last executing test programs:

3m28.355934316s ago: executing program 0 (id=790):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
r1 = socket$netlink(0x10, 0x3, 0xc)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xf4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r5=>0x0})
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000000c0)={@private=0xa010100, @broadcast, r5}, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}}, 0x0)
sendfile(r0, r0, 0x0, 0xb)

3m28.165560422s ago: executing program 0 (id=796):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0xc, 0x22ac0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r1=>0x0], &(0x7f0000000180)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r1, r2], 0x2})
close_range(r0, 0xffffffffffffffff, 0x0)

3m28.162701582s ago: executing program 0 (id=798):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000002c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="beed89366700f8dbdf250300000008010408008000f5b3b73b95189a23f211b5009fcd000000e3b3f83634cf3445eeb349e1414f3ae292ffa96c1daa92fb1f3115383fe5a96c7b521e3c50080be21214c94528b4aaefb09a9a641f7b70389ef053e925d6b2e94a1c3a05fc3b64e8266d00"/128], 0x1c}, 0x1, 0x0, 0x0, 0x4004c}, 0x20000000)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000002c00), 0x30000, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r3, 0x800c5012, &(0x7f0000002c40))
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x35)
ioctl$KVM_X86_SET_MSR_FILTER(r4, 0x4188aec6, &(0x7f0000002a00)={0x0, [{0x3, 0x8000, 0x8, &(0x7f00000004c0)="e8faf6c2e91ca6d9e8f3ff0275bddc00f48bf350f6676f7b37e033bf804013aaa1968bb4cbcf0577795857dbfbd44453c65a4387b27629ed48c0a8f12581dfabf094fb19230e4a591772ca371a288836c7eb780605bda1d21268c8f083cb5066a1c1441a5c84bf7c1fba1d31b6ecf3719a157fada12f3f389cc8ef650329358197246c5b947c7de8b6ed9fbe26a21f2ea8b3e690fbacc53bdc2f0ba8906ea22d3cf493bd997a231f1e6224a4c7c88a3470126a2b05e053c462808e361e70902955c35da2e1a93fbabfc0c5f56bdce7187afa1081374cfbd3cfdd95d1cd6944cd68c247ca48356f1048a9182e58d6d3de24655387256971341ddb8943a98beb4821ba57bd9cbfb289109494c7dfb1caf2cc8439c49b3827dddf398fe7d5e89759c5b3a522f831362d9b0eee5205e62156fcb670e1d6d70fc90c887f8a41f5763786509d4ff4fdca086c6b5307343bdce10c79d76917ae87e6cb2445855a28643a5e1353ddf69aa663654538d82a85c1c21cd061b38d9ec6b35fe1ff631c608b7bfc4915186328b6cd642fe0ec2f67f307619a8a93f33fefb17292275a55e62cc8cdc11d6eb7282ca16b447548b729a7ba4b1286c85ddbb460fca8e54f230beca998dd2122cfc12657cb689c3f686be6432fe1383291733ca8df1fa51a56d77cb517831b1857ccbed1ab114864037b1b54b73928419a386f57c1807f04a83846ac85e868d274462226a4b7b71c2fa981956219a020b362ce4d39c56260f456e8ace6d79db6e5746b5d8c23966ceafca46cf01de60476c29a8a95f0cedd0c5355a8c6d2914328cb249ef0da8b98bfec23b11703ac8d932291d15779582ba4829dc5dc033bc185bd8770dacb26bb43372959c6516349456615dd449905b8183d2f6258a7842c829215400bb6bcfa3761b352d53fd0c78e8c15ff8d0d20066e0f12e49c5db4ada23d9907243dc94283dd1df3b345c7232c59fb3f0a3334f814078f487c902de34c1d58d31a19da9c3c167d86bf178bc2520ef9c320bbcd9f689eec7d679b3dccaf0f5bf2957fdecbbd76062468fd1316c41d079a01b7b9d9d3a6a957494bf7c1bbbe588dbae62447cd326cb6bef0146db3c80a85a733edd58cbfd2d758bfbc82c9f21c8e0efebacd3ddc6e63a6f658d402e0483a3a21f463d52fc90c2f38e72f39e6d2e234ae1f26b3e0327a0e1959b6ac9900417a7a1d3523aa35446c6ec1494c45aba266ec4038dc6f75694915c8d6f9ac9b66a96ab2fba3db90ef0c6c745c7b7c94b1eb32ec0b9f3a942c19c9895a04925c22c88a41feefae983aa3738fc4c55994816ae11555424bf11f5d73c6cc5c2a23642b6ac3246ae7187b070623bebdd2bd6084420b5f7dd5c9ab19dd43ba8113d0b7b4197cf7fcc79279d0d430eeeb09dc5df201a7fd065ca54e17f22f300c9ec0ce85bcda33b2ea3ed3e6866ccb3ff1be72de76ff71027b61f569d013549c6f1e54359f364852badb0594df12e42fd920d6ed43725540730301b890f14ef5059afcaeb31910a4ba9185e7c10eafa0c0b1f44b8386f8def183814657798268a83e9463b3b3c75efa8cb76376eccefccfc0a5f831964cdea53f975e0c8e74ab1b92e567c84d358ec51b5b41e6ccad4b640a27893fd69df74747800cf370eb1e150629a2b90ff85ff5e35afeaa0db12629314cfc542300ea1260b03d4f0022e7572bebfac30cb9d8e010cd2398354b89e39afe305125065b9441decc6a506924d2b001fa89fb239dac3822539d0ac64c9653db6e7114b458b01a67b9a09cbf7a00096a6a1307160c194041abcca0d26da5a6e50b4fff5d11cfddf219ada999253a30c8a6136e137892c3dd8596b36072f543386d0f3c725ecf419a1d1fa265f3289d4091bae3dbf32df06b9df55da15d50f82f7c8c7fd687aadff983fbd8d2cca85ab3ab055c5a9f8848cdcc3e183540c035f87b87fa80facbb04ba778e49f97075467d8e607230cb17c97561a8e5866c8aaa1e321968a11fc28c25199bbce8d939f44497ea2abccc15476b8f422a9d1f1f83bd7c1e0c3d9916ff1745860b94b276babc71a8a46aa1f57cc1efe984d6793f991d83bfbe8294d4959e3eb6e2ef8254a4368e34dc9e1ec834d4a40c7cbe5b8839c33e6959b5e31d851ecdcf80f59a8b81c66b06f0463f1eabddb486561180e82744b7f684a61fd389eb57198fcfc910ad14fce746945294ae5f93c6b666ce29bb50bb172ebe9423ddcbbc951357442acf852ea06383af049116f4d0d8d6fd086904139b7ea38997b085dcd256a3f1d1e7eec56bf31c0c57ec57ff0c617c48b1b3929ab765fd5007eb29de093b5a55e156b98b1d04d3ad6d0452aba5c1379b8de41ab4a3b489610b235284868835e01c45854fc323b45a2820f845f495c8f3f87eac8d077819c50439bcd32768a510f855bef8a893fbd6548d26760275d880bcc63dd5d6769eceab7b6d9ad724369fa78605a25708aad45a88b40af99ba93024cd4833f804410296d8f41ba2be5e1ece2255542dff490418cd7fbf98e1f388af5b57189b05a17c4a1280ddb6b4cb843fa7d375839402a72ca5b37eabd22df968f3b2374d5cffd8607174f49a690391ce3953f06d50f982165907ac6909ecbc71e1b69679f5ee9555803b10b0d878e783af0a34950c40378da26d4fd9f920fe6032acdebb4d1019eb798722989eb52f554c14c98bfeff199de0349504105aae897827ad4242e1d7b71ed64cd20503b16f870fc8f262f75867b502a85e9c5d4573141e5d4d2b9e5249b050b5c321605eaf233f0242a170ae51d0fd9e667b64a870800e3e90b830a6eb0f04a4cffbf65dd73a44ae481741a68810dd06706d90c139b5b82f0b08287d607f924fc7e274d3347965326eb4d06659f26836363fdd6da28bae73605b885003200305cb3d946a335bcd0fbd05b7a6e91bf27a529d3dfb1d5d2b93340638e74ccae47a519b64729d9f81e703eb6bc81d4525816158b48bdb8167cd4a133407172526d73d5e94784e485cbd96b0350d412334c176c269610ec86700c94b1c13b178f986df99b241ab752f84155f9fa4b83b0d4de90f5cdeeaa6073be84a8322e7699cd9a85b54857e0ea6d810d5f1f668de03b725a8f20c2a63aaab4795ec8f08fd81d50ef29e3f2d51d98a406937f64e91bf6d174f6a220231cde668400178898bbf06c9c0c155ff2a0b2b4374659dbb3dbaba75f7877431f1fef852d1784cd9ea95639eb64dbd06bf057b42bf52409e68c586e580d66d51e1066caa7889e49006d58faeeb50d5b3617457076c31eced3996057b93ce41307121a3765bc4531246a6d9ae992cd58122ff82abeeea836ff0d5de060adb994fe5d389eb54edf2910150c83fcf7782be30e595bc83274cc486e4cfb920d733c3a550e7c3382c8f1fc200fb764256a908e24deaa4dbe248c974e7a5590d931b355dbc7ce11537f0263d3fa7a6ec912b184e96649cd1dca98bff05f5d38517c66734a510de0f6b4776a3eeb48fae9075bb34a84fa797cd6a21763d6bce3ff0fe61da3094c76073236fc5c447fbdc6ebf7e26fb59e567599f58ce10c317247f5ace26d74d7e254c2cbc918a8cbf79b8f70b41cae15b5a29eff1dc82f3fffc0bb0c1250c52a6d1119c00ff1e98b845df759080e3591e1b26ebc59d954c0b1393d155c1a0150f38131cebe1de560161f1958b751f79bab7f25c73ef5d27373f5a569b3941fa8ac45c5b02f2409dc08ade0012a518323ecbbb37f4f94797081d2d2a0e5ca455f134d32a6cd78caffd4d9b1a8f90a50dfd8adf159b124c6398a44d63f6347581f0edb33f03adff4930bd8030bac734b0584ced45354bbea0f06b786cbc800be087c0e8e3dea2d6335467fd660ec3f23bd1130cac7abb656576f90f9f4e2235619ac3ab8ee32afd1d057071ac73916e45e467052b6e7d13ad4758bb59657562e394688a40f8f597c92e7ba9fd69650ee823602bb4fab058a035a185d35ab5ed127737d932dd83a191f69e3b3912aaaf5cbbeec7503db05c35d82277e1b76e774b991f93a06774a46f1cdc6992fb50fce38974d5ce5aa69c545d98d623977a7d724b32f4cc371942ebed84fc6115a0b494b9dd04fac3d889262ea6e83fe11911b2aab8a05b4eda88f67268e2e08b72a3abb22311b05402ed0843bb9ecb8bb1441b59b1edf16c31ebeb0cb589ce96f5b71160eb71133fd97c05440c46c0168e412005464f7e569613fe7077fe269d9215b863af1dbd7ab3728f643b9bc10b6fabc573fd921c7e7bb6dba7cd9218819c0cea4d7d0c64f3cac0562aa89bb6fa200e4f6b2c573b58ae24ca99e883d3980bd9ffc5711216400efb6b4e463211320e85ece78eb79258e964e84ec627310802f584aa44a20ab91aef7fc1f78c9d03433f66bd2f023725f208581246d1e618a2b85cb2e2befc6e8847bb838c2737c9c2ae6b18d591826fd5335bde168fd165526bc8cc7512f6a8ca1d42e7e935bd9621f36b75cb7905f9d261417c0e1c88c0c4622fddd1a475e8e426840a163a38b23b87b2e3c5300da23268ee6a35511a40ab2afec35c1e51e0b959232a571c2507e8e031d5cd46741570774c80221c59752eb08ffbc08e4477ae2d2c0bad920c8341f806fd46d98a8507636fdcff462b61b06d994053132d2ebadf4f8fe531884cf71e0dc7f0bc1002f3040103aad9467e3ed0569c48619c87174f25260255305393ec61c0ae54e0b916425fd34bac40d5244a570fe42b225dce4eebd15e6565534d64804845c38535a637f4e03394003e619923ddc25a70b4499f5fb0dd90475b7b865cc53d23a7e2064166372d7990acd8aac1cb348a8c42b88568fd53e9ea875264e30095b7f07a5a5c13d113124868358ebf4a3d2ba6c646184963f3efd3f7381ffb4f71720bfa8d43335073a93599af2f1137c9938ab44e96c6774068e894be1d7631c828457b33a536a816c821c5bc7daa1eeab80a5caea695e37851fd7296e16b48ac1bcd2ef094af84ee9e2d8f36fdaa2a1f073d9d720fa72b7bcad1dca5cbc75b2e447f6f1aa5dc0519b3d87e04187ef94903ebe98ef8581d5a7affd4cf6ee5acebc6b8329b05bf9d2438f2d2695c4010de6bcfa42ba5a68b7f1cb7a080e9ce5491f0a9ae1499f6b96366e7016037a20d54bac75005fc529d7bfa9e303ca0f440250db31ee904393834a13843357b5bcdd74363b6ed719fac794ebb9f22c5925082d6e375b790d43f2484f1ed8cd70f27a290610b69ca1e0b6da0158b97ac3bde5c7451a8ceae3a8045da0876af94c2edfe6de0843248d6bf87ab72f8481a37e6c95bf36fe79a64dd0721de3b0076d9eb44bed11f98768d1fddd46e43c917e36587f0a1ecbde022940ff122c1d4c6cf3ced11f4a145849ec5cf27405916f9e16f6a2ca970065079ec8c860b7d07949f2379802538c83dc033113ebbb16e45fe4c3fbd296c60cb787a29b3e01e855f6aa62b203e566fc7016d2f20cc34ca604996ea58f0d7079b72a5d19a7e681e2a3a1167cf2f548d5429dbfaebb3ee1f7e0fa2c964bdba64070ffd66c278dd10934d4cb1c184ca6e0e3a4b8d74f4cc2f973bfa22c80c89f93d44eb48ba13dfe979c5768ba524a1b49362229499e84f521d2f54eb37d607435eaa519f7dee8714cb7a0e38cd389b481e5f08208d35740d0c6a0001a65fe6d59870043918484ba319e57c71559eabe54087b8c6e1b920afe3776f9345392b6bac579032263c93c2786220913eb6f804f7441683d3e86ad1d00630bef90c81f478e5127ef4c0ff782821ab02f4d0e806c"}, {0x1, 0x780, 0x0, &(0x7f0000000140)="b58ee0ed5e70b4304683f0854d8f43a19c802f6aee0dc1726870ff0a806b1e85f3efb1f4bfffb4caff322749a689e27f662d6beb6ee60a3771423e5755865e73e39fa6959439fc369b8069e6748b6a55e3cb2bc145a786697483bf63029036a042fc02d9b5e7470475e287fa81a65f26c382fafc8b3f8006a94c9a7ce67772543494bab5cc5998b9b5877042a840fb287dc0395ec264c3dae1b38191baf0bebdc119f715693a958d06aff58da3153756d3d686534e942e4b76b01456a684354cb463cb98fbc4db8cf3607af0b2a0ff45092e589a7c54047b1d4400e56bea4e2d785a63f8789f08c4a97ffa4be04ae9f7"}, {0x2, 0x1d0, 0x8, &(0x7f0000000000)="02b3054691b161cde93df7b1eb3bb6996cd80227decc9a626c7b8359aaee1fed90b4ddf3d8528b69994b399d50b273ba5b6ed03e404853797fcb"}, {0x1, 0x550, 0xfe1, &(0x7f0000000240)="705d011bf082b363e1e68852c97a6ac5b4941c063e6d18aca8f30a511ce7206927356c963c3a2459a5e666888bef3b936369679d09d758747b14d79aac676a6e3e8bd7cfbd3139352e8c50acebe7555cd7080b64a1fc9bcd408ae250ff23b52fcf96fff567aad408da356c490e4d6bbe61d78068fe99eec144625f8215336f3f651d60b93e19feb47332eced69fca1c8f7bdd7e2f93f537b817260057a459a4cfbafe8642d74adf61850"}, {0x2, 0x510, 0x9, &(0x7f0000000300)="460c09554400eb7c3fc604f483a30270b50e9e80d6945e2530f2b80ae2bcefc5c1e82da59baeb440fec7e35389e0da8ac53fff83b2def1ebee6f9662faec99b0af0a8af25aafc8f2a54bdd3f40df54da1a7bd76b3b3d052dddee11fa824b5b71c025544ef851d3fad6e439870bb7322d176173f33d78668da94ca69b990228a80b63dc58a9c6e345c2f2d64c07439f6b9271b2b0570393dbf5d9946fa2fa7f77e0bb"}, {0x1, 0x418, 0x3ff, &(0x7f00000003c0)="154500c4d7faa45b8ef55982ef63361488e1dfb8e38a33e231b50b1523b366475afd17e7f258dbaf3a8e9a21f39ddc63774e149f6efbb69187b57ef0d90fa98e110e780ffb07e9b0835183beeb81c2422464c714ee59d577fe52bfbdef388b662299fdb6bff19d1d3f0b0e22db3d7fc5ba89bbc5d67ac90f7e20306445b46864c9add7"}, {0x3, 0x220, 0x0, &(0x7f00000014c0)="8da560f559a40718c77c37913f15d11444433e65e4f978507d7505a40660e013e402d644ac4d614ed3d3445583df8b1bcf610eb6a6d6fdc62567ce0cdce05225e44335f7"}, {0x1, 0x1b0, 0x1200, &(0x7f0000001540)="513d4b53dbaf6025aee358c744e9c94ed6159e7ab07e89757f285a7620961dacf864cb90fa8c96bc14bcdbfaef696aa81f1e964c9853"}, {0x0, 0x8000, 0x7, &(0x7f0000001580)="5dc71a3b125d58522cd30aefc7fb0087c4588e9a921a20ed74dce918f45e7832b137b8468347ea69c08a9d7791add6615918364e7ebabd57defad0c9821b12e92f30033ba0c54d3cd9f1f3f8a67625c17843c1cc55022aa49930ead729b2526a3045903ad124e5b5e48a79a70738d34340a8e6a6b7f8827ac3ec43a7c7898e90dd351fa9fb9b6a7fa8464eb352ead9a26395d6b282323a65cb65ee8e85ae92b616437431b5d7b4adcf1ac3df0fcdad53faa4156c5fc011007ebbe76b447f930b289dbd118ae5b5075d07e1ea22653d35632e2b5d4d5dfbbb976f09ac153c3b9d49adfad801bc35bba29689cd6a5d0e8339a2b0712b948ebf65201fb85398304dede1106c98a096b4570e99940c899c572a53a1aeabb458d8c90d8fa2ef9b675070aaec05e59a809c9ff8f12e19b93673d60cc6aea005374d9fd4137e57499160943c49ec5994de71be2555cde0690e6bc4df6b91d6c1b8eb183c68410d46e520780aca774b46db394d2741f94f38ae5a54e0c9e2bd9010667826afde6e1b262c19b7a6386574e8bb062a0fdda47d487f2dfa742bb71e77a8fe6d00d76e17c1536c7214f6e2e777efcd2f2e9b65ab448c4ca12c34e8f60d470e25be21af231b8d339601ea4e49e2b8381d2d2cf8e9df8965cca4d5d8071d474772d9f62f65a3a2195da77bdbc2639fc1f74f1c911713804a960e48abd4018b3f8222a59ccb6cc42a0f9f769793639a9c4572459c96ce27bf202db4434b23831b6ac5c2933cbfed9476a67c5e0bd906bb22d4d38cb9e93d650e259c836e0fffc4fa6f12c536652fd7a29dc13b36c14b0a7bcf02e7c1f2b17f2b88e23f6f805a99a0818765a4b86b32de1a7def2f14e5bf222c303c0dceaa7806a45c916c33501637403558c86b5f910d274c29a7f9d0f0159e408c447d8044500525f223ccc6b5d6f391f8b76678b0313615f0055a5199f166a74e93d939972e3f6af90c8b101fb807584db81574d1dddbfe58cdabf1d288ccc65a82675b35193db9e2d0c4a6a47cc4f4b5867abdbe85769f704287c58e95262ce009080738f00f2aae15272e04af86d5cb24ce2ac4bec7c41f5f81d0a6026131724a1e66693f7bff37a993e25683b0b6c430a2f6c47d32b89af852818bfd55e728d071231cc0d3f4d959c67175c4ceea10c85732eb5fe62758b92ab2964ec8d96fd3b99ed18813c955caf6266b2a34229a180edf938f982182d523d86932348d1001fce2bed38dc6324707ddf24ec51bcba35d3e55650c8af71209d349076659ee8e3b426b57bbc75160f599a50393f58a1ea512bd8d3d5fb9d1948aec0ba4d4fa06222b571cc20dd6a8f0728e023373ee34b4514361a58bb1d546d83861b15791fb1269559abf998e6834231881663be281af8112db52a22ecb8bcbd0b3596972fe05a7b833b02ebde8ea86338f6c9543a25d747a4ce7f2112504f55e334aeb800fb01acbf0f3b0bb2da790f6652411548dd752fd6a29c9481961ccff83afa9a0a4b907c369520abfb74099f365f3854dcc738b80c33baeb63cf88768c4e160012348a1c9faa891fb5a456a34b8f364a4dc98e3ae70feab5cb864926cde6fd0b96840ce00c144db6ca5593f422ef5c7c9d0ef9058654febd10c4ec2ffc72252d4b5e1c34c7a0190f90612cdcdb8192b9053be13e40918f7fd12ac001574067bb67ccf253d46707cce392b2d2a6d920a78b271540a729ab23cea8daf95ba337080bcde2d58e8be37f8e4265c107996091ffc5ba3767ce7e94187392539b6c1f2805f02f3d1170045c5fa9141a2c4455121d877b6d8ee48a133183984789937bb291ddbf4a2b9b7e0ff9d3624ae658b98a4968482f7a7ef4b7d661f7918c22b7f93bce80c6c3a240c9a0dbf0648c477652f1a61788c3909c34d477dce2f1a91d48e55d3ab7b90ede9c4de6afd37ee9aac85cf4e0c6090bec7f17d2aeb6c96e965afc34201232a703554f09abb151d9534015b5f054b3279ded4bf27e43c98151e983bf30b502c592845987dc387ceb1331a2be7cc2333a15a4a24b8a81b959189ff49f28f9bf8d26ec1f339182a4997a194c55c62b4d567f252f21195605efba20c759430289738ccf943c880fe5bd5fe14defb34926473b54901b86f6476d385985b3fc6fb3243384a3721de28cdab4c102671c0810e77ba165a857e4c46983f584304ced29bfb1f49238ac787ab0d26efdd6e1f55484568b545766f8560bc1c94b600da1db7417db4b28a37fb7efe0d01423dfbe7bedd52d726d890baa22dea6435c219ab3d67c6ab37cdb05e9bafd576ebca4df86283ff0fc9d4c83082da1abc36ea19fd53417af5980d205091a73ef38616406c4df4b84fb5bd9a3ec5c635d9bb62226e9e3d399514591a49301d63ea0bc774cf8cdb0f653d20e688682fb35762cdb0c6cbc49db48f8eed600ffa3665972da0009aa32f272685a6f69a1a500ad4945d23f9b0d498ac3154c45526c572fc05ed9577830ad94706c84821adaab3f6a147af94f46dbc5bcf86277ea163d9566f23d0142a414bf63736532f4962c8e04bae06f18b46f44287afecdf5111f2ca980e406c4d380ad7d31f81ba1c8de3ce0bc608147f3d4ddba286e91c6adc19ef59775604a08205edd7c4eebd717e6c03360f13e803a34d69687a54fff44ec2dceb9b08f4de9adee5bc454a9557d8f252e06d07b043829c46ed832ebc1a7eb141b9e1c1ec9ebfe1141226e37c103bfadc92837a905a8ec60fbc055eb62bf6503a33ef5c77618a8013e38835db04acb8beb74305bd769feed03b57d52215b482a56f2d418593b61bdf7bfb834a74aafaa89950ca70d0f820c1e19bc48bcf1bac69d9e0909dd78493bf906eedda73be016608561aeea0c8a2560b8d97fa54c7d69bc3c57a51ee3e917503eb1cb808a0adcbe60a1ba382eb34850f6280ead0dd282443ff836de4de3806d7e70ee7815e8687fac0a57939477bd258d17b57b9306cde039d2b7cc9c93f054a06fcbca2023858b655aa993deab926cc0091990982a4dec3b71d8aa31afdd2e8b4c1ec3f4c92c6aabe36041328be69ac44f158bb47b6617235b64d18f8c812b673e3ead9af35b11bd699026a53716b4b0da5e189117d38d77a4258e331b59ea076a88ca0902c1254df2dc33e0dc24ec44124e4b07b98830bb0a588bc8668c3986cd9b03dd1eb6dbf6d8083ff884e2900cb8c2b88683010e8059ebe291faedd5c1f618bc1a8d70f8c487ecdd66d98ecdada9e0a3d5ec9c8dad7e3f5fe0605c23d93f6c6adac2aa34c8a903fefa3ce206264fa17ef6d38da6be6a4bfd2a911ba2b06fd9a3bdab1bc8267f833417c8a6a5a9b3d34adf45a8b748f382883128f819ba1f228016d270e26b23120e986240e8c71849e207b59a77c8669d4db88e1f15d1f2fdafcd262f08cc9a9a9d0975c8582d49312fe31172bd5eb2b843c1d0091892eff0de59e15c1277a4a358a65d36a989f8f4dc7f29e8e2871db39856f41482f39cb1660f615b447ea6346fb309b1d18f4759cdb636c17ae5dd30c5e1df27f930fd77bbda2cd78f01360e90a59cc5646c728f42fef12a44e815a1f42e09c614fe3489d668344c3946395f84def2f6ae3bad68d8112e30afee8c0e05757807c750fb5a2b7f61c810bdf955994edd6411912b60b7b30529ad08e0f23f50a83491ce6af6fc1e916d12b365674b7f26bf356ef92ccb6e7438b9d1204d0b8d53b1bd84875b1f2ae5a62e28e7ed9f025699a0f329b47f0d708ead3a003205f7bfb28f9a82a8c3fcd463fb19729ebbf0f0df153dd0affb724f6a6f010378d87099d336c90bc157184b811eb7b6464ccb7f059620485b83e527d185f53f713feca6b1e70955c3250ff4b55e4d20b19243e960d49c1d3d49905d4d96c65750660f80283d2d9e1b4e96d2a17d6e561e7351c879ec3856793c2740340aea66079e1d36b83c92ab101a364a02d7be884c473b34ce86ff4c5d1afe4bc1c3ed6bb782a028dcfe18b46761dad2537ea2cacfeed1aa544be99f4661e4f792831b16752dffcb06eadf3c3f4dd669d110851110fab44348315a91137d7f1faffd6c9f5809466cfc712b77a53748df6d0d41cdfdb3e51c116f67652b210bc77343ac5847cdff6e7a62e05f948f31a7a547463e0f2c42d9c5e8df3bf19fa77a8b2265657fc95d1ca39f7507846da69e1790de944790a1273f8cfaac46909cb102ca124a3e7765b398cfa552c87266560a3cb9173e09923d8f790f5337cadaaa6c7db4da6e6a10630f42d789bd0a6fbf560a2150f459ebc7d845865ecdfe50098ff0201699e0535ad10cdc2924d32d8362bbbf8dcebdeb53d0422597778f441f3c99f56210934b4fc7c223a0b25c7c4980406a11db7a9c51fa6c4562821d98ac5d395bd380a1cdf9939549515b208ecc76a3b929a72abac52f735d5e7f2e3ef0bec92627153f048a684665d4678bb1cb58e636cc1436fc3d0b382e944fc665798f5b894fc3732becd3725ac1909a82c3e8214cf1e186ab53701b9e410757945b54be28487d6fd4777b8443c6380021149d3e97dcb0fef01c42028891c2f2d1ef57f8b11b9fc4e462e4b40455cb718642ef2bb1ffd940cdff548bf959c1c5e2e503344ceb2d25c954cd1a0ba81724af3e9585f053966f6aff783d2387853f59da2e570daa3974f3bf0ea15147b5d639e12847a66653656f58f1015537bd19faff1967fb20bdbb54ad3ae997e8bc8783f97d79caa6f4648cbc2453df60ea42b9b9d046a7ca87dafab49f180a50b118f04a19cb8f6a56e26a37e5dbebb28d8260c2c75119c0b7c46172f1c22e7d78b56841d86d41727e4073d3115792c2ff55c7738f3651ee5eb45fd92b13ec95f62aa8b8f82226492ea51d8038bd11a123759225570347c21fe151b24e5f47cd9eddc1657bd9cf494331b31cb8c6256743a72fc10209ddefd5f75bfc8d7d8a3dd91bc24eec99b6aecf74d105c24c293f86c748f9968b73f9cdc8bf486244db9de9037d983c49724c17600f8f3dac560d47beaf2a610aeb602ce37c0e8efd44a7e52bdd716afceb453aea9c234c095da7d852973cab3a81e4edc918f81896542daa2370052bd27f293a5ff8d4264a3cdfb38721e0672244390114c78bff0bdd8c6b5a020fc401a79c2463a2d30a1576c85f1122803a49d2295aaa4d4b34c1f51085bb15d38e76dee87ea31831b52759a60cbcd494ebcddf6205c9903b9534f8451f6baf47c3f9582d58eb165a3570867eb39ed705e24405b6eaecaeb115720e6cd1a23208d9102ceefccab68125abbdc6ebcdde702ea200e47857bc1b631eaa9ce3056278b738c5f216d2346724bc01da043e85519a75d97a21fb61a4782d0db9da198b211ad37d6580692c3f63f085e2e57d6ed2566491efbbfbe77b1371628e0d68d33c68f8d79c6f2cffce11179f17aac70b256a1c088b1a1f4d70e7505f19196e9576686d3a6b35bbc87d8411f025f39d18734968cd9c5ef3a4c5fe31e2440452c5c7665785eaa87c144fc9128362cbb5242066d1abd1011822b1845b5d3cae98f24ac7e0a0358eba033e5c99f9b22a70aa3f3b79a79c93d350531b5d00162d80a6421ea674d3c68275b48f7495e297d9257f9e6bb3eff853afb5723fc14797a3e8e0c171be5c995524848cf1249bff3274f959e2d0d4b35e4da8435429267c540fa6ed60148f24ec2acd62f5e199f2ba88f1bf092724a676ab5f8b11420804acf77d73b0bf081f3f7baa5189de212f6c3ee22462a59d56d21b6a8ebbbe14c0b6d2eaac25add5116f18904138e8b6353d39d54636e8b"}, {0x2, 0x590, 0x0, &(0x7f0000002580)="50fcd108fe5d062583c01dc670823e5042ab26fafd939612544bcbbb4d50c5e72d262543f2a02a38d26c251b7b2ce147a934d1dca788e99369f1d5226e6cbad4b7ebad1f3359f45d5ad8559d59dfea7a22bd4b0b793d59a85d601ba92d1ec9ca7769d482cc3ad4f711d7452ef85e89e1e74c06d01013c99d8e97135f7d853ab36a9caf9082068ba24132a93ab08f6d6a069568201ba470515f37038cb5f87cb9002cfacfa25e340f8fb74bcd22a58b517c00"}, {0x1, 0x368, 0x1000, &(0x7f0000002640)="ba2e9c17977a9f4bdf0811c6ff6afd3517507f2514192680d6341063c72a9e29f37019cbd0a262cdd7a7bbeebd5dbbba7b5f11e1c290f9fc8224e394d7559a6b8bea06d989aecd3619f9d3ccaca69ff6b83730f8f41e7715014682b4842955698338bb94eab70d0f3d98653d4e"}, {0x2, 0x590, 0x0, &(0x7f00000026c0)="5dd3106092e32cf19fb1c9434cc3e1acfb50b49c715263dc4d6ab30ee0dcf4ecf46f1c59152a5b88f9c31166306e764fa4d87f1fcedd79753cfccc660ca4fbb2d1708f0765ccb052825b6b96b04fc03dad939b30a14fcf340343c2af134416d17c56f22d82ebb5fdfc317b699830791e98098bcce79a734a84dd2da2b0190a8aef73ee3bf725310915917a98fbc646b7fd6010f19427d82410be5e2585acefac335f4f0a5a5b6952f62fefdf2461471a13c2"}, {0x0, 0x318, 0x7, &(0x7f0000002780)="499650a3530df863b27ad5f7b557a06ae3632612ca0ba2c4f0bf1270afbf9d63e4db7d5b51c98c99cbaa313e95d134c3982efa16723ccdfe9941acf4c8b1779dcbb261d086781e1e95b2e27003458d245918da1760ddd1c2b18eb434effcb7efc60ce1"}, {0x1, 0x630, 0x2, &(0x7f0000002800)="632ca8af3a453503873b4f9e7b9aed49399c9392cad0bac7c902ae561cc5e65fcffe791d213d2a63be517acf86dc50c8f189a45d968c7d16525e9adaae419c6b0c745fc0ff9b1fbda5ecc038c93605737a6f76a716f6936cb433a1435a97a7cb30482c6a0874ada2a694d4c28b1c1d1dda2e7080678dce7af72a8ff83fb52faf84bdaf7b622bdc080a875639f55464fe6edcac143db84e42a17ad38ac917b5a9881948c30c540ac571bf7bedf70fc45b987f7bbd8d695681cd028512daadf5b4b36300927477"}, {0x1, 0x528, 0x3, &(0x7f0000002900)="a5552f6952846bf2fcdc9324617f74a0437846bac69eb1190f5ff264c52d14ebbc845b60db8ef37026f705d5c69493904a61d0fd862f4b84fe1fc192674755729cec789ec245c74c489b97327438cd98f084af71ad70bf8248dab1d7f1319dbd47eb421981501f9c8bd335a0ad4b29ee69b53ae84461507d470060542f1bf435e80074b9fbdb9c35e1f0bf1a7f961661492da9de4026feb36f2cfbfdda987c136e56e7571e"}, {0x1, 0x160, 0xc500000, &(0x7f00000029c0)="d254585ff4c085526a71befd2fe8fa451ec88535dd14c45867f7b966c292a33737fa9002eaa3c8917f71a7bf"}]})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9fa0000000f8701d1d10fc4020a1bf7b805000000b908001bfe0fae41d9a0000005009100918b7fae260f3200000f30660fc775022e0fba600c980f320f3566b85700c30fefd0", 0x4c}], 0x2d891dc90fe8a01, 0x19, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000002bc0)={@empty, 0x6d})
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000040)={0x10, 0x5, 0x5})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3m27.842346009s ago: executing program 0 (id=807):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000ac0)={0xfff, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000500)=""/120, 0x78}, {&(0x7f00000008c0)=""/26, 0x1a}, {&(0x7f0000000900)=""/12, 0xc}, {&(0x7f0000000c00)=""/174, 0xae}], &(0x7f0000000a40)=[0x8, 0x7, 0x101, 0x8c, 0x2], 0x4}, 0x20)
mknod(&(0x7f0000000240)='./bus\x00', 0x8000, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000100)='./bus\x00', &(0x7f00000000c0)='vfat\x00', 0x4000c0, &(0x7f00000001c0)='discard')
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000340)={0xfffffff7, <r2=>0x0}, 0x8)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000003c0)=@o_path={&(0x7f0000000380)='./bus\x00', 0x0, 0x8, r0}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)='%pB    \x00'}, 0x20)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x40084d02, &(0x7f0000000380)={0x2, 0x0, 0x0, 0x0})
r5 = creat(&(0x7f00000004c0)='./bus\x00', 0x22)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB='\n\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="051000001169000005000000000000cb44043e002000002000ba35006892e6f86b71b2a786ee92423f37aa0a21d6e50558738a184f7c6f21da7c6e501375bfb003bd5fbf8228be570fc51edc294ec0632858b8f731b19ed85ee3aea0b337ee8e24a7935a2567055856d36b92d01ed559803c56170f78fb410b28628186fab80e044ec56ead8a88b24384b9941e8fdf54bf42d72a3f2f693dc553c25c3580c7ef60abf0f250db4fb8c6bbde0ba2abf406e5bc00"], 0x50)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000580)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x8c, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x4}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{0xffffffffffffffff, <r8=>0xffffffffffffffff}, &(0x7f0000000600), &(0x7f0000000640)='%-5lx  \x00'}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x7, 0x3, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r9, <r10=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r11 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000006c0), 0x4f4202, 0x0)
r12 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_ep_write$ath9k_ep1(r12, 0x82, 0x0, 0x0)
close(0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x28a5a93, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x3000005, 0x0)
write$USERIO_CMD_REGISTER(r4, &(0x7f0000000800)={0x0, 0x1}, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x2, &(0x7f0000000140)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @alu={0x7, 0x0, 0xe, 0x6, 0x1, 0x1}], &(0x7f0000000280)='GPL\x00', 0xfd, 0x22, &(0x7f00000002c0)=""/34, 0x1e00, 0x41, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x1, 0x10, 0x1, 0x5}, 0x10, r2, r5, 0x0, &(0x7f0000000700)=[0xffffffffffffffff, r3, r4, r10, 0xffffffffffffffff, r6, r7, r8, r9, r11], 0x0, 0x10, 0x1}, 0x94)
io_submit(r1, 0x1a, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])

