last executing test programs:

6.025415487s ago: executing program 0 (id=490):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x441, 0x1da)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000002840)={0x2158, 0x0, 0x10, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_CSA_IES={0x2144, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_IE_PROBE_RESP={0xd2, 0x7f, [@measure_req={0x26, 0x10, {0x2, 0x3, 0x0, "fc49d05c36efbe2f6191514432"}}, @peer_mgmt={0x75, 0x16, {0x0, 0x10, @void, @val=0x1c, @val="1bea39db9099ae7780fecfa32cb250ef"}}, @fast_bss_trans={0x37, 0x52, {0x6, 0x0, "78c3cee253cc0b21612869d855ba6257", "92126c32dfc1282eedf659a217f4e46c446683a2f8477e1642ac3a0ba0bf81cc", "fa73cc2a9a13cd2c8a7a2caf8aa8aa7d97cdd8d49690b9d69b334d5b295ffcd9"}}, @preq={0x82, 0x41, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x1, 0x0, 0x1ff, @device_b, 0x1000, @value=@device_b, 0x32, 0x81, 0x3, [{{0x0, 0x0, 0x1}, @device_a, 0x5}, {{0x1, 0x0, 0x1}, @broadcast, 0x1}, {{0x1, 0x0, 0x1}, @device_a, 0x7f}]}}, @mesh_id={0x72, 0x6}, @channel_switch={0x25, 0x3, {0x0, 0x46, 0x2}}]}, @NL80211_ATTR_IE_PROBE_RESP={0x7f, 0x7f, [@preq={0x82, 0x4c, {{0x1, 0x1, 0x0, 0x0, 0x1}, 0x4, 0xb7, 0x1, @device_a, 0xad5d, @value=@device_b, 0x8, 0x8, 0x4, [{{0x1}, @broadcast, 0x8}, {{0x0, 0x0, 0x1}, @broadcast, 0x3}, {{0x0, 0x0, 0x1}, @broadcast, 0xce5}, {{0x1}, @device_b, 0x7}]}}, @random={0xf9, 0x13, "febb3e0f7a22bc2763a9b0b17cfe47303517da"}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x13, 0x8, 0x1}}, @ssid={0x0, 0x6, @default_ap_ssid}, @chsw_timing={0x68, 0x4, {0x2, 0x6}}, @ibss={0x6, 0x2, 0x216c}]}, @NL80211_ATTR_BEACON_HEAD={0x139, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x8}, @device_a, @device_b, @from_mac=@device_b, {0xc, 0x420}, @value=@ver_80211n={0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}, 0x8, @default, 0x7dbde27ab581bf83, @void, @val={0x1, 0x6, [{0x30}, {0x2}, {0xb}, {0x12}, {0x36}, {0x6}]}, @val={0x3, 0x1, 0x68}, @void, @val={0x6, 0x2, 0x9f0e}, @void, @val={0x25, 0x3, {0x0, 0x64, 0x81}}, @void, @void, @void, @void, @void, @void, [{0xdd, 0x35, "4be2a9f98aacec3166e97f8a06aa3402215a8d5c01ba5a2ca935691c3ab10bd0ed17351ef68faf4b5987d2c67d85534bc7ee7b09d1"}, {0xdd, 0x9d, "552f132575f6ea3dd8d6e342cdb857c1188f99fb899a766923904863f9bcefaf35f03f5dde0f013d41ed5544a890c5511c2dfd9433a734cad3f2cc6df26292a60c3770115a6f8566357104d9359cebf0d0e4144399240f3c6e7f43bb182e1fd1c6133167506ed9341db89cca60703d256b50a0ac7e269cdc2b1e12ce016ed7546416917090382690e411486cef38ca746a9e89026fb3fa61786e6cb9b3"}, {0xdd, 0x21, "5bdee2ddb8384b80b1eee32a3751ff87b6ccf77700056157274cf296191e3952a3"}]}}, @NL80211_ATTR_BEACON_TAIL={0x1e0, 0xf, [@rann={0x7e, 0x15, {{0x1, 0x2}, 0x9, 0x25, @device_a, 0x6, 0xce60, 0xdac}}, @fast_bss_trans={0x37, 0x124, {0x2, 0x8, "1c31e4d1aca2b984267eb627677b0383", "012274419119a293085f781ac73f2e069546ea86403ef40c032abe8a4db24195", "bfaf13fc8442b8b2efbdec9d75dda7a0ead709c366b2f41cc3e251a92d1fa4f3", [{0x4, 0x21, "70e45c6125c0b4303a615ed8e8a3abd2d1565d336ee474ede981e7845c0b993086"}, {0x4, 0x1, 'y'}, {0x2, 0x13, "ad79810af54839d8d9ca31606c1a4359d8c299"}, {0x3, 0x24, "88a06bf7a98c6794ed56f921894015821e17dc509e66046030927d682382686fbbfc9d9a"}, {0x3, 0x5, "159d34bc38"}, {0x2, 0x27, "830de3d3b7cecda035b4aa090d8968d43d21f58511b7d0d504a3b4a8b53ffbad474893e5a326c0"}, {0x2, 0x1a, "9a5692bfea9128a9c569aa5ac3c0cadaf3c6acd305ca449f4006"}, {0x1, 0x23, "28cc4dae8f12a6c925dce22d24280127bc9e8748b9fdbc0b3fec235218e7fa22a1cca8"}]}}, @channel_switch={0x25, 0x3, {0x1, 0xb7, 0x8}}, @tim={0x5, 0x3b, {0x3, 0x8e, 0x8, "e9c29df8ef742ed5097335b1ef4bd7d300064dac9f6bcf835cf7a04c1e8bdc7a7aaf6e49dda467fd570b133eec0533081d709ca76c636824"}}, @channel_switch={0x25, 0x3, {0x1, 0x68, 0x1}}, @mic={0x8c, 0x18, {0x7ff, "5169dd935102", @long="1947385db436b43e4d67a926d77a390c"}}, @mic={0x8c, 0x18, {0xc03, "b02f95b0aa58", @long="fb6d930c8f217d3cddaf47d60a050bcf"}}, @ht={0x2d, 0x1a, {0x10, 0x0, 0x4, 0x0, {0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}, 0x400, 0x0, 0x3}}, @gcr_ga={0xbd, 0x6, @broadcast}]}, @NL80211_ATTR_BEACON_HEAD={0x2ed, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x5}, @device_a, @device_b, @random="7d8d4338c826", {0x9, 0xf8d}, @value=@ver_80211n={0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1}}, 0x0, @random=0x101, 0xa084, @void, @val={0x1, 0x5, [{0x16, 0x1}, {0x60}, {0x12, 0x1}, {0x30, 0x1}, {0x2}]}, @void, @val={0x4, 0x6, {0xd, 0x2, 0xfe01, 0x2}}, @val={0x6, 0x2, 0x4}, @val={0x5, 0x3c, {0x29, 0xeb, 0x2f, "b4fb10efb1236c711ca2e1107768876d2e526aa14cc3031ce20bb924dd292e4faf72cd192750e410582fcd1dc5965261885b2ded12de51fee1"}}, @val={0x25, 0x3, {0x1, 0x64, 0x6}}, @val={0x2a, 0x1, {0x1}}, @val={0x3c, 0x4, {0x1, 0x0, 0x3c, 0x2}}, @void, @void, @val={0x71, 0x7, {0x0, 0x1, 0x1, 0x1}}, @void, [{0xdd, 0xf8, "261427880e3592b32b72f85fb4ec5f670e6f3d4a384efcf50ea643d60e7e36619b6abcedc4fffdca14bb8f3f580b42921e4c1b3ddfc54e33e01233da78b112f51c080f126311c169efcc4e947763a4ff6eeda46665af19e09e3059c2f0ca0e4736afb5485e397dfbd90786e20d61b5115bb5649744d630f465a3d47fe01405ce70fed33d25628c04e6270b678ff90ae7d268d96ad69f7603321be560588f80949261b82ebe6e12e7b2dbbdde37ede79f03b23656d4d56298f18f6192203a22ac325e674094b87a1b09f7eb6bd7e37338cec10b0b1b716f64742ffc10ff2f834ffdb7e120c135ae4ebcda7ec0e158813828f6352141df1fdc"}, {0xdd, 0x96, "17031f55fff1aba188c34638fc45123effaeaf6974d818bd9bd27b099ccc425195ddf552a80571cb1b56dc427206628a1f8b4a4c39c73660b158afa1a59bbc0269504ed1fea505fd8f7d322aab2202c836597475e0f92c908d1024b1cd17b78f23e878bc51b05727cb885962f0f5557cb12e3c928af2a8305ec45b43561eefed90b555c5942398cc17d758bcbe8ef18813820108e736"}, {0xdd, 0xc5, "b4ea7d4764f8517bf35831b018e70ed143f4d0633d3d95ea3c92d7f96795df220ef8a28ce14aa80a8a81132a9ede4204b40293dc24953d1d2d66563b916fe467ede9231f3b4fe73ba205ec86a15e7dfacb916241da61fe1039afbe752577ac7af6000af0ee6ba3adec9974c6ffb4d89f1d7777cc4b1412c4b9e8ab3df74048a6f6948a3877c01a8912cb13569af352c7c4d30dc1b967d1c24325c73421d4e276005a76722fed106aeaab80ac98e426c58890775cb4d139d383fb91cc6b2d8825999953c65c"}]}}, @NL80211_ATTR_IE={0x18f, 0x2a, [@perr={0x84, 0x88, {0x6, 0x8, [{{0x0, 0x1}, @device_a, 0x4, @value=@broadcast, 0x1}, {{0x0, 0x1}, @device_a, 0xd0, @value=@device_b, 0x2f}, {{}, @broadcast, 0x2, @void, 0x34}, {{0x0, 0x1}, @broadcast, 0x0, @value=@broadcast, 0x23}, {{}, @device_a, 0x4, @void, 0x14}, {{0x0, 0x1}, @device_b, 0x7, @value=@broadcast, 0x5}, {{0x0, 0x1}, @device_a, 0x7, @value=@broadcast, 0x25}, {{}, @device_b, 0x6, @void, 0x38}]}}, @mesh_id={0x72, 0x6}, @random={0xe, 0xe9, "bee928dc5343b19ecfcb9ad4167090add80aed8536bff61750ecd1b0bb63afee80f60f5a335258d3d71f720c63b63bf3cf1ec1e8ea20bffb06e7f556823132dad83653886f4992e0e1a1ee7804020fb587f2f18be83df2d9fb82780cb64c6cd19599d99af7d3eac7e27516acc991bfc11fe953d298f3ec8400bb78551aa9f81ca2a39b899317289ad1c0b6afa3feab1425863eb19281ce80001708717865322394ad9aff775df2a46b0a46dbd561d3144e50c94eeb84c9a733adef3d938948d16443e8cfb97a18b37639c88900d6373f6b9d7387d2b60f2bd309443a8ce69025166503444c1e0d9612"}, @channel_switch={0x25, 0x3, {0x0, 0x24, 0xf7}}, @erp={0x2a, 0x1, {0x1, 0x0, 0x1}}, @chsw_timing={0x68, 0x4, {0x9, 0x9}}]}, @NL80211_ATTR_PROBE_RESP={0x238, 0x91, "cb732489fd9f2aa263254d53e15bb517a94cd20dbc45f696d658445a797df0062e489e35aa7fc0f924d07e702c5fa2d178313dcbc7a2f7355be207a6e055c617217a8782d3070450a2269d16f3c3c0b2ace0f7090c5af324099efe1e7c6869748e64cd83d8502494dc18b4b9218f5bcb1a036f8fd191acf37dc2a8466aa5dc742b8e2270da587884157d5f4d6b44919711fe85e9f0a6bf3bd4cb8ea25a39051f8ee4f025cf53df451edd7fafbdac425a6db8e50a63b774ae06121233c52b6e84725722c21ac6a50781b7802e48f22b3a85cf1bbc4da607c27ca91eb15db87457c9300cdd1a211e519c3024d7d1bf3e5b828cc3909cbc4d0b750a6c9bec7194efb3ac0b54f7e1348b4b1daa7037e4b81542234b3645373b36308f5fe1b5d4569e65bd415cbdf2a0c5a5e1369bb8ba52713315bf61d01462539cbe386ba4c0e936fe4aef27f4a3f63be6f9b2d241b56b37a8cf52916f593ec347ba7789e8a37f24629a61ed18678e467ddd761d9089cc20b08233eb44c03b4554d71f9caf78128dfef5dca6e35900f6865da34934e2a9df84e11615616540b676ef79e2c577fade04e3941ec38b9d92269cad04b9070296df4f03da78a2ecd332a2dd3b2712c6ec528a5a89a6ec4a8bd6a0e4d2e974ce6d30877da901cb5827d502b89837b96b906da863c9574c1e64b4201428f7388ed62bdd7e5da6680da31b4463d1c70f53c7a354f107786c75c8242981a66375726b26f318a8c87fb4ea9b76f1b3b472719ea56839b13a8a835944c7a1d0055d3a057231199b"}], @NL80211_ATTR_CSA_C_OFF_BEACON={0xe, 0xba, [0x1, 0x5, 0x6, 0x4, 0x5]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0x14, 0xba, [0x8000, 0x0, 0x1, 0x4, 0x1, 0x0, 0xff99, 0x3]}, @beacon_params=[@NL80211_ATTR_IE_PROBE_RESP={0x1123, 0x7f, [@dsss={0x3, 0x1, 0x99}, @measure_req={0x26, 0x1003, {0xe, 0x0, 0x10, "849ffbfacb590c63ea1c65b5e3dd13056ca5862aa7bffbeca179b6afa73124ba2a6d227b91fbacd2db2b9d37c8ece65cffca83dee0efc21a2b1a53e0c84e7fe74e77c5e9fafc52f757017a4f6ea5354f23dcc8517d8ff292546f1688f32f43c36e61fd571cbb1b034db086ae2b809bf3207e0969c180895f54beed1a7cdb365c46d2d2fae5c248b5326e6e8636a21ca539a6e0adf66dc0248757414cff026278ff897ab404367f0e34bcfd0f401e11bc6fed187f4ef7aac1fb30af0be08ce5b23e7a82a62a2ecd229f719051d5f1aa1cf9053434d05af6039e876cd02c314975c32c3b3c20e5b391650fd3d5a346d45df0aaedf2c31028b088f2ce57571e4e3dec0ce58848d5ae63b5473f1675568c6045390b32a29aac9dd3435a29fd9d549dee0f24ab8c4120e8050807fc2c85a7414bb339422c142e98179c66e28ba00c830b78dd10ddd6cc68fd851b4a6726f2c91c3121a56ddc126859bd4131c65d1e17159bd7a65560231155e00da8ae8fdc477c766494366cbef67bef9c5ae0ce5ed61b3244f5bc4cda1205410979f11cbf0946bba13f2a6c3ff1b7fec7955c395ab4dcf311711a9fd18a7bd376a50020168b70371850dfe1b4dcb59dcaa12a8482e3847e41e023a2e8b23a67a5772f090e8c16b4edeecd1d4675ea1e257bec4ce35ed06c76d3d93894a73d280bc515f3d3197b206741af51ff4e6f23b3c2c288e30237147658d9f46e9c11875c50d06e70572ba483664b167e3dbf7bd114162118addc64c742de6ff3fccf6d3ffc1391abac818cca4d1cc1ea3d1b15066b9beebd97dccc4334ab7acc0c041b56c5f75de8587f5dc268cf199770b1d8137723f52a7668172becfe793ffd84bf73250eda638abd9cc57e65504dc48a0c8fb4d9d24907b49ff1f68fe33f9a2118276546c72a5da19f1125e57e66062d5922d1c771040e810ba59b3b7c6397f3314e363b92887e90a4448e000c3126f9925b69d444e485ed6d8f340bfbe4028d3b4bf621c578a2618de80361ad013d71278221526665555fe8aed2b116d379e458a55c1d09f11c04b1196d419a5d1bff7f740bc8776cd2a3f5d56b772e60330b6d32f3e1d34453f05094c55084b569ccc0933cddb620afd2ae4bae9419381daf4fcda706c13d12b31199979cd47291843b3d6c2e5c076ed9bcc8eb32d0524f4cefeaa9b16f4cad41c9be0744d42a54ffd273ade3469bd56564e50a3e7e7d4db8f1ef89ceaf5570af734ace86aa171240dfe870c26277519ae24752bf853953cd9109bc3a811494baeee21e0abe7b563787fbb205534a35d67eb0eefbb2e6648b49a389f7ba3a2040a2b013784ee4bc543562149459a99e19684b9aef241e8706073a0af8b18c61fb5202c6a1caf160f12a962cc5809c94d5a583a4503bbf077f7aa0743e1270ab110028d83ef0078a77abee029578bdcd0f1522330c1224d9ef7525752bde03dc09bb45b44d2b0a15d0d60e5c7864b6c9d13231b7683936f0d17238c246eb433763bf9c18cbdb8e233cd5cabaf3e91f0e7e2ae472d0307cb0b99001525f0176828f41fe773d321ec273ffb2ad31957284c2b82298fbb2703cdc5b23441c549dc77ae8ca3021bcbc3dc98a0506abe65d32d577b5283d79a7e6807fdcfb016d0ff9dd652f6414aac25569d3fda4abf718f061fe228d99d7cb7f718e4df310eeabca9398e77f089223983d9fc0c67e2130a3386b8eaf8db74c697cc75a71eff7e4673bdfe6b0eb3de9a99396bc14dc42b84100ed4891aae0651379188fdcf4efde3d33e6cb6923b642ed61a14c68e54220f1b7b69c6455a188fbbcc6e229941ef64e7254a423403e391e6b4bdffaba0f64f04a99ef51b0322d97511ccc3022f1061856b93592646977a81753948a29ab41a21f11914d2e9f54737ce231e8c3e40523c09897250d2d4c7c2f2e9bc9cacbd3197764ad75a69d652a2fa5f2948176e862d4567d721cb11c3dfd6f9800fa3d047075c5975f495ada6b8c96310bc7e8f910436e0f52fdb00a2b22bdec0a5809dce9b6a650623466f90f45537daf14f7a55aba1f056661c42bca52e53c3139acc4102e78a326fe86e0dc892c288e76d492e016823a1559a4ca8c4964381cd466497f498232a6362490b63a9d52f695f0d7732fe20b535026369c9a74cb952f3f25b4bce3d5c61b091acd36042b43222063609368c914b33a5edc301fdb76833dbd10b6bdef94475fc63f25a655d8ab46705f434c5f911ca2921fc2e74891b0be85dcbeda5e85ce2471f623b8c7d29d995752a348ead03e3629cc1f6ae4c76080b21539e2cca43831073bf155a4c6a8cea8dcd4bd18faa0b0b336003e026bf8383fba95060ee5ac53a1edb03532deec3e74683012dd623ad87d1740575024f4e7f7783b27e1df837a60c4bb23104b0bce8b6b2bb41e8d9453286d0ef701af44867c6712dcb80119d200082675295886d7733ef9f9a9c4e3bac3a9668e33d475d3066758ccab788f008b4b0c25603989e46027e479e74650f979f98a3741feedaee138725170a42a1ba6a82ae867dc84db09b84ca463dd593fa2586df7cbaa6553c39bcc221756ccffa3daa48a91ca6e67a5f8f09c6edad131085ad5e1ba311a6487714d8cde097181b50c3852c43d818efbb9c28943813c1012d2986f21ad15be8b0f083fac3f72c631e692019478e657ce246ade060de371507286d14f5ed60cbff276c40fc92dce480452cc6e245cff509674ca98734f23fbb94144c05c8a2de1937ac15f0c018f4cf9fa723f1309fa0bb710d24dee0dcff690f257eddb17dee803cfd829c42bfa7d5812018c82252de951be8f4fd4b3360ffe78be7624958b47e9049058f31ebe25503f979afbbc6fe449d6671fa9299a2cad09f82fb94366cd16ce34db1cac4a08be4d07e655f693089c5877b8d16856e5f88d661aa18849ec3731efca6164391b2b849686427ef734da1e073871fb978ced3fdca66531b8e6ee7b2243a5fe62e743f728d84f22f1d7b65358df2e30a81d508003e7f47ca643b89c984f5f8b57de49d7c3b244cd781f1f77d1545f79d1a361066e7817b6a36884e159724e6ca9b17518dba9faa4476c023ed5552b6bbfee0aec9b5e1fe2e2db0e70d2506797c11a1e7209175df6e27f84db64929e422b5b6b64de39a094bb0f459adc778520140ae8e5971e95a9c0bbbcc1e8d3ca75de307e97146c85ba65e77e57cc75fc275424c034ab9d62620af377fbe2f393cc9bd566a790bc8ee2b4e71f71b747a2248a5ee8d119443b87cfd1f9caedc2706fd5b717b64eb62bdc72fa1a791079d2a3695f0c6eb6bfa078fc88e631dbb3ad1b27e281bab86afc16845f8ca6ca7fc77187e29812a016304991dfcb686269939e785b717a3826c6fe042a4908c4fc094ad6514738e8df6ccf855f8f5c0075a99e2daf4b40a26d18979014eb418f28205f1dac48eb9738e67f5b9c58215033437f74038657d20dc35e2cb8b98e1ddfc7ac20cc265db0d8dfaede9b9e97b4548c78aa93b28d93b62d1b81f187c488a404647412ee6df85720f863e07a23a0ea5af6708691b935f5f4a268b23181d0b10099bee3834a0638c9850afb5b49f040c41f230e6504f507288f439d6d395beef5221995d0d8e6a4c689ee6bf8f2bea654711a1a513fbef55c1970d2a0d2f4b1ee6aed2eca1843d1dc58c5c3b9aac8e42c08b367d7cbe4db542bc0e58c7689ced26c4177221954b3266bface35f4c573a8619d34eb9142595a9617a8ae00437f16dea736a979618e1d5906a082c1c195656030cedfae528968b5bcbd917f2661dae3b95834e1c7e5ec0fcc6a32f37a0023b8eb0aeb2592fc6a9e664a177b65f532a666b8fbaf302230b536e30c126d4b0f70c9704d2a45a45486f1963837e713dfe457f36b7540d883a53ba1695918e81dd508d6185ce5100dc360e8c2d395ee5604a7e69f6c622f9a3c0e6bf107d7fb1cc087c9cf1ea8251bab61196c2e9957d8853941806e1b52fe0a0fc879d2cbf931207d85faae11863882993306d46a43c6687c0200e85d539f1cd42c9489a5bf27cd9a6bc6de85c88b4140441a861fc50c812c739c8268463d5e1f38e16e6a1d9b6e42a71eb2d5e396db531a3fed3b689732c0850605d67de1296710739bc2b3efeb96beedf82f8d6a8f542119923a9339cebf3c3c966df302643ea2ee6c33d47d01c63b13ec4bc3fb706f5911fc734172aa9a841d8c3bc246fb7e31b27ae4f994aa01d83233d6f62035e080ebd00e7796e5c211a9350ab174d9e580f238ac91b20d93a2330ee3586f14ba27e3f88139473b8150c2af95cc906860b9091207d96ecb082e3e727a268ec6f4c8f90ee79ea73d8cad267ff788d4fa47ffb0218226d08219eccf1424486e80fc978c0276d05ea5326cf2f205327e9b621356a6bfc53a37ef0dbc35de52f608cf06ae643ba658e5b01db6cc174e4d963d9c8d0bc6e4e5308f9278918a91d681fc8c713c5c5f3fb403127f05569c6c84464b0dfd948fdab24d12c5c4fb329651fc08e3674db11ddc1a60d730c90ce62f520dcce277679ced3696072171c21ec249ca18783a0540be79e85467a0722ff53fa54dd7701ca30fdf86165fe695595da42c31f6f9fad73be0ab5194c2f34f27d56241ac6674d7c6b4a1c0fbbf726730977600199987746c66c884fbf3cf683c7fed1a5df9a5f233466d7554ac006af6b378346f07397fd48303de6e95abdcc4a901da675af60f71add9d86b244b0ec5907f379835620a277584620feca8eeaa2165f0a5ea94a5667c4bc9d80313f6df8324e7ec9515c9e21d8f7a1f65788e0473c00d85605767dfae803c5ff233faafafaaca26629e6a1f71100094e4889be54a765f3d368d80bd39fdc0918b8f1e06b74c2077415bf856b54efb22189a4f6b7e90928826757eb848e03e5cf9554e26736d93eba784e8c961d2196f67af213dfa2b388395d6738366989b2a4b364d82107e93883f084f6495e68cecdcc7bfc16e17c8f4aae8e66dfacea380222c82a349eff57c40a0439602f1372defc1d7a5d385e233ee16883ba779b4d0beee40d79591ea8d9f6b508cb863f9b117f2fbe82865f218689be381acb637b464b5e0bc4495d1e9def0dcd183560fe21d9925f44683b7e329e76f9dcaa99245685cbda9d1045e72df32d027b73efa5ea4937b56988d37eec603e1d1115c01f545f33e83cc6dcff4230795f48dd50033e7c62d41af5fcc4d4d3320830b412425dd5308987cd679d50d9433b2292cf0c6c30a2b801a0ef3df3c7b92e8647184d9750ea31f722cf5cd2f7e5a2fd5fead56ab46eb8bc301785acf8cb4785bd963a3013e301dca6c6794e2d48a7795e59df2c6b8bb94cd1d7c271719bb9d765baa871f7319bbc9517f15a6c8c500cdd1fe6d8d085cd5b015d26ce4dd8d792d0912a8f00e84216fecfd1d392fd50223fbe05543ede47f7de2685aa9427b3013cec2df47704fa0155a5bec133fd7c42dfe4bf9a8b4ddb61f8641385db6b691734352cf5584c9bd6b469c516a9e53d5654ea48515d0983c96eb625818d16516942d92a65e0f8a2ececcfc3f2746d865d5efca96a022b8e884a6d42aeb337942ce6540257ff58bbdc1e6f801b0575a96086d5111cdcbfd2afd6d7c636ab3fbaffef204f4d9b9e9afa501fb89f4065eb077df91ea51031316e07fb15525975e09b0115d9f89a6f59a368e28dbf839ab26895b6d472c9d247a9429a99e226292c47556772982e4be73e1ed95bd82107070eb727ec3216fdf984b5cdaa58a24800de10c2df7c2db2fcf434401"}}, @mic={0x8c, 0x18, {0x547, "7e4ca86f93f3", @long="bf252c8b9170f4fe106aa863f8a61116"}}, @mesh_config={0x71, 0x7, {0x0, 0x0, 0x1, 0xffffffffffffffff, 0x2, 0x4}}, @fast_bss_trans={0x37, 0x52, {0x5, 0x0, "56a82dce807801c4685e1d798edeaa99", "94c1e565da0ac8851b0ca42f4c80dffd7d5690b31ac805fc99dd485dbea5ead1", "21e920f4243f9bb2b96d8a74ce2f5cdf5c963adab2edf851a9875510813ddcef"}}, @tim={0x5, 0x9e, {0x9, 0xee, 0x0, "4465b6e8a5fa02dc750e19bdb767ae814a9a3535a0510dffb7325615bbf0661c3b34ad65d881d5ccd23915f8d5e2704bf3d1c48e51c440290a24e554560b8e62d93ead66f2d1bc9ed106a54501c9b0ea7ab8882f16eab43d51677e25472137b2ece447253d127a3782c21e951d6cc126da13c0c1fb0f36f3f5ce9bfa7ba2903d0c758101083c7780e75f651a7bc29653614f144e9a883f6bb4ba3d"}}]}, @NL80211_ATTR_IE_PROBE_RESP={0xd2, 0x7f, [@ext_channel_switch={0x3c, 0x4, {0x1, 0x7, 0xaf, 0x5}}, @supported_rates={0x1, 0x1, [{0x1b, 0x1}]}, @measure_req={0x26, 0xc3, {0x8, 0x3, 0x6, "3df55a73e321c88a06c70bb991b4f72dfc516fdf809fb0b81284de4e3a1b1707653bad5ed60f76f997780b8758d95f09d6fc59501fd5c43af174a98bf2048ccc69afc624b8bf4e16975f330ece716a6a2e0613aef55af6f51d5c0ad97c5ec1d997c56fb5735a9df7e5db6ed076954ea183ef0468692eec7f34479d81f997970bb2cbce5d37f81717dc03c34094525fb3fa429a9d986134d0a3ba072aa838ba93338f818fea84484af2580d57eadc7e1a4ea8dc87d088ffe7a551444c3df171b4"}}]}, @NL80211_ATTR_BEACON_HEAD={0x32d, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x3}, @device_b, @device_b, @random="b2eb5df683f1", {0x4, 0x5}, @value=@ver_80211n={0x0, 0x7, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1}}, 0x4, @random=0x7, 0x2000, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @val={0x4, 0x6, {0x9, 0x6, 0x7, 0x6}}, @void, @void, @void, @val={0x2a, 0x1}, @val={0x3c, 0x4, {0x0, 0xa0, 0xad, 0x7}}, @void, @val={0x72, 0x6}, @void, @void, [{0xdd, 0xb, "059f9ae7c93eea97b106d2"}, {0xdd, 0x6, "382d7ec55f1e"}, {0xdd, 0x16, "54936fa0cca9324e7376137d5218a7ade40f4724701e"}, {0xdd, 0x24, "e5f597edf45844cc6755d7b8f9fd06076de4452206bed3094d2b43a8f0c56ebec04fe986"}, {0xdd, 0x7f, "b4ef0475c681861382e437601ccb7adb94eb8ad42ba21c01d3829ffb33a0971f2143e55804f5b5c074acb057f4d0e4eed402e04650d35f64a9f80044cfa6894cb8f8a455c80586bfee8b72e98417116434a4ea3b0f608e8eeb3c2d982bac808b2343aab6b3bcdc64285bb0c9b33f4055b93ab8530995fbbde54c79d53be948"}, {0xdd, 0xe3, "cf958453730d1e98d729faf5eb191c98821aabe2c9655510c4cfa63865f212a1dffd352121513328a3d9e3fd202807872891d4ec3398a8f680cce230fca0a1c55d6d13c7c855f67903f6efffbd8fcb460423a62110f58a83218618e5b3eaa5b76fa890e9ae534cd0e0e8583bc98fc0aba570c309a90eaee4831192c9b8a931ffd11d962c518b7192ecc723d70ae9a1f555932d515ea9c5af22026d40701e6efd1eb26e64e791931918be2e67352251b4bc46e41ec0b37ea0e4bc07bae9842173f902163a2a1a67af54f71d649cea63c3edcb649b9bbe586b1fdb0e47ce33b9499297fc"}, {0xdd, 0x16, "655c690624913b0f794e4b4ffc93b0e865c73dfcce52"}, {0xdd, 0x95, "f72550050f67e4483085a75301486659e0d6d7c2f32228bbcc2c7a91d4378c778b3f33e214154644d7a3111c238d37335e2696c6eb54220c07bd860f5f3afd2082f9f81ddd5e2574864c8da5264e4a2196c6c1dcb97c3340a040b0458822be7bdb3e1b1eae3f28a2414c5628ca630269eff24d2f458475c355102402569a18fdbe4d0322ccc71b4630d45b00db80a18885c4f00a63"}, {0xdd, 0x76, "80dc9a4066655f7c1096223c609fd11fd92c741b14ee542eb5228ed004935c7688b106b387ac0289a68c7440e125c82163e506c2c58ef2d24db7a2f3dba9e8dbb698da25f47e50d96839b34deaaf1ea28fcc3ba78823621f431ebd39189e227205589ca7bbb05d535fa64f45b1542594161f31ccb240"}]}}, @NL80211_ATTR_BEACON_TAIL={0xc9, 0xf, [@prep={0x83, 0x25, {{0x0, 0x1}, 0x1, 0x9, @device_a, 0xf, @value=@broadcast, 0x7, 0x3, @broadcast, 0x9}}, @mesh_chsw={0x76, 0x6, {0xdf, 0x8, 0x3d, 0x8}}, @sec_chan_ofs={0x3e, 0x1, 0x2}, @fast_bss_trans={0x37, 0x61, {0x80, 0x1, "cc17ca3aa631a13e56fdf5e9fee71495", "f28e8dbd75a349ec276f5096b79e672ef422237fa2a0255022f055646f11c6fd", "7c2266e5f3d8b8d2b94abd9276cc99fef631a581343c434c552a55415f455ace", [{0x4, 0xd, "2c577109417c166cae2f174f7e"}]}}, @ht={0x2d, 0x1a, {0xc, 0x0, 0x1, 0x0, {0x3b, 0x1, 0x0, 0x4, 0x0, 0x1, 0x1, 0x3}, 0x0, 0x0, 0x7}}, @tim={0x5, 0x12, {0x8, 0x81, 0x6, "01e3b0c6872fae7fafed6266236c06"}}]}]]}]}, 0x2158}, 0x1, 0x0, 0x0, 0x20000800}, 0xc0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='environ\x00')
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = dup(r4)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x310}, 0x3}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="d4000000", @ANYRES16=r6, @ANYBLOB="010025bd7000ffdbdf252100000008000300", @ANYRES32, @ANYBLOB="700084801000010072213a37314985f82566aa242400010034558714857ddf7d3c4dd20d8f31e83750813ddd36af1a3a79a093be591b5fba080002000000000008000200ff7f00000a00010002020202020200001c0006800800050000000000080003000000008008000100feffffff100084800b0001008c040c668f28620006009800010000000400ff000a00f500da8bd33bb3e700000a00060008021100000000000400ec000400ff0008009e"], 0xd4}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000a80)=ANY=[@ANYBLOB="50010000", @ANYRES16=r9, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="3301330080000000080211000001080211000000505050505050000000000002000000000000145000000100030124040600000000000005f5204903b81f0eb513b1451feae34fe032a1b514256261b428cde2bd214b230b96948a4cf7bd40a472449a3da3c5ff224435fec3e2423d93599a55d53ea25dfd3dda0c944df7ccb535ddc28eccfb08aa8abfbf76751278ae37cc24c443d5c3e32eda79508217e580845035bc9aafc668f02f097551d0e30a6158ddecc4f64e7173d2ce39139c14bb06e2c73fb15a8aa14c21f62331599793f4060d4ba5792efa0103b55ecd200f128b68534fc2281c764f93ae57a4daf6282bfad870b89332918d1259d1fabb9e40ba28d662475390949cb6cebb13d9565d28ddffc60faf78c7a310f41cceaccf47cd1029ccfb3ea5f5d9404a0c4cce5d959d8415ab450d96d642d221030000c1005e1f9be31a0333e455e4e0cdc4"], 0x150}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r5, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="10010f58e559f919fbe300", @ANYRES16=r6, @ANYBLOB="00042abd7000fcdbdf252700000008000300", @ANYRES32=r10, @ANYBLOB="06003600faff00000a00060008021100000100000a00060068c52de372250000b9002a0005130994ffd4ce3b8ddc855a57fc28a58838b0b93e8456080600080211000001e400000008004008021100000100400100080211000000160000080211000000ff070000350000080211000000ffffffff420000080211000000040000001e00000802110000010300000030000301b9bd06080211000000822507010f080000000802110000017f000000050000000080000001040802110000000000008075140000040031c7b00a02cc1ccc2da5b9627a0d186b0000000a00340001010101010100000a0034000202020202020000"], 0x110}, 0x1, 0x0, 0x0, 0x4000001}, 0x18001)
getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f0000000340)={'mangle\x00', 0x0, [0x6, 0x2, 0x4, 0x3b, 0x7]}, &(0x7f0000002600)=0x54)
preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x71}], 0x1, 0x1000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000002580)=ANY=[@ANYBLOB="1802000000000000000c00a1080000009500"/40], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = socket$netlink(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="1506000000000000004c0100000024000180060005004e22000008000300ac1414bb060001000200000008000600a7"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r8, &(0x7f0000002700)={&(0x7f0000002640)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000026c0)={&(0x7f0000002680)={0x1c, r12, 0x100, 0x7, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x40}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4040884)
keyctl$read(0xb, 0x0, &(0x7f0000002740)=""/245, 0xf5)
set_mempolicy(0x2, &(0x7f00000001c0)=0x8005, 0x9)
r13 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
write$binfmt_script(r13, &(0x7f0000000000), 0xb)

