last executing test programs:

4m50.554466326s ago: executing program 0 (id=944):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2090)
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f00000002c0)={0x2, 0x4e24, @private=0xa010101}, 0x10, &(0x7f0000000300)=[{&(0x7f0000002a40)="452e0cf536fd1f8ca00dbb904a3537d29fe2bf4d3d4e4e9888a15dbc45a34f479aeab8bdb45e41c5741d04acdc9ecdd64f289ca3e7971ab52eab8d4c31988dd040ea3115d7ee1666b5ad6e5251dbd739f76ba5a5035bd0d5391545529eb549f186a45b4215755b41106fa9a5111981c6440a4383c0d7e50d5bb9f4eb5dc3ef452e5c60413c213917fcb9eeaa90864f6416898bb6b6523498c06c6847d1849d61a62c07c63a90903b3821adf84ee8e1fdb16d8f49f45f87d6004477e2fb0bea9052c7a248d4cabbb09326c911daf8a507d9e7012040720432373217b7e28bb9988ccddcf8518ed63d8192e8794d3da80d5e7d5d771368894652e9e0aaf9427e4ccc9048dfbd1937aee048355eac97c4eeede4355b74e52ff73ea2bcfafb9290d58381968b5254e3ec00e3ec74cc1770bf41e552bd553156d92c34d26cabde4d1671aa22d2ef2e6321a71287d0214310b867351221b5d7b464794a6f5e24d1a74b0f59fc8dc1ff8e2ade4ddf7c1e53185ed6b3c27ca13b74b14e99666efbc6098efe0fc9a1882a11332ca9654b0d0d1b650e4844b4fc5ec6597d5aea0b7a05c4c0afb7d25d2c9a6bd5586f8738d1deae95a32750a988774c00e924227866c36cdd73be7715af91d28268abb76c3d3c802f8fe48c2b32bd877a56aa9416d51f008756191325e74e04cd3ac47e1351c09fddc27c9ac2b36bcb4a547ebc850edba754f0da91f71065b8b087840c12470ac74028f6181b973d24df953d40d30b6d3faef840de5570fd3f443c15713421f28e7e2d7e10ea549acf9b79e67fd80197b85ee92c4329a33f8dea508f9c74f90303870a4e7f96dd3908294adaae02a4643d55e7732a491ed563547235dab9935ba4472dcfa739dc109716cb3c0a25206e9bb3488f7177dbe301e9ce5345430cc89c58b79ab2b138a3df40dfb9f596e49ade5b50405d1ba213c57c07ecad3ce7523ebc2b555dd6b9fd70a5eb9dc226ed1bd0353afe69651fe3b85d6f92c93391e88ab0e7b74238ed959e2e3b5d96152f2c81ae8bef25c84c6bd584344454249d24831610e2cfc9771ce6c539a30b5098ef21460ac942d45244a7046b01770a6ef0d958c27f238556973cb8f4ff67081d329b1a07ca3fede653eeb7055f4f1acbb0741895fa611ec87530767753cd53c0da8a1a4c0a7661792bd8512d615fcd15a9a417dc47a457912c86dfd3303995b7774fd018532e3daf15e7e8717f395a9969522b3a1ccf9f2e4ecda2f72e2fd64b233027c8c35bfa8dc0fc97fab8b1d63d902ddd989a4dc7a931bc2e1da1c0f1215ade0d03d96da2e09bc48752678a17daf4524591626113f357783fc6764ad10d8f9d4e1527e31ed547284ff2cb1ae07a0679a7e9fd7b0ba1939407f7d601c4fa9b7688c0b158ca62fec8cbd7a1a8a3224a9290f6d0a3222713c552de1e50cf2961e433cee33ffc64e3f23f34c1dbdd2f4785c46d5b73ca4c9f4590288d79decedace4c173a94d217291aa464ac6ba4449e622afe93f572aa6ece44619a762439cb38cb31a91f496dcc426a3bf6671e1460b84d96e6cc2acd44752cd0eae76ea9bdfe94f26e3eb5bd4add0d64e04281a07fb877c7316fc67bd3f47d25b25244c7d8184b6c18723f9d6e9209b8686251c8d9a25ea6d9adb0945d5c767e7991b26df6ee170adcc3f106361b0dbdba16b9f425e1e95c82704bdce8c50e6100692f7b174a39b9bcac80e857abea75a030dd2db1d6ca1ebc61c02e6d5ef48bfcf03a4f16b9c1365a7456efa37c635b3c1a0e8d97f42d237362906d413fa884cd388c3e00a6e2d054ec4636ed8fcd3e8c5a3721681d10882bb9f8f9d588ddddf6e8c9f8007dc0c3d7c192ae04fdb523f2c10bc6588bb60359738267b5575602fac19bd0c64cee1a245c42de7ff20288b6bf1348bce249ad0073966654927c0e4646ff0e35a6c317d9bb1f6e7448e02e47f5555f8215c11416f4954df902d10dcbe860b33c99c041061e5519698bfadc74cc1ef53cf1ad45ce363ab5cde40a5c85bc232b53f4ee691c3b26db6cae8ad8de47a75b120dcb5eaf33551d8c15ef3df650ce3143f6f93c8bc01f60c3d0378e9b5b0298ce428456885bdbceb5f9a318a4777c015ed99f8d79b6ef802b0558ac3cd32eca7df3525c83211e88abd19a051c2e3c686ca5f7079115422c31c8920f0fe41281904637453167df9daf2d5543895d68c7bfb733386b4a8f4021257ba8f7d762cf71a766bd3ee36225420cf48b24b7bba73de04b675c23d58030802ff8aa9ee4e6625642bebd478455a3d2d021d985e9752cf0b12cedfdd77a5893c63ee923764793fa141e8aa407bfb404716ea826c32f2dcf2dfba9e80bbe679e667e796f2dfe156798543778c8c4e7aded94539805e92d0822576517a407f7382000c4a4d083e4a18bd53547086b50997e74bf4cf0645aa700399d64f09ffa9a79d08078f04deabbbd2aac513cf35541f5e9e1df23dbb01aae9cc9c8f84961bfb20b7bf64056a4bd7f793b294b4cdda183d23def4024b994fd2e1f742854a4b88e551bd523614a55017a77dcf12bf2402a92783e602acbca00f3f1b150364999a2f674678b1a9d8ad5f0992b79fc9f16b077993226798833ddc03294d205a2a66831a53344539b6b04becaed9017c0d805fc3037dce58c442696ab037d72e470115c7c11a751923d78dde6e6f6ad033570bd26b21c76c454bdebdf1c520cbc6928632fb3ec1bbbe4d2866e2b50c016bea061401440f34a0481bdb1795648b6ea36a35366e0c2cc76b623cafc7df89974466647c4b30629a7b8649055b67db431c8c66915ac72791bbb162d33b1eaa2cca745b9e02b2de7aafdc349026ba57e4f1e6ab5ffd460cc5e607dd3037dc62e6b1c38c79e21", 0x7fc}], 0x1, 0x0, 0x0, 0x7000000}}, {{&(0x7f0000000480)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f00000005c0)}}], 0x2, 0x4000000)

4m49.77337581s ago: executing program 0 (id=958):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0xe, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x4000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, 0x0, 0x0, 0x4008004, &(0x7f00000001c0)={0x11, 0x1a, r6, 0x1, 0xd8, 0x6, @random="9886462e6f00"}, 0x14)
sendto$packet(r7, &(0x7f0000000480)="c1858aec1d0a21756f66b4805f3a", 0xe, 0x40000, &(0x7f0000000240)={0x11, 0xf8, r6, 0x1, 0x5, 0x6, @random="24f51e8e0a5a"}, 0x14)

4m49.643303335s ago: executing program 0 (id=959):
r0 = socket$pptp(0x18, 0x1, 0x2)
ioctl$PPPIOCGMRU(r0, 0x80047453, &(0x7f00000000c0))
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000100)={<r2=>0x0, 0xffffffe0}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={r2}, &(0x7f00000001c0)=0x8)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x2, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r4}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r4, &(0x7f0000000140), &(0x7f0000000000)=""/85}, 0x20)

4m49.642866847s ago: executing program 0 (id=960):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0x9706, 0x120, 0x2000, 0x0, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x80044d0d, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0})
r5 = userfaultfd(0x801)
mknodat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x81c0, 0x0)
execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xc, 0x4}, {0x0, 0x9}, {0x6, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x20040054)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
setns(r8, 0x24020000)
r9 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = syz_pidfd_open(r9, 0x0)
setns(r10, 0x24020000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x1902)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)=@o_path={&(0x7f00000000c0)='./file0\x00', r6, 0x4000, r5}, 0x18)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x110})
ioctl$UFFDIO_MOVE(r5, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000724000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x2000})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000002100010000000000000000000a0000000000000000000000050019"], 0x24}}, 0x0)
r11 = socket$inet6(0x10, 0x3, 0x0)
r12 = syz_open_dev$usbfs(&(0x7f0000000100), 0x7b, 0x40000)
ioctl$USBDEVFS_RESET(r12, 0x8008550e)
sendto$inet6(r11, &(0x7f0000000000)='.', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

4m49.51045489s ago: executing program 0 (id=962):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcd}]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4300fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e040000000000000019cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2509b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f980763802788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06470635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b5af41c4bce81eda040ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$loop(&(0x7f00000000c0), 0x6, 0x2400)
fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000100), 0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03", 0x3}], 0x1}, 0x0)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r5)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r8=>0x0)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r8], 0x1c}}, 0x4008054)
r9 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180), 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup, 0x35, 0x0, 0xffff26ea, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340)=[0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r10=>0x0}, 0x40)
r11 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f00003c9000/0x3000)=nil, 0x2)
fallocate(r11, 0x0, 0x0, 0x1001f0)
lseek(r11, 0x0, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, <r12=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0, 0x0], 0x0, 0xd3, &(0x7f0000000500)=[{}], 0x8, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0xf9, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000400)={@map=r11, 0xffffffffffffffff, 0x11, 0x24, r9, @void, @void, @void, @value=r12, r10}, 0x20)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)

4m49.312994626s ago: executing program 0 (id=964):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_phy_link_complete={{0x42, 0x3}, {0x6, 0xc9, 0x4}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x8a}, @l2cap_cid_signaling={{0x86}, [@l2cap_conn_req={{0x2, 0x7, 0x4}, {0x38ab, 0x6}}, @l2cap_conf_rsp={{0x5, 0x0, 0x1f}, {0x0, 0xb970, 0x6, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x2f, 0x0, 0x4, 0x5, 0x2}}, @l2cap_conf_ews={0x7, 0x2, 0xe}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x3}]}}, @l2cap_move_chan_cfm_rsp={{0x11, 0xfa, 0x2}, {0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x1, 0x4}}, @l2cap_conf_req={{0x4, 0x8, 0x22}, {0x6, 0xe8fa, [@l2cap_conf_flushto={0x2, 0x2, 0x82}, @l2cap_conf_efs={0x6, 0x10, {0x51, 0x0, 0x4, 0x3, 0x4, 0x2}}, @l2cap_conf_mtu={0x1, 0x2, 0x8}, @l2cap_conf_mtu={0x1, 0x2, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0x7fff, 0x1, 0xfffc, 0x8}}, @l2cap_disconn_req={{0x6, 0x27, 0x4}, {0x2, 0x101}}, @l2cap_move_chan_req={{0xe, 0x7, 0x3}, {0x0, 0x2}}, @l2cap_create_chan_rsp={{0xd, 0x81, 0x8}, {0x8, 0xc, 0x5, 0xff06}}]}}, 0x8f)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x1, 0xc9}}}, 0x7)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
r0 = mq_open(&(0x7f0000000180)='$!\x00', 0x0, 0x61, &(0x7f00000001c0)={0x401, 0x4, 0x9, 0x21a})
write(r0, &(0x7f0000000200)="b8da1a80e32750d149ca646dc77b3c08fad1e45c7add1308bf20a1be8cf2247705aafb9d21da718d23f9e8ae409742de889aba9243256893a992f0641b73d7751ffde54bf3b11d45e1ec1326850625e75ab52b5cbb0d5a817c3e547e9f4315821eb830735abff27887b447847279b8581fa9b73f59478b2863f33f38528a541c75f5c310e019726e585c2405767dc4da10c51662ecba", 0x96)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}}}, 0x9)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x6, 0xc8}}}, 0x6)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, &(0x7f0000000340), 0x4)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x4, 0x2}, {0x81}}}}, 0xf)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000440)=0x14)
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000500)={0xa5d7, 0x0, '\x00', {0x0, @reserved}})
accept4(0xffffffffffffffff, 0x0, &(0x7f00000005c0), 0x800)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000600)="4f028e8d66cc", 0x6)
io_setup(0x3, &(0x7f0000000640)=<r4=>0x0)
io_cancel(r4, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000000680)="a93afc0d9479ddec0cc27415739ddb6fce0d233e1cfd70e18ec858aa76ad2c68eee0fc692b384598663bb25c930a3c970120417f37663e4ee473e52743784cb5d8f255b5e62d3f3a55cd621c49bd84abd2b08f778fa7644c", 0x58, 0x1, 0x0, 0x3, r2}, &(0x7f0000000740))
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000800)={0x10001, 0x2, 0x7000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_emit_vhci(&(0x7f0000000880)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9}}}, 0xa)

4m49.202571799s ago: executing program 32 (id=964):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_phy_link_complete={{0x42, 0x3}, {0x6, 0xc9, 0x4}}}, 0x6)
syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x1, 0x8a}, @l2cap_cid_signaling={{0x86}, [@l2cap_conn_req={{0x2, 0x7, 0x4}, {0x38ab, 0x6}}, @l2cap_conf_rsp={{0x5, 0x0, 0x1f}, {0x0, 0xb970, 0x6, [@l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_rfc={0x4, 0x9, {0x2, 0x2f, 0x0, 0x4, 0x5, 0x2}}, @l2cap_conf_ews={0x7, 0x2, 0xe}, @l2cap_conf_fcs={0x5, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x3}]}}, @l2cap_move_chan_cfm_rsp={{0x11, 0xfa, 0x2}, {0x8}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0x1, 0x4}}, @l2cap_conf_req={{0x4, 0x8, 0x22}, {0x6, 0xe8fa, [@l2cap_conf_flushto={0x2, 0x2, 0x82}, @l2cap_conf_efs={0x6, 0x10, {0x51, 0x0, 0x4, 0x3, 0x4, 0x2}}, @l2cap_conf_mtu={0x1, 0x2, 0x8}, @l2cap_conf_mtu={0x1, 0x2, 0x1}]}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0x7fff, 0x1, 0xfffc, 0x8}}, @l2cap_disconn_req={{0x6, 0x27, 0x4}, {0x2, 0x101}}, @l2cap_move_chan_req={{0xe, 0x7, 0x3}, {0x0, 0x2}}, @l2cap_create_chan_rsp={{0xd, 0x81, 0x8}, {0x8, 0xc, 0x5, 0xff06}}]}}, 0x8f)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x1, 0xc9}}}, 0x7)
syz_emit_vhci(&(0x7f0000000140)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
r0 = mq_open(&(0x7f0000000180)='$!\x00', 0x0, 0x61, &(0x7f00000001c0)={0x401, 0x4, 0x9, 0x21a})
write(r0, &(0x7f0000000200)="b8da1a80e32750d149ca646dc77b3c08fad1e45c7add1308bf20a1be8cf2247705aafb9d21da718d23f9e8ae409742de889aba9243256893a992f0641b73d7751ffde54bf3b11d45e1ec1326850625e75ab52b5cbb0d5a817c3e547e9f4315821eb830735abff27887b447847279b8581fa9b73f59478b2863f33f38528a541c75f5c310e019726e585c2405767dc4da10c51662ecba", 0x96)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}}}, 0x9)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x6, 0xc8}}}, 0x6)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, &(0x7f0000000340), 0x4)
syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x4, 0x2}, {0x81}}}}, 0xf)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000440)=0x14)
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f0000000500)={0xa5d7, 0x0, '\x00', {0x0, @reserved}})
accept4(0xffffffffffffffff, 0x0, &(0x7f00000005c0), 0x800)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000600)="4f028e8d66cc", 0x6)
io_setup(0x3, &(0x7f0000000640)=<r4=>0x0)
io_cancel(r4, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000000680)="a93afc0d9479ddec0cc27415739ddb6fce0d233e1cfd70e18ec858aa76ad2c68eee0fc692b384598663bb25c930a3c970120417f37663e4ee473e52743784cb5d8f255b5e62d3f3a55cd621c49bd84abd2b08f778fa7644c", 0x58, 0x1, 0x0, 0x3, r2}, &(0x7f0000000740))
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000800)={0x10001, 0x2, 0x7000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_emit_vhci(&(0x7f0000000880)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x9}}}, 0xa)