3m13.780732212s ago: executing program 0 (id=840):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80202, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01082cbd7000fedbdf250c0000001800058007000100696200000c000280080004000300000049333daff6d0491b4d55a68dddc94575dd3d6a2c5d6e1a733ffb8f51e6e3aacf6f"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x8040)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r6 = socket(0x11, 0x2, 0x0) (async)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x101042, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50) (async)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) (async)
write$binfmt_misc(r7, &(0x7f0000000000), 0xd) (async)
r8 = socket(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e24, 0xa6e, @dev={0xfe, 0x80, '\x00', 0x18}, 0x4}, 0x1c) (async)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r10=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r8, 0x29, 0x32, &(0x7f0000000080)={@loopback, r10}, 0x14) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt(r6, 0x107, 0x1, &(0x7f0000000080)="010000000000060000071a80000001cc", 0x10)
ioctl$KVM_SET_GUEST_DEBUG_x86(r5, 0x4048ae9b, &(0x7f0000000340)={0x3, 0x0, {[0x99c, 0x9, 0xe, 0x4, 0x2, 0x2, 0x5, 0xd6]}})
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r11 = dup(r0)
mmap(&(0x7f00005ed000/0x2000)=nil, 0x2000, 0x0, 0x10010, r11, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) (async)
r12 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r12)

3m13.775443898s ago: executing program 0 (id=844):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x2000)
syz_clone3(&(0x7f0000000180)={0x8081000, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x2, &(0x7f0000000000)=<r0=>0x0)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r2 = eventfd2(0x67, 0x1)
r3 = socket$kcm(0x29, 0x5, 0x0)
r4 = eventfd2(0x2, 0x801)
r5 = eventfd2(0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000001200576d100000000000000007000000", @ANYRES32=0x0, @ANYBLOB="000002000000000008001d00fb"], 0x28}}, 0x0)
r7 = eventfd2(0x624, 0x80001)
r8 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r8, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
r9 = eventfd2(0x2, 0x0)
r10 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)={{0x1, 0x1, 0x18, <r11=>0xffffffffffffffff, {0x2}}, './file0\x00'})
io_submit(r0, 0x6, &(0x7f0000000780)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x54, r1, &(0x7f0000000200)="f431f9047d7999b20a7c1a90c4d1116763516691696eae5d8c2bfaed41e8c388b163aa999558d6b4d312ad0e373073437abdad16388e53cc2a8f392b28627419f228466abfd9b1e8a36ec90768609f5a0e4908ab03ef9f1a15f5294641ea2573dded8cea4d0bbbcf1bcf9f5122d4d161e4698a0258c9b659241827a85b99f3c160cd97fd4618e9beddbde5431f98a3abddf2", 0x92, 0xf6e5, 0x0, 0x8dcdd9a5812b263b, r2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7, 0x700, r3, &(0x7f0000000100)="48fc1506b97d519b47e5a1a23721e1becf4ff6db4de004592eb29cd0b2f3aee4f3946b6d120e3f73e0a6895c248e7cc8931a85aa41836c6ae8ba474a651bf3399b82376ca68765b8d3d91a5acb720bc352d193fa3003cfa44aa8e9f2914f6d221d90778319e70e4062", 0x69, 0x1e, 0x0, 0x0, r4}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000300)="14e97a14279f0ccbea3701974d42bef48cbd70d1c0e5762880809e9dffcc1af03af47fe30e788db5967c9d6db3bbcd1f4c771b8012e956cd5d0d6ee063e59560b16d99c4aaddc2142275726d41a30800b45bb1bee52cb4913659777cf3ecda13c473e935b906320e2fef0fad515e12f7698e2143b360d7d916aac44603c1df4ae42530ad73ae9d3db95f30e7a4d24eeb41a3242d4e1cbe0da88f", 0x9a, 0x7fffffffffffffff, 0x0, 0x2, r5}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x5, 0x703f, r6, &(0x7f0000000400)="687194b5e72c012a4620dd6cdb5f0f7d1b86d70fb18d26e053d4160d7a3acfdd4e12a424de7aafa3717a87f7d3fccb6a87ff0a82cd7081ce25cc7d7f029f4ce605e3df7af3128ee67a243767aa06612c4d1fce17dd471926933e81cfc4afe19486c9fb1665c4316bf5c0d27a18bcd4280dd56ca084affa75352fd28db00a889b53", 0x81, 0x1, 0x0, 0x0, r7}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x9, 0x7, r8, &(0x7f0000000500)="81b0542347c4a826fd39302276f0e2fa7a6f03152e57dcfce6b4d5c543a4dbe5c6ae3e27c18826eecbd818967aa8a90fc217112c576bc59f9c5d60fa1c08e7d762d5b17c883d154664afbcbaf1d414958c3ea38f045e8f0a426c0f4f0a47d1be7daf2190dd7e01c2727f18484fd6bbad3dbb382fec6b69c625559f3c1d2a31babcb933a38c6c7c54d1dd7e6cd6eabf5b1e420d0f6dcfb44f14de9767c4910a141a1df7b22043bc5ddabe712c97789b65c9d7419575a22c44cba8c39d982d2dd3c89f7c82e03c704244dc8ef7ee66a116aa4f2025f692c091e60cd44e2437d04ad6254af53d8d544767ae", 0xea, 0xd741, 0x0, 0x1, r9}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0xfff8, r10, &(0x7f0000000640)="1c951bd829a586073c56d53195303ad91d6af593eb8f72843f5dee3d866837fae64330e3946cf323addbde504c8947eb19870445ed75fc125a1241744960abc81fe18b8d6c98a6786a8da4032392b3dc184beb668b67fecfde81a57810417a6adb9823de63ba0dc14c67f40140cc6a998cacdc58fe7d8a8e78f6c37dc8d96641d7d6be7a0022e32e0003c3f498f91f24763df70c4f76e50a7910140da36e67bb1fad4f15b49da022c6654722a75bf4c48d", 0xb1, 0x1, 0x0, 0x2, r11}])
r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x161200, 0x0)
ioctl$TIOCSETD(r12, 0x5423, &(0x7f00000000c0)=0x11)
close(0x3)

3m13.775315938s ago: executing program 32 (id=844):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x2000)
syz_clone3(&(0x7f0000000180)={0x8081000, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x2, &(0x7f0000000000)=<r0=>0x0)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r2 = eventfd2(0x67, 0x1)
r3 = socket$kcm(0x29, 0x5, 0x0)
r4 = eventfd2(0x2, 0x801)
r5 = eventfd2(0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000001200576d100000000000000007000000", @ANYRES32=0x0, @ANYBLOB="000002000000000008001d00fb"], 0x28}}, 0x0)
r7 = eventfd2(0x624, 0x80001)
r8 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r8, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
r9 = eventfd2(0x2, 0x0)
r10 = fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000700)={{0x1, 0x1, 0x18, <r11=>0xffffffffffffffff, {0x2}}, './file0\x00'})
io_submit(r0, 0x6, &(0x7f0000000780)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x54, r1, &(0x7f0000000200)="f431f9047d7999b20a7c1a90c4d1116763516691696eae5d8c2bfaed41e8c388b163aa999558d6b4d312ad0e373073437abdad16388e53cc2a8f392b28627419f228466abfd9b1e8a36ec90768609f5a0e4908ab03ef9f1a15f5294641ea2573dded8cea4d0bbbcf1bcf9f5122d4d161e4698a0258c9b659241827a85b99f3c160cd97fd4618e9beddbde5431f98a3abddf2", 0x92, 0xf6e5, 0x0, 0x8dcdd9a5812b263b, r2}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7, 0x700, r3, &(0x7f0000000100)="48fc1506b97d519b47e5a1a23721e1becf4ff6db4de004592eb29cd0b2f3aee4f3946b6d120e3f73e0a6895c248e7cc8931a85aa41836c6ae8ba474a651bf3399b82376ca68765b8d3d91a5acb720bc352d193fa3003cfa44aa8e9f2914f6d221d90778319e70e4062", 0x69, 0x1e, 0x0, 0x0, r4}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000300)="14e97a14279f0ccbea3701974d42bef48cbd70d1c0e5762880809e9dffcc1af03af47fe30e788db5967c9d6db3bbcd1f4c771b8012e956cd5d0d6ee063e59560b16d99c4aaddc2142275726d41a30800b45bb1bee52cb4913659777cf3ecda13c473e935b906320e2fef0fad515e12f7698e2143b360d7d916aac44603c1df4ae42530ad73ae9d3db95f30e7a4d24eeb41a3242d4e1cbe0da88f", 0x9a, 0x7fffffffffffffff, 0x0, 0x2, r5}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x5, 0x703f, r6, &(0x7f0000000400)="687194b5e72c012a4620dd6cdb5f0f7d1b86d70fb18d26e053d4160d7a3acfdd4e12a424de7aafa3717a87f7d3fccb6a87ff0a82cd7081ce25cc7d7f029f4ce605e3df7af3128ee67a243767aa06612c4d1fce17dd471926933e81cfc4afe19486c9fb1665c4316bf5c0d27a18bcd4280dd56ca084affa75352fd28db00a889b53", 0x81, 0x1, 0x0, 0x0, r7}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x9, 0x7, r8, &(0x7f0000000500)="81b0542347c4a826fd39302276f0e2fa7a6f03152e57dcfce6b4d5c543a4dbe5c6ae3e27c18826eecbd818967aa8a90fc217112c576bc59f9c5d60fa1c08e7d762d5b17c883d154664afbcbaf1d414958c3ea38f045e8f0a426c0f4f0a47d1be7daf2190dd7e01c2727f18484fd6bbad3dbb382fec6b69c625559f3c1d2a31babcb933a38c6c7c54d1dd7e6cd6eabf5b1e420d0f6dcfb44f14de9767c4910a141a1df7b22043bc5ddabe712c97789b65c9d7419575a22c44cba8c39d982d2dd3c89f7c82e03c704244dc8ef7ee66a116aa4f2025f692c091e60cd44e2437d04ad6254af53d8d544767ae", 0xea, 0xd741, 0x0, 0x1, r9}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0xfff8, r10, &(0x7f0000000640)="1c951bd829a586073c56d53195303ad91d6af593eb8f72843f5dee3d866837fae64330e3946cf323addbde504c8947eb19870445ed75fc125a1241744960abc81fe18b8d6c98a6786a8da4032392b3dc184beb668b67fecfde81a57810417a6adb9823de63ba0dc14c67f40140cc6a998cacdc58fe7d8a8e78f6c37dc8d96641d7d6be7a0022e32e0003c3f498f91f24763df70c4f76e50a7910140da36e67bb1fad4f15b49da022c6654722a75bf4c48d", 0xb1, 0x1, 0x0, 0x2, r11}])
r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x161200, 0x0)
ioctl$TIOCSETD(r12, 0x5423, &(0x7f00000000c0)=0x11)
close(0x3)

3m0.362012308s ago: executing program 3 (id=1066):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
accept4$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs, &(0x7f0000000140)=0x6e, 0x80000)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x28, &(0x7f0000000400)=ANY=[@ANYBLOB='max'])
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000023c0)=ANY=[@ANYBLOB="380000005500e502000000000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32=0x0, @ANYBLOB="0001"], 0x38}}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x3000009, 0x32, 0xffffffffffffffff, 0x261c8000)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="6d703c3bce83876f6c3d6c6f63616c2c6d706f6c3d6c6f63616c3d7374617469633a2c00"])
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
memfd_create(&(0x7f0000000100)='\x00', 0x0)
unshare(0x22020600)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1900000004000000080000000200000000000000", @ANYRES32, @ANYBLOB="000003000000000000000000fe1f0000b3ad32150000063ef4707ff227d2d9edc3f3d128feec301621218a3ba75aeb0d47e2d619d6c479fd32ae6ec60d0b09ec1d1787629fcd9fd9d8eca9ed358a53b4e91a4b7e0fc81932a1ce747ca397e20e277a20b193fd76535e7230dac3299541030d2c9f24907f3379aedcadf8a3901ab275345dd370a43606afc91a09edb5deaeffca4eb451da5701d54bcc06f985fa35be13d9b1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socket$phonet(0x23, 0x2, 0x1)
close_range(r2, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000a, 0x13, r1, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000000), 0x10)
read(r3, &(0x7f00000017c0)=""/4090, 0xffa)
sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r4}, 0x10, &(0x7f0000000200)={&(0x7f0000000300)=@can={{0x3, 0x0, 0x1}, 0x8}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x400c8c1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="22000000040000001000000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r5}, &(0x7f0000000080), &(0x7f00000001c0)=r5}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r5}, 0x4)

2m59.465920522s ago: executing program 3 (id=1085):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000240)=0x1, 0x4) (async)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000240)=0x1, 0x4)
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, &(0x7f0000000040))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000080), 0x2, 0x0)
sendfile(r2, r2, 0x0, 0xbebd)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00008bc6000200", 0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000200), &(0x7f0000000300)=0x8)
r4 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_test', 0x8a881, 0xbb) (async)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_test', 0x8a881, 0xbb)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000080)={r7, 0x0, {0x0, 0x0, 0x0, 0x8, 0x4000000000000ffd, 0x0, 0x0, 0x3, 0xc, "faf98317e5a1149989fc67be43ea6acc96e3a2503dc31c97214d58128bbad0099cebdc25f5ab60c9e69098c8b534464c516bdd8a0f350000000000000300", "32d8cc26f7061a74df2cfc06489f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}})
r8 = creat(&(0x7f00000002c0)='./file1\x00', 0x102)
writev(r8, &(0x7f0000000100)=[{0x0}], 0x1) (async)
writev(r8, &(0x7f0000000100)=[{0x0}], 0x1)
r9 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r9, 0x0, 0x1, &(0x7f0000000240)=0x1, 0x4)
getsockopt$WPAN_SECURITY(r9, 0x0, 0x1, 0x0, &(0x7f0000000040)) (async)
getsockopt$WPAN_SECURITY(r9, 0x0, 0x1, 0x0, &(0x7f0000000040))
socket$inet6(0xa, 0x3, 0x1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x8b19, &(0x7f0000000140)={'wlan1\x00', @random="0100000000eb"})
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0, 0x0, 0xfffe}, {0x0}]}, 0x4}, 0x1)
socket(0x10, 0x3, 0x0) (async)
r11 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r11, 0x0, 0x0, 0xfffffd49, 0x20044080, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf"], 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf"], 0x0}, 0x94)
io_uring_enter(r4, 0x27e2, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000010400", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)

2m59.465773978s ago: executing program 3 (id=1086):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x28)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x5}}, @TCA_MPLS_LABEL={0x5}, @TCA_MPLS_PROTO={0x0, 0x4, 0x8808}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)