5.267980845s ago: executing program 0 (id=493):
gettid()
r0 = getpid() (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000140), 0xfea7) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x10012, r4, 0x0) (async)
ioctl$KVM_HYPERV_EVENTFD(r3, 0x4020aeb2, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_clone(0x58060200, &(0x7f0000000080)="91105cff112598770cbc02e2056ded52e791af63", 0x14, &(0x7f0000000240), &(0x7f0000000440), &(0x7f0000000480))
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x0, 0x0)
dup2(r6, r6) (async)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000580)={{{@in=@broadcast, @in6=@mcast1}}, {{@in=@loopback}, 0x0, @in=@remote}}, 0x0) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (async)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001fc0)={&(0x7f00000002c0)=@proc={0x10, 0x0, 0x25dfdbff, 0x200000}, 0xc, &(0x7f0000001c00)=[{&(0x7f0000002000)=ANY=[@ANYBLOB="9c0700001d00cf0a25bd7000fcdbdf255b6453b468c71ef6c3b448af428a12cfdf846d91f7a2f69f72be98b6fdb518e9376f987c585650af30d791acef37771e41d3573e11d82cc7f402c18e1422badbf37b000000009a779848b72f63740910f05878dd4ea96faa071ae342e24245824346115a4e2d404134f07e465757e43fe456c4fc2a3c4dcf03ed3c428566b88c1f21bff061b082f60fc6aa83bb8757cce0678829e5cdfa3476ffd937437183e10ed36125908a0ddcec13e0ffe3938bc6653d11069591a5a6d19a5b22c6c1f200f42e0400180087928ae739e9175c940749ba8fa9f4cebfd85882e2da31b4808bf5a5d89a9957f47850edbcbd859c209e63b43a41b6aeb2932159f9b4e1005310f5387f5ee2fe5fa67e5569bd287d37a42e6e9a960396551ff2c6dbea2f4edd955e5749aa57f85616f89be3307f742bf65615f5726611a853eea81f5d37016b0aeff7484ab7b989d9c5efb50c38da27bb05bcc6af4652ce6bf242838064c2dc2962a7ebe9ccb2c78debe69f8ae94df08b402fe37cec6c49c0db2dec6f23e5298bf8715489d1025acc0e798fd8d8d1b98ffc976226613f704b027845e23b9364e43230af9eb0abdaf8dab307e3e5721da87ef1ef55ca1a53ffcc22e78fb96ce8b9fa18409ec0febb99fae8d59cc12e7e1076623e7d278d405527985971b5645b4eeb86e9fd8b94bb1d97470814e7e893355d95ac09d832c29dcba1f4098ede527da75821c93bfa35d5f1e5bf7c9dccc495418950f4606c1bbca9afe1beff80a5430af84d87dbcacae1dd6cd1989ac390015c6beac6ef2086164c15a2895ececb645cbcb6c61561eb491b4c790a18293b271bd168e6557ef772ddb9bbd5afe6b6ea4bc4489333b13b5389189a1e092a9f09069fc413677eeb0e7f9f62eabe6f67c9de1e1bc863076b9c58ee6d7b65792a7a371ab7e83adff3b4fc723fdce569a750ca9a30b986160db6e82c11ab3c8914ef820770d6221700d6e6d2af602ee4a97b75ebd943607ca5dd9e80176c7481700d7f2787e47ec8e30a17c107b654e8e5208bfbee66e6b1a5355ec8455b317e11af62c9a6c1b229ecaee68144b6fb1f88acfd0778ad2761448db3c932d2c8faf3dac69bc04c4ba399569d2bbb8b88d17963a3b07ed7d82825e52a010766c070ba7706288c13132bf29a7aa83650ed6f4926006e8e72b83822c98489b2dec09ddb249d562b94f80f8a42f921dc8a1181dc8ade81c271005eedf9f520efb618190c852b8f2349dcf691dba156525407047058f8f97e1036150319e2f4442c40ed86fd693b9d10aaa732c8a571442d6812f664c803162c25092c66305aa9d2e1fb1eeb574a169619923c77d5300400e800a3012480572dc8f08f49fb926ea3c8d5f5803f4044b0f2b832b532a4c19faa79849815572c0fc2e57d37319e87a11e1807fc16806629d9f68cfb264e69e508523b271e430a6a6ec2d59ecbaf382ffa8008f264e50bf35bff6410808250f344df3982301b4817354c261d9d93c06297c4b9ced5c1a797ff45bb4a0a89ec37b0e61e9c224de2763cf1e591a27158e991d5bd7d99b680b32669ade3920f7d8019a9dc03bb69927fb8d97f392e776d5545c8e4242e2ed63326490d713f33a0deb894e72e182c084984333a720795ba7bd4c4cc05e5b05bb8bb8183726fe4532a1727580800b700040000000400de000a002b00ffffffffffff0000db69a6fac070078b1716b52b4c9a2e6a57a3d8486745a630d510d5a13e77dc3c1bf8b75fbd4f817207aa242d17945831230440d001d641e0c8c2ad778be11cc25a3dc28075ba0cd221042ac2a7eb7452c6510644cf0ef0fefa9c822ceb0999b3d98134bb3421401062b8aacdff6a38b31612cf8a3c09f08c3d8373d0b1ea05f2542cd70f4d30a1fafcbf28f7105440291f32445bd65f743235d6ef8e19cb3b2eb5fe0800c800"/1400, @ANYRES32=r0, @ANYBLOB="00420155800400ff00df877c4075241798013e3098df6bbc1aed27fb68a9b7890ca501ca764a93d9a3a301c22ec27fecb24f383287e9471c79073d62255645b1936381eac3cd9406d4ea6b5daef9b878141c9ce7a01505e314228df7dd6d8d43bacfc9d254a2a77428612511c0b9519f896d76350dfafdc5031fe0d140b4264ec998333c0e6b3e862cc87b2d1abbad7323dca08163e460a35ce5d798a326540ca490663da3428c2e5673973edbdb358f49a17673bba4f076c266cfb69974884edeb093ec1405c10e9057ff2df47fb0ec27514074300437c1ba2c4ffc6792be038bd2fca9aba64dbde30ac848f94250f6f692f6e75e9e344c28ef9fe0cf51024a9d2c1f77962839aa4ba8b7c88b33d6e6103ef75601f884c7e5ae77035d5cce00c7ed69c7accb235fd85be81f7f4fdd6f0a6ab32f8b008b0a001e002721276c2d000000000098ecb8482294ae47ed2cdac04cceec45e3f3f6c08ca7a682ddd24f930712c963564e12cca8e39eafd9dcd4b44bbc943d4eb9dc8ac7672e12ae009577bf62d3f12a4e5db1f72423a8cdf9f8c4950ee9228de41bc04e5143b26f1b93c7ed6aa2c3486d4f56fabe581e6c333c27970106475ebe361d35aa41ced3282fe904db0fdb46a5b924d6e6d85243ac0870c5d4559f00a9095afcb0f2d5bcbe8d17e9fbad67a6c19f53b3476f8b98321092c02301058932fdf59786930d16adc8efd57a8b7cc2081103fa6b876b85f4a57d7b6344440c008ca6021d0f8cebc88f37ddae7aad"], 0x79c}, {&(0x7f00000027c0)=ANY=[@ANYBLOB="14100000300001002abd7000fbdbdf250410640085b8adaf399e3d66dc95ace04032e8ef710d5e1e1c232e607818cae54fa572e1b193d097c95c81908b2e7366fdcfaa0568fd216b52edeba97a8ee52034f50b3f31614a79b08de894b6d9f64929ee24df38674558226838a4f684ec38b4f26d7826e789e01b885652510b72a9a5db2d9f3d41db4a4cd9198e2cc734c5050b836451abb5cf3a6635ac5895586845fcfdcfa9854c847e3e80d4252b220ace976456e24531f85439ce8f66c5042b8eceb0619fef05f08400d305836e7984fe2e467830e20086b6bd8918a6cfe27fedfb0c580a4fbfb96212d8d638b1d1f0feaa6f76762a68249e9e24663c98facd7543f0d73a9bdfe9b0b496e06c8470286cb0a673e9146ac2b64d06905a5cc7a07c44cac91e41b29b3971d81dee58d5220558cbea2da2a53d8ad93e1c887381739dd8b218e27b091b2ba30025924d5c35e5ea81fa3d9b840ab36f67f2e6ddb43b65e6886ec0098b9a85756e81816f2218ddd736120c132891270eae1b97ec4578e05a744b4a767a90f3e4ebaca164d71a8d448b067b11f62706e01667480952fb2d331e3264e72274320e5860fab546508c69a4cac8a149e19268610db840eb715b124ad471760d1e63f7fd17fcb51bfee9e6ed1c94db169cf18b4732c4ba8baf2e40fd19a15fcb0561c598cfbe60f4b966c54d4f0413c0858eb8b2d97f420bcda1f1802b35034151204b06ca28dcebad15e5ce89094b2e9f0db2b920136a7a08afffbdbd20b203403c42cac9986b5fc10c03b050bec4bf2efe7eb6e51d7affd84014e4b7b2bdd983ec048657044cf115085efa729665793a99e0bdb42b4cba57f7cf0fe760889c962f047b6d36a8b4ab43959c0e276db9c538c3dc4b162d50634bc6c7a81f6a3145b5566f263462d2951e523b26de1b0d44ed757577da14cbd5e9384af4039c7d4914f18991f62d2986f038724f93ae60d3011aa30e39f1ff6f3fb149dd320dfa6b49cb0c5792a479a064c98a70bcfa5628a7b9494e226f5fc1da17862a5e702663760b1973f9f87f90bbb2a44fc4562f066c9771f16516c93ab56495f6d550973fc30e8cd804a24cda650647627166fb958befdb6c8f2c07797cc5466e780f3bb39fe1b73d8e8dee7936f678ee9f2138b9fec65a71997beb4dbd185bba9f7e7d2141d755ef97ef6bfe82af8b5ae11ae17821106bc2effe1a6759f935350e764f29ef30c12a399c7526089d42f9fccb4b52e43695d6c9fe4830f00d5fbb50da09f33611e0cba3eb4f55bb16b0f54ac5a7bb1ef372f79ab5d56f6dd06a1ea1e83638e8ed9a07c5374ab1c06b32878f88a630b87ce4706eab698f6c79a733591f49e648709c247e5b09dc4776c355f05b9f217af8e6a444d81d59fad914d4e7378b4a0c9366ebb3fa8aec06661d013b55982c438d73617c4cf4acc4d9e40836e7cb6215c4f76ca7ac6756a3592f5d981e312aa7251c4519f014a8ecafdab8d87e855e8c8806d721ab2bf06069e2db4a8fab2d3ee7137cf7193c1cb9340f1a4d6b269a7f979518d28d3451130a6860cd60030cd9f3b0d531a3bd0cef02dbc05d226c02c427db939edbac2f4c28823f803c165cdba950d494b3a42526c65b63ab000b8795afff2d4229bf5433a05e1d7f0f080872edf6fe45a3c48f6a9fcd62b2234894c0a44a76438ccbdece674201831a22cf19a6a1c6547f8f4180cf5392102b1fd63534e91a182256ac250988cea112e481a924bcb251cebe54a20f1ee2bf22a05477e91f1b06166d3bac35fff3eff47b79bf820a40007ecf7424505a219db99fac1ecd1e6a8fa6d3e5e5372978b797bacd7db8d3305da61ca607ec37616b928a7bf5b47cafea92907871762096b32fa72c18d6d72847806d0608e694414b70f32238585b0d7476aaf7cf5d83d4717d729231f188fb2f9bc8e9b5a8013db1659fc71b66cbb4777e7d221237654d2759b8f7f19f946bc0a65529f49397fb4ebbefb63e93e6de61832cdb1b9fb4fb84e3b9094eef2098a92d777d6d8f5bfd9bfd3049dfc7dc8dedb1a1473ff6faae7d949b6aa42b673a755ef424d7049d5077d3441200dad1da62c9a697dfc3c94f5d5b7e030cca0bb318615346ba84c5d8a8aa061b9289ef609ea1247a6b520468a867debe48eae0bad0dc86da0b1753a1db252d64665a8ad0784a308fdf57d8e9a944e95829033e8d15f836405f8d6b8398007d033d19dc518c6782641dca4227bd0ab30474dc59c08707ec8a52864b07cd3f7ab4bf7ec18a23d16d736c25e8d097e39d36afacbad85969236fd1b366babc3cdf8757285e2fa796f16b43e506995ce38f46ec37abe4a58c266ad1ecf03eccadb84480f776b516eb96b693d76ee18bfae92e9d5110ddf89da0e5102bba0166ab7e39a0e308f326dd7f8a87d5f0295e9f0a0a3c8f9d0d31aabd91491bb758d1e9965f9280be0615218d414d5a431d8d8e3020bb50ae668e07efcd5d3a26744f69e313b20cf84dddd8b686e718a244e7b1b278088988350362308e1a39b4b68bf0fb9e63936024469bbb54424e18d7bbfef5470b0821de50078bb05f33eae814c81b1f8d121e56b06ca55b49e75b0c967c822728f9cb2d204bbc25733bad014a5d5f2bed94f860d7f44299c0527a3bfc49b83936cabfc109f34592c3c64786893690bc04ce16497e2d4e09a6fb2c1d5177095c3f2a59bcd6c33df9587b46712be65e85fa69e69577360597e1f183a36e733f1a49554cae92799445a7f4d7639c5fdad01b5720be3684f29e9d2718ba527e1c2286f85f8454a2956f4393002b7fd93eaf2a29df388eeec734328813a18efd6625700843148baecccfc8af69deb189e187fe26eb7eac6b4a82d4e45592d97c446eb3a12e10e9bae30a6c1235ab5809733103d3a5a17a5455231642163d4218fa9140e41775e6a4a9708414e8324a275ba0c9cacdd5823bc09259df9f90aa0010f521dde384a8f69e6a732882474393cc28e998c637b803b360e00fc004b79c9714b1185969cf44c5287777a35669281ba815ce4ec83c5ecf4eb014f355612aae1f94c09a370c398325e99bb0f1ca728ebabf425c2c42b56dad96117ec41dcf7a47751c7be52358275bc39aa3047cdfebd362542a6e9d63c0571e2cf850e3e8279a4fdde2438fa3f75ec485f7af9ef0b5ccce40d0b9ed77116723a94dbc675e6095d8885887cf805a0b1a38226f841e44535d1cece9a1b2189ebcb8ed358c69ce627e75dc026a4321dd5943c6e18cc2aae1bfc47e26ae8aa0f33527149c56d64213150cc6cb7ff9deddf9066b74dd4c233721def24820a435f38c3b6cba1be086ed2088d1e3f7107c0eed9cfc2c1fda20cb46d043728b97c4fca59a9dd2b126a77e34e2e5a30f6e8a9a788254a8b569159f9e394d5dcc00d2df622c2e2f4664c67f3b76f29564f7b3119dc9ebae545771ba28b59fea3e97eae258d384c5bae6911bccdd990c98e810b794f21e14409ff6a241414a9c30e07d9b96719ced61dc0bd8675ab40162e0fc81a99868f49a9b215d640e9eec36d435ba250c0b80e62facb99ae48a4fe63c80b8624fc69f3371bba0bf31442e4a0c79b28660a94d56e3a43fbc43b2641fa649f990405c5ba8663ae9ba9f3312865ce2be0572fd185fa9e431da1f48d2c944f9e3873552937594856d3cf44455b9472e11660da7f9724472944065f37df7ec74fea2f51a1e43fd6785140c067d4e429250f2432fd5a96348d46d74e02d2c6fa2310eda45f5dc2457aa51d98360f86592a1dc8fc096c0b0fb5684b6ae3401757057f44a5e7857a2059049084c75d1258a0cf13c5a96af644c92970c3948e1dd025d0bdb1bc758860e7bb3931451104c48f1c655f6d5b1d8b4a8ba9bab19e0f508f5123ac705157d8421a6b623f060312fad959ceec91f48bbb51eff46aa26b9fa1f56d5fdd6f374e96cfbf611cd0453e916cae014e46eaeb931bc3b16688772673d4d2965262d41b60793e6b14fc7e0fd682688903f43cf0089c69ce2c3b67dbba743fc229c091475b272aad8364adaab1c8cd4f2baf1d5295df6957b13d614524849887c2c18b797cfb02c4e9430108b30b6902aa687125fe6fbf00e71c16f20ec94b924bb9854450898ec9b8fb7cd62d75822779bcb1e376cb618a50359d6438ca747049de3e4e81d3476ffced83769fd9260047a59dd8f26181bec44854d3378a9ed697970cf309363db7ec4e0a5daa7f8a8adccedff05435d993624bf9be6c1731afdac3fc67853e108f87719b3d56a21406a0e6adcfcbf97994c87e81343cc76814b42209002e36bbeea8442109c52f2da9ab7bc8590b6499403aab5150a7e09e8f555846550fa7206d74648050dfeafe916c602381a1e6147e81430c461a7018e7d2bdb652d659765891997ec38e0b34f7d08ccb5cd0f97fdf9be72cb930d6c5374262bad76e88e3bc4c6204fc6d9a9f3d6d30fbcf6541263916d3a790a1b7012ecd30dc2fc1a852e0295cea32e255e91d284647c851f27e1be65d3b1b1e90daab5ec30508c7461fb6d5f4a88e7a9994f4177e25578288227f4f6bb4c350cf2ac7e4878c163a3321f983a86179e26bbd8c313dcb9a39d074409ab3482d7e8823d9d89f045aa571de1f92f8a523cc35033b1bd5d3b1dfc09903cfaed8a0ac9b580b9c1b06f6c46c8e40e1dac731f3409d017faa76d239aefa406cc62456ea82e0ea2f33eca0143495ee613f6fd06d0d300bda62d380d0b951d20b73c51fa203976ef2c448659c0d5853848465f72f744ef589c74961b4c64dd10afd3920b8fb6b125717db521c905a9cafe125ce15dee8037e3d4e5de3324a4a44c38888d14020e190314c6c3893ac4b3584e38e230a4015230a20d4bc3b768f1b9138a4a7222812edb98da2ff7c9ff1709407ece3ebe0065a7c259ae830adc0f43739dd03132167b592e7a242955d0bb2406477deb9c1d53065ad8a85e94419159aaa70332dfe0935b6721c13c89a3d3c178965a2f0bfad968a828b2616fc2e45305cddee40a55d195a245585172085f153156879c2ab9fb139f40958461b428946ae0ecc822734a88cad70086756d69e6723ced6650dcda90f2440e5edd8083a6aedcbe79ebd0acfd6ca68cef138e95396a12bb1c60a38559084045f15a210c215b8a2ce8798f32782d7779860a4f6253bf70e5fe6a5169e2f70d6c6b5e08537f131cdbeb45e3d5bb4924df513afbebed5146873dfe19d51c3b2fe525d123d9e31db0e0e3bf222d2d96d073e328408289a54b6bfec1a089fa9066e9c7f4c3be8ad4d38c3a913326915438423dbfcfa22f933a767a2409e98b1624ce378ce63ef69e1062eefe89f060c856f22e8d96d65ffdd8cc62c4b164f8d8ec41e91d4808a772298068d9c0e609b9359d135cdc212fdbed7777344cccb3ea1a6dda7867ff1b6267627a49a90273d402e4c7a4faeeafac0806a7a0e68626426e7408ca7e199d68492570a3ee65cbd59d9b2b40d6af0df8eb9f0fad9d8e093889a2967f508882c475dc709c1a6536c874870ed5693fb9947bbf35b9918ad9e55011682b111bc5982e18130c0c44a7acf850b5ca441c497c19edaeeb038903f45630756e5ab3283e4c66c0b3ed4519a295f0baaa096b20438fa724d317bea1c3b21cd7c139f0551bb1db21afe61106b0b230ef70bfc1d0e7b6307abbc816fa76326c66e1631bdbb8214e78893e0cfe51d9ae09fc403f8c2e804106ef50ba936e1419a9967e50e9e9484aefe3f28cfdd208e40be93551492641683f683e68a96267b9a8ef6c2095ccac1faa8db0a5fa2d0f44c2aa348b0562e053ff979db05c6068dbe4b3edb0c7dc352a8c"], 0x1014}], 0x2, &(0x7f0000001ec0), 0x0, 0x20000000}, 0x40800)
write$tun(r7, &(0x7f0000000680)=ANY=[@ANYBLOB="0080a903060005000200ffffffffffff83d40100000e86dd604d4628009e1100fc020000000000000000000000000000ff02000000000000000000000000000100000000ff0700000500000000000000aba45fb77db2a7f7b2896e17f0c1d4cee1afa4c6770a2494e27577068ba45d89d85b4421635b18328a72c3723cc0b4536b567d5066fe36c1d8c42482677f483414a138212234c3fc1877b93ec6e5690b4e0aa0a72730a4501969c8dd1a12e6c3998ee902d6e45637cc87bfb0eb1cffafd5ee68d70e4ff4b5d7d446377ff4cbf6d2cdf0d136720000000000000000560754a97bb0b835b481c2465234fd7c4040958fd95a9f5b2f3da5cdf1f82353c3f59fd04a9f6173fa18c16d463672a703fbb84d574692cad89a377cc438dfe7f63d0777a30948c71fdd3ce198d51c487c5b80b601af772559fe0f73a973b71bf9fbde3ae92b64ec59968ee4d6c768fbc573d8f3bf3814f94d14534524d0026b"], 0xde)
bind$inet6(0xffffffffffffffff, 0x0, 0x0) (async)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