4m12.840430128s ago: executing program 4 (id=1494):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x80800)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendto$packet(r1, &(0x7f0000000200)="b768ae7112865cb6a49a399f5033e17fdcfec5d6c73020f1dd96455f120098767da57676a801e1674a54308eb3a5cff23f7815e5922af836ff98fdb40526dd2b400fcb9c96784f26ba207d51804b2e3fec32b3a4b096959c536f6d977fbfec9ab9c636f81f796d15fb6982d85221f1902d57e15d356b931778", 0x79, 0x8010, &(0x7f00000002c0)={0x11, 0xf8, r2, 0x1, 0x9, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14)
ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000040)={0x8, 0x2, {0x56, 0x40, 0x7d5a, {0x2, 0x10d2}, {0x101, 0x100}, @ramp={0x7, 0x4, {0x1, 0x6, 0x800, 0x1}}}, {0x52, 0xac4, 0x40, {0x1116, 0x352}, {0xff7d, 0x7ff}, @cond=[{0x40, 0x5, 0x9, 0x4, 0x101, 0x3}, {0x2, 0x401, 0x0, 0xe, 0x400}]}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@gettfilter={0x3c, 0x2e, 0x400, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xe, 0x8}, {0x8, 0xffff}}, [{0x8, 0xb, 0x5}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0xc0e}]}, 0x3c}}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='qnx6\x00', 0x2000802, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newnexthop={0x1c, 0x68, 0x1, 0x3, 0x80000000, {}, [@NHA_GROUP={0x4}]}, 0x1c}}, 0x400c0)

4m12.770648753s ago: executing program 4 (id=1496):
socket(0x10, 0x3, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f00000010c0)=@newtaction={0x74, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x60, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6}, @TCA_SKBMOD_PARMS={0x24}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000400)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x2, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x3}]}}]}, 0x3c}}, 0x2000400c)

4m12.692459216s ago: executing program 4 (id=1497):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T4(r6, 0x103, 0x6, &(0x7f0000000000)=0x5, 0x4)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000fddbdf252b000000180001801400020076657468305f746f5f626174616476"], 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x4048040)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000840)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000780)=ANY=[@ANYBLOB="88000000", @ANYRES16=r5, @ANYBLOB="10002dbd7000fedbdf250c000000740001801400020076657468305f746f5f626f6e640000000800030002000000140002006d6163766c616e30000000000000000008000300010000001400020070696d72656731002a00000000000000080003000000000014000200626174616476300000000000000000000800030000000000"], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x4000084)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r1)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000180)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000280)={'ip6_vti0\x00', r3, 0x29, 0xc, 0x20, 0x3, 0x68, @remote, @mcast2, 0x80, 0x10, 0xff, 0xa36}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r9 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r10 = fanotify_init(0xf00, 0x0)
fanotify_mark(r10, 0x105, 0x40009975, r9, 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r13=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r11, r13, 0x25, 0x0, @val=@netkit={@void, @value=r11}}, 0x1c)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000003000000000000000500000d"], 0x0, 0x4b}, 0x20)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r1, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x440602}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)={0x180, r7, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x4}, @HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40010}, 0x20004084)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000021c0)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {}, {0x5, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x35}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040001}, 0x40000)

4m12.382387849s ago: executing program 4 (id=1505):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x463})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x28a5291, 0x0)
mkdir(0x0, 0x10)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x3000005, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
listen(r1, 0x4)
listen(r1, 0x5)
setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x1015, 0x1)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = fsopen(&(0x7f0000000000)='gfs2meta\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='source', &(0x7f0000000180)='b:::\x00\xef\xdfB\xfa=\xe3\xd1\x9d\xe1\xbfUlJ4]y-,\x8a\x03\x91xu\x9cP\xdc\xe5\x95\xa2@\x9c\x98\xa4\xd2\xd4}\xc8]7N\xf3\x0e\'\xa0x\xfbdt\xb4\x1fW\xe7\xbe\xaf\x01.zT\xab\x92I\x104\x8c\x18\x16\x1c\x8a\x8e\xfd\x8b{ZVHZ2\xd3\xd6-~\x96\x80#\xee)+L\xf1\x00\xd5p\xe7 \x8c\xd2\a\x1e\xae\xb4\xe8\xd1\xe1\xed\xb8\x94\xb2*\x1c\xaeG\x1e\xdb\xc0Q\xb9`K\xffG\xc0\xa2\xb41\xac\x98\x01\xde}:\b\xa0Oq\xec\xa8\xf0\x8f\xe3\xa17\xe3\xd7\x9c^\x90\xfal\xbe\x81\x9a\xa4\x00K', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

4m12.311815297s ago: executing program 4 (id=1510):
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x49bca6829db76a2a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @value=r0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000001000000080000000b"], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r3, r2, 0x7}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r3, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r1}, 0x20)
write$eventfd(r0, &(0x7f0000000640)=0x9, 0x8) (async)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0xa0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0xa0}}, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="a80000000001010400000000000000000a000000380001802c000180140003000000000000000000000000000000000014000400ff01000000000000000000000000000106000340000400003c002dc85911159fa89a00000000000000000000aa14000400fe8000000000000000000000000000aa0c000280050001008400000008000740000004001800068014000400200100000000000000000000000000016dcbbcc42f244a6142b15ce7bab99ad1d64dce46a041da5ad9bba1f48760e5f55d77008fcaa2bc09de936229bfa9f26b43fb"], 0xa8}}, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f0000000180)) (async)
r7 = socket(0x10, 0x4, 0x1)
getsockname$packet(r7, 0x0, &(0x7f0000000200))
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0) (async)
r9 = syz_open_dev$loop(&(0x7f0000000100), 0x7fff, 0x1c1901)
fcntl$getown(r9, 0x9) (async)
ioctl$BLKDISCARD(r9, 0x80041284, &(0x7f0000000080)=0x800) (async)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000002000010025bd7000fcdbdf25021014010900000004000000000000000000000008000200e000000208000dfffd800000"], 0x34}}, 0x40800)
r10 = syz_open_procfs(0x0, &(0x7f0000000200)='auxv\x00')
preadv(r10, &(0x7f0000000700)=[{&(0x7f0000000640)=""/165, 0xa5}], 0x1, 0x180, 0x9)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340), 0x5) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r10, @ANYBLOB='\b\x00'/20, @ANYRES32=r11, @ANYRES16=r3, @ANYBLOB="01000000000800bbee4f0fcf1a00"/28], 0x50)

4m11.941921485s ago: executing program 4 (id=1521):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3b}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x34000800)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newroute={0x1c, 0x18, 0x1ef, 0x0, 0xfffffffc, {0xa, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfd, 0x9, 0x1900}}, 0x1c}, 0x1, 0x11}, 0x80010)

4m11.82129852s ago: executing program 33 (id=1521):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)={0x20, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3b}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x34000800)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newroute={0x1c, 0x18, 0x1ef, 0x0, 0xfffffffc, {0xa, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfd, 0x9, 0x1900}}, 0x1c}, 0x1, 0x11}, 0x80010)

3m58.952448958s ago: executing program 1 (id=1729):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, &(0x7f0000000080)="0000000000000002ff69000000000001000000c000000002000200861fa72e5b01504104bfeacdd5a9007d167c71e3b8a93aa64d957a684161c833020a6da8881fb79e110483bfadf224a22c76ecc7a56843a85f7df51293f0eb84ef8f0f07342db3b0e5a5647b7bed1fbf069ca713670adf7d9fb6d2600fd9c1981fe9f095cfe9d2fe1e1e34f6096bf02543747b2c792890f07c0da0fa25e6101062e6c9176a70e41698814a213711764f88495994cfd8a57c1e13f6b5298e7ab3a2bfb58dde34d58536633c27882e51ced17d67999b00094461", 0xd4, 0xffffffffffffffff)
r3 = syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000bfe000/0x400000)=nil)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x6860, 0x0)
r4 = syz_kvm_add_vcpu$x86(r3, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r6, &(0x7f0000000500)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r7, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000e70c00000008000500", @ANYRES32=r0], 0x50}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
utimensat(r9, 0x0, &(0x7f0000000040)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0)
bind$alg(r8, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r10 = accept4(r8, 0x0, 0x0, 0x80000)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}, 0x4}], 0x1c)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r10)
socket$packet(0x11, 0x2, 0x300)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r11, 0x4008af60, &(0x7f0000000140)={@my=0x1})

3m58.042693719s ago: executing program 1 (id=1739):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x1c, r4, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x14)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0094de4724cd082bbd7000fedb4000200000", @ANYRES32=r5, @ANYBLOB="0c009900090000005a000000"], 0x28}}, 0x4000000)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vcan0\x00'})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)

3m55.789399869s ago: executing program 1 (id=1742):
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x105400, 0x8, 0x2}, 0x18)
r1 = fspick(r0, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xe, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x138)
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r6 = syz_init_net_socket$ax25(0x3, 0x0, 0xc3)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00'})

3m55.768051439s ago: executing program 1 (id=1745):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0x2, 0x1, 0x84)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c3})
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x96762a57826036f5)
r2 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_RX(r3, 0x11a, 0x2, &(0x7f0000000100)=@ccm_128={{0x7}, "b17486ecc7061e99", "eb147c75611e16a2d1a462c28de931a6", "c511e86b", "f45640e66a4a4447"}, 0x28)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f00000000c0)=0x1, 0x4)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$peeksig(0x4209, r4, &(0x7f0000000180)={0xb578, 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x22, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="cee26026308013e9b4cbe9c2b69f8a9441c3d008c8ae18f9d9db6c5ad3228cd5db5723e42a178fff55c4d6ebd2569231aad2dc050e5dfa9f8818f5a147790f699d559fc26d300ad3e3a575e63d1908d01711d36061d15f9eaf7ab22998e88c51948ae342054cbf709c96f932336f1813797abf841ce1bfbd365fcbdbd249f3f7986ffb2686d7faaee4fe490d2051ded9f749294c8fb4cdd2cdd8e945f02e821e87909f1e3a935df87967d7d21e120b22a5b6950b7a41980ab9f043d9b2e7dd823eefe582c7d1ef5d6ea8736abf30d4925334e0b77b15e1edd6ee4ac4650b137e00cd5da0de5a094d7660ec8bb6db511ea3af04f9", @ANYRES8=r1], 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

3m55.664025137s ago: executing program 1 (id=1749):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
file_setattr(0xffffffffffffffff, 0x0, 0x0, 0x7f, 0x100)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r4, 0x40047211, &(0x7f0000000000)=0x8)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x88, 0x2c, 0xd3f, 0x30bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x58, 0x2, [@TCA_BASIC_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x2, 0x1, 0x6, 0x2}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r9, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x8, r10, 0x3c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000840)='\'', 0x1c}], 0x1}, 0x4)

3m55.462824133s ago: executing program 1 (id=1750):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000001c0)={0x14, 0x26, 0x1, 0x70bd25, 0x25dfdbfc, {0x6}}, 0x14}}, 0x20006004)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x194)

3m40.498245272s ago: executing program 34 (id=1750):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000001c0)={0x14, 0x26, 0x1, 0x70bd25, 0x25dfdbfc, {0x6}}, 0x14}}, 0x20006004)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x194)

2m29.900784131s ago: executing program 6 (id=3342):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='cdg', 0x3)
sendmmsg$inet(r0, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de2500", 0x39}, {&(0x7f0000000680)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1e7db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac54536025af1dea54e527c68b0ff250261953f2da79a78104c2d9e7b16ed86b124945aa9ab7581ebd385fb61d442035db81e18c2d271d30d1a5fff9d3b1ce90b597992b2a4d541611ce77f58dce7c9500118229e7cdf4ca7f6adca92c73d97ce54164c1942b2568635bec8e020b41fb2f8000000000000000000000000000000001c8a9f7956583e26f6f0edc415851d0b8305fe66c2b7c114e3712d87744938", 0xed}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000200)="f600e21c4bdb7f2cb71c6b25f8ead6df564b", 0x12}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000d40)="504fd84e46c1819f771555bb3dbd485672d2ba0e9572e3ee66ef94536a7dfd0082883c5bd7fcb4e185c0cd7967b8616cc0446a181b1528f750b94e39b3a39c177446c9d7d9f2ff6922899e853818a3e80b2fd38f5e782b6b42c95104fd111ddce1505140ac49ae419e6264054d2c", 0x6e}], 0x1}}], 0x3, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000040)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

2m29.851943939s ago: executing program 6 (id=3345):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000000700000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m29.851283376s ago: executing program 6 (id=3348):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='westwood', 0x8)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
close_range(r0, r0, 0x0)

2m29.80006416s ago: executing program 6 (id=3350):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xe)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000100)='./file0/../file0/../file0/../file0\x00')

2m29.741329422s ago: executing program 6 (id=3351):
openat$tun(0xffffffffffffff9c, 0x0, 0xa8442, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$packet(0x11, 0x2, 0x300)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
shutdown(r0, 0x1)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x20004000)
sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0xf, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4804}, 0x20008011)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="b80000001300e9990500000000000000fc000000000000000000000000000000fc00000000000000000000000000000000000000000000000a0030"], 0xb8}}, 0x4000)

2m29.598987046s ago: executing program 6 (id=3353):
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid\x00')
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000200)='uid_map\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
pipe2$9p(&(0x7f0000000240), 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000012c0)=ANY=[@ANYRES8=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000))

2m29.505317037s ago: executing program 35 (id=3353):
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid\x00')
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000200)='uid_map\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
pipe2$9p(&(0x7f0000000240), 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000012c0)=ANY=[@ANYRES8=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000))

2m22.100003922s ago: executing program 7 (id=3454):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x82002)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc8df, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x10, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)

2m22.012193503s ago: executing program 7 (id=3455):
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000f80), 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB='mpol=interleave=relave:'])

2m22.012013285s ago: executing program 7 (id=3457):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r0, &(0x7f0000001040)={0x27, 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x3c}, 0x60)
recvmmsg(r0, &(0x7f0000003dc0)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40000000, 0x0)

2m21.93087816s ago: executing program 7 (id=3461):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xe)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000100)='./file0/../file0/../file0/../file0\x00')

2m21.930409375s ago: executing program 7 (id=3464):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000077c0)=@newtfilter={0x24, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xfff3, 0xfff3}, {0x0, 0xfff3}, {0x2, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)

2m21.632157355s ago: executing program 7 (id=3470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="20000000380007012cbd70027ccc411e04"], 0x20}, 0x1, 0x0, 0x0, 0x24008811}, 0x8010)

2m21.583437951s ago: executing program 36 (id=3470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="20000000380007012cbd70027ccc411e04"], 0x20}, 0x1, 0x0, 0x0, 0x24008811}, 0x8010)

6.378096426s ago: executing program 3 (id=4747):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

4.310565138s ago: executing program 3 (id=4752):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f0000000040)={@val, @void, @eth={@local, @multicast, @val={@val={0x88a8, 0x5, 0x1, 0x4}, {0x8100, 0x6, 0x0, 0x6}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x1b, 0xe4, 0x0, 0x8, 0x32, 0x0, @dev={0xac, 0x14, 0x14, 0x29}, @loopback}, "d8d501b00800ca"}}}}}, 0x35)

4.190831787s ago: executing program 3 (id=4755):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYRES64], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close(r0)

2.930414756s ago: executing program 2 (id=4763):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000006180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xffffffffffffffff, 0x0, 0x0, {0x40, 0x8, 0xe, 0xfffc, 0x0, 0x1, 0x0, 0x0, 0x121, 0x2000, 0x0, r1, r2, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r3, 0x80204d01, 0x0)

2.598844512s ago: executing program 8 (id=4765):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.441071642s ago: executing program 5 (id=4767):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008e88052086800095d8b601020301090212000100000000090401"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402)
ioctl$I2C_SMBUS(r0, 0x720, 0x0)

2.438390124s ago: executing program 8 (id=4768):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000380)={{0xd9, 0xffe, 0x8, 0x8009}, 'syz0\x00', 0x11})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0x2)
dup3(r1, r0, 0x80000)

2.349392382s ago: executing program 8 (id=4769):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
accept4(r0, 0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

2.070651778s ago: executing program 2 (id=4770):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000140)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'veth0_to_hsr\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)
connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x0, @local, 'veth0_to_bridge\x00'}}, 0x1e)

2.070384898s ago: executing program 2 (id=4771):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

2.010414933s ago: executing program 2 (id=4772):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f0000000340)={r0, r0, 0xb, 0x23, &(0x7f0000000300)="6fd6137e49cd27ac39bb7bef28bdcd2d524581d6e6f5d76646d79cf73267d2442a769f", 0xdf, 0x1, 0x5, 0x1, 0xc43, 0x3, 0xfffffb57, 'syz0\x00'})

1.470657065s ago: executing program 8 (id=4773):
syz_emit_vhci(&(0x7f00000044c0)=ANY=[@ANYBLOB="04090800c8"], 0x6)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x60081, 0x0)

1.470261246s ago: executing program 8 (id=4774):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x1, 0x1003, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000008c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
readv(r5, &(0x7f0000000400)=[{&(0x7f0000004900)=""/4068, 0xfe4}], 0x1)
openat$ttynull(0xffffff9c, 0x0, 0x24800, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r3, 0x0, 0x4003)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0xf, 0x6, 0xf07, 0x0, 0x0, {0x5, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x20000010)

1.260953036s ago: executing program 5 (id=4775):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'veth0_virt_wifi\x00', 0x400})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x7, r4, 0x38}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000140)="d0", 0x1}], 0x1}, 0xc854)

1.150607156s ago: executing program 5 (id=4776):
pread64(0xffffffffffffffff, &(0x7f0000000100)=""/141, 0x8d, 0x81)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
keyctl$clear(0x3, 0xfffffffffffffffd)
request_key(&(0x7f0000000080)='user\x00', &(0x7f0000001ffb)={'syz', 0x2}, &(0x7f0000000000)='R\x10rD\x90\x05\x10\xce\x8b\xe6\x16\t\x00\x15\xb7\xb5Vd\xcd\xfbD\xccl\x1e\x94\x00#\xdd\xe7p\x9c\xcf`\x1f<\x03\x87\x97\xbb\a?\xa4\xfc\xd9v\x8b_(\xe3\x14\xcf\x15\xfc\x89\x7f', 0x0)