2m59.415258493s ago: executing program 3 (id=1088):
r0 = io_uring_setup(0xd63, &(0x7f0000000000)={0x0, 0xfbd9, 0x4, 0x2, 0x32d})
io_uring_enter(r0, 0x701c, 0xd95a, 0x1, &(0x7f0000000080)={[0x1]}, 0x8)
r1 = userfaultfd(0x800)
ioctl$UFFDIO_MOVE(r1, 0xc028aa05, &(0x7f00000000c0)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x3000})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r2, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xb8, r3, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x2d, 0x7, 'system_u:object_r:logrotate_var_lib_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:auth_cache_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}]}, 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x24040055) (async)
pipe2(&(0x7f00000002c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000300)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000340)={0x28, 0x6, r6, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r4, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x28, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0xb3, 0x50}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000004c0)={'\x00', 0xd, 0xffffffff, 0x5, 0xd, 0x400000, <r8=>0x0})
move_pages(r8, 0x3, &(0x7f0000000540)=[&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil], &(0x7f0000000580)=[0x7fff, 0x3, 0x5], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x6)
move_pages(r8, 0x1, &(0x7f0000000600)=[&(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f0000000640)=[0x0], 0x0) (async)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), r2)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000700)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r9, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000004)
r11 = syz_open_procfs(r8, &(0x7f0000000800)='net/udp6\x00')
ioctl$IOMMU_IOAS_COPY(r11, 0x3b83, &(0x7f0000000840)={0x28, 0x0, r6, r6, 0x9547, 0x7, 0x8001})
setsockopt$inet_mreqsrc(r4, 0x0, 0x25, &(0x7f0000000880)={@remote, @remote, @loopback}, 0xc) (async)
r12 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$PIO_FONTX(r12, 0x4b6c, &(0x7f0000000cc0)={0x180, 0xd, &(0x7f00000008c0)="f6faa9393d9d18d7787dd7fb6a99fd0dab20cdd3a76e7cb31821c09f62f13e77ee6914d4f5721e8a626aa3276f11e552087ad9b2e0191d65259f27e6a05d1d25b285d16e444f0f7410734fca6d68b20a5c1457d13f3d80a213fa5c3e62f4947295cf6ee9bdaf87abec1f6eb77ab684aee514739c3b589a1c34d21386c996e9155c1364fba68d42e6c05f48418ea37a48490e435acef05319179487be240db5c08d31d85b1dc7a8bb6ae30cc1c71967fe59ca963ed0277e39c4931df52fef166a7b4c370c5d9189cda154ddd1630e29fb6fbb13237283bd37af0561f2e1606fe22669cb39ff4474ec6fd16f93d44d73bfce86ea2fb037c217673554b8fbc568429678c52bda7f2c70250d516997dfdb85e584433301afe9713338c1b40e5834671def61dc30826451abde1008eb45cb9f05c6825d1bfb283b99c9758c63e303ea45419626e9625ca4e29b3d992952bc6ab916d3f6396014818b288e7da7643d55cf1f35e1dfe1055542a8e93058531dbc1c866efe70c2af50502573cc53670267eda4aa240a383c02cbb39f89fdc94ddde98a1f3ba03e513d431716536565c3f414a572d97d408188a9e2091513510532d8cf2db10f877afc04a8f48533e25cc18c19fb74bade1afcc402681e4e62bbd1c77291d990b1fd532901279780842f79f57210eef958d55439ea1fb5215541bd984bf17b410a2f68ed5610e7df52409994e2b75a426f864a6fd284d42095b0e77f77ca3367e1c8ca9ded9e4d3a43d08817c8b532285a80999441bc389bdaab47a36f84431b9f9913161740d49b8a57236df27bd19e67817896eff8db24292d55a74faab9e67ac5f44fe0e3d75788c5b364624f109451378dff6224f917a571e8769df2dc4f5c951e7603484c2197cb0b25305b64708e4d11baf44ce2de38b90ae1c6568a3e279d61a1f39a3fe61aefff62bbf8638bafb361b093e183bb177020096c77b217fee3948206206b09a7c49a0247b9ea609633661b735f6f3cb89041d5ffb636cc54fb4eced88931b5377717e42b6d3867d397bdb37142b63afbcd798738ccdfde4d71ede9c0a943c2d715cfee71a60f42eac6994cf918d80147509a642a208882c1a84bdd8dc8b3c436002c33b68427c4f1ae691e7abf025c633e40442aeb27b6e6922f9ef5349d990abdd1b06ea88388908b09e485ab15210e4a25a957222c08607fe8adeba7f3a08d6bc3ce6c7b853812ebeb02a1497ab6330daa38a79550bf7ec36ac5c01632514b0c8fd8d879235fb3ae41fd870c3491ec36d1d2a88e765f99c9e6db3080b0c6e123ff4c78ec40ed9acc80fddf8cc391a384a81536b232c49f303f893f1188e8f96d3f3f3e4d57941d53263d6c3679bf2764e021704529ad10e7838b8e3fb3d63e1f7ee57f24c06e0957c7016d6286fa021561a104670e77b910dbd4c9c4a81bfeefe2"}) (async)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d40), r4)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r13, &(0x7f0000001580)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001540)={&(0x7f0000000d80)={0x794, r14, 0x100, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x214, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0xa, 0x8, 0x2, 0x1, 0x4, 0x30e, 0xb1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_6GHZ={0xd4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0xc, 0x36, 0x12, 0x5, 0x18, 0x60, 0xc, 0x36, 0x36, 0x2, 0x12, 0x5, 0x36, 0x9, 0x24, 0x30, 0x1b]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x1, 0x56fb, 0x46, 0x8000, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xcc, 0x1ff, 0x34f, 0x0, 0x6, 0x4, 0x70, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x2, 0xff, 0x5, 0x1, 0x7ff, 0xc18b, 0x5d3]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x4c, 0x36, 0x36, 0x1b, 0x4, 0xb, 0x35, 0x48, 0x2, 0x9, 0x1, 0xb, 0x12, 0x6c, 0x16]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x1000, 0xfffe, 0x6, 0x3ff, 0x5, 0x27, 0x2]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x4, 0x6}, {0x0, 0x6}, {0x6, 0x3}, {0x5, 0x1}, {0x0, 0x4}, {0x4, 0xa}, {0x0, 0x2}, {0x3, 0x4}, {0x0, 0x1}, {0x0, 0x1}, {0x3, 0x4}, {0x1, 0x9}, {0x0, 0x1}, {0x3, 0x6}, {0x5, 0x9}, {0x0, 0x6}, {0x4, 0x5}, {0x5, 0x5}, {0x2, 0x8}, {0x3, 0x7}, {0x0, 0xa}, {0x1, 0x8}, {0x7, 0x7}, {0x1, 0x5}, {0x1, 0x9}, {0x7, 0x7}, {0x7, 0x9}, {0x6, 0xa}, {0x6}, {0x4, 0x1}, {0x1, 0x6}, {0x2, 0x2}, {0x6, 0xa}, {0x2}, {0x4, 0x7}, {0x0, 0x3}, {0x6}, {0x7}, {0x7, 0x6}, {0x1}, {0x2}, {0x7, 0x8}, {0x1}, {0x0, 0x7}, {0x6}, {0x7, 0x8}, {0x0, 0x5}, {0x0, 0x7}, {0x5, 0xa}, {0x7, 0x6}, {0x0, 0x1}, {0x1, 0x9}, {0x1, 0x4}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7366, 0x6, 0xe302, 0x9, 0x5, 0x5, 0x4, 0x82a]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x12]}]}, @NL80211_BAND_6GHZ={0x54, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x8001, 0x8001, 0x3, 0x9, 0x6, 0x7, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x9, 0x7, 0x92, 0xff, 0x1, 0x81, 0x800]}}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x2, 0x1}, {0x5, 0x1}, {0x2, 0x2}, {0x4, 0x5}, {0x7}, {0x7, 0x7}, {0x0, 0x1}, {0x3, 0x8}, {0x5, 0x7}, {0x3, 0xa}, {0x6, 0x6}, {0x7, 0x1}, {0x3, 0x5}, {0x6, 0x6}, {0x0, 0xa}, {0x6, 0x9}, {0x7, 0x9}, {0x0, 0x5}, {0x4, 0x1}, {0x6, 0x5}, {0x4, 0x8}, {0x6, 0x9}, {0x1, 0x2}, {0x6, 0x8}, {0x2, 0x2}, {0x6, 0x3}, {0x6}, {0x1, 0x5}, {0x6, 0x6}, {0x1, 0x5}, {0x0, 0x4}, {0x0, 0x9}, {0x4, 0x7}]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x1ffc, 0x2, 0x5, 0x6404, 0xfffe, 0xe8b, 0x1ff, 0xff]}}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x4, 0x5}, {0x0, 0x8}, {0x5, 0x1}, {0x0, 0xa}, {0x3, 0x4}, {0x5, 0x1}, {0x5, 0x2}, {0x3, 0x4}, {0x4, 0xa}, {0x7, 0x7}, {0x0, 0xa}, {0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x5}, {0x5, 0x4}, {0x5, 0x5}, {0x1, 0x8}, {0x2, 0x4}, {0x4, 0x6}, {0x0, 0x7}, {0x6, 0x2}, {0x1, 0x9}, {0x1, 0x4}, {0x1, 0xa}, {0x7, 0x4}, {0x0, 0x6}, {0x4, 0x9}, {0x6, 0xa}, {0x0, 0x3}, {0x2, 0x4}, {0x3, 0x2}, {0x0, 0x6}, {0x3, 0x7}, {0x6, 0x5}, {0x6, 0x2}, {0x0, 0x1}, {0x1}, {0x4, 0x1}, {0x2, 0xa}, {0x3, 0x8}, {0x0, 0x1}, {0x4, 0x5}, {0x5, 0x4}, {0x6}, {0x1, 0x7}, {0x1, 0x7}, {0x6}, {0x7, 0x4}, {0x6, 0x4}, {0x2, 0x2}, {0x1}, {0x0, 0x3}, {0x5}, {0x2, 0x1}, {0x3, 0x4}, {0x1, 0x7}, {0x0, 0x1}, {0x5}, {0x4, 0x6}, {0x3, 0x4}, {0x0, 0x6}, {0x3}, {0x3, 0x7}, {0x4, 0x6}, {0x4, 0x4}, {0x5}, {0x2, 0x7}, {0x0, 0x1}, {0x4, 0x4}, {0x6, 0x3}, {0x4, 0x1}, {0x4, 0x3}]}]}, @NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x1e0, 0x6, 0x0, 0x346, 0x1, 0x3ff, 0x5, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x168, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xc, 0xa3, 0x8000, 0x4, 0xff01, 0x8119, 0x7fff, 0x401]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0xb, 0x36, 0xb, 0x12, 0x3, 0x0, 0x3, 0x30, 0x1b, 0x24, 0x48, 0x2, 0xb, 0x9, 0x9, 0xb, 0xc, 0x2, 0x24, 0x6c, 0xc, 0x1, 0x7e, 0x30, 0x6c, 0x9, 0x9, 0xb, 0x1]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x17, 0x2, [{0x1, 0x7}, {0x0, 0x3}, {0x4, 0x6}, {0x1, 0x5}, {0x0, 0x6}, {0x0, 0x6}, {0x1, 0x5}, {0x5, 0x4}, {0x2, 0x2}, {0x5, 0x3}, {0x3, 0x5}, {0x2, 0x6}, {0x0, 0xa}, {0x2, 0x4}, {0x6, 0x5}, {0x0, 0x3}, {0x0, 0x7}, {0x6, 0xa}, {0x7, 0xa}]}]}, @NL80211_BAND_5GHZ={0x38, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x9, 0x1000, 0x2, 0x4, 0x1, 0x1, 0x1]}}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x0, 0x1b, 0x18, 0x1b, 0x18, 0x6, 0x1, 0x6c, 0x5, 0x2, 0x0, 0x50, 0x24, 0xc, 0x24, 0x3, 0x48, 0x9, 0x18, 0x2d, 0x4, 0x30, 0x60, 0x3, 0xc, 0x12, 0x48, 0x12]}]}, @NL80211_BAND_60GHZ={0x6c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x59da, 0xfff, 0x7, 0x401, 0x3, 0x1ff, 0x10, 0x6ea]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xae52, 0x1, 0x6, 0x2, 0x3, 0xa000, 0x0, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x401, 0x8, 0x4, 0x98, 0xffff, 0xd242]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0xfffe, 0x9, 0x3, 0x2, 0x0, 0x3, 0xffff]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x36, 0x36, 0x6, 0x1, 0x1b, 0x27, 0xb, 0x48, 0x4]}]}, @NL80211_BAND_60GHZ={0x4c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x4, 0x6}, {0x3, 0xa}, {}, {0x5, 0x6}, {0x7, 0x6}, {0x7, 0x2}, {0x7, 0xa}, {0x0, 0x7}, {0x5, 0xa}, {0x4, 0x7}, {0x3, 0x4}, {0x7, 0x1}, {0x2, 0x1}, {0x7, 0x4}, {0x1, 0x2}, {0x4, 0x1}, {0x4, 0x5}, {0x6, 0x7}, {0x1, 0xa}, {0x7, 0x3}, {0x1, 0x1}, {0x6, 0x2}, {0x1, 0x2}, {0x0, 0x1}, {0x4, 0x9}, {0x0, 0x8}, {0x3, 0x5}, {0x3, 0x4}, {0x0, 0x9}, {0x4, 0xa}, {0x3, 0xa}, {0x7, 0x9}, {0x4, 0xa}, {0x2}, {0x3, 0x2}, {0x4}, {0x6, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x9, 0x1, [0x3, 0x1, 0x5, 0x1, 0x0]}]}]}, @NL80211_ATTR_TX_RATES={0x1a4, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xc86b, 0x0, 0xa, 0x1, 0x6, 0x3, 0x2, 0x1000]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9e, 0x5, 0x3, 0x0, 0xff7, 0x7, 0x4, 0xfff8]}}]}, @NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0x24, 0x2, 0x2, 0x1, 0x2, 0x4, 0x6c, 0x36, 0x5, 0x3b, 0x16, 0x18, 0x9, 0x30, 0x18, 0xb, 0x48, 0xb, 0x5, 0x24, 0x5, 0xc, 0x16]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x4, 0x8, 0x200, 0x9, 0x0, 0x9]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x1, 0x2, 0x6, 0xfff4, 0x5, 0x7fff, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0xc5, 0x4, 0x7772, 0x3, 0x1, 0x2, 0x5]}}]}, @NL80211_BAND_60GHZ={0xe8, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x6, 0x1, [0xe2a17f3affbed676, 0x14]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8001, 0x7, 0xffff, 0x6, 0x49, 0x9, 0x8, 0x7ba]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x81, 0x81, 0x200, 0x0, 0x7, 0x6, 0xa6fd]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x200, 0x3, 0x7, 0x8, 0x7fff, 0x8, 0x3998]}}, @NL80211_TXRATE_HT={0x31, 0x2, [{0x1, 0x6}, {0x1, 0x2}, {0x0, 0x5}, {0x0, 0x5}, {0x6}, {0x0, 0x9}, {0x5, 0x8}, {0x3, 0x1}, {0x3, 0x4}, {0x3, 0x4}, {0x1}, {0x7, 0xa}, {0x1, 0x4}, {0x2, 0x2}, {0x2, 0x2}, {0x2, 0x3}, {0x1, 0x2}, {0x4}, {0x4, 0x2}, {0x0, 0xa}, {0x0, 0xa}, {0x4, 0x9}, {0x4}, {0x0, 0x9}, {0x0, 0x3}, {0x1, 0x2}, {0x7, 0x2}, {0x3, 0x6}, {0x5, 0x9}, {0x7, 0x6}, {0x0, 0x1}, {0x5, 0x3}, {0x1}, {0x0, 0x1}, {0x4, 0x7}, {0x2, 0x8}, {0x3, 0x9}, {0x6, 0xa}, {0x4, 0x2}, {0x6, 0x8}, {0x1, 0xa}, {0x0, 0x4}, {0x2, 0x7}, {0x7, 0x6}, {0x5, 0x2}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x9, 0xf, 0x101, 0x4, 0x4, 0x4d7, 0x10]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0xffff, 0xa, 0xd614, 0x4, 0x8001, 0x7, 0x9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x7, 0x8}, {0x2, 0x6}, {0x0, 0x7}, {0x7, 0x4}, {0x6, 0x2}, {0x5, 0x2}, {0x6, 0xa}, {0x0, 0x2}, {0x3, 0x5}, {0x6, 0x5}, {0x0, 0x7}, {0x5, 0xa}, {0x2, 0x5}, {0x7, 0x4}, {0x0, 0x4}, {0x1}, {0x6}, {}, {0x2, 0xa}, {0x0, 0x3}, {0x7, 0x3}, {0x3, 0x6}, {0x7, 0x9}, {0x3, 0x3}, {0x1, 0x3}, {0x0, 0x2}, {0x5, 0x4}, {0x0, 0x1}, {0x0, 0x2}, {0x2, 0xa}, {0x2}, {0x3, 0x3}, {0x5, 0x1}, {0x2, 0x1}, {0x3, 0x4}, {0x6}, {0x0, 0x1}, {0x7, 0x2}, {0x5}, {0x2, 0x9}, {0x2, 0x3}, {0x1, 0x8}, {0x2, 0x7}, {0x5, 0x2}, {0x1, 0xa}, {0x1, 0x3}, {0x3, 0x7}]}]}, @NL80211_BAND_2GHZ={0x10, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xb, 0x1, [0x5c1751898a764a2c, 0x3, 0x16, 0x6, 0x4, 0xb, 0x30]}]}]}, @NL80211_ATTR_TX_RATES={0x160, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x70, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x36]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x200, 0x40, 0x7, 0x3, 0x1ff, 0x78f, 0x7fff]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x12, 0x18, 0x18, 0xb, 0x24, 0x32, 0x16, 0x60, 0x6, 0xb, 0x16, 0x6c, 0x1b, 0x60, 0x30, 0x6, 0x18, 0x5d, 0x9, 0x2, 0xc, 0x1b, 0xf776adc6b97a1f57, 0x30, 0xb, 0xc, 0x1, 0x24, 0x6]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x5, 0x1, 0x9, 0x41dd, 0x9, 0x6, 0x7ff]}}]}, @NL80211_BAND_6GHZ={0x48, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0xb3, 0x3, 0xb59, 0xfff8, 0x0, 0x3, 0x401]}}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x6, 0x7}, {0x0, 0x3}, {0x3, 0x7}, {0x5, 0x7}, {0x5, 0x4}, {0x0, 0x8}, {0x0, 0x9}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x23dc, 0xa, 0x1, 0x9, 0xf801, 0x80, 0x4]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x60, 0x18]}]}, @NL80211_BAND_60GHZ={0xa4, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x42, 0x2, [{0x1, 0x8}, {0x3, 0x1}, {0x0, 0x1}, {0x3, 0xa}, {0x0, 0x2}, {0x6, 0x1}, {0x1, 0x7}, {0x0, 0x4}, {0x2}, {0x4, 0x5}, {0x0, 0x6}, {0x4, 0x4}, {0x1, 0x7}, {0x3, 0x9}, {0x1, 0x4}, {0x0, 0x6}, {0x6, 0x8}, {0x1, 0x8}, {0x3}, {0x5, 0x1}, {0x1, 0x8}, {0x1, 0x5}, {0x6, 0x7}, {0x4, 0x4}, {0x5, 0x6}, {0x7, 0x3}, {0x1, 0x3}, {0x0, 0xa}, {0x4, 0x8}, {0x6, 0x7}, {0x3}, {0x0, 0x7}, {0x7, 0x4}, {0x7}, {0x3, 0x3}, {0x5, 0x1}, {0x0, 0x7}, {0x7, 0x3}, {0x5, 0x2}, {0x0, 0x3}, {0x6, 0x1}, {0x1, 0x9}, {0x4, 0x7}, {0x0, 0x1}, {0x3, 0x4}, {0x7, 0x1}, {0x5, 0x2}, {0x7, 0x8}, {0x2}, {0x3, 0x8}, {0x0, 0x1}, {0x3, 0x3}, {0x2, 0xa}, {0x1, 0xa}, {0x1, 0x5}, {0x2, 0x1}, {0x4, 0x5}, {0x7, 0x9}, {0x0, 0x6}, {0x2, 0x6}, {0x0, 0x2}, {0x2}]}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x6c, 0x6c, 0x1, 0x36, 0x60, 0x16, 0x60, 0x7a, 0x60, 0x0, 0x4, 0x30, 0x6, 0xc, 0x2, 0x12, 0x3, 0x30]}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x9, 0x1b, 0x1b, 0x2d, 0x3, 0x1b, 0x4, 0x24, 0x1b, 0x5, 0x4, 0x0, 0x60]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x48, 0xc, 0xb, 0x18, 0xb, 0x3, 0x1b, 0xc]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffe, 0x40, 0xffff, 0x2723, 0x2, 0x8, 0x5, 0xffff]}}]}]}, @NL80211_ATTR_TX_RATES={0xdc, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_2GHZ={0x98, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x48, 0x24, 0x60, 0x5e, 0x2, 0x9, 0x9, 0x5, 0x12, 0x24]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x6, 0x5, 0x12, 0x1b, 0x27, 0x6, 0x30, 0x48, 0x30, 0x1, 0x0, 0x2, 0x4, 0xc, 0x5, 0x16, 0x6, 0x3, 0x18, 0x22, 0x2, 0x1, 0x1b, 0x60, 0x1, 0x60, 0xb, 0x24]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x81, 0x85, 0xfff, 0x2, 0x8, 0x7, 0x2ab, 0xf8]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4aa0, 0x2, 0x5, 0x5, 0x0, 0x7, 0x4, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xc1, 0x5, 0x101, 0x4b, 0xb48, 0x7, 0xe, 0x2800]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xc, 0x8000, 0x5, 0xce, 0x7f, 0x9, 0x2, 0x4]}}, @NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x794}, 0x1, 0x0, 0x0, 0x8084}, 0x1)
r15 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000015c0), 0x40a141, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r15, 0x29, 0x22, &(0x7f0000001600)={{{@in6=@local, @in6=@loopback}}, {{@in=@multicast1}, 0x0, @in=@remote}}, &(0x7f0000001700)=0xe8)
move_pages(r8, 0x8, &(0x7f0000001740)=[&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff2000/0xe000)=nil], 0x0, &(0x7f0000001780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) (async, rerun: 64)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r11, 0x0, 0x61, &(0x7f00000017c0)={'filter\x00', 0x4}, 0x68) (rerun: 64)

2m59.354618292s ago: executing program 3 (id=1090):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7) (async)
r1 = eventfd(0x2)
quotactl_fd$Q_SYNC(r1, 0xffffffff80000101, 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x201, 0x4000003e, r0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, <r4=>0x0, 0x0, 0x0, <r5=>0x0}, 0x2020) (async)
r6 = accept4$netrom(r3, &(0x7f0000002400)={{0x3, @default}, [@rose, @rose, @remote, @rose, @netrom, @rose, @bcast, @netrom]}, &(0x7f0000002480)=0x48, 0x80000)
kcmp$KCMP_EPOLL_TFD(r5, r5, 0x7, r0, &(0x7f00000024c0)={r3, r6, 0x1})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@empty, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@empty}, 0x0, @in=@local}}, &(0x7f0000000000)=0xe8) (async)
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
write$FUSE_CREATE_OPEN(r3, &(0x7f0000002300)={0xa0, 0x0, r4, {{0x1, 0x1, 0xdb, 0x7, 0x9, 0x569010c0, {0x1, 0x2, 0x2, 0xa5, 0x4, 0xfffffffffffffff3, 0x8, 0x3, 0x9, 0xa000, 0x8, r7, r8, 0x64, 0x5}}, {0x0, 0x1}}}, 0xa0) (async)
r9 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r9, 0xc0205648, &(0x7f0000000100)={0x4, 0x1, 0x31, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f05e, 0x1ff, '\x00', @p_u32=&(0x7f00000023c0)=0x6}})
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000080)={0x8})

2m59.248440859s ago: executing program 3 (id=1092):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@deltclass={0x30, 0x29, 0x20, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0x4}, {0xf, 0x8}, {0xb, 0x1}}, [@tclass_kind_options=@c_multiq={0xb}]}, 0x30}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x1, 0x70b926, 0x80100, {0x0, 0x0, 0x0, r1, {0x0, 0xd}, {0x4, 0xb}, {0xd, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x8021}, 0x4008000)

2m44.303697379s ago: executing program 33 (id=1092):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@deltclass={0x30, 0x29, 0x20, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0x4}, {0xf, 0x8}, {0xb, 0x1}}, [@tclass_kind_options=@c_multiq={0xb}]}, 0x30}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x1, 0x70b926, 0x80100, {0x0, 0x0, 0x0, r1, {0x0, 0xd}, {0x4, 0xb}, {0xd, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x8021}, 0x4008000)

20.753908281s ago: executing program 2 (id=3151):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
write$cgroup_pid(r0, &(0x7f0000000080), 0x12)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x0, 0x100, 0x0, 0x3ffe}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(r2, 0x3516, 0x5000000, 0x0, 0x0, 0x0)

20.68395778s ago: executing program 2 (id=3152):
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xc, 0x8001, 0x0, 0x9, 0x4f, 0x8, 0xfa11, 0x1}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000040))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), <r3=>0x0, 0xc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47, 0x8, 0x0, 0x0}}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYRESHEX=r3, @ANYRESHEX=r0], 0x34}, 0x1, 0x0, 0x0, 0x24048011}, 0x8800)
execve(&(0x7f0000019100)='./file0\x00', 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002f00)='fdinfo\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x3, 0x0, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0)
getpid()
syz_io_uring_setup(0xcaf, &(0x7f0000000100)={0x0, 0xb601, 0x859, 0x5, 0x32c}, &(0x7f00000002c0), &(0x7f00000000c0))
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r5 = add_key$user(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000380)="bb26cf017af076fd52f9c7ae62025c772eb0e25affde00"/33, 0x21, 0xfffffffffffffff8)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r5, r5, r5}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7b13000000000000200012800b00010067656e657665000010000280060005004e2000000400060008000a00b567871e2dbd1d393b41658413b61d2d9194b464bb8c3eb3dd1f83ef31c56b607bc3fccd8adae69eac338cb3e4a9dc7f3aa696f7380981596b3dcb3026d871982e17"], 0x48}}, 0x4000)

20.173884273s ago: executing program 2 (id=3164):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
unshare(0x26020480)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x5)

16.193059561s ago: executing program 2 (id=3164):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
unshare(0x26020480)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x5)

16.084376419s ago: executing program 1 (id=3191):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

16.084204314s ago: executing program 1 (id=3192):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x80)
r1 = socket(0x10, 0x3, 0x0)
unshare(0x28000600)
write(r1, &(0x7f00000000c0)="240000005a001f001007f4f9002304000a04f51108000500020100020800038005000000", 0x24)

16.024563113s ago: executing program 1 (id=3193):
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="5201000052395310410e5750ad060102030e0902120001000000000904"], 0x0)

