x0
[  230.141260][ T1144] batadv_slave_1: left promiscuous mode
[  230.154254][ T1144] hsr_slave_0: left promiscuous mode
[  230.157321][ T1144] hsr_slave_1: left promiscuous mode
[  230.160261][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.166649][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.175113][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.175878][T13989] openvswitch: netlink: IPv4 frag type 238 is out of range max 2
[  230.178408][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.212108][ T5989] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  230.219158][ T5989] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  230.226057][ T5989] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  230.249414][ T5989] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  230.259423][ T5989] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  230.277695][ T1144] veth1_macvtap: left promiscuous mode
[  230.280186][ T1144] veth0_macvtap: left promiscuous mode
[  230.284909][ T1144] veth1_vlan: left promiscuous mode
[  230.287548][ T1144] veth0_vlan: left promiscuous mode
[  230.361019][ T1144] pim6reg9 (unregistering): left allmulticast mode
[  231.068674][T14001] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  231.073004][T14001] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  231.229163][   T40] audit: type=1400 audit(1757273191.202:62384): avc:  denied  { ioctl } for  pid=14004 comm="syz.2.2388" path="socket:[59488]" dev="sockfs" ino=59488 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  231.358057][ T1144] team0 (unregistering): Port device team_slave_1 removed
[  231.466492][   T40] audit: type=1400 audit(1757273191.442:62385): avc:  denied  { mounton } for  pid=14011 comm="syz.2.2391" path="/13/file1" dev="autofs" ino=59518 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  231.498450][ T1144] team0 (unregistering): Port device team_slave_0 removed
[  232.316166][ T5982] Bluetooth: hci0: command tx timeout
[  232.431105][T13677] syz_tun (unregistering): left allmulticast mode
[  232.434109][T13677] syz_tun (unregistering): left promiscuous mode
[  232.444097][   T29] lo speed is unknown, defaulting to 1000
[  232.447880][   T29] infiniband syz0: ib_query_port failed (-19)
[  232.620112][T13990] chnl_net:caif_netlink_parms(): no params data found
[  232.688506][T14031] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20002
[  232.780451][T14035] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2396'.
[  232.847180][T13990] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.849561][T13990] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.851847][T13990] bridge_slave_0: entered allmulticast mode
[  232.853109][T14049] netlink: 'syz.4.2398': attribute type 15 has an invalid length.
[  232.854702][T13990] bridge_slave_0: entered promiscuous mode
[  232.859293][T14049] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2398'.
[  232.862952][T13990] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.868362][T13990] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.870987][T13990] bridge_slave_1: entered allmulticast mode
[  232.874178][T13990] bridge_slave_1: entered promiscuous mode
[  232.945125][T13990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.950550][T13990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.000316][T13990] team0: Port device team_slave_0 added
[  233.006556][T13990] team0: Port device team_slave_1 added
[  233.067474][T13990] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.067838][ T1144] IPVS: stop unused estimator thread 0...
[  233.070361][T13990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.083738][T13990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.090967][T13990] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.093916][T13990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.104737][T13990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.184018][T13990] hsr_slave_0: entered promiscuous mode
[  233.187685][T13990] hsr_slave_1: entered promiscuous mode
[  233.190836][T13990] debugfs: 'hsr0' already exists in 'hsr'
[  233.193350][T13990] Cannot create hsr debugfs directory
[  233.247158][ T7003] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  233.347853][ T5982] Bluetooth: hci3: command tx timeout
[  233.355037][T13990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.360488][T13990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  233.365143][T13990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.409706][ T7003] usb 9-1: config 0 has no interfaces?
[  233.413417][ T7003] usb 9-1: New USB device found, idVendor=7d25, idProduct=8e26, bcdDevice= 0.40
[  233.417491][ T7003] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  233.421146][ T7003] usb 9-1: Product: syz
[  233.422940][ T7003] usb 9-1: Manufacturer: syz
[  233.426527][ T7003] usb 9-1: config 0 descriptor??
[  233.461426][T13990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.464984][T13990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  233.469386][T13990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.559682][T13990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.563803][T13990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  233.567059][T13990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.645114][T13990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.650501][ T7003] usb 9-1: USB disconnect, device number 16
[  233.652892][T13990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  233.656388][T13990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.731120][T14081] program syz.3.2404 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  233.791956][T13990] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  233.797669][T13990] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  233.808815][T13990] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  233.815166][T13990] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  233.891800][T13990] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.905287][T13990] 8021q: adding VLAN 0 to HW filter on device team0
[  233.911074][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.913931][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.928983][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.931346][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.103056][T13990] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.147011][T13990] veth0_vlan: entered promiscuous mode
[  234.153642][T13990] veth1_vlan: entered promiscuous mode
[  234.156459][   T40] audit: type=1326 audit(1757273194.127:62386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14111 comm="syz.3.2410" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0dd6d8ebe9 code=0x0
[  234.165368][   T40] audit: type=1326 audit(1757273194.127:62387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14111 comm="syz.3.2410" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0dd6d8ebe9 code=0x0
[  234.176795][T13990] veth0_macvtap: entered promiscuous mode
[  234.181833][T13990] veth1_macvtap: entered promiscuous mode
[  234.193967][T13990] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.201755][T13990] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.211351][ T1145] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.214932][ T1145] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.220663][ T1145] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.223888][ T1145] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.267453][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.270475][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.289083][ T1256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.292398][ T1256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.319703][ T6339] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  234.337945][T14118] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2383'.
[  234.346934][T14118] netlink: 'syz.0.2383': attribute type 12 has an invalid length.
[  234.352744][T14118] kvm: user requested TSC rate below hardware speed
[  234.377205][T14118] kvm: vcpu 0: requested 148514 ns lapic timer period limited to 200000 ns
[  234.380980][T14118] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  234.389293][ T5982] Bluetooth: hci0: command tx timeout
[  234.491776][ T6339] usb 9-1: config 0 has no interfaces?
[  234.495798][ T6339] usb 9-1: New USB device found, idVendor=7d25, idProduct=8e26, bcdDevice= 0.40
[  234.500293][ T6339] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  234.503909][ T6339] usb 9-1: Product: syz
[  234.505509][ T6339] usb 9-1: Manufacturer: syz
[  234.508986][ T6339] usb 9-1: config 0 descriptor??
[  234.762262][ T5840] usb 9-1: USB disconnect, device number 17
[  235.140188][ T6339] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[  235.311333][ T6339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64
[  235.315078][ T6339] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  235.319765][ T6339] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  235.324610][ T6339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.328806][ T6339] usb 5-1: config 0 descriptor??
[  235.341141][ T6339] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  235.408597][T14139] tipc: Started in network mode
[  235.411514][T14139] tipc: Node identity ac14140f, cluster identity 4711
[  235.414812][T14139] tipc: New replicast peer: 172.30.0.3
[  235.417495][T14139] tipc: Enabled bearer <udp:syz2>, priority 10
[  235.487774][   T40] audit: type=1400 audit(1757273195.455:62388): avc:  denied  { append } for  pid=14148 comm="syz.4.2418" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  235.632894][   T40] audit: type=1400 audit(1757273195.605:62389): avc:  denied  { prog_load } for  pid=14156 comm="syz.4.2422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  235.645441][T14157] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2422'.
[  235.649591][T14157] fuse: Bad value for 'fd'
[  235.661603][T14157] comedi: No check for data length of config insn id 3 is implemented
[  235.665833][T14157] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  235.670406][T14157] comedi: Assuming n=15 is correct
[  235.759126][   T40] audit: type=1400 audit(1757273195.725:62390): avc:  denied  { write } for  pid=14162 comm="syz.2.2425" name="001" dev="devtmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  235.785058][T14165] netlink: 'syz.4.2426': attribute type 9 has an invalid length.
[  236.219023][   T40] audit: type=1400 audit(1757273196.184:62391): avc:  denied  { map_create } for  pid=14193 comm="syz.3.2435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  236.222525][T14194] sctp: [Deprecated]: syz.3.2435 (pid 14194) Use of struct sctp_assoc_value in delayed_ack socket option.
[  236.222525][T14194] Use struct sctp_sack_info instead
[  236.228980][   T40] audit: type=1400 audit(1757273196.184:62392): avc:  denied  { map_read map_write } for  pid=14193 comm="syz.3.2435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  236.378623][   T40] audit: type=1400 audit(1757273196.344:62393): avc:  denied  { prog_run } for  pid=14203 comm="syz.4.2439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  236.390830][T14207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2438'.
[  236.397157][T14207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2438'.
[  236.414413][   T40] audit: type=1400 audit(1757273196.384:62394): avc:  denied  { read } for  pid=14209 comm="syz.3.2440" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  236.422486][ T6048] tipc: Node number set to 2886997007
[  236.424708][   T40] audit: type=1400 audit(1757273196.384:62395): avc:  denied  { open } for  pid=14209 comm="syz.3.2440" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  236.473338][ T5982] Bluetooth: hci0: command tx timeout
[  236.519496][T14226] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  236.522254][T14226] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  236.528437][T14226] vhci_hcd vhci_hcd.0: Device attached
[  236.535224][T14227] vhci_hcd: connection closed
[  236.537194][   T12] vhci_hcd: stop threads
[  236.542739][   T12] vhci_hcd: release socket
[  236.545204][   T12] vhci_hcd: disconnect device
[  236.566880][T14234] erspan1: entered promiscuous mode
[  236.602650][T14242] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2449'.
[  236.616806][T14244] team0: Device gtp0 is of different type
[  236.970780][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.090983][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.127477][T14261] pimreg3: entered allmulticast mode
[  237.156919][T14263] binder: 14262:14263 ioctl 4018f514 200000000080 returned -22
[  237.172523][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.190390][ T5989] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  237.196229][ T5989] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  237.200777][ T5989] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  237.211050][ T5989] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  237.225821][ T5989] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  237.254270][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.285095][T14262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.429542][T14264] chnl_net:caif_netlink_parms(): no params data found
[  237.441584][   T13] bridge_slave_1: left allmulticast mode
[  237.444422][   T13] bridge_slave_1: left promiscuous mode
[  237.446802][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.454350][   T13] bridge_slave_0: left allmulticast mode
[  237.456815][   T13] bridge_slave_0: left promiscuous mode
[  237.459326][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.942131][   T10] usb 5-1: USB disconnect, device number 37
[  237.948315][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.958480][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  237.970540][   T13] bond0 (unregistering): Released all slaves
[  237.975379][T14291] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2464'.
[  238.077378][   T13] tipc: Disabling bearer <udp:syz2>
[  238.084935][   T13] tipc: Left network mode
[  238.234151][T14264] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.237212][T14264] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.240554][T14264] bridge_slave_0: entered allmulticast mode
[  238.244310][ T6075] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  238.249029][T14264] bridge_slave_0: entered promiscuous mode
[  238.279648][T14264] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.282737][T14264] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.286571][T14264] bridge_slave_1: entered allmulticast mode
[  238.290590][T14264] bridge_slave_1: entered promiscuous mode
[  238.363358][T14264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  238.380960][T14264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  238.391324][   T13] hsr_slave_0: left promiscuous mode
[  238.393600][   T13] hsr_slave_1: left promiscuous mode
[  238.397843][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.400997][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.405434][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.407910][ T6075] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  238.408611][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.417873][ T6075] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  238.421595][ T6075] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  238.425859][ T6075] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  238.430577][ T6075] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  238.435690][ T6075] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  238.439930][ T6075] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  238.443676][ T6075] usb 9-1: Product: syz
[  238.444202][   T13] veth1_macvtap: left promiscuous mode
[  238.447073][ T6075] usb 9-1: Manufacturer: syz
[  238.450116][   T13] veth0_macvtap: left promiscuous mode
[  238.452537][   T13] veth1_vlan: left promiscuous mode
[  238.454705][ T6075] cdc_wdm 9-1:1.0: skipping garbage
[  238.454998][   T13] veth0_vlan: left promiscuous mode
[  238.457423][ T6075] cdc_wdm 9-1:1.0: skipping garbage
[  238.463529][ T6075] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  238.466194][ T6075] cdc_wdm 9-1:1.0: Unknown control protocol
[  238.554590][ T5989] Bluetooth: hci0: command tx timeout
[  238.670697][ T6075] usb 9-1: USB disconnect, device number 18
[  239.278304][ T5989] Bluetooth: hci2: command tx timeout
[  239.305490][  T839] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  239.364185][   T13] team0 (unregistering): Port device team_slave_1 removed
[  239.472256][   T13] team0 (unregistering): Port device team_slave_0 removed
[  239.478237][  T839] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  239.481686][  T839] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  239.486111][  T839] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  239.489690][  T839] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  239.494182][  T839] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  239.500515][  T839] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  239.504278][  T839] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  239.507438][  T839] usb 9-1: Product: syz
[  239.508780][  T839] usb 9-1: Manufacturer: syz
[  239.513321][  T839] cdc_wdm 9-1:1.0: skipping garbage
[  239.515169][  T839] cdc_wdm 9-1:1.0: skipping garbage
[  239.524772][  T839] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  239.527587][  T839] cdc_wdm 9-1:1.0: Unknown control protocol
[  240.066589][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.069005][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.074331][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.077279][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.084022][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.086423][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.093915][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.096551][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.099458][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.107632][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.110742][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.113515][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.115912][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.122861][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.127296][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.129780][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.132326][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.134927][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.137326][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.140249][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.143519][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.146210][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.148750][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.151125][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.153722][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.156141][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.159014][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.161544][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.164101][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.166473][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.168999][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.171870][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.174964][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.178150][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.182869][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.185228][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.187204][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.189008][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.190942][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.192758][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.194634][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.196423][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.198346][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.200154][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.207139][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.209107][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.210881][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.212792][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.214564][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.216423][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.218172][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.220035][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.221826][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.223686][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.225726][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.227696][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.229507][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.231535][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.233623][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.235551][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.237698][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.239654][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.241436][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.243347][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.245081][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.246987][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.248760][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.250666][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.252408][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.254342][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.256110][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.258184][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.260101][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.261906][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.264189][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.266001][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.267907][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.269702][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.271550][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.273393][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.275410][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.277217][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.279140][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.281069][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.282865][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.284791][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.286604][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.288522][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.290464][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.292236][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.294117][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.295849][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.297779][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.299583][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.301445][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.303175][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.305267][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.307006][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.309015][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.310949][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.312759][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.314701][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.316482][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.318865][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.320819][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.322569][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.324508][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.326323][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.328194][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.330096][    C3] cdc_wdm 9-1:1.0: Stall on int endpoint
[  240.332128][    C3] cdc_wdm 9-1:1.0: Cannot schedule work
[  240.333966][    C3] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  240.349426][  T839] usb 9-1: USB disconnect, device number 19
[  240.442443][T14264] team0: Port device team_slave_0 added
[  240.452106][T14264] team0: Port device team_slave_1 added
[  240.538908][T14264] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.541498][T14264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.551754][T14264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.558224][T14264] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.560748][T14264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.571142][T14264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  240.631325][T14264] hsr_slave_0: entered promiscuous mode
[  240.634397][T14264] hsr_slave_1: entered promiscuous mode
[  240.637175][T14264] debugfs: 'hsr0' already exists in 'hsr'
[  240.639412][T14264] Cannot create hsr debugfs directory
[  240.686031][T14344] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2477'.