1.150227184s ago: executing program 2 (id=4777):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0xa02, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
read$FUSE(r1, &(0x7f0000000640)={0x2020}, 0x2020)

1.149925936s ago: executing program 3 (id=4778):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000006180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xffffffffffffffff, 0x0, 0x0, {0x40, 0x8, 0xe, 0xfffc, 0x0, 0x1, 0x0, 0x0, 0x121, 0x2000, 0x0, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x80204d01, 0x0)

1.149597439s ago: executing program 5 (id=4779):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4e20, @loopback}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x20040001)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x28)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r3 = syz_io_uring_setup(0x835, &(0x7f0000000180)={0x0, 0x679d, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0, 0x80})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.020554125s ago: executing program 3 (id=4780):
socket$alg(0x26, 0x5, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x801, 0x0)
socket$inet6(0xa, 0x4, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)

449.080603ms ago: executing program 8 (id=4781):
ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x2, 0x1, 0xc9, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x8e, 0x7}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

399.511947ms ago: executing program 2 (id=4782):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r4, 0x10e, 0x5, 0x0, 0x0)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r4)
socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
pwritev2(0xffffffffffffffff, &(0x7f0000000980)=[{&(0x7f0000000500)="be", 0x1}], 0x1, 0x5, 0xa, 0x14)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r5, 0x9c3fa077fa966179, 0x12, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800)

199.607253ms ago: executing program 5 (id=4783):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f0000000800)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000380)={r4, 0x0, 0x1ff, 0x0, 0x0, [], [0x9, 0x0, 0x0, 0x8], [0x3, 0x20000000, 0x100, 0xd], [0x1000010000000, 0x0, 0x7fffffffffffffff]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000000c0))
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

134.243198ms ago: executing program 3 (id=4784):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = socket$inet6(0xa, 0x3, 0xff)
sendto(r0, 0x0, 0xa00, 0x810, &(0x7f00000008c0)=@nl=@unspec={0x0, 0x700, 0x0, 0x80fe}, 0x80)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ppoll(&(0x7f00000000c0)=[{r1, 0x60}], 0x1, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=4785):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r0, r2, 0x25, 0x7, @void}, 0xc)
syz_emit_ethernet(0x36, &(0x7f00000004c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x14, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @multicast1}, {{0x4e22, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
syz_extract_tcp_res$synack(&(0x7f00000000c0), 0x1, 0x0)

kernel console output (not intermixed with test programs):