16.024270012s ago: executing program 2 (id=3194):
syz_open_dev$video(0x0, 0x485, 0x40042)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000016000b63d25a8064000000000124fc60", 0x14}], 0x1}, 0x0)
shmget$private(0x0, 0x1000, 0x100, &(0x7f0000ffc000/0x1000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40a000, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000c80)={'syz1\x00', {0x4, 0x6e2f, 0x11f9, 0xfff8}, 0x4c, [0x8, 0x8, 0xfffffff7, 0x7f, 0x5, 0x9, 0x7fffffff, 0x0, 0x6235, 0x838, 0xffffff0c, 0x3, 0x101, 0x9, 0x2, 0xc, 0x3, 0x6, 0x3, 0x2, 0x0, 0x6, 0x6, 0x6, 0x5, 0x10001, 0x7, 0x4, 0x77, 0x8000, 0x7, 0xd, 0x401, 0x7, 0x8, 0xc687, 0x200, 0xff, 0x1, 0x0, 0xfffffe01, 0x0, 0x59e6, 0x102, 0x4, 0xdb, 0x1, 0xe, 0x9, 0xf, 0x4, 0x1, 0x3, 0x800, 0x7f, 0x9, 0x6, 0x23c2, 0x0, 0xc10d, 0x7, 0x8, 0x2, 0x3], [0x2, 0xc, 0xff, 0x7, 0xa, 0x9, 0x1000, 0x100, 0xfffffffb, 0x6, 0x9, 0x2, 0x4, 0x7, 0x40, 0x6, 0x60, 0xb, 0x1, 0x6, 0x71e4, 0x1, 0x10000, 0x3, 0x9f3, 0x800, 0x0, 0xe842, 0x40, 0xca, 0x9, 0x7, 0x7, 0x6, 0x9, 0x6, 0xc5, 0x2ff, 0xf, 0x1, 0x550, 0x2, 0x100003, 0x8, 0x80000001, 0x0, 0x3d, 0x13d, 0x101, 0x9, 0x10001, 0x9f, 0xe2d9, 0x783, 0x5, 0x0, 0x4, 0x8, 0x3460, 0xffff, 0x8a42, 0x4000, 0x100, 0x1], [0x62e2adfb, 0x9f57, 0x4, 0x3, 0x9e, 0x8, 0x1, 0xfffffff7, 0x1, 0x5, 0x4, 0x4, 0x6, 0x4800000, 0x0, 0x9, 0x7, 0x9, 0x5, 0x2, 0x1, 0x7, 0xffff8000, 0x8, 0x100003, 0x6, 0x2, 0xfff, 0x0, 0x8, 0xffff2f9e, 0x9, 0x6, 0x3, 0x8, 0x3ff, 0x3, 0x5, 0x3, 0x690bd85f, 0x7, 0x3, 0x9, 0x5, 0xb3, 0xcf, 0x2, 0x6, 0x0, 0x7fff, 0xc8, 0x8, 0x2, 0x5, 0x100, 0x7ff, 0x102, 0x5, 0x6, 0x4, 0x5, 0xa0, 0x1, 0x7825], [0x3, 0x0, 0x1, 0xffc0, 0x2, 0xf, 0x5, 0xfffffffd, 0x10001, 0x2, 0x2, 0x2, 0x2, 0x9, 0x7fffffff, 0x3, 0x2, 0x400, 0x10009, 0x5, 0x5, 0x1002, 0xffffff7d, 0x0, 0x1, 0x5, 0x8, 0xc6d9, 0x631, 0x200, 0x4, 0xfffffffc, 0x4, 0x5, 0xe, 0xffff, 0x5, 0x7ff, 0x6, 0x10, 0x6, 0x1, 0x6, 0x80000000, 0x3, 0x3, 0x10000, 0x9, 0x2, 0x2, 0x4, 0x4, 0x3, 0x2, 0x8001, 0xfffffffd, 0x5, 0xb8, 0xfff, 0x400, 0x22, 0x2, 0x75, 0x9]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$UI_SET_PROPBIT(r4, 0x4004556e, 0x8)
restart_syscall()
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = dup3(r5, r3, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0], 0x4c}}, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})

15.954316554s ago: executing program 5 (id=3195):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f00000001c0)={0x0, 0x0})

15.954176142s ago: executing program 5 (id=3196):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$pokeuser(0x6, r0, 0x358, 0xffff8880b8639740)

15.873826509s ago: executing program 5 (id=3197):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000040)={0x0, &(0x7f0000000480)=[@nested_amd_vmload={0x182, 0x18, 0x3}, @uexit={0x0, 0x18, 0x8001}, @wr_drn={0x68, 0x20, {0x3, 0xc4}}, @nested_amd_invlpga={0x17d, 0x20, {0x0, 0xdaae}}, @out_dx={0x6a, 0x28, {0x1581, 0x0, 0x1}}, @code={0xa, 0x56, {"f20f108100680000470f0966b808018ed80f2043410f01d166ba400066ed66baa100b000eec744240051000000c74424020d000000ff1c242ef30fc7b680ffffff410f01f8"}}, @nested_create_vm={0x12d, 0x18, 0x8}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x2, @save_area=0x457, 0x10, 0xffff, 0x2}}, @uexit={0x0, 0x18, 0x2}, @enable_nested={0x12c, 0x18}, @nested_amd_inject_event={0x180, 0x38, {0x3, 0x56, 0x2, 0x4, 0x2}}], 0x1a6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_clone(0x100011, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x8}, @exit], &(0x7f00000000c0)='GPL\x00', 0x9}, 0x94)
r3 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$USBDEVFS_REAPURB(r5, 0x4008550c, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800007, 0x11, r3, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)

15.114330095s ago: executing program 2 (id=3198):
socket$packet(0x11, 0x3, 0x300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
open$dir(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x121480, 0x3)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
ioctl$UI_SET_KEYBIT(0xffffffffffffffff, 0x40045565, 0x400000223)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000030000000b0000000000000901800000090000000000000700000000090000000000000bf3a860b623be800565c5a808d755c2b3fd530d6643f11ffc135398b1ae2402abf1fae5843b"], 0x0, 0x3f, 0x0, 0x0, 0x3, 0x10000, @value=r3}, 0x28)
write$cgroup_int(r3, &(0x7f0000000000)=0x2b00, 0x12)
socket$kcm(0x10, 0x7, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x1d, &(0x7f0000000180)=0xffffffff, 0x4)
sendmmsg$inet(r4, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x4000000000000b7, 0x4000800)
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, &(0x7f0000000180)="0000000000000002ff69000000000001000000c000000006000200861fa72e5b01504104bfeacdd5a9007d167c71e3b8a93aa64d957a684161c833020a6da888c7a56843a85f3a078c97d542ed1fbf069ca713670adf7d9fb6d2600fd9c1981fe9f095cfe9d2fe1e1e34f6096bf02543747b2c792890f07c0da0fa25e6101062e6c9176a70e41698814a213711764f88495994cfd8a57c1e13f6b5298e7ab3a2bfb58dde34d58536633c27882e51ced17d67999b0009446100"/212, 0xd4, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x15, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x200000c, 0x4, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r5, 0xc0403d08, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r6, 0x4, 0x2)

14.963782774s ago: executing program 5 (id=3199):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
move_pages(0x0, 0x0, 0x0, &(0x7f0000001180), 0x0, 0x0)

14.963540372s ago: executing program 5 (id=3200):
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x141101)
r1 = dup(r0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000002580)={0x120c, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x11f8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xfe1, 0x4, "fc654c187d6eb5f0ca15095cc8787b50b96435ad3147dd10e867248d37187c2a131a62d105462ce34d5cf8ded36159aea612a3460534d8c298556e91590238f40dd2c7148d365ab6cdd5f2a7f74bac8d59f731c655a46917f18b28ed05e58b70287d26677601258a5c0ab9f679e2e520228c3a1f1aede04c6ba82cc38cc2ab6b35a24fb20e032dedf6f6caf4bfea5435f746f746fd46ca192e3744eb6908b358c10833bf484237ba654641e6186a45957c6345e61ea620fdc74383ce1df4a24e7044bae596f018736424a5bfa438865044e7026fa37a3540fadd0e89d87aecd3bc127e0cb10274991d6127224a0f2a4ef19e2c4dedbe45f2471abcc38c584ead0e3df3f9211022b2421fb6b327361e8f58f2b73134fc5444b350ede95ecef5bbbf9950e75c9f772a3ff0180d2cfac287228709726a6abbab2971982de7f1a9149d71dcbfd212e89ff17cf284b7f8ad82a469cb1c1e3d9d1d3689271c8dad0ba89dda651d4242062ac0bc5877e397236fa9476ac5fac7c2c896babca09d74720004cd0e634327de4fd87ed72ae069c095d2c70caed52e3335478c1c3719925e24f2fd7755baebd5cde385727a0f0440dd3b662248c43ff5afc4f186ff0051ba8eaa07623b79c4bb6985f14c5ac15041a6ff7584f921982e5414481d4db4c76798d70a59b5aeccb6e7882aefe70993758b55b4dc4039c2b1c98452113aaf23ccdf68cb6eff6e048f9da6f39a2def3caaf80cdcbadb83b029b8738391f02fec90c8a8b6f036aae8ceaff5dca7d3e0098423fedc676c6774ab0e6a72bd246c0b3004d1988f802b846d62ca59e9a63ce12814176ec4380e1cf29d27e7b2f7e7eadcaae8f182498ad32e67323fe6ef9508fec40dd38897652053ef92e44a909060c237890c196f0c26ab10248f999001f6231813a81313971bea77a5470f312d185dce689adc99e430e4010a3a341482c51fb71c23c3cdf92303c7580c73775f9a74685a61ce9849eaca52b97ee7ffe2e672dc1be5267c285a102711b1b5d81d6dbb76494f2892fd4f85244ade3cdd3809fd5fdfce5157fc1658f0bceb379489732583707c170fc6392aa4f5b94843aeb18da58e0156e029c2b722918b1b3dc7c151cb9c248ddd18423629b53cd4b0ab2693b0df29c88c04657f4eccdc41357de8186fdc0ec86f92950734975921a2fde57c3e7176b57c871d76ff8a8f36520b67e64930cf34bcde9ad92d057a359ca022b646df18e2b7202845bd8ac4be5e5ebae436dc4b93dfaaf2778a53e7e4be937e83dac7d1d481bdbd8081ab0ac08af067e62580bbdbf397cbc629db9b023734b6fad7824d1a8b3257c1c18d6ebc928140060f004ec484b183560f830a1eb0c527c8600bb2600d761e847454e677aa29486aa407a9e9a5e9dc9542de038e3e55fdfec13184cdb16716556f972eef5c56230c43d146c86a9147265c309a279db6d138647920410896c5397c5f83634fa5e92b5161f786482d84830864388b91c2c1e3e9f9f038d5fa66f7fe904e14df0a60d46066c6b1f37cec6e13c35832f512be21da21a5921b81cc452b0076c2ec10fc5481cd0e1ca917b40cb3aa839b120ce6eb9773e942b74ececac6bdcd22eb8dd6cd9f148e0ebe5ef3094f42adc39bc5ca2259e1eab5059ccf5e82bb57b97d4d13a90747299b2e6b64f962aabf222e4f287503181de3c3a68fb2b0068583f3b97e40ce06e9805a7121eccac0527b8f1b18a62762efe0a9ce4114b7d1ba942bc93533ee0b1bd7f0a607207b976dfa1fbe3ce0868e7f4e31b41a0aada0ac6b291aefe22ea5338f07e57b981b8e4e4a121f231d2f46989fd5dd09a7c1d198f5886b4f1a222eccdabff096a81fef3c9e497621128562880938fe05a1f1c4da81daba55bf326f1e3a1712d79f01fbef2ee230615d4e454be67f0ad4dc2bfffaecbb683742925738b45854ab713ae548b9709e9ea2e28224ef466bced79e3ec6c163d45db187bc01c75afa85f78003927dcd122086acc8dd1b1224de41d62b83e34083dd39fe68aa5a479ba403f5dbddf9b763ca521b7efca6234be16484f1e0112d963672a6d24cdac15e80bcb82b3b22231670c41fe7e8a0a083b6df768e7fb0d94a004f8372f5cf8b9b45cc679eb67828a94d0ffabfe09d95ad2789cb8657f7ea86a46260416a72e6fc7b44e549a2e39fe015c7647cc0bec15fa63d26894be1cc5326331e7e0b1c505934182accf049bab033b026d48fda51de740afc0666e6c891e0c5192f4b2df21493477ff45319d7d8b816f0b73ccfa12d6846362feb4b85063ca42e950eb577c630300dc52698a38ca19cbbb398404a1e8e27d0be49985e59caef03da096d1ccbeed73bd7c9588325b747ab77f4d7c1c1f18388ce1771882ee680ed737ad197ff92f1052e5e79f6ffa5b85ba3fac5db13e0d0046c9dca0ab4b74b20299ba6bdd758940e088df31e1382cee6901503299028467a864d27affae30fd9aef5a6ff948c052124511a75a46d5a316e28fb6c5bfac787be5833c63c535557235b0e09f9a78a338aa8864613fca77a7e252d1975af2c4a6bcc969d1e20e3cd4dfc1b2fe34b70fd7804dbfde4fa4d950e5fb4eb926dece9e4601b12efe322bb42ac808158fef0a26900000000726654987e7de20d1e41e82c607c33c6bae7bb234744b51dc683d5857afd6ba8246cebc734e393806ef102a6baaf04f3a7c3cb888d5830e1c6ae170c5c920e806b4f518be4416b216cdf9b1658a412d9e4eab6c9b20ce99960f27e77fdf9a2e98b35c63859f9db6bdcbef1001a19e12e41370f9358531987851ab64c250e68a8569ace4418e2118caff7d3d4caf1c87bc50a8ae75770fdae88a8490c041b39d08190d8b7c908caddd66331a508929d53dd6bc2dbc86f97115ff0a364b70f96918e6ed354c97e59ea5e2c7b149cd51d7c85a27ac658e78b99326857858df0ac0ee240cbb6ee9d9ee6c2c2ff7c29dd25fd337dc08bddeb50305ed48b9f5d89c55ffedde29ce0412ea8e2c976f961eb0c4966d2a8be0b657a5e51048a8a10005c488e1f637ce208a35b5aed0c2067465191dc42ebf6e4853cc89998bdf2ef755f38a3cd985b62df36a5ebc3b47df32423ee46857f9db9d756ff69ecd4ef2f307dcaefd4a1f399543952df972269c28200df8ebacad4eed1c00b9ce9841799bea583cafdeaa8d4a371a8ae55d8ffe4846833985975d8b234adff63eace9d2c4d1680c370827ebe1831ef311077607e8c4920506e03528861085dcfdb918f1efe91420c390fbca0a38377e1635c402ec1c34eddae986ffa8756b27f6c340907bae99f4a6b328fca8177b4dfaceea5ad3ceb901dbcefc15ded322bece4e750969e81935764ebe88749464af7e692e3d324c519b456013daae93bd63215540380a7fe08f0e050cdeb25db2a8b9b6f5720ad1e7d2c5b6d609712eccd321d6211fb642a4cdf72504aabd017a9b4827d1e0e0264435a5e1045dbe33834968d2db503972995559b1efe1b9ce475405118346b63f637b1abf8e8374e7100d6b41c9c672d2b244c7a82ffb882522efd9e903fc69db14c469685780005843856c6623591f305d383eae55a1a1d5619dfff0027413f26fa6a793a348ba8b192e1b088745a2175d55517a75d4b63cce41cc0dcaca9002cd37a1ccc6710ba2a099297b0824f976919e8abf3b1510b1305a95241fefbd036afa9d4538affc82f005d29b9f2c0e60d6c20f673b8ca28cb088e1e89efe334f25ffe1a3fb3581e5aa63b9a4a49f269b5538788aacbbc04d49902ae2af1f59d2484ab6ba7a9b477be0d92e221fc48cdbc00bef7125bfe36f9afb1cbd58fef21625ec99ffd2e35fb00767e3f22dba7d36163203cfaf1860a8b1afe0d878ea00fe08f68fd592a6395fb357acbdc2834c8ac85571527dbf1dbaaccede3d583e2b9bf076737716785f44aebc7ba917fb426d5541adff1e75836ab70fb0b43565ab5e24c5902879f31701cc006b4ee2f57be0916cf0b6cd489c4fa9129031a4af75a00048f20eb962f0c6f68cda0d7756a4e83f7d065c4a00b8263d95f6b979507b7ca01735e83a5e5ff0b76f077ef6e4c1150f9202b5311a231b76111d48a387e09075edb2448fb19d2869ae420ada8ee7577fe980ed7e057dc963c0a98db790bb5b7920220f8a55213b6530637b832abdf3c6fefdefb712a2c2c9eba8087ce39335ddabdadb86f493061e593981c6b2d70b4bac3b58885787c46f85c1022f5ff6cec16ba227aa5dac2e0be30522c08369f18d170b9cb454f3ebf86d1e923fdd65245d8e0c476bfedddcb772453f4d0e70d059e79b8811c379c9eff6e45d99f81186930b32b24cdcb906a41fe29c147ed834b37e77800a33c15e65d121ee85a924ef6bbc1c8f4a423fbc5d14645a08178227f4c7f111fa318823a6c075ddf9e131c9bca8d56dec4a68fbab9a0c1a128880d8b4dec59b89ec33c19eb76f09f31ad730cba735b60deba54c399119949e45af4de5c758281945fe6b6a25ac1cd57a81b48f11a6575e79b82e529d4ba1b2a1175cfa03ef6d149b165195fa64736b302e28ee6444368fb395a2d89c8747348b546a07ed0306682971539f0031d88ffa020d0b3d40369e0a3d2238293a75a155eb5c0749f64ed37a9af5be26d5a4322a55a23c33d176280bd0e4c5168f2e66bca925304d0f32074f5e68d7c43f9e2e3f14a6bcf3e77e6b71737131c3e90208072e37c8a6cad1cabd756aa694e85b86256ce13b43541a26438374b6029ee461d223ed34ed1e9a3e580cec7b2b41bc9823b3729e683f079a498636d022799dd94c5e870b6aa7f3d36fb51ffb6c5e317fcde6b5ae45073f8e90ee0fc1fa0641ff6f0b789dcc6df2fe9a3b5e6ed9d2be3403f5af96e7c6019b0a0ce4f8342323638a52c121956de068069fe5c44946b5023e1db7742fec29cb749bcdc09d795b683c553dbae1298540b2cf1bc3e5e52adf252bca47ba2182c80541daf1d11b1c67675171e69c1abe3c0bc3a0f2d1a6e2165ca1647c394970a404a6002621a258cef01e2ca12a138888dace9ad06d2f0c0209f286c11b289626aa557cc201560651054a6042e84c6fc5e345e2f702d61851fed5ffa36ade652f76db815dabb7b8eee016ea0836d0086f2a2f7bd1c4a4ceb1d706817b41347a891c34b45eb06a9ecb19041d5a39f050cb0413662dc4700385fac2e1823e1ce4d08c66692fde0862a057f2aa2425d511735fff53d0e3d88bfb245e7724ba4ba8452e469862d333dad5c63bfa778809c043132db3a57e122d0495441f7a07034a3ac1024b8fc063694d8316c29639cb6605ff362a853f976c763f6d10e4e0972760e60f08acdd8a73607e7311819fe24ad8b670bbf0adede086f91bd0839ce37927f43a263e3e8369932db9ab786ba66e1bba664bfa8aa50d98ed18fc90e560933c2e8da72757a4539756740a73c41180cf97fde47cf3e9e6005302459d831eea7a03157e0c3178776e4d4add3999b9a1efca7c99b8234ff9d33492431dd9bd0814301ee49260e30b8b6afc46ce8a733bc9d7850c789e5e98cdefbfb11131a85bc24e75453a16c6780ab4229b985d1fe7a255f71cfe18398e881d493ded88300b54f6c4a5567fd84a6e1f11835433448a00420ab1b3a49fcc0e9938da52b68f9409c94a0de61f0beb69532c4f7a11fae6a9ffd10db7de01e3272448b517ad795a06f3fef8148b7196cb81a80aed42e395c1ac346dd27f9bce87661e19f95"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7ffd}, @ETHTOOL_A_BITSET_MASK={0x205, 0x5, "263170b5cd05e6fc471e6a6d47c441262cc5a6bea4536de48f876bb3e18f2770592169ec48ed1eb2ab7f45d3d09f256c9df523648002907bd759f9b49046b49bbf690528ee245a9984bfb6b549cbc0cc10c70b8822c02fdbdb97b1eac5040be1d4810de8d03036886825e1707f605ad694187e989b1028fe859e75495455b24efcb7edecd7ec594b754487807288227b9f8d4d50cefb31adfc2cbf174b21cbd848f97bb3938b8634f2d009f49a1b7c21c834007aba0ae45a160b137906d131353ff1c29b4a2e25bd592a32dd283d538bbaafcb2f39cfc886ee844e580c527b6e251428c7f49b0f8aa2787c9a664db867c35b5443e512f6cec18cfb353b47e0e040488f44d5e628feb3cc3f19d8ad4039e092abdc46e7013c6b84260c014c82f25f9a8bae6daf139eb3b415876f78a86746b45763ee3f9f805a92b2e2089630b1ecefc435a089df8e7062595f2278ed8d2f88e761281eef63081cedd34a3b6c9a70f3cf21e12822aa96b868829dcaea9bbc9741d06ca535984fc0795c6d5b1e6bd529d993b8e6f758ba1816d8a8dd8bb723d1e082832c23c122ed608d8f047957ec5158b253c9807649609a19042ac21bed5d6b06604cb4fe91160345fd8afdc2855e82be5165164fb58344d5df35b88b44ed301430604d842124bda146cf109c7d2a00443ea3cc8482c52bd81f20a11a1bce3a74a2ff26d1982717f1ee8d9e6c8c"}]}]}, 0x120c}}, 0x0)
r2 = syz_io_uring_setup(0xece, &(0x7f0000000400)={0x0, 0x100002, 0x10300, 0x2}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x40002)
ioctl$SG_SET_FORCE_PACK_ID(r5, 0x227b, &(0x7f00000001c0)=0x2001)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$FUSE_INIT(r6, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x81, 0x21004040, 0x5, 0xd65b, 0x1, 0x1850c00, 0x0, 0x0, 0x40, 0xa}}, 0x50)
read$FUSE(r6, &(0x7f0000003780)={0x2020}, 0x2020)
syz_io_uring_setup(0x111, &(0x7f00000000c0)={0x0, 0x24ad, 0x10000, 0x1, 0x1de}, &(0x7f00000029c0)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000001f)
syz_io_uring_submit(r7, r8, &(0x7f0000001040)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000280)={0xe0, 0x0, &(0x7f0000001700)=[@acquire={0x40046305, 0x1}, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000300)={@flat=@binder={0x73622a85, 0x180b, 0x3}, @fd={0x66642a85, 0x0, r5}, @fda={0x66646185, 0x2, 0x0, 0x11}}, &(0x7f0000000040)={0x0, 0x18, 0x30}}}, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000380)={@flat=@binder={0x73622a85, 0x14, 0x2}, @ptr={0x70742a85, 0x1, &(0x7f0000000480)=""/4096, 0x1000, 0x2, 0x2a}, @ptr={0x70742a85, 0x0, &(0x7f0000001480)=""/213, 0xd5, 0x0, 0x39}}, &(0x7f0000000140)={0x0, 0x18, 0x40}}, 0x40}, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x58, 0x18, &(0x7f0000001680)={@ptr={0x70742a85, 0x0, &(0x7f0000001580)=""/255, 0xff, 0x2, 0x10}, @fd={0x66642a85, 0x0, r5}, @fd={0x66642a85, 0x0, r6}}, &(0x7f0000000200)={0x0, 0x28, 0x40}}}, @enter_looper], 0x2a, 0x0, &(0x7f0000001800)="dd61d259619c2c8abc2f62515215e3b6de2cba3a5ac6b2de03ecc7e599fa292bcc48cde715e44728d34d"})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
close(r9)
r10 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r10, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)

14.873468289s ago: executing program 1 (id=3202):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f30000000000800014000000001"], 0xd4}}, 0x8818)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

14.774302288s ago: executing program 4 (id=3204):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
fremovexattr(r0, &(0x7f0000000140)=@known='com.apple.FinderInfo\x00')
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x20004, r0, 0x80000})

14.694141942s ago: executing program 4 (id=3205):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000240)={0x2, 0x5, 0x40003})
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0x8, 0x8169, 0x6, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r2, 0xc00464b4, &(0x7f0000000400)={r4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})

14.693855204s ago: executing program 4 (id=3206):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0xa, 0x3, 0xff)
syz_io_uring_setup(0x315b, &(0x7f0000000200)={0x0, 0xcfca, 0x1040, 0x0, 0x1000001, 0x0, 0x0}, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2, 0x2f000000}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

14.603979533s ago: executing program 4 (id=3207):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1a, &(0x7f00000006c0)=0x80, 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000002e00)=[{{&(0x7f0000001580)=@in={0x2, 0x4e20, @private=0xa010101}, 0x80, 0x0}}], 0x1, 0x44800)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r1, &(0x7f0000000080)=""/1, 0x1)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
read$FUSE(r1, &(0x7f0000000340)={0x2020}, 0x2020)

14.603833056s ago: executing program 4 (id=3208):
io_setup(0x10000, &(0x7f0000000800))
r0 = syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = socket(0x22, 0x2, 0x3)
keyctl$clear(0x3, 0xfffffffffffffffd)
getsockopt$inet_mreqn(r1, 0x0, 0x23, 0x0, &(0x7f0000000380))
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x5, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b700000000c300ffc3000000000100009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a740000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
syz_open_dev$rtc(&(0x7f0000000000), 0x3ff, 0x4a0000)
io_setup(0xc, &(0x7f0000000080))