4.969793601s ago: executing program 0 (id=496):
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x0, 0x2})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f00000000c0), 0x8)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc0405602, &(0x7f00000001c0)=@fd={0x0, 0x0, 0x4, 0x0, 0x0, {}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, ';\'S;'}, 0x0, 0x4, {}, 0x3})
landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a0103000000000000000002000000201404801c0001800c000100626974776973a665000c00028008000340000000000900020073797a31000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x74}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='ext4\x00', 0x1f, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={0x0, 0x58}}, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x4, 0x300)

3.620149423s ago: executing program 0 (id=500):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = fcntl$getown(r0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRES8=r2, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f00000007c0)=ANY=[], &(0x7f0000281ffc)='GPL\x00'}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r3, 0x2000000, 0xe40, 0x60ff, &(0x7f00000001c0)="5cdd3086ddffff6633c9bbac88a8860040dffd00139fb7a884bdfc14f48786dd", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r5 = socket(0x28, 0x5, 0x0)
r6 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r6, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r7, &(0x7f0000000240)={0x0, 0x3f, &(0x7f0000000200)={&(0x7f0000000080)={0x20, r8, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}}, 0x0)
recvmsg(r7, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
write$binfmt_script(r5, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
syz_emit_ethernet(0x15d, &(0x7f0000000b00)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004100014f000000000033907800000001ffffffff44147361e000000100000002e000000200000003940401009404000086180000000305049099010e87680ff342be5a9af3a00c9b0144349d81e0000001000000ffac1414bb00000008e000000200000005ac1414bb00008040ac14142c0000001fac14142e00000008442450416401010100000080ffffffff00000d20ac1414bb00000004ac14140e00010000830bacffffffffe3b2db02fa13512e9078fa529121f67f0000018616000000030707491d1ac37c02092afb6c5829e5b1000000004000008b9078210700009a0be17a6cedc10f786334396d40fb9b1143d2c4df1fc9430bbef3fa5e52fe40fbc5d307c36ff715e96041ce0f429a064da2ecaf45a0a211ca7b70e860fe8cd5acb305bd1cf423cb3d118fbc1e353736a8b1d4d33a408fbe653657623aafbfab71e4dfd10bbb2a813669f00f1b640454c71414317d66944f1f7e8d8eb6e770"], 0x0)
ptrace$setregs(0xf, r1, 0x3, &(0x7f00000001c0)="45b46fbe7fdca862f4484ad916fa919c93ce789aa142d4da2dcca2d0023792d730311c7f6f52fe2c470621a2cf43dfbf040000000000000003355b58735f7d1e195da773a8773b3846d77d0ce825bda2a535b46520800d4b946b11921b7eb8cba2d101b29acbf97ad315519933192765c8db6efb966d7f20508d878b343fcb4fa214780702d794855046e14ae7530d98abe6efc0c9b660eaea6b9b66791352e6e9f7a1d8d480929df5c9db5a50cb008bf42a69f7eff9c1bd2aeb5f3f0533074e49163f68fd1636dc9506253a151ab54267d2a885eb8f92")

3.080127199s ago: executing program 3 (id=504):
syz_io_uring_setup(0x6b1a, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000800008604"])
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={<r8=>0x0, 0x1c, &(0x7f0000000500)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f0000000340)=0x10)
r9 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_GC_INTERVAL={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x35}]}], {0x14, 0x10}}, 0x74}}, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f00000000c0)={r10}, &(0x7f0000000100)=0x10)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000c80)={'lo\x00', <r12=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_AUTORATE={0x8, 0x9, 0x1}]}}]}, 0x3c}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={r8, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e22, @local}]}, &(0x7f0000000240)=0xc)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team_slave_0\x00'})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)

2.721652893s ago: executing program 0 (id=505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0xffe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1, {0x4, 0xffff}}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x0, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}]}, 0x1c}}, 0x0)
r7 = socket(0x10, 0x0, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r8, 0x1, 0xd, &(0x7f0000000080)={0x1}, 0x8)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6800000010000100000000000000000000000000fb955299e7c652c93b82e69b74f797d53c5ba72e2b33768d97c1caa9d193449ceb0a6f1207243a3e6f58f251bbb959e8d3d60dfc0e9edd", @ANYRES32=r10, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32=r10, @ANYBLOB], 0x68}}, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_FRAME(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x4c, r12, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @deauth={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x10, {0x0, "0262c80200", @short="094c1f2501e02962"}}}}]}, 0x4c}}, 0x0)
socket(0x0, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x4)
close(0xffffffffffffffff)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4810}, 0x40001)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800150000000000050016"], 0x4c}}, 0x0)

2.56616402s ago: executing program 0 (id=507):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
close(r0) (async)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0xa) (async)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfb, 0x6}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x5, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{0x6}]})
fcntl$setsig(r1, 0xa, 0x21) (async)
fcntl$setlease(r1, 0x400, 0x1) (async)
unshare(0x2c060000) (async)
r2 = socket$tipc(0x1e, 0x5, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303034303030302c757365725f69643d9de95ecdf86c44ef5dcf5d18506ede6ae150bd0e5c4e2291a0d94901c91cb03e79eb1bc0f7cd9ed6f7c2459e6397bca264ab397d1dd28acdbacad7ab3c872a15559e38098e7a07d7aad4f66b3f9dbc5ab8654f08d0afe8bdca81da3ce80c42bc65124428e9eaa80bbe416e8dffe8ee10958b90ea3a3d89aaf9cdd04a7c11bb164dae800600000000000000e8ddaa4a52e2a05f2bd6db7c17527bc5da66dfad974e6c5a57d0f696e3ef683585cfb7ead17e68aa91a521a048e1639fab445174078e6bf25587f66dc31e4b80051d699e03d8b8", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) (async)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000001f80)=ANY=[], 0x2a) (async)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) (async, rerun: 64)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x0) (rerun: 64)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0) (async)
r7 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r7, 0x541b, 0x0)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f0000000000)={0x0, 0x0}) (async, rerun: 64)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000003c0)={0x0, &(0x7f0000000380)}) (rerun: 64)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1, 0x3}, 0x5a)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r8, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x47}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f00000001c0), &(0x7f0000000280)=r1}, 0x1c)

2.492068859s ago: executing program 2 (id=508):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
r0 = syz_io_uring_setup(0x4171, &(0x7f00000005c0)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, 0x0, &(0x7f0000000640)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0)
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x40000080806, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000240)=0x80000000)
bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20, 0x2800000, @loopback}, 0xffffffffffffffc7)
listen(r2, 0x20000005)
socket$inet6(0xa, 0x6, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x2d, 0x0)
setsockopt$inet_int(r3, 0x0, 0xb, 0x0, 0x0)
r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$vcsu(&(0x7f0000000200), 0xfb, 0x0)
read$FUSE(r6, &(0x7f0000000b00)={0x2020}, 0x2020)
ioctl$VIDIOC_QUERY_EXT_CTRL(0xffffffffffffffff, 0xc0e85667, &(0x7f00000003c0)={0x80000000, 0x4, "1e0290c57783fb8bdcdb5e192025bad1fb03afd23ed38ea08e0aeb589a968044", 0xffffffffffffffff, 0x6, 0x0, 0x101, 0x9, 0x26, 0x2, 0x80000000, [0x2, 0xb, 0x80, 0x8]})
pwritev(r5, &(0x7f0000000600)=[{&(0x7f0000000380)="b9", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CLR_FD(r4, 0x4c01)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
write$tun(0xffffffffffffffff, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
r8 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r8)

2.319448907s ago: executing program 1 (id=510):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000b00))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0xd00) (fail_nth: 5)

2.116557741s ago: executing program 1 (id=511):
syz_io_uring_setup(0x6b1a, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000800008604"])
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000000)={<r9=>0x0, 0x1c, &(0x7f0000000500)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f0000000340)=0x10)
r10 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_GC_INTERVAL={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x35}]}], {0x14, 0x10}}, 0x74}}, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r7, 0x84, 0x0, &(0x7f00000000c0)={r11}, &(0x7f0000000100)=0x10)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$nl_route_sched(r4, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={r9, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e22, @local}]}, &(0x7f0000000240)=0xc)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team_slave_0\x00'})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)

2.095102254s ago: executing program 3 (id=512):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000001c0)=ANY=[@ANYRES8=r0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0xf35}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000040)=0x1b)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000340)=@xdp, 0x80, &(0x7f0000000280)=[{&(0x7f00000005c0)=""/196, 0xc4}, {&(0x7f00000006c0)=""/227, 0xe3}, {&(0x7f0000000e00)=""/216, 0xd8}, {&(0x7f00000008c0)=""/88, 0x58}, {&(0x7f0000000940)=""/88, 0x58}], 0x5, &(0x7f00000003c0)=""/30, 0x1e}, 0x1}, {{&(0x7f00000009c0)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000a40)=""/45, 0x2d}, {&(0x7f0000000bc0)=""/184, 0xb8}, {&(0x7f0000000a80)=""/2, 0x2}, {&(0x7f0000000ac0)=""/61, 0x3d}], 0x4, &(0x7f0000000cc0)=""/193, 0xc1}, 0x5}], 0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r5 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xf1\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1', 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x7c}}, 0x14}}, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000e67b01"])
write$binfmt_elf32(r5, &(0x7f0000001880)=ANY=[@ANYBLOB="7f454c466000002ed8e4f97765ce27b90300060000000000000000b738000000000035f4c38422a3bc8220000500000004020300b300000000002a002400b3d7c52ebf31a8d5c8c3c6cb00000009e500d5ffffff05ffffff03"], 0xd8)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x50007a2)
close(r4)