[  240.886985][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  240.886996][   T40] audit: type=1326 audit(1757273200.849:62401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14365 comm="syz.0.2482" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f25eed8ebe9 code=0x0
[  240.955209][T14264] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  240.963168][T14264] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  240.967273][T14264] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  240.974104][T14264] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  240.997620][   T40] audit: type=1400 audit(1757273200.968:62402): avc:  denied  { watch_sb } for  pid=14373 comm="syz.4.2484" path="/229" dev="tmpfs" ino=1250 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  241.036317][T14392] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2486'.
[  241.054393][T14264] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.078922][T14396] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2487'.
[  241.125743][T14264] 8021q: adding VLAN 0 to HW filter on device team0
[  241.145797][   T96] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.148112][   T96] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.162008][   T96] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.164298][   T96] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.195250][T14264] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  241.198749][T14264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  241.253521][   T40] audit: type=1400 audit(1757273201.218:62403): avc:  denied  { read } for  pid=14420 comm="syz.3.2492" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  241.264505][   T40] audit: type=1400 audit(1757273201.218:62404): avc:  denied  { open } for  pid=14420 comm="syz.3.2492" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  241.284324][   T40] audit: type=1400 audit(1757273201.218:62405): avc:  denied  { ioctl } for  pid=14420 comm="syz.3.2492" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  241.292235][   T40] audit: type=1400 audit(1757273201.218:62406): avc:  denied  { call } for  pid=14420 comm="syz.3.2492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  241.310557][T14426] binder_alloc: 14420: binder_alloc_buf, no vma
[  241.315125][T14426] overlayfs: overlapping lowerdir path
[  241.315561][T14264] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.333052][T14409] overlayfs: failed to resolve './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  241.333229][   T40] audit: type=1400 audit(1757273201.298:62407): avc:  denied  { mounton } for  pid=14408 comm="syz.0.2489" path="/13/file0" dev="tmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  241.367939][ T5989] Bluetooth: hci2: command tx timeout
[  241.511343][T14264] veth0_vlan: entered promiscuous mode
[  241.517258][T14264] veth1_vlan: entered promiscuous mode
[  241.536908][T14264] veth0_macvtap: entered promiscuous mode
[  241.544003][T14264] veth1_macvtap: entered promiscuous mode
[  241.561586][T14264] batman_adv: batadv0: Interface activated: batadv_slave_0
[  241.575450][T14264] batman_adv: batadv0: Interface activated: batadv_slave_1
[  241.586280][ T1144] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  241.593621][ T1144] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  241.597422][ T1144] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  241.605908][ T1144] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  241.656655][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.659676][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.681412][T14453] macvlan2: entered promiscuous mode
[  241.683402][T14453] macvlan2: entered allmulticast mode
[  241.691249][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.694648][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.739022][T14457] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  241.742740][T14457] efs: cannot read volume header
[  241.789187][T14461] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2500'.
[  241.792645][T14461] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2500'.
[  241.795611][T14461] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2500'.
[  241.821808][T14463] random: crng reseeded on system resumption
[  241.833425][T14463] Restarting kernel threads ...
[  241.835521][T14463] Done restarting kernel threads.
[  241.989822][T14475] bridge0: port 1(veth0_to_bridge) entered blocking state
[  241.990323][   T40] audit: type=1400 audit(1757273201.948:62408): avc:  denied  { write } for  pid=14474 comm="syz.4.2505" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  241.992301][T14475] bridge0: port 1(veth0_to_bridge) entered disabled state
[  242.003268][T14475] veth0_to_bridge: entered allmulticast mode
[  242.006272][T14475] veth0_to_bridge: entered promiscuous mode
[  242.009420][T14475] bridge0: port 1(veth0_to_bridge) entered blocking state
[  242.011689][T14475] bridge0: port 1(veth0_to_bridge) entered forwarding state
[  242.033462][T14475] input: syz0 as /devices/virtual/input/input46
[  242.651324][T14495] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2509'.
[  242.654564][T14495] netlink: 43 bytes leftover after parsing attributes in process `syz.5.2509'.
[  242.657426][T14495] netlink: 'syz.5.2509': attribute type 5 has an invalid length.
[  242.660830][T14495] netlink: 43 bytes leftover after parsing attributes in process `syz.5.2509'.
[  242.763046][T14502] sctp: [Deprecated]: syz.5.2511 (pid 14502) Use of int in maxseg socket option.
[  242.763046][T14502] Use struct sctp_assoc_value instead
[  242.907103][T14521] veth1_to_batadv: entered promiscuous mode
[  242.948697][T14523] FAULT_INJECTION: forcing a failure.
[  242.948697][T14523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.954251][T14523] CPU: 3 UID: 0 PID: 14523 Comm: syz.5.2517 Not tainted syzkaller #0 PREEMPT(full) 
[  242.954275][T14523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.954287][T14523] Call Trace:
[  242.954293][T14523]  <TASK>
[  242.954299][T14523]  dump_stack_lvl+0x16c/0x1f0
[  242.954360][T14523]  should_fail_ex+0x512/0x640
[  242.954392][T14523]  _copy_from_user+0x2e/0xd0
[  242.954417][T14523]  copy_msghdr_from_user+0x98/0x160
[  242.954435][T14523]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  242.954467][T14523]  ___sys_sendmsg+0xfe/0x1d0
[  242.954488][T14523]  ? __pfx____sys_sendmsg+0x10/0x10
[  242.954538][T14523]  __sys_sendmsg+0x16d/0x220
[  242.954558][T14523]  ? __pfx___sys_sendmsg+0x10/0x10
[  242.954587][T14523]  ? fput+0x9b/0xd0
[  242.954614][T14523]  do_syscall_64+0xcd/0x4c0
[  242.954633][T14523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.954652][T14523] RIP: 0033:0x7fbcc6f8ebe9
[  242.954668][T14523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.954685][T14523] RSP: 002b:00007fbcc7e6d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  242.954702][T14523] RAX: ffffffffffffffda RBX: 00007fbcc71b5fa0 RCX: 00007fbcc6f8ebe9
[  242.954714][T14523] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000003
[  242.954725][T14523] RBP: 00007fbcc7e6d090 R08: 0000000000000000 R09: 0000000000000000
[  242.954737][T14523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.954748][T14523] R13: 00007fbcc71b6038 R14: 00007fbcc71b5fa0 R15: 00007ffdda27f858
[  242.954769][T14523]  </TASK>
[  243.187820][T14533] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2519'.
[  243.285420][   T40] audit: type=1400 audit(1757273203.246:62409): avc:  denied  { setattr } for  pid=14547 comm="syz.5.2523" name="file0" dev="tmpfs" ino=73 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  243.303984][   T40] audit: type=1400 audit(1757273203.266:62410): avc:  denied  { watch watch_reads } for  pid=14549 comm="syz.0.2524" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="hugetlbfs" ino=63730 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  243.343368][T14554] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  243.364162][T14554] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.446703][T14552] tipc: Started in network mode
[  243.448783][T14552] tipc: Node identity ac1414aa, cluster identity 4711
[  243.449728][ T5989] Bluetooth: hci2: command tx timeout
[  243.451446][T14552] tipc: Enabled bearer <udp:s>, priority 10
[  243.685789][T14560] 9pnet_fd: p9_fd_create_unix (14560): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  243.687932][T14560] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2528'.
[  243.730724][T14560] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2528'.
[  243.777415][T14563] netlink: 'syz.5.2529': attribute type 5 has an invalid length.
[  243.826475][T14565] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  243.834276][T14567] I/O error, dev loop5, sector 128 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[  243.842507][T14567] gfs2: error -5 reading superblock
[  243.846980][T14567] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2531'.
[  244.142250][T14590] xfrm0: mtu greater than device maximum
[  244.173804][T14600] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2542'.
[  244.178234][T14600] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2304 sclass=netlink_route_socket pid=14600 comm=syz.4.2542
[  244.238220][T14606] tmpfs: Bad value for 'mpol'
[  244.242254][T14606] trusted_key: encrypted_key: master key parameter is missing
[  244.251473][T14608] sp0: Synchronizing with TNC
[  244.254431][T14608] sp0: Found TNC
[  244.255921][T14607] [U] è`
[  244.283806][T14610] fuse: Unknown parameter 'd'
[  244.326260][T14604] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  244.449595][ T6893] tipc: Node number set to 2886997162
[  244.491674][T14621] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.2551'.
[  244.698186][T14634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2555'.
[  244.702268][T14634] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2555'.
[  244.707666][T14633] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=14633 comm=syz.4.2554
[  244.712461][T14633] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14633 comm=syz.4.2554
[  244.762757][T14635] fuse: Bad value for 'fd'
[  244.866354][T14639] netlink: 184 bytes leftover after parsing attributes in process `syz.5.2557'.
[  244.871655][T14639] xt_socket: unknown flags 0xd0
[  245.008748][T14647] cgroup: Name too long
[  245.212421][T14655] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2562'.
[  245.388468][T14665] bridge_slave_0: left allmulticast mode
[  245.391007][T14665] bridge_slave_0: left promiscuous mode
[  245.393402][T14665] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.401826][T14665] bridge_slave_1: left allmulticast mode
[  245.404231][T14665] bridge_slave_1: left promiscuous mode
[  245.406190][T14665] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.415147][T14665] bond0: (slave bond_slave_0): Releasing backup interface
[  245.421413][T14665] bond0: (slave bond_slave_1): Releasing backup interface
[  245.428157][T14665] team0: Port device team_slave_0 removed
[  245.434631][T14665] team0: Port device team_slave_1 removed
[  245.437285][T14665] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.446128][T14665] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.450472][T14665] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.453555][T14665] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.529459][ T5989] Bluetooth: hci2: command tx timeout
[  245.531637][T14634] overlayfs: statfs failed on './file0'
[  245.566439][T14672] netlink: 'syz.3.2567': attribute type 2 has an invalid length.
[  245.568985][T14672] netlink: 'syz.3.2567': attribute type 1 has an invalid length.
[  245.612427][T14677] 9pnet_virtio: no channels available for device syz
[  245.927413][T14704] No control pipe specified
[  246.045198][   T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.064249][T14711] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  246.138085][   T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.265433][   T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.272092][ T5982] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  246.276577][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  246.276587][   T40] audit: type=1400 audit(1757273206.238:62429): avc:  denied  { append } for  pid=14728 comm="syz.5.2585" name="pfkey" dev="proc" ino=4026533567 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  246.278522][ T5982] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  246.278713][T14730] netlink: 'syz.5.2585': attribute type 4 has an invalid length.
[  246.281921][ T5982] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  246.283304][ T5982] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  246.283901][ T5982] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  246.326816][T14732] netlink: 'syz.4.2586': attribute type 10 has an invalid length.