14.064159713s ago: executing program 5 (id=3209):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0xfffffffe)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000019100)='net/udp6\x00')
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
r2 = syz_usb_connect(0x7, 0x9dd, &(0x7f0000000940)=ANY=[@ANYBLOB], &(0x7f0000001780)={0x0, 0x0, 0x19, &(0x7f0000000400)=ANY=[@ANYRES8=r1], 0x9, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x4001}}, {0x51, &(0x7f0000000880)=ANY=[@ANYRES8]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0xc0a}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0xf8ff}}, {0x4f, &(0x7f0000000600)=@string={0x4f, 0x3, "86ddf6fcc2029f9cbf6de18d28ede96a56ae3dfb15ecc05897e4627507175cdddee1b50c0ae2791dec8778c1bbfc11e9e1a5616ef24371004b7de15aad1f681afc5186ff1fe8415c0fc2138422"}}, {0x2, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00\x00']}, {0x11, &(0x7f0000000140)=ANY=[]}, {0x4, &(0x7f0000001500)=@lang_id={0x4, 0x3, 0x44a}}, {0xc8, &(0x7f0000001680)=ANY=[@ANYBLOB="c8034fd180c2e2596dc5b7f6a04871216ded9810b28b86ec97275bf708861965327c201555c5647aa277cec3e4e2ab0ff36f5a5183af1003380e8a86393d21ae6a20c4257ffd2f7628b0db2756bf21f78594a63042862d659eb9bfdcd82dac4eddaaeb478b31ca952e47cff96ebbe3dc2b6d29c4dc411e41b57d05a504e32a71b366a0d26ee763ea27"]}]})
syz_usb_control_io$hid(r2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
removexattr(0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = open(0x0, 0x145142, 0x0)
sendfile(r5, r5, 0x0, 0x800000009)
kcmp(0x0, 0x0, 0x7, 0xffffffffffffffff, 0xffffffffffffffff)
fcntl$setsig(r5, 0xa, 0x9)
unshare(0x2a040500)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0x12a, 0xfffffffffffffffe}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'macsec0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d00000000000030001280080001006873720024000280080002", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r7], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)

13.943220384s ago: executing program 1 (id=3210):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
unshare(0x22020400)
socket(0x1d, 0x2, 0x6)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="91cfdfefdb", 0x1a000}], 0x1}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x1, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xb, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x1, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdfdffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x80, 0xb, 0x5, 0x20006, 0x5, 0x2, 0xb, 0x2, 0xd9a, 0xd93, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0x2]}})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

13.942982318s ago: executing program 1 (id=3211):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x80, &(0x7f0000002140)=ANY=[])
read$FUSE(r1, 0x0, 0x0)
write$FUSE_INIT(r1, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r2, &(0x7f0000000900)="a4", 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x0, 0x0, 0x83, 0xec}}]}}]}}, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
shutdown(r2, 0x1)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, &(0x7f0000000100)={@multicast2, @broadcast, @remote}, 0x0)

13.02450158s ago: executing program 4 (id=3212):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
close_range(r1, r0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000480)={0x7, 0x0, [{0x7, 0xffffffff, 0x1, 0xffffff89, 0x6, 0x6, 0x2}, {0x1, 0x4, 0x6, 0x7fff, 0x27, 0x407, 0x5}, {0xb, 0x8, 0x4, 0x3ff, 0x7ffffdff, 0x8005, 0xffff}, {0x80000019, 0xe5f, 0x1, 0x7, 0xdf1, 0x6, 0x80000001}, {0x80000000, 0x2bb, 0x53e1aa322b2f7bca, 0xd, 0x81a3, 0x7ff, 0x400}, {0x80000000, 0x100, 0x4, 0x6, 0x3, 0x2, 0x3}, {0x0, 0x2, 0x3, 0xfffffff7, 0xfffffff5, 0xff, 0x6}]})

0s ago: executing program 34 (id=3198):
socket$packet(0x11, 0x3, 0x300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
open$dir(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x121480, 0x3)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
ioctl$UI_SET_KEYBIT(0xffffffffffffffff, 0x40045565, 0x400000223)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000030000000b0000000000000901800000090000000000000700000000090000000000000bf3a860b623be800565c5a808d755c2b3fd530d6643f11ffc135398b1ae2402abf1fae5843b"], 0x0, 0x3f, 0x0, 0x0, 0x3, 0x10000, @value=r3}, 0x28)
write$cgroup_int(r3, &(0x7f0000000000)=0x2b00, 0x12)
socket$kcm(0x10, 0x7, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x1d, &(0x7f0000000180)=0xffffffff, 0x4)
sendmmsg$inet(r4, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x4000000000000b7, 0x4000800)
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, &(0x7f0000000180)="0000000000000002ff69000000000001000000c000000006000200861fa72e5b01504104bfeacdd5a9007d167c71e3b8a93aa64d957a684161c833020a6da888c7a56843a85f3a078c97d542ed1fbf069ca713670adf7d9fb6d2600fd9c1981fe9f095cfe9d2fe1e1e34f6096bf02543747b2c792890f07c0da0fa25e6101062e6c9176a70e41698814a213711764f88495994cfd8a57c1e13f6b5298e7ab3a2bfb58dde34d58536633c27882e51ced17d67999b0009446100"/212, 0xd4, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x15, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x200000c, 0x4, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x8a140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r5, 0xc0403d08, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r6, 0x4, 0x2)

kernel console output (not intermixed with test programs):

tover after parsing attributes in process `syz.4.2353'.
[  256.382096][T14284] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2355'.
[  256.412977][T14280] xt_cluster: node mask cannot exceed total number of nodes
[  256.420197][T14290] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  256.423189][T14290] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  256.429575][T14290] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  256.432910][T14290] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  256.691547][T14302] xt_bpf: check failed: parse error
[  256.865001][T14311] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14311 comm=syz.4.2364
[  257.043338][T14315] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  257.124550][T14316] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3939355626 (252118760064 ns) > initial count (110701753280 ns). Using initial count to start timer.
[  257.512102][ T6132] usb 10-1: USB disconnect, device number 23
[  257.562862][T14334] syzkaller1: entered promiscuous mode
[  257.565412][T14334] syzkaller1: entered allmulticast mode
[  257.565932][T14333] serio: Serial port ptm1
[  257.723615][T14343] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=260 sclass=netlink_route_socket pid=14343 comm=syz.5.2376
[  257.962906][T14356] x_tables: duplicate underflow at hook 2
[  257.990473][T14358] netlink: 'syz.2.2381': attribute type 11 has an invalid length.
[  258.015347][T14352] delete_channel: no stack
[  258.050442][   T40] audit: type=1400 audit(1770292818.319:1156): avc:  denied  { watch watch_reads } for  pid=14363 comm="syz.5.2383" path="/279/file0" dev="autofs" ino=59198 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  258.126122][T14372] netlink: 'syz.5.2386': attribute type 10 has an invalid length.
[  258.132278][T14372] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  258.283953][  T831] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  258.433894][  T831] usb 7-1: Using ep0 maxpacket: 8
[  258.437921][  T831] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  258.440644][  T831] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  258.444314][  T831] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  258.447605][  T831] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  258.450770][  T831] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  258.455197][  T831] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  258.458424][  T831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.561908][T14380] __nla_validate_parse: 2 callbacks suppressed
[  258.561921][T14380] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2388'.
[  258.629968][T14385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2389'.
[  258.634000][T14385] netlink: 'syz.1.2389': attribute type 21 has an invalid length.
[  258.664006][  T831] usb 7-1: GET_CAPABILITIES returned 0
[  258.666293][  T831] usbtmc 7-1:16.0: can't read capabilities
[  258.678606][   T40] audit: type=1400 audit(1770292818.949:1157): avc:  denied  { write } for  pid=14386 comm="syz.1.2390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  258.789324][T14396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2393'.
[  258.792425][T14396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2393'.
[  258.807323][T14398] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2394'.
[  258.883970][ T6714] usb 7-1: USB disconnect, device number 24
[  258.884801][T14404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  258.893159][T14404] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  258.960906][T14410] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2398'.
[  259.020298][T14417] openvswitch: netlink: Flow actions attr not present in new flow.
[  259.023201][T14417] openvswitch: netlink: Flow actions attr not present in new flow.
[  259.087557][T14425] netlink: 864 bytes leftover after parsing attributes in process `syz.4.2404'.
[  259.100134][T14425] kvm: user requested TSC rate below hardware speed
[  259.151661][T14428] netlink: 'syz.1.2405': attribute type 3 has an invalid length.
[  259.155401][T14428] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2405'.
[  259.170736][T14428] XFS (nbd1): SB validate failed with error -5.
[  259.223078][T14445] xt_recent: Unsupported userspace flags (000000b2)
[  259.465367][T14462] geneve2: entered promiscuous mode
[  259.504597][T14468] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2417'.
[  259.524161][T14468] netlink: 'syz.2.2417': attribute type 1 has an invalid length.
[  259.537034][T14472] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2416'.
[  259.538745][T14468] 8021q: adding VLAN 0 to HW filter on device bond2
[  259.566550][T14474] xt_hashlimit: size too large, truncated to 1048576
[  259.617471][T14482] netlink: 'syz.1.2418': attribute type 5 has an invalid length.
[  259.633861][  T841] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  259.871426][T14493] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14493 comm=syz.4.2424
[  259.911077][   T40] audit: type=1400 audit(1770292820.179:1158): avc:  denied  { shutdown } for  pid=14495 comm="syz.4.2425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  260.069232][   T40] audit: type=1400 audit(1770292820.339:1159): avc:  denied  { append } for  pid=14509 comm="syz.4.2429" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  260.078744][   T40] audit: type=1400 audit(1770292820.339:1160): avc:  denied  { map } for  pid=14509 comm="syz.4.2429" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  260.086475][   T40] audit: type=1400 audit(1770292820.339:1161): avc:  denied  { write execute } for  pid=14509 comm="syz.4.2429" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  260.094446][   T40] audit: type=1400 audit(1770292820.349:1162): avc:  denied  { mount } for  pid=14507 comm="syz.1.2428" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  260.251795][   T40] audit: type=1400 audit(1770292820.519:1163): avc:  denied  { read } for  pid=14515 comm="syz.1.2431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  260.302544][T14520] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  260.309881][T14522] bridge7: entered promiscuous mode
[  260.346149][T14525] netlink: 'syz.1.2435': attribute type 1 has an invalid length.
[  260.377275][T14528] netlink: 'syz.5.2434': attribute type 39 has an invalid length.
[  260.381310][   T40] audit: type=1400 audit(1770292820.649:1164): avc:  denied  { write } for  pid=14527 comm="syz.5.2434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  260.400389][T14532] /dev/sg0: Can't lookup blockdev
[  260.403352][T14533] /dev/sg0: Can't lookup blockdev
[  260.521275][T14539] netlink: 'syz.2.2439': attribute type 1 has an invalid length.
[  260.524406][T14539] netlink: 'syz.2.2439': attribute type 2 has an invalid length.
[  260.526759][T14544] netlink: 'syz.1.2440': attribute type 18 has an invalid length.
[  260.668518][T14560] netlink: 'syz.2.2446': attribute type 39 has an invalid length.
[  260.685398][ T1420] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  260.691933][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  260.694866][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  260.708226][T14561] netlink: 'syz.1.2444': attribute type 1 has an invalid length.
[  260.725219][T14565] netlink: 'syz.2.2447': attribute type 1 has an invalid length.
[  260.757112][T14565] 8021q: adding VLAN 0 to HW filter on device bond3
[  260.782297][T14565] netlink: 'syz.2.2447': attribute type 10 has an invalid length.
[  260.792095][T14561] 8021q: adding VLAN 0 to HW filter on device bond11
[  260.805486][T14561] bond10: (slave bond11): making interface the new active one
[  260.809142][T14561] bond10: (slave bond11): Enslaving as an active interface with an up link
[  260.815563][T14565] dummy0: entered promiscuous mode
[  260.820170][T14570] bond10: entered promiscuous mode
[  260.840958][T14570] bond11: entered promiscuous mode
[  260.876880][T14570] bond10: entered allmulticast mode
[  260.887286][T14570] bond11: entered allmulticast mode
[  260.895729][T14570] 8021q: adding VLAN 0 to HW filter on device bond10
[  260.925782][T14574] NILFS (nullb0): couldn't find nilfs on the device
[  261.008410][T14576] 8021q: adding VLAN 0 to HW filter on device bond4
[  261.388037][T14584] random: crng reseeded on system resumption
[  261.396033][T14584] Unrecognized hibernate image header format!
[  261.398195][T14584] PM: hibernation: Image mismatch: architecture specific data
[  261.400795][T14584] fuse: Bad value for 'rootmode'
[  261.706376][T14614] loop4: detected capacity change from 0 to 7
[  261.709933][T11766] buffer_io_error: 28 callbacks suppressed
[  261.709943][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.723929][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.727375][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.730541][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.743920][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.746479][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.748925][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.751256][   T40] audit: type=1400 audit(1770292822.019:1165): avc:  denied  { setattr } for  pid=14615 comm="syz.1.2456" name="XDP" dev="sockfs" ino=62539 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  261.752292][T11766] ldm_validate_partition_table(): Disk read failed.
[  261.764626][   T40] audit: type=1400 audit(1770292822.029:1166): avc:  denied  { accept } for  pid=14615 comm="syz.1.2456" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  261.771543][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.776130][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.779440][T11766] Buffer I/O error on dev loop4, logical block 0, async page read
[  261.782674][T11766] Dev loop4: unable to read RDB block 0
[  261.785705][T14619] tipc: Failed to remove unknown binding: 66,0,0/0:2776912696/2776912697
[  261.795688][T11766]  loop4: unable to read partition table
[  261.803823][T11766] loop4: partition table beyond EOD, truncated
[  261.807408][T14614] ldm_validate_partition_table(): Disk read failed.
[  261.809627][T14614] Dev loop4: unable to read RDB block 0
[  261.811376][T14614]  loop4: unable to read partition table
[  261.823236][T14614] loop4: partition table beyond EOD, truncated
[  261.825948][T14614] loop_reread_partitions: partition scan of loop4 (úùƒå¡™‰ü�¾SêjºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[  261.867420][ T5338] ldm_validate_partition_table(): Disk read failed.
[  261.870305][ T5338] Dev loop4: unable to read RDB block 0
[  261.872678][ T5338]  loop4: unable to read partition table
[  261.877225][ T5338] loop4: partition table beyond EOD, truncated
[  261.976257][ T5338] ldm_validate_partition_table(): Disk read failed.
[  261.978391][ T5338] Dev loop4: unable to read RDB block 0
[  261.980362][ T5338]  loop4: unable to read partition table
[  261.982348][ T5338] loop4: partition table beyond EOD, truncated
[  262.141736][T14635] /dev/sr0: Can't open blockdev
[  262.180704][ T5338] ldm_validate_partition_table(): Disk read failed.
[  262.186639][ T5338] Dev loop4: unable to read RDB block 0
[  262.189303][ T5338]  loop4: unable to read partition table
[  262.191863][ T5338] loop4: partition table beyond EOD, truncated
[  262.198766][T14645] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  262.202037][T14645] UDF-fs: Scanning with blocksize 2048 failed
[  262.205981][T14645] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  262.209035][T14645] UDF-fs: Scanning with blocksize 4096 failed
[  262.271905][T14652] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  262.275008][T14652] [U] J"—e:ÀÆ"