1.619976763s ago: executing program 2 (id=513):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x0, 0x0, 0x0, 0x400}, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x334, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x958, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff]}, 0x45c)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r1, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmmsg(r4, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/88, 0x58}], 0xd}}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r0], 0x40}}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x1}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r9, <r10=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70500000800000085299d1a4a0000009500000000000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_BOOT_CPU_ID(r8, 0xae78, 0x0)
write$sysctl(r6, &(0x7f0000000580)='1\x00', 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r11 = openat$nvram(0xffffff9c, &(0x7f0000000040), 0x82000, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(r11, 0xc06464ce, &(0x7f00000001c0)={0x0, 0x4, 0x7, 0xfff, 0x3, [], [0x8, 0x5, 0x8, 0xb], [0x2, 0x5, 0xd76d, 0x4], [0x9, 0x6, 0x1, 0x1]})

1.188193234s ago: executing program 1 (id=514):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
process_vm_writev(0x0, 0x0, 0x48, 0x0, 0x0, 0x0)

1.120345724s ago: executing program 2 (id=515):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af", 0xa2}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000b40)=[{0x0}, {&(0x7f0000000840)}, {&(0x7f0000000880)="b45a498ea447ee6048871218", 0xc}], 0x3}}], 0x3, 0x0)

1.119830792s ago: executing program 1 (id=516):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0xffe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1, {0x4, 0xffff}}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x0, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}]}, 0x1c}}, 0x0)
socket(0x10, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f0000000080)={0x1}, 0x8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6800000010000100000000000000000000000000fb955299e7c652c93b82e69b74f797d53c5ba72e2b33768d97c1caa9d193449ceb0a6f1207243a3e6f58f251bbb959e8d3d60dfc0e9edd", @ANYRES32=r9, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32=r9, @ANYBLOB], 0x68}}, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x4c, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @deauth={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x10, {0x0, "0262c80200", @short="094c1f2501e02962"}}}}]}, 0x4c}}, 0x0)
socket(0x0, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x4)
close(0xffffffffffffffff)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4810}, 0x40001)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800150000000000050016"], 0x4c}}, 0x0)

1.058520592s ago: executing program 3 (id=517):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
io_setup(0x5, &(0x7f00000006c0)=<r1=>0x0)
r2 = eventfd2(0x9, 0x0)
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}])
socket$nl_route(0x10, 0x3, 0x0)

949.830236ms ago: executing program 2 (id=518):
r0 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0x5421, &(0x7f0000000380)={'\v\x00', 0x0, 0x5, 0x2, 0x0, 0x0, "f759e10000001000000000fc6300", '\x00\x00\a\x00', "0300", "e859ad13", ["8bada940edff000a00", "c2fed6bf0400000000000040", "000000ff0000000000000020", "0000000000000000000100"]})

949.452735ms ago: executing program 3 (id=519):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0xffe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1, {0x4, 0xffff}}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x0, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}]}, 0x1c}}, 0x0)
socket(0x10, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f0000000080)={0x1}, 0x8)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6800000010000100000000000000000000000000fb955299e7c652c93b82e69b74f797d53c5ba72e2b33768d97c1caa9d193449ceb0a6f1207243a3e6f58f251bbb959e8d3d60dfc0e9edd", @ANYRES32=r9, @ANYBLOB="0000000000000000480012800e0001006970366772657461700000003400028008000100", @ANYRES32=r9, @ANYBLOB], 0x68}}, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x4c, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @deauth={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x10, {0x0, "0262c80200", @short="094c1f2501e02962"}}}}]}, 0x4c}}, 0x0)
socket(0x0, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x4)
close(0xffffffffffffffff)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4810}, 0x40001)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800150000000000050016"], 0x4c}}, 0x0)

948.625307ms ago: executing program 1 (id=520):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
io_setup(0x5, &(0x7f00000006c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x300, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

880.227271ms ago: executing program 2 (id=521):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
r0 = syz_io_uring_setup(0x4171, &(0x7f00000005c0)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, 0x0, &(0x7f0000000640)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0)
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x40000080806, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000240)=0x80000000)
bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20, 0x2800000, @loopback}, 0xffffffffffffffc7)
listen(r2, 0x20000005)
socket$inet6(0xa, 0x6, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x2d, 0x0)
setsockopt$inet_int(r3, 0x0, 0xb, 0x0, 0x0)
r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x0)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$vcsu(&(0x7f0000000200), 0xfb, 0x0)
read$FUSE(r6, &(0x7f0000000b00)={0x2020}, 0x2020)
ioctl$VIDIOC_QUERY_EXT_CTRL(r6, 0xc0e85667, 0x0)
pwritev(r5, &(0x7f0000000600)=[{&(0x7f0000000380)="b9", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CLR_FD(r4, 0x4c01)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
write$tun(0xffffffffffffffff, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
r8 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r8)

804.891743ms ago: executing program 1 (id=522):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRES64=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c3c0)={0x2020}, 0x2020)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080))
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000280), 0xff4a)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, &(0x7f0000000440), 0x10)
listen(r5, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080)='\x00', 0xfffffffffffffcbe}, {&(0x7f0000000300)="4410cbb9cd89b81b65a33ff653b92714ab0e9d3817ab0a0f849f7d1df4c231d8f8f18fb3bc5054deb6e8b2f6a424abc351a295590b800d5a50bc7c7c2b948d47293e00d625ca3a9626e3113475c3cc05579cb9d7e96010b471bf8390144cb87d998b9800c9cb50e611d59194e571cb9d0700fb0f81c2e028c1f237596c4eda38d39fd478d6d9994e4b5b257a1d35d12a3dc9c6a2c5048c0fda4bc80ffacb10dd1b1883bbefef25f3364e8db1d649e53b8041fb79e00cdbbebefabf983623108691355e70171bf311890d5c98da7da0684db1f9741bdce3e7cdf05340899142374de18178959e4d63ad2413e1a9e0f7bb56b47df6000000000000", 0x44}], 0x1)
r6 = accept4$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000001680), 0x4000000000000a1, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

687.813536ms ago: executing program 3 (id=523):
r0 = getpgrp(0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000340)=""/69, 0x623c41ea}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$inet6(0xa, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'})
socket$netlink(0x10, 0x3, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)=ANY=[@ANYBLOB="9feb01e8b846c183fbdd9d000000000000000000020000000000"], 0x0, 0x1a}, 0x20)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
ioctl$UDMABUF_CREATE_LIST(r3, 0x40087543, &(0x7f0000000080)={0x0, 0x300})
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@getqdisc={0x30, 0x26, 0x10, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x2, 0x1}, {0x1, 0x5}, {0xfff6, 0xb}}, [{0x4}, {0x4}, {0x4}]}, 0x30}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_open_procfs(r0, &(0x7f0000000040)='attr/prev\x00')
fchdir(r7)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r8, &(0x7f0000000380), 0x56)

111.850797ms ago: executing program 3 (id=524):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x0, 0x0, 0x0, 0x1}, 0x1c)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc040aed5, &(0x7f0000000040)=ANY=[]) (fail_nth: 5)

0s ago: executing program 2 (id=525):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b0400000000000000010073797a300000000028000480240001800b00010072656a65637400001400028005000200200000000800000000020900020073797a3200000000140000001100010000000000000000000000000a00000000000000"], 0x7c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000540)={'ip_vti0\x00', &(0x7f00000004c0)={'sit0\x00', <r3=>0x0, 0x700, 0x700, 0xffffffa2, 0x5, {{0xf, 0x4, 0x3, 0x4, 0x3c, 0x67, 0x0, 0xb4, 0x2f, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@end, @timestamp_addr={0x44, 0x24, 0x9a, 0x1, 0x6, [{@broadcast, 0x4}, {@local, 0xffff}, {@dev={0xac, 0x14, 0x14, 0xa}}, {@empty, 0x77b}]}, @noop]}}}}})
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000580)={0x1, 0x1, 0xfe, 0x80000001, @vifc_lcl_ifindex=r3, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
close(r1)
splice(r0, 0x0, r1, 0x0, 0x10500, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='kvm_unmap_hva_range\x00', r6}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$TUNGETVNETHDRSZ(r5, 0x800454d7, &(0x7f00000005c0))
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00'})
ioctl(r7, 0x8b22, &(0x7f0000000040))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000480)=[{&(0x7f0000000080)=""/205, 0xcd}, {&(0x7f0000000180)=""/255, 0xff}, {&(0x7f0000000280)=""/124, 0x7c}, {&(0x7f0000000300)=""/88, 0x58}, {&(0x7f0000000000)=""/44, 0x2c}, {&(0x7f00000003c0)=""/136, 0x88}], 0x6)

kernel console output (not intermixed with test programs):