[  246.342392][T14732] tipc: Resetting bearer <eth:team0>
[  246.348196][T14732] team0: Cannot enslave team device to itself
[  246.387348][   T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.466315][   T40] audit: type=1400 audit(1757273206.428:62430): avc:  denied  { transfer } for  pid=14741 comm="syz.5.2589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  246.484305][T14744] bridge1: entered promiscuous mode
[  246.531584][T14727] chnl_net:caif_netlink_parms(): no params data found
[  246.605081][   T61] bridge_slave_1: left allmulticast mode
[  246.607158][   T61] bridge_slave_1: left promiscuous mode
[  246.610115][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.616679][   T61] bridge_slave_0: left allmulticast mode
[  246.621401][   T61] bridge_slave_0: left promiscuous mode
[  246.623882][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.023375][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.027692][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.032021][   T61] bond0 (unregistering): Released all slaves
[  247.039507][   T61] bond1 (unregistering): Released all slaves
[  247.074093][T14751] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  247.079260][T14727] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.082414][T14727] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.085089][T14727] bridge_slave_0: entered allmulticast mode
[  247.088738][T14727] bridge_slave_0: entered promiscuous mode
[  247.093131][T14727] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.096052][T14727] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.098988][T14727] bridge_slave_1: entered allmulticast mode
[  247.103556][T14727] bridge_slave_1: entered promiscuous mode
[  247.182691][T14771] random: crng reseeded on system resumption
[  247.199086][T14727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.205152][T14727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.256020][T14727] team0: Port device team_slave_0 added
[  247.276658][T14727] team0: Port device team_slave_1 added
[  247.368405][T14727] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.371485][T14727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.383534][T14727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.388708][T14727] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.391246][T14727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.402567][T14727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  247.462943][T14727] hsr_slave_0: entered promiscuous mode
[  247.466133][T14727] hsr_slave_1: entered promiscuous mode
[  247.469562][T14727] debugfs: 'hsr0' already exists in 'hsr'
[  247.472009][T14727] Cannot create hsr debugfs directory
[  247.574697][   T61] hsr_slave_0: left promiscuous mode
[  247.577261][   T61] hsr_slave_1: left promiscuous mode
[  247.579443][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  247.581964][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  247.585109][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  247.587534][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  247.626315][   T61] veth1_macvtap: left promiscuous mode
[  247.628873][   T61] veth0_macvtap: left promiscuous mode
[  247.631588][   T61] veth1_vlan: left promiscuous mode
[  247.634353][   T61] veth0_vlan: left promiscuous mode
[  247.724419][   T61] pimreg3 (unregistering): left allmulticast mode
[  248.093009][T14794] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  248.095321][T14794] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  248.097944][T14794] vhci_hcd vhci_hcd.0: Device attached
[  248.103494][T14795] vhci_hcd: connection closed
[  248.108629][ T1256] vhci_hcd: stop threads
[  248.112268][ T1256] vhci_hcd: release socket
[  248.113693][ T1256] vhci_hcd: disconnect device
[  248.322866][ T5982] Bluetooth: hci3: command tx timeout
[  248.547567][   T61] team0 (unregistering): Port device team_slave_1 removed
[  248.635556][   T61] team0 (unregistering): Port device team_slave_0 removed
[  248.638153][   T40] audit: type=1400 audit(1757273208.598:62431): avc:  denied  { bind } for  pid=14797 comm="syz.0.2604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  248.851931][T14805] kvm: kvm [14802]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  249.434521][T14791] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  249.640097][T14727] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  249.646257][T14727] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  249.653587][T14727] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  249.662873][T14727] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  249.683736][T14831] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  249.818120][T14844] loop4: detected capacity change from 0 to 7
[  249.826943][T14727] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.829580][T14844]  loop4: [CUMANA/ADFS] p1 [ADFS] p1
[  249.832478][T14844] loop4: partition table partially beyond EOD, truncated
[  249.836070][T14844] loop4: p1 size 2989602745 extends beyond EOD, truncated
[  249.846565][T14727] 8021q: adding VLAN 0 to HW filter on device team0
[  249.853591][ T1256] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.856633][ T1256] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.879955][ T1256] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.882896][ T1256] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.892281][ T5990] udevd[5990]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  249.908479][ T5990] udevd[5990]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  250.135376][T14727] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.330818][T14727] veth0_vlan: entered promiscuous mode
[  250.341505][T14727] veth1_vlan: entered promiscuous mode
[  250.370253][T14727] veth0_macvtap: entered promiscuous mode
[  250.376140][T14727] veth1_macvtap: entered promiscuous mode
[  250.393425][T14727] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.405074][T14727] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.409468][ T5982] Bluetooth: hci3: command tx timeout
[  250.421481][ T1148] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.425128][ T1148] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.434689][ T1148] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.439045][ T1148] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.497748][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.500556][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.521682][ T1256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.526019][ T1256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.535067][T14887] __nla_validate_parse: 4 callbacks suppressed
[  250.535080][T14887] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2619'.
[  250.544393][T14891] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2620'.
[  250.573896][T14893] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  250.574430][T14894] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  250.766395][T14914] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2627'.
[  250.929448][   T40] audit: type=1400 audit(1757273210.888:62432): avc:  denied  { module_load } for  pid=14933 comm="syz.4.2633" path="/sys/power/pm_trace_dev_match" dev="sysfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  250.978858][   T40] audit: type=1400 audit(1757273210.938:62433): avc:  denied  { view } for  pid=14938 comm="syz.5.2636" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  250.986795][T14941] netlink: 'syz.4.2637': attribute type 5 has an invalid length.
[  250.989997][T14941] netlink: 'syz.4.2637': attribute type 7 has an invalid length.
[  251.003875][T14941] : entered promiscuous mode
[  251.109075][T14950] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2641'.
[  251.173341][T14958] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2643'.
[  251.178948][T14959] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2643'.
[  251.229866][T14963] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  251.254092][T14969] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2646'.
[  251.257429][T14969] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2646'.
[  251.278679][   T40] audit: type=1400 audit(1757273211.238:62434): avc:  denied  { setopt } for  pid=14972 comm="syz.4.2648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  251.287075][   T40] audit: type=1400 audit(1757273211.238:62435): avc:  denied  { read } for  pid=14972 comm="syz.4.2648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  251.294014][   T40] audit: type=1400 audit(1757273211.248:62436): avc:  denied  { getopt } for  pid=14972 comm="syz.4.2648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  251.407187][T14987] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2653'.
[  251.437722][T14994] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  251.448290][T14994] Malformed UNC in devname
[  251.448290][T14994] 
[  251.453244][T14994] CIFS: VFS: Malformed UNC in devname
[  251.573866][T15006] autofs: Unknown parameter './file1'
[  251.574309][T15007] autofs: Unknown parameter './file1'
[  251.582013][T15006] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15006 comm=syz.4.2660
[  251.659945][T15014] kvm: user requested TSC rate below hardware speed
[  251.730449][T15017] xt_l2tp: unknown flags: 51
[  251.802291][T15022] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  251.849451][ T6016] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  252.015102][ T6016] usb 11-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  252.018134][ T6016] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.020683][ T6016] usb 11-1: Product: syz
[  252.021998][ T6016] usb 11-1: Manufacturer: syz
[  252.023531][ T6016] usb 11-1: SerialNumber: syz
[  252.031406][ T6016] usb 11-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  252.045336][ T6016] usb 11-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  252.152777][T15031] netlink: 'syz.4.2669': attribute type 4 has an invalid length.
[  252.320610][T15043] random: crng reseeded on system resumption
[  252.481380][ T5982] Bluetooth: hci3: command tx timeout
[  252.827241][T15047] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.831570][T15047] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.975391][T15054] FAULT_INJECTION: forcing a failure.
[  252.975391][T15054] name failslab, interval 1, probability 0, space 0, times 0
[  252.979792][T15054] CPU: 2 UID: 0 PID: 15054 Comm: syz.0.2676 Not tainted syzkaller #0 PREEMPT(full) 
[  252.979808][T15054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.979814][T15054] Call Trace:
[  252.979818][T15054]  <TASK>
[  252.979823][T15054]  dump_stack_lvl+0x16c/0x1f0
[  252.979857][T15054]  should_fail_ex+0x512/0x640
[  252.979874][T15054]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  252.979887][T15054]  should_failslab+0xc2/0x120
[  252.979901][T15054]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  252.979913][T15054]  ? getname_flags.part.0+0x4c/0x550
[  252.979932][T15054]  getname_flags.part.0+0x4c/0x550
[  252.979950][T15054]  getname_flags+0x93/0xf0
[  252.979962][T15054]  user_path_at+0x24/0x60
[  252.979974][T15054]  __x64_sys_mount+0x1fc/0x310
[  252.979989][T15054]  ? __pfx___x64_sys_mount+0x10/0x10
[  252.980008][T15054]  do_syscall_64+0xcd/0x4c0
[  252.980021][T15054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.980033][T15054] RIP: 0033:0x7f25eed8ebe9
[  252.980042][T15054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.980053][T15054] RSP: 002b:00007f25efb5f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  252.980064][T15054] RAX: ffffffffffffffda RBX: 00007f25eefb5fa0 RCX: 00007f25eed8ebe9
[  252.980071][T15054] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  252.980077][T15054] RBP: 00007f25efb5f090 R08: 0000200000000200 R09: 0000000000000000
[  252.980084][T15054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.980090][T15054] R13: 00007f25eefb6038 R14: 00007f25eefb5fa0 R15: 00007ffdfa8bd118
[  252.980104][T15054]  </TASK>
[  253.045431][    C2] vkms_vblank_simulate: vblank timer overrun
[  253.129876][ T6016] ath9k_htc 11-1:1.0: ath9k_htc: Target is unresponsive
[  253.134037][ T6016] ath9k_htc: Failed to initialize the device
[  253.158896][ T6016] usb 11-1: ath9k_htc: USB layer deinitialized
[  253.185297][T15074] Bluetooth: MGMT ver 1.23
[  253.196300][ T6074] usb 11-1: USB disconnect, device number 2
[  253.239732][T15079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2681'.
[  253.335387][   T40] audit: type=1400 audit(1757273213.298:62437): avc:  denied  { mounton } for  pid=15086 comm="syz.5.2684" path="mnt:[4026532907]" dev="nsfs" ino=4026532907 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  253.346081][   T40] audit: type=1400 audit(1757273213.308:62438): avc:  denied  { getattr } for  pid=15086 comm="syz.5.2684" path="cgroup:[4026532909]" dev="nsfs" ino=4026532909 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  253.355729][T15077] tipc: Started in network mode
[  253.357443][T15089] netlink: 'syz.4.2683': attribute type 2 has an invalid length.
[  253.357820][T15077] tipc: Node identity ac1414aa, cluster identity 4711
[  253.360918][T15089] netlink: 'syz.4.2683': attribute type 1 has an invalid length.
[  253.367402][T15077] tipc: Enabled bearer <udp:s>, priority 10
[  253.465928][T15099] tc_dump_action: action bad kind
[  253.729356][ T6074] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  253.771753][ T1114] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  253.774919][ T1114] ata1: failed to read log page 10h (errno=-5)
[  253.778109][ T1114] ata1.00: exception Emask 0x1 SAct 0x2 SErr 0x0 action 0x0
[  253.781834][ T1114] ata1.00: irq_stat 0x40000000
[  253.783913][ T1114] ata1.00: failed command: WRITE FPDMA QUEUED
[  253.786459][ T1114] ata1.00: cmd 61/48:08:3e:0e:10/00:00:00:00:00/40 tag 1 ncq dma 36864 out
[  253.786459][ T1114]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  253.795006][ T1114] ata1.00: status: { DRDY }
[  253.798427][ T1114] ata1.00: configured for UDMA/100
[  253.801315][ T1114] ata1: EH complete
[  253.816706][T15104] FAULT_INJECTION: forcing a failure.
[  253.816706][T15104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.822623][T15104] CPU: 0 UID: 0 PID: 15104 Comm: syz.4.2689 Not tainted syzkaller #0 PREEMPT(full) 
[  253.822648][T15104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.822659][T15104] Call Trace:
[  253.822665][T15104]  <TASK>
[  253.822672][T15104]  dump_stack_lvl+0x16c/0x1f0
[  253.822696][T15104]  should_fail_ex+0x512/0x640
[  253.822719][T15104]  strncpy_from_user+0x3b/0x2e0
[  253.822740][T15104]  getname_flags.part.0+0x8f/0x550
[  253.822771][T15104]  getname_flags+0x93/0xf0
[  253.822793][T15104]  user_path_at+0x24/0x60
[  253.822812][T15104]  __x64_sys_mount+0x1fc/0x310
[  253.822835][T15104]  ? __pfx___x64_sys_mount+0x10/0x10
[  253.822865][T15104]  do_syscall_64+0xcd/0x4c0
[  253.822890][T15104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.822911][T15104] RIP: 0033:0x7fb5a358ebe9
[  253.822927][T15104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.822944][T15104] RSP: 002b:00007fb5a44ce038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  253.822961][T15104] RAX: ffffffffffffffda RBX: 00007fb5a37b5fa0 RCX: 00007fb5a358ebe9
[  253.822971][T15104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  253.822980][T15104] RBP: 00007fb5a44ce090 R08: 0000200000000200 R09: 0000000000000000
[  253.822992][T15104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.823002][T15104] R13: 00007fb5a37b6038 R14: 00007fb5a37b5fa0 R15: 00007ffcb4d40768
[  253.823027][T15104]  </TASK>
[  253.911430][ T6074] usb 5-1: Using ep0 maxpacket: 16
[  253.916161][ T6074] usb 5-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid maxpacket 1056, setting to 1024
[  253.921426][ T6074] usb 5-1: config 1 interface 0 altsetting 253 bulk endpoint 0x1 has invalid maxpacket 1024
[  253.926544][ T6074] usb 5-1: config 1 interface 0 altsetting 253 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  253.934207][ T6074] usb 5-1: config 1 interface 0 has no altsetting 0
[  253.938725][ T6074] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  253.941703][ T6074] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.944299][ T6074] usb 5-1: Product: Ќ
[  253.945623][ T6074] usb 5-1: Manufacturer: Д
[  253.947070][ T6074] usb 5-1: SerialNumber: п
[  253.951212][T15101] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  253.953636][T15101] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  254.139585][T15064] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  254.309258][T15064] usb 10-1: Using ep0 maxpacket: 32
[  254.317418][T15110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.322709][T15110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.337485][T15064] usb 10-1: unable to get BOS descriptor or descriptor too short
[  254.344469][T15064] usb 10-1: unable to read config index 0 descriptor/start: -71
[  254.348261][T15064] usb 10-1: can't read configurations, error -71
[  254.360153][T15101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.364670][T15101] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.371602][T15101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.375193][T15101] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.385108][ T6074] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 38 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  254.392679][ T6074] usb 5-1: USB disconnect, device number 38
[  254.397204][ T6074] usblp0: removed
[  254.400703][ T5990] udevd[5990]: setting mode of /dev/bus/usb/005/038 to 020664 failed: No such file or directory
[  254.412712][ T5990] udevd[5990]: setting owner of /dev/bus/usb/005/038 to uid=0, gid=7 failed: No such file or directory
[  254.489313][   T55] tipc: Node number set to 2886997162
[  254.559438][ T5982] Bluetooth: hci3: command tx timeout
[  254.874993][T15131] tipc: Started in network mode
[  254.877161][T15131] tipc: Node identity ac1414aa, cluster identity 4711
[  254.881505][T15131] tipc: Enabled bearer <udp:s>, priority 10
[  254.936787][   T40] audit: type=1400 audit(1757273214.898:62439): avc:  denied  { accept } for  pid=15139 comm="syz.0.2699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  255.022134][   T40] audit: type=1400 audit(1757273214.988:62440): avc:  denied  { getopt } for  pid=15137 comm="syz.4.2698" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  255.081878][T15147] netlink: 'syz.0.2702': attribute type 2 has an invalid length.