[  262.323438][ T5338] ldm_validate_partition_table(): Disk read failed.
[  262.326296][ T5338] Dev loop4: unable to read RDB block 0
[  262.328636][ T5338]  loop4: unable to read partition table
[  262.331061][ T5338] loop4: partition table beyond EOD, truncated
[  262.411394][ T5338] ldm_validate_partition_table(): Disk read failed.
[  262.414211][ T5338] Dev loop4: unable to read RDB block 0
[  262.416690][ T5338]  loop4: unable to read partition table
[  262.419176][ T5338] loop4: partition table beyond EOD, truncated
[  262.550051][   T40] audit: type=1400 audit(1770292822.819:1167): avc:  denied  { accept } for  pid=14660 comm="syz.5.2475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  262.561930][T14662] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  262.583776][ T6714] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  262.691267][  T831] libceph: connect (1)[c::]:6789 error -22
[  262.694810][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  262.963815][  T831] libceph: connect (1)[c::]:6789 error -22
[  262.965879][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  263.127609][T14698] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14698 comm=syz.5.2485
[  263.313764][  T841] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  263.354827][T14702] overlay: ./file0 is not a directory
[  263.467374][T14667] ceph: No mds server is up or the cluster is laggy
[  263.474582][  T831] libceph: connect (1)[c::]:6789 error -22
[  263.477291][  T831] libceph: mon0 (1)[c::]:6789 connect error
[  263.779340][T14742] netlink: 'syz.4.2499': attribute type 4 has an invalid length.
[  264.195934][T14756] bond4: Removing last ns target with arp_interval on
[  264.200597][T14758] __nla_validate_parse: 13 callbacks suppressed
[  264.200609][T14758] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2506'.
[  264.222481][T14758] bond13: entered promiscuous mode
[  264.225960][T14758] bond13: entered allmulticast mode
[  264.228759][T14758] 8021q: adding VLAN 0 to HW filter on device bond13
[  264.262090][T14758] erspan1: entered allmulticast mode
[  264.271893][T14758] erspan1: entered promiscuous mode
[  264.278967][T14758] bond13: (slave erspan1): Enslaving as an active interface with an up link
[  264.375131][T14772] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2510'.
[  264.688098][T14790] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2516'.
[  264.691679][T14792] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2515'.
[  264.836184][T14790] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2774
[  265.119233][T14803] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  265.122204][T14803] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  265.127454][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  265.127463][   T40] audit: type=1400 audit(1770292825.399:1171): avc:  denied  { firmware_load } for  pid=14800 comm="syz.1.2519" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  265.135894][T14803] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  265.483913][ T5998] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  265.535310][T14813] affs: No valid root block on device nullb0
[  265.623941][T14820] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14820 comm=syz.5.2525
[  265.633907][ T5998] usb 6-1: Using ep0 maxpacket: 16
[  265.647811][ T5998] usb 6-1: config 0 has an invalid interface number: 132 but max is 0
[  265.650852][ T5998] usb 6-1: config 0 has no interface number 0
[  265.655085][ T5998] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  265.658430][ T5998] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.661091][ T5998] usb 6-1: Product: syz
[  265.662683][ T5998] usb 6-1: Manufacturer: syz
[  265.673902][ T5998] usb 6-1: SerialNumber: syz
[  265.676831][ T5998] usb 6-1: config 0 descriptor??
[  265.679644][ T5998] hub 6-1:0.132: bad descriptor, ignoring hub
[  265.681583][ T5998] hub 6-1:0.132: probe with driver hub failed with error -5
[  265.694558][ T5998] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.132/input/input22
[  266.093896][ T6714] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[  266.244568][ T6714] usb 10-1: too many configurations: 9, using maximum allowed: 8
[  266.247995][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.250824][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.254387][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.257633][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.260474][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.263990][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.267099][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.270128][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.273931][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.277001][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.279834][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.283247][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.286378][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.289211][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.292733][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.296211][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.299086][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.302483][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.305809][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.308931][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.312335][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.315465][ T6714] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[  266.318418][ T6714] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  266.321821][ T6714] usb 10-1: config 0 interface 0 has no altsetting 0
[  266.325779][ T6714] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  266.328716][ T6714] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  266.331323][ T6714] usb 10-1: Product: syz
[  266.332738][ T6714] usb 10-1: Manufacturer: syz
[  266.334715][ T6714] usb 10-1: SerialNumber: syz
[  266.337858][ T6714] usb 10-1: config 0 descriptor??
[  266.345614][ T6714] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0
[  266.675069][T14833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.677956][T14833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.200662][T14840] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  267.204518][T14840] SELinux: failed to load policy
[  267.243816][   T40] audit: type=1400 audit(1770292827.519:1172): avc:  denied  { shutdown } for  pid=14841 comm="syz.1.2532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  268.007626][T14875] 8021q: adding VLAN 0 to HW filter on device bond5
[  268.256839][T14882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2544'.
[  268.259875][T14882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2544'.
[  268.262706][T14882] validate_nla: 1 callbacks suppressed
[  268.262714][T14882] netlink: 'syz.1.2544': attribute type 11 has an invalid length.
[  268.268082][T14882] netlink: 'syz.1.2544': attribute type 7 has an invalid length.
[  268.274656][T14883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2544'.
[  268.277508][T14883] openvswitch: netlink: nsh attr 8456 is out of range max 3
[  268.279969][T14882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2544'.
[  268.282724][T14882] openvswitch: netlink: nsh attr 8456 is out of range max 3
[  268.283590][ T6714] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  268.288354][   T40] audit: type=1400 audit(1770292828.559:1173): avc:  denied  { write } for  pid=14881 comm="syz.1.2544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  268.435049][ T6714] usb 9-1: Using ep0 maxpacket: 32
[  268.439030][ T6714] usb 9-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  268.443236][ T6714] usb 9-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  268.448782][ T6714] usb 9-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  268.453133][ T6714] usb 9-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  268.459704][ T6714] usb 9-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  268.462621][ T6714] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.465694][ T6714] usb 9-1: Product: syz
[  268.467095][ T6714] usb 9-1: Manufacturer: syz
[  268.468709][ T6714] usb 9-1: SerialNumber: syz
[  268.477909][    C0] imon 9-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  268.486798][ T6714] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:155.0/input/input23
[  268.673777][    C0] usb 10-1: yurex_control_callback - control failed: -2
[  268.694462][ T6714] imon 9-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  268.697266][ T6714]  (id 0x00)
[  268.763598][ T6714] rc_core: IR keymap rc-imon-pad not found
[  268.765705][ T6714] Registered IR keymap rc-empty
[  268.767339][ T6714] imon 9-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  268.770661][ T6714] imon 9-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  268.838710][T14908] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  268.842159][T14909] iommufd_mock iommufd_mock1: Adding to iommu group 10
[  268.849527][T14908] loop6: detected capacity change from 0 to 2640
[  268.852625][T14908] buffer_io_error: 158 callbacks suppressed
[  268.852636][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.859626][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.862891][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.869012][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.872304][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.876538][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.879854][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.883106][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.886733][T14908] ldm_validate_partition_table(): Disk read failed.
[  268.889506][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.892764][T14908] Buffer I/O error on dev loop6, logical block 0, async page read
[  268.895713][T14908] Dev loop6: unable to read RDB block 0
[  268.898178][T14908]  loop6: unable to read partition table
[  268.900711][T14908] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  268.908385][ T6714] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:155.0/rc/rc0
[  268.930514][ T6714] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:155.0/rc/rc0/input24
[  268.936951][ T6714] imon 9-1:155.0: iMON device (15c2:ffdc, intf0) on usb<9:16> initialized
[  268.949538][ T5338] ldm_validate_partition_table(): Disk read failed.
[  268.951725][ T5338] Dev loop6: unable to read RDB block 0
[  268.954160][ T5338]  loop6: unable to read partition table
[  269.013898][T14911] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2551'.
[  269.074433][T14913] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2552'.
[  269.086025][ T6714] usb 9-1: USB disconnect, device number 16
[  269.159877][   T40] audit: type=1400 audit(1770292829.429:1174): avc:  denied  { listen } for  pid=14915 comm="syz.1.2553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  269.278225][  T841] usb 6-1: USB disconnect, device number 21
[  269.354927][T14926] netlink: 'syz.1.2555': attribute type 1 has an invalid length.
[  269.360448][   T40] audit: type=1400 audit(1770292829.629:1175): avc:  denied  { write } for  pid=14924 comm="syz.1.2555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  269.551499][T14931] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2557'.
[  269.652573][T14875] syz.2.2541 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  269.657105][T14875] CPU: 1 UID: 0 PID: 14875 Comm: syz.2.2541 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  269.657132][T14875] Tainted: [L]=SOFTLOCKUP
[  269.657138][T14875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  269.657150][T14875] Call Trace:
[  269.657158][T14875]  <TASK>
[  269.657165][T14875]  dump_stack_lvl+0x100/0x190
[  269.657213][T14875]  dump_header+0xfb/0x606
[  269.657228][T14875]  oom_kill_process.cold+0xd/0x321
[  269.657249][T14875]  out_of_memory+0x340/0x14f0
[  269.657274][T14875]  ? __pfx_out_of_memory+0x10/0x10
[  269.657301][T14875]  mem_cgroup_out_of_memory+0xc6/0x130
[  269.657319][T14875]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  269.657337][T14875]  ? find_held_lock+0x2b/0x80
[  269.657365][T14875]  ? do_raw_spin_unlock+0x145/0x1e0
[  269.657389][T14875]  ? _raw_spin_unlock+0x28/0x50
[  269.657418][T14875]  try_charge_memcg+0x652/0xc90
[  269.657449][T14875]  ? __pfx_try_charge_memcg+0x10/0x10
[  269.657472][T14875]  ? find_held_lock+0x2b/0x80
[  269.657496][T14875]  ? rcu_read_unlock+0x17/0x60
[  269.657522][T14875]  ? rcu_read_unlock+0x17/0x60
[  269.657549][T14875]  charge_memcg+0xa6/0x280
[  269.657572][T14875]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  269.657602][T14875]  __read_swap_cache_async+0x449/0x610
[  269.657626][T14875]  ? __pfx___read_swap_cache_async+0x10/0x10
[  269.657645][T14875]  ? __lock_acquire+0x4a5/0x2630
[  269.657667][T14875]  ? plist_check_list+0x1b8/0x280
[  269.657696][T14875]  swap_cluster_readahead+0x541/0x770
[  269.657736][T14875]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  269.657759][T14875]  ? __lock_acquire+0x4a5/0x2630
[  269.657777][T14875]  ? _raw_spin_unlock+0x28/0x50
[  269.657794][T14875]  ? move_cluster+0x1f7/0x570
[  269.657821][T14875]  ? get_vma_policy+0x23f/0x3b0
[  269.657849][T14875]  swapin_readahead+0x14b/0x12e0
[  269.657877][T14875]  ? __pfx_swapin_readahead+0x10/0x10
[  269.657895][T14875]  ? find_held_lock+0x2b/0x80
[  269.657918][T14875]  ? swap_cache_get_folio+0x272/0x920
[  269.657940][T14875]  ? swap_cache_get_folio+0x272/0x920
[  269.657956][T14875]  ? swap_cache_get_folio+0x1f/0x920
[  269.657973][T14875]  ? swap_cache_get_folio+0x2a2/0x920
[  269.657993][T14875]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  269.658010][T14875]  ? __pfx_get_swap_device+0x10/0x10
[  269.658032][T14875]  ? do_swap_page+0x9ba/0x6810
[  269.658047][T14875]  do_swap_page+0x9ba/0x6810
[  269.658070][T14875]  ? __lock_acquire+0x4a5/0x2630
[  269.658094][T14875]  ? __pfx_do_swap_page+0x10/0x10
[  269.658116][T14875]  ? __pfx_default_wake_function+0x10/0x10
[  269.658147][T14875]  ? rcu_is_watching+0x12/0xc0
[  269.658171][T14875]  ? ___pte_offset_map+0x179/0x310
[  269.658194][T14875]  __handle_mm_fault+0x18b9/0x2b50
[  269.658219][T14875]  ? reacquire_held_locks+0xce/0x1e0
[  269.658239][T14875]  ? __pfx___handle_mm_fault+0x10/0x10
[  269.658262][T14875]  ? lock_vma_under_rcu+0x17c/0x5a0
[  269.658297][T14875]  handle_mm_fault+0x36d/0xa20
[  269.658320][T14875]  do_user_addr_fault+0x5a3/0x12f0
[  269.658352][T14875]  exc_page_fault+0x6f/0xd0
[  269.658370][T14875]  asm_exc_page_fault+0x26/0x30
[  269.658388][T14875] RIP: 0033:0x7fd95bc4ff5e
[  269.658400][T14875] Code: f6 31 c0 e8 84 9e 14 00 48 81 c4 90 00 00 00 48 98 5b c3 66 0f 1f 84 00 00 00 00 00 41 54 55 53 48 89 fb 48 81 ec d0 00 00 00 <48> 89 74 24 28 48 89 54 24 30 48 89 4c 24 38 4c 89 44 24 40 4c 89
[  269.658413][T14875] RSP: 002b:00007fd95cc03f60 EFLAGS: 00010206
[  269.658433][T14875] RAX: 0000000000000000 RBX: 00007fd95be08cfa RCX: 00007fd95be2a668
[  269.658445][T14875] RDX: 000000000000b138 RSI: 0000000000000000 RDI: 00007fd95be08cfa
[  269.658456][T14875] RBP: 00007fd95be2a668 R08: ffffffffffffffff R09: 0000000000000000
[  269.658467][T14875] R10: 00007fd95cc05000 R11: 000000000000cbf2 R12: 0000000000000000
[  269.658476][T14875] R13: 00007fd95c016038 R14: 00007fd95c015fa0 R15: 00007fff0ff158a8
[  269.658506][T14875]  </TASK>
[  269.658554][T14875] memory: usage 307200kB, limit 307200kB, failcnt 15856
[  269.705594][T14938] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2560'.
[  269.705640][T14939] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2560'.
[  269.711342][ T5998] usb 10-1: USB disconnect, device number 24
[  269.713877][T14875] memory+swap: usage 364848kB, limit 9007199254740988kB, failcnt 0
[  269.722335][ T5998] yurex 10-1:0.0: USB YUREX #0 now disconnected
[  269.724329][T14875] kmem: usage 2848kB, limit 9007199254740988kB, failcnt 0
[  269.724344][T14875] Memory cgroup stats for /syz2:
[  269.724616][T14875] cache 311476224
[  269.724626][T14875] rss 180224
[  269.724631][T14875] rss_huge 0
[  269.724639][T14875] shmem 311476224
[  269.724647][T14875] mapped_file 0
[  269.724655][T14875] dirty 0
[  269.724662][T14875] writeback 0
[  269.724669][T14875] workingset_refault_anon 15
[  269.724675][T14875] workingset_refault_file 0
[  269.724680][T14875] swap 59031552
[  269.724685][T14875] swapcached 0
[  269.724691][T14875] pgpgin 386144
[  269.724696][T14875] pgpgout 311078
[  269.724701][T14875] pgfault 140668
[  269.724709][T14875] pgmajfault 93
[  269.724716][T14875] inactive_anon 905216
[  269.724721][T14875] active_anon 310751232
[  269.724730][T14875] inactive_file 0
[  269.724737][T14875] active_file 0
[  269.724744][T14875] unevictable 0
[  269.724753][T14875] hierarchical_memory_limit 314572800
[  269.724760][T14875] hierarchical_memsw_limit 9223372036854771712
[  269.724769][T14875] total_cache 311476224
[  269.724777][T14875] total_rss 180224
[  269.724785][T14875] total_rss_huge 0
[  269.724792][T14875] total_shmem 311476224
[  269.724799][T14875] total_mapped_file 0
[  269.724804][T14875] total_dirty 0
[  269.724812][T14875] total_writeback 0
[  269.724819][T14875] total_workingset_refault_anon 15
[  269.724829][T14875] total_workingset_refault_file 0
[  269.724836][T14875] total_swap 59031552
[  269.724844][T14875] total_swapcached 0
[  269.724851][T14875] total_pgpgin 386144
[  269.724858][T14875] total_pgpgout 311078
[  269.724867][T14875] total_pgfault 140668
[  269.724874][T14875] total_pgmajfault 93
[  269.724883][T14875] total_inactive_anon 905216
[  269.724891][T14875] total_active_anon 310751232
[  269.724897][T14875] total_inactive_file 0
[  269.724902][T14875] total_active_file 0
[  269.724910][T14875] total_unevictable 0
[  269.724919][T14875] anon_cost 0
[  269.724926][T14875] file_cost 0
[  269.724934][T14875] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2541,pid=14874,uid=0
[  269.727332][T14875] Memory cgroup out of memory: Killed process 14874 (syz.2.2541) total-vm:102316kB, anon-rss:1212kB, file-rss:23588kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  270.193651][ T5998] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  270.319382][ T5972] hid-generic 0004:0006:0002.000B: item fetching failed at offset 0/2
[  270.322301][ T5972] hid-generic 0004:0006:0002.000B: probe with driver hid-generic failed with error -22
[  270.333942][ T5998] usb 10-1: device descriptor read/64, error -71
[  270.334141][   T40] audit: type=1400 audit(1770292830.599:1176): avc:  denied  { getopt } for  pid=14951 comm="syz.1.2564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  270.385774][T14955] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=5138 sclass=netlink_tcpdiag_socket pid=14955 comm=syz.1.2565
[  270.593966][ T5998] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[  270.753710][ T5998] usb 10-1: device descriptor read/64, error -71
[  270.859033][ T5933] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  270.866392][ T5933] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  270.870489][ T5933] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  270.874393][ T5998] usb usb10-port1: attempt power cycle
[  270.897595][ T5933] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  270.901416][ T5933] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  271.037415][T14974] input: syz0 as /devices/virtual/input/input25
[  271.066686][T14974] befs: (nbd2): unable to read superblock
[  271.088380][T14977] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  271.100652][T14977] cramfs: wrong magic
[  271.142726][T14981] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2574'.
[  271.145682][T14981] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2574'.
[  271.147864][T14971] chnl_net:caif_netlink_parms(): no params data found
[  271.148500][T14981] netlink: 'syz.2.2574': attribute type 3 has an invalid length.
[  271.154836][T14981] netlink: 'syz.2.2574': attribute type 2 has an invalid length.
[  271.157401][T14981] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2574'.
[  271.201535][   T40] audit: type=1400 audit(1770292831.469:1177): avc:  denied  { mounton } for  pid=14984 comm="syz.2.2575" path="/136/file1/file0" dev="autofs" ino=62941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  271.208872][T14986] overlay: filesystem on ./file0 not supported
[  271.224520][ T5998] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  271.249078][T14971] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.252289][T14971] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.254184][ T5998] usb 10-1: device descriptor read/8, error -71
[  271.255563][T14971] bridge_slave_0: entered allmulticast mode
[  271.261184][T14971] bridge_slave_0: entered promiscuous mode
[  271.266849][T14971] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.269948][T14971] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.273072][T14971] bridge_slave_1: entered allmulticast mode
[  271.276960][T14971] bridge_slave_1: entered promiscuous mode
[  271.303106][T14971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.309713][T14971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.338165][T14971] team0: Port device team_slave_0 added
[  271.342857][T14971] team0: Port device team_slave_1 added
[  271.365984][T14971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.368922][T14971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.379773][T14971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.386332][T14971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.389274][T14971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.400046][T14971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.439812][T14971] hsr_slave_0: entered promiscuous mode
[  271.442980][T14971] hsr_slave_1: entered promiscuous mode
[  271.446783][T14971] debugfs: 'hsr0' already exists in 'hsr'
[  271.449250][T14971] Cannot create hsr debugfs directory
[  271.493683][ T5998] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  271.514259][ T5998] usb 10-1: device descriptor read/8, error -71
[  271.580504][T14971] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  271.584929][T14971] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.623842][ T5998] usb usb10-port1: unable to enumerate USB device
[  271.689889][T14971] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  271.693231][T14971] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.792460][T14971] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  271.796674][T14971] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.857823][T14971] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  271.861308][T14971] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.983905][T14971] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  271.991079][T14971] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  272.005706][T14971] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  272.011868][T14971] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  272.031693][T14971] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.034037][T14971] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.036398][T14971] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.038619][T14971] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.073376][T14971] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.087304][ T6806] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.091706][ T6806] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.104962][T14971] 8021q: adding VLAN 0 to HW filter on device team0
[  272.113437][ T6827] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.116557][ T6827] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.128172][ T6827] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.131178][ T6827] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.237608][   T40] audit: type=1400 audit(1770292832.509:1178): avc:  denied  { relabelfrom } for  pid=14998 comm="syz.2.2576" name="" dev="pipefs" ino=64503 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  272.237751][T14999] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  272.251246][   T40] audit: type=1400 audit(1770292832.519:1179): avc:  denied  { relabelto } for  pid=14998 comm="syz.2.2576" name="" dev="pipefs" ino=64503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:dhcp_state_t:s0"
[  272.282806][T14971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.312530][T14971] veth0_vlan: entered promiscuous mode
[  272.315027][T15012] befs: (nullb0): No write support. Marking filesystem read-only
[  272.318662][T14971] veth1_vlan: entered promiscuous mode
[  272.327934][T15012] befs: (nullb0): invalid magic header
[  272.342326][T14971] veth0_macvtap: entered promiscuous mode
[  272.347877][T14971] veth1_macvtap: entered promiscuous mode
[  272.356997][T14971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.364567][T14971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.394789][T15016] 8021q: adding VLAN 0 to HW filter on device bond6
[  272.403469][ T6836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.407507][ T6836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.418446][ T6836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.421812][ T6836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.487358][ T6831] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.489852][ T6831] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.519565][ T6827] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  272.522706][ T6827] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.863649][T15024] input: syz0 as /devices/virtual/input/input26
[  272.882871][T15024] befs: (nbd5): unable to read superblock
[  272.939310][T15026] bridge: RTM_NEWNEIGH with unconfigured vlan 6 on bridge0
[  272.941890][T15027] bridge: RTM_NEWNEIGH with unconfigured vlan 6 on bridge0
[  272.993820][ T5933] Bluetooth: hci3: command tx timeout
[  272.998562][T15029] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  273.005730][T15029] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  273.014453][T15029] overlayfs: failed to create directory ./bus/work (errno: 17); mounting read-only
[  273.018738][T15029] overlayfs: conflicting lowerdir path
[  273.434286][T15049] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2588'.
[  273.439521][T15050] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2588'.
[  273.439654][T15049] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2588'.
[  273.498726][T15057] input: syz0 as /devices/virtual/input/input27
[  273.574656][T15063] blktrace: Concurrent blktraces are not allowed on nullb0
[  273.621848][   T40] audit: type=1800 audit(1770292833.889:1180): pid=15061 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2593" name="file1" dev="overlay" ino=1783 res=0 errno=0
[  273.650364][T15060] ALSA: mixer_oss: invalid OSS volume ';Ê'
[  273.765347][   T40] audit: type=1400 audit(1770292834.039:1181): avc:  denied  { connect } for  pid=15082 comm="syz.1.2600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  273.797794][T15089] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2604'.
[  273.818475][T15089] can: request_module (can-proto-0) failed.
[  273.978744][T15101] netlink: 'syz.5.2608': attribute type 9 has an invalid length.
[  273.981997][T15101] netlink: 'syz.5.2608': attribute type 11 has an invalid length.
[  273.985048][T15101] netlink: 'syz.5.2608': attribute type 12 has an invalid length.
[  274.004929][ T6714] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  274.046357][   T40] audit: type=1326 audit(1770292834.309:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15103 comm="syz.4.2609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff479d9aeb9 code=0x7ffc0000
[  274.061052][   T40] audit: type=1326 audit(1770292834.309:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15103 comm="syz.4.2609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff479d9aeb9 code=0x7ffc0000
[  274.070708][   T40] audit: type=1326 audit(1770292834.319:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15103 comm="syz.4.2609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff479d9aeb9 code=0x7ffc0000
[  274.078524][T15106] Cannot find add_set index 1 as target
[  274.080725][   T40] audit: type=1326 audit(1770292834.319:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15103 comm="syz.4.2609" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff479d9aeb9 code=0x7ffc0000
[  274.165458][ T6714] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  274.169015][ T6714] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  274.173226][ T6714] usb 6-1: config 0 interface 0 has no altsetting 0
[  274.185504][ T6714] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  274.189663][ T6714] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  274.193144][ T6714] usb 6-1: Product: syz
[  274.195418][ T6714] usb 6-1: Manufacturer: syz
[  274.197429][ T6714] usb 6-1: SerialNumber: syz
[  274.201872][ T6714] usb 6-1: config 0 descriptor??
[  274.214329][ T6714] hub 6-1:0.0: bad descriptor, ignoring hub
[  274.216925][ T6714] hub 6-1:0.0: probe with driver hub failed with error -5
[  274.235162][ T6714] usb 6-1: selecting invalid altsetting 0
[  274.294375][T15114] genirq: Flags mismatch irq 4. 00200000 (pcl812) vs. 00200080 (ttyS0)
[  274.379387][T15118] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  274.381973][T15118] IPv6: NLM_F_CREATE should be set when creating new route
[  274.834178][ T5972] usb 6-1: USB disconnect, device number 22
[  275.004086][ T5972] usb 6-1: new full-speed USB device number 23 using dummy_hcd
[  275.073773][ T5933] Bluetooth: hci3: command tx timeout
[  275.165860][ T5972] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  275.169199][ T5972] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  275.173434][ T5972] usb 6-1: config 0 interface 0 has no altsetting 0
[  275.181155][ T5972] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  275.185381][ T5972] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  275.188797][ T5972] usb 6-1: Product: syz
[  275.190575][ T5972] usb 6-1: Manufacturer: syz
[  275.192652][ T5972] usb 6-1: SerialNumber: syz
[  275.204224][ T5972] usb 6-1: config 0 descriptor??
[  275.210457][ T5972] hub 6-1:0.0: bad descriptor, ignoring hub
[  275.212375][ T5972] hub 6-1:0.0: probe with driver hub failed with error -5
[  275.219131][ T5972] usb 6-1: selecting invalid altsetting 0
[  275.527216][ T6132] usb 6-1: USB disconnect, device number 23
[  276.161022][T15184] __nla_validate_parse: 2 callbacks suppressed
[  276.161041][T15184] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2633'.
[  276.174756][T15184] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.276477][T15182] netlink: 'syz.4.2632': attribute type 4 has an invalid length.
[  276.321096][   T40] kauditd_printk_skb: 537 callbacks suppressed
[  276.321108][   T40] audit: type=1400 audit(1770292836.589:1723): avc:  denied  { watch_reads } for  pid=15191 comm="syz.2.2635" path="pipe:[50377]" dev="pipefs" ino=50377 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  276.452941][T15196] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2637'.
[  276.465199][T15197] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  276.495383][T15200] hugetlbfs: Unknown parameter '8'
[  276.495403][   T40] audit: type=1400 audit(1770292836.769:1724): avc:  denied  { remount } for  pid=15199 comm="syz.2.2638" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  276.566615][T15160] ceph: No mds server is up or the cluster is laggy
[  276.571135][T15164] ceph: No mds server is up or the cluster is laggy
[  276.581369][T15206] input: syz0 as /devices/virtual/input/input31
[  276.664578][   T40] audit: type=1400 audit(1770292836.939:1725): avc:  denied  { map } for  pid=15211 comm="syz.5.2641" path="socket:[66135]" dev="sockfs" ino=66135 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  276.712368][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.725943][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.739374][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.743441][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.747885][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.751262][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.767245][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.771471][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.776358][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.780346][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.784912][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.789079][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.792912][   T40] audit: type=1400 audit(1770292837.059:1726): avc:  denied  { listen } for  pid=15229 comm="syz.2.2645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  276.793813][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.801633][   T40] audit: type=1400 audit(1770292837.059:1727): avc:  denied  { accept } for  pid=15229 comm="syz.2.2645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  276.804939][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.815596][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.818627][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.821609][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.824949][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.828002][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.830970][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.834654][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.842950][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.847505][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.851682][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.856348][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.860130][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.864314][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.867899][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.873825][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.884347][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.893941][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.900649][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.906367][T15224] program syz.5.2643 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.968098][   T40] audit: type=1400 audit(1770292837.229:1728): avc:  denied  { read } for  pid=15239 comm="syz.2.2647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  276.969326][T15246] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  276.981404][T15242] xt_socket: unknown flags 0x20
[  276.983806][   T40] audit: type=1400 audit(1770292837.239:1729): avc:  denied  { getopt } for  pid=15239 comm="syz.2.2647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  277.032397][T15249] input: syz0 as /devices/virtual/input/input32
[  277.138348][T15256] netlink: 'syz.5.2652': attribute type 8 has an invalid length.