 type 2 family 0 port 6081 - 0
[   61.500199][ T5234] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.504023][ T5234] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.508711][ T5234] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.578585][ T5223] veth0_macvtap: entered promiscuous mode
[   61.597475][ T5223] veth1_macvtap: entered promiscuous mode
[   61.604677][ T5230] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.682372][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.688477][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.694009][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.709542][ T5223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.711291][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.713807][ T5223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.717337][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.723323][ T5223] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.733976][ T5223] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.738709][ T5223] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.743147][ T5223] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.748189][ T5223] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.764808][ T5227] veth0_vlan: entered promiscuous mode
[   61.809391][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.812778][ T5227] veth1_vlan: entered promiscuous mode
[   61.813670][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.906661][ T5230] veth0_vlan: entered promiscuous mode
[   61.921013][ T5227] veth0_macvtap: entered promiscuous mode
[   61.939795][ T5230] veth1_vlan: entered promiscuous mode
[   61.951924][ T5227] veth1_macvtap: entered promiscuous mode
[   61.971552][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.984764][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.029571][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.039072][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.043375][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.055854][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.061991][ T5227] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.068736][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.072295][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.081410][ T5230] veth0_macvtap: entered promiscuous mode
[   62.088189][ T5230] veth1_macvtap: entered promiscuous mode
[   62.103844][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.109177][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.113003][ T5227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.118367][ T5227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.129019][ T5227] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.136471][ T5230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.141417][ T5230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.146136][ T5230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.150302][ T5230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.154466][ T5230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.160240][ T5230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.166514][ T5230] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.177517][ T5227] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.181201][ T5227] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.189014][ T5227] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.192483][ T5227] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.220385][ T5230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.225069][ T5230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.230329][ T5230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.235010][ T5230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.239688][ T5230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.244267][ T5230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.250964][ T5230] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.266013][ T5230] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.270126][ T5230] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.274405][ T5230] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.278921][ T5230] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.304441][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   62.355027][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.361784][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.364398][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   62.383882][ T5292] Zero length message leads to an empty skb
[   62.409571][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   62.410827][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   62.413206][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   62.416858][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   62.419948][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   62.448781][ T1185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.452350][ T1185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.511401][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.518443][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.542255][   T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.552022][   T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.642324][    T8] usb 5-1: Using ep0 maxpacket: 16
[   62.656080][    T8] usb 5-1: config 235 has an invalid interface number: 240 but max is 0
[   62.659739][    T8] usb 5-1: config 235 has no interface number 0
[   62.669612][    T8] usb 5-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[   62.674598][    T8] usb 5-1: config 235 interface 240 has no altsetting 0
[   62.696301][    T8] usb 5-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[   62.700067][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.703392][    T8] usb 5-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬ʏ
[   62.717763][    T8] usb 5-1: Manufacturer: 、
[   62.719863][    T8] usb 5-1: SerialNumber: syz
[   62.732245][ T5297] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[   62.734873][ T5296] process 'syz.3.4' launched './file1' with NULL argv: empty string added
[   62.735893][ T5297] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   62.737125][ T5297] vhci_hcd vhci_hcd.0: Device attached
[   62.786252][ T5298] vhci_hcd: connection closed
[   62.811759][   T11] vhci_hcd: stop threads
[   62.828740][   T11] vhci_hcd: release socket
[   62.831249][   T11] vhci_hcd: disconnect device
[   62.883452][ T5296] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET)
[   63.106551][ T5301] syz.0.1: attempt to access beyond end of device
[   63.106551][ T5301] loop0: rw=0, sector=0, nr_sectors = 8 limit=0
[   63.113937][ T5301] F2FS-fs (loop0): Unable to read 1th superblock
[   63.117676][ T5301] syz.0.1: attempt to access beyond end of device
[   63.117676][ T5301] loop0: rw=0, sector=8, nr_sectors = 8 limit=0
[   63.124190][ T5301] F2FS-fs (loop0): Unable to read 2th superblock
[   63.285593][ T5229] Bluetooth: hci1: command tx timeout
[   63.301827][ T5229] Bluetooth: hci0: command tx timeout
[   63.365694][ T5229] Bluetooth: hci3: command tx timeout
[   63.366604][ T4652] Bluetooth: hci2: command tx timeout
[   63.408293][   T39] audit: type=1326 audit(1721560693.825:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.422785][   T39] audit: type=1326 audit(1721560693.825:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.429786][ T5308] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7'.
[   63.434091][   T39] audit: type=1326 audit(1721560693.825:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.453104][   T39] audit: type=1326 audit(1721560693.825:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.462820][   T39] audit: type=1326 audit(1721560693.825:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.471606][   T39] audit: type=1326 audit(1721560693.825:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.480424][   T39] audit: type=1326 audit(1721560693.825:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.489855][   T39] audit: type=1326 audit(1721560693.835:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x0
[   63.499424][   T39] audit: type=1326 audit(1721560693.845:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5304 comm="syz.2.6" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[   63.533162][   T39] audit: type=1326 audit(1721560693.955:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.3.5" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   63.772191][ T5315] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   63.783220][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[   63.794973][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   64.150110][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   64.176592][ T5320] netlink: 72 bytes leftover after parsing attributes in process `syz.3.9'.
[   64.427293][ T5327] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   64.747003][ T5333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13'.
[   65.073484][    T8] hso 5-1:235.240: Not our interface
[   65.097506][    T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!!
[   65.110451][    T8] usb 5-1: USB disconnect, device number 2
[   65.176865][ T5341] netlink: 72 bytes leftover after parsing attributes in process `syz.0.16'.
[   65.365511][ T4652] Bluetooth: hci0: command tx timeout
[   65.365547][ T5229] Bluetooth: hci1: command tx timeout
[   65.445672][ T5229] Bluetooth: hci3: command tx timeout
[   65.445739][ T4652] Bluetooth: hci2: command tx timeout
[   65.495509][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   65.766874][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   66.046105][ T5357] netlink: 4 bytes leftover after parsing attributes in process `syz.1.19'.
[   67.355445][ T5377] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   67.355944][ T5374] netlink: 72 bytes leftover after parsing attributes in process `syz.1.25'.
[   67.358321][ T5377] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   67.370304][ T5377] vhci_hcd vhci_hcd.0: Device attached
[   67.468727][ T5379] vhci_hcd: connection closed
[   67.471063][   T11] vhci_hcd: stop threads
[   67.476025][   T11] vhci_hcd: release socket
[   67.478132][   T11] vhci_hcd: disconnect device
[   68.206112][ T5404] netlink: 'syz.2.32': attribute type 10 has an invalid length.
[   68.225594][ T5404] team0: Port device netdevsim0 added
[   68.244903][ T5404] netlink: 'syz.2.32': attribute type 10 has an invalid length.
[   68.260676][ T5404] team0: Port device netdevsim0 removed
[   68.266160][ T5404] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   69.004142][ T5423] netlink: 'syz.3.39': attribute type 10 has an invalid length.
[   69.023766][ T5423] team0: Port device netdevsim0 added
[   69.049883][   T39] kauditd_printk_skb: 100 callbacks suppressed
[   69.049892][   T39] audit: type=1326 audit(1721560699.475:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.061543][ T5423] netlink: 'syz.3.39': attribute type 10 has an invalid length.
[   69.064889][   T39] audit: type=1326 audit(1721560699.475:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.078681][   T39] audit: type=1326 audit(1721560699.475:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.088416][   T39] audit: type=1326 audit(1721560699.475:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.097864][   T39] audit: type=1326 audit(1721560699.475:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.100298][ T5423] team0: Port device netdevsim0 removed
[   69.107447][   T39] audit: type=1326 audit(1721560699.475:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.119310][   T39] audit: type=1326 audit(1721560699.475:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.128815][   T39] audit: type=1326 audit(1721560699.475:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.137871][ T5423] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   69.142288][   T39] audit: type=1326 audit(1721560699.475:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.151974][   T39] audit: type=1326 audit(1721560699.475:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5419 comm="syz.1.38" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[   69.398732][ T5436] netlink: 'syz.2.42': attribute type 10 has an invalid length.
[   69.419102][ T5436] bond0: (slave netdevsim0): Releasing backup interface
[   69.426325][ T5436] team0: Port device netdevsim0 added
[   69.456760][ T5436] netlink: 'syz.2.42': attribute type 10 has an invalid length.
[   69.474979][ T5436] team0: Port device netdevsim0 removed
[   69.481776][ T5436] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   69.547409][ T5438] netlink: 72 bytes leftover after parsing attributes in process `syz.3.43'.
[   70.591912][ T5460] netlink: 'syz.2.49': attribute type 10 has an invalid length.
[   70.605080][ T5460] bond0: (slave netdevsim0): Releasing backup interface
[   70.613514][ T5460] team0: Port device netdevsim0 added
[   70.637851][ T5460] netlink: 'syz.2.49': attribute type 10 has an invalid length.
[   70.645757][ T5460] team0: Port device netdevsim0 removed
[   70.650882][ T5460] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   71.155260][ T5482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.55'.
[   72.331272][ T5504] netlink: 'syz.3.61': attribute type 10 has an invalid length.
[   72.340353][ T5504] bond0: (slave netdevsim0): Releasing backup interface
[   72.349706][ T5504] team0: Port device netdevsim0 added
[   72.376477][ T5504] netlink: 'syz.3.61': attribute type 10 has an invalid length.
[   72.393944][ T5504] team0: Port device netdevsim0 removed
[   72.400811][ T5504] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   74.596473][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[   74.606594][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   74.730476][   T39] kauditd_printk_skb: 55 callbacks suppressed
[   74.730489][   T39] audit: type=1326 audit(1721560705.155:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.71" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x0
[   75.917568][ T5548] netlink: 72 bytes leftover after parsing attributes in process `syz.2.74'.
[   76.897778][ T1357] ieee802154 phy0 wpan0: encryption failed: -22
[   76.900867][ T1357] ieee802154 phy1 wpan1: encryption failed: -22
[   77.854016][   T39] audit: type=1326 audit(1721560708.275:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5573 comm="syz.0.83" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[   78.163889][   T39] audit: type=1326 audit(1721560708.585:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   78.200720][   T39] audit: type=1326 audit(1721560708.595:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   78.210246][   T39] audit: type=1326 audit(1721560708.605:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   78.234733][   T39] audit: type=1326 audit(1721560708.605:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   78.245776][   T39] audit: type=1326 audit(1721560708.605:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   78.253858][   T39] audit: type=1326 audit(1721560708.625:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x0
[   78.274374][   T39] audit: type=1326 audit(1721560708.695:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   78.291023][   T39] audit: type=1326 audit(1721560708.705:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5576 comm="syz.3.84" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   79.017874][ T5595] netlink: 'syz.1.88': attribute type 10 has an invalid length.
[   79.034288][ T5595] team0: Port device netdevsim0 added
[   79.057642][ T5595] netlink: 'syz.1.88': attribute type 10 has an invalid length.
[   79.070575][ T5595] team0: Port device netdevsim0 removed
[   79.077370][ T5595] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   79.737019][   T39] kauditd_printk_skb: 25 callbacks suppressed
[   79.737033][   T39] audit: type=1326 audit(1721560710.165:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.757199][   T39] audit: type=1326 audit(1721560710.175:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.766559][   T39] audit: type=1326 audit(1721560710.175:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.774590][   T39] audit: type=1326 audit(1721560710.185:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[   79.831213][   T39] audit: type=1326 audit(1721560710.245:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.866879][   T39] audit: type=1326 audit(1721560710.245:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.877274][   T39] audit: type=1326 audit(1721560710.245:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.904280][   T39] audit: type=1326 audit(1721560710.255:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.938965][   T39] audit: type=1326 audit(1721560710.365:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[   79.950785][   T39] audit: type=1326 audit(1721560710.365:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5608 comm="syz.2.91" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[   80.825542][    T8] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   81.005341][    T8] usb 6-1: Using ep0 maxpacket: 16
[   81.016906][    T8] usb 6-1: config 235 has an invalid interface number: 240 but max is 0
[   81.025115][    T8] usb 6-1: config 235 has no interface number 0
[   81.029370][    T8] usb 6-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[   81.034112][    T8] usb 6-1: config 235 interface 240 has no altsetting 0
[   81.052662][    T8] usb 6-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[   81.056859][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.061898][    T8] usb 6-1: Manufacturer: 、
[   81.064170][    T8] usb 6-1: SerialNumber: Ѝ
[   81.444158][ T5638] syz.1.94: attempt to access beyond end of device
[   81.444158][ T5638] loop1: rw=0, sector=0, nr_sectors = 8 limit=0
[   81.450568][ T5638] F2FS-fs (loop1): Unable to read 1th superblock
[   81.455296][ T5638] syz.1.94: attempt to access beyond end of device
[   81.455296][ T5638] loop1: rw=0, sector=8, nr_sectors = 8 limit=0
[   81.474606][ T5638] F2FS-fs (loop1): Unable to read 2th superblock
[   81.758682][ T5640] netlink: 72 bytes leftover after parsing attributes in process `syz.0.98'.
[   82.190470][ T5646] netlink: 72 bytes leftover after parsing attributes in process `syz.3.100'.
[   83.021568][ T5660] netlink: 'syz.0.105': attribute type 10 has an invalid length.
[   83.038681][ T5660] team0: Port device netdevsim0 added
[   83.060896][ T5660] netlink: 'syz.0.105': attribute type 10 has an invalid length.
[   83.072422][ T5660] team0: Port device netdevsim0 removed
[   83.077298][ T5660] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   83.416360][ T5668] netlink: 72 bytes leftover after parsing attributes in process `syz.3.107'.
[   83.587008][    T8] hso 6-1:235.240: Not our interface
[   83.607290][    T8] usb 6-1: USB disconnect, device number 2
[   83.607835][ T5671] netlink: 'syz.2.108': attribute type 10 has an invalid length.
[   83.641726][ T5671] bond0: (slave netdevsim0): Releasing backup interface
[   83.658100][ T5671] team0: Port device netdevsim0 added
[   83.665154][ T5675] netlink: 'syz.3.110': attribute type 10 has an invalid length.
[   83.686278][ T5675] bond0: (slave netdevsim0): Releasing backup interface
[   83.693364][ T5675] team0: Port device netdevsim0 added
[   83.699239][ T5671] netlink: 'syz.2.108': attribute type 10 has an invalid length.
[   83.710565][ T5671] team0: Port device netdevsim0 removed
[   83.716572][ T5671] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   83.720327][ T5675] netlink: 'syz.3.110': attribute type 10 has an invalid length.
[   83.732742][ T5675] team0: Port device netdevsim0 removed
[   83.738369][ T5675] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   84.208070][ T5687] netlink: 72 bytes leftover after parsing attributes in process `syz.0.113'.
[   84.793042][ T5698] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   84.797047][ T5698] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   84.804538][ T5698] vhci_hcd vhci_hcd.0: Device attached
[   85.075389][ T5265] usb 17-1: new high-speed USB device number 2 using vhci_hcd
[   85.225574][    T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   85.378614][ T5699] vhci_hcd: connection reset by peer
[   85.382710][   T98] vhci_hcd: stop threads
[   85.386705][   T98] vhci_hcd: release socket
[   85.389581][   T98] vhci_hcd: disconnect device
[   85.425640][    T8] usb 5-1: Using ep0 maxpacket: 16
[   85.451508][    T8] usb 5-1: config 235 has an invalid interface number: 240 but max is 0
[   85.455133][    T8] usb 5-1: config 235 has no interface number 0
[   85.465275][    T8] usb 5-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[   85.470138][    T8] usb 5-1: config 235 interface 240 has no altsetting 0
[   85.500604][    T8] usb 5-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[   85.504381][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.508446][    T8] usb 5-1: Manufacturer: 、
[   85.510468][    T8] usb 5-1: SerialNumber: Ѝ
[   85.611658][ T5709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.120'.
[   85.625059][ T5710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.119'.
[   85.876626][ T5711] syz.0.118: attempt to access beyond end of device
[   85.876626][ T5711] loop0: rw=0, sector=0, nr_sectors = 8 limit=0
[   85.882185][ T5711] F2FS-fs (loop0): Unable to read 1th superblock
[   85.884776][ T5711] syz.0.118: attempt to access beyond end of device
[   85.884776][ T5711] loop0: rw=0, sector=8, nr_sectors = 8 limit=0
[   85.893450][ T5711] F2FS-fs (loop0): Unable to read 2th superblock
[   85.988147][   T39] kauditd_printk_skb: 57 callbacks suppressed
[   85.988162][   T39] audit: type=1326 audit(1721560716.415:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   85.999616][   T39] audit: type=1326 audit(1721560716.415:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.008524][   T39] audit: type=1326 audit(1721560716.415:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.016747][   T39] audit: type=1326 audit(1721560716.415:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.024907][   T39] audit: type=1326 audit(1721560716.415:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.038230][   T39] audit: type=1326 audit(1721560716.425:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.047119][   T39] audit: type=1326 audit(1721560716.425:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.056310][   T39] audit: type=1326 audit(1721560716.425:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.066036][   T39] audit: type=1326 audit(1721560716.425:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   86.076945][   T39] audit: type=1326 audit(1721560716.425:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5712 comm="syz.3.121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   87.140236][  T827] cfg80211: failed to load regulatory.db
[   87.614935][ T5739] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[   87.617374][ T5739] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   87.621889][ T5739] vhci_hcd vhci_hcd.0: Device attached
[   87.906653][   T25] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[   88.051390][    T8] hso 5-1:235.240: Not our interface
[   88.088037][    T8] usb 5-1: USB disconnect, device number 3
[   88.219229][ T5740] vhci_hcd: connection reset by peer
[   88.221720][ T1132] vhci_hcd: stop threads
[   88.223484][ T1132] vhci_hcd: release socket
[   88.252103][ T1132] vhci_hcd: disconnect device
[   88.402066][ T5755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.130'.
[   89.161466][ T5767] netlink: 'syz.1.133': attribute type 10 has an invalid length.
[   89.174374][ T5767] bond0: (slave netdevsim0): Releasing backup interface
[   89.181234][ T5767] team0: Port device netdevsim0 added
[   89.188316][ T5767] netlink: 'syz.1.133': attribute type 10 has an invalid length.
[   89.198896][ T5767] team0: Port device netdevsim0 removed
[   89.204670][ T5767] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   89.549712][ T5774] netlink: 72 bytes leftover after parsing attributes in process `syz.2.136'.
[   89.719344][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[   89.723364][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   90.215575][ T5265] vhci_hcd: vhci_device speed not set
[   90.494411][ T5799] netlink: 'syz.0.142': attribute type 10 has an invalid length.
[   90.513480][ T5799] bond0: (slave netdevsim0): Releasing backup interface
[   90.521398][ T5799] team0: Port device netdevsim0 added
[   90.529954][ T5799] netlink: 'syz.0.142': attribute type 10 has an invalid length.
[   90.555436][ T5799] team0: Port device netdevsim0 removed
[   90.581687][ T5799] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   90.664657][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[   90.668330][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   90.953794][ T5810] netlink: 72 bytes leftover after parsing attributes in process `syz.3.145'.
[   92.649642][ T5827] netlink: 'syz.1.150': attribute type 10 has an invalid length.
[   92.668553][ T5827] bond0: (slave netdevsim0): Releasing backup interface
[   92.675827][ T5827] team0: Port device netdevsim0 added
[   92.733214][ T5827] netlink: 'syz.1.150': attribute type 10 has an invalid length.
[   92.754820][ T5827] team0: Port device netdevsim0 removed
[   92.762960][ T5827] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   92.978255][ T5829] netlink: 'syz.1.151': attribute type 10 has an invalid length.
[   92.992983][ T5829] bond0: (slave netdevsim0): Releasing backup interface
[   93.008741][ T5829] team0: Port device netdevsim0 added
[   93.031378][ T5829] netlink: 'syz.1.151': attribute type 10 has an invalid length.
[   93.045794][   T25] vhci_hcd: vhci_device speed not set
[   93.054588][ T5829] team0: Port device netdevsim0 removed
[   93.058848][ T5829] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   93.136421][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[   93.147232][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   94.889387][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[   94.893253][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   95.769059][ T5865] netlink: 'syz.0.161': attribute type 10 has an invalid length.
[   95.843621][ T5865] bond0: (slave netdevsim0): Releasing backup interface
[   95.877001][ T5865] team0: Port device netdevsim0 added
[   95.880836][ T5867] netlink: 'syz.0.161': attribute type 10 has an invalid length.
[   95.899880][ T5867] team0: Port device netdevsim0 removed
[   95.923025][ T5867] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   96.116149][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[   96.120380][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[   97.405294][ T5906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.169'.
[   98.132156][   T39] kauditd_printk_skb: 58 callbacks suppressed
[   98.132169][   T39] audit: type=1326 audit(1721560728.555:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.145170][   T39] audit: type=1326 audit(1721560728.555:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.159657][   T39] audit: type=1326 audit(1721560728.575:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.172532][   T39] audit: type=1326 audit(1721560728.575:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.183454][   T39] audit: type=1326 audit(1721560728.575:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.192367][   T39] audit: type=1326 audit(1721560728.575:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.202768][   T39] audit: type=1326 audit(1721560728.575:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.214063][   T39] audit: type=1326 audit(1721560728.575:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.216798][ T5917] netlink: 'syz.0.172': attribute type 10 has an invalid length.
[   98.224310][   T39] audit: type=1326 audit(1721560728.575:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.237037][   T39] audit: type=1326 audit(1721560728.575:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5910 comm="syz.3.171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[   98.250869][ T5917] bond0: (slave netdevsim0): Releasing backup interface