[  255.084683][T15147] netlink: 'syz.0.2702': attribute type 1 has an invalid length.
[  255.399026][T15172] fuseblk: Unknown parameter 'œ[È.k|ê'
[  255.427254][T15172] bridge3: port 1(veth0_to_bond) entered blocking state
[  255.431415][T15172] bridge3: port 1(veth0_to_bond) entered disabled state
[  255.434832][T15172] veth0_to_bond: entered allmulticast mode
[  255.440371][T15172] veth0_to_bond: entered promiscuous mode
[  255.455266][T15176] fuseblk: Unknown parameter 'œ[È.k|ê'
[  255.536789][T15169] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  255.575252][T15183] __nla_validate_parse: 10 callbacks suppressed
[  255.575271][T15183] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2711'.
[  255.634920][T15185] futex_wake_op: syz.4.2711 tries to shift op by 32; fix this program
[  255.703421][T15189] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.744663][T15190] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  255.833660][T15189] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.899695][   T55] tipc: Node number set to 2886997162
[  255.923841][T15189] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.033081][T15189] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.143373][ T1155] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.157760][ T1155] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.174741][ T1145] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.187149][   T40] audit: type=1400 audit(1757273216.148:62441): avc:  denied  { getopt } for  pid=15204 comm="syz.5.2718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  256.192561][ T1155] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.431959][T15223] affs: No valid root block on device sr0
[  256.445140][T15223] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  256.767142][T15249] qrtr: Invalid version 0
[  257.517045][   T40] audit: type=1400 audit(1757273217.478:62442): avc:  denied  { write } for  pid=15313 comm="syz.4.2750" lport=50135 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  257.525975][   T40] audit: type=1400 audit(1757273217.488:62443): avc:  denied  { ioctl } for  pid=15313 comm="syz.4.2750" path="socket:[69201]" dev="sockfs" ino=69201 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  257.596212][T15323] netlink: 'syz.4.2753': attribute type 3 has an invalid length.
[  257.599107][T15323] netlink: 'syz.4.2753': attribute type 1 has an invalid length.
[  257.603032][T15323] netlink: 192 bytes leftover after parsing attributes in process `syz.4.2753'.
[  257.607275][T15323] NCSI netlink: No device for ifindex 268435456
[  257.715536][T15333] fuse: Bad value for 'user_id'
[  257.717196][T15333] fuse: Bad value for 'user_id'
[  257.811857][   T40] audit: type=1400 audit(1757273217.778:62444): avc:  denied  { connect } for  pid=15344 comm="syz.5.2760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  257.994124][T15354] netlink: 72 bytes leftover after parsing attributes in process `syz.6.2763'.
[  258.003311][T15354] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  258.866840][T15373] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15373 comm=syz.5.2769
[  258.867805][T15372] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15372 comm=syz.5.2769
[  258.878924][T15372] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2769'.
[  258.885273][T15372] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2769'.
[  258.885910][T15373] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2769'.
[  258.946911][T15379] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.954734][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.957108][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.990112][   T40] audit: type=1400 audit(1757273218.948:62445): avc:  denied  { getopt } for  pid=15380 comm="syz.5.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  259.179725][T15390] netlink: 304 bytes leftover after parsing attributes in process `syz.5.2775'.
[  259.487607][T15403] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2779'.
[  259.575651][   T40] audit: type=1400 audit(1757273219.538:62446): avc:  denied  { bind } for  pid=15409 comm="syz.4.2781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  259.683811][T15417] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2783'.
[  259.734372][T15417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2783'.
[  260.444175][T15479] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[  260.502703][T15491] Can't find ip_set type hash:net,port,�et
[  260.554264][T15498] overlayfs: failed to resolve './file1/file0': -2
[  260.647121][T15516] __nla_validate_parse: 5 callbacks suppressed
[  260.647136][T15516] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2811'.
[  260.695915][T15514] kvm: kvm [15513]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  260.807532][T15525] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2813'.
[  260.829287][ T6826] usb 11-1: new full-speed USB device number 3 using dummy_hcd
[  260.991580][ T6826] usb 11-1: not running at top speed; connect to a high speed hub
[  260.996074][ T6826] usb 11-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  261.000559][ T6826] usb 11-1: config 1 has an invalid descriptor of length 157, skipping remainder of the config
[  261.004847][ T6826] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 3
[  261.008780][ T6826] usb 11-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  261.019307][ T6826] usb 11-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  261.023223][ T6826] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.026612][ T6826] usb 11-1: Product: 傲䔀徳쀚풷�Ⳛ朶Ꞃ庸楱꥚枋ங
[  261.030301][ T6826] usb 11-1: Manufacturer: ㋫肓쌮�캹ଢ舊Шꃺ㱗囒ꪊᘌ檘훰鋫��찄掘⻥�൬ꃰ틀갆㠒줔䟭镙ᯬ䣠஡ꨧᙯ�扶㜇�钛苊஘컶魴錻⬙砚䲨䧲〈䊭浣槇≱⧇嫑簒봞퀲鳑颲ꭚ矓䲒᠇Ⓦ憭嶿賃佊휜倫줸넯앯룃Ậ皡䱅䉈䬵�躡⢎〘ྛ�鞕꘵�∗ữꠎ�헛騄䆃﷞⩞肄毭�ꃜ㹥ﱧ✇ᢀ
[  261.049891][ T6826] usb 11-1: SerialNumber: 씣ब⋜࿓绕�얤㠾쓚尩욀呂⭊�떺㒞짗�㷛쓂ᬑ屢ख��濤紸�ቷ᳥ô떳�羇��Ẻ��ꎿ씇វ���办ꖑ螭셶驯갬Ƃ惯�⫠h蛯ﹽᲛ֠夗ﳒჽ畞�鸵་㤽��鄊唆䅚̈ᘅ⤲⚩䟽瘰枆�
[  261.069759][T15504] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  261.275982][ T6826] usb 11-1: 0:2 : does not exist
[  261.290432][ T6826] usb 11-1: USB disconnect, device number 3
[  261.314228][ T5990] udevd[5990]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb11/11-1/11-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  261.617038][T15558] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2819'.
[  261.783100][   T40] audit: type=1400 audit(1757273221.748:62447): avc:  denied  { map } for  pid=15565 comm="syz.5.2822" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  261.855337][   T40] audit: type=1400 audit(1757273221.818:62448): avc:  denied  { accept } for  pid=15569 comm="syz.5.2824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  261.963353][T15585] fuse: Unknown parameter 'hroupi'
[  261.965903][T15585] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  261.969404][   T40] audit: type=1400 audit(1757273221.928:62449): avc:  denied  { write } for  pid=15584 comm="syz.5.2829" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  261.969455][T15585] random: crng reseeded on system resumption
[  261.985889][   T40] audit: type=1400 audit(1757273221.948:62450): avc:  denied  { bind } for  pid=15579 comm="syz.6.2827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  261.995659][T15585] fuse: Unknown parameter ''
[  261.997739][T15585] Unrecognized hibernate image header format!
[  262.004236][T15585] PM: hibernation: Image mismatch: architecture specific data
[  262.006963][   T40] audit: type=1400 audit(1757273221.968:62451): avc:  denied  { name_bind 0x1000000 } for  pid=15584 comm="syz.5.2829" path="socket:[70625]" dev="sockfs" ino=70625 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  262.007012][T15585] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  262.018368][T15584] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  262.175593][T15608] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2836'.
[  262.178509][T15608] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2836'.
[  262.184652][T15607] random: crng reseeded on system resumption
[  262.192394][T15607] Restarting kernel threads ...
[  262.194780][T15607] Done restarting kernel threads.
[  262.232369][T15614] netlink: 'syz.0.2837': attribute type 1 has an invalid length.
[  262.236011][T15614] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2837'.
[  262.287187][T15617] netlink: 'syz.0.2839': attribute type 10 has an invalid length.
[  262.293603][T15617] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  262.328623][T15590] Device name not specified.
[  262.328623][T15590] 
[  262.516504][T15627] devpts: Bad value for 'max'
[  262.595147][T15634] Bluetooth: MGMT ver 1.23
[  262.597754][T15634] nbd: must specify a size in bytes for the device
[  262.635663][T15635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.639819][T15629] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  262.742081][   T40] audit: type=1400 audit(1757273222.708:62452): avc:  denied  { map } for  pid=15644 comm="syz.6.2849" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  262.742742][T15646] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2849'.
[  263.120729][ T5989] Bluetooth: hci3: command 0x0405 tx timeout
[  263.192118][T15680] afs: Unknown parameter 'hash'
[  263.246480][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.249441][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.252289][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.254725][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.256883][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.259006][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.262932][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.265490][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.268033][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.271073][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.273204][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.275305][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.277488][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.279882][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.282097][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.284183][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.286279][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.288552][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.291293][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.293849][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.295930][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.298061][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.300601][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.302712][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.304789][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.307265][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.310210][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.314172][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.317320][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.320568][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.323614][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.326199][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.328447][T15685] binder: 15684:15685 ioctl c0306201 0 returned -14
[  263.439295][ T5840] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  263.521100][T15697] tracefs: Unknown parameter 'ŽóÇæÔ·?žƒ™3pæ'
[  263.583959][T15704] blkio.reset_stats is deprecated
[  263.611163][ T5840] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  263.614785][ T5840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  263.618185][ T5840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  263.621938][ T5840] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  263.626002][ T5840] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  263.628812][ T5840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.637867][ T5840] usb 5-1: config 0 descriptor??
[  263.640334][T15681] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  263.780878][T15714] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  263.787136][T15715] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  263.847765][   T40] audit: type=1400 audit(1757273223.808:62453): avc:  denied  { shutdown } for  pid=15725 comm="syz.6.2873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  264.057353][ T5840] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd
[  264.088118][ T5840] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  264.115852][T15748] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2880'.
[  264.122634][T15748] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2880'.
[  264.242628][T15756] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  264.250155][   T40] audit: type=1400 audit(1757273224.218:62454): avc:  denied  { write } for  pid=15754 comm="syz.4.2882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  264.322355][ T5982] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  264.327098][ T5982] Bluetooth: hci3: Injecting HCI hardware error event
[  264.333230][ T6042] usb 5-1: USB disconnect, device number 39
[  264.334239][ T5982] Bluetooth: hci3: hardware error 0x00
[  264.457150][T15762] SELinux: failed to load policy
[  264.584302][T15771] tap0: tun_chr_ioctl cmd 1074025675
[  264.586935][T15771] tap0: persist disabled
[  264.590525][T15771] tap0: tun_chr_ioctl cmd 1074025675
[  264.592972][T15771] tap0: persist disabled
[  264.595022][T15773] tap0: tun_chr_ioctl cmd 1074025673
[  264.961257][T15813] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2900'.
[  265.026303][T15815] fuse: Bad value for 'user_id'
[  265.028529][T15815] fuse: Bad value for 'user_id'
[  265.038358][ T5989] Bluetooth: hci1: unexpected cc 0x203e length: 2 > 1
[  265.043182][ T5989] Bluetooth: hci1: unexpected event for opcode 0x203e
[  265.118924][   T40] audit: type=1400 audit(1757273225.078:62455): avc:  denied  { unmount } for  pid=10532 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  265.172261][T15830] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  265.177976][T15830] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  265.422278][   T40] audit: type=1400 audit(1757273225.388:62456): avc:  denied  { sys_admin } for  pid=15854 comm="syz.4.2913" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  265.447110][   T40] audit: type=1400 audit(1757273225.408:62457): avc:  denied  { accept } for  pid=15863 comm="syz.6.2915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  265.470323][T15870] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  265.472678][T15870] IPv6: NLM_F_CREATE should be set when creating new route
[  265.885773][T15914] __nla_validate_parse: 6 callbacks suppressed
[  265.885784][T15914] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2931'.
[  265.890775][T15914] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2931'.
[  265.896407][T15916] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2932'.
[  265.938528][T15922] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=15922 comm=syz.4.2935
[  266.105236][T15939] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2940'.
[  266.108323][T15939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2940'.
[  266.118743][   T40] audit: type=1400 audit(1757273226.078:62458): avc:  denied  { setattr } for  pid=15933 comm="syz.4.2939" name="ALG" dev="sockfs" ino=74239 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  266.292645][T15952] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2944'.
[  266.296318][T15952] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2944'.
[  266.300545][T15870] orangefs_mount: mount request failed with -4
[  266.304098][T15952] geneve3: entered promiscuous mode
[  266.306390][T15952] geneve3: entered allmulticast mode
[  266.383995][T15955] netfs: Couldn't get user pages (rc=-14)
[  266.401620][ T5982] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  266.516019][T15962] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  266.518226][T15962] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  266.522377][T15962] vhci_hcd vhci_hcd.0: Device attached
[  266.709467][ T6016] vhci_hcd: vhci_device speed not set
[  266.766553][T15920] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  266.769451][ T6016] usb 47-1: new full-speed USB device number 2 using vhci_hcd
[  266.806558][T15967] tmpfs: Bad value for 'mpol'
[  266.819311][   T29] usb 10-1: new low-speed USB device number 4 using dummy_hcd
[  266.971718][   T29] usb 10-1: config index 0 descriptor too short (expected 33248, got 27)
[  266.974539][T15976] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2952'.