 bytes leftover after parsing attributes in process `syz.5.3092'.
[  302.434262][T15599] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3092'.
[  302.439130][T15599] syzkaller0: entered promiscuous mode
[  302.441075][T15599] syzkaller0: entered allmulticast mode
[  302.647793][T15619] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3100'.
[  303.385055][T15655] ÿÿÿÿÿÿ: renamed from vlan0 (while UP)
[  303.532980][   T40] audit: type=1400 audit(1772357226.705:5853): avc:  denied  { name_bind } for  pid=15662 comm="syz.6.3119" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  303.797368][T15684] syzkaller0: entered promiscuous mode
[  303.799843][T15684] syzkaller0: entered allmulticast mode
[  303.969925][   T40] audit: type=1400 audit(1772357227.145:5854): avc:  denied  { write } for  pid=15687 comm="syz.6.3130" path="socket:[61847]" dev="sockfs" ino=61847 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  305.112301][T15715] autofs4:pid:15715:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(0.0), cmd(0xc0189372)
[  305.116707][T15715] autofs4:pid:15715:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189372)
[  305.152725][T15720] syzkaller0: entered promiscuous mode
[  305.165829][T15720] syzkaller0: entered allmulticast mode
[  305.486481][T15732] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3150'.
[  305.489889][T15732] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3150'.
[  305.495529][T15732] 0: reclassify loop, rule prio 0, protocol 800
[  305.675964][   T40] audit: type=1400 audit(1772357228.845:5855): avc:  denied  { write } for  pid=15740 comm="syz.2.3153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  306.063784][ T6012] IPVS: starting estimator thread 0...
[  306.149065][T15752] IPVS: using max 42 ests per chain, 100800 per kthread
[  307.106606][   T40] audit: type=1400 audit(1772357230.275:5856): avc:  denied  { create } for  pid=15800 comm="syz.6.3176" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tipc_socket permissive=1
[  307.378417][T15818] syzkaller0: entered promiscuous mode
[  307.380883][T15818] syzkaller0: entered allmulticast mode
[  307.433627][T13858] IPVS: starting estimator thread 0...
[  307.528336][T15821] IPVS: using max 42 ests per chain, 100800 per kthread
[  309.369555][T15881] netlink: 'syz.2.3210': attribute type 10 has an invalid length.
[  309.811027][T15895] usb usb8: usbfs: process 15895 (syz.3.3216) did not claim interface 0 before use
[  310.728161][ T5940] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  311.100543][T15959] usb usb8: usbfs: process 15959 (syz.2.3241) did not claim interface 0 before use
[  311.138375][T15967] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  311.193335][T15972] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3246'.
[  311.196486][T15972] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3246'.
[  311.200881][T15972] syzkaller0: entered promiscuous mode
[  311.203086][T15972] syzkaller0: entered allmulticast mode
[  311.206602][T11186] 0: reclassify loop, rule prio 0, protocol 800
[  311.290367][T15977] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3249'.
[  311.293504][T15977] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3249'.
[  311.302350][T15977] 0: reclassify loop, rule prio 0, protocol 800
[  311.305150][T15979] netlink: 'syz.5.3248': attribute type 10 has an invalid length.
[  311.309872][T15979] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.313721][T15979] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  311.323399][T15979] bond0: (slave batadv0): Releasing backup interface
[  311.855998][T16030] netlink: 'syz.6.3272': attribute type 1 has an invalid length.
[  311.925611][T16036] program syz.5.3275 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  312.644450][T16076] bridge0: entered promiscuous mode
[  312.648356][T16076] bridge0: port 1(macsec2) entered blocking state
[  312.651392][T16076] bridge0: port 1(macsec2) entered disabled state
[  312.653637][T16076] macsec2: entered allmulticast mode
[  312.655521][T16076] bridge0: entered allmulticast mode
[  312.659311][T16076] macsec2: left allmulticast mode
[  312.661115][T16076] bridge0: left allmulticast mode
[  312.664214][T16076] bridge0: left promiscuous mode
[  314.156569][T16148] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3327'.
[  314.209643][T16158] Invalid argument reading file caps for ./file0
[  314.288753][T16171] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3339'.
[  314.443748][   T40] audit: type=1326 audit(1772357237.615:5857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.451704][   T40] audit: type=1326 audit(1772357237.615:5858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.461180][   T40] audit: type=1326 audit(1772357237.615:5859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.469510][   T40] audit: type=1326 audit(1772357237.615:5860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.477975][   T40] audit: type=1326 audit(1772357237.615:5861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.488961][   T40] audit: type=1326 audit(1772357237.615:5862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.500097][   T40] audit: type=1326 audit(1772357237.615:5863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.519591][   T40] audit: type=1326 audit(1772357237.615:5864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.531675][   T40] audit: type=1326 audit(1772357237.615:5865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.542112][   T40] audit: type=1326 audit(1772357237.615:5866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16194 comm="syz.6.3350" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7efff499c799 code=0x7ffc0000
[  314.554636][T12767] bond0: (slave syz_tun): Releasing backup interface
[  314.562417][T11186] bond1: (slave macvlan2): speed changed to 0 on port 1
[  314.669732][   T59] bond1: (slave macvlan2): link status definitely down, disabling slave
[  314.807384][ T5284] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  314.811908][ T5284] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  314.816571][ T5284] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  314.819900][ T5284] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  314.823209][ T5284] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  314.950048][T16201] chnl_net:caif_netlink_parms(): no params data found
[  315.000608][T16201] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.003000][T16201] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.005472][T16201] bridge_slave_0: entered allmulticast mode
[  315.008280][T16201] bridge_slave_0: entered promiscuous mode
[  315.011557][T16201] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.014123][T16201] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.016641][T16201] bridge_slave_1: entered allmulticast mode
[  315.020262][T16201] bridge_slave_1: entered promiscuous mode
[  315.042093][T16201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  315.046488][T16201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  315.066810][T16201] team0: Port device team_slave_0 added
[  315.070287][T16201] team0: Port device team_slave_1 added
[  315.087438][T16201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  315.089932][T16201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  315.098979][T16201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  315.103531][T16201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  315.106439][T16201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  315.115979][T16201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  315.140218][T16201] hsr_slave_0: entered promiscuous mode
[  315.142673][T16201] hsr_slave_1: entered promiscuous mode
[  315.144814][T16201] debugfs: 'hsr0' already exists in 'hsr'
[  315.146696][T16201] Cannot create hsr debugfs directory
[  315.247420][T16201] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  315.260495][T16201] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  315.266539][T16201] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  315.270962][T16201] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  315.286460][T16201] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.287601][T16223] netlink: 276 bytes leftover after parsing attributes in process `syz.2.3358'.
[  315.288901][T16201] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.289017][T16201] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.289061][T16201] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.301710][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.308122][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.350162][T16201] 8021q: adding VLAN 0 to HW filter on device bond0
[  315.360791][T16201] 8021q: adding VLAN 0 to HW filter on device team0
[  315.366520][T11180] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.369067][T11180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.375511][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.378709][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.479754][T16244] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3366'.
[  315.516686][T16201] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.682408][T16201] veth0_vlan: entered promiscuous mode
[  315.688976][T16201] veth1_vlan: entered promiscuous mode
[  315.713163][T16201] veth0_macvtap: entered promiscuous mode
[  315.717108][T16201] veth1_macvtap: entered promiscuous mode
[  315.726363][T16201] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.734169][T16201] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.740976][   T59] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.744901][   T59] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.750445][   T59] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.754346][   T59] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.806609][T11186] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  315.810687][T11186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  315.833210][T11201] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  315.836159][T11201] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.042468][T16270] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3375'.
[  316.374048][T16283] macvtap1: entered promiscuous mode
[  316.376481][T16283] macvtap1: entered allmulticast mode
[  316.381918][T16283] dummy0: entered promiscuous mode
[  316.384677][T16283] dummy0: entered allmulticast mode
[  316.388808][T16283] team0: Device macvtap1 failed to register rx_handler
[  316.392303][T16283] dummy0: left allmulticast mode
[  316.394702][T16283] dummy0: left promiscuous mode
[  316.884758][T16312] syzkaller0: entered promiscuous mode
[  316.887165][T16312] syzkaller0: entered allmulticast mode
[  316.889819][ T5284] Bluetooth: hci3: command tx timeout
[  318.385562][T16321] macvtap1: entered promiscuous mode
[  318.390698][T16321] macvtap1: entered allmulticast mode
[  318.408892][T16326] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3398'.
[  318.412032][T16326] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3398'.
[  318.416991][T16325] 0: reclassify loop, rule prio 0, protocol 800
[  318.440419][T16330] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3399'.
[  318.472415][  T830] IPVS: starting estimator thread 0...
[  318.559183][T16333] IPVS: using max 42 ests per chain, 100800 per kthread
[  318.721243][T16358] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3412'.
[  318.803975][T16362] macvtap1: entered promiscuous mode
[  318.806542][T16362] macvtap1: entered allmulticast mode
[  318.978254][ T5284] Bluetooth: hci3: command tx timeout
[  319.340885][T16375] random: crng reseeded on system resumption
[  319.356760][T16377] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3421'.
[  321.058168][ T5284] Bluetooth: hci3: command tx timeout
[  321.851200][T16443] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3450'.
[  322.089107][    C3] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  322.094624][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  322.199748][T16454] tmpfs: Bad value for 'mpol'
[  322.247310][T16462] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[  322.426323][T16475] netlink: 'syz.3.3466': attribute type 1 has an invalid length.
[  322.596307][T11180] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.684069][T11180] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.721955][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  322.726385][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  322.731216][ T5940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  322.734838][ T5940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  322.745660][ T5940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  322.747027][T11180] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.812125][T16489] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3473'.
[  322.816233][T16489] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3473'.
[  322.837109][T16489] 0: reclassify loop, rule prio 0, protocol 800
[  322.850260][T11180] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.897526][T16483] chnl_net:caif_netlink_parms(): no params data found
[  323.012686][T11180] bridge_slave_1: left allmulticast mode
[  323.015586][T11180] bridge_slave_1: left promiscuous mode
[  323.017487][T11180] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.022159][T11180] bridge_slave_0: left allmulticast mode
[  323.024013][T11180] bridge_slave_0: left promiscuous mode
[  323.025972][T11180] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.183544][T11180] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  323.190718][T11180] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.197143][T11180] bond0 (unregistering): Released all slaves
[  323.220498][T16483] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.223773][T16483] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.226999][T16483] bridge_slave_0: entered allmulticast mode
[  323.231294][T16483] bridge_slave_0: entered promiscuous mode
[  323.236765][T16483] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.240076][T16483] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.243252][T16483] bridge_slave_1: entered allmulticast mode
[  323.247440][T16483] bridge_slave_1: entered promiscuous mode
[  323.282073][T16483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.288446][T16483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.309297][T16483] team0: Port device team_slave_0 added
[  323.324013][T16483] team0: Port device team_slave_1 added
[  323.339035][T16483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  323.341594][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  323.350742][T16483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  323.356015][T16483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  323.358445][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  323.366952][T16483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.403621][T16483] hsr_slave_0: entered promiscuous mode
[  323.413203][T16483] hsr_slave_1: entered promiscuous mode
[  323.421060][T16483] debugfs: 'hsr0' already exists in 'hsr'
[  323.423529][T16483] Cannot create hsr debugfs directory
[  323.509547][T11180] hsr_slave_0: left promiscuous mode
[  323.512870][T11180] hsr_slave_1: left promiscuous mode
[  323.515588][T11180] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  323.518579][T11180] batman_adv: batadv0: Removing interface: batadv_slave_0
[  323.524539][T11180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  323.527076][T11180] batman_adv: batadv0: Removing interface: batadv_slave_1
[  323.533860][T11180] veth1_macvtap: left promiscuous mode
[  323.535728][T11180] veth0_macvtap: left promiscuous mode
[  323.537536][T11180] veth1_vlan: left promiscuous mode
[  323.539407][T11180] veth0_vlan: left promiscuous mode
[  323.675139][T11180] team0 (unregistering): Port device team_slave_1 removed
[  323.682792][T11180] team0 (unregistering): Port device team_slave_0 removed
[  323.810013][T16483] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  323.816739][T16483] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  323.824206][T16483] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  323.830216][T16483] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  323.907057][T16483] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.921812][T16483] 8021q: adding VLAN 0 to HW filter on device team0
[  323.927644][  T648] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.930950][  T648] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.939465][T11201] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.941928][T11201] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.982482][T16483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  323.986158][T16483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  324.076247][T11180] IPVS: stop unused estimator thread 0...
[  324.082013][T16483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.216085][T16483] veth0_vlan: entered promiscuous mode
[  324.223803][T16483] veth1_vlan: entered promiscuous mode
[  324.249035][T16483] veth0_macvtap: entered promiscuous mode
[  324.253945][T16483] veth1_macvtap: entered promiscuous mode
[  324.269539][T16483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.277668][T16483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.286696][  T648] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.291207][  T648] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.294737][T11201] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.297776][T11192] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.808215][ T5940] Bluetooth: hci3: command tx timeout
[  324.962030][T16544] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  324.999546][T11186] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.002714][T11186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.034338][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.037708][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.506509][ T5284] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  325.512703][ T5284] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  325.520030][ T5284] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  325.523497][ T5284] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  325.526417][ T5284] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  325.630808][  T648] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.699940][  T648] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.715866][T16583] chnl_net:caif_netlink_parms(): no params data found
[  325.776834][  T648] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.804251][T16583] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.807186][T16583] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.810465][T16583] bridge_slave_0: entered allmulticast mode
[  325.814148][T16583] bridge_slave_0: entered promiscuous mode
[  325.818712][T16583] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.821381][T16583] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.824261][T16583] bridge_slave_1: entered allmulticast mode
[  325.828537][T16583] bridge_slave_1: entered promiscuous mode
[  325.847106][T16583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  325.852951][T16583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.878594][  T648] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.902619][T16583] team0: Port device team_slave_0 added
[  325.908527][T16583] team0: Port device team_slave_1 added
[  325.931021][T16583] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.933949][T16583] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.947684][T16583] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.955243][T16583] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.958649][T16583] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.970012][T16583] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  326.017222][T16583] hsr_slave_0: entered promiscuous mode
[  326.020772][T16583] hsr_slave_1: entered promiscuous mode
[  326.023817][T16583] debugfs: 'hsr0' already exists in 'hsr'
[  326.026255][T16583] Cannot create hsr debugfs directory
[  326.412920][  T648] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  326.420559][  T648] bond0 (unregistering): Released all slaves
[  326.425618][  T648] bond1 (unregistering): Released all slaves
[  326.434160][  T648] bond2 (unregistering): Released all slaves
[  326.495280][T16615] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3501'.
[  326.584163][  T648] tipc: Disabling bearer <eth:syzkaller0>
[  326.586678][  T648] tipc: Left network mode
[  326.748951][T16638] macvtap1: entered promiscuous mode
[  326.750814][T16638] macvtap1: entered allmulticast mode
[  326.779885][T16636] syzkaller0: entered promiscuous mode
[  326.781755][T16636] syzkaller0: entered allmulticast mode
[  326.898362][ T5940] Bluetooth: hci3: command tx timeout
[  327.609704][ T5940] Bluetooth: hci4: command tx timeout
[  328.573243][T16583] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  328.583379][T16583] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  328.595074][T16583] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  328.611282][T16583] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  328.622804][T16685] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3522'.
[  328.657642][  T648] hsr_slave_0: left promiscuous mode
[  328.665298][  T648] veth1_to_batadv: left promiscuous mode
[  328.667214][  T648] veth1_macvtap: left promiscuous mode
[  328.670099][  T648] veth1_vlan: left promiscuous mode
[  328.671893][  T648] veth0_vlan: left promiscuous mode
[  328.714109][  T648] pimreg (unregistering): left allmulticast mode
[  328.719371][  T648] pim6reg (unregistering): left allmulticast mode
[  328.856547][T16694] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3524'.
[  328.906616][T16702] syzkaller0: entered promiscuous mode
[  328.912835][T16702] syzkaller0: entered allmulticast mode
[  328.978046][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  329.689988][ T5284] Bluetooth: hci4: command tx timeout
[  330.466718][T16738] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3534'.
[  330.472745][T16731] syzkaller0: entered promiscuous mode
[  330.474596][T16731] syzkaller0: entered allmulticast mode
[  331.051453][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  331.777956][ T5284] Bluetooth: hci4: command tx timeout
[  331.829118][T16583] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.841951][T16583] 8021q: adding VLAN 0 to HW filter on device team0
[  331.850356][T11185] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.853499][T11185] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.862624][T11186] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.865756][T11186] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.941192][  T648] IPVS: stop unused estimator thread 0...
[  332.004963][T16583] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.023282][T16765] syzkaller0: entered promiscuous mode
[  332.025216][T16765] syzkaller0: entered allmulticast mode
[  332.331880][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  333.132470][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  333.446539][T16583] veth0_vlan: entered promiscuous mode
[  333.452397][T16583] veth1_vlan: entered promiscuous mode
[  333.467048][T16583] veth0_macvtap: entered promiscuous mode
[  333.471699][T16583] veth1_macvtap: entered promiscuous mode
[  333.480782][T16583] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.487054][T16583] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.494332][T11192] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.497820][T11192] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.502341][T11192] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.505994][T11192] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.544931][T16744] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  333.577558][  T648] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.581168][  T648] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.611940][  T648] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.614509][  T648] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.696051][T16786] syzkaller0: entered promiscuous mode
[  333.699186][T16786] syzkaller0: entered allmulticast mode
[  333.857982][ T5284] Bluetooth: hci4: command tx timeout
[  334.717198][T16811] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3559'.
[  335.043435][T16828] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3567'.
[  335.357126][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  335.357140][   T40] audit: type=1400 audit(1772357258.525:5880): avc:  denied  { module_load } for  pid=16841 comm="syz.2.3574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  336.605422][T16775] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  336.645054][T16861] syzkaller0: entered promiscuous mode
[  336.646947][T16861] syzkaller0: entered allmulticast mode
[  336.689791][   T40] audit: type=1400 audit(1772357259.865:5881): avc:  denied  { connect } for  pid=16869 comm="syz.8.3586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  337.769846][T16902] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3594'.
[  338.274595][T16884] syzkaller0: entered promiscuous mode
[  338.276514][T16884] syzkaller0: entered allmulticast mode
[  339.534864][ T5940] Bluetooth: hci2: command 0x040f tx timeout
[  339.772171][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  339.799888][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  340.008120][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  340.162050][T16954] "syz.8.3610" (16954) uses obsolete ecb(arc4) skcipher
[  340.399271][T16975] syzkaller0: entered promiscuous mode
[  340.401507][T16975] syzkaller0: entered allmulticast mode
[  341.664020][T17036] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3625'.
[  342.014388][T17077] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3638'.
[  342.018231][T17077] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3638'.
[  342.262163][T17101] netlink: 'syz.2.3646': attribute type 12 has an invalid length.
[  342.265037][T17101] netlink: 'syz.2.3646': attribute type 29 has an invalid length.
[  342.267682][T17101] netlink: 'syz.2.3646': attribute type 1 has an invalid length.
[  342.270937][T17101] netlink: 'syz.2.3646': attribute type 37 has an invalid length.
[  342.273494][T17101] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3646'.
[  342.276872][T17101] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.417072][T17109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3648'.
[  342.421348][T17109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3648'.
[  342.752465][   T29] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  342.977951][T17140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3653'.
[  342.981326][T17140] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3653'.
[  343.092075][   T40] audit: type=1400 audit(1772357266.265:5882): avc:  denied  { connect } for  pid=17136 comm="syz.3.3653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  344.413480][   T40] audit: type=1400 audit(1772357267.585:5883): avc:  denied  { recv } for  pid=0 comm="swapper/1" saddr=10.0.2.2 src=67 daddr=255.255.255.255 dest=68 netif=eth0 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  353.943940][   T40] audit: type=1400 audit(1772357277.115:5884): avc:  denied  { bind } for  pid=17209 comm="syz.8.3671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  354.393922][T17240] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3681'.
[  354.409907][T17240] 8021q: adding VLAN 0 to HW filter on device bond1
[  354.431307][T17240] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3681'.
[  354.435030][T17240] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3681'.
[  354.462382][T17240] 8021q: adding VLAN 0 to HW filter on device bond0
[  354.468829][T17240] bond1: (slave bond0): making interface the new active one
[  354.472185][T17240] bond1: (slave bond0): Enslaving as an active interface with an up link
[  354.509047][T17240] netlink: 'syz.3.3681': attribute type 4 has an invalid length.
[  354.511729][T17240] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3681'.
[  354.516751][T17240] .`: renamed from bond0 (while UP)
[  354.632158][T11196] bond1: (slave .`): link status definitely down, disabling slave
[  354.636598][T11196] bond1: now running without any active interface!
[  354.836464][T17263] bridge0: port 3(erspan0) entered blocking state
[  354.838807][T17263] bridge0: port 3(erspan0) entered disabled state
[  354.841050][T17263] erspan0: entered allmulticast mode
[  354.844303][T17263] erspan0: entered promiscuous mode
[  354.846694][T17263] bridge0: port 3(erspan0) entered blocking state
[  354.849982][T17263] bridge0: port 3(erspan0) entered forwarding state
[  355.289016][   T40] audit: type=1400 audit(1772357278.455:5885): avc:  denied  { mount } for  pid=17281 comm="syz.2.3696" name="/" dev="hugetlbfs" ino=72826 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  355.506003][T17289] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3697'.
[  355.768257][   T10] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  355.893111][T17291] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3697'.
[  355.897004][T17291] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3697'.
[  355.949833][T17293] netlink: 'syz.5.3697': attribute type 4 has an invalid length.
[  355.952390][T17293] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3697'.
[  356.018793][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  356.024126][   T10] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  356.027799][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.035986][   T10] usb 7-1: config 0 descriptor??
[  356.061126][T17289] 8021q: adding VLAN 0 to HW filter on device bond3
[  356.065077][T17291] 8021q: adding VLAN 0 to HW filter on device bond0
[  356.070962][T17291] bond3: (slave bond0): Enslaving as an active interface with a down link
[  356.074556][T17293] .`: renamed from bond0 (while UP)
[  356.446481][   T10] usbhid 7-1:0.0: can't add hid device: -71
[  356.452902][   T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  356.458898][   T10] usb 7-1: USB disconnect, device number 18
[  357.497527][T17346] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(5)
[  357.499678][T17346] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  357.503993][T17346] vhci_hcd vhci_hcd.0: Device attached
[  357.655396][T17356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3717'.
[  357.658381][T17356] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3717'.
[  357.742890][T17360] syzkaller0: entered promiscuous mode
[  357.745513][T17360] syzkaller0: entered allmulticast mode
[  357.757913][ T5973] usb 53-1: new low-speed USB device number 2 using vhci_hcd
[  358.043077][T17347] vhci_hcd: connection reset by peer
[  358.045367][T11185] vhci_hcd vhci_hcd.8: stop threads
[  358.047148][T11185] vhci_hcd vhci_hcd.8: release socket
[  358.049307][T11185] vhci_hcd vhci_hcd.8: disconnect device
[  358.834662][ T5284] Bluetooth: hci3: unexpected event for opcode 0x0c12
[  359.367044][   T50] hid (null): unknown global tag 0xd
[  359.370606][   T50] hid (null): unknown global tag 0xd
[  359.386104][   T50] hid-generic 0005:0005:0001.0005: unknown global tag 0xd
[  359.391004][T17406] syzkaller0: entered promiscuous mode
[  359.394994][   T50] hid-generic 0005:0005:0001.0005: item 0 2 1 13 parsing failed
[  359.398635][   T50] hid-generic 0005:0005:0001.0005: probe with driver hid-generic failed with error -22
[  359.399301][T17406] syzkaller0: entered allmulticast mode
[  359.433808][T17408] syzkaller0: entered promiscuous mode
[  359.435900][T17408] syzkaller0: entered allmulticast mode
[  360.040634][T17430] syzkaller0: entered promiscuous mode
[  360.043009][T17430] syzkaller0: entered allmulticast mode
)[  361.100427][T17453] syzkaller0: entered promiscuous mode
[  361.102346][T17453] syzkaller0: entered allmulticast mode
[  362.109973][T17481] syzkaller0: entered promiscuous mode
[  362.112140][T17481] syzkaller0: entered allmulticast mode
[  362.289852][   T34] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  362.449247][   T34] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  362.452017][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  362.458065][   T34] usb 7-1: config 0 has no interfaces?
[  362.462166][   T34] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  362.466453][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.471326][   T34] usb 7-1: config 0 descriptor??
[  362.689539][   T24] usb 7-1: USB disconnect, device number 19
[  363.322945][T17522] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  363.376632][T17536] Bluetooth: hci1: Frame reassembly failed (-84)
[  363.446427][T11186] Bluetooth: hci1: Frame reassembly failed (-84)
[  363.698033][ T5973] vhci_hcd vhci_hcd.8: vhci_device speed not set
[  364.187919][ T9470] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  364.358007][ T9470] usb 10-1: Using ep0 maxpacket: 32
[  364.361799][ T9470] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  364.365351][ T9470] usb 10-1: config 0 has no interface number 0
[  364.370851][ T9470] usb 10-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  364.374805][ T9470] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.387895][ T9470] usb 10-1: Product: syz
[  364.387915][ T9470] usb 10-1: Manufacturer: syz
[  364.387928][ T9470] usb 10-1: SerialNumber: syz
[  364.400831][ T9470] usb 10-1: config 0 descriptor??
[  364.405847][ T9470] usb 10-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  364.409334][ T9470] usb 10-1: selecting invalid altsetting 1
[  364.411220][ T9470] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  364.423355][ T9470] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  364.428274][ T9470] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  364.438244][ T9470] usb 10-1: media controller created
[  364.445704][T17580] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3807'.
[  364.445997][ T9470] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  364.808075][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  365.457941][ T5284] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  365.457944][ T5940] Bluetooth: hci1: command 0x1003 tx timeout
[  365.528172][ T9470] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  365.534060][ T9470] zl10353_read_register: readreg error (reg=127, ret==-110)
[  365.599800][T17554] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  365.605936][ T9470] usb 10-1: USB disconnect, device number 9
[  365.953607][T17644] sch_tbf: burst 21989 is lower than device lo mtu (65550) !
[  366.562225][T17670] syzkaller0: entered promiscuous mode
[  366.564971][T17670] syzkaller0: entered allmulticast mode
[  367.459626][T17701] netlink: 'syz.5.3855': attribute type 8 has an invalid length.
[  367.466949][   T50] hid (null): report_id 0 is invalid
[  367.470183][   T50] hid (null): unknown global tag 0xe
[  367.472138][   T50] hid (null): report_id 0 is invalid
[  367.474374][   T50] hid (null): invalid report_count 352830613
[  367.476863][   T50] hid (null): unknown global tag 0xc
[  367.479418][   T50] hid (null): unknown global tag 0xe
[  367.481773][   T50] hid (null): unknown global tag 0xe
[  367.484085][   T50] hid (null): unknown global tag 0xd
[  367.493246][   T50] hid-generic 0002:0005:07FF.0006: report_id 0 is invalid
[  367.496350][   T50] hid-generic 0002:0005:07FF.0006: item 0 0 1 8 parsing failed
[  367.500636][   T50] hid-generic 0002:0005:07FF.0006: probe with driver hid-generic failed with error -22
[  367.669366][   T40] audit: type=1400 audit(1772357290.845:5886): avc:  denied  { setattr } for  pid=17718 comm="syz.5.3862" name="/" dev="9p" ino=72614145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  368.228055][ T5739] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  368.379800][ T5739] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  368.383800][ T5739] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  368.387165][ T5739] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  368.390233][ T5739] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.397322][T17726] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  368.406919][ T5739] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  368.613868][T17726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.618810][T17726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.689997][  T830] usb 10-1: USB disconnect, device number 10
[  369.737281][T17764] rtc_cmos 00:05: Alarms can be up to one day in the future
[  369.749186][T17763] rtc_cmos 00:05: Alarms can be up to one day in the future
[  369.768743][T17767] syzkaller0: entered promiscuous mode
[  369.770609][T17767] syzkaller0: entered allmulticast mode
[  369.827244][   T29] rtc_cmos 00:05: Alarms can be up to one day in the future
[  369.831907][T17774] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3882'.
[  369.836176][   T29] rtc_cmos 00:05: Alarms can be up to one day in the future
[  369.841013][   T29] rtc_cmos 00:05: Alarms can be up to one day in the future
[  369.845288][   T29] rtc_cmos 00:05: Alarms can be up to one day in the future
[  369.852733][   T29] rtc rtc0: __rtc_set_alarm: err=-22
[  370.152493][T17799] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  370.154747][T17799] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  370.157527][T17799] vhci_hcd vhci_hcd.0: Device attached
[  370.317688][   T40] audit: type=1400 audit(1772357293.485:5887): avc:  denied  { read } for  pid=17805 comm="syz.2.3893" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  370.371963][T17806] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  370.385339][T17806] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  370.427979][   T29] usb 44-1: SetAddress Request (2) to port 0
[  370.431077][   T29] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  370.490341][T17806] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  370.503323][T17806] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  370.513065][T17806] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  370.517880][T17806] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  370.528111][T17806] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  370.535433][T17806] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  370.540070][T17806] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  370.551591][T17806] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  370.556176][T17806] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  370.574788][T17806] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  370.749206][T17800] vhci_hcd: connection reset by peer
[  370.751449][   T59] vhci_hcd vhci_hcd.3: stop threads
[  370.753719][   T59] vhci_hcd vhci_hcd.3: release socket
[  370.756215][   T59] vhci_hcd vhci_hcd.3: disconnect device
[  370.769931][   T40] audit: type=1400 audit(1772357293.945:5888): avc:  denied  { map } for  pid=17805 comm="syz.2.3893" path="/111/file0" dev="tmpfs" ino=585 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  371.020970][T17824] syzkaller0: entered promiscuous mode
[  371.023494][T17824] syzkaller0: entered allmulticast mode
[  371.027622][T17821] loop6: detected capacity change from 0 to 2560
[  371.032944][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.040837][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.045764][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.049734][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.053366][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.063598][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.067291][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.072297][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.076100][T17821] ldm_validate_partition_table(): Disk read failed.
[  371.101874][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.107260][T17821] Buffer I/O error on dev loop6, logical block 0, async page read
[  371.111040][T17821] Dev loop6: unable to read RDB block 0
[  371.114187][T17821]  loop6: unable to read partition table
[  371.123842][T17821] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  371.690887][ T5333] ldm_validate_partition_table(): Disk read failed.
[  371.698124][ T5333] Dev loop6: unable to read RDB block 0
[  371.705173][ T5333]  loop6: unable to read partition table
[  372.024726][T17883] rtc_cmos 00:05: Alarms can be up to one day in the future
[  372.091781][T17889] syzkaller0: entered promiscuous mode
[  372.093875][T17889] syzkaller0: entered allmulticast mode
[  372.247083][T17901] syzkaller0: entered promiscuous mode
[  372.249249][T17901] syzkaller0: entered allmulticast mode
[  372.409071][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  372.567945][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout
[  372.568953][ T5930] Bluetooth: hci3: command 0x040f tx timeout
[  372.569228][T17914] Bluetooth: hci5: command 0x0c1a tx timeout
[  372.569267][T17914] Bluetooth: hci2: command 0x040f tx timeout
[  372.649027][T17918] rtc_cmos 00:05: Alarms can be up to one day in the future
[  372.709786][T17920] syzkaller0: entered promiscuous mode
[  372.713605][T17920] syzkaller0: entered allmulticast mode
[  372.718716][   T40] audit: type=1400 audit(1772357295.895:5889): avc:  denied  { write } for  pid=17921 comm="syz.3.3928" path="socket:[73491]" dev="sockfs" ino=73491 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  373.040728][T17933] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3932'.