[   98.261025][ T5917] team0: Port device netdevsim0 added
[   98.298363][ T5917] netlink: 'syz.0.172': attribute type 10 has an invalid length.
[   98.323326][ T5917] team0: Port device netdevsim0 removed
[   98.359867][ T5917] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  100.004107][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  100.008767][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  100.512033][ T5961] netlink: 4 bytes leftover after parsing attributes in process `syz.3.181'.
[  100.545866][ T5963] netlink: 72 bytes leftover after parsing attributes in process `syz.1.182'.
[  102.746474][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  102.754088][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  103.190238][   T39] kauditd_printk_skb: 56 callbacks suppressed
[  103.190248][   T39] audit: type=1326 audit(1721560733.615:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.228798][   T39] audit: type=1326 audit(1721560733.615:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.238446][   T39] audit: type=1326 audit(1721560733.615:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.247586][   T39] audit: type=1326 audit(1721560733.615:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.256722][   T39] audit: type=1326 audit(1721560733.625:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.266500][   T39] audit: type=1326 audit(1721560733.625:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.276948][   T39] audit: type=1326 audit(1721560733.625:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.288269][   T39] audit: type=1326 audit(1721560733.625:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.308981][   T39] audit: type=1326 audit(1721560733.625:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.330170][   T39] audit: type=1326 audit(1721560733.625:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6014 comm="syz.2.195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  103.614494][ T6032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.197'.
[  103.996567][ T6036] netlink: 72 bytes leftover after parsing attributes in process `syz.2.200'.
[  104.437900][ T6053] netlink: 'syz.2.205': attribute type 10 has an invalid length.
[  104.446754][ T6053] bond0: (slave netdevsim0): Releasing backup interface
[  104.452840][ T6053] team0: Port device netdevsim0 added
[  104.476780][ T6053] netlink: 'syz.2.205': attribute type 10 has an invalid length.
[  104.485495][ T6053] team0: Port device netdevsim0 removed
[  104.490537][ T6053] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  104.743518][ T6058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.206'.
[  105.116360][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  105.121003][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  106.340474][ T6077] netlink: 4 bytes leftover after parsing attributes in process `syz.1.212'.
[  106.722297][ T6081] netlink: 72 bytes leftover after parsing attributes in process `syz.1.214'.
[  106.851184][ T6086] netlink: 'syz.0.216': attribute type 10 has an invalid length.
[  106.858596][ T6086] bond0: (slave netdevsim0): Releasing backup interface
[  106.868977][ T6086] team0: Port device netdevsim0 added
[  106.891730][ T6086] netlink: 'syz.0.216': attribute type 10 has an invalid length.
[  106.900951][ T6086] team0: Port device netdevsim0 removed
[  106.908585][ T6086] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  107.058069][  T826] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  107.245483][  T826] usb 7-1: Using ep0 maxpacket: 16
[  107.292039][ T6091] netlink: 72 bytes leftover after parsing attributes in process `syz.0.218'.
[  107.312901][  T826] usb 7-1: config 235 has an invalid interface number: 240 but max is 0
[  107.318376][  T826] usb 7-1: config 235 has no interface number 0
[  107.321373][  T826] usb 7-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  107.326326][  T826] usb 7-1: config 235 interface 240 has no altsetting 0
[  107.333718][  T826] usb 7-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  107.337790][  T826] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.341025][  T826] usb 7-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒
[  107.351380][  T826] usb 7-1: Manufacturer: 、
[  107.353378][  T826] usb 7-1: SerialNumber: Ѝ
[  107.388547][ T6093] netlink: 'syz.1.219': attribute type 10 has an invalid length.
[  107.396572][ T6093] bond0: (slave netdevsim0): Releasing backup interface
[  107.404597][ T6093] team0: Port device netdevsim0 added
[  107.443592][ T6093] netlink: 'syz.1.219': attribute type 10 has an invalid length.
[  107.455483][ T6093] team0: Port device netdevsim0 removed
[  107.461882][ T6093] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  107.664708][ T4652] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  107.687794][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  107.728598][ T6103] netlink: 72 bytes leftover after parsing attributes in process `syz.1.223'.
[  107.734497][ T6100] netlink: 4 bytes leftover after parsing attributes in process `syz.0.222'.
[  107.812580][ T6108] syz.2.215: attempt to access beyond end of device
[  107.812580][ T6108] loop2: rw=0, sector=0, nr_sectors = 8 limit=0
[  107.826705][ T6108] F2FS-fs (loop2): Unable to read 1th superblock
[  107.830972][ T6108] syz.2.215: attempt to access beyond end of device
[  107.830972][ T6108] loop2: rw=0, sector=8, nr_sectors = 8 limit=0
[  107.837735][ T6108] F2FS-fs (loop2): Unable to read 2th superblock
[  108.910803][   T39] kauditd_printk_skb: 30 callbacks suppressed
[  108.910818][   T39] audit: type=1326 audit(1721560739.335:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.3.226" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x0
[  109.469660][ T6128] netlink: 72 bytes leftover after parsing attributes in process `syz.1.229'.
[  109.799565][  T826] hso 7-1:235.240: Not our interface
[  109.839633][  T826] usb 7-1: USB disconnect, device number 2
[  109.955939][ T6137] netlink: 'syz.2.232': attribute type 10 has an invalid length.
[  109.966953][ T6137] bond0: (slave netdevsim0): Releasing backup interface
[  109.980263][ T6137] team0: Port device netdevsim0 added
[  110.012331][   T39] audit: type=1326 audit(1721560740.435:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.015554][ T6137] netlink: 'syz.2.232': attribute type 10 has an invalid length.
[  110.032492][   T39] audit: type=1326 audit(1721560740.445:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.050920][   T39] audit: type=1326 audit(1721560740.445:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.060573][   T39] audit: type=1326 audit(1721560740.445:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.061540][ T6137] team0: Port device netdevsim0 removed
[  110.069953][   T39] audit: type=1326 audit(1721560740.455:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.081928][   T39] audit: type=1326 audit(1721560740.455:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.091860][   T39] audit: type=1326 audit(1721560740.455:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.095964][ T6137] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  110.104265][   T39] audit: type=1326 audit(1721560740.455:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  110.114484][   T39] audit: type=1326 audit(1721560740.455:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6138 comm="syz.3.233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  112.000284][ T6169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.238'.
[  112.055889][ T6171] netlink: 72 bytes leftover after parsing attributes in process `syz.1.239'.
[  112.386399][ T6177] netlink: 72 bytes leftover after parsing attributes in process `syz.0.241'.
[  112.420997][ T6178] netlink: 72 bytes leftover after parsing attributes in process `syz.1.242'.
[  112.789053][ T6187] netlink: 72 bytes leftover after parsing attributes in process `syz.1.244'.
[  113.107758][ T6197] netlink: 72 bytes leftover after parsing attributes in process `syz.1.246'.
[  113.199485][ T6201] netlink: 'syz.2.247': attribute type 10 has an invalid length.
[  113.209175][ T6201] bond0: (slave netdevsim0): Releasing backup interface
[  113.216222][ T6201] team0: Port device netdevsim0 added
[  113.233775][ T6201] netlink: 'syz.2.247': attribute type 10 has an invalid length.
[  113.243959][ T6201] team0: Port device netdevsim0 removed
[  113.249153][ T6201] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  113.412759][ T6206] netlink: 72 bytes leftover after parsing attributes in process `syz.1.249'.
[  113.613789][ T6214] netlink: 72 bytes leftover after parsing attributes in process `syz.1.251'.
[  114.438791][ T6231] netlink: 4 bytes leftover after parsing attributes in process `syz.2.254'.
[  114.569193][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.1.256'.
[  114.606165][ T5263] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  114.733762][ T6236] netlink: 'syz.3.257': attribute type 10 has an invalid length.
[  114.742624][ T6236] bond0: (slave netdevsim0): Releasing backup interface
[  114.749233][ T6236] team0: Port device netdevsim0 added
[  114.770686][ T6236] netlink: 'syz.3.257': attribute type 10 has an invalid length.
[  114.779228][ T6236] team0: Port device netdevsim0 removed
[  114.784825][ T6236] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  114.798431][ T5263] usb 5-1: Using ep0 maxpacket: 16
[  114.804288][ T5263] usb 5-1: config 235 has an invalid interface number: 240 but max is 0
[  114.807895][ T5263] usb 5-1: config 235 has no interface number 0
[  114.810631][ T5263] usb 5-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  114.815692][ T5263] usb 5-1: config 235 interface 240 has no altsetting 0
[  114.823020][ T5263] usb 5-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  114.827224][ T5263] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.830734][ T5263] usb 5-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  114.837385][ T5263] usb 5-1: Manufacturer: 、
[  114.839755][ T5263] usb 5-1: SerialNumber: Ѝ
[  115.185000][ T6245] syz.0.255: attempt to access beyond end of device
[  115.185000][ T6245] loop0: rw=0, sector=0, nr_sectors = 8 limit=0
[  115.191137][ T6245] F2FS-fs (loop0): Unable to read 1th superblock
[  115.195744][ T5265] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  115.195855][ T6245] syz.0.255: attempt to access beyond end of device
[  115.195855][ T6245] loop0: rw=0, sector=8, nr_sectors = 8 limit=0
[  115.204808][ T6245] F2FS-fs (loop0): Unable to read 2th superblock
[  115.337713][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  115.340436][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  115.395597][ T5265] usb 8-1: Using ep0 maxpacket: 16
[  115.404743][ T5265] usb 8-1: config 235 has an invalid interface number: 240 but max is 0
[  115.411441][ T5265] usb 8-1: config 235 has no interface number 0
[  115.414589][ T5265] usb 8-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  115.422468][ T5265] usb 8-1: config 235 interface 240 has no altsetting 0
[  115.427568][ T5265] usb 8-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  115.431258][ T5265] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.434800][ T5265] usb 8-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  115.441484][ T5265] usb 8-1: Manufacturer: 、
[  115.443476][ T5265] usb 8-1: SerialNumber: Ѝ
[  115.817082][ T6255] syz.3.259: attempt to access beyond end of device
[  115.817082][ T6255] loop3: rw=0, sector=0, nr_sectors = 8 limit=0
[  115.825344][ T6255] F2FS-fs (loop3): Unable to read 1th superblock
[  115.828927][ T6255] syz.3.259: attempt to access beyond end of device
[  115.828927][ T6255] loop3: rw=0, sector=8, nr_sectors = 8 limit=0
[  115.834769][ T6255] F2FS-fs (loop3): Unable to read 2th superblock
[  117.375764][ T5263] hso 5-1:235.240: Not our interface
[  117.395160][ T5263] usb 5-1: USB disconnect, device number 4
[  117.488049][ T6274] netlink: 72 bytes leftover after parsing attributes in process `syz.0.266'.
[  117.965827][ T5265] hso 8-1:235.240: Not our interface
[  117.990671][ T6281] netlink: 72 bytes leftover after parsing attributes in process `syz.1.268'.
[  117.996414][ T5265] usb 8-1: USB disconnect, device number 2
[  118.672438][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  118.677188][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  119.915232][ T6308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.274'.
[  120.004236][ T6310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.275'.
[  120.342113][ T4652] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  120.348235][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  120.755104][ T6322] netlink: 'syz.0.279': attribute type 10 has an invalid length.
[  120.766619][ T6322] bond0: (slave netdevsim0): Releasing backup interface
[  120.775099][ T6322] team0: Port device netdevsim0 added
[  120.778882][ T6326] netlink: 'syz.2.281': attribute type 10 has an invalid length.
[  120.797303][ T6326] bond0: (slave netdevsim0): Releasing backup interface
[  120.802946][ T6326] team0: Port device netdevsim0 added
[  120.805954][ T6322] netlink: 'syz.0.279': attribute type 10 has an invalid length.
[  120.812878][ T6322] team0: Port device netdevsim0 removed
[  120.819070][ T6322] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  120.827752][ T6326] netlink: 'syz.2.281': attribute type 10 has an invalid length.
[  120.836924][ T6326] team0: Port device netdevsim0 removed
[  120.842135][ T6326] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  120.947585][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  120.951269][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  121.062287][ T6331] netlink: 72 bytes leftover after parsing attributes in process `syz.2.283'.
[  121.450970][ T6340] netlink: 'syz.2.285': attribute type 10 has an invalid length.
[  121.472588][ T6340] bond0: (slave netdevsim0): Releasing backup interface
[  121.489868][ T6340] team0: Port device netdevsim0 added
[  121.509758][ T6340] netlink: 'syz.2.285': attribute type 10 has an invalid length.
[  121.519148][ T6340] team0: Port device netdevsim0 removed
[  121.528772][ T6340] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  121.612104][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  121.615413][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  122.423283][ T6357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.288'.
[  122.793661][ T6360] netlink: 72 bytes leftover after parsing attributes in process `syz.2.290'.
[  123.052738][ T6366] netlink: 'syz.2.291': attribute type 10 has an invalid length.
[  123.085843][ T6366] bond0: (slave netdevsim0): Releasing backup interface
[  123.098748][ T6366] team0: Port device netdevsim0 added
[  123.135501][ T6366] netlink: 'syz.2.291': attribute type 10 has an invalid length.
[  123.159612][ T6366] team0: Port device netdevsim0 removed
[  123.188835][ T6366] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  123.293323][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  123.296861][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  123.466127][ T6381] netlink: 72 bytes leftover after parsing attributes in process `syz.2.296'.
[  123.486281][  T826] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  123.708844][   T39] kauditd_printk_skb: 32 callbacks suppressed
[  123.708854][   T39] audit: type=1326 audit(1721560754.135:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.2.297" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  123.727039][  T826] usb 8-1: Using ep0 maxpacket: 16
[  123.735964][  T826] usb 8-1: config 235 has an invalid interface number: 240 but max is 0
[  123.739780][  T826] usb 8-1: config 235 has no interface number 0
[  123.747097][  T826] usb 8-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  123.753642][  T826] usb 8-1: config 235 interface 240 has no altsetting 0
[  123.773010][  T826] usb 8-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  123.780581][  T826] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.785131][  T826] usb 8-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  123.791837][  T826] usb 8-1: Manufacturer: 、
[  123.794001][  T826] usb 8-1: SerialNumber: Ѝ
[  123.892760][ T6387] netlink: 'syz.0.298': attribute type 10 has an invalid length.
[  123.919826][ T6387] bond0: (slave netdevsim0): Releasing backup interface
[  123.927262][ T6387] team0: Port device netdevsim0 added
[  123.951923][ T6387] netlink: 'syz.0.298': attribute type 10 has an invalid length.
[  123.966813][ T6387] team0: Port device netdevsim0 removed
[  123.974529][ T6387] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  124.118420][   T39] audit: type=1326 audit(1721560754.545:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.129590][   T39] audit: type=1326 audit(1721560754.545:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.140334][   T39] audit: type=1326 audit(1721560754.545:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.150366][   T39] audit: type=1326 audit(1721560754.545:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.160052][   T39] audit: type=1326 audit(1721560754.545:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.169531][   T39] audit: type=1326 audit(1721560754.545:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.179197][   T39] audit: type=1326 audit(1721560754.545:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.182754][ T6392] syz.3.293: attempt to access beyond end of device
[  124.182754][ T6392] loop3: rw=0, sector=0, nr_sectors = 8 limit=0
[  124.187747][   T39] audit: type=1326 audit(1721560754.545:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.195738][ T6392] F2FS-fs (loop3): Unable to read 1th superblock
[  124.201167][   T39] audit: type=1326 audit(1721560754.545:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.0.299" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf7fd8579 code=0x7ffc0000
[  124.205580][ T6392] syz.3.293: attempt to access beyond end of device
[  124.205580][ T6392] loop3: rw=0, sector=8, nr_sectors = 8 limit=0
[  124.219599][ T6392] F2FS-fs (loop3): Unable to read 2th superblock
[  124.350718][ T6396] netlink: 72 bytes leftover after parsing attributes in process `syz.1.300'.
[  124.668183][ T6404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.301'.
[  124.966858][ T6407] bond0: (slave netdevsim0): Releasing backup interface
[  124.975064][ T6407] team0: Port device netdevsim0 added
[  125.000247][ T6407] team0: Port device netdevsim0 removed
[  125.003962][ T6407] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  125.683787][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  125.689243][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  126.236897][  T826] hso 8-1:235.240: Not our interface
[  126.278288][  T826] usb 8-1: USB disconnect, device number 3
[  126.781973][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  126.785086][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  127.639162][ T6459] netlink: 72 bytes leftover after parsing attributes in process `syz.2.316'.
[  127.645381][  T815] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  127.696338][ T6462] netlink: 4 bytes leftover after parsing attributes in process `syz.0.315'.
[  127.825292][  T815] usb 6-1: Using ep0 maxpacket: 16
[  127.840492][  T815] usb 6-1: config 235 has an invalid interface number: 240 but max is 0
[  127.844644][  T815] usb 6-1: config 235 has no interface number 0
[  127.858443][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  127.870178][  T815] usb 6-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  127.877171][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  127.886686][  T815] usb 6-1: config 235 interface 240 has no altsetting 0
[  127.894764][  T815] usb 6-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  127.898623][  T815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.901919][  T815] usb 6-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬ʏ
[  127.908630][  T815] usb 6-1: SerialNumber: Ѝ
[  128.209773][ T6471] netlink: 4 bytes leftover after parsing attributes in process `syz.3.318'.
[  128.266243][ T6473] syz.1.314: attempt to access beyond end of device
[  128.266243][ T6473] loop1: rw=0, sector=0, nr_sectors = 8 limit=0
[  128.273900][ T6473] F2FS-fs (loop1): Unable to read 1th superblock
[  128.277034][ T6473] syz.1.314: attempt to access beyond end of device
[  128.277034][ T6473] loop1: rw=0, sector=8, nr_sectors = 8 limit=0
[  128.282532][ T6473] F2FS-fs (loop1): Unable to read 2th superblock
[  128.483473][ T6475] validate_nla: 2 callbacks suppressed
[  128.483487][ T6475] netlink: 'syz.0.319': attribute type 10 has an invalid length.
[  128.500125][ T6475] bond0: (slave netdevsim0): Releasing backup interface
[  128.508760][ T6475] team0: Port device netdevsim0 added
[  128.531716][ T6475] netlink: 'syz.0.319': attribute type 10 has an invalid length.
[  128.543341][ T6475] team0: Port device netdevsim0 removed
[  128.549264][ T6475] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  128.649451][ T4652] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  128.654848][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  129.983957][   T39] kauditd_printk_skb: 36 callbacks suppressed
[  129.983972][   T39] audit: type=1326 audit(1721560760.405:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.3.325" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x0
[  130.364452][  T815] hso 6-1:235.240: Not our interface
[  130.375867][ T6504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.327'.
[  130.384562][  T815] usb 6-1: USB disconnect, device number 3
[  130.877425][   T39] audit: type=1326 audit(1721560761.305:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6511 comm="syz.3.329" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x0
[  131.014385][ T6517] netlink: 4 bytes leftover after parsing attributes in process `syz.2.330'.
[  131.156761][ T6521] netlink: 'syz.0.332': attribute type 10 has an invalid length.
[  131.165816][ T6521] bond0: (slave netdevsim0): Releasing backup interface
[  131.176677][ T6521] team0: Port device netdevsim0 added
[  131.202148][ T6521] netlink: 'syz.0.332': attribute type 10 has an invalid length.
[  131.213693][ T6521] team0: Port device netdevsim0 removed
[  131.221746][ T6521] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  131.761051][ T6535] netlink: 72 bytes leftover after parsing attributes in process `syz.0.337'.
[  131.814092][ T6537] netlink: 72 bytes leftover after parsing attributes in process `syz.2.338'.
[  131.859832][ T6537] netlink: 44 bytes leftover after parsing attributes in process `syz.2.338'.
[  131.924811][ T6541] netlink: 'syz.2.339': attribute type 10 has an invalid length.
[  131.932846][ T6541] bond0: (slave netdevsim0): Releasing backup interface
[  131.939413][ T6541] team0: Port device netdevsim0 added
[  131.958045][ T6541] netlink: 'syz.2.339': attribute type 10 has an invalid length.
[  131.966079][    T8] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  131.990081][ T6541] team0: Port device netdevsim0 removed
[  132.012090][ T6541] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  132.155424][    T8] usb 8-1: Using ep0 maxpacket: 16
[  132.161956][    T8] usb 8-1: config 235 has an invalid interface number: 240 but max is 0
[  132.165693][    T8] usb 8-1: config 235 has no interface number 0
[  132.168772][    T8] usb 8-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  132.174710][    T8] usb 8-1: config 235 interface 240 has no altsetting 0
[  132.180583][    T8] usb 8-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  132.184789][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.189455][    T8] usb 8-1: Product: Ѝ
[  132.191454][    T8] usb 8-1: Manufacturer: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬ʏ
[  132.198684][ T4652] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  132.203083][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  132.207012][    T8] usb 8-1: SerialNumber: syz
[  132.507503][   T39] audit: type=1326 audit(1721560762.935:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6554 comm="syz.1.344" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x0
[  132.541606][ T6559] syz.3.336: attempt to access beyond end of device
[  132.541606][ T6559] loop3: rw=0, sector=0, nr_sectors = 8 limit=0
[  132.547530][ T6559] F2FS-fs (loop3): Unable to read 1th superblock
[  132.550521][ T6559] syz.3.336: attempt to access beyond end of device
[  132.550521][ T6559] loop3: rw=0, sector=8, nr_sectors = 8 limit=0
[  132.555831][ T6559] F2FS-fs (loop3): Unable to read 2th superblock
[  132.631207][    T8] hso 8-1:235.240: Not our interface
[  132.638142][    T8] usb 8-1: USB disconnect, device number 4
[  133.126766][ T6567] netlink: 72 bytes leftover after parsing attributes in process `syz.0.347'.
[  133.206108][ T6570] netlink: 44 bytes leftover after parsing attributes in process `syz.0.347'.
[  133.385791][ T6581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.349'.
[  133.460322][ T6583] netlink: 4 bytes leftover after parsing attributes in process `syz.0.351'.
[  134.007078][   T39] audit: type=1326 audit(1721560764.435:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  134.017131][   T39] audit: type=1326 audit(1721560764.435:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  134.026408][   T39] audit: type=1326 audit(1721560764.435:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf744e579 code=0x7ffc0000
[  134.033902][   T39] audit: type=1326 audit(1721560764.435:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  134.042823][   T39] audit: type=1326 audit(1721560764.435:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf744e579 code=0x7ffc0000
[  134.051449][   T39] audit: type=1326 audit(1721560764.435:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  134.060003][   T39] audit: type=1326 audit(1721560764.435:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  135.157028][   T35] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  135.184591][ T6611] netlink: 72 bytes leftover after parsing attributes in process `syz.0.359'.
[  135.335702][   T35] usb 7-1: Using ep0 maxpacket: 16
[  135.341342][   T35] usb 7-1: config 235 has an invalid interface number: 240 but max is 0
[  135.344944][   T35] usb 7-1: config 235 has no interface number 0
[  135.355637][   T35] usb 7-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  135.360519][   T35] usb 7-1: config 235 interface 240 has no altsetting 0
[  135.372022][   T35] usb 7-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  135.376656][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.379802][   T35] usb 7-1: Product: Ѝ
[  135.381558][   T35] usb 7-1: Manufacturer: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬ʏ
[  135.388615][ T6621] netlink: 72 bytes leftover after parsing attributes in process `syz.0.363'.
[  135.389468][   T35] usb 7-1: SerialNumber: syz
[  135.627689][ T6603] syz.2.356: attempt to access beyond end of device
[  135.627689][ T6603] loop2: rw=0, sector=0, nr_sectors = 8 limit=0
[  135.634892][ T6603] F2FS-fs (loop2): Unable to read 1th superblock
[  135.641886][ T6603] syz.2.356: attempt to access beyond end of device
[  135.641886][ T6603] loop2: rw=0, sector=8, nr_sectors = 8 limit=0
[  135.648571][ T6603] F2FS-fs (loop2): Unable to read 2th superblock
[  135.659549][   T35] hso 7-1:235.240: Not our interface
[  135.669878][   T35] usb 7-1: USB disconnect, device number 3
[  136.189877][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  136.189892][   T39] audit: type=1326 audit(1721560766.605:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.204416][   T39] audit: type=1326 audit(1721560766.605:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.216205][   T39] audit: type=1326 audit(1721560766.605:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.238106][   T39] audit: type=1326 audit(1721560766.605:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.265750][   T39] audit: type=1326 audit(1721560766.605:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.275008][   T39] audit: type=1326 audit(1721560766.605:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.283769][   T39] audit: type=1326 audit(1721560766.605:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.292846][   T39] audit: type=1326 audit(1721560766.605:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.301877][   T39] audit: type=1326 audit(1721560766.605:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.310782][   T39] audit: type=1326 audit(1721560766.605:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.3.366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000