[  277.141213][T15256] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  277.149148][T15256] netlink: 'syz.5.2652': attribute type 11 has an invalid length.
[  277.151726][T15256] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2652'.
[  277.154983][ T5933] Bluetooth: hci3: command tx timeout
[  277.158437][T15260] netlink: 'syz.5.2652': attribute type 8 has an invalid length.
[  277.161532][T15260] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  277.193374][T15258] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2653'.
[  277.220324][   T40] audit: type=1400 audit(1770292837.489:1730): avc:  denied  { connect } for  pid=15266 comm="syz.5.2655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  277.387424][   T40] audit: type=1400 audit(1770292837.659:1731): avc:  denied  { execute } for  pid=15275 comm="syz.1.2659" path="/12/file0/file0" dev="9p" ino=72614005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  277.523604][ T6131] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  277.574101][ T5972] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  277.673614][ T6131] usb 10-1: Using ep0 maxpacket: 16
[  277.677513][ T6131] usb 10-1: config 0 has an invalid interface number: 132 but max is 0
[  277.681156][ T6131] usb 10-1: config 0 has no interface number 0
[  277.686281][ T6131] usb 10-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  277.690049][ T6131] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.693748][ T6131] usb 10-1: Product: syz
[  277.695559][ T6131] usb 10-1: Manufacturer: syz
[  277.697569][ T6131] usb 10-1: SerialNumber: syz
[  277.701708][ T6131] usb 10-1: config 0 descriptor??
[  277.706987][ T6131] hub 10-1:0.132: bad descriptor, ignoring hub
[  277.710384][ T6131] hub 10-1:0.132: probe with driver hub failed with error -5
[  277.716766][ T6131] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.132/input/input33
[  277.736869][ T5972] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  277.753611][ T5972] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.758151][ T5972] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.762042][ T5972] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  277.769206][ T5972] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  277.772844][ T5972] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  277.776968][ T5972] usb 9-1: Manufacturer: syz
[  277.781002][ T5972] usb 9-1: config 0 descriptor??
[  277.855341][T15286] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  277.911940][   T40] audit: type=1400 audit(1770292838.179:1732): avc:  denied  { getopt } for  pid=15293 comm="syz.2.2665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  277.966784][T15295] 9p: Bad value for 'port'
[  278.071666][T15304] netlink: 'syz.2.2669': attribute type 27 has an invalid length.
[  278.104090][ T6005] usb 10-1: USB disconnect, device number 29
[  278.122192][T15304] dummy0: left promiscuous mode
[  278.178719][T15304] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  278.188980][T15304] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  278.189883][ T5972] appleir 0003:05AC:8243.000C: unknown main item tag 0x0
[  278.201787][ T5972] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  278.309793][T15304] veth3: left promiscuous mode
[  278.342827][T15310] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.346936][T15310] 8021q: adding VLAN 0 to HW filter on device team0
[  278.352717][T15310] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  278.360628][ T6844] netdevsim netdevsim2 ªªªªªª: unset [0, 0] type 1 family 0 port 8472 - 0
[  278.363440][ T6844] netdevsim netdevsim2 ªªªªªª: unset [1, 0] type 2 family 0 port 6081 - 0
[  278.366844][ T6844] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  278.369730][ T6844] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  278.372544][ T6844] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  278.375456][ T6844] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  278.381273][ T6844] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  278.384463][ T6844] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  278.455550][ T5972] usb 9-1: USB disconnect, device number 17
[  278.484954][T15331] program syz.2.2676 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  278.517205][T15333] block nbd2: NBD_DISCONNECT
[  278.557613][T15335] JFS: discard option not supported on device
[  278.561284][T15335] Mount JFS Failure: -5
[  278.562800][T15335] jfs_mount failed w/return code = -5
[  278.678241][T15339] geneve2: entered promiscuous mode
[  278.680416][T15339] geneve2: entered allmulticast mode
[  278.687906][ T6806] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 20002 - 0
[  278.691188][ T6806] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 20002 - 0
[  278.697016][ T6806] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 20002 - 0
[  278.699973][T15341] netlink: 'syz.2.2681': attribute type 1 has an invalid length.
[  278.700523][ T6806] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 20002 - 0
[  278.704099][T15341] netlink: 2088 bytes leftover after parsing attributes in process `syz.2.2681'.
[  278.711202][T15341] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2681'.
[  278.836832][T15349] SELinux:  Context #! ./file0
[  278.836832][T15349] ­ä »~‡žWutÐz /Ñ©·+AHá1ÂL³÷)
ûõÑ!‰_À»eì[v£<sûæ˜GË»€>¶òÏ0çxÛ)‘2ôl/ê is not valid (left unmapped).
[  279.104171][T15383] SET target dimension over the limit!
[  279.112208][T15381] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2694'.
[  279.233795][    C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  279.279329][T15394] netlink: 172 bytes leftover after parsing attributes in process `syz.1.2698'.
[  279.486883][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.490212][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.493441][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.503599][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.506789][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.510039][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.514669][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.517802][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.520931][   T54] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  279.530343][   T54] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  279.576194][T15412] fido_id[15412]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  279.597263][T15423] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2707'.
[  279.719426][T15432] program syz.1.2711 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  279.886624][T15440] kvm: pic: non byte write
[  279.978407][T15446] binder: 15445:15446 unknown command 0
[  279.980751][T15446] binder: 15445:15446 ioctl c0306201 200000000080 returned -22
[  280.161407][T15466] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2721'.
[  280.229974][T15472] random: crng reseeded on system resumption
[  280.236669][T15472] Restarting kernel threads ...
[  280.238960][T15472] Done restarting kernel threads.
[  280.324841][T15470] bond5 (unregistering): Released all slaves
[  280.447484][T15486] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15486 comm=syz.2.2726
[  280.488860][T15488] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config
[  280.499727][T15488] can0: slcan on ttynull.
[  280.507325][T15488] misc userio: Can't change port type on an already running userio instance
[  280.574817][T15492] netlink: 'syz.5.2728': attribute type 2 has an invalid length.
[  280.582501][T15492] can0: slcan on ttyS3.
[  280.584808][T15487] can0 (unregistered): slcan off ttynull.
[  280.886050][T15516] netlink: 'syz.4.2733': attribute type 10 has an invalid length.
[  280.894572][T15516] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.899658][T15516] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  280.964051][T15521] team_slave_1: mtu greater than device maximum
[  280.966796][T15521] team0: Device team_slave_1 failed to change mtu
[  281.077728][T15532] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  281.087685][T15535] loop5: detected capacity change from 0 to 7
[  281.093591][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.097221][    C3] buffer_io_error: 27 callbacks suppressed
[  281.097232][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.101925][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.105205][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.108127][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.111925][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.115872][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.119480][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.122653][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.125848][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.129814][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.132868][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.135709][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.138862][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.141600][T11766] ldm_validate_partition_table(): Disk read failed.
[  281.143956][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.147059][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.151496][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.154663][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.163434][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  281.166536][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  281.172361][T11766] Dev loop5: unable to read RDB block 0
[  281.177753][T11766]  loop5: unable to read partition table
[  281.179706][T11766] loop5: partition table beyond EOD, truncated
[  281.194549][T15535] ldm_validate_partition_table(): Disk read failed.
[  281.198050][T15535] Dev loop5: unable to read RDB block 0
[  281.201092][T15535]  loop5: unable to read partition table
[  281.204417][T15535] loop5: partition table beyond EOD, truncated
[  281.207267][T15535] loop_reread_partitions: partition scan of loop5 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ëÜ%õ«`ÉíÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  281.309986][T15553] __nla_validate_parse: 4 callbacks suppressed
[  281.310003][T15553] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2742'.
[  281.349223][T15557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2744'.
[  281.354323][T15557] netlink: 207952 bytes leftover after parsing attributes in process `syz.2.2744'.
[  281.398166][ T5933] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  281.401867][ T5933] Bluetooth: hci3: Injecting HCI hardware error event
[  281.408069][ T5290] Bluetooth: hci3: hardware error 0x00
[  281.471519][T15562] 8021q: adding VLAN 0 to HW filter on device bond5
[  281.541708][T15571] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2748'.
[  281.810093][T15444] syz.1.2716 (15444) used greatest stack depth: 18792 bytes left
[  281.834122][T15578] CIFS mount error: No usable UNC path provided in device string!
[  281.834122][T15578] 
[  281.838454][T15578] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  281.896160][T15584] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2751'.
[  281.899040][T15584] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2751'.
[  281.929368][T15580] kvm: pic: non byte read
[  281.932655][T15580] kvm: pic: single mode not supported
[  281.932665][T15580] kvm: pic: level sensitive irq not supported
[  281.936632][T15580] kvm: pic: non byte read
[  281.944087][T15580] kvm: pic: non byte read
[  281.947491][T15580] kvm: pic: non byte read
[  281.951406][T15580] kvm: pic: non byte read
[  281.954523][T15580] kvm: pic: single mode not supported
[  281.954924][T15580] kvm: pic: non byte read
[  281.960114][T15580] kvm: pic: level sensitive irq not supported
[  281.960515][T15580] kvm: pic: non byte read
[  281.966496][T15580] kvm: pic: single mode not supported
[  281.966509][T15580] kvm: pic: level sensitive irq not supported
[  281.969163][T15580] kvm: pic: non byte read
[  281.975383][T15580] kvm: pic: non byte read
[  282.377496][T15616] input: syz0 as /devices/virtual/input/input34
[  282.602893][T15630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2769'.
[  282.606723][T15630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2769'.
[  282.611461][T15630] netlink: 'syz.2.2769': attribute type 16 has an invalid length.
[  282.614101][T15630] netlink: 16010 bytes leftover after parsing attributes in process `syz.2.2769'.
[  282.630408][ T5933] Bluetooth: min 0 < 6
[  282.769331][T15632] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2771'.
[  282.784879][T15634] can0 (unregistered): slcan off ttyS3.
[  282.851772][T15645] input: syz0 as /devices/virtual/input/input35
[  282.855247][T15639] binder: 15638:15639 ioctl c0306201 0 returned -14
[  283.015191][T10436] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  283.021577][T10436] CPU: 1 UID: 0 PID: 10436 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  283.021594][T10436] Tainted: [L]=SOFTLOCKUP
[  283.021598][T10436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  283.021604][T10436] Call Trace:
[  283.021608][T10436]  <TASK>
[  283.021613][T10436]  dump_stack_lvl+0x100/0x190
[  283.021651][T10436]  dump_header+0xfb/0x606
[  283.021663][T10436]  oom_kill_process.cold+0xd/0x321
[  283.021675][T10436]  out_of_memory+0x340/0x14f0
[  283.021692][T10436]  ? __pfx_out_of_memory+0x10/0x10
[  283.021708][T10436]  mem_cgroup_out_of_memory+0xc6/0x130
[  283.021719][T10436]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  283.021729][T10436]  ? find_held_lock+0x2b/0x80
[  283.021746][T10436]  ? do_raw_spin_unlock+0x145/0x1e0
[  283.021759][T10436]  ? _raw_spin_unlock+0x28/0x50
[  283.021777][T10436]  try_charge_memcg+0x652/0xc90
[  283.021794][T10436]  ? __pfx_try_charge_memcg+0x10/0x10
[  283.021811][T10436]  ? find_held_lock+0x2b/0x80
[  283.021825][T10436]  ? rcu_read_unlock+0x17/0x60
[  283.021839][T10436]  ? rcu_read_unlock+0x17/0x60
[  283.021855][T10436]  charge_memcg+0xa6/0x280
[  283.021869][T10436]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  283.021887][T10436]  __read_swap_cache_async+0x449/0x610
[  283.021900][T10436]  ? __pfx___read_swap_cache_async+0x10/0x10
[  283.021911][T10436]  ? __lock_acquire+0x4a5/0x2630
[  283.021923][T10436]  ? __xa_erase+0xec/0x150
[  283.021935][T10436]  ? __pfx___xa_erase+0x10/0x10
[  283.021949][T10436]  swap_cluster_readahead+0x414/0x770
[  283.021964][T10436]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  283.021976][T10436]  ? __lock_acquire+0x4a5/0x2630
[  283.021986][T10436]  ? _raw_spin_unlock+0x28/0x50
[  283.021995][T10436]  ? move_cluster+0x1f7/0x570
[  283.022015][T10436]  ? __lock_acquire+0x4a5/0x2630
[  283.022026][T10436]  ? get_vma_policy+0x23f/0x3b0
[  283.022043][T10436]  swapin_readahead+0x14b/0x12e0
[  283.022055][T10436]  ? lock_acquire+0x17c/0x330
[  283.022067][T10436]  ? __pfx_swapin_readahead+0x10/0x10
[  283.022079][T10436]  ? find_held_lock+0x2b/0x80
[  283.022093][T10436]  ? swap_cache_get_folio+0x272/0x920
[  283.022106][T10436]  ? swap_cache_get_folio+0x272/0x920
[  283.022115][T10436]  ? swap_cache_get_folio+0x1f/0x920
[  283.022124][T10436]  ? swap_cache_get_folio+0x2a2/0x920
[  283.022136][T10436]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  283.022145][T10436]  ? __pfx_get_swap_device+0x10/0x10
[  283.022162][T10436]  ? do_swap_page+0x9ba/0x6810
[  283.022172][T10436]  do_swap_page+0x9ba/0x6810
[  283.022184][T10436]  ? __lock_acquire+0x4a5/0x2630
[  283.022198][T10436]  ? __pfx_do_swap_page+0x10/0x10
[  283.022210][T10436]  ? __pfx_default_wake_function+0x10/0x10
[  283.022226][T10436]  ? rcu_is_watching+0x12/0xc0
[  283.022240][T10436]  ? __free_object+0x2a8/0x400
[  283.022260][T10436]  ? rcu_is_watching+0x12/0xc0
[  283.022273][T10436]  ? ___pte_offset_map+0x179/0x310
[  283.022290][T10436]  __handle_mm_fault+0x18b9/0x2b50
[  283.022304][T10436]  ? reacquire_held_locks+0xce/0x1e0
[  283.022315][T10436]  ? __pfx___handle_mm_fault+0x10/0x10
[  283.022328][T10436]  ? lock_vma_under_rcu+0x17c/0x5a0
[  283.022347][T10436]  handle_mm_fault+0x36d/0xa20
[  283.022360][T10436]  do_user_addr_fault+0x5a3/0x12f0
[  283.022379][T10436]  exc_page_fault+0x6f/0xd0
[  283.022391][T10436]  asm_exc_page_fault+0x26/0x30
[  283.022401][T10436] RIP: 0033:0x7efed855b78e
[  283.022410][T10436] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  283.022420][T10436] RSP: 002b:00007ffd08664418 EFLAGS: 00010246
[  283.022429][T10436] RAX: 0000000000000000 RBX: 0000555580cd0500 RCX: 00007efed855b78e
[  283.022436][T10436] RDX: 00007ffd08664470 RSI: 0000000000000000 RDI: 0000000000000000
[  283.022442][T10436] RBP: 00007ffd086644dc R08: 0000000000000000 R09: 0000000000000000
[  283.022448][T10436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388
[  283.022454][T10436] R13: 00000000000927c0 R14: 0000000000044b14 R15: 00007ffd08664530
[  283.022467][T10436]  </TASK>
[  283.022471][T10436] memory: usage 307200kB, limit 307200kB, failcnt 670
[  283.178512][T10436] memory+swap: usage 308336kB, limit 9007199254740988kB, failcnt 0
[  283.184467][T10436] kmem: usage 4988kB, limit 9007199254740988kB, failcnt 0
[  283.188127][T10436] Memory cgroup stats for /syz5:
[  283.188199][T10436] cache 308731904
[  283.192213][T10436] rss 36864
[  283.193333][T10436] rss_huge 0
[  283.197617][T10436] shmem 308731904
[  283.198881][T10436] mapped_file 0
[  283.200075][T10436] dirty 0
[  283.201019][T10436] writeback 0
[  283.202144][T10436] workingset_refault_anon 1422
[  283.204574][T10436] workingset_refault_file 0
[  283.206108][T10436] swap 1380352
[  283.207253][T10436] swapcached 114688
[  283.208546][T10436] pgpgin 241194
[  283.209729][T10436] pgpgout 166295
[  283.211190][T10436] pgfault 77471
[  283.212426][T10436] pgmajfault 261
[  283.215251][T10436] inactive_anon 308633600
[  283.216721][T10436] active_anon 245760
[  283.218031][T10436] inactive_file 0
[  283.219264][T10436] active_file 0
[  283.220472][T10436] unevictable 0
[  283.221660][T10436] hierarchical_memory_limit 314572800
[  283.223399][T10436] hierarchical_memsw_limit 9223372036854771712
[  283.225576][T10436] total_cache 308731904
[  283.226947][T10436] total_rss 36864
[  283.228137][T10436] total_rss_huge 0
[  283.229333][T10436] total_shmem 308731904
[  283.230638][T10436] total_mapped_file 0
[  283.231909][T10436] total_dirty 0
[  283.233063][T10436] total_writeback 0
[  283.235770][T10436] total_workingset_refault_anon 1422
[  283.237753][T10436] total_workingset_refault_file 0
[  283.239451][T10436] total_swap 1380352
[  283.240781][T10436] total_swapcached 114688
[  283.242270][T10436] total_pgpgin 241194
[  283.244362][T10436] total_pgpgout 166295
[  283.245779][T10436] total_pgfault 77471
[  283.247166][T10436] total_pgmajfault 261
[  283.248594][T10436] total_inactive_anon 308633600
[  283.250259][T10436] total_active_anon 245760
[  283.251899][T10436] total_inactive_file 0
[  283.253389][T10436] total_active_file 0
[  283.254985][T10436] total_unevictable 0
[  283.256339][T10436] anon_cost 0
[  283.257457][T10436] file_cost 0
[  283.258581][T10436] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2745,pid=15561,uid=0
[  283.264903][T10436] Memory cgroup out of memory: Killed process 15561 (syz.5.2745) total-vm:102332kB, anon-rss:1188kB, file-rss:23700kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  283.483707][ T5290] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  283.980004][T15695] input: syz0 as /devices/virtual/input/input36
[  284.133186][T15705] netlink: 'syz.5.2792': attribute type 13 has an invalid length.
[  284.184349][ T5997] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  284.274656][T15716] kvm: apic: phys broadcast and lowest prio
[  284.394626][T15720] vcan0: tx drop: invalid da for name 0x00000000000001ff
[  284.405538][T15724] overlayfs: missing 'lowerdir'
[  284.477011][T15732] xt_hashlimit: invalid rate
[  284.492161][T15727] 8021q: adding VLAN 0 to HW filter on device bond3
[  284.548161][T15737] loop5: detected capacity change from 0 to 7
[  284.552057][T15737] ldm_validate_partition_table(): Disk read failed.
[  284.557293][T15737] Dev loop5: unable to read RDB block 0
[  284.560269][T15737]  loop5: unable to read partition table
[  284.562557][T15737] loop5: partition table beyond EOD, truncated
[  284.565799][T15737] loop_reread_partitions: partition scan of loop5 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ëÜ%õ«`ÉíÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  284.634917][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  284.634932][   T40] audit: type=1400 audit(1770292844.909:1737): avc:  denied  { accept } for  pid=15740 comm="syz.5.2806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  284.644714][T15741] binder: 15740:15741 ioctl c00c6211 0 returned -14
[  284.682417][   T40] audit: type=1400 audit(1770292844.949:1738): avc:  denied  { mounton } for  pid=15742 comm="syz.5.2808" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  284.683708][ T5290] Bluetooth: hci0: command tx timeout
[  284.715331][T15747] sctp: [Deprecated]: syz.2.2807 (pid 15747) Use of struct sctp_assoc_value in delayed_ack socket option.
[  284.715331][T15747] Use struct sctp_sack_info instead
[  284.722958][T15747] netlink: 'syz.2.2807': attribute type 5 has an invalid length.
[  284.726327][T15747] netlink: 'syz.2.2807': attribute type 5 has an invalid length.
[  284.754141][   T40] audit: type=1400 audit(1770292845.019:1739): avc:  denied  { mount } for  pid=15749 comm="syz.5.2810" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  284.780613][ T6131] IPVS: starting estimator thread 0...
[  284.823135][T15759] input: syz0 as /devices/virtual/input/input37
[  284.837651][T15755] ªªªªªª5gæ¹Q[Ô: renamed from lo (while UP)
[  284.875354][T15754] IPVS: using max 29 ests per chain, 69600 per kthread
[  285.020231][   T40] audit: type=1400 audit(1770292845.289:1740): avc:  denied  { bind } for  pid=15770 comm="syz.2.2818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  285.073923][ T6131] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  285.381711][   T40] audit: type=1400 audit(1770292845.649:1741): avc:  denied  { search } for  pid=15785 comm="cmp" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  285.395423][   T40] audit: type=1400 audit(1770292845.649:1742): avc:  denied  { read } for  pid=15785 comm="cmp" name="resolv.conf" dev="tmpfs" ino=4 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  285.405553][   T40] audit: type=1400 audit(1770292845.649:1743): avc:  denied  { open } for  pid=15785 comm="cmp" path="/tmp/resolv.conf" dev="tmpfs" ino=4 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  285.418335][   T40] audit: type=1400 audit(1770292845.649:1744): avc:  denied  { getattr } for  pid=15785 comm="cmp" path="/tmp/resolv.conf" dev="tmpfs" ino=4 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  285.432827][   T40] audit: type=1400 audit(1770292845.669:1745): avc:  denied  { execmem } for  pid=15786 comm="syz.2.2822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  285.441127][   T40] audit: type=1400 audit(1770292845.669:1746): avc:  denied  { execute } for  pid=15786 comm="syz.2.2822" dev="tmpfs" ino=1129 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  285.460542][T15791] xt_hashlimit: size too large, truncated to 1048576
[  285.637900][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880254eb400: rx timeout, send abort
[  285.653643][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880254eb400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  286.067894][T15829] syzkaller1: left promiscuous mode
[  286.070109][T15829] syzkaller1: left allmulticast mode
[  286.192858][T15839] kvm: faulting far call emulation tainted memory
[  286.249826][T15844] input: syz0 as /devices/virtual/input/input38
[  286.666645][T15878] input: syz0 as /devices/virtual/input/input39
[  286.743390][T15885] program syz.1.2848 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  286.762897][T15887] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  286.866722][T15895] __nla_validate_parse: 12 callbacks suppressed
[  286.866737][T15895] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2852'.
[  286.874401][T15895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2852'.
[  286.881694][T15895] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2852'.
[  286.944403][T15907] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2853'.
[  286.983184][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2853'.
[  287.863824][ T6132] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  287.996511][T15952] netlink: 27 bytes leftover after parsing attributes in process `syz.4.2869'.
[  288.007597][T15952] ADFS-fs (nbd4): error: unable to read block 3, try 0
[  288.033578][ T6132] usb 7-1: Using ep0 maxpacket: 8
[  288.036412][ T6132] usb 7-1: config 0 interface 0 has no altsetting 0
[  288.038509][ T6132] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  288.041467][ T6132] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.046268][ T6132] usb 7-1: config 0 descriptor??
[  288.090707][T15954] overlayfs: failed to resolve './file2': -2
[  288.138152][T15962] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2873'.
[  288.227126][T15975] binder: Bad value for 'max'
[  288.227746][T15974] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2876'.
[  288.457814][ T6132] mcp2221 0003:04D8:00DD.000E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  288.502578][T16003] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  288.504822][T16003] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  288.666292][ T5930] usb 7-1: USB disconnect, device number 25
[  288.760018][T16033] delete_channel: no stack
[  288.794769][T16039] netlink: 'syz.1.2900': attribute type 29 has an invalid length.
[  288.797892][T16039] netlink: 'syz.1.2900': attribute type 29 has an invalid length.
[  288.800787][T16039] netlink: 'syz.1.2900': attribute type 29 has an invalid length.
[  288.804735][T16039] netlink: 'syz.1.2900': attribute type 29 has an invalid length.
[  289.904194][   T40] kauditd_printk_skb: 147 callbacks suppressed
[  289.904206][   T40] audit: type=1400 audit(1770292850.179:1894): avc:  denied  { read write } for  pid=16087 comm="syz.5.2924" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  289.913901][   T40] audit: type=1400 audit(1770292850.179:1895): avc:  denied  { ioctl open } for  pid=16087 comm="syz.5.2924" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  290.000552][T16096] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2928'.
[  290.005066][T16096] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2928'.
[  290.061918][T16100] netlink: 'syz.1.2930': attribute type 7 has an invalid length.
[  290.255480][   T40] audit: type=1400 audit(1770292850.529:1896): avc:  denied  { read } for  pid=16123 comm="syz.2.2942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  290.534652][T16128] netlink: 'syz.4.2943': attribute type 10 has an invalid length.
[  290.539496][T16128] bond0: (slave bond_slave_0): Releasing backup interface
[  290.582544][   T40] audit: type=1400 audit(1770292850.849:1897): avc:  denied  { create } for  pid=16129 comm="syz.4.2944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  290.592107][T16130] netlink: 'syz.4.2944': attribute type 25 has an invalid length.
[  290.596276][T16130] netlink: 'syz.4.2944': attribute type 29 has an invalid length.
[  290.786867][T16138] netlink: 'syz.4.2948': attribute type 10 has an invalid length.
[  290.790115][T16138] veth0_vlan: entered allmulticast mode
[  290.793130][T16138] bridge0: port 4(veth0_vlan) entered blocking state
[  290.796093][T16138] bridge0: port 4(veth0_vlan) entered disabled state
[  290.801103][T16138] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  290.928745][T16146] netlink: 'syz.4.2952': attribute type 29 has an invalid length.
[  291.416412][   T40] audit: type=1400 audit(1770292851.689:1898): avc:  denied  { bind } for  pid=16214 comm="syz.4.2985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  291.423468][   T40] audit: type=1400 audit(1770292851.689:1899): avc:  denied  { name_bind } for  pid=16214 comm="syz.4.2985" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  291.444506][   T40] audit: type=1400 audit(1770292851.689:1900): avc:  denied  { node_bind } for  pid=16214 comm="syz.4.2985" saddr=::1 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  291.451108][   T40] audit: type=1400 audit(1770292851.709:1901): avc:  denied  { write } for  pid=16216 comm="syz.5.2987" name="ip6_flowlabel" dev="proc" ino=4026534158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  291.546448][   T40] audit: type=1400 audit(1770292851.819:1902): avc:  denied  { read write } for  pid=16223 comm="syz.2.2990" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  291.563879][   T40] audit: type=1400 audit(1770292851.819:1903): avc:  denied  { open } for  pid=16223 comm="syz.2.2990" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  291.692741][T16235] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  291.698667][T16235] vlan2: entered promiscuous mode
[  291.700862][T16235] bond0: entered promiscuous mode
[  291.703031][T16235] bond_slave_0: entered promiscuous mode
[  291.707581][T16235] bond_slave_1: entered promiscuous mode
[  291.710267][T16235] batadv0: entered promiscuous mode
[  291.780237][T16241] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  291.933789][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[  291.937308][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  291.940417][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  292.868763][T16291] __nla_validate_parse: 5 callbacks suppressed
[  292.868775][T16291] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3016'.
[  294.450766][T16328] bond0: (slave dummy0): Releasing backup interface
[  294.458500][T16328] batman_adv: batadv0: Adding interface: dummy0
[  294.461197][T16328] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  294.471838][T16328] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  294.753699][ T6131] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  294.901389][T16334] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3032'.
[  294.915545][ T6131] usb 9-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  294.919318][ T6131] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.922470][ T6131] usb 9-1: Product: syz
[  294.924195][ T6131] usb 9-1: Manufacturer: syz
[  294.925921][ T6131] usb 9-1: SerialNumber: syz
[  295.010281][T16338] openvswitch: netlink: IP tunnel dst address not specified
[  295.164113][  T831] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  295.323890][  T831] usb 6-1: Using ep0 maxpacket: 16
[  295.327044][  T831] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.331267][  T831] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.332801][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  295.335725][  T831] usb 6-1: config 0 interface 0 has no altsetting 0
[  295.339436][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  295.342226][  T831] usb 6-1: New USB device found, idVendor=046d, idProduct=c117, bcdDevice= 0.00
[  295.349524][  T831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.355257][  T831] usb 6-1: config 0 descriptor??
[  295.794949][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  295.794962][   T40] audit: type=1400 audit(1770292856.069:1918): avc:  denied  { write } for  pid=16344 comm="syz.5.3035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  295.795221][T16345] lo: Caught tx_queue_len zero misconfig
[  295.803994][   T40] audit: type=1400 audit(1770292856.079:1919): avc:  denied  { ioctl } for  pid=16341 comm="syz.2.3034" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=72785 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  296.080607][ T5997] usb 6-1: USB disconnect, device number 24
[  296.390920][T16361] syz.1.3039 (16361): drop_caches: 2
[  296.398755][T16360] syz.1.3039 (16360): drop_caches: 2
[  296.401801][T16360] syz.1.3039 (16360): drop_caches: 2
[  296.772172][   T40] audit: type=1400 audit(1770292857.039:1920): avc:  denied  { kexec_image_load } for  pid=16365 comm="syz.2.3041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  296.795471][T16370] geneve2: entered promiscuous mode
[  296.797787][T16370] geneve2: entered allmulticast mode
[  297.052801][T16376] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967288 (8589934576 ns) > initial count (4294967298 ns). Using initial count to start timer.
[  297.353435][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000044. ret = -EPROTO
[  297.359284][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  297.365130][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  297.371540][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  297.377845][ T6131] lan78xx 9-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  297.387945][ T6131] lan78xx 9-1:1.0: probe with driver lan78xx failed with error -71
[  297.421563][ T6131] usb 9-1: USB disconnect, device number 18
[  297.559199][   T40] audit: type=1400 audit(1770292857.829:1921): avc:  denied  { ioctl } for  pid=16400 comm="syz.2.3054" path="socket:[74807]" dev="sockfs" ino=74807 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  297.560452][T16401] bridge0: entered allmulticast mode
[  297.812889][   T40] audit: type=1400 audit(1770292858.079:1922): avc:  denied  { create } for  pid=16397 comm="syz.1.3053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  297.822540][   T40] audit: type=1400 audit(1770292858.089:1923): avc:  denied  { bind } for  pid=16397 comm="syz.1.3053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  297.833692][   T40] audit: type=1400 audit(1770292858.099:1924): avc:  denied  { connect } for  pid=16397 comm="syz.1.3053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  297.842177][   T40] audit: type=1400 audit(1770292858.099:1925): avc:  denied  { accept } for  pid=16397 comm="syz.1.3053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  297.851353][   T40] audit: type=1400 audit(1770292858.099:1926): avc:  denied  { getopt } for  pid=16397 comm="syz.1.3053" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  297.893751][   T53] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  298.043720][   T53] usb 7-1: Using ep0 maxpacket: 32
[  298.047050][   T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.050954][   T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  298.057423][   T53] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  298.061073][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.066218][   T53] usb 7-1: config 0 descriptor??
[  298.174064][   T40] audit: type=1400 audit(1770292858.449:1927): avc:  denied  { setopt } for  pid=16412 comm="syz.4.3059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  298.468678][T16426] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16426 comm=syz.5.3062
[  298.481950][T16426] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3062'.