[  373.043905][T17933] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3932'.
[  373.202908][T17939] rtc_cmos 00:05: Alarms can be up to one day in the future
[  373.792791][T17959] fuse: Bad value for 'fd'
[  374.087949][T17943] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  374.091381][T17943] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  374.093758][T17943] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  374.095963][T17943] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  374.098379][T17943] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  374.175427][T17966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3943'.
[  374.178532][T17966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3943'.
[  374.192510][T17972] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3946'.
[  374.418873][ T5998] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  374.587938][ T5998] usb 13-1: Using ep0 maxpacket: 32
[  374.591976][ T5998] usb 13-1: config 0 has an invalid interface number: 1 but max is 0
[  374.595106][ T5998] usb 13-1: config 0 has no interface number 0
[  374.599552][ T5998] usb 13-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  374.602705][ T5998] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.605545][ T5998] usb 13-1: Product: syz
[  374.607114][ T5998] usb 13-1: Manufacturer: syz
[  374.608978][ T5998] usb 13-1: SerialNumber: syz
[  374.612895][ T5998] usb 13-1: config 0 descriptor??
[  374.618908][ T5998] usb 13-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  374.621942][ T5998] usb 13-1: selecting invalid altsetting 1
[  374.623929][ T5998] usb 13-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  374.631390][ T5998] usb 13-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  374.635141][ T5998] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  374.639459][ T5998] usb 13-1: media controller created
[  374.651307][ T5998] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  374.822128][ T5998] usb 13-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  374.825451][ T5998] zl10353_read_register: readreg error (reg=127, ret==-71)
[  374.828473][ T5998] usb 13-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  374.853690][ T5998] usb 13-1: USB disconnect, device number 2
[  375.446285][T18006] loop7: detected capacity change from 0 to 16384
[  375.502646][T18010] fuse: Bad value for 'fd'
[  375.528696][   T29] usb 44-1: device descriptor read/8, error -110
[  375.611857][T18006] fuse: Bad value for 'fd'
[  375.921535][T17988] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  375.924428][T17988] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  375.927211][T17988] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  375.928694][   T29] usb usb44-port1: attempt power cycle
[  375.930068][T17988] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  375.937264][T17988] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  375.981621][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880377cf000: rx timeout, send abort
[  376.000153][   T40] audit: type=1400 audit(1772357299.175:5890): avc:  denied  { read } for  pid=5315 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  376.019951][   T40] audit: type=1400 audit(1772357299.185:5891): avc:  denied  { search } for  pid=5315 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  376.037932][   T40] audit: type=1400 audit(1772357299.195:5892): avc:  denied  { search } for  pid=5315 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  376.045219][   T40] audit: type=1400 audit(1772357299.195:5893): avc:  denied  { add_name } for  pid=5315 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  376.053530][   T40] audit: type=1400 audit(1772357299.195:5894): avc:  denied  { create } for  pid=5315 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  376.060965][   T40] audit: type=1400 audit(1772357299.195:5895): avc:  denied  { append open } for  pid=5315 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  376.071192][   T40] audit: type=1400 audit(1772357299.195:5896): avc:  denied  { getattr } for  pid=5315 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  376.267026][T18040] fuse: Bad value for 'fd'
[  376.317952][  T830] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  376.467950][  T830] usb 7-1: Using ep0 maxpacket: 32
[  376.472837][  T830] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  376.476550][  T830] usb 7-1: config 0 has no interface number 0
[  376.481623][  T830] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  376.485773][  T830] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.486993][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880377cf000: abort rx timeout. Force session deactivation
[  376.489530][  T830] usb 7-1: Product: syz
[  376.495598][  T830] usb 7-1: Manufacturer: syz
[  376.497769][  T830] usb 7-1: SerialNumber: syz
[  376.502565][  T830] usb 7-1: config 0 descriptor??
[  376.507082][  T830] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  376.508450][   T29] usb usb44-port1: unable to enumerate USB device
[  376.510579][  T830] usb 7-1: selecting invalid altsetting 1
[  376.514478][  T830] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  376.520329][  T830] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  376.523911][  T830] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  376.526726][  T830] usb 7-1: media controller created
[  376.534019][  T830] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  376.710248][  T830] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  376.712688][  T830] zl10353_read_register: readreg error (reg=127, ret==-71)
[  376.715810][  T830] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  376.734945][  T830] usb 7-1: USB disconnect, device number 20
[  377.018721][T18037] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  377.020992][T18037] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  377.023180][T18037] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  377.025306][T18037] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  377.027783][T18037] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  377.250831][ T5284] Bluetooth: hci4: unexpected event for opcode 0x0c22
[  377.457955][  T830] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  377.609620][  T830] usb 10-1: config 0 has no interfaces?
[  377.614175][  T830] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  377.618238][  T830] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  377.621717][  T830] usb 10-1: Product: syz
[  377.623565][  T830] usb 10-1: Manufacturer: syz
[  377.625695][  T830] usb 10-1: SerialNumber: syz
[  377.630516][  T830] usb 10-1: config 0 descriptor??
[  377.853270][ T5973] usb 10-1: USB disconnect, device number 11
[  378.452496][T18098] sctp: [Deprecated]: syz.5.3993 (pid 18098) Use of struct sctp_assoc_value in delayed_ack socket option.
[  378.452496][T18098] Use struct sctp_sack_info instead
[  378.766684][T18073] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  378.769250][T18073] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  378.772571][T18073] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  378.774909][T18073] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  378.777463][T18073] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  378.799017][T18103] cdrom: dropping to single frame dma
[  379.977909][T18124] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4002'.
[  380.013594][ T5284] Bluetooth: hci0: command 0x0401 tx timeout
[  380.827971][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  380.830534][ T5284] Bluetooth: hci5: command 0x0c1a tx timeout
[  380.833106][ T5930] Bluetooth: hci2: command 0x040f tx timeout
[  381.326607][T18126] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  381.328837][T18126] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  381.330964][T18126] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  381.333188][T18126] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  381.335975][T18126] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  382.294830][T18186] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4019'.
[  382.298116][T18186] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4019'.
[  382.308579][T18186] syzkaller0: entered promiscuous mode
[  382.310977][T18186] syzkaller0: entered allmulticast mode
[  383.180321][T18189] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  383.183204][T18189] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  383.185640][T18189] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  383.188128][T18189] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  383.193814][T18189] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  383.315921][T18237] syzkaller0: entered promiscuous mode
[  383.318010][T18237] syzkaller0: entered allmulticast mode
[  383.327329][T18240] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4033'.
[  383.490147][T18242] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  383.493132][T18242] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  383.496158][T18242] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  383.499519][T18242] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  383.505267][T18242] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  383.509544][T18242] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  383.532780][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  383.684649][T18263] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.780757][T18263] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.913568][T18263] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.958481][ T5739] usb 13-1: new full-speed USB device number 3 using dummy_hcd
[  383.987961][ T5998] usb 10-1: new full-speed USB device number 12 using dummy_hcd
[  383.993043][T18263] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.092273][   T59] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.099690][T11186] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  384.117390][T11186] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  384.130011][ T5739] usb 13-1: config 0 has no interfaces?
[  384.130838][T11186] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.139661][ T5739] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  384.142645][ T5739] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  384.146223][ T5739] usb 13-1: Product: syz
[  384.148639][ T5739] usb 13-1: Manufacturer: syz
[  384.150669][ T5739] usb 13-1: SerialNumber: syz
[  384.153525][ T5739] usb 13-1: config 0 descriptor??
[  384.168383][ T5998] usb 10-1: config 0 has no interfaces?
[  384.172772][ T5998] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  384.176132][ T5998] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  384.186747][ T5998] usb 10-1: Product: syz
[  384.188524][ T5998] usb 10-1: Manufacturer: syz
[  384.190098][ T5998] usb 10-1: SerialNumber: syz
[  384.193673][ T5998] usb 10-1: config 0 descriptor??
[  384.200885][T18276] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4043'.
[  384.239770][T18278] syzkaller0: entered promiscuous mode
[  384.241852][T18278] syzkaller0: entered allmulticast mode
[  384.366666][ T5998] usb 13-1: USB disconnect, device number 3
[  384.406674][T18198] usb 10-1: USB disconnect, device number 12
[  384.548258][T18287] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  384.550293][T18287] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  384.552489][T18287] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  384.554622][T18287] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  384.556633][T18287] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  384.603903][T18289] rtc_cmos 00:05: Alarms can be up to one day in the future
[  384.822848][ T9470] rtc_cmos 00:05: Alarms can be up to one day in the future
[  384.827032][ T9470] rtc_cmos 00:05: Alarms can be up to one day in the future
[  384.838628][ T9470] rtc_cmos 00:05: Alarms can be up to one day in the future
[  384.841936][ T9470] rtc_cmos 00:05: Alarms can be up to one day in the future
[  384.844540][ T9470] rtc rtc0: __rtc_set_alarm: err=-22
[  384.864532][T18301] syzkaller0: entered promiscuous mode
[  384.866682][T18301] syzkaller0: entered allmulticast mode
[  385.179459][T18317] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  385.181877][T18317] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  385.183996][T18317] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  385.186281][T18317] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  385.190531][T18317] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  385.224643][T18324] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.322852][T18324] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.351242][T18330] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4065'.
[  385.355094][T18330] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4065'.
[  385.360642][T18330] syzkaller0: entered promiscuous mode
[  385.363107][T18330] syzkaller0: entered allmulticast mode
[  385.392948][T18324] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.500323][T18324] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.606347][   T59] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  385.616323][   T59] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  385.624979][T11186] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  385.633632][T11186] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.059807][ T5930] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  386.065548][ T5930] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  386.069985][ T5930] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  386.073892][ T5930] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  386.077658][ T5930] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  386.118270][T18343] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  386.122557][T18343] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  386.124655][T18343] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  386.126685][T18343] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  386.129067][T18343] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  386.131351][T18343] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  386.133840][T18343] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  386.146224][T18343] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  386.241423][T18344] chnl_net:caif_netlink_parms(): no params data found
[  386.297473][T18344] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.300369][T18344] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.303435][T18344] bridge_slave_0: entered allmulticast mode
[  386.307193][T18344] bridge_slave_0: entered promiscuous mode
[  386.311948][T18344] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.315015][T18344] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.318162][T18344] bridge_slave_1: entered allmulticast mode
[  386.321869][T18344] bridge_slave_1: entered promiscuous mode
[  386.358246][T18344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.364952][T18344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.389883][T18344] team0: Port device team_slave_0 added
[  386.393204][T18344] team0: Port device team_slave_1 added
[  386.407224][T18344] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.409880][T18344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.418473][T18344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.422849][T18344] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.425177][T18344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.433959][T18344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.457310][T18344] hsr_slave_0: entered promiscuous mode
[  386.459916][T18344] hsr_slave_1: entered promiscuous mode
[  386.462098][T18344] debugfs: 'hsr0' already exists in 'hsr'
[  386.463971][T18344] Cannot create hsr debugfs directory
[  386.896787][T18344] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  386.901431][T18344] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  386.906055][T18344] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  386.911572][T18344] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  386.981252][T18344] 8021q: adding VLAN 0 to HW filter on device bond0
[  386.994424][T18344] 8021q: adding VLAN 0 to HW filter on device team0
[  387.003781][T11186] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.006294][T11186] bridge0: port 1(bridge_slave_0) entered forwarding state
[  387.014385][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.017510][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  387.153397][T18344] 8021q: adding VLAN 0 to HW filter on device batadv0
[  387.317618][T18344] veth0_vlan: entered promiscuous mode
[  387.324939][T18344] veth1_vlan: entered promiscuous mode
[  387.341351][T18344] veth0_macvtap: entered promiscuous mode
[  387.345343][T18344] veth1_macvtap: entered promiscuous mode
[  387.354468][T18344] batman_adv: batadv0: Interface activated: batadv_slave_0
[  387.360925][T18344] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.367045][   T59] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.372472][   T59] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.375783][   T59] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.379341][   T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.420863][T18381] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  387.447916][T11196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.450256][T11196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.463518][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.465967][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.516736][ T5930] Bluetooth: hci1: ACL packet too small
[  387.584896][T18394] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  387.610270][T18390] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  387.612981][T18390] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  387.615709][T18390] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  387.629652][T18390] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  387.632177][T18390] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  387.660293][T18397] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.750120][T18397] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.779659][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x7
[  387.782385][ T5973] hid-generic 0000:0000:0000.0007: ignoring exceeding usage max
[  387.785585][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.788520][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.791587][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.794134][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.797616][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.800995][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.803859][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.806590][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.809125][ T5973] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  387.820581][ T5973] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  387.846944][T18397] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.990611][T18397] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.046041][   T40] audit: type=1326 audit(1772357311.215:5897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.054625][   T40] audit: type=1326 audit(1772357311.215:5898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.062437][   T40] audit: type=1326 audit(1772357311.215:5899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.071814][   T40] audit: type=1326 audit(1772357311.215:5900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.085153][   T40] audit: type=1326 audit(1772357311.215:5901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.092996][   T40] audit: type=1326 audit(1772357311.225:5902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.106691][   T40] audit: type=1326 audit(1772357311.225:5903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.117070][   T40] audit: type=1326 audit(1772357311.225:5904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.127543][   T40] audit: type=1326 audit(1772357311.225:5905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.2.4085" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f9dd4d9c799 code=0x7ffc0000
[  388.137700][   T40] audit: type=1400 audit(1772357311.225:5906): avc:  denied  { mounton } for  pid=18399 comm="syz.2.4085" path="/syzcgroup/unified/syz2" dev="cgroup2" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  388.725409][T18421] fuse: Bad value for 'fd'
[  388.759507][T18425] syzkaller0: entered promiscuous mode
[  388.761967][T18425] syzkaller0: entered allmulticast mode
[  388.911941][T18427] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  388.914389][T18427] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  388.919097][T18427] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  388.922274][T18427] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  388.924873][T18427] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  389.074873][T18432] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4095'.
[  389.077951][T18432] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4095'.
[  389.081519][T18432] syzkaller0: entered promiscuous mode
[  389.083348][T18432] syzkaller0: entered allmulticast mode
[  389.306158][T18443] fuse: Bad value for 'fd'
[  389.791830][   T46] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  389.800454][   T46] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  389.808929][T11185] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  389.822693][T11185] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  389.883745][T18453] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4105'.
[  390.862443][T18472] syzkaller0: entered promiscuous mode
[  390.865074][T18472] syzkaller0: entered allmulticast mode
[  390.968004][ T5940] Bluetooth: hci1: command 0x041b tx timeout
[  390.968112][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  390.969660][T17913] Bluetooth: hci3: command 0x040f tx timeout
[  390.970847][ T5284] Bluetooth: hci5: command 0x0c1a tx timeout
[  390.971760][ T5930] Bluetooth: hci0: command 0x0401 tx timeout
[  391.390201][T18480] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.473663][T18480] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.544207][T18480] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.614699][T18480] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.048103][T17914] Bluetooth: hci4: command 0x0c1a tx timeout
[  393.050993][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  394.339051][T18545] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4142'.
[  394.341955][T18545] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4142'.
[  394.346958][T18545] syzkaller0: entered promiscuous mode
[  394.350591][T18545] syzkaller0: entered allmulticast mode
[  394.438152][   T29] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  394.553423][  T648] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.562158][  T648] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.569726][  T648] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.578171][  T648] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.597914][   T29] usb 7-1: Using ep0 maxpacket: 32
[  394.600854][   T29] usb 7-1: config 0 has no interfaces?
[  394.604269][   T29] usb 7-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  394.607295][   T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.610475][   T29] usb 7-1: Product: syz
[  394.612009][   T29] usb 7-1: Manufacturer: syz
[  394.613594][   T29] usb 7-1: SerialNumber: syz
[  394.616561][   T29] usb 7-1: config 0 descriptor??
[  394.822128][ T1457] usb 7-1: USB disconnect, device number 21
[  395.128172][T17914] Bluetooth: hci4: command 0x0c1a tx timeout
[  395.130237][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  395.281318][T18554] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4146'.
[  395.284352][T18554] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4146'.
[  395.398779][T18563] input: syz0 as /devices/virtual/input/input11
[  395.489602][T18567] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4152'.
[  395.493303][T18567] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4152'.
[  395.497115][T18567] syzkaller0: entered promiscuous mode
[  395.500339][T18567] syzkaller0: entered allmulticast mode
[  395.642946][T18577] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.712301][T18577] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.732259][T18580] 9p: Bad value for 'rfdno'
[  395.771998][T18577] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.815846][T18577] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.889164][  T648] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.899314][  T648] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.906959][  T648] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.914746][  T648] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  396.393828][T18585] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4158'.
[  396.397989][T18585] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4158'.
[  396.405809][T18574] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  396.742854][T18476] Bluetooth: hci3: unexpected event for opcode 0x1005
[  397.208318][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  397.208363][T17914] Bluetooth: hci4: command 0x0c1a tx timeout
[  397.282480][T18635] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.345735][T18635] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.434267][T18635] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.533059][T18635] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.566178][T18638] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4182'.
[  397.569288][T18638] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4182'.
[  397.573404][T18638] syzkaller0: entered promiscuous mode
[  397.575284][T18638] syzkaller0: entered allmulticast mode
[  397.618015][T17914] Bluetooth: hci0: command 0x0401 tx timeout
[  397.672677][   T46] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.683095][  T648] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.693251][  T648] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.701478][  T648] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  397.974829][T18665] syzkaller0: entered promiscuous mode
[  397.977162][T18665] syzkaller0: entered allmulticast mode
[  398.118926][T18667] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  398.121046][T18667] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  398.123319][T18667] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  398.125412][T18667] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  398.133690][T18667] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  398.530600][T18680] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.681429][T18680] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.847637][T18680] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.943217][T18680] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.040806][  T648] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.057789][  T648] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.069323][T18698] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  399.071924][T18698] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  399.074317][T18698] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  399.078126][T18698] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  399.081014][T18698] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  399.083702][  T648] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.090962][  T648] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.146034][T18705] syzkaller0: entered promiscuous mode
[  399.148015][T18705] syzkaller0: entered allmulticast mode
[  399.169269][T18707] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.282106][T18707] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.395698][T18707] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.448039][   T29] usb 7-1: new full-speed USB device number 22 using dummy_hcd
[  399.494125][T18707] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.600267][   T29] usb 7-1: config 0 has no interfaces?
[  399.600796][T18721] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.603806][   T29] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  399.610006][   T29] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  399.612775][   T29] usb 7-1: Product: syz
[  399.614273][   T29] usb 7-1: Manufacturer: syz
[  399.615850][   T29] usb 7-1: SerialNumber: syz
[  399.621232][   T29] usb 7-1: config 0 descriptor??
[  399.672268][T18721] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.763004][T18721] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.841466][T18721] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.924232][T11185] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.937498][   T59] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.946907][   T59] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.956986][   T59] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  400.189704][T18730] __nla_validate_parse: 4 callbacks suppressed
[  400.189716][T18730] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4219'.
[  400.278324][T18728] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  400.280676][T18728] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  400.283407][T18728] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  400.285666][T18728] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  400.287678][T18728] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  401.463447][T18759] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  401.466492][T18759] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  401.471211][T18759] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  401.473351][T18759] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  401.476991][T18759] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  401.670774][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  401.670810][   T40] audit: type=1400 audit(1772357324.845:5910): avc:  denied  { execute } for  pid=18755 comm="syz.8.4229" path="/dev/audio1" dev="devtmpfs" ino=1323 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  401.849079][T18768] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4232'.
[  401.852209][T18768] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4232'.
[  401.856008][T18768] syzkaller0: entered promiscuous mode
[  401.860145][T18768] syzkaller0: entered allmulticast mode
[  402.370822][T18784] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4238'.
[  402.373944][T18784] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4238'.
[  402.378482][T18784] syzkaller0: entered promiscuous mode
[  402.380357][T18784] syzkaller0: entered allmulticast mode
[  402.588128][T18790] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  402.590649][T18790] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  402.593152][T18790] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  402.595300][T18790] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  402.597386][T18790] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  402.604603][T18476] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  402.672097][T18799] syzkaller0: entered promiscuous mode
[  402.674169][T18799] syzkaller0: entered allmulticast mode
[  404.181403][T11180] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.191063][T11180] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.200885][T11180] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.211198][T11180] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  404.227313][ T6448] usb 7-1: USB disconnect, device number 22
[  404.578035][T18833] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  404.580347][T18833] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  404.582630][T18833] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  404.584899][T18833] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  404.587108][T18833] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  404.799816][T18843] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.891649][T18843] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.951784][T18843] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.012666][T18843] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.089465][   T46] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.098791][   T46] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.106187][   T46] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.116717][   T46] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.220571][T18850] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4261'.
[  405.224141][T18850] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4261'.
[  405.228203][T18850] syzkaller0: entered promiscuous mode
[  405.230123][T18850] syzkaller0: entered allmulticast mode
[  405.350509][T18855] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4264'.
[  405.353549][T18855] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4264'.
[  405.357503][T18855] syzkaller0: entered promiscuous mode
[  405.359437][T18855] syzkaller0: entered allmulticast mode
[  406.648048][T17914] Bluetooth: hci4: command 0x0c1a tx timeout
[  406.648210][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  406.650253][T17913] Bluetooth: hci5: command 0x0c1a tx timeout
[  406.650293][T17913] Bluetooth: hci0: command 0x0401 tx timeout
[  406.650543][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  406.778303][T18936] binder_alloc: 18935: binder_alloc_buf, no vma
[  407.838550][T18957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4306'.
[  407.841615][T18957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4306'.
[  407.846037][T18957] syzkaller0: entered promiscuous mode
[  407.850202][T18957] syzkaller0: entered allmulticast mode
[  407.896492][T18961] fuse: Bad value for 'group_id'
[  407.898422][T18961] fuse: Bad value for 'group_id'
[  407.932632][T18964] binder_alloc: 18963: binder_alloc_buf, no vma
[  408.172439][T18971] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4310'.
[  408.175454][T18971] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4310'.
[  408.179321][T18971] syzkaller0: entered promiscuous mode
[  408.181420][T18971] syzkaller0: entered allmulticast mode
[  408.479045][T18981] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.574741][T18981] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.641319][T18981] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.682226][T18981] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.728096][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  408.728140][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  408.758882][   T46] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  408.768154][   T24] usb 10-1: new full-speed USB device number 13 using dummy_hcd
[  408.772012][   T46] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  408.774737][   T46] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  408.784874][   T46] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.919498][   T24] usb 10-1: config 0 has no interfaces?
[  408.923798][   T24] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  408.927651][   T24] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  408.931831][   T24] usb 10-1: Product: syz
[  408.933939][   T24] usb 10-1: Manufacturer: syz
[  408.936173][   T24] usb 10-1: SerialNumber: syz
[  408.942847][   T24] usb 10-1: config 0 descriptor??
[  409.158740][T18283] usb 10-1: USB disconnect, device number 13
[  409.353768][T18991] binder_alloc: 18990: binder_alloc_buf, no vma
[  409.417706][T18995] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4319'.
[  409.420894][T18995] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4319'.
[  409.425066][T18995] syzkaller0: entered promiscuous mode
[  409.426979][T18995] syzkaller0: entered allmulticast mode
[  410.642079][T19022] fuse: Bad value for 'group_id'
[  410.643869][T19022] fuse: Bad value for 'group_id'
[  410.734896][T19029] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.802921][T19029] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.808266][T17914] Bluetooth: hci4: command 0x0c1a tx timeout
[  410.810405][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  410.863677][T19029] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.932564][T19029] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.028076][T18283] usb 10-1: new full-speed USB device number 14 using dummy_hcd
[  411.189857][T18283] usb 10-1: config 0 has no interfaces?
[  411.202145][T18283] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  411.205697][T18283] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  411.208776][T18283] usb 10-1: Product: syz
[  411.210536][T18283] usb 10-1: Manufacturer: syz
[  411.212222][T18283] usb 10-1: SerialNumber: syz
[  411.215325][T18283] usb 10-1: config 0 descriptor??
[  412.556132][T11180] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  412.564662][T11196] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  412.572871][T11196] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  412.581857][T11196] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  412.639083][T13858] usb 10-1: USB disconnect, device number 14
[  412.896268][ T5284] Bluetooth: hci1: command 0x041b tx timeout
[  412.898026][T18476] Bluetooth: hci4: command 0x0c1a tx timeout
[  413.298339][T19078] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.365899][T19078] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.460735][T19078] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.525957][T19078] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.693800][  T648] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  413.697073][  T648] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  413.700052][  T648] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  413.702967][  T648] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  414.605348][T19104] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4357'.
[  414.608452][T19104] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4357'.
[  414.612184][T19104] syzkaller0: entered promiscuous mode
[  414.614053][T19104] syzkaller0: entered allmulticast mode
[  414.681357][T19109] binder: BINDER_SET_CONTEXT_MGR already set
[  414.683374][T19109] binder: 19108:19109 ioctl 4018620d 200000004a80 returned -16
[  414.803961][T19117] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4364'.
[  414.808949][T19117] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4364'.
[  414.818809][T19117] syzkaller0: entered promiscuous mode
[  414.821599][T19117] syzkaller0: entered allmulticast mode
[  415.350336][T19135] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4370'.
[  415.354487][T19135] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4370'.
[  415.361737][T19135] syzkaller0: entered promiscuous mode
[  415.364261][T19135] syzkaller0: entered allmulticast mode
[  415.615431][T19139] binder: BINDER_SET_CONTEXT_MGR already set
[  415.617623][T19139] binder: 19138:19139 ioctl 4018620d 200000004a80 returned -16
[  415.803586][T19146] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4373'.
[  416.918605][T19151] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  416.926087][T19151] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  416.929933][T19151] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  416.932143][T19151] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  416.934692][T19151] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  417.586583][   T40] audit: type=1400 audit(1772357340.755:5911): avc:  denied  { node_bind } for  pid=19172 comm="syz.5.4383" saddr=ff01::1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  417.920469][T19180] kvm: user requested TSC rate below hardware speed
[  417.947382][T19180] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  418.135409][T19186] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  418.137504][T19186] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  418.147583][T19186] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  418.156010][T19186] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  418.168223][T19186] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  418.545601][T19215] fuse: Unknown parameter 'grou00000000000000000000'
[  419.675244][   T59] bond3 (unregistering): (slave .`): Releasing active interface
[  419.680237][   T59] .` (unregistering): Released all slaves
[  419.704547][   T59] bond1 (unregistering): Released all slaves
[  419.717090][   T59] bond2 (unregistering): Released all slaves
[  419.729266][   T59] bond3 (unregistering): Released all slaves
[  419.746457][T19248] fuse: Unknown parameter 'grou00000000000000000000'
[  419.765548][T19242] syzkaller0: entered promiscuous mode
[  419.767415][T19242] syzkaller0: entered allmulticast mode
[  420.168169][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  420.168198][T17914] Bluetooth: hci5: command 0x0c1a tx timeout
[  420.170673][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  420.175016][T18476] Bluetooth: hci4: command 0x0c1a tx timeout
[  420.248091][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  421.618767][T19217] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  421.703709][T19274] fuse: Unknown parameter 'group_i00000000000000000000'