[  136.660329][ T4652] Bluetooth: hci3: unexpected event 0x34 length: 10 > 6
[  136.661341][ T6652] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.369'.
[  137.091313][ T4652] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  137.094845][ T4652] Bluetooth: Frame is too long (len 18, expected len 4)
[  138.175904][ T5262] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  138.285695][    T8] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  138.328833][ T1357] ieee802154 phy0 wpan0: encryption failed: -22
[  138.331294][ T1357] ieee802154 phy1 wpan1: encryption failed: -22
[  138.355537][ T5262] usb 6-1: Using ep0 maxpacket: 16
[  138.361519][ T5262] usb 6-1: config 235 has an invalid interface number: 240 but max is 0
[  138.364770][ T5262] usb 6-1: config 235 has no interface number 0
[  138.368004][ T5262] usb 6-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  138.372583][ T5262] usb 6-1: config 235 interface 240 has no altsetting 0
[  138.388240][ T5262] usb 6-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  138.392019][ T5262] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.397280][ T5262] usb 6-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  138.405479][ T5262] usb 6-1: Manufacturer: 、
[  138.407532][ T5262] usb 6-1: SerialNumber: Ѝ
[  138.449817][ T6691] FAULT_INJECTION: forcing a failure.
[  138.449817][ T6691] name failslab, interval 1, probability 0, space 0, times 1
[  138.455383][ T6691] CPU: 1 PID: 6691 Comm: syz.3.380 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  138.459189][ T6691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.463673][ T6691] Call Trace:
[  138.465098][ T6691]  <TASK>
[  138.466369][ T6691]  dump_stack_lvl+0x16c/0x1f0
[  138.468413][ T6691]  should_fail_ex+0x497/0x5b0
[  138.470446][ T6691]  should_failslab+0x9/0x20
[  138.472409][ T6691]  kmem_cache_alloc_node_noprof+0x71/0x310
[  138.474893][ T6691]  ? __alloc_skb+0x2b3/0x380
[  138.476879][ T6691]  __alloc_skb+0x2b3/0x380
[  138.478692][ T6691]  ? __pfx___alloc_skb+0x10/0x10
[  138.480779][ T6691]  ? __pfx___might_resched+0x10/0x10
[  138.483045][ T6691]  netlink_alloc_large_skb+0x69/0x130
[  138.485203][ T6691]  netlink_sendmsg+0x689/0xd70
[  138.487266][ T6691]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.489253][ T6691]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  138.491509][ T6691]  ____sys_sendmsg+0x9b4/0xb50
[  138.493561][ T6691]  ? __pfx_____sys_sendmsg+0x10/0x10
[  138.495408][    T8] usb 7-1: Using ep0 maxpacket: 16
[  138.495627][ T6691]  ? get_compat_msghdr+0x11b/0x170
[  138.500204][ T6691]  ? __pfx___lock_acquire+0x10/0x10
[  138.501307][    T8] usb 7-1: config 235 has an invalid interface number: 240 but max is 0
[  138.502499][ T6691]  ___sys_sendmsg+0x135/0x1e0
[  138.509051][ T6691]  ? __pfx____sys_sendmsg+0x10/0x10
[  138.511814][ T6691]  ? ksys_write+0x21c/0x260
[  138.513874][ T6691]  ? __fget_light+0x173/0x210
[  138.515325][    T8] usb 7-1: config 235 has no interface number 0
[  138.515884][ T6691]  __sys_sendmsg+0x117/0x1f0
[  138.518910][    T8] usb 7-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  138.520773][ T6691]  ? __pfx___sys_sendmsg+0x10/0x10
[  138.528046][ T6691]  __do_fast_syscall_32+0x73/0x120
[  138.530305][ T6691]  do_fast_syscall_32+0x32/0x80
[  138.532412][ T6691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.535128][ T6691] RIP: 0023:0xf7f0f579
[  138.536934][ T6691] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  138.544056][ T6691] RSP: 002b:00000000f5ca556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  138.547380][ T6691] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000
[  138.550985][ T6691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.554253][ T6691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.557638][ T6691] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  138.561068][ T6691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.564849][ T6691]  </TASK>
[  138.566641][    T8] usb 7-1: config 235 interface 240 has no altsetting 0
[  138.571180][ T6691] netlink: 'syz.3.380': attribute type 8 has an invalid length.
[  138.579048][    T8] usb 7-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  138.583032][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.586805][    T8] usb 7-1: Product: Ѝ
[  138.588673][    T8] usb 7-1: Manufacturer: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬ʏ
[  138.596049][    T8] usb 7-1: SerialNumber: syz
[  138.656585][ T5262] hso 6-1:235.240: Not our interface
[  138.668158][ T5262] usb 6-1: USB disconnect, device number 4
[  138.987943][ T6700] syz.2.377: attempt to access beyond end of device
[  138.987943][ T6700] loop2: rw=0, sector=0, nr_sectors = 8 limit=0
[  138.993372][ T6700] F2FS-fs (loop2): Unable to read 1th superblock
[  138.999433][ T6700] syz.2.377: attempt to access beyond end of device
[  138.999433][ T6700] loop2: rw=0, sector=8, nr_sectors = 8 limit=0
[  139.005796][ T6700] F2FS-fs (loop2): Unable to read 2th superblock
[  139.215125][ T6702] netlink: 72 bytes leftover after parsing attributes in process `syz.1.383'.
[  139.347156][ T6702] netlink: 44 bytes leftover after parsing attributes in process `syz.1.383'.
[  139.885571][ T6708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.385'.
[  139.917398][ T6708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.385'.
[  140.447196][ T6729] netlink: 72 bytes leftover after parsing attributes in process `syz.1.390'.
[  140.512168][ T6729] netlink: 16 bytes leftover after parsing attributes in process `syz.1.390'.
[  140.668423][ T6734] netlink: 72 bytes leftover after parsing attributes in process `syz.3.392'.
[  140.769975][ T6734] netlink: 44 bytes leftover after parsing attributes in process `syz.3.392'.
[  140.857625][ T5262] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  140.861624][ T6740] FAULT_INJECTION: forcing a failure.
[  140.861624][ T6740] name failslab, interval 1, probability 0, space 0, times 0
[  140.861745][ T6740] CPU: 3 PID: 6740 Comm: syz.3.394 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  140.861763][ T6740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.861772][ T6740] Call Trace:
[  140.861778][ T6740]  <TASK>
[  140.861786][ T6740]  dump_stack_lvl+0x16c/0x1f0
[  140.861811][ T6740]  should_fail_ex+0x497/0x5b0
[  140.861834][ T6740]  should_failslab+0x9/0x20
[  140.861853][ T6740]  __kmalloc_cache_noprof+0x6b/0x310
[  140.861872][ T6740]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  140.861894][ T6740]  ? genl_start+0x1e7/0x950
[  140.861917][ T6740]  genl_start+0x1e7/0x950
[  140.861940][ T6740]  __netlink_dump_start+0x624/0x9c0
[  140.861962][ T6740]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  140.861989][ T6740]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  140.862018][ T6740]  ? apparmor_capable+0x126/0x1e0
[  140.862039][ T6740]  ? __pfx_genl_start+0x10/0x10
[  140.862057][ T6740]  ? __pfx_genl_dumpit+0x10/0x10
[  140.862075][ T6740]  ? __pfx_genl_done+0x10/0x10
[  140.862100][ T6740]  ? ns_capable+0xd7/0x110
[  140.862128][ T6740]  genl_rcv_msg+0x470/0x800
[  140.862151][ T6740]  ? __pfx_genl_rcv_msg+0x10/0x10
[  140.862172][ T6740]  ? __pfx_ethnl_default_start+0x10/0x10
[  140.862194][ T6740]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  140.862216][ T6740]  ? __pfx_ethnl_default_done+0x10/0x10
[  140.862248][ T6740]  netlink_rcv_skb+0x165/0x410
[  140.862267][ T6740]  ? __pfx_genl_rcv_msg+0x10/0x10
[  140.862289][ T6740]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  140.862320][ T6740]  ? down_read+0xc9/0x330
[  140.862342][ T6740]  ? __pfx_down_read+0x10/0x10
[  140.862364][ T6740]  ? netlink_deliver_tap+0x1ae/0xcf0
[  140.862387][ T6740]  genl_rcv+0x28/0x40
[  140.862408][ T6740]  netlink_unicast+0x544/0x830
[  140.862433][ T6740]  ? __pfx_netlink_unicast+0x10/0x10
[  140.862452][ T6740]  ? __phys_addr_symbol+0x30/0x80
[  140.862469][ T6740]  ? __check_object_size+0x48e/0x720
[  140.862495][ T6740]  netlink_sendmsg+0x8b8/0xd70
[  140.862519][ T6740]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.862543][ T6740]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  140.862571][ T6740]  ____sys_sendmsg+0x9b4/0xb50
[  140.862595][ T6740]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.862616][ T6740]  ? get_compat_msghdr+0x11b/0x170
[  140.862638][ T6740]  ? __pfx___lock_acquire+0x10/0x10
[  140.862664][ T6740]  ___sys_sendmsg+0x135/0x1e0
[  140.862684][ T6740]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.862713][ T6740]  ? ksys_write+0x21c/0x260
[  140.862742][ T6740]  ? __fget_light+0x173/0x210
[  140.862765][ T6740]  __sys_sendmsg+0x117/0x1f0
[  140.862782][ T6740]  ? __pfx___sys_sendmsg+0x10/0x10
[  140.862820][ T6740]  __do_fast_syscall_32+0x73/0x120
[  140.862844][ T6740]  do_fast_syscall_32+0x32/0x80
[  140.862866][ T6740]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.862887][ T6740] RIP: 0023:0xf7f0f579
[  140.862900][ T6740] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.862915][ T6740] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  140.862932][ T6740] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  140.862943][ T6740] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.862952][ T6740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.862961][ T6740] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.862991][ T6740] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.863014][ T6740]  </TASK>
[  141.041856][    T8] hso 7-1:235.240: Not our interface
[  141.059387][    T8] usb 7-1: USB disconnect, device number 4
[  141.066942][ T6742] netlink: 72 bytes leftover after parsing attributes in process `syz.3.395'.
[  141.235353][ T5262] usb 6-1: Using ep0 maxpacket: 16
[  141.240905][ T5262] usb 6-1: config 235 has an invalid interface number: 240 but max is 0
[  141.250476][ T5262] usb 6-1: config 235 has no interface number 0
[  141.254934][ T5262] usb 6-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  141.262147][ T5262] usb 6-1: config 235 interface 240 has no altsetting 0
[  141.270008][ T5262] usb 6-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  141.278981][ T5262] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.282406][ T5262] usb 6-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  141.285543][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.3.395'.
[  141.293389][ T5262] usb 6-1: Manufacturer: 、
[  141.295311][ T5262] usb 6-1: SerialNumber: Ѝ
[  141.303670][   T45] Bluetooth: hci4: Frame reassembly failed (-84)
[  141.309093][ T6745] Bluetooth: hci4: Frame reassembly failed (-84)
[  141.424529][ T5229] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  141.428537][ T5229] Bluetooth: Unexpected start frame (len 18)
[  141.431336][ T5229] Bluetooth: Frame is too long (len 18, expected len 4)
[  141.529930][ T5262] hso 6-1:235.240: Not our interface
[  141.541225][ T5262] usb 6-1: USB disconnect, device number 5
[  142.349869][ T6763] FAULT_INJECTION: forcing a failure.
[  142.349869][ T6763] name failslab, interval 1, probability 0, space 0, times 0
[  142.355543][ T6763] CPU: 3 PID: 6763 Comm: syz.3.400 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  142.359990][ T6763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.364437][ T6763] Call Trace:
[  142.365552][ T6763]  <TASK>
[  142.366458][ T6763]  dump_stack_lvl+0x16c/0x1f0
[  142.368092][ T6763]  should_fail_ex+0x497/0x5b0
[  142.369580][ T6763]  ? __pfx_lock_acquire+0x10/0x10
[  142.371638][ T6763]  should_failslab+0x9/0x20
[  142.373543][ T6763]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  142.375803][ T6763]  ? do_raw_spin_lock+0x12d/0x2c0
[  142.377874][ T6763]  ? inet_bind2_bucket_create+0x36/0x590
[  142.379985][ T6763]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  142.382019][ T6763]  inet_bind2_bucket_create+0x36/0x590
[  142.384098][ T6763]  __inet_hash_connect+0xe9d/0x18f0
[  142.386079][ T6763]  ? __pfx___inet_check_established+0x10/0x10
[  142.388366][ T6763]  ? __pfx___inet_hash_connect+0x10/0x10
[  142.390734][ T6763]  tcp_v4_connect+0xddc/0x1b80
[  142.392761][ T6763]  ? __pfx_tcp_v4_connect+0x10/0x10
[  142.394978][ T6763]  ? __pfx_mark_lock+0x10/0x10
[  142.397053][ T6763]  __inet_stream_connect+0x3c7/0x1020
[  142.399717][ T6763]  ? find_held_lock+0x2d/0x110
[  142.402023][ T6763]  ? __pfx___inet_stream_connect+0x10/0x10
[  142.404436][ T6763]  ? __pfx_lock_release+0x10/0x10
[  142.406530][ T6763]  ? __pfx_inet_stream_connect+0x10/0x10
[  142.408891][ T6763]  ? mark_held_locks+0x9f/0xe0
[  142.410935][ T6763]  ? inet_stream_connect+0x43/0xa0
[  142.413085][ T6763]  ? __local_bh_enable_ip+0xa4/0x120
[  142.415206][ T6763]  ? __pfx_inet_stream_connect+0x10/0x10
[  142.417539][ T6763]  inet_stream_connect+0x57/0xa0
[  142.419611][ T6763]  __sys_connect_file+0x15f/0x1a0
[  142.422346][ T6763]  __sys_connect+0x149/0x170
[  142.424433][ T6763]  ? __pfx___sys_connect+0x10/0x10
[  142.426734][ T6763]  ? __pfx_ksys_write+0x10/0x10
[  142.428746][ T6763]  __ia32_sys_connect+0x71/0xb0
[  142.430804][ T6763]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  142.433196][ T6763]  __do_fast_syscall_32+0x73/0x120
[  142.435368][ T6763]  do_fast_syscall_32+0x32/0x80
[  142.437432][ T6763]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  142.440065][ T6763] RIP: 0023:0xf7f0f579
[  142.441766][ T6763] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  142.450358][ T6763] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  142.453794][ T6763] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000080
[  142.457038][ T6763] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  142.460328][ T6763] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  142.463613][ T6763] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  142.466595][ T6763] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  142.469574][ T6763]  </TASK>
[  142.775604][ T5262] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  142.978321][ T5262] usb 8-1: Using ep0 maxpacket: 16
[  142.985028][ T5262] usb 8-1: config 235 has an invalid interface number: 240 but max is 0
[  142.988998][ T5262] usb 8-1: config 235 has no interface number 0
[  142.991683][ T5262] usb 8-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  143.005258][ T5262] usb 8-1: config 235 interface 240 has no altsetting 0
[  143.012877][ T5262] usb 8-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  143.025260][ T5262] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.028744][ T5262] usb 8-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  143.034001][ T5262] usb 8-1: Manufacturer: 、
[  143.038320][ T5262] usb 8-1: SerialNumber: Ѝ
[  143.298443][ T5262] hso 8-1:235.240: Not our interface
[  143.309084][ T5262] usb 8-1: USB disconnect, device number 5
[  143.375491][ T4652] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  143.378180][ T5229] Bluetooth: hci4: command 0x1003 tx timeout
[  143.866576][   T56] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  143.939634][ T6791] netlink: 'syz.1.411': attribute type 5 has an invalid length.
[  144.066538][   T56] usb 7-1: Using ep0 maxpacket: 16
[  144.080737][   T56] usb 7-1: config 235 has an invalid interface number: 240 but max is 0
[  144.089608][   T56] usb 7-1: config 235 has no interface number 0
[  144.092499][   T56] usb 7-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  144.097693][   T56] usb 7-1: config 235 interface 240 has no altsetting 0
[  144.108185][   T56] usb 7-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  144.112180][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.115818][   T56] usb 7-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  144.122643][   T56] usb 7-1: Manufacturer: 、
[  144.124582][   T56] usb 7-1: SerialNumber: Ѝ
[  144.180300][   T64] Bluetooth: hci4: Frame reassembly failed (-84)
[  144.188880][ T6795] Bluetooth: hci4: Frame reassembly failed (-84)
[  144.365719][   T56] hso 7-1:235.240: Not our interface
[  144.371035][   T56] usb 7-1: USB disconnect, device number 5
[  144.984312][ T6816] __nla_validate_parse: 6 callbacks suppressed
[  144.984332][ T6816] netlink: 72 bytes leftover after parsing attributes in process `syz.3.418'.
[  145.117389][ T6816] netlink: 28 bytes leftover after parsing attributes in process `syz.3.418'.
[  145.134349][ T6825] netlink: 72 bytes leftover after parsing attributes in process `syz.2.420'.
[  145.188129][ T6825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.420'.
[  145.314927][ T6828] netlink: 72 bytes leftover after parsing attributes in process `syz.3.421'.
[  145.533579][ T6828] netlink: 16 bytes leftover after parsing attributes in process `syz.3.421'.
[  146.067188][   T25] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  146.245754][ T4652] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  146.275385][   T25] usb 8-1: Using ep0 maxpacket: 16
[  146.281420][ T6844] FAULT_INJECTION: forcing a failure.
[  146.281420][ T6844] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  146.291389][   T25] usb 8-1: config 235 has an invalid interface number: 240 but max is 0
[  146.307085][   T25] usb 8-1: config 235 has no interface number 0
[  146.307925][ T6844] CPU: 1 PID: 6844 Comm: syz.2.426 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  146.316132][ T6844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.320700][ T6844] Call Trace:
[  146.322043][ T6844]  <TASK>
[  146.323496][ T6844]  dump_stack_lvl+0x16c/0x1f0
[  146.326971][ T6844]  should_fail_ex+0x497/0x5b0
[  146.338211][   T25] usb 8-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  146.339728][ T6844]  _copy_from_user+0x30/0xf0
[  146.339757][ T6844]  compat_do_ebt_get_ctl+0xea/0xb90
[  146.339783][ T6844]  ? find_held_lock+0x2d/0x110
[  146.348603][   T25] usb 8-1: config 235 interface 240 has no altsetting 0
[  146.349330][ T6844]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[  146.354738][   T25] usb 8-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  146.357154][ T6844]  ? bpf_lsm_capable+0x9/0x10
[  146.357185][ T6844]  ? security_capable+0x98/0xd0
[  146.357218][ T6844]  do_ebt_get_ctl+0x321/0x7b0
[  146.357243][ T6844]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[  146.357266][ T6844]  ? find_held_lock+0x2d/0x110
[  146.357289][ T6844]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  146.357316][ T6844]  nf_getsockopt+0x79/0xe0
[  146.357340][ T6844]  ip_getsockopt+0x18e/0x1e0
[  146.357357][ T6844]  ? __pfx_ip_getsockopt+0x10/0x10
[  146.357371][ T6844]  ? find_held_lock+0x2d/0x110
[  146.357394][ T6844]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  146.357412][ T6844]  udp_getsockopt+0x61/0xb0
[  146.357430][ T6844]  do_sock_getsockopt+0x2e5/0x7c0
[  146.357451][ T6844]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  146.363980][   T25] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.364193][ T6844]  ? __fget_files+0x256/0x400
[  146.369199][   T25] usb 8-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  146.370860][ T6844]  ? __fget_light+0x173/0x210
[  146.370879][ T6844]  __sys_getsockopt+0x1a1/0x270
[  146.370892][ T6844]  ? __pfx___sys_getsockopt+0x10/0x10
[  146.370908][ T6844]  ? xfd_validate_state+0x5d/0x180
[  146.374377][   T25] usb 8-1: Manufacturer: 、
[  146.374932][ T6844]  __ia32_sys_getsockopt+0xbc/0x160
[  146.416374][ T6844]  ? lockdep_hardirqs_on+0x7c/0x110
[  146.418539][ T6844]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  146.420670][ T6844]  __do_fast_syscall_32+0x73/0x120
[  146.422649][ T6844]  do_fast_syscall_32+0x32/0x80
[  146.424799][ T6844]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  146.427431][ T6844] RIP: 0023:0xf744e579
[  146.429198][ T6844] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  146.436621][ T6844] RSP: 002b:00000000f5d6656c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  146.440245][ T6844] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  146.443801][ T6844] RDX: 0000000000000082 RSI: 0000000020001100 RDI: 0000000020000000
[  146.447321][ T6844] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  146.450844][ T6844] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  146.454278][ T6844] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  146.457792][ T6844]  </TASK>
[  146.459279][   T25] usb 8-1: SerialNumber: Ѝ
[  146.652417][   T39] kauditd_printk_skb: 37 callbacks suppressed
[  146.652433][   T39] audit: type=1326 audit(1721560777.075:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6854 comm="syz.2.430" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  146.689112][   T25] hso 8-1:235.240: Not our interface
[  146.695495][   T25] usb 8-1: USB disconnect, device number 6
[  146.882707][ T6860] netlink: 72 bytes leftover after parsing attributes in process `syz.0.432'.
[  147.282160][ T6868] netlink: 72 bytes leftover after parsing attributes in process `syz.3.435'.
[  147.382035][ T6868] netlink: 8 bytes leftover after parsing attributes in process `syz.3.435'.
[  147.550209][ T6871] netlink: 72 bytes leftover after parsing attributes in process `syz.3.436'.
[  148.435280][    T8] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  148.564420][ T6897] netlink: 'syz.2.446': attribute type 2 has an invalid length.
[  148.568779][ T6897] netlink: 'syz.2.446': attribute type 1 has an invalid length.
[  148.639182][    T8] usb 5-1: Using ep0 maxpacket: 16
[  148.662249][    T8] usb 5-1: config 235 has an invalid interface number: 240 but max is 0
[  148.666461][    T8] usb 5-1: config 235 has no interface number 0
[  148.669340][    T8] usb 5-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  148.690030][   T39] audit: type=1326 audit(1721560779.115:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.704605][    T8] usb 5-1: config 235 interface 240 has no altsetting 0
[  148.708913][   T39] audit: type=1326 audit(1721560779.125:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.719452][   T39] audit: type=1326 audit(1721560779.125:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.724086][    T8] usb 5-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  148.732870][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.736916][   T39] audit: type=1326 audit(1721560779.125:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.737195][    T8] usb 5-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  148.752775][    T8] usb 5-1: Manufacturer: 、
[  148.754906][    T8] usb 5-1: SerialNumber: Ѝ
[  148.759799][   T39] audit: type=1326 audit(1721560779.125:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.769377][   T39] audit: type=1326 audit(1721560779.125:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.779637][   T39] audit: type=1326 audit(1721560779.125:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.789297][   T39] audit: type=1326 audit(1721560779.125:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.798933][   T39] audit: type=1326 audit(1721560779.125:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.2.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  148.865236][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802b64fc00: rx timeout, send abort
[  148.870756][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802be5c400: rx timeout, send abort
[  148.874637][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802b64fc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  148.881587][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802be5c400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  148.983250][    T8] hso 5-1:235.240: Not our interface
[  148.995626][    T8] usb 5-1: USB disconnect, device number 5
[  149.162550][ T6912] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3550881845 (56814109520 ns) > initial count (5949958736 ns). Using initial count to start timer.
[  149.177770][ T6912] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=923342573 (29546962336 ns) > initial count (18925002144 ns). Using initial count to start timer.
[  149.646068][  T815] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  149.824412][ T6926] FAULT_INJECTION: forcing a failure.
[  149.824412][ T6926] name failslab, interval 1, probability 0, space 0, times 0
[  149.829991][ T6926] CPU: 2 PID: 6926 Comm: syz.0.455 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  149.834087][ T6926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.835769][  T815] usb 6-1: Using ep0 maxpacket: 16
[  149.838701][ T6926] Call Trace:
[  149.842542][ T6926]  <TASK>
[  149.843897][ T6926]  dump_stack_lvl+0x16c/0x1f0
[  149.845516][ T6926]  should_fail_ex+0x497/0x5b0
[  149.847554][ T6926]  should_failslab+0x9/0x20
[  149.849501][ T6926]  __kmalloc_noprof+0xcb/0x410
[  149.851619][ T6926]  ? __pfx_d_absolute_path+0x10/0x10
[  149.853852][ T6926]  tomoyo_encode2+0x100/0x3e0
[  149.855321][  T815] usb 6-1: config 235 has an invalid interface number: 240 but max is 0
[  149.856317][ T6926]  tomoyo_realpath_from_path+0x1a7/0x710
[  149.859905][  T815] usb 6-1: config 235 has no interface number 0
[  149.862235][ T6926]  tomoyo_path_number_perm+0x245/0x5b0
[  149.865177][  T815] usb 6-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  149.867227][ T6926]  ? tomoyo_path_number_perm+0x232/0x5b0
[  149.871947][  T815] usb 6-1: config 235 interface 240 has no altsetting 0
[  149.874123][ T6926]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  149.880194][ T6926]  ? __pfx_lock_release+0x10/0x10
[  149.882397][ T6926]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  149.884890][ T6926]  ? __fget_files+0x256/0x400
[  149.886959][ T6926]  security_file_ioctl_compat+0x75/0xc0
[  149.889349][ T6926]  __do_compat_sys_ioctl+0x5d/0x330
[  149.891607][ T6926]  __do_fast_syscall_32+0x73/0x120
[  149.893805][ T6926]  do_fast_syscall_32+0x32/0x80
[  149.895954][ T6926]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.896491][  T815] usb 6-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  149.898609][ T6926] RIP: 0023:0xf7fd8579
[  149.898627][ T6926] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.902498][  T815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.904223][ T6926] RSP: 002b:00000000f5d8656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  149.919342][ T6926] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005000
[  149.922694][ T6926] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  149.925248][  T815] usb 6-1: Product: Ѝ
[  149.926067][ T6926] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.926080][ T6926] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  149.926090][ T6926] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.926114][ T6926]  </TASK>
[  149.931777][ T6926] ERROR: Out of memory at tomoyo_realpath_from_path.
[  149.934643][  T815] usb 6-1: Manufacturer: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬ʏ
[  149.949977][  T815] usb 6-1: SerialNumber: syz
[  150.088652][ T6936] __nla_validate_parse: 6 callbacks suppressed
[  150.088669][ T6936] netlink: 12 bytes leftover after parsing attributes in process `syz.3.459'.
[  150.370357][ T6950] syz.1.451: attempt to access beyond end of device
[  150.370357][ T6950] loop1: rw=0, sector=0, nr_sectors = 8 limit=0
[  150.376699][ T6950] F2FS-fs (loop1): Unable to read 1th superblock
[  150.379706][ T6950] syz.1.451: attempt to access beyond end of device
[  150.379706][ T6950] loop1: rw=0, sector=8, nr_sectors = 8 limit=0
[  150.385824][ T6950] F2FS-fs (loop1): Unable to read 2th superblock
[  150.475308][   T35] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  150.655613][   T35] usb 7-1: Using ep0 maxpacket: 16
[  150.668245][   T35] usb 7-1: config 235 has an invalid interface number: 240 but max is 0
[  150.671787][   T35] usb 7-1: config 235 has no interface number 0