[  266.974546][   T29] usb 10-1: config 59 has too many interfaces: 75, using maximum allowed: 32
[  266.974560][   T29] usb 10-1: config 59 has an invalid descriptor of length 71, skipping remainder of the config
[  266.978879][T15976] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2952'.
[  266.981765][   T29] usb 10-1: config 59 has 0 interfaces, different from the descriptor's value: 75
[  266.981793][   T29] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  266.996635][   T29] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.018784][T15978] 9pnet_fd: Insufficient options for proto=fd
[  267.141885][T15981] 9pnet: Unknown protocol version 9p2000.uc¼ˆ/TâNÚQìåq¶èÊV
[  267.141885][T15981] ÅÂ\Cˆ©Ðý&IB~j€fSï~ˆ•¡ÔÀ"¹æ�¥#eʈ¨D¼¿@ȶ€«Dh”�º¼ÏË
[  267.141885][T15981] A/{߬´o¶¶·O~¯²ÅâDZْÑÀBiç¸(sš6aÜn
[  267.141885][T15981] ~í/ÛHÇú'ò‡Rvâ�è�vf‘õY¢R#…{¶ñ¦a‘2
[  267.150954][T15981] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2954'.
[  267.161221][T15981] bridge0: entered promiscuous mode
[  267.164895][T15981] batadv_slave_1: entered promiscuous mode
[  267.202705][T15963] usb 47-1: recv xbuf, 0
[  267.205976][ T1155] vhci_hcd: stop threads
[  267.207654][ T1155] vhci_hcd: release socket
[  267.212402][   T29] usb 10-1: string descriptor 0 read error: -71
[  267.216079][ T1155] vhci_hcd: disconnect device
[  267.218704][   T29] usb 10-1: USB disconnect, device number 4
[  267.270320][ T6016] vhci_hcd: vhci_device speed not set
[  267.424436][   T12] tipc: Subscription rejected, illegal request
[  267.548378][T15995] random: crng reseeded on system resumption
[  267.948221][   T40] audit: type=1400 audit(1757273227.908:62459): avc:  denied  { accept } for  pid=16002 comm="syz.5.2963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  268.333711][T16020] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  268.518178][T16023] netlink: 'syz.4.2962': attribute type 11 has an invalid length.
[  268.608410][T16041] netlink: 'syz.4.2973': attribute type 1 has an invalid length.
[  268.618188][T16036] macvlan2: entered promiscuous mode
[  268.620576][T16036] macvlan2: entered allmulticast mode
[  268.623300][T16036] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  268.662314][T16045] binder: 16034:16045 ioctl 89f3 2000000004c0 returned -22
[  268.667342][T16045] binder: 16034:16045 ioctl c018620c 200000000280 returned -22
[  268.702374][T16041] netlink: 'syz.4.2973': attribute type 1 has an invalid length.
[  268.706056][T16041] netlink: 'syz.4.2973': attribute type 2 has an invalid length.
[  268.812758][T16061] kernel read not supported for file /policy (pid: 16061 comm: syz.6.2979)
[  268.816510][   T40] audit: type=1400 audit(1757273228.778:62460): avc:  denied  { module_load } for  pid=16060 comm="syz.6.2979" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1
[  268.880725][   T40] audit: type=1400 audit(1757273228.848:62461): avc:  denied  { setopt } for  pid=16065 comm="syz.6.2981" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  269.079410][ T6074] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  269.129736][ T5982] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  269.140396][ T5982] Bluetooth: hci1: Injecting HCI hardware error event
[  269.147577][ T5982] Bluetooth: hci1: hardware error 0x00
[  269.209562][ T6074] usb 10-1: device descriptor read/64, error -71
[  269.366742][   T40] audit: type=1400 audit(1757273229.328:62462): avc:  denied  { read write } for  pid=16090 comm="syz.0.2991" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  269.377385][   T40] audit: type=1400 audit(1757273229.328:62463): avc:  denied  { open } for  pid=16090 comm="syz.0.2991" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  269.384020][T16091] input: syz0 as /devices/virtual/input/input48
[  269.389700][   T40] audit: type=1400 audit(1757273229.338:62464): avc:  denied  { ioctl } for  pid=16090 comm="syz.0.2991" path="/dev/uinput" dev="devtmpfs" ino=943 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  269.403121][T16091] binder: 16090:16091 ioctl 40106437 2000000001c0 returned -22
[  269.406747][T16091] netlink: 'syz.0.2991': attribute type 13 has an invalid length.
[  269.459286][ T6074] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  269.467300][   T40] audit: type=1400 audit(1757273229.428:62465): avc:  denied  { create } for  pid=16101 comm="syz.0.2994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  269.475725][   T40] audit: type=1400 audit(1757273229.428:62466): avc:  denied  { getopt } for  pid=16101 comm="syz.0.2994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  269.606789][T16102] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  269.609261][ T6074] usb 10-1: device descriptor read/64, error -71
[  269.719983][ T6074] usb usb10-port1: attempt power cycle
[  269.985507][T16128] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  269.989319][T16128] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  270.060627][ T6074] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  270.082821][ T6074] usb 10-1: device descriptor read/8, error -71
[  270.263647][   T40] audit: type=1400 audit(1757273230.228:62467): avc:  denied  { read } for  pid=16138 comm="syz.4.3006" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  270.307196][T16141] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  270.349302][ T6074] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  270.369865][ T6074] usb 10-1: device descriptor read/8, error -71
[  270.480310][ T6074] usb usb10-port1: unable to enumerate USB device
[  270.515549][T16155] netlink: 'syz.0.3012': attribute type 1 has an invalid length.
[  270.532430][T16155] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  270.537534][T16155] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  270.542356][T16159] ufs: Unknown parameter ']-\('
[  270.584903][T16156] gretap1: entered promiscuous mode
[  270.591047][T16156] bond2: (slave gretap1): making interface the new active one
[  270.593851][T16156] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  270.599973][T16156] macvlan3: entered promiscuous mode
[  270.601750][T16156] macvlan3: entered allmulticast mode
[  270.604204][T16156] bond2: entered promiscuous mode
[  270.606311][T16156] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  270.612559][T16156] bond2: (slave macvlan3): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  270.618270][T16156] bond2: left promiscuous mode
[  270.697763][T16162] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  270.876404][   T40] audit: type=1400 audit(1757273230.838:62468): avc:  denied  { append } for  pid=16169 comm="syz.6.3017" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  270.918916][T16176] __nla_validate_parse: 15 callbacks suppressed
[  270.918928][T16176] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3018'.
[  270.957557][T16180] random: crng reseeded on system resumption
[  270.967432][T16180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.971577][T16180] batadv_slave_0: entered promiscuous mode
[  271.199472][ T5982] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  271.349380][ T6074] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  271.509365][ T6074] usb 11-1: Using ep0 maxpacket: 16
[  271.519732][ T6074] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.523484][ T6074] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.532328][ T6074] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  271.536571][ T6074] usb 11-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  271.539590][ T6074] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.543298][ T6074] usb 11-1: config 0 descriptor??
[  271.549583][T16222] SELinux: failed to load policy
[  271.596996][T16232] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3034'.
[  271.643196][T16235] fuse: Bad value for 'group_id'
[  271.644915][T16235] fuse: Bad value for 'group_id'
[  271.951755][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x5
[  271.954322][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.956647][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.959010][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.961416][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.963727][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.966059][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.968507][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.971133][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.973660][ T6074] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0
[  271.978202][ T6074] microsoft 0003:045E:07DA.000B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[  271.982024][ T6074] microsoft 0003:045E:07DA.000B: no inputs found
[  271.984043][ T6074] microsoft 0003:045E:07DA.000B: could not initialize ff, continuing anyway
[  272.164219][ T5840] usb 11-1: USB disconnect, device number 4
[  272.249299][ T6893] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  272.334281][T16241] netlink: 'syz.4.3037': attribute type 29 has an invalid length.
[  272.338662][T16241] netlink: 'syz.4.3037': attribute type 29 has an invalid length.
[  272.346448][T16241] netlink: 500 bytes leftover after parsing attributes in process `syz.4.3037'.
[  272.399321][ T6893] usb 10-1: Using ep0 maxpacket: 8
[  272.403013][ T6893] usb 10-1: config 0 interface 0 has no altsetting 0
[  272.405795][ T6893] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  272.409865][ T6893] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.414197][ T6893] usb 10-1: config 0 descriptor??
[  272.540544][T16246] 8021q: adding VLAN 0 to HW filter on device bond3
[  272.557548][T16246] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  272.619490][   T29] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  272.624168][ T6893] mcp2221 0003:04D8:00DD.000C: USB HID vdf.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  272.651715][ T1145] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  272.691934][T16257] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  272.702352][ T6893] usb 10-1: USB disconnect, device number 9
[  272.756299][T16255] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  272.757349][T16263] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3044'.
[  272.770411][ T1155] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  272.789311][   T29] usb 9-1: Using ep0 maxpacket: 8
[  272.792187][   T29] usb 9-1: config 0 has no interfaces?
[  272.795411][   T29] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  272.798240][   T29] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.800969][   T29] usb 9-1: Product: syz
[  272.802306][   T29] usb 9-1: Manufacturer: syz
[  272.803784][   T29] usb 9-1: SerialNumber: syz
[  272.806641][   T29] usb 9-1: config 0 descriptor??
[  272.862176][T16277] netlink: 'syz.6.3048': attribute type 5 has an invalid length.
[  272.871487][T16277] ip6erspan0: entered promiscuous mode
[  272.879507][ T6016] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  272.910596][T16284] tmpfs: Bad value for 'mpol'
[  273.014809][ T6043] usb 9-1: USB disconnect, device number 21
[  273.052011][ T6016] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  273.055250][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.058058][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.061950][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.064890][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.067669][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.071215][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.075016][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.078166][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.081644][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.084965][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.087738][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.091582][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.094496][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.097476][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.101127][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.104333][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.107441][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.111006][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.113979][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.116779][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.120240][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.123433][ T6016] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  273.126155][T16293] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  273.127019][ T6016] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  273.127037][ T6016] usb 5-1: config 0 interface 0 has no altsetting 0
[  273.142592][ T6016] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  273.146480][ T6016] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  273.149125][ T6016] usb 5-1: Product: syz
[  273.150708][ T6016] usb 5-1: Manufacturer: syz
[  273.152398][ T6016] usb 5-1: SerialNumber: syz
[  273.156376][ T6016] usb 5-1: config 0 descriptor??
[  273.164022][ T6016] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  273.211599][T16297] netlink: 880 bytes leftover after parsing attributes in process `syz.6.3055'.
[  273.332993][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  273.333006][   T40] audit: type=1400 audit(1757273233.298:62480): avc:  denied  { ioctl } for  pid=16299 comm="syz.6.3056" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  273.364428][ T6016] usb 5-1: USB disconnect, device number 40
[  273.369022][ T6016] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  273.374452][T16304] binder: Bad value for 'max'
[  273.464182][T16308] netlink: 'syz.6.3058': attribute type 8 has an invalid length.
[  273.573244][T16312] netlink: 504 bytes leftover after parsing attributes in process `syz.6.3060'.
[  273.577730][T16312] netlink: 'syz.6.3060': attribute type 3 has an invalid length.
[  273.704816][T16323] kvm: pic: single mode not supported
[  273.704928][T16323] kvm: pic: level sensitive irq not supported
[  273.708305][T16323] kvm: pic: non byte write
[  273.712810][T16323] kvm: pic: non byte write
[  273.715150][   T40] audit: type=1400 audit(1757273233.678:62481): avc:  denied  { getattr } for  pid=16325 comm="syz.6.3063" name="/" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  273.717460][T16326] overlayfs: statfs failed on './file0'
[  273.895459][T16337] trusted_key: encrypted_key: keyword 'new0default' not recognized
[  274.109542][   T40] audit: type=1400 audit(1757273234.068:62482): avc:  denied  { setattr } for  pid=16341 comm="syz.0.3069" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  274.549405][ T6893] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  274.699869][T16354] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3072'.
[  274.702863][ T6893] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  274.707407][ T6893] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.711125][ T6893] usb 9-1: Product: syz
[  274.712962][ T6893] usb 9-1: Manufacturer: syz
[  274.714902][ T6893] usb 9-1: SerialNumber: syz
[  274.725960][ T6893] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  274.743387][ T6339] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  274.885610][T16359] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3074'.
[  275.739614][T16367] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  275.759580][ T6339] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  275.762164][ T6339] ath9k_htc: Failed to initialize the device
[  275.786168][ T6339] usb 9-1: ath9k_htc: USB layer deinitialized
[  275.938446][T16372] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  276.025784][T16391] tipc: Failed to remove unknown binding: 66,1,1/2886997162:2644562562/2644562564
[  276.030870][T16391] tipc: Failed to remove unknown binding: 66,1,1/2886997162:2644562562/2644562564
[  276.035793][T16391] tipc: Failed to remove unknown binding: 66,1,1/2886997162:2644562562/2644562564
[  276.227381][T16398] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  276.309316][ T5840] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  276.317618][T16401] SELinux:  truncated policydb string identifier
[  276.319867][T16401] SELinux: failed to load policy
[  276.345941][T16404] NILFS (nbd6): device size too small
[  276.351662][T16404] virtiofs: Unknown parameter '/dev/nbd'
[  276.491181][ T5840] usb 5-1: too many configurations: 162, using maximum allowed: 8
[  276.496443][ T5840] usb 5-1: unable to read config index 0 descriptor/start: -61
[  276.499928][ T5840] usb 5-1: can't read configurations, error -61
[  276.629341][ T5840] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  276.790487][ T5840] usb 5-1: too many configurations: 162, using maximum allowed: 8
[  276.795066][ T5840] usb 5-1: unable to read config index 0 descriptor/start: -61
[  276.798177][ T5840] usb 5-1: can't read configurations, error -61
[  276.801470][ T5840] usb usb5-port1: attempt power cycle
[  277.149453][ T5840] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  277.175818][ T5840] usb 5-1: too many configurations: 162, using maximum allowed: 8
[  277.181302][ T5840] usb 5-1: unable to read config index 0 descriptor/start: -61
[  277.184562][ T5840] usb 5-1: can't read configurations, error -61
[  277.321422][ T5840] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  277.340778][ T5840] usb 5-1: too many configurations: 162, using maximum allowed: 8
[  277.346118][ T5840] usb 5-1: unable to read config index 0 descriptor/start: -61
[  277.350644][ T5840] usb 5-1: can't read configurations, error -61
[  277.355511][ T5840] usb usb5-port1: unable to enumerate USB device
[  277.374469][   T29] usb 9-1: USB disconnect, device number 22
[  277.443126][   T40] audit: type=1400 audit(1757273237.408:62483): avc:  denied  { egress } for  pid=15 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  277.444768][T16411] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3091'.