[  421.717550][T19268] delete_channel: no stack
[  421.795931][   T59] hsr_slave_0: left promiscuous mode
[  421.799246][   T59] hsr_slave_1: left promiscuous mode
[  422.101394][T19293] syzkaller0: entered promiscuous mode
[  422.103277][T19293] syzkaller0: entered allmulticast mode
[  422.202134][T19306] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19306 comm=syz.3.4425
[  423.924231][T19312] fuse: Unknown parameter 'group_i00000000000000000000'
[  423.966361][   T59] IPVS: stop unused estimator thread 0...
[  423.992575][T19317] binder: BINDER_SET_CONTEXT_MGR already set
[  423.995127][T19317] binder: 19316:19317 ioctl 4018620d 200000004a80 returned -16
[  424.993651][T19296] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  425.076704][T19336] fuse: Unknown parameter 'group_i00000000000000000000'
[  425.082780][T19334] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4436'.
[  425.095590][T19334] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4436'.
[  425.100911][T19334] syzkaller0: entered promiscuous mode
[  425.102782][T19334] syzkaller0: entered allmulticast mode
[  425.371821][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  425.629006][T19362] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4445'.
[  425.632113][T19362] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4445'.
[  425.635672][T19362] syzkaller0: entered promiscuous mode
[  425.637543][T19362] syzkaller0: entered allmulticast mode
[  426.246862][T19393] fuse: Unknown parameter 'group_id00000000000000000000'
[  426.835550][T19413] fuse: Unknown parameter 'group_id00000000000000000000'
[  427.362707][T19432] loop5: detected capacity change from 0 to 7
[  427.368525][T19351] Dev loop5: unable to read RDB block 7
[  427.371297][T19351]  loop5: AHDI p1
[  427.373131][T19351] loop5: partition table partially beyond EOD, truncated
[  427.379693][T19432] Dev loop5: unable to read RDB block 7
[  427.382267][T19432]  loop5: AHDI p1
[  427.384123][T19432] loop5: partition table partially beyond EOD, truncated
[  427.397366][T19434] tipc: Started in network mode
[  427.400052][T19434] tipc: Node identity 4e54a2aa1f51, cluster identity 4711
[  427.403296][T19434] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  427.407423][T19434] syzkaller0: entered promiscuous mode
[  427.410502][T19434] syzkaller0: entered allmulticast mode
[  427.420837][T19434] tipc: Resetting bearer <eth:syzkaller0>
[  427.423410][T19434] syzkaller0: tun_net_xmit 90
[  427.427588][T19433] tipc: Resetting bearer <eth:syzkaller0>
[  427.449059][T19433] tipc: Disabling bearer <eth:syzkaller0>
[  427.488575][T19432] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4472'.
[  427.516685][ T5333] Dev loop5: unable to read RDB block 7
[  427.539881][ T5333]  loop5: AHDI p1
[  427.541549][ T5333] loop5: partition table partially beyond EOD, truncated
[  427.626560][ T5333] Dev loop5: unable to read RDB block 7
[  427.635690][ T5333]  loop5: AHDI p1
[  427.636969][ T5333] loop5: partition table partially beyond EOD, truncated
[  427.710062][ T5333] Dev loop5: unable to read RDB block 7
[  427.712221][ T5333]  loop5: AHDI p1
[  427.713467][ T5333] loop5: partition table partially beyond EOD, truncated
[  428.003645][T19461] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19461 comm=syz.5.4483
[  428.581042][T19465] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4485'.
[  428.588000][T19465] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4485'.
[  428.595902][T19465] syzkaller0: entered promiscuous mode
[  428.605291][T19465] syzkaller0: entered allmulticast mode
[  428.762096][T19469] fuse: Bad value for 'user_id'
[  428.763751][T19469] fuse: Bad value for 'user_id'
[  429.131849][T19486] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  429.134503][T19486] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  429.136734][T19486] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  429.148224][T19486] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  429.158144][T19486] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  429.819416][T19503] fuse: Bad value for 'user_id'
[  429.821665][T19503] fuse: Bad value for 'user_id'
[  429.875511][T19507] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4499'.
[  429.879833][T19507] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4499'.
[  429.884629][T19507] syzkaller0: entered promiscuous mode
[  429.887043][T19507] syzkaller0: entered allmulticast mode
[  430.048756][T19513] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  430.056167][T19513] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  430.061418][T19513] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  430.064392][T19513] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  430.067330][T19513] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  430.266185][T19523] fuse: Bad value for 'fd'
[  431.390581][T19561] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4521'.
[  431.395312][T19561] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4521'.
[  431.402788][T19561] syzkaller0: entered promiscuous mode
[  431.404968][T19561] syzkaller0: entered allmulticast mode
[  431.978497][T19578] tipc: Started in network mode
[  431.980725][T19578] tipc: Node identity 86f8ce26796c, cluster identity 4711
[  431.984027][T19578] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  431.988528][T19578] syzkaller0: entered promiscuous mode
[  431.990437][T19578] syzkaller0: entered allmulticast mode
[  431.997271][T19578] tipc: Resetting bearer <eth:syzkaller0>
[  431.999778][T19578] syzkaller0: tun_net_xmit 90
[  432.001442][T19579] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19579 comm=syz.8.4524
[  432.006082][T19577] tipc: Resetting bearer <eth:syzkaller0>
[  432.017197][T19577] tipc: Disabling bearer <eth:syzkaller0>
[  432.088043][ T5284] Bluetooth: hci0: command 0x0401 tx timeout
[  432.098045][ T5284] Bluetooth: hci1: command 0x041b tx timeout
[  432.101073][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  432.103804][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  432.106546][ T5284] Bluetooth: hci5: command 0x0c1a tx timeout
[  432.248323][T18476] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  432.250853][ T5940] Bluetooth: hci2: command 0x1003 tx timeout
[  432.364159][T19590] binder: 19589:19590 ioctl 4018620d 0 returned -22
[  433.372302][T19620] lo: entered allmulticast mode
[  433.376835][T19620] tunl0: entered allmulticast mode
[  433.382715][T19620] gre0: entered allmulticast mode
[  433.390603][T19620] gretap0: entered allmulticast mode
[  433.401295][T19620] bridge0: port 3(erspan0) entered disabled state
[  433.403721][T19620] ip_vti0: entered allmulticast mode
[  433.406521][T19620] ip6_vti0: entered allmulticast mode
[  433.409635][T19620] sit0: entered allmulticast mode
[  433.413215][T19620] ip6tnl0: entered allmulticast mode
[  433.416217][T19620] ip6gre0: entered allmulticast mode
[  433.419747][T19620] syz_tun: entered allmulticast mode
[  433.423927][T19620] ip6gretap0: entered allmulticast mode
[  433.427273][T19620] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.429988][T19620] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.433929][T19620] bridge0: entered allmulticast mode
[  433.437188][T19620] vcan0: entered allmulticast mode
[  433.439918][T19620] bond0: entered allmulticast mode
[  433.441655][T19620] bond_slave_0: entered allmulticast mode
[  433.443500][T19620] bond_slave_1: entered allmulticast mode
[  433.446950][T19620] team0: entered allmulticast mode
[  433.451215][T19620] team_slave_0: entered allmulticast mode
[  433.453135][T19620] team_slave_1: entered allmulticast mode
[  433.456377][T19620] dummy0: entered allmulticast mode
[  433.460757][T19620] nlmon0: entered allmulticast mode
[  433.463326][T19620] caif0: entered allmulticast mode
[  433.465196][T19620] batadv0: entered allmulticast mode
[  433.468371][T19620] vxcan0: entered allmulticast mode
[  433.470732][T19620] vxcan1: entered allmulticast mode
[  433.473069][T19620] veth0: entered allmulticast mode
[  433.476062][T19620] veth1: entered allmulticast mode
[  433.481971][T19620] wg0: entered allmulticast mode
[  433.484933][T19620] wg1: entered allmulticast mode
[  433.488062][T19620] wg2: entered allmulticast mode
[  433.490633][T19620] veth0_to_bridge: entered allmulticast mode
[  433.495755][T19620] veth1_to_bridge: entered allmulticast mode
[  433.501162][T19620] veth0_to_bond: entered allmulticast mode
[  433.504840][T19620] veth1_to_bond: entered allmulticast mode
[  433.508632][T19620] veth0_to_team: entered allmulticast mode
[  433.513294][T19620] veth1_to_team: entered allmulticast mode
[  433.519734][T19620] veth0_to_batadv: entered allmulticast mode
[  433.523000][T19620] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  433.525524][T19620] batadv_slave_0: entered allmulticast mode
[  433.530777][T19620] veth1_to_batadv: entered allmulticast mode
[  433.534091][T19620] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  433.536530][T19620] batadv_slave_1: entered allmulticast mode
[  433.539746][T19620] xfrm0: entered allmulticast mode
[  433.542577][T19620] veth0_to_hsr: entered allmulticast mode
[  433.545745][T19620] hsr_slave_0: entered allmulticast mode
[  433.548493][T19620] veth1_to_hsr: entered allmulticast mode
[  433.551484][T19620] hsr_slave_1: entered allmulticast mode
[  433.554345][T19620] hsr0: entered allmulticast mode
[  433.557221][T19620] veth1_virt_wifi: entered allmulticast mode
[  433.560727][T19620] veth0_virt_wifi: entered allmulticast mode
[  433.563830][T19620] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  433.566393][T19620] veth1_vlan: entered allmulticast mode
[  433.569580][T19620] veth0_vlan: entered allmulticast mode
[  433.576190][T19620] vlan0: entered allmulticast mode
[  433.579323][T19620] vlan1: entered allmulticast mode
[  433.581376][T19620] macvlan0: entered allmulticast mode
[  433.584529][T19620] macvlan1: entered allmulticast mode
[  433.587407][T19620] ipvlan0: entered allmulticast mode
[  433.589297][T19620] ipvlan1: entered allmulticast mode
[  433.591187][T19620] veth1_macvtap: entered allmulticast mode
[  433.594323][T19620] veth0_macvtap: entered allmulticast mode
[  433.598543][T19620] macvtap0: entered allmulticast mode
[  433.602017][T19620] macsec0: entered allmulticast mode
[  433.605388][T19620] geneve0: entered allmulticast mode
[  433.613103][T19620] geneve1: entered allmulticast mode
[  433.617612][T19620] mac80211_hwsim hwsim31 wlan0: entered allmulticast mode
[  433.621467][T19620] mac80211_hwsim hwsim32 wlan1: entered allmulticast mode
[  433.624729][T19620] netdevsim netdevsim8 eth0: entered allmulticast mode
[  433.627941][T19620] netdevsim netdevsim8 eth1: entered allmulticast mode
[  433.631064][T19620] netdevsim netdevsim8 eth2: entered allmulticast mode
[  433.634214][T19620] netdevsim netdevsim8 eth3: entered allmulticast mode
[  433.662637][T19621] can0: slcan on ptm0.
[  433.968678][T19600] can0 (unregistered): slcan off ptm0.
[  434.067565][T19638] fuse: Bad value for 'fd'
[  434.443622][T19662] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4554'.
[  434.477953][T19663] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19663 comm=syz.2.4549
[  434.560104][T19665] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  434.567120][T19665] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  434.574284][T19665] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  434.579903][T19665] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  434.587002][T19665] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  434.817001][T19671] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4558'.
[  434.820344][T19671] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4558'.
[  434.823937][T19671] syzkaller0: entered promiscuous mode
[  434.825846][T19671] syzkaller0: entered allmulticast mode
[  435.076543][T19680] binder: 19679:19680 ioctl 4018620d 0 returned -22
[  435.520004][T19705] binder: BINDER_SET_CONTEXT_MGR already set
[  435.522726][T19705] binder: 19703:19705 ioctl 4018620d 200000004a80 returned -16
[  435.610519][T19711] tipc: Started in network mode
[  435.612802][T19711] tipc: Node identity 6242c3c70f59, cluster identity 4711
[  435.615569][T19711] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  435.621764][T19711] syzkaller0: entered promiscuous mode
[  435.623886][T19711] syzkaller0: entered allmulticast mode
[  435.634201][T19711] tipc: Resetting bearer <eth:syzkaller0>
[  435.638196][T19709] tipc: Resetting bearer <eth:syzkaller0>
[  435.653106][T19709] tipc: Disabling bearer <eth:syzkaller0>
[  435.942216][T19717] block nbd2: shutting down sockets
[  436.339961][   T34] kernel read not supported for file /vcs (pid: 34 comm: kworker/3:0)
[  436.567955][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  436.570185][T18476] Bluetooth: hci5: command 0x0c1a tx timeout
[  436.648204][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout
[  436.650429][ T5940] Bluetooth: hci3: command 0x040f tx timeout
[  436.652444][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  436.918268][T19734] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  436.921047][T19734] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  436.924246][T19734] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  436.927226][T19734] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  436.931073][T19734] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  437.026161][T19746] binder: BINDER_SET_CONTEXT_MGR already set
[  437.028383][T19746] binder: 19745:19746 ioctl 4018620d 200000004a80 returned -16
[  437.203762][   T40] audit: type=1400 audit(1772357360.375:5912): avc:  denied  { mounton } for  pid=19753 comm="syz.5.4592" path="/139/file0" dev="tmpfs" ino=769 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  437.644022][T19772] binder: 19771:19772 ioctl c0306201 0 returned -14
[  437.769159][T19774] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  437.771647][T19774] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  437.774684][T19774] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  437.777294][T19774] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  437.779727][T19774] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  437.795049][T19779] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  438.297369][T19802] binder: 19801:19802 ioctl c0306201 0 returned -14
[  438.841214][T19810] syzkaller0: entered promiscuous mode
[  438.843056][T19810] syzkaller0: entered allmulticast mode
[  439.841899][T19823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4614'.
[  439.858028][ T5284] Bluetooth: hci1: command 0x041b tx timeout
[  439.861381][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  439.864530][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  439.867550][ T5284] Bluetooth: hci5: command 0x0c1a tx timeout
[  439.870205][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  441.330152][T19846] block nbd5: shutting down sockets
[  441.379840][T19854] fuse: Bad value for 'fd'
[  441.444253][T19858] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19858 comm=syz.5.4628
[  441.534863][T19861] fuse: Bad value for 'fd'
[  441.927933][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  442.080274][T19845] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  442.082754][T19845] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  442.085141][T19845] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  442.087481][T19845] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  442.090030][T19845] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  442.212266][T19869] syzkaller0: entered promiscuous mode
[  442.214176][T19869] syzkaller0: entered allmulticast mode
[  442.381728][T19877] block nbd8: shutting down sockets
[  442.471598][T19892] fuse: Bad value for 'rootmode'
[  443.447987][T18476] Bluetooth: hci0: command 0x0401 tx timeout
[  444.023943][T19900] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  444.088735][T18476] Bluetooth: hci4: command 0x0c1a tx timeout
[  444.088776][T17914] Bluetooth: hci3: command 0x040f tx timeout
[  444.088799][ T5284] Bluetooth: hci5: command 0x0c1a tx timeout
[  444.128844][T19894] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  444.131446][T19894] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  444.133522][T19894] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  444.135572][T19894] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  444.137800][T19894] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  444.279557][T19933] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.442639][T19933] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.512588][T19933] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.574133][T19933] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.607979][ T5739] usb 10-1: new full-speed USB device number 15 using dummy_hcd
[  444.650531][T11180] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.666859][T11180] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.678767][T11180] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.690541][T11180] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.759829][ T5739] usb 10-1: config 0 has no interfaces?
[  444.764577][ T5739] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  444.768671][ T5739] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  444.772356][ T5739] usb 10-1: Product: syz
[  444.774352][ T5739] usb 10-1: Manufacturer: syz
[  444.776438][ T5739] usb 10-1: SerialNumber: syz
[  444.785174][ T5739] usb 10-1: config 0 descriptor??
[  444.978680][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  444.996662][ T6448] usb 10-1: USB disconnect, device number 15
[  445.076037][T19949] syzkaller0: entered promiscuous mode
[  445.080903][T19949] syzkaller0: entered allmulticast mode
[  446.167998][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  446.168042][T17914] Bluetooth: hci3: command 0x040f tx timeout
[  446.168086][ T5940] Bluetooth: hci5: command 0x0c1a tx timeout
[  446.168111][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  446.170096][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  446.775103][T19964] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  446.848383][T19955] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  446.851315][T19955] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  446.854131][T19955] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  446.856976][T19955] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  446.859957][T19955] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  447.243745][T19979] fuse: Unknown parameter 'use00000000000000000000'
[  448.622403][T19988] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  448.626026][T19988] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  448.628406][T19988] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  448.630574][T19988] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  448.632583][T19988] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  448.637159][T19988] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  448.663846][ T5284] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  448.679175][T20008] fuse: Unknown parameter 'user_i00000000000000000000'
[  449.945536][ T5284] Bluetooth: hci0: command 0x0401 tx timeout
[  450.648024][ T5284] Bluetooth: hci5: command 0x0c1a tx timeout
[  450.648047][T18476] Bluetooth: hci3: command 0x040f tx timeout
[  450.657939][T18476] Bluetooth: hci1: command 0x041b tx timeout
[  450.657964][ T5284] Bluetooth: hci4: command 0x0c1a tx timeout
[  450.904726][T20031] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  450.906964][T20031] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  450.909046][T20031] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  450.914386][T20031] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  450.917484][T20031] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  450.919786][T20031] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  450.956618][T20046] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  450.959517][T20046] syzkaller0: entered promiscuous mode
[  450.961509][T20046] syzkaller0: entered allmulticast mode
[  450.965778][T20045] tipc: Resetting bearer <eth:syzkaller0>
[  450.978478][T20045] tipc: Disabling bearer <eth:syzkaller0>
[  451.238025][ T6019] usb 10-1: new full-speed USB device number 16 using dummy_hcd
[  451.399521][ T6019] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  451.403780][ T6019] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  451.408773][ T6019] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  451.411768][ T6019] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.624295][ T6019] usb 10-1: usb_control_msg returned -32
[  451.626256][ T6019] usbtmc 10-1:16.0: can't read capabilities
[  451.818636][T20065] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.871844][T20065] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.937657][T20065] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.044998][T20065] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.146681][T11180] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.156562][T11180] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.164519][T11180] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.173331][T11201] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.759656][T20070] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  452.761847][T20070] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  452.764179][T20070] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  452.766313][T20070] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  452.771042][T20070] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  454.007975][ T6448] usb 13-1: new high-speed USB device number 4 using dummy_hcd
[  454.010676][ T5973] usb 10-1: USB disconnect, device number 16
[  454.022630][T20100] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  454.025172][T20100] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  454.042789][T20100] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  454.045092][T20100] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  454.047245][T20100] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  454.167980][ T6448] usb 13-1: Using ep0 maxpacket: 32
[  454.171041][ T6448] usb 13-1: config 0 has an invalid interface number: 1 but max is 0
[  454.173701][ T6448] usb 13-1: config 0 has no interface number 0
[  454.179334][ T6448] usb 13-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  454.182371][ T6448] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.185145][ T6448] usb 13-1: Product: syz
[  454.186548][ T6448] usb 13-1: Manufacturer: syz
[  454.188733][ T6448] usb 13-1: SerialNumber: syz
[  454.191743][ T6448] usb 13-1: config 0 descriptor??
[  454.211646][ T6448] usb 13-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  454.214580][ T6448] usb 13-1: selecting invalid altsetting 1
[  454.221050][ T6448] usb 13-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  454.225971][ T6448] usb 13-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  454.230256][ T6448] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  454.233098][ T6448] usb 13-1: media controller created
[  454.240393][ T6448] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  454.402768][ T6448] usb 13-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  454.405402][ T6448] zl10353_read_register: readreg error (reg=127, ret==-71)
[  454.408644][ T6448] usb 13-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  454.433582][ T6448] usb 13-1: USB disconnect, device number 4
[  455.509340][T20143] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20143 comm=syz.2.4722
[  456.088041][T18476] Bluetooth: hci4: command 0x0c1a tx timeout
[  456.088223][T17913] Bluetooth: hci5: command 0x0c1a tx timeout
[  456.090378][T18476] Bluetooth: hci0: command 0x0401 tx timeout
[  456.090438][ T5284] Bluetooth: hci1: command 0x041b tx timeout
[  456.093410][T17914] Bluetooth: hci3: command 0x040f tx timeout
[  456.637946][ T6019] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  456.796780][T20174] fuse: Bad value for 'fd'
[  456.797945][ T6019] usb 7-1: Using ep0 maxpacket: 32
[  456.803929][ T6019] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  456.807533][ T6019] usb 7-1: config 0 has no interface number 0
[  456.812382][ T6019] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  456.816420][ T6019] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.820818][ T6019] usb 7-1: Product: syz
[  456.822674][ T6019] usb 7-1: Manufacturer: syz
[  456.824772][ T6019] usb 7-1: SerialNumber: syz
[  456.829444][ T6019] usb 7-1: config 0 descriptor??
[  456.838671][ T6019] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  456.842468][ T6019] usb 7-1: selecting invalid altsetting 1
[  456.845178][ T6019] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  456.850644][ T6019] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  456.855258][ T6019] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  456.861523][ T6019] usb 7-1: media controller created
[  456.870267][ T6019] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  457.039581][ T6019] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  457.042785][ T6019] zl10353_read_register: readreg error (reg=127, ret==-71)
[  457.047346][ T6019] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  457.068960][ T6019] usb 7-1: USB disconnect, device number 23
[  457.653475][T20189] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4740'.
[  457.694006][T20189] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  458.197943][T17913] Bluetooth: hci1: command 0x041b tx timeout
[  458.200697][T17913] Bluetooth: hci5: command 0x0c1a tx timeout
[  459.468702][T20211] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(6)
[  459.471711][T20211] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  459.476785][T20211] vhci_hcd vhci_hcd.0: Device attached
[  459.476785][T20209] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  459.476941][T20209] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  459.527329][T20209] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  459.530788][T20209] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  459.560840][T20209] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  459.563656][T20209] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  459.709398][T20212] vhci_hcd: connection closed
[  459.709751][  T648] vhci_hcd vhci_hcd.8: stop threads
[  459.713107][  T648] vhci_hcd vhci_hcd.8: release socket
[  459.715021][  T648] vhci_hcd vhci_hcd.8: disconnect device
[  459.733065][T20219] syzkaller0: entered promiscuous mode
[  459.734924][T20219] syzkaller0: entered allmulticast mode
[  459.757978][T18198] usb 54-1: enqueue for inactive port 0
[  459.808011][ T5739] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  459.848159][T17913] Bluetooth: hci2: command 0x1003 tx timeout
[  459.848492][T17914] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  459.977913][ T5739] usb 10-1: Using ep0 maxpacket: 32
[  459.981215][ T5739] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  459.983915][ T5739] usb 10-1: config 0 has no interface number 0
[  459.987509][ T5739] usb 10-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  459.991159][ T5739] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.993877][ T5739] usb 10-1: Product: syz
[  459.995335][ T5739] usb 10-1: Manufacturer: syz
[  459.997243][ T5739] usb 10-1: SerialNumber: syz
[  460.000562][ T5739] usb 10-1: config 0 descriptor??
[  460.005617][ T5739] usb 10-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  460.009877][ T5739] usb 10-1: selecting invalid altsetting 1
[  460.011894][ T5739] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  460.018574][ T5739] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  460.029000][ T5739] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  460.031761][ T5739] usb 10-1: media controller created
[  460.038508][ T5739] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  460.207553][ T5739] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  460.211218][ T5739] zl10353_read_register: readreg error (reg=127, ret==-71)
[  460.214154][ T5739] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  460.250700][ T5739] usb 10-1: USB disconnect, device number 17
[  460.268741][T18198] usb usb54-port1: attempt power cycle
[  461.547907][ T5284] Bluetooth: hci3: command 0x040f tx timeout
[  461.547980][ T5940] Bluetooth: hci0: command 0x0401 tx timeout
[  461.552753][T17913] Bluetooth: hci5: command 0x0c1a tx timeout
[  461.607933][T17913] Bluetooth: hci1: command 0x041b tx timeout
[  461.610517][T17913] Bluetooth: hci4: command 0x0c1a tx timeout
[  461.698601][T18198] usb usb54-port1: unable to enumerate USB device
[  461.815760][T20271] input: syz0 as /devices/virtual/input/input12
[  462.038001][ T6448] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  462.188188][ T6448] usb 10-1: Using ep0 maxpacket: 32
[  462.191969][ T6448] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  462.194622][ T6448] usb 10-1: config 0 has no interface number 0
[  462.198575][ T6448] usb 10-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  462.201615][ T6448] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.204239][ T6448] usb 10-1: Product: syz
[  462.205656][ T6448] usb 10-1: Manufacturer: syz
[  462.207267][ T6448] usb 10-1: SerialNumber: syz
[  462.210989][ T6448] usb 10-1: config 0 descriptor??
[  462.216109][ T6448] usb 10-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  462.219345][ T6448] usb 10-1: selecting invalid altsetting 1
[  462.221288][ T6448] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  462.225036][ T6448] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  462.229617][ T6448] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  462.232629][ T6448] usb 10-1: media controller created
[  462.239043][ T6448] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  462.418652][ T6448] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  462.421935][ T6448] zl10353_read_register: readreg error (reg=127, ret==-71)
[  462.425017][ T6448] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  462.443543][ T6448] usb 10-1: USB disconnect, device number 18
[  463.351598][T20311] /dev/nullb0: Can't open blockdev
[  463.617965][T17914] Bluetooth: hci3: command 0x040f tx timeout
[  464.049292][T20317] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20317 comm=syz.2.4782
[  464.248313][T17914] ==================================================================
[  464.251170][T17914] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0xe57/0x1050
[  464.253987][T17914] Read of size 8 at addr ffff88802fb69480 by task kworker/u33:3/17914
[  464.258467][T17914] 
[  464.259345][T17914] CPU: 1 UID: 0 PID: 17914 Comm: kworker/u33:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  464.259365][T17914] Tainted: [L]=SOFTLOCKUP
[  464.259370][T17914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  464.259379][T17914] Workqueue: hci5 hci_rx_work
[  464.259402][T17914] Call Trace:
[  464.259406][T17914]  <TASK>
[  464.259411][T17914]  dump_stack_lvl+0x100/0x190
[  464.259431][T17914]  print_report+0x156/0x4c9
[  464.259448][T17914]  ? __virt_addr_valid+0x81/0x620
[  464.259465][T17914]  ? __phys_addr+0xe8/0x180
[  464.259482][T17914]  ? l2cap_connect_cfm+0xe57/0x1050
[  464.259498][T17914]  kasan_report+0xdf/0x1e0
[  464.259516][T17914]  ? l2cap_connect_cfm+0xe57/0x1050
[  464.259546][T17914]  l2cap_connect_cfm+0xe57/0x1050
[  464.259563][T17914]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  464.259581][T17914]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  464.259598][T17914]  le_conn_complete_evt+0x195c/0x1f40
[  464.259698][T17914]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  464.259718][T17914]  hci_le_conn_complete_evt+0x23c/0x3a0
[  464.259736][T17914]  ? skb_pull_data+0x15f/0x1e0
[  464.259753][T17914]  hci_le_meta_evt+0x34a/0x5f0
[  464.259764][T17914]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  464.259782][T17914]  hci_event_packet+0x682/0x11c0
[  464.259799][T17914]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  464.259811][T17914]  ? __pfx_hci_event_packet+0x10/0x10
[  464.259830][T17914]  ? kcov_remote_start+0x384/0x660
[  464.259847][T17914]  hci_rx_work+0x451/0xfc0
[  464.259864][T17914]  process_one_work+0x9d7/0x1920
[  464.259878][T17914]  ? __pfx_process_one_work+0x10/0x10
[  464.259891][T17914]  ? __pfx_hci_rx_work+0x10/0x10
[  464.259908][T17914]  worker_thread+0x5da/0xe40
[  464.259921][T17914]  ? kthread+0x13a/0x450
[  464.259930][T17914]  ? __pfx_worker_thread+0x10/0x10
[  464.259941][T17914]  kthread+0x370/0x450
[  464.259950][T17914]  ? __pfx_kthread+0x10/0x10
[  464.259960][T17914]  ret_from_fork+0x754/0xd80
[  464.259971][T17914]  ? __pfx_ret_from_fork+0x10/0x10
[  464.259982][T17914]  ? __switch_to+0x7b4/0x1120
[  464.259995][T17914]  ? __pfx_kthread+0x10/0x10
[  464.260005][T17914]  ret_from_fork_asm+0x1a/0x30
[  464.260021][T17914]  </TASK>
[  464.260025][T17914] 
[  464.334946][T17914] Allocated by task 17914:
[  464.336980][T17914]  kasan_save_stack+0x30/0x50
[  464.338725][T17914]  kasan_save_track+0x14/0x30
[  464.340417][T17914]  __kasan_kmalloc+0xaa/0xb0
[  464.342056][T17914]  l2cap_chan_create+0x44/0x940
[  464.343819][T17914]  l2cap_sock_alloc.constprop.0+0xf5/0x1e0
[  464.346397][T17914]  l2cap_sock_new_connection_cb+0x101/0x260
[  464.348387][T17914]  l2cap_connect_cfm+0x4e2/0x1050
[  464.350191][T17914]  le_conn_complete_evt+0x195c/0x1f40
[  464.352053][T17914]  hci_le_conn_complete_evt+0x23c/0x3a0
[  464.354255][T17914]  hci_le_meta_evt+0x34a/0x5f0
[  464.355997][T17914]  hci_event_packet+0x682/0x11c0
[  464.357693][T17914]  hci_rx_work+0x451/0xfc0
[  464.359265][T17914]  process_one_work+0x9d7/0x1920
[  464.360961][T17914]  worker_thread+0x5da/0xe40
[  464.362656][T17914]  kthread+0x370/0x450
[  464.364106][T17914]  ret_from_fork+0x754/0xd80
[  464.365751][T17914]  ret_from_fork_asm+0x1a/0x30
[  464.367388][T17914] 
[  464.368252][T17914] Freed by task 20319:
[  464.369660][T17914]  kasan_save_stack+0x30/0x50
[  464.371277][T17914]  kasan_save_track+0x14/0x30
[  464.372998][T17914]  kasan_save_free_info+0x3b/0x70
[  464.374749][T17914]  __kasan_slab_free+0x5f/0x80
[  464.376550][T17914]  kfree+0x1f6/0x6b0
[  464.377878][T17914]  l2cap_chan_put+0x235/0x300
[  464.379443][T17914]  l2cap_sock_cleanup_listen+0x4d/0x2d0
[  464.381327][T17914]  l2cap_sock_release+0x69/0x280
[  464.382966][T17914]  __sock_release+0xb3/0x260
[  464.384721][T17914]  sock_close+0x1c/0x30
[  464.386394][T17914]  __fput+0x3ff/0xb40
[  464.387801][T17914]  task_work_run+0x150/0x240
[  464.389395][T17914]  exit_to_user_mode_loop+0x100/0x4a0
[  464.391151][T17914]  do_syscall_64+0x67c/0xf80
[  464.392679][T17914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.394810][T17914] 
[  464.395590][T17914] The buggy address belongs to the object at ffff88802fb69000
[  464.395590][T17914]  which belongs to the cache kmalloc-2k of size 2048
[  464.400411][T17914] The buggy address is located 1152 bytes inside of
[  464.400411][T17914]  freed 2048-byte region [ffff88802fb69000, ffff88802fb69800)
[  464.405121][T17914] 
[  464.406075][T17914] The buggy address belongs to the physical page:
[  464.408699][T17914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802fb6a000 pfn:0x2fb68
[  464.411960][T17914] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  464.414846][T17914] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  464.417901][T17914] page_type: f5(slab)
[  464.419710][T17914] raw: 00fff00000000240 ffff88801b842f00 ffffea000125bc10 ffff88801b840948
[  464.422614][T17914] raw: ffff88802fb6a000 0000000800080003 00000000f5000000 0000000000000000
[  464.425521][T17914] head: 00fff00000000240 ffff88801b842f00 ffffea000125bc10 ffff88801b840948
[  464.428647][T17914] head: ffff88802fb6a000 0000000800080003 00000000f5000000 0000000000000000
[  464.431902][T17914] head: 00fff00000000003 ffffea0000beda01 00000000ffffffff 00000000ffffffff
[  464.434832][T17914] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  464.437795][T17914] page dumped because: kasan: bad access detected
[  464.440051][T17914] page_owner tracks the page as allocated
[  464.442046][T17914] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 11442, tgid 11442 (syz-executor), ts 214276839031, free_ts 214218612429
[  464.449183][T17914]  post_alloc_hook+0x153/0x170
[  464.450914][T17914]  get_page_from_freelist+0x111d/0x3140
[  464.452861][T17914]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  464.454859][T17914]  new_slab+0xa6/0x6d0
[  464.456258][T17914]  refill_objects+0x26b/0x400
[  464.457865][T17914]  __pcs_replace_empty_main+0x19f/0x600
[  464.459866][T17914]  __kmalloc_cache_noprof+0x493/0x6f0
[  464.461773][T17914]  rtnl_newlink+0x126/0x2380
[  464.463365][T17914]  rtnetlink_rcv_msg+0x95e/0xe90
[  464.465111][T17914]  netlink_rcv_skb+0x159/0x420
[  464.466832][T17914]  netlink_unicast+0x5aa/0x870
[  464.468479][T17914]  netlink_sendmsg+0x8b0/0xda0
[  464.470206][T17914]  __sys_sendto+0x4aa/0x520
[  464.472032][T17914]  __x64_sys_sendto+0xe0/0x1c0
[  464.473762][T17914]  do_syscall_64+0x106/0xf80
[  464.475357][T17914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.477387][T17914] page last free pid 6019 tgid 6019 stack trace:
[  464.479463][T17914]  __free_frozen_pages+0x7e1/0x10d0
[  464.481334][T17914]  qlist_free_all+0x47/0xe0
[  464.482986][T17914]  kasan_quarantine_reduce+0x1a0/0x1f0
[  464.484943][T17914]  __kasan_slab_alloc+0x69/0x90
[  464.486620][T17914]  __kmalloc_node_track_caller_noprof+0x2ba/0x850
[  464.488870][T17914]  kmalloc_reserve+0xe8/0x350
[  464.490507][T17914]  __alloc_skb+0x185/0x710
[  464.492115][T17914]  mld_newpack.isra.0+0x18e/0xa20
[  464.494108][T17914]  add_grhead+0x299/0x340
[  464.495633][T17914]  add_grec+0x1380/0x1920
[  464.497305][T17914]  mld_ifc_work+0x3c5/0xc10
[  464.498983][T17914]  process_one_work+0x9d7/0x1920
[  464.500706][T17914]  worker_thread+0x5da/0xe40
[  464.502344][T17914]  kthread+0x370/0x450
[  464.504230][T17914]  ret_from_fork+0x754/0xd80
[  464.506008][T17914]  ret_from_fork_asm+0x1a/0x30
[  464.507660][T17914] 
[  464.508541][T17914] Memory state around the buggy address:
[  464.510458][T17914]  ffff88802fb69380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.513133][T17914]  ffff88802fb69400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.516135][T17914] >ffff88802fb69480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.518908][T17914]                    ^
[  464.520346][T17914]  ffff88802fb69500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.523129][T17914]  ffff88802fb69580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  464.526405][T17914] ==================================================================
[  464.530866][T17914] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  464.533660][T17914] CPU: 1 UID: 0 PID: 17914 Comm: kworker/u33:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  464.537770][T17914] Tainted: [L]=SOFTLOCKUP
[  464.539264][T17914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  464.542707][T17914] Workqueue: hci5 hci_rx_work
[  464.544452][T17914] Call Trace:
[  464.545685][T17914]  <TASK>
[  464.546753][T17914]  dump_stack_lvl+0x100/0x190
[  464.548466][T17914]  vpanic+0x552/0x970
[  464.549963][T17914]  ? __pfx_vpanic+0x10/0x10
[  464.551529][T17914]  ? l2cap_connect_cfm+0xe57/0x1050
[  464.553329][T17914]  panic+0xd1/0xe0
[  464.554680][T17914]  ? __pfx_panic+0x10/0x10
[  464.556344][T17914]  ? l2cap_connect_cfm+0xe57/0x1050
[  464.558176][T17914]  ? preempt_schedule_common+0x42/0xc0
[  464.560232][T17914]  check_panic_on_warn.cold+0x19/0x34
[  464.562188][T17914]  end_report.part.0+0x3a/0x90
[  464.564000][T17914]  kasan_report.cold+0xe/0x18
[  464.565952][T17914]  ? l2cap_connect_cfm+0xe57/0x1050
[  464.568139][T17914]  l2cap_connect_cfm+0xe57/0x1050
[  464.569959][T17914]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  464.571868][T17914]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  464.573906][T17914]  le_conn_complete_evt+0x195c/0x1f40
[  464.575814][T17914]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  464.577971][T17914]  hci_le_conn_complete_evt+0x23c/0x3a0
[  464.579945][T17914]  ? skb_pull_data+0x15f/0x1e0
[  464.581665][T17914]  hci_le_meta_evt+0x34a/0x5f0
[  464.583459][T17914]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  464.585758][T17914]  hci_event_packet+0x682/0x11c0
[  464.587516][T17914]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  464.589545][T17914]  ? __pfx_hci_event_packet+0x10/0x10
[  464.591891][T17914]  ? kcov_remote_start+0x384/0x660
[  464.594275][T17914]  hci_rx_work+0x451/0xfc0
[  464.596528][T17914]  process_one_work+0x9d7/0x1920
[  464.598947][T17914]  ? __pfx_process_one_work+0x10/0x10
[  464.601536][T17914]  ? __pfx_hci_rx_work+0x10/0x10
[  464.603571][T17914]  worker_thread+0x5da/0xe40
[  464.605204][T17914]  ? kthread+0x13a/0x450
[  464.606617][T17914]  ? __pfx_worker_thread+0x10/0x10
[  464.608425][T17914]  kthread+0x370/0x450
[  464.609902][T17914]  ? __pfx_kthread+0x10/0x10
[  464.611510][T17914]  ret_from_fork+0x754/0xd80
[  464.613122][T17914]  ? __pfx_ret_from_fork+0x10/0x10
[  464.614924][T17914]  ? __switch_to+0x7b4/0x1120
[  464.616628][T17914]  ? __pfx_kthread+0x10/0x10
[  464.618223][T17914]  ret_from_fork_asm+0x1a/0x30
[  464.619932][T17914]  </TASK>
[  464.621954][T17914] Kernel Offset: disabled
[  464.623456][T17914] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:25:31  Registers:
info registers vcpu 0