[  150.685666][   T35] usb 7-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  150.690436][   T35] usb 7-1: config 235 interface 240 has no altsetting 0
[  150.706224][   T35] usb 7-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  150.710332][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.713968][   T35] usb 7-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  150.720677][   T35] usb 7-1: Manufacturer: 、
[  150.722924][   T35] usb 7-1: SerialNumber: Ѝ
[  150.888808][ T6961] netlink: 4 bytes leftover after parsing attributes in process `syz.3.465'.
[  150.965835][   T35] hso 7-1:235.240: Not our interface
[  150.973269][   T35] usb 7-1: USB disconnect, device number 6
[  150.979857][ T5229] Bluetooth: Unknown BR/EDR signaling command 0x11
[  150.984134][ T5229] Bluetooth: Wrong link type (-22)
[  150.988884][ T5229] Bluetooth: hci3: link tx timeout
[  150.991749][ T5229] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  151.838850][ T6978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.469'.
[  151.842199][ T6975] netlink: 72 bytes leftover after parsing attributes in process `syz.0.470'.
[  151.950753][ T6976] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3550881845 (56814109520 ns) > initial count (5949958736 ns). Using initial count to start timer.
[  151.960837][ T6976] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=923342573 (29546962336 ns) > initial count (18925002144 ns). Using initial count to start timer.
[  152.097210][ T6985] overlayfs: conflicting options: nfs_export=on,index=off
[  152.296018][ T5262] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  152.381191][  T815] hso 6-1:235.240: Not our interface
[  152.394056][  T815] usb 6-1: USB disconnect, device number 6
[  152.453401][ T6996] capability: warning: `syz.1.476' uses deprecated v2 capabilities in a way that may be insecure
[  152.485923][ T5262] usb 5-1: Using ep0 maxpacket: 16
[  152.490729][ T5262] usb 5-1: config 235 has an invalid interface number: 240 but max is 0
[  152.494860][ T5262] usb 5-1: config 235 has no interface number 0
[  152.498844][ T5262] usb 5-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  152.502823][ T5262] usb 5-1: config 235 interface 240 has no altsetting 0
[  152.509497][ T5262] usb 5-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  152.519464][ T5262] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.523942][ T5262] usb 5-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  152.530649][ T5262] usb 5-1: Manufacturer: 、
[  152.532764][ T5262] usb 5-1: SerialNumber: Ѝ
[  152.653867][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.477'.
[  152.778726][ T5262] hso 5-1:235.240: Not our interface
[  152.789750][ T5262] usb 5-1: USB disconnect, device number 6
[  153.023000][ T7007] netlink: 72 bytes leftover after parsing attributes in process `syz.3.480'.
[  153.045486][ T4652] Bluetooth: hci3: command 0x0406 tx timeout
[  153.142780][   T39] kauditd_printk_skb: 31 callbacks suppressed
[  153.142792][   T39] audit: type=1326 audit(1721560783.565:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.2.481" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  154.232197][ T7038] netlink: 4 bytes leftover after parsing attributes in process `syz.0.490'.
[  154.484821][ T7045] FAULT_INJECTION: forcing a failure.
[  154.484821][ T7045] name failslab, interval 1, probability 0, space 0, times 0
[  154.490324][ T7045] CPU: 1 PID: 7045 Comm: syz.1.491 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  154.493845][ T7045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.497313][ T7045] Call Trace:
[  154.498556][ T7045]  <TASK>
[  154.499536][ T7045]  dump_stack_lvl+0x16c/0x1f0
[  154.500952][ T7045]  should_fail_ex+0x497/0x5b0
[  154.503010][ T7045]  should_failslab+0x9/0x20
[  154.505009][ T7045]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  154.507681][ T7045]  ? __request_module+0x2e4/0x6c0
[  154.509917][ T7045]  kstrdup+0x3c/0x80
[  154.511633][ T7045]  __request_module+0x2e4/0x6c0
[  154.513783][ T7045]  ? tcp_ca_find_autoload+0x10d/0x2f0
[  154.516333][ T7045]  ? __pfx___request_module+0x10/0x10
[  154.518721][ T7045]  ? __pfx_aa_get_newest_label+0x10/0x10
[  154.521174][ T7045]  ? find_held_lock+0x2d/0x110
[  154.523310][ T7045]  ? __pfx_lock_release+0x10/0x10
[  154.525492][ T7045]  ? apparmor_capable+0x126/0x1e0
[  154.528162][ T7045]  ? bpf_lsm_capable+0x9/0x10
[  154.530214][ T7045]  ? tcp_ca_find_autoload+0xec/0x2f0
[  154.532453][ T7045]  tcp_ca_find_autoload+0x10d/0x2f0
[  154.534708][ T7045]  tcp_set_congestion_control+0xdb/0xb20
[  154.537135][ T7045]  do_tcp_setsockopt+0x78c/0x2820
[  154.539341][ T7045]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  154.541754][ T7045]  ? __pfx___might_resched+0x10/0x10
[  154.544121][ T7045]  ? __pfx_lock_release+0x10/0x10
[  154.546157][ T7045]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  154.548496][ T7045]  ? aa_sk_perm+0x2f5/0xb40
[  154.550504][ T7045]  ? __pfx_aa_sk_perm+0x10/0x10
[  154.552647][ T7045]  tcp_setsockopt+0xe2/0x100
[  154.554683][ T7045]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  154.557099][ T7045]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  154.559728][ T7045]  do_sock_setsockopt+0x222/0x480
[  154.562013][ T7045]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  154.564443][ T7045]  ? __fget_light+0x173/0x210
[  154.566539][ T7045]  __sys_setsockopt+0x1a4/0x270
[  154.568688][ T7045]  ? __pfx___sys_setsockopt+0x10/0x10
[  154.570983][ T7045]  ? fput+0x32/0x390
[  154.572671][ T7045]  ? ksys_write+0x1ab/0x260
[  154.574725][ T7045]  ? __pfx_ksys_write+0x10/0x10
[  154.576868][ T7045]  __ia32_sys_setsockopt+0xbc/0x160
[  154.579154][ T7045]  ? lockdep_hardirqs_on+0x7c/0x110
[  154.581425][ T7045]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  154.584342][ T7045]  __do_fast_syscall_32+0x73/0x120
[  154.586585][ T7045]  do_fast_syscall_32+0x32/0x80
[  154.588699][ T7045]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.591384][ T7045] RIP: 0023:0xf7f70579
[  154.593108][ T7045] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  154.600938][ T7045] RSP: 002b:00000000f5ce456c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  154.604552][ T7045] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000006
[  154.607867][ T7045] RDX: 000000000000000d RSI: 0000000020000040 RDI: 0000000000000004
[  154.611273][ T7045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.614684][ T7045] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  154.618101][ T7045] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.621529][ T7045]  </TASK>
[  155.289304][ T7062] netlink: 56 bytes leftover after parsing attributes in process `syz.0.496'.
[  155.355566][ T7062] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  155.375305][ T5263] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  155.555308][ T5263] usb 7-1: Using ep0 maxpacket: 16
[  155.561773][ T5263] usb 7-1: config 235 has an invalid interface number: 240 but max is 0
[  155.565452][ T5263] usb 7-1: config 235 has no interface number 0
[  155.568269][ T5263] usb 7-1: config 235 interface 240 altsetting 237 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  155.572897][ T5263] usb 7-1: config 235 interface 240 has no altsetting 0
[  155.583547][ T5263] usb 7-1: New USB device found, idVendor=0af0, idProduct=7031, bcdDevice=78.43
[  155.587163][ T5263] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.591061][ T5263] usb 7-1: Product: 푱䝖楝៧皸鰽ű蘲浺譏迗蓙緃닯棫䘞딦㻗鏗ᗿ汫乙火눚᭍⋡揷旞ᗚ鰓㓆겠줅柮㗒橬ः嶺죬
[  155.605436][ T5263] usb 7-1: Manufacturer: 、
[  155.608737][ T5263] usb 7-1: SerialNumber: Ѝ
[  155.869418][ T5263] hso 7-1:235.240: Not our interface
[  155.885662][ T7065] netlink: 56 bytes leftover after parsing attributes in process `syz.1.497'.
[  155.891263][ T5263] usb 7-1: USB disconnect, device number 7
[  155.910754][ T7065] FAULT_INJECTION: forcing a failure.
[  155.910754][ T7065] name failslab, interval 1, probability 0, space 0, times 0
[  155.917676][ T7065] CPU: 1 PID: 7065 Comm: syz.1.497 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  155.921590][ T7065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.925845][ T7065] Call Trace:
[  155.927239][ T7065]  <TASK>
[  155.928480][ T7065]  dump_stack_lvl+0x16c/0x1f0
[  155.930537][ T7065]  should_fail_ex+0x497/0x5b0
[  155.932475][ T7065]  should_failslab+0x9/0x20
[  155.934343][ T7065]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  155.936472][ T7065]  ? getname_flags.part.0+0x4c/0x550
[  155.938621][ T7065]  getname_flags.part.0+0x4c/0x550
[  155.940727][ T7065]  getname_flags+0x93/0xf0
[  155.942590][ T7065]  user_path_at+0x24/0x60
[  155.944402][ T7065]  __ia32_sys_mount+0x1fb/0x310
[  155.946363][ T7065]  ? __pfx___ia32_sys_mount+0x10/0x10
[  155.948509][ T7065]  __do_fast_syscall_32+0x73/0x120
[  155.950605][ T7065]  do_fast_syscall_32+0x32/0x80
[  155.952609][ T7065]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.955204][ T7065] RIP: 0023:0xf7f70579
[  155.956858][ T7065] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.964527][ T7065] RSP: 002b:00000000f5d0556c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  155.968161][ T7065] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 0000000020000080
[  155.971262][ T7065] RDX: 0000000020000200 RSI: 0000000000000003 RDI: 0000000000000000
[  155.974238][ T7065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.978064][ T7065] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.981553][ T7065] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.985243][ T7065]  </TASK>
[  156.020523][ T7067] overlayfs: conflicting options: nfs_export=on,index=off
[  156.287815][ T7071] FAULT_INJECTION: forcing a failure.
[  156.287815][ T7071] name failslab, interval 1, probability 0, space 0, times 0
[  156.294113][ T7071] CPU: 2 PID: 7071 Comm: syz.3.499 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  156.298319][ T7071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.302951][ T7071] Call Trace:
[  156.304420][ T7071]  <TASK>
[  156.305728][ T7071]  dump_stack_lvl+0x16c/0x1f0
[  156.307791][ T7071]  should_fail_ex+0x497/0x5b0
[  156.309864][ T7071]  should_failslab+0x9/0x20
[  156.311779][ T7071]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  156.314108][ T7071]  ? skb_clone+0x190/0x3f0
[  156.316119][ T7071]  skb_clone+0x190/0x3f0
[  156.318048][ T7071]  netlink_deliver_tap+0xb26/0xcf0
[  156.319895][ T7071]  netlink_unicast+0x606/0x830
[  156.321971][ T7071]  ? __pfx_netlink_unicast+0x10/0x10
[  156.324231][ T7071]  ? __phys_addr_symbol+0x30/0x80
[  156.326457][ T7071]  ? __check_object_size+0x48e/0x720
[  156.328834][ T7071]  netlink_sendmsg+0x8b8/0xd70
[  156.330924][ T7071]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.333297][ T7071]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  156.335636][ T7071]  ____sys_sendmsg+0x9b4/0xb50
[  156.337647][ T7071]  ? __pfx_____sys_sendmsg+0x10/0x10
[  156.339466][ T7071]  ? get_compat_msghdr+0x11b/0x170
[  156.341405][ T7071]  ? __pfx___lock_acquire+0x10/0x10
[  156.343632][ T7071]  ___sys_sendmsg+0x135/0x1e0
[  156.345740][ T7071]  ? __pfx____sys_sendmsg+0x10/0x10
[  156.347935][ T7071]  ? ksys_write+0x21c/0x260
[  156.349809][ T7071]  ? __fget_light+0x173/0x210
[  156.351632][ T7071]  __sys_sendmsg+0x117/0x1f0
[  156.353380][ T7071]  ? __pfx___sys_sendmsg+0x10/0x10
[  156.355446][ T7071]  __do_fast_syscall_32+0x73/0x120
[  156.357756][ T7071]  do_fast_syscall_32+0x32/0x80
[  156.359745][ T7071]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.362030][ T7071] RIP: 0023:0xf7f0f579
[  156.363696][ T7071] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.370933][ T7071] RSP: 002b:00000000f5ca556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  156.374305][ T7071] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240
[  156.377627][ T7071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  156.381009][ T7071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.384348][ T7071] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.387738][ T7071] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.391137][ T7071]  </TASK>
[  156.946585][ T7082] netlink: 4 bytes leftover after parsing attributes in process `syz.2.502'.
[  157.014813][ T7087] netlink: 4 bytes leftover after parsing attributes in process `syz.1.503'.
[  157.373713][ T7092] netlink: 72 bytes leftover after parsing attributes in process `syz.0.505'.
[  157.391979][ T7094] netlink: 72 bytes leftover after parsing attributes in process `syz.2.506'.
[  157.490184][   T39] audit: type=1326 audit(1721560787.915:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.507" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  157.499443][   T39] audit: type=1326 audit(1721560787.915:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.507" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  157.539953][   T39] audit: type=1326 audit(1721560787.965:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7097 comm="syz.0.507" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0
[  157.574045][   T39] audit: type=1326 audit(1721560787.995:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7101 comm="syz.2.508" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  157.755437][ T7107] FAULT_INJECTION: forcing a failure.
[  157.755437][ T7107] name failslab, interval 1, probability 0, space 0, times 0
[  157.761417][ T7107] CPU: 2 PID: 7107 Comm: syz.1.510 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  157.765979][ T7107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.771130][ T7107] Call Trace:
[  157.772444][ T7107]  <TASK>
[  157.775332][ T7107]  dump_stack_lvl+0x16c/0x1f0
[  157.778255][ T7107]  should_fail_ex+0x497/0x5b0
[  157.780488][ T7107]  should_failslab+0x9/0x20
[  157.782871][ T7107]  __kmalloc_noprof+0xcb/0x410
[  157.785447][ T7107]  ? __pfx_lock_acquire+0x10/0x10
[  157.787860][ T7107]  tomoyo_realpath_from_path+0xbf/0x710
[  157.790359][ T7107]  tomoyo_check_open_permission+0x2a7/0x3b0
[  157.793077][ T7107]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  157.796069][ T7107]  ? __pfx___lock_acquire+0x10/0x10
[  157.798542][ T7107]  ? __pfx_hook_file_open+0x10/0x10
[  157.800910][ T7107]  ? path_get+0x61/0x80
[  157.803021][ T7107]  tomoyo_file_open+0x71/0x90
[  157.805108][ T7107]  security_file_open+0x78/0x8b0
[  157.807470][ T7107]  do_dentry_open+0x5c7/0x15f0
[  157.809741][ T7107]  ? inode_permission+0xdd/0x5f0
[  157.811785][ T7107]  vfs_open+0x82/0x3f0
[  157.813641][ T7107]  ? may_open+0x1f2/0x400
[  157.815538][ T7107]  path_openat+0x2141/0x2d20
[  157.817636][ T7107]  ? __pfx_path_openat+0x10/0x10
[  157.820113][ T7107]  ? __pfx___lock_acquire+0x10/0x10
[  157.822637][ T7107]  ? find_held_lock+0x2d/0x110
[  157.824753][ T7107]  do_filp_open+0x1dc/0x430
[  157.826736][ T7107]  ? __pfx_do_filp_open+0x10/0x10
[  157.828917][ T7107]  ? find_held_lock+0x2d/0x110
[  157.831035][ T7107]  ? _raw_spin_unlock+0x28/0x50
[  157.833329][ T7107]  ? alloc_fd+0x2d7/0x6c0
[  157.835232][ T7107]  do_sys_openat2+0x17a/0x1e0
[  157.837519][ T7107]  ? __pfx_do_sys_openat2+0x10/0x10
[  157.840505][ T7107]  __ia32_compat_sys_openat+0x16e/0x210
[  157.843695][ T7107]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  157.846342][ T7107]  ? ksys_write+0x1ab/0x260
[  157.848331][ T7107]  __do_fast_syscall_32+0x73/0x120
[  157.850937][ T7107]  do_fast_syscall_32+0x32/0x80
[  157.853024][ T7107]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.855774][ T7107] RIP: 0023:0xf7f70579
[  157.857548][ T7107] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  157.865778][ T7107] RSP: 002b:00000000f5d26110 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  157.869009][ T7107] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5d26160
[  157.872120][ T7107] RDX: 0000000000000d00 RSI: 0000000000000000 RDI: 00000000f73f9ff4
[  157.875700][ T7107] RBP: 0000000000000d00 R08: 0000000000000000 R09: 0000000000000000
[  157.879246][ T7107] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  157.883568][ T7107] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.887148][ T7107]  </TASK>
[  157.890536][ T7107] ERROR: Out of memory at tomoyo_realpath_from_path.
[  158.892525][   T39] audit: type=1326 audit(1721560789.315:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.904627][   T39] audit: type=1326 audit(1721560789.315:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.913442][   T39] audit: type=1326 audit(1721560789.315:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.514" exe="/syz-executor" sig=0 arch=40000003 syscall=348 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.926920][   T39] audit: type=1326 audit(1721560789.315:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.936125][   T39] audit: type=1326 audit(1721560789.315:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7127 comm="syz.1.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000
[  158.998132][ T7132] netlink: 72 bytes leftover after parsing attributes in process `syz.1.516'.
[  159.178299][   T39] audit: type=1326 audit(1721560789.605:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.2.521" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  159.188228][ T7137] netlink: 72 bytes leftover after parsing attributes in process `syz.3.519'.
[  159.306851][ T7147] fuse: Bad value for 'user_id'
[  159.309037][ T7147] fuse: Bad value for 'user_id'
[  159.968632][ T7160] FAULT_INJECTION: forcing a failure.
[  159.968632][ T7160] name failslab, interval 1, probability 0, space 0, times 0
[  159.974891][ T7160] CPU: 0 PID: 7160 Comm: syz.3.524 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  159.978817][ T7160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.982695][ T7160] Call Trace:
[  159.983965][ T7160]  <TASK>
[  159.985118][ T7160]  dump_stack_lvl+0x16c/0x1f0
[  159.987034][ T7160]  should_fail_ex+0x497/0x5b0
[  159.989031][ T7160]  should_failslab+0x9/0x20
[  159.990951][ T7160]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  159.993208][ T7160]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  159.995792][ T7160]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  159.998394][ T7160]  mmu_topup_memory_caches+0x22/0xd0
[  160.000634][ T7160]  kvm_mmu_load+0xda/0x20d0
[  160.002426][ T7160]  ? __pfx___lock_acquire+0x10/0x10
[  160.004220][ T7160]  ? __pfx_kvm_mmu_load+0x10/0x10
[  160.006334][ T7160]  kvm_arch_vcpu_pre_fault_memory+0x451/0x510
[  160.009012][ T7160]  ? kvm_arch_vcpu_load+0x4ba/0x980
[  160.011298][ T7160]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  160.014840][ T7160]  kvm_vcpu_ioctl+0xec1/0x1520
[  160.017153][ T7160]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.019450][ T7160]  ? tomoyo_path_number_perm+0x190/0x5b0
[  160.021947][ T7160]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.024163][ T7160]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.026592][ T7160]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  160.029154][ T7160]  kvm_vcpu_compat_ioctl+0x216/0x3f0
[  160.031107][ T7160]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  160.033205][ T7160]  ? __fget_files+0x256/0x400
[  160.035277][ T7160]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  160.037568][ T7160]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  160.040060][ T7160]  __do_compat_sys_ioctl+0x2c3/0x330
[  160.041996][ T7160]  __do_fast_syscall_32+0x73/0x120
[  160.044177][ T7160]  do_fast_syscall_32+0x32/0x80
[  160.046196][ T7160]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  160.048305][ T7160] RIP: 0023:0xf7f0f579
[  160.049794][ T7160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  160.057688][ T7160] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  160.061019][ T7160] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c040aed5
[  160.064294][ T7160] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  160.067990][ T7160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  160.071400][ T7160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  160.074660][ T7160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  160.077673][ T7160]  </TASK>
[  160.082855][   T39] audit: type=1326 audit(1721560790.505:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7162 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  160.084239][ T7160] Oops: general protection fault, probably for non-canonical address 0xe000013ffffffffd: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  160.091440][   T39] audit: type=1326 audit(1721560790.505:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7162 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  160.096446][ T7160] KASAN: maybe wild-memory-access in range [0x000029ffffffffe8-0x000029ffffffffef]
[  160.096462][ T7160] CPU: 1 PID: 7160 Comm: syz.3.524 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  160.096479][ T7160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.096489][ T7160] RIP: 0010:is_page_fault_stale+0xd5/0x5e0
[  160.096521][ T7160] Code: 00 48 21 c3 48 b8 00 00 00 00 00 ea ff ff 48 c1 e3 06 48 01 c3 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 59 04 00 00 48 8b 5b 28 31 ff 48 89 de e8 53 19
[  160.096535][ T7160] RSP: 0018:ffffc90027f17990 EFLAGS: 00010202
[  160.096550][ T7160] RAX: dffffc0000000000 RBX: 000029ffffffffc0 RCX: ffffffff811cc884
[  160.096561][ T7160] RDX: 0000053ffffffffd RSI: ffffffff811cc892 RDI: 000029ffffffffe8
[  160.096572][ T7160] RBP: ffff888055820000 R08: 0000000000000006 R09: 0000000000012e63
[  160.096582][ T7160] R10: 000fffffffffffff R11: 0000000000000001 R12: ffffc90027f17a50
[  160.096593][ T7160] R13: 0000000000012e63 R14: ffff888055820338 R15: 0000000000000001
[  160.096604][ T7160] FS:  0000000000000000(0000) GS:ffff88802c100000(0063) knlGS:00000000f5cc6b40
[  160.096637][ T7160] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  160.096650][ T7160] CR2: 00000000f735dca0 CR3: 000000002bc46000 CR4: 0000000000352ef0
[  160.096661][ T7160] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  160.096671][ T7160] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  160.096682][ T7160] Call Trace:
[  160.096688][ T7160]  <TASK>
[  160.096695][ T7160]  ? show_regs+0x8c/0xa0
[  160.096719][ T7160]  ? die_addr+0x4f/0xd0
[  160.096743][ T7160]  ? exc_general_protection+0x155/0x230
[  160.096762][ T7160]  ? asm_exc_general_protection+0x26/0x30
[  160.096784][ T7160]  ? is_page_fault_stale+0x94/0x5e0
[  160.096806][ T7160]  ? is_page_fault_stale+0xa2/0x5e0
[  160.096830][ T7160]  ? is_page_fault_stale+0xd5/0x5e0
[  160.096856][ T7160]  kvm_tdp_page_fault+0x1ce/0x350
[  160.096879][ T7160]  kvm_mmu_do_page_fault+0x59f/0x6a0
[  160.096902][ T7160]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  160.109698][   T39] audit: type=1326 audit(1721560790.535:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7162 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=348 compat=1 ip=0xf744e579 code=0x7ffc0000
[  160.110986][ T7160]  ? __pfx___might_resched+0x10/0x10
[  160.114294][   T39] audit: type=1326 audit(1721560790.535:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7162 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  160.118369][ T7160]  kvm_arch_vcpu_pre_fault_memory+0x25d/0x510
[  160.118402][ T7160]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  160.122339][ T7163] netlink: 16 bytes leftover after parsing attributes in process `syz.2.525'.
[  160.129058][ T7160]  kvm_vcpu_ioctl+0xec1/0x1520
[  160.129095][ T7160]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  160.129120][ T7160]  ? tomoyo_path_number_perm+0x190/0x5b0
[  160.129149][ T7160]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.129176][ T7160]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  160.228451][ T7160]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  160.231173][ T7160]  kvm_vcpu_compat_ioctl+0x216/0x3f0
[  160.232977][ T7160]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  160.234948][ T7160]  ? __fget_files+0x256/0x400
[  160.236369][ T7160]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  160.238228][ T7160]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  160.240572][ T7160]  __do_compat_sys_ioctl+0x2c3/0x330
[  160.242846][ T7160]  __do_fast_syscall_32+0x73/0x120
[  160.244974][ T7160]  do_fast_syscall_32+0x32/0x80
[  160.247053][ T7160]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  160.249391][ T7160] RIP: 0023:0xf7f0f579
[  160.250960][ T7160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  160.257393][ T7160] RSP: 002b:00000000f5cc656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  160.260720][ T7160] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c040aed5
[  160.263950][ T7160] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  160.266992][ T7160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  160.270131][ T7160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  160.273308][ T7160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  160.276419][ T7160]  </TASK>
[  160.277640][ T7160] Modules linked in:
[  160.279728][ T7160] ---[ end trace 0000000000000000 ]---
[  160.282512][ T7160] RIP: 0010:is_page_fault_stale+0xd5/0x5e0
[  160.285027][ T7160] Code: 00 48 21 c3 48 b8 00 00 00 00 00 ea ff ff 48 c1 e3 06 48 01 c3 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 28 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 59 04 00 00 48 8b 5b 28 31 ff 48 89 de e8 53 19
[  160.293113][ T7160] RSP: 0018:ffffc90027f17990 EFLAGS: 00010202
[  160.295628][ T7160] RAX: dffffc0000000000 RBX: 000029ffffffffc0 RCX: ffffffff811cc884
[  160.299136][ T7160] RDX: 0000053ffffffffd RSI: ffffffff811cc892 RDI: 000029ffffffffe8
[  160.302151][ T7160] RBP: ffff888055820000 R08: 0000000000000006 R09: 0000000000012e63
[  160.305072][ T7160] R10: 000fffffffffffff R11: 0000000000000001 R12: ffffc90027f17a50
[  160.308538][ T7160] R13: 0000000000012e63 R14: ffff888055820338 R15: 0000000000000001
[  160.312004][ T7160] FS:  0000000000000000(0000) GS:ffff88802c100000(0063) knlGS:00000000f5cc6b40
[  160.315869][ T7160] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  160.318762][ T7160] CR2: 00000000f735dca0 CR3: 000000002bc46000 CR4: 0000000000352ef0
[  160.322466][ T7160] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  160.326111][ T7160] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  160.329665][ T7160] Kernel panic - not syncing: Fatal exception
[  160.333008][ T7160] Kernel Offset: disabled
[  160.335020][ T7160] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:19:50  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802c144a40 RCX=ffffffff817eba4b RDX=ffff88801e05c880
RSI=ffffffff817eba25 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900044879c8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffed1005828949 R13=0000000000000001 R14=ffff88802c144a48 R15=ffff88802c03fe80
RIP=ffffffff817eba27 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f5cc5fbc CR3=000000000d97c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816be8ce RDX=ffff88805adf4880
RSI=ffffffff816be8bc RDI=0000000000000001 RBP=0000000000000028 RSP=ffffc90027f175f0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=6567203a73706f4f
R12=0000000000000000 R13=ffff8880167cc880 R14=ffffffff8d39ee70 R15=ffffc90027f17670
RIP=ffffffff816be8c5 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f735dca0 CR3=000000002bc46000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff84f8af80 RDI=ffffffff94dc1380 RBP=ffffffff94dc1340 RSP=ffffc9000065f8f8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=74203a7469647561
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff29b82c2 R15=dffffc0000000000
RIP=ffffffff84f8afa7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000ffd88560 CR3=0000000054b20000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000046 RBX=ffff88802c529580 RCX=1ffffffff1fcbb77 RDX=0000000000000000
RSI=ffffffff8b904fa0 RDI=ffffffff8ae6db92 RBP=0000000000000246 RSP=ffffc900011576f0
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8fe5a8df R11=ffff88802c328a40
R12=0000000000000000 R13=ffffc900011578c8 R14=0000000000000000 R15=0000000000000006
RIP=ffffffff8ae6db71 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7417520 CR3=0000000059438000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000