[  277.453633][   T40] audit: type=1400 audit(1757273237.408:62484): avc:  denied  { write } for  pid=16410 comm="syz.5.3091" name="fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  277.514927][T16409] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  277.621979][T16427] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3095'.
[  277.634589][T16428] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3095'.
[  277.782274][T16406] Set syz1 is full, maxelem 65536 reached
[  277.828631][T16443] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  277.832276][  T839] IPVS: starting estimator thread 0...
[  277.868144][T16446] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(10)
[  277.871435][T16446] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  277.876520][T16446] vhci_hcd vhci_hcd.0: Device attached
[  277.883454][T16446] vhci_hcd vhci_hcd.0: port 0 already used
[  277.887172][T16447] vhci_hcd: connection closed
[  277.888938][   T61] vhci_hcd: stop threads
[  277.892895][   T61] vhci_hcd: release socket
[  277.895139][   T61] vhci_hcd: disconnect device
[  277.919356][T16444] IPVS: using max 24 ests per chain, 57600 per kthread
[  278.016182][T16456] bridge3: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  278.026685][T16457] bridge4: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  278.470115][T16468] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3108'.
[  278.479027][T16468] bridge0: entered promiscuous mode
[  278.483821][T16468] bridge0: port 3(macvlan2) entered blocking state
[  278.486582][T16468] bridge0: port 3(macvlan2) entered disabled state
[  278.488945][T16468] macvlan2: entered allmulticast mode
[  278.491124][T16468] bridge0: entered allmulticast mode
[  278.494112][T16468] macvlan2: left allmulticast mode
[  278.496071][T16468] bridge0: left allmulticast mode
[  278.498934][T16468] bridge0: left promiscuous mode
[  278.539333][ T6339] usb 10-1: new full-speed USB device number 10 using dummy_hcd
[  278.611258][T16477] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3110'.
[  278.615576][T16477] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3110'.
[  278.692042][ T6339] usb 10-1: config 0 has no interfaces?
[  278.695655][ T6339] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  278.699772][ T6339] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  278.703310][ T6339] usb 10-1: Manufacturer: syz
[  278.707848][ T6339] usb 10-1: config 0 descriptor??
[  278.977264][ T6043] usb 10-1: USB disconnect, device number 10
[  279.062966][   T40] audit: type=1400 audit(1757273495.020:62485): avc:  denied  { mounton } for  pid=16497 comm="syz.0.3115" path="/154/file0" dev="tmpfs" ino=840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  279.130855][   T40] audit: type=1400 audit(1757273495.090:62486): avc:  denied  { shutdown } for  pid=16507 comm="syz.0.3118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  279.197329][T16515] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  279.389380][ T6339] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  279.552549][ T6339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  279.557390][ T6339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  279.562748][ T6339] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  279.567544][ T6339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.574775][ T6339] usb 5-1: config 0 descriptor??
[  279.817478][   T40] audit: type=1400 audit(1757273495.770:62487): avc:  denied  { execute } for  pid=16546 comm="syz.6.3129" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  279.925603][T16559] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  279.925688][ T1145] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x7
[  279.930557][   T40] audit: type=1400 audit(1757273495.890:62488): avc:  denied  { relabelto } for  pid=16551 comm="syz.5.3130" name="168" dev="tmpfs" ino=930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  279.946397][   T40] audit: type=1400 audit(1757273495.890:62489): avc:  denied  { associate } for  pid=16551 comm="syz.5.3130" name="168" dev="tmpfs" ino=930 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  279.947449][T16552] netlink: 4548 bytes leftover after parsing attributes in process `syz.5.3130'.
[  279.952918][T16560] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  279.964379][T16552] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3130'.
[  280.016102][   T40] audit: type=1400 audit(1757273495.970:62490): avc:  denied  { remove_name } for  pid=14264 comm="syz-executor" name="binderfs" dev="tmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  280.016577][ T6339] savu 0003:1E7D:2D5A.000D: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  280.028998][   T40] audit: type=1400 audit(1757273495.980:62491): avc:  denied  { rmdir } for  pid=14264 comm="syz-executor" name="168" dev="tmpfs" ino=930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  280.064690][   T40] audit: type=1400 audit(1757273496.010:62492): avc:  denied  { map } for  pid=16561 comm="syz.5.3132" path="socket:[78310]" dev="sockfs" ino=78310 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  280.078043][   T40] audit: type=1400 audit(1757273496.010:62493): avc:  denied  { accept } for  pid=16561 comm="syz.5.3132" path="socket:[78310]" dev="sockfs" ino=78310 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  280.249527][   T40] audit: type=1326 audit(1757273496.200:62494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16570 comm="syz.4.3135" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5a358ebe9 code=0x7ffc0000
[  280.296769][T16575] netlink: 'syz.4.3136': attribute type 1 has an invalid length.
[  280.331826][T16575] 8021q: adding VLAN 0 to HW filter on device bond5
[  280.355982][T16582] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3118'.
[  280.369863][T16575] bond5: (slave ip6gretap1): making interface the new active one
[  280.374425][T16575] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link
[  280.399461][ T6043] usb 5-1: USB disconnect, device number 45
[  280.401862][T16580] 9pnet_fd: Insufficient options for proto=fd
[  280.402119][T16581] 9pnet_fd: Insufficient options for proto=fd
[  280.861875][T16611] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  280.927433][T16624] block nbd5: Attempted send on invalid socket
[  280.936035][T16624] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  280.950904][T16624] EXT4-fs (nbd5): unable to read superblock
[  281.040104][   T29] e1000 0000:00:06.0 eth0: Reset adapter
[  281.056719][T16636] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3155'.
[  281.123615][T16634] tmpfs: Unknown parameter 'mPol'
[  281.169773][   T29] e1000 0000:00:06.0 eth0: Reset adapter
[  283.370548][   T29] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  284.401443][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  284.401460][   T40] audit: type=1400 audit(1757273500.360:62502): avc:  denied  { recv } for  pid=0 comm="swapper/1" saddr=10.0.2.2 src=67 daddr=255.255.255.255 dest=68 netif=eth0 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  289.919506][ T6826] page_pool_release_retry() stalled pool shutdown: id 29, 3329 inflight 181 sec
[  291.253221][T16673] __nla_validate_parse: 2 callbacks suppressed
[  291.253238][T16673] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3157'.
[  291.304691][T16673] netlink: 'syz.4.3157': attribute type 29 has an invalid length.
[  291.313507][T16673] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  291.481790][ T6339] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  291.630707][ T6339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.634500][ T6339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.638315][ T6339] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  291.643088][ T6339] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  291.646682][ T6339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.652293][ T6339] usb 5-1: config 0 descriptor??
[  292.071928][ T6339] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  292.321050][T16670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.325327][T16670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.738075][    C2] plantronics 0003:047F:FFFF.000E: hid_field_extract() called with n (132) > 32! (swapper/2)
[  292.744633][T16670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.750136][T16670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.946536][ T6074] usb 5-1: USB disconnect, device number 46
[  297.314099][T16691] 
[  297.314911][T16691] =====================================================
[  297.317411][T16691] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  297.320137][T16691] syzkaller #0 Not tainted
[  297.321734][T16691] -----------------------------------------------------
[  297.324495][T16691] syz.6.3161/16691 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  297.328283][T16691] ffff888032cd74b0 (&new->fa_lock){...-}-{3:3}, at: kill_fasync+0x138/0x510
[  297.330948][T16691] 
[  297.330948][T16691] and this task is already holding:
[  297.333201][T16691] ffff888054fcf028 (&client->buffer_lock){..-.}-{3:3}, at: evdev_pass_values+0x10e/0x9b0
[  297.336052][T16691] which would create a new lock dependency:
[  297.337860][T16691]  (&client->buffer_lock){..-.}-{3:3} -> (&new->fa_lock){...-}-{3:3}
[  297.340326][T16691] 
[  297.340326][T16691] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  297.343103][T16691]  (&client->buffer_lock){..-.}-{3:3}
[  297.343121][T16691] 
[  297.343121][T16691] ... which became SOFTIRQ-irq-safe at:
[  297.347009][T16691]   lock_acquire+0x179/0x350
[  297.348549][T16691]   _raw_spin_lock+0x2e/0x40
[  297.350074][T16691]   evdev_pass_values+0x10e/0x9b0
[  297.351812][T16691]   evdev_events+0x1bb/0x390
[  297.353455][T16691]   input_pass_values+0x74b/0x880
[  297.355325][T16691]   input_handle_event+0xb29/0x14d0
[  297.357161][T16691]   input_inject_event+0x1e8/0x3b0
[  297.358732][T16691]   led_set_brightness+0x217/0x290
[  297.360297][T16691]   led_trigger_event+0xda/0x270
[  297.361813][T16691]   kbd_bh+0x21b/0x300
[  297.363105][T16691]   tasklet_action_common+0x281/0x400
[  297.364716][T16691]   handle_softirqs+0x216/0x8e0
[  297.366207][T16691]   run_ksoftirqd+0x3a/0x60
[  297.367589][T16691]   smpboot_thread_fn+0x3f4/0xae0
[  297.369160][T16691]   kthread+0x3c5/0x780
[  297.370448][T16691]   ret_from_fork+0x5d7/0x6f0
[  297.372185][T16691]   ret_from_fork_asm+0x1a/0x30
[  297.374180][T16691] 
[  297.374180][T16691] to a SOFTIRQ-irq-unsafe lock:
[  297.376795][T16691]  (tasklist_lock){.+.+}-{3:3}
[  297.376816][T16691] 
[  297.376816][T16691] ... which became SOFTIRQ-irq-unsafe at:
[  297.381909][T16691] ...