CPU#0
RAX=00000000000006a2 RBX=ffff88803696d418 RCX=0000000000000000 RDX=000000003d264218
RSI=000000000ba58b98 RDI=00000000fe4e7d93 RBP=ffff88803696c900 RSP=ffffc9000d05f568
R8 =00000000f2a8f1fb R9 =00000000000006a2 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=00000000000006a2 R14=0000000000000000 R15=48f0487b3d264218
RIP=ffffffff81e4aaff RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9dd5c146c0 ffffffff 00c00000
GS =0000 ffff8880d6344000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb588f456b8 CR3=0000000035eee000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000010001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd898f9d16
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd898f9d16 00007ffd898f9d1c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd4e331bc
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd4e331fc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd4e33360
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd4e331ee
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a6973203c2065 7a69736565726600 632e6b6361747365 7461636f6c6c6100
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 405f4c5605190540 5f4c564040574300 460b4e4644515640 5144464a49494400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9dd4feb5f8 00007f9dd4feb5c8 00007f9dd4feb600 00007f9dd4feb5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000006b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85794025 RDI=ffffffff9b4a19c0 RBP=ffffffff9b4a1980 RSP=ffffc9000d27f250
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3662663230386552
R12=0000000000000000 R13=000000000000006b R14=0000000000000010 R15=ffffffff85793fc0
RIP=ffffffff8579404f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6444000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb5883e5458 CR3=0000000035eee000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000feffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8008000ef0030608 000ee8031008000e e0030008000ed803 0008000ed0031208
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a003018080828080 808010000f90031a 08000f8003048008 000ef80304808080
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 040806060113fe00 10000fc00301ffff fffffffffffffe10 000fb0030010000f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff041880e390da08 0001000004080606 0114e80e80041886 c3939c0800010000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001048080808080 8080801000010800 0100000008060601 03f80380041880e3
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 90dc080001000002 0806060114e60108 0003900300080003 88030fffffffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff041880e390da08 0001000004080606 0114e80e80041886 c3939c0800010000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 040806060113fe00 10000fc00301ffff fffffffffffffe10 000fb0030010000f
ZMM25=9975abc59975abc5 9975abc59975abc5 9975abc59975abc5 9975abc59975abc5 9975abc59975abc5 9975abc59975abc5 9975abc59975abc5 9975abc59975abc5
ZMM26=893f8855893f8855 893f8855893f8855 893f8855893f8855 893f8855893f8855 893f8855893f8855 893f8855893f8855 893f8855893f8855 893f8855893f8855
ZMM27=27f9ef9927f9ef99 27f9ef9927f9ef99 27f9ef9927f9ef99 27f9ef9927f9ef99 27f9ef9927f9ef99 27f9ef9927f9ef99 27f9ef9927f9ef99 27f9ef9927f9ef99
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=eb150000eb150000 eb150000eb150000 eb150000eb150000 eb150000eb150000 eb150000eb150000 eb150000eb150000 eb150000eb150000 eb150000eb150000
info registers vcpu 2