[  297.381916][T16691]   lock_acquire+0x179/0x350
[  297.384334][T16691]   _raw_read_lock+0x5f/0x70
[  297.385984][T16691]   __do_wait+0x105/0x890
[  297.387377][T16691]   do_wait+0x21e/0x5a0
[  297.388676][T16691]   kernel_wait+0x9f/0x160
[  297.390512][T16691]   call_usermodehelper_exec_work+0xf1/0x170
[  297.392803][T16691]   process_one_work+0x9cf/0x1b70
[  297.394709][T16691]   worker_thread+0x6c8/0xf10
[  297.396282][T16691]   kthread+0x3c5/0x780
[  297.397853][T16691]   ret_from_fork+0x5d7/0x6f0
[  297.399533][T16691]   ret_from_fork_asm+0x1a/0x30
[  297.401454][T16691] 
[  297.401454][T16691] other info that might help us debug this:
[  297.401454][T16691] 
[  297.405306][T16691] Chain exists of:
[  297.405306][T16691]   &client->buffer_lock --> &new->fa_lock --> tasklist_lock
[  297.405306][T16691] 
[  297.410360][T16691]  Possible interrupt unsafe locking scenario:
[  297.410360][T16691] 
[  297.413605][T16691]        CPU0                    CPU1
[  297.415431][T16691]        ----                    ----
[  297.417271][T16691]   lock(tasklist_lock);
[  297.418689][T16691]                                local_irq_disable();
[  297.421303][T16691]                                lock(&client->buffer_lock);
[  297.423869][T16691]                                lock(&new->fa_lock);
[  297.426376][T16691]   <Interrupt>
[  297.427683][T16691]     lock(&client->buffer_lock);
[  297.429247][T16691] 
[  297.429247][T16691]  *** DEADLOCK ***
[  297.429247][T16691] 
[  297.431625][T16691] 7 locks held by syz.6.3161/16691:
[  297.433168][T16691]  #0: ffff88810761a118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x206/0x750
[  297.435922][T16691]  #1: ffff88802441d230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0
[  297.438903][T16691]  #2: ffffffff8e5c1220 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x3b0
[  297.441890][T16691]  #3: ffffffff8e5c1220 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x880
[  297.445149][T16691]  #4: ffffffff8e5c1220 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390
[  297.448211][T16691]  #5: ffff888054fcf028 (&client->buffer_lock){..-.}-{3:3}, at: evdev_pass_values+0x10e/0x9b0
[  297.451719][T16691]  #6: ffffffff8e5c1220 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510
[  297.455926][T16691] 
[  297.455926][T16691] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  297.459696][T16691] -> (&client->buffer_lock){..-.}-{3:3} {
[  297.461823][T16691]    IN-SOFTIRQ-W at:
[  297.463208][T16691]                     lock_acquire+0x179/0x350
[  297.465455][T16691]                     _raw_spin_lock+0x2e/0x40
[  297.467602][T16691]                     evdev_pass_values+0x10e/0x9b0
[  297.469664][T16691]                     evdev_events+0x1bb/0x390
[  297.471593][T16691]                     input_pass_values+0x74b/0x880
[  297.473739][T16691]                     input_handle_event+0xb29/0x14d0
[  297.475876][T16691]                     input_inject_event+0x1e8/0x3b0
[  297.477942][T16691]                     led_set_brightness+0x217/0x290
[  297.480029][T16691]                     led_trigger_event+0xda/0x270
[  297.482113][T16691]                     kbd_bh+0x21b/0x300
[  297.483909][T16691]                     tasklet_action_common+0x281/0x400
[  297.486148][T16691]                     handle_softirqs+0x216/0x8e0
[  297.488478][T16691]                     run_ksoftirqd+0x3a/0x60
[  297.490526][T16691]                     smpboot_thread_fn+0x3f4/0xae0
[  297.492642][T16691]                     kthread+0x3c5/0x780
[  297.494534][T16691]                     ret_from_fork+0x5d7/0x6f0
[  297.496700][T16691]                     ret_from_fork_asm+0x1a/0x30
[  297.498876][T16691]    INITIAL USE at:
[  297.500170][T16691]                    lock_acquire+0x179/0x350
[  297.502374][T16691]                    _raw_spin_lock_irqsave+0x3a/0x60
[  297.505037][T16691]                    evdev_do_ioctl+0x347/0x1b30
[  297.507425][T16691]                    evdev_ioctl+0x16f/0x1a0
[  297.509479][T16691]                    __x64_sys_ioctl+0x18b/0x210
[  297.511987][T16691]                    do_syscall_64+0xcd/0x4c0
[  297.514318][T16691]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.517041][T16691]  }
[  297.517905][T16691]  ... key      at: [<ffffffff9b15f3a0>] __key.1+0x0/0x40
[  297.520514][T16691] 
[  297.520514][T16691] the dependencies between the lock to be acquired
[  297.520524][T16691]  and SOFTIRQ-irq-unsafe lock:
[  297.525795][T16691]   -> (tasklist_lock){.+.+}-{3:3} {
[  297.527772][T16691]      HARDIRQ-ON-R at:
[  297.529460][T16691]                         lock_acquire+0x179/0x350
[  297.532169][T16691]                         _raw_read_lock+0x5f/0x70
[  297.534635][T16691]                         __do_wait+0x105/0x890
[  297.537124][T16691]                         do_wait+0x21e/0x5a0
[  297.539598][T16691]                         kernel_wait+0x9f/0x160
[  297.542121][T16691]                         call_usermodehelper_exec_work+0xf1/0x170
[  297.545341][T16691]                         process_one_work+0x9cf/0x1b70
[  297.548136][T16691]                         worker_thread+0x6c8/0xf10
[  297.550822][T16691]                         kthread+0x3c5/0x780
[  297.553739][T16691]                         ret_from_fork+0x5d7/0x6f0
[  297.556501][T16691]                         ret_from_fork_asm+0x1a/0x30
[  297.559235][T16691]      SOFTIRQ-ON-R at:
[  297.560774][T16691]                         lock_acquire+0x179/0x350
[  297.563276][T16691]                         _raw_read_lock+0x5f/0x70
[  297.565743][T16691]                         __do_wait+0x105/0x890
[  297.568171][T16691]                         do_wait+0x21e/0x5a0
[  297.570642][T16691]                         kernel_wait+0x9f/0x160
[  297.573226][T16691]                         call_usermodehelper_exec_work+0xf1/0x170
[  297.576415][T16691]                         process_one_work+0x9cf/0x1b70
[  297.579140][T16691]                         worker_thread+0x6c8/0xf10
[  297.581728][T16691]                         kthread+0x3c5/0x780
[  297.584276][T16691]                         ret_from_fork+0x5d7/0x6f0
[  297.586922][T16691]                         ret_from_fork_asm+0x1a/0x30
[  297.589697][T16691]      INITIAL USE at:
[  297.591432][T16691]                        lock_acquire+0x179/0x350
[  297.594160][T16691]                        _raw_write_lock_irq+0x36/0x50
[  297.596923][T16691]                        copy_process+0x4caf/0x7690
[  297.599593][T16691]                        kernel_clone+0xfc/0x930
[  297.602300][T16691]                        user_mode_thread+0xc7/0x110
[  297.604981][T16691]                        rest_init+0x23/0x2b0
[  297.607444][T16691]                        start_kernel+0x3ee/0x4d0
[  297.610099][T16691]                        x86_64_start_reservations+0x18/0x30
[  297.613041][T16691]                        x86_64_start_kernel+0x130/0x190
[  297.615808][T16691]                        common_startup_64+0x13e/0x148
[  297.618627][T16691]      INITIAL READ USE at:
[  297.620524][T16691]                             lock_acquire+0x179/0x350
[  297.623256][T16691]                             _raw_read_lock+0x5f/0x70
[  297.625807][T16691]                             __do_wait+0x105/0x890
[  297.628458][T16691]                             do_wait+0x21e/0x5a0
[  297.631079][T16691]                             kernel_wait+0x9f/0x160
[  297.633803][T16691]                             call_usermodehelper_exec_work+0xf1/0x170
[  297.637141][T16691]                             process_one_work+0x9cf/0x1b70
[  297.640280][T16691]                             worker_thread+0x6c8/0xf10
[  297.643190][T16691]                             kthread+0x3c5/0x780
[  297.645839][T16691]                             ret_from_fork+0x5d7/0x6f0
[  297.648676][T16691]                             ret_from_fork_asm+0x1a/0x30
[  297.651587][T16691]    }
[  297.652756][T16691]    ... key      at: [<ffffffff8e20c098>] tasklist_lock+0x18/0x40
[  297.656182][T16691]    ... acquired at:
[  297.658063][T16691]    _raw_read_lock+0x5f/0x70
[  297.660132][T16691]    send_sigurg+0xed/0xc80
[  297.662093][T16691]    sk_send_sigurg+0x76/0x360
[  297.664084][T16691]    unix_stream_sendmsg+0xfa5/0x1340
[  297.666311][T16691]    ____sys_sendmsg+0xa98/0xc70
[  297.668356][T16691]    ___sys_sendmsg+0x134/0x1d0
[  297.670353][T16691]    __sys_sendmsg+0x16d/0x220
[  297.672327][T16691]    do_syscall_64+0xcd/0x4c0
[  297.674244][T16691]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.676720][T16691] 
[  297.677730][T16691]  -> (&f_owner->lock){....}-{3:3} {
[  297.679876][T16691]     INITIAL USE at:
[  297.681507][T16691]                      lock_acquire+0x179/0x350
[  297.683999][T16691]                      _raw_write_lock_irq+0x36/0x50
[  297.686749][T16691]                      __f_setown+0x61/0x3c0
[  297.689186][T16691]                      generic_setlease+0xeef/0x1300
[  297.691953][T16691]                      kernel_setlease+0x106/0x140
[  297.694565][T16691]                      vfs_setlease+0x258/0x2d0
[  297.697134][T16691]                      fcntl_setlease+0x3ed/0x5a0
[  297.699758][T16691]                      do_fcntl+0x751/0x15a0
[  297.702237][T16691]                      __x64_sys_fcntl+0x163/0x200
[  297.704939][T16691]                      do_syscall_64+0xcd/0x4c0
[  297.708091][T16691]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.711489][T16691]     INITIAL READ USE at:
[  297.713295][T16691]                           lock_acquire+0x179/0x350
[  297.716076][T16691]                           _raw_read_lock_irqsave+0x74/0x90
[  297.718567][T16691]                           send_sigio+0x31/0x3e0
[  297.720748][T16691]                           dnotify_handle_event+0x15e/0x2b0
[  297.723168][T16691]                           fsnotify_handle_inode_event.isra.0+0x1e2/0x3f0
[  297.725755][T16691]                           fsnotify+0x13d6/0x1dc0
[  297.727763][T16691]                           fsnotify_move+0x26a/0x740
[  297.729857][T16691]                           vfs_rename+0x7dc/0x22c0
[  297.732109][T16691]                           do_renameat2+0x7f9/0xc50
[  297.734370][T16691]                           __x64_sys_renameat2+0xe7/0x130
[  297.736808][T16691]                           do_syscall_64+0xcd/0x4c0
[  297.738884][T16691]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.741272][T16691]   }
[  297.742124][T16691]   ... key      at: [<ffffffff9ae8f360>] __key.1+0x0/0x40
[  297.744311][T16691]   ... acquired at:
[  297.745535][T16691]    _raw_read_lock_irqsave+0x74/0x90
[  297.747160][T16691]    send_sigio+0x31/0x3e0
[  297.748543][T16691]    kill_fasync+0x214/0x510
[  297.749979][T16691]    lease_break_callback+0x23/0x30
[  297.751585][T16691]    __break_lease+0x674/0x1810
[  297.753073][T16691]    do_dentry_open+0x91f/0x1530
[  297.754575][T16691]    vfs_open+0x82/0x3f0
[  297.755897][T16691]    path_openat+0x1de4/0x2cb0
[  297.757399][T16691]    do_filp_open+0x20b/0x470
[  297.758866][T16691]    do_sys_openat2+0x11b/0x1d0
[  297.760384][T16691]    __x64_sys_openat+0x174/0x210
[  297.761956][T16691]    do_syscall_64+0xcd/0x4c0
[  297.763434][T16691]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.765285][T16691] 
[  297.766028][T16691] -> (&new->fa_lock){...-}-{3:3} {
[  297.767601][T16691]    IN-SOFTIRQ-R at:
[  297.768850][T16691]                     lock_acquire+0x179/0x350
[  297.770848][T16691]                     _raw_read_lock_irqsave+0x46/0x90
[  297.773510][T16691]                     kill_fasync+0x138/0x510
[  297.775838][T16691]                     sock_wake_async+0x132/0x160
[  297.778318][T16691]                     sock_def_error_report+0x352/0x400
[  297.780956][T16691]                     sk_error_report+0x3c/0x290
[  297.783368][T16691]                     sock_queue_err_skb+0x37b/0x790
[  297.785944][T16691]                     ip_icmp_error+0x479/0x8a0
[  297.788310][T16691]                     tcp_v4_err+0xbe8/0x1860
[  297.790620][T16691]                     icmp_socket_deliver+0x1c2/0x410
[  297.793274][T16691]                     icmp_unreach+0x385/0xf40
[  297.795633][T16691]                     icmp_rcv+0xafa/0x1140
[  297.797885][T16691]                     ip_protocol_deliver_rcu+0x447/0x4c0
[  297.800545][T16691]                     ip_local_deliver_finish+0x3f2/0x720
[  297.803245][T16691]                     ip_local_deliver+0x18e/0x1f0
[  297.805696][T16691]                     ip_rcv+0x2e0/0x600
[  297.807817][T16691]                     __netif_receive_skb_one_core+0x197/0x1e0
[  297.810606][T16691]                     __netif_receive_skb+0x1d/0x160
[  297.813158][T16691]                     process_backlog+0x442/0x15e0
[  297.815676][T16691]                     __napi_poll.constprop.0+0xba/0x550
[  297.818410][T16691]                     net_rx_action+0xa9f/0xfe0
[  297.820833][T16691]                     handle_softirqs+0x216/0x8e0
[  297.823341][T16691]                     do_softirq+0xb2/0xf0
[  297.825598][T16691]                     __local_bh_enable_ip+0x100/0x120
[  297.828232][T16691]                     __icmp_send+0xd3b/0x1960
[  297.830651][T16691]                     ip_vs_leave+0x4d5/0x1160
[  297.833036][T16691]                     tcp_conn_schedule+0x66d/0x830
[  297.835547][T16691]                     ip_vs_in_hook+0xe04/0x27a0
[  297.838025][T16691]                     nf_hook_slow+0xbe/0x200
[  297.840660][T16691]                     nf_hook+0x370/0x680
[  297.843045][T16691]                     __ip_local_out+0x33a/0x7c0
[  297.845574][T16691]                     __ip_queue_xmit+0x872/0x2620
[  297.848011][T16691]                     __tcp_transmit_skb+0x265f/0x3df0
[  297.850592][T16691]                     tcp_connect+0x23e7/0x4e10
[  297.852984][T16691]                     tcp_v4_connect+0x153a/0x1bb0
[  297.855514][T16691]                     __inet_stream_connect+0x914/0xf60
[  297.858257][T16691]                     tcp_sendmsg_fastopen+0x3ed/0x750
[  297.860928][T16691]                     tcp_sendmsg_locked+0x23ff/0x42a0
[  297.864085][T16691]                     tcp_sendmsg+0x2e/0x50
[  297.866581][T16691]                     inet_sendmsg+0xb9/0x140
[  297.868979][T16691]                     ____sys_sendmsg+0x973/0xc70
[  297.871430][T16691]                     ___sys_sendmsg+0x134/0x1d0
[  297.873966][T16691]                     __sys_sendmsg+0x16d/0x220
[  297.876326][T16691]                     do_syscall_64+0xcd/0x4c0
[  297.878659][T16691]                     entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.881506][T16691]    INITIAL USE at:
[  297.883042][T16691]                    lock_acquire+0x179/0x350
[  297.885378][T16691]                    _raw_write_lock_irq+0x36/0x50
[  297.887825][T16691]                    fasync_remove_entry+0xb2/0x1e0
[  297.890356][T16691]                    fasync_helper+0xaf/0xd0
[  297.892650][T16691]                    pipe_fasync+0x117/0x200
[  297.894918][T16691]                    __fput+0x968/0xb70
[  297.896992][T16691]                    task_work_run+0x14d/0x240
[  297.899292][T16691]                    exit_to_user_mode_loop+0xeb/0x110
[  297.901902][T16691]                    do_syscall_64+0x3f6/0x4c0
[  297.904206][T16691]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.907119][T16691]    INITIAL READ USE at:
[  297.908949][T16691]                         lock_acquire+0x179/0x350
[  297.911664][T16691]                         _raw_read_lock_irqsave+0x46/0x90
[  297.914628][T16691]                         kill_fasync+0x138/0x510
[  297.917050][T16691]                         sock_wake_async+0x132/0x160
[  297.919549][T16691]                         sock_def_error_report+0x352/0x400
[  297.922303][T16691]                         sk_error_report+0x3c/0x290
[  297.924889][T16691]                         sock_queue_err_skb+0x37b/0x790
[  297.927513][T16691]                         ip_icmp_error+0x479/0x8a0
[  297.929987][T16691]                         tcp_v4_err+0xbe8/0x1860
[  297.932372][T16691]                         icmp_socket_deliver+0x1c2/0x410
[  297.935046][T16691]                         icmp_unreach+0x385/0xf40
[  297.937501][T16691]                         icmp_rcv+0xafa/0x1140
[  297.939871][T16691]                         ip_protocol_deliver_rcu+0x447/0x4c0
[  297.942730][T16691]                         ip_local_deliver_finish+0x3f2/0x720
[  297.945657][T16691]                         ip_local_deliver+0x18e/0x1f0
[  297.948208][T16691]                         ip_rcv+0x2e0/0x600
[  297.950459][T16691]                         __netif_receive_skb_one_core+0x197/0x1e0
[  297.953528][T16691]                         __netif_receive_skb+0x1d/0x160
[  297.956206][T16691]                         process_backlog+0x442/0x15e0
[  297.958839][T16691]                         __napi_poll.constprop.0+0xba/0x550
[  297.961705][T16691]                         net_rx_action+0xa9f/0xfe0
[  297.964228][T16691]                         handle_softirqs+0x216/0x8e0
[  297.966833][T16691]                         do_softirq+0xb2/0xf0
[  297.969195][T16691]                         __local_bh_enable_ip+0x100/0x120
[  297.972114][T16691]                         __icmp_send+0xd3b/0x1960
[  297.974795][T16691]                         ip_vs_leave+0x4d5/0x1160
[  297.977294][T16691]                         tcp_conn_schedule+0x66d/0x830
[  297.979874][T16691]                         ip_vs_in_hook+0xe04/0x27a0
[  297.982432][T16691]                         nf_hook_slow+0xbe/0x200
[  297.984827][T16691]                         nf_hook+0x370/0x680
[  297.987145][T16691]                         __ip_local_out+0x33a/0x7c0
[  297.989639][T16691]                         __ip_queue_xmit+0x872/0x2620
[  297.992187][T16691]                         __tcp_transmit_skb+0x265f/0x3df0
[  297.995102][T16691]                         tcp_connect+0x23e7/0x4e10
[  297.997820][T16691]                         tcp_v4_connect+0x153a/0x1bb0
[  298.000681][T16691]                         __inet_stream_connect+0x914/0xf60
[  298.003638][T16691]                         tcp_sendmsg_fastopen+0x3ed/0x750
[  298.006368][T16691]                         tcp_sendmsg_locked+0x23ff/0x42a0
[  298.008946][T16691]                         tcp_sendmsg+0x2e/0x50
[  298.011027][T16691]                         inet_sendmsg+0xb9/0x140
[  298.013090][T16691]                         ____sys_sendmsg+0x973/0xc70
[  298.015651][T16691]                         ___sys_sendmsg+0x134/0x1d0
[  298.018242][T16691]                         __sys_sendmsg+0x16d/0x220
[  298.020764][T16691]                         do_syscall_64+0xcd/0x4c0
[  298.023196][T16691]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.026181][T16691]  }
[  298.027177][T16691]  ... key      at: [<ffffffff9ae8f320>] __key.0+0x0/0x40
[  298.029823][T16691]  ... acquired at:
[  298.031197][T16691]    lock_acquire+0x179/0x350
[  298.032746][T16691]    _raw_read_lock_irqsave+0x74/0x90
[  298.034538][T16691]    kill_fasync+0x138/0x510
[  298.036135][T16691]    evdev_pass_values+0x619/0x9b0
[  298.038050][T16691]    evdev_events+0x1bb/0x390
[  298.039807][T16691]    input_pass_values+0x74b/0x880
[  298.041588][T16691]    input_handle_event+0xf00/0x14d0
[  298.043238][T16691]    input_inject_event+0x1e8/0x3b0
[  298.044830][T16691]    evdev_write+0x457/0x750
[  298.046327][T16691]    vfs_write+0x29d/0x11d0
[  298.047770][T16691]    ksys_write+0x1f8/0x250
[  298.049248][T16691]    do_syscall_64+0xcd/0x4c0
[  298.050809][T16691]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.052761][T16691] 
[  298.053520][T16691] 
[  298.053520][T16691] stack backtrace:
[  298.055321][T16691] CPU: 1 UID: 0 PID: 16691 Comm: syz.6.3161 Not tainted syzkaller #0 PREEMPT(full) 
[  298.055336][T16691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  298.055344][T16691] Call Trace:
[  298.055350][T16691]  <TASK>
[  298.055355][T16691]  dump_stack_lvl+0x116/0x1f0
[  298.055370][T16691]  check_irq_usage+0x7dc/0x920
[  298.055387][T16691]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  298.055403][T16691]  ? check_path.constprop.0+0x24/0x50
[  298.055421][T16691]  ? __lock_acquire+0x12bc/0x1ce0
[  298.055437][T16691]  __lock_acquire+0x12bc/0x1ce0
[  298.055456][T16691]  lock_acquire+0x179/0x350
[  298.055473][T16691]  ? kill_fasync+0x138/0x510
[  298.055490][T16691]  _raw_read_lock_irqsave+0x74/0x90
[  298.055502][T16691]  ? kill_fasync+0x138/0x510
[  298.055517][T16691]  kill_fasync+0x138/0x510
[  298.055533][T16691]  evdev_pass_values+0x619/0x9b0
[  298.055550][T16691]  evdev_events+0x1bb/0x390
[  298.055566][T16691]  input_pass_values+0x74b/0x880
[  298.055582][T16691]  input_handle_event+0xf00/0x14d0
[  298.055597][T16691]  ? _copy_from_user+0x59/0xd0
[  298.055613][T16691]  input_inject_event+0x1e8/0x3b0
[  298.055629][T16691]  evdev_write+0x457/0x750
[  298.055646][T16691]  ? __pfx_evdev_write+0x10/0x10
[  298.055661][T16691]  ? bpf_lsm_file_permission+0x9/0x10
[  298.055676][T16691]  ? security_file_permission+0x71/0x210
[  298.055695][T16691]  ? rw_verify_area+0xcf/0x6c0
[  298.055712][T16691]  ? __pfx_evdev_write+0x10/0x10
[  298.055727][T16691]  vfs_write+0x29d/0x11d0
[  298.055739][T16691]  ? __pfx_vfs_write+0x10/0x10
[  298.055750][T16691]  ? find_held_lock+0x2b/0x80
[  298.055763][T16691]  ? __fget_files+0x204/0x3c0
[  298.055776][T16691]  ? __fget_files+0x20e/0x3c0
[  298.055789][T16691]  ksys_write+0x1f8/0x250
[  298.055800][T16691]  ? __pfx_ksys_write+0x10/0x10
[  298.055812][T16691]  do_syscall_64+0xcd/0x4c0
[  298.055825][T16691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.055837][T16691] RIP: 0033:0x7f40a658ebe9
[  298.055846][T16691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.055856][T16691] RSP: 002b:00007f40a737f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  298.055867][T16691] RAX: ffffffffffffffda RBX: 00007f40a67b5fa0 RCX: 00007f40a658ebe9
[  298.055875][T16691] RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000004
[  298.055881][T16691] RBP: 00007f40a6611e19 R08: 0000000000000000 R09: 0000000000000000
[  298.055888][T16691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.055895][T16691] R13: 00007f40a67b6038 R14: 00007f40a67b5fa0 R15: 00007ffc24a10278
[  298.055906][T16691]  </TASK>
[  298.229267][ T5840] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  298.229364][  T839] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  298.379250][ T5840] usb 10-1: Using ep0 maxpacket: 8
[  298.380591][  T839] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  298.382298][ T5840] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[  298.385080][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.386741][ T5840] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[  298.390238][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.392977][ T5840] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[  298.396930][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.400265][ T5840] usb 10-1: config 250 has no interface number 0
[  298.403789][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.405066][ T5840] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  298.408643][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.413202][ T5840] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  298.418008][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.421530][ T5840] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 513
[  298.421548][ T5840] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  298.421563][ T5840] usb 10-1: config 250 interface 228 has no altsetting 0
[  298.423269][ T5840] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  298.425288][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.427267][ T5840] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  298.432494][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.434600][ T5840] usb 10-1: Product: syz
[  298.437862][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.441036][ T5840] usb 10-1: SerialNumber: syz
[  298.443911][ T5840] hub 10-1:250.228: bad descriptor, ignoring hub
[  298.445939][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.448514][ T5840] hub 10-1:250.228: probe with driver hub failed with error -5
[  298.462669][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.467059][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.470558][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.474133][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.477869][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.482066][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.485839][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.490700][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.494269][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.497983][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.502505][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.506287][  T839] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.509821][  T839] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.514088][  T839] usb 5-1: config 0 interface 0 has no altsetting 0
[  298.518383][  T839] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  298.521973][  T839] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  298.525668][  T839] usb 5-1: Product: syz
[  298.526986][  T839] usb 5-1: Manufacturer: syz
[  298.528667][  T839] usb 5-1: SerialNumber: syz
[  298.531727][  T839] usb 5-1: config 0 descriptor??
[  298.536109][  T839] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  298.647008][ T5840] usblp 10-1:250.228: usblp1: USB Bidirectional printer dev 11 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  298.845557][T16698] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.848592][T16698] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.905692][    C2] usb 5-1: yurex_control_callback - control failed: -71
[  298.906709][ T5840] usb 5-1: USB disconnect, device number 47
[  298.911456][ T5840] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  299.009455][ T6339] usb 10-1: USB disconnect, device number 11
[  299.012860][ T6339] usblp1: removed
[  299.350154][  T839] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  299.499299][  T839] usb 10-1: Using ep0 maxpacket: 8
[  299.503134][  T839] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[  299.506571][  T839] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[  299.510195][  T839] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[  299.513433][  T839] usb 10-1: config 250 has no interface number 0
[  299.515556][  T839] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  299.519331][  T839] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  299.522842][  T839] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 513
[  299.527140][  T839] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  299.532727][  T839] usb 10-1: config 250 interface 228 has no altsetting 0
[  299.537058][  T839] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  299.540405][  T839] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  299.543131][  T839] usb 10-1: Product: syz
[  299.544731][  T839] usb 10-1: SerialNumber: syz
[  299.548478][  T839] hub 10-1:250.228: bad descriptor, ignoring hub
[  299.551221][  T839] hub 10-1:250.228: probe with driver hub failed with error -5
[  299.756001][  T839] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 12 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  299.779441][  T839] usb 10-1: USB disconnect, device number 12
[  299.782476][  T839] usblp0: removed

VM DIAGNOSIS:
16:11:21  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88806a53fe80 RCX=ffffffff81af8c71 RDX=ffff88803294a440
RSI=ffffffff81af8c4b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900055ef678
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed100d4a7fd1 R14=0000000000000001 R15=0000000000000001
RIP=ffffffff81af8c52 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f371b04f880 ffffffff 00c00000
GS =0000 ffff8880d66b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffcda75dad0 CR3=0000000024590000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000e4000000 Opmask01=00000000c0000000 Opmask02=00000000ffff7fdf Opmask03=0000000020400004
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556505ecdf60 0000556505ecdf60
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556505ed7de0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556505c81940
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556505c819c0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 737326167698e483 7373261320eb3659
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f5dd20b55b4d1f5a 7373737625232db7
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 61672f302e636475 5f796d6d75642f6d 726f6674616c702f 736563697665642f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556505ebd660 00007f371a9f1b80 0000000000000071 0000000000000030
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 86ae53c6283e6c29 0000000556505eb5 0000000000000151 0000003077617264
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312c3061722c3332 322c3232322c3132 322c3032322c4533 312c4433312c4333
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312c4233312c4133 312c3733312c3633 312c3433312c3333 312c3133312c3033
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 316b2c35312c332c 312c30652d303030 3065343030307042 4132317633303030
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c4137312c393731 2c3837312c373731 2c3637312c353731 2c3437312c333731
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85643c85 RDI=ffffffff9b1110a0 RBP=ffffffff9b111060 RSP=ffffc900042a72e8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=31332e362e7a7973
R12=0000000000000000 R13=0000000000000039 R14=ffffffff9b111060 R15=ffffffff85643c20
RIP=ffffffff85643caf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f40a737f6c0 ffffffff 00c00000
GS =0000 ffff8880d67b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffcda75cbef CR3=00000000243cc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffe0000 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc24a10786
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc24a10786 00007ffc24a1078c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 746e6576652f7475 706e692f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000013 574d4655460c5756 534d4a0c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001c01c4 RBX=0000000000000002 RCX=ffffffff8b93bc29 RDX=ffffed100d4c6656
RSI=ffffffff8c162880 RDI=ffffffff81913331 RBP=ffffed1003bd7910 RSP=ffffc90000187df8
R8 =0000000000000000 R9 =ffffed100d4c6655 R10=ffff88806a6332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801debc880 R14=ffffffff90ab4c90 R15=0000000000000000
RIP=ffffffff8b93a78f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f25eefb7dac CR3=000000004def9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdfa8bd4a0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdfa8bd626
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdfa8bd626 00007ffdfa8bd62c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f25eee12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f25eee12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f25eee12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f25eee12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f25eee12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f25eee12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001e06f4 RBX=0000000000000003 RCX=ffffffff8b93bc29 RDX=ffffed100d4e6656
RSI=ffffffff8c162880 RDI=ffffffff81913331 RBP=ffffed1003bda000 RSP=ffffc90000197df8
R8 =0000000000000000 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801ded0000 R14=ffffffff90ab4c90 R15=0000000000000000
RIP=ffffffff8b93a78f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000556505ed59d0 CR3=00000000505cc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc24a10600 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc24a10786
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc24a10786 00007ffc24a1078c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f40a6612fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000