CPU#2
RAX=0000000000506e0f RBX=ffff88801eaf4900 RCX=ffffffff8b8fdc75 RDX=0000000000000000
RSI=ffffffff8de72f1c RDI=ffffffff8c1af5a0 RBP=0000000000000002 RSP=ffffc90000187df0
R8 =0000000000000001 R9 =ffffed100d4c6795 R10=ffff88806a633cab R11=0000000000000000
R12=ffffed1003d5e920 R13=0000000000000002 R14=ffffffff90d98410 R15=0000000000000000
RIP=ffffffff8b8fc5df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6544000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c261491 CR3=00000000300e8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64656772656d5f6f 692e7166622e6f69
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd4b34fc76
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd4b34fc76 00007ffd4b34fc7c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5882331bc
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5882331fc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb588233360
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb5882331ee
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000000c6000 RBX=ffff88802feb0c30 RCX=0000000000000007 RDX=00000000000e6000
RSI=0000000000000001 RDI=ffffffff9b41c7e0 RBP=ffff88802feb0000 RSP=ffffc900006f86b0
R8 =0000000000000001 R9 =0000000000080000 R10=ffffffff9b41c7e0 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81e4a47b RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6644000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2fe045 CR3=0000000056cf6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa91954d560
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb40c8f96
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb40c8f96 00007ffdb40c8f9c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9188331bc
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9188331fc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa918833360
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9188331ee
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9189eb600 00007fa9189eb5e0 00007fa9189eb5e8 00007fa9189eb618
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9189eb5f8 00007fa9189eb5c8 00007fa9189eb600 00007fa9189eb5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000