[  298.566726][   T53] savu 0003:1E7D:2D5A.000F: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  298.734891][ T6131] usb 7-1: USB disconnect, device number 26
[  299.981444][   T53] IPVS: starting estimator thread 0...
[  300.063955][T16476] IPVS: using max 43 ests per chain, 103200 per kthread
[  300.163756][ T2299] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  300.325619][ T2299] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  300.329784][ T2299] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  300.333021][ T2299] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.340966][ T2299] usb 9-1: config 0 descriptor??
[  300.345669][ T2299] pwc: Askey VC010 type 2 USB webcam detected.
[  300.430387][ T6827] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  300.434724][ T6827] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 20002 - 0
[  300.438539][ T6827] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  300.442577][ T6827] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 20002 - 0
[  300.446886][ T6827] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  300.450314][ T6827] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 20002 - 0
[  300.456037][ T6806] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  300.458848][ T6806] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 20002 - 0
[  300.486943][T16497] mac80211_hwsim hwsim18 syzkaller0: Caught tx_queue_len zero misconfig
[  300.607449][ T6827] wlan0: Trigger new scan to find an IBSS to join
[  300.751539][ T2299] pwc: recv_control_msg error -32 req 02 val 2b00
[  300.968655][T16508] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3091'.
[  300.974950][ T2299] pwc: recv_control_msg error -32 req 02 val 2c00
[  301.018058][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  301.018072][   T40] audit: type=1400 audit(1770292861.259:1937): avc:  denied  { read } for  pid=16505 comm="syz.1.3091" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  301.029665][   T40] audit: type=1400 audit(1770292861.269:1938): avc:  denied  { open } for  pid=16505 comm="syz.1.3091" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  301.039109][ T2299] pwc: recv_control_msg error -32 req 04 val 1000
[  301.042564][ T2299] pwc: recv_control_msg error -32 req 04 val 1300
[  301.049307][ T2299] pwc: recv_control_msg error -32 req 04 val 1400
[  301.052589][ T2299] pwc: recv_control_msg error -32 req 02 val 2000
[  301.058197][   T40] audit: type=1400 audit(1770292861.329:1939): avc:  denied  { append } for  pid=16505 comm="syz.1.3091" name="001" dev="devtmpfs" ino=764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  301.124115][T16508] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  301.127107][T16508] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  301.151730][T16508] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  301.257613][ T2299] pwc: recv_control_msg error -71 req 04 val 1500
[  301.261206][ T2299] pwc: recv_control_msg error -71 req 02 val 2500
[  301.264316][ T2299] pwc: recv_control_msg error -71 req 02 val 2400
[  301.267101][ T2299] pwc: recv_control_msg error -71 req 02 val 2600
[  301.269863][ T2299] pwc: recv_control_msg error -71 req 02 val 2900
[  301.272517][ T2299] pwc: recv_control_msg error -71 req 02 val 2800
[  301.275100][ T2299] pwc: recv_control_msg error -71 req 04 val 1100
[  301.277332][ T2299] pwc: recv_control_msg error -71 req 04 val 1200
[  301.278519][T16511] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3092'.
[  301.282266][ T2299] pwc: Registered as video103.
[  301.285708][ T2299] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb9/9-1/input/input40
[  301.295972][ T2299] usb 9-1: USB disconnect, device number 19
[  301.543783][ T6005] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  301.548941][   T40] audit: type=1400 audit(1770292861.819:1940): avc:  denied  { setopt } for  pid=16513 comm="syz.5.3093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  301.673628][ T6005] usb 7-1: device descriptor read/64, error -71
[  301.924166][ T6005] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  302.001894][   T40] audit: type=1400 audit(1770292862.269:1941): avc:  denied  { read write } for  pid=16520 comm="syz.4.3095" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  302.005982][ T5930] hid_parser_main: 74 callbacks suppressed
[  302.005995][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.009450][   T40] audit: type=1400 audit(1770292862.269:1942): avc:  denied  { open } for  pid=16520 comm="syz.4.3095" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  302.011147][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.011162][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.011174][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.028014][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.030331][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.032661][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.035089][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.037416][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.039727][ T5930] hid-generic 0006:0004:0009.0010: unknown main item tag 0x0
[  302.050006][ T5930] hid-generic 0006:0004:0009.0010: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0
[  302.054778][ T6005] usb 7-1: device descriptor read/64, error -71
[  302.080733][T16523] fido_id[16523]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  302.164505][ T6005] usb usb7-port1: attempt power cycle
[  302.302164][T16528] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3096'.
[  302.307585][T16528] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3096'.
[  302.456083][   T40] audit: type=1400 audit(1770292862.729:1943): avc:  denied  { bind } for  pid=16529 comm="syz.5.3097" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  302.503699][ T6005] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  302.524397][ T6005] usb 7-1: device descriptor read/8, error -71
[  302.773893][ T6005] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  302.794194][ T6005] usb 7-1: device descriptor read/8, error -71
[  302.904277][ T6005] usb usb7-port1: unable to enumerate USB device
[  303.153847][ T5290] Bluetooth: hci0: command 0x0c1a tx timeout
[  303.194587][   T40] audit: type=1400 audit(1770292863.469:1944): avc:  denied  { name_bind } for  pid=16537 comm="syz.5.3099" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  303.723906][ T6806] wlan0: Trigger new scan to find an IBSS to join
[  304.231674][T16553] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3106'.
[  304.370053][T16559] vlan2: entered promiscuous mode
[  304.372318][T16559] ip6gretap0: entered promiscuous mode
[  304.394578][T16559] bridge0: port 3(vlan2) entered blocking state
[  304.397364][T16559] bridge0: port 3(vlan2) entered disabled state
[  304.400204][T16559] vlan2: entered allmulticast mode
[  304.402413][T16559] ip6gretap0: entered allmulticast mode
[  304.563890][ T5930] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  304.713910][ T5930] usb 9-1: Using ep0 maxpacket: 8
[  304.716724][ T5930] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  304.719288][ T5930] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  304.722419][ T5930] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  304.726212][ T5930] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  304.729302][ T5930] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  304.733419][ T5930] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  304.737960][ T5930] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.843216][T16570] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967288 (8589934576 ns) > initial count (4294967298 ns). Using initial count to start timer.
[  304.949583][ T5930] usb 9-1: usb_control_msg returned -32
[  304.951391][ T5930] usbtmc 9-1:16.0: can't read capabilities
[  305.213639][ T5998] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  305.243957][ T5290] Bluetooth: hci0: command 0x0c1a tx timeout
[  305.303245][   T40] audit: type=1400 audit(1770292865.569:1945): avc:  denied  { create } for  pid=16573 comm="syz.2.3114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  305.383602][ T5998] usb 6-1: Using ep0 maxpacket: 32
[  305.387959][ T5998] usb 6-1: config 0 has an invalid interface number: 28 but max is 0
[  305.391343][ T5998] usb 6-1: config 0 has no interface number 0
[  305.394174][ T5998] usb 6-1: config 0 interface 28 has no altsetting 0
[  305.397018][ T5998] usb 6-1: New USB device found, idVendor=054c, idProduct=0069, bcdDevice= 0.47
[  305.400777][ T5998] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.408120][ T5998] usb 6-1: config 0 descriptor??
[  305.503016][T16576] usbtmc 9-1:16.0: usbtmc_ioctl_request failed -71
[  305.503874][ T6132] usb 9-1: USB disconnect, device number 20
[  305.621333][ T5998] usb 6-1: string descriptor 0 read error: -71
[  305.630964][ T5998] usb-storage 6-1:0.28: USB Mass Storage device detected
[  305.641598][ T5998] usb-storage 6-1:0.28: Quirks match for vid 054c pid 0069: 1
[  305.714683][ T5998] usb 6-1: USB disconnect, device number 25
[  306.209839][   T40] audit: type=1400 audit(1770292866.479:1946): avc:  denied  { append } for  pid=16593 comm="syz.2.3121" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  306.404018][ T6005] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  306.486934][T16612] batman_adv: batadv0: Interface activated: dummy0
[  306.489079][T16612] batadv0: mtu less than device minimum
[  306.491377][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.495760][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.499543][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.503425][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.507317][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.511207][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.515730][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.519500][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.523307][T16612] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  306.557412][ T6005] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  306.561193][ T6005] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.565020][ T6005] usb 6-1: Product: syz
[  306.566856][ T6005] usb 6-1: Manufacturer: syz
[  306.568840][ T6005] usb 6-1: SerialNumber: syz
[  306.663638][ T5998] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  306.754045][ T6806] wlan0: Trigger new scan to find an IBSS to join
[  306.825171][ T5998] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  306.829106][ T5998] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  306.833023][ T5998] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  306.840454][ T5998] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  306.844291][ T5998] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.847523][ T5998] usb 7-1: Product: syz
[  306.849267][ T5998] usb 7-1: Manufacturer: syz
[  306.851181][ T5998] usb 7-1: SerialNumber: syz
[  306.857420][ T5998] hub 7-1:1.0: bad descriptor, ignoring hub
[  306.859934][ T5998] hub 7-1:1.0: probe with driver hub failed with error -5
[  306.978112][ T6005] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  307.059859][ T5998] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 31 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  307.259810][   T40] audit: type=1400 audit(1770292867.529:1947): avc:  denied  { read write } for  pid=16613 comm="syz.2.3128" name="lp0" dev="devtmpfs" ino=3559 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  307.269615][   T40] audit: type=1400 audit(1770292867.529:1948): avc:  denied  { open } for  pid=16613 comm="syz.2.3128" path="/dev/usb/lp0" dev="devtmpfs" ino=3559 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  307.314039][ T5290] Bluetooth: hci0: command 0x0c1a tx timeout
[  307.374139][ T2299] usb 7-1: USB disconnect, device number 31
[  307.378831][ T2299] usblp0: removed
[  307.705176][ T6827] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  307.822690][T16624] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3132'.
[  307.825800][T16624] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3132'.
[  307.828689][T16624] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3132'.
[  307.831522][T16624] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3132'.
[  308.371583][T16646] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3140'.
[  308.433604][ T5997] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  308.593935][ T5997] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.597342][ T5997] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  308.600369][ T5997] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  308.613601][ T5997] usb 10-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  308.616463][ T5997] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.620240][ T5997] usb 10-1: config 0 descriptor??
[  308.640656][T16650] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16650 comm=syz.4.3141
[  308.650222][T16650] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3141'.
[  308.699534][   T40] audit: type=1400 audit(1770292868.969:1949): avc:  denied  { create } for  pid=16651 comm="syz.2.3142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  308.706226][   T40] audit: type=1400 audit(1770292868.969:1950): avc:  denied  { connect } for  pid=16651 comm="syz.2.3142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  308.732827][   T40] audit: type=1326 audit(1770292868.999:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16653 comm="syz.2.3143" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95bd9aeb9 code=0x7ffc0000
[  308.740498][   T40] audit: type=1326 audit(1770292869.019:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16653 comm="syz.2.3143" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95bd9aeb9 code=0x7ffc0000
[  308.748578][   T40] audit: type=1326 audit(1770292869.019:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16653 comm="syz.2.3143" exe="/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd95bd9aeb9 code=0x7ffc0000
[  308.756773][   T40] audit: type=1326 audit(1770292869.019:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16653 comm="syz.2.3143" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95bd9aeb9 code=0x7ffc0000
[  308.764996][   T40] audit: type=1326 audit(1770292869.019:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16653 comm="syz.2.3143" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd95bd9aeb9 code=0x7ffc0000
[  308.791427][ T6005] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  309.004785][ T6005] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  309.008365][ T6005] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  309.016645][ T6005] lan78xx 6-1:1.0: probe with driver lan78xx failed with error -71
[  309.022153][ T6005] usb 6-1: USB disconnect, device number 26
[  309.554708][T16670] syzkaller0: entered promiscuous mode
[  309.557251][T16670] syzkaller0: entered allmulticast mode
[  309.599300][T16671] binder: 16666:16671 ioctl 4018620d 0 returned -22
[  309.668233][T16673] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3150'.
[  309.677447][T16673] bridge0: entered promiscuous mode
[  309.681774][T16673] macvtap1: entered promiscuous mode
[  309.683068][T16675] cgroup: fork rejected by pids controller in /syz2
[  309.684688][T16673] macvtap1: entered allmulticast mode
[  309.688707][T16673] bridge0: entered allmulticast mode
[  309.698682][T16673] bridge0: left allmulticast mode
[  309.700421][T16673] bridge0: left promiscuous mode
[  309.914251][T16686] validate_nla: 9 callbacks suppressed
[  309.914263][T16686] netlink: 'syz.1.3156': attribute type 13 has an invalid length.
[  309.918870][T16686] netlink: 24859 bytes leftover after parsing attributes in process `syz.1.3156'.
[  310.448709][ T5933] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  310.452679][ T5933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  310.463065][ T5933] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  310.466076][ T5933] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  310.470965][ T5933] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  310.740501][T16707] chnl_net:caif_netlink_parms(): no params data found
[  310.843866][ T6827] bridge_slave_1: left allmulticast mode
[  310.845679][ T6827] bridge_slave_1: left promiscuous mode
[  310.847676][ T6827] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.851546][ T6827] bridge_slave_0: left allmulticast mode
[  310.853915][ T6827] bridge_slave_0: left promiscuous mode
[  310.856004][ T6827] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.015160][ T6827] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  311.018950][ T6827] bond1 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - 02:b9:db:69:1c:62 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  311.112656][ T5997] usbhid 10-1:0.0: can't add hid device: -71
[  311.114769][ T5997] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  311.122701][ T5997] usb 10-1: USB disconnect, device number 30
[  311.413646][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  311.413664][   T40] audit: type=1400 audit(1770292871.669:1967): avc:  denied  { bind } for  pid=16739 comm="syz.5.3175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  311.422827][   T40] audit: type=1400 audit(1770292871.669:1968): avc:  denied  { listen } for  pid=16739 comm="syz.5.3175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  311.429540][   T40] audit: type=1400 audit(1770292871.669:1969): avc:  denied  { accept } for  pid=16739 comm="syz.5.3175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  311.474099][ T6827] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  311.480392][ T6827] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  311.483947][ T6827] bond0 (unregistering): Released all slaves
[  311.488938][ T6827] bond1 (unregistering): (slave veth3): Releasing backup interface
[  311.492048][ T6827] bond1 (unregistering): Released all slaves
[  311.579359][ T6827] bond2 (unregistering): Released all slaves
[  311.688340][ T6827] bond3 (unregistering): Released all slaves
[  311.788149][ T6827] bond4 (unregistering): Released all slaves
[  311.879049][ T6827] bond5 (unregistering): Released all slaves
[  311.960891][ T6827] bond6 (unregistering): Released all slaves
[  311.973015][T16707] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.975608][T16707] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.978024][T16707] bridge_slave_0: entered allmulticast mode
[  311.980768][T16707] bridge_slave_0: entered promiscuous mode
[  311.984800][T16707] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.987129][T16707] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.989543][T16707] bridge_slave_1: entered allmulticast mode
[  311.992251][T16707] bridge_slave_1: entered promiscuous mode
[  312.058315][T16707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.072418][T16707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.175299][T16707] team0: Port device team_slave_0 added
[  312.181742][T16707] team0: Port device team_slave_1 added
[  312.200857][T16707] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.203253][T16707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  312.212102][T16707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  312.218221][T16707] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.220473][T16707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  312.229057][T16707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.267808][T16707] hsr_slave_0: entered promiscuous mode
[  312.270112][T16707] hsr_slave_1: entered promiscuous mode
[  312.272341][T16707] debugfs: 'hsr0' already exists in 'hsr'
[  312.275174][T16707] Cannot create hsr debugfs directory
[  312.332641][ T6827] hsr_slave_0: left promiscuous mode
[  312.335012][ T6827] hsr_slave_1: left promiscuous mode
[  312.337062][ T6827] batman_adv: batadv0: Removing interface: batadv_slave_0
[  312.340193][ T6827] batman_adv: batadv0: Removing interface: batadv_slave_1
[  312.370302][   T40] audit: type=1400 audit(1770292872.639:1970): avc:  denied  { setopt } for  pid=16764 comm="syz.1.3182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  312.428007][ T6132] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[  312.525017][ T5290] Bluetooth: hci0: command tx timeout
[  312.583624][ T6132] usb 10-1: Using ep0 maxpacket: 8
[  312.587831][ T6132] usb 10-1: unable to get BOS descriptor or descriptor too short
[  312.597805][ T6132] usb 10-1: config 4 interface 0 has no altsetting 0
[  312.602673][ T6132] usb 10-1: string descriptor 0 read error: -22
[  312.610954][ T6132] usb 10-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  312.617759][ T6132] usb 10-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  312.633072][ T6132] usb 10-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  312.682290][ T6132] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  312.692088][ T6132] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  312.697236][ T6132] usb 10-1: media controller created
[  312.704563][ T6132] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  312.711167][ T6827] team0 (unregistering): Port device team_slave_1 removed
[  312.750607][ T6827] team0 (unregistering): Port device team_slave_0 removed
[  312.843646][ T5998] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  312.846510][ T6132] zl10353_read_register: readreg error (reg=127, ret==0)
[  312.885040][ T6132] usb 10-1: USB disconnect, device number 31
[  312.994977][ T5998] usb 9-1: Using ep0 maxpacket: 16
[  312.997970][ T5998] usb 9-1: config index 0 descriptor too short (expected 14385, got 18)
[  313.000628][ T5998] usb 9-1: config 52 has too many interfaces: 52, using maximum allowed: 32
[  313.003392][ T5998] usb 9-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[  313.006787][ T5998] usb 9-1: config 52 has 0 interfaces, different from the descriptor's value: 52
[  313.011282][ T5998] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  313.014276][ T5998] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  313.016858][ T5998] usb 9-1: Product: syz
[  313.018196][ T5998] usb 9-1: Manufacturer: syz
[  313.019649][ T5998] usb 9-1: SerialNumber: syz
[  313.371685][T16785] geneve2: entered promiscuous mode
[  313.373377][T16785] geneve2: entered allmulticast mode
[  313.379968][T16788] xt_hashlimit: size too large, truncated to 1048576
[  313.739409][T16707] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  313.760001][T16707] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  313.764564][T16707] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  313.768962][T16707] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  313.862902][T16707] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.875420][T16707] 8021q: adding VLAN 0 to HW filter on device team0
[  313.883334][ T6831] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.886262][ T6831] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.896559][ T6806] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.898896][ T6806] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.059823][T16707] 8021q: adding VLAN 0 to HW filter on device batadv0
[  314.085017][T16707] veth0_vlan: entered promiscuous mode
[  314.090680][T16707] veth1_vlan: entered promiscuous mode
[  314.102876][   T40] audit: type=1400 audit(1770292874.369:1971): avc:  denied  { name_bind } for  pid=16816 comm="syz.1.3189" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  314.105524][T16707] veth0_macvtap: entered promiscuous mode
[  314.117040][T16707] veth1_macvtap: entered promiscuous mode
[  314.125557][T16707] batman_adv: batadv0: Interface activated: batadv_slave_0
[  314.131722][T16707] batman_adv: batadv0: Interface activated: batadv_slave_1
[  314.140130][ T6844] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  314.144218][ T6844] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  314.147416][ T6844] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  314.151755][ T6844] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.188955][   T40] audit: type=1400 audit(1770292874.459:1972): avc:  denied  { read } for  pid=16816 comm="syz.1.3189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  314.204377][ T6844] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.206913][ T6844] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.227240][ T6844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.229832][ T6844] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.236163][   T40] audit: type=1400 audit(1770292874.509:1973): avc:  denied  { mounton } for  pid=16707 comm="syz-executor" path="/syzkaller.YNJcLf/syz-tmp" dev="sda1" ino=2043 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  314.286199][   T40] audit: type=1400 audit(1770292874.509:1974): avc:  denied  { mount } for  pid=16707 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  314.293262][   T40] audit: type=1400 audit(1770292874.509:1975): avc:  denied  { mounton } for  pid=16707 comm="syz-executor" path="/syzkaller.YNJcLf/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  314.301616][   T40] audit: type=1400 audit(1770292874.509:1976): avc:  denied  { mounton } for  pid=16707 comm="syz-executor" path="/syzkaller.YNJcLf/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=73473 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  314.565963][T16837] binder: 16827:16837 ioctl 4018620d 0 returned -22
[  314.570908][T16837] input: syz1 as /devices/virtual/input/input42
[  314.593905][ T5290] Bluetooth: hci0: command tx timeout
[  314.600648][T16837] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3194'.
[  314.643852][   T54] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  314.803901][   T54] usb 6-1: Using ep0 maxpacket: 16
[  314.806224][   T54] usb 6-1: too many configurations: 14, using maximum allowed: 8
[  314.816979][   T54] usb 6-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad
[  314.819984][   T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.822519][   T54] usb 6-1: Product: syz
[  314.823972][   T54] usb 6-1: Manufacturer: syz
[  314.825498][   T54] usb 6-1: SerialNumber: syz
[  314.829635][   T54] usb 6-1: config 0 descriptor??
[  315.036557][ T6132] usb 6-1: USB disconnect, device number 27
[  315.472270][ T5998] usb 9-1: USB disconnect, device number 21
[  316.123639][ T5998] usb 9-1: new full-speed USB device number 22 using dummy_hcd
[  316.304904][ T5998] usb 9-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  316.324999][ T5998] usb 9-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  316.328382][ T5998] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.331395][ T5998] usb 9-1: Product: syz
[  316.333096][ T5998] usb 9-1: Manufacturer: syz
[  316.343581][ T5998] usb 9-1: SerialNumber: syz
[  316.352270][ T5998] usb 9-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  316.461069][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  316.461086][   T40] audit: type=1400 audit(1770292876.729:1985): avc:  denied  { write } for  pid=16874 comm="syz.5.3209" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  316.484071][   T40] audit: type=1400 audit(1770292876.749:1986): avc:  denied  { ioctl } for  pid=16874 comm="syz.5.3209" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  316.673773][ T5290] Bluetooth: hci0: command tx timeout
[  316.755814][   T40] audit: type=1400 audit(1770292877.029:1987): avc:  denied  { write } for  pid=16872 comm="syz.4.3208" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  316.762152][   T40] audit: type=1400 audit(1770292877.029:1988): avc:  denied  { getopt } for  pid=16872 comm="syz.4.3208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  316.766680][ T5998] usb 9-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  316.774158][ T5998] usb 9-1: USB disconnect, device number 22
[  318.753997][ T5290] Bluetooth: hci0: command tx timeout
[  319.794292][ T5338] udevd[5338]: worker [11600] /devices/virtual/block/nbd0 is taking a long time
[  322.127171][ T1420] net_ratelimit: 14 callbacks suppressed
[  322.127184][ T1420] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  322.132395][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  322.134808][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  331.514333][ T1420] ==================================================================
[  331.516899][ T1420] BUG: KASAN: slab-use-after-free in handle_tx+0x5e0/0x620
[  331.519171][ T1420] Read of size 8 at addr ffff888035add020 by task aoe_tx0/1420
[  331.521702][ T1420] 
[  331.523134][ T1420] CPU: 1 UID: 0 PID: 1420 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  331.523150][ T1420] Tainted: [L]=SOFTLOCKUP
[  331.523154][ T1420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  331.523160][ T1420] Call Trace:
[  331.523164][ T1420]  <TASK>
[  331.523169][ T1420]  dump_stack_lvl+0x100/0x190
[  331.523185][ T1420]  print_report+0x156/0x4c9
[  331.523199][ T1420]  ? __virt_addr_valid+0x81/0x620
[  331.523209][ T1420]  ? __phys_addr+0xe8/0x180
[  331.523219][ T1420]  ? handle_tx+0x5e0/0x620
[  331.523233][ T1420]  kasan_report+0xdf/0x1a0
[  331.523247][ T1420]  ? handle_tx+0x5e0/0x620
[  331.523263][ T1420]  handle_tx+0x5e0/0x620
[  331.523279][ T1420]  dev_hard_start_xmit+0x127/0x6c0
[  331.523292][ T1420]  __dev_queue_xmit+0x6dd/0x46f0
[  331.523304][ T1420]  ? do_raw_spin_unlock+0x145/0x1e0
[  331.523318][ T1420]  ? __pfx___dev_queue_xmit+0x10/0x10
[  331.523331][ T1420]  ? __lock_acquire+0x4a5/0x2630
[  331.523341][ T1420]  ? ref_tracker_free+0x37e/0x6c0
[  331.523358][ T1420]  ? do_raw_spin_lock+0x128/0x260
[  331.523371][ T1420]  ? tx+0xa4/0x130
[  331.523381][ T1420]  ? rcu_is_watching+0x12/0xc0
[  331.523396][ T1420]  ? __pfx_tx+0x10/0x10
[  331.523405][ T1420]  tx+0xc4/0x130
[  331.523414][ T1420]  kthread+0x1d8/0x3c0
[  331.523430][ T1420]  ? __kthread_parkme+0xbb/0x230
[  331.523445][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.523460][ T1420]  ? rcu_is_watching+0x12/0xc0
[  331.523474][ T1420]  ? __pfx_default_wake_function+0x10/0x10
[  331.523490][ T1420]  ? __kthread_parkme+0x18c/0x230
[  331.523507][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.523521][ T1420]  kthread+0x3b3/0x730
[  331.523532][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.523567][ T1420]  ? ret_from_fork+0x79/0xaf0
[  331.523583][ T1420]  ? ret_from_fork+0x79/0xaf0
[  331.523598][ T1420]  ? rcu_is_watching+0x12/0xc0
[  331.523612][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.523623][ T1420]  ret_from_fork+0x754/0xaf0
[  331.523636][ T1420]  ? __pfx_ret_from_fork+0x10/0x10
[  331.523648][ T1420]  ? __switch_to+0x7b9/0x10c0
[  331.523663][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.523675][ T1420]  ret_from_fork_asm+0x1a/0x30
[  331.523687][ T1420]  </TASK>
[  331.523691][ T1420] 
[  331.594835][ T1420] Allocated by task 11635:
[  331.596728][ T1420]  kasan_save_stack+0x30/0x50
[  331.598491][ T1420]  kasan_save_track+0x14/0x30
[  331.600145][ T1420]  __kasan_kmalloc+0xaa/0xb0
[  331.601613][ T1420]  alloc_tty_struct+0x96/0x8c0
[  331.603166][ T1420]  tty_init_dev.part.0+0x20/0x470
[  331.604791][ T1420]  tty_open+0xa63/0xfa0
[  331.606139][ T1420]  chrdev_open+0x234/0x6a0
[  331.607785][ T1420]  do_dentry_open+0x73e/0x1570
[  331.609311][ T1420]  vfs_open+0x82/0x3f0
[  331.610609][ T1420]  path_openat+0x21dc/0x3120
[  331.612108][ T1420]  do_filp_open+0x1f7/0x420
[  331.613577][ T1420]  do_sys_openat2+0x12e/0x220
[  331.615079][ T1420]  __x64_sys_openat+0x12d/0x210
[  331.616658][ T1420]  do_syscall_64+0xc9/0xf80
[  331.618134][ T1420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.620005][ T1420] 
[  331.620776][ T1420] Freed by task 6131:
[  331.622034][ T1420]  kasan_save_stack+0x30/0x50
[  331.623567][ T1420]  kasan_save_track+0x14/0x30
[  331.625067][ T1420]  kasan_save_free_info+0x3b/0x70
[  331.626653][ T1420]  __kasan_slab_free+0x5f/0x80
[  331.628241][ T1420]  kfree+0x1c7/0x690
[  331.629486][ T1420]  process_one_work+0x9c2/0x1840
[  331.631052][ T1420]  worker_thread+0x5da/0xe40
[  331.632654][ T1420]  kthread+0x3b3/0x730
[  331.633943][ T1420]  ret_from_fork+0x754/0xaf0
[  331.635404][ T1420]  ret_from_fork_asm+0x1a/0x30
[  331.636942][ T1420] 
[  331.637716][ T1420] Last potentially related work creation:
[  331.639844][ T1420]  kasan_save_stack+0x30/0x50
[  331.641500][ T1420]  kasan_record_aux_stack+0xa7/0xc0
[  331.643150][ T1420]  insert_work+0x36/0x230
[  331.644529][ T1420]  __queue_work+0x96f/0x10f0
[  331.645991][ T1420]  queue_work_on+0x180/0x1e0
[  331.647449][ T1420]  release_tty+0x4f3/0x5f0
[  331.648905][ T1420]  tty_release_struct+0xb7/0xe0
[  331.650471][ T1420]  tty_release+0xd7a/0x1300
[  331.651951][ T1420]  __fput+0x3ff/0xb40
[  331.653238][ T1420]  task_work_run+0x150/0x240
[  331.654706][ T1420]  do_exit+0x829/0x2a30
[  331.656042][ T1420]  do_group_exit+0xd5/0x2a0
[  331.657480][ T1420]  get_signal+0x1ec7/0x21e0
[  331.658923][ T1420]  arch_do_signal_or_restart+0x91/0x7a0
[  331.660912][ T1420]  exit_to_user_mode_loop+0x86/0x4b0
[  331.662930][ T1420]  do_syscall_64+0x4fe/0xf80
[  331.664499][ T1420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.666426][ T1420] 
[  331.667218][ T1420] The buggy address belongs to the object at ffff888035add000
[  331.667218][ T1420]  which belongs to the cache kmalloc-cg-2k of size 2048
[  331.671707][ T1420] The buggy address is located 32 bytes inside of
[  331.671707][ T1420]  freed 2048-byte region [ffff888035add000, ffff888035add800)
[  331.675940][ T1420] 
[  331.676709][ T1420] The buggy address belongs to the physical page:
[  331.678718][ T1420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888035ada000 pfn:0x35ad8
[  331.681894][ T1420] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  331.684657][ T1420] memcg:ffff8880250f7981
[  331.685990][ T1420] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  331.688692][ T1420] page_type: f5(slab)
[  331.689955][ T1420] raw: 00fff00000000240 ffff88801b84c140 ffffea00010c2010 ffffea0000e08210
[  331.692842][ T1420] raw: ffff888035ada000 0000000000080007 00000000f5000000 ffff8880250f7981
[  331.696308][ T1420] head: 00fff00000000240 ffff88801b84c140 ffffea00010c2010 ffffea0000e08210
[  331.699106][ T1420] head: ffff888035ada000 0000000000080007 00000000f5000000 ffff8880250f7981
[  331.701800][ T1420] head: 00fff00000000003 ffffea0000d6b601 00000000ffffffff 00000000ffffffff
[  331.704632][ T1420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  331.707320][ T1420] page dumped because: kasan: bad access detected
[  331.709344][ T1420] page_owner tracks the page as allocated
[  331.711126][ T1420] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5929, tgid 5929 (syz-executor), ts 63848834496, free_ts 63843931944
[  331.717689][ T1420]  post_alloc_hook+0x1e1/0x250
[  331.719200][ T1420]  get_page_from_freelist+0xe3d/0x2e10
[  331.720924][ T1420]  __alloc_frozen_pages_noprof+0x26c/0x2410
[  331.722802][ T1420]  alloc_pages_mpol+0x1fb/0x550
[  331.724398][ T1420]  new_slab+0x2c4/0x440
[  331.725780][ T1420]  ___slab_alloc+0xda3/0x1ca0
[  331.727265][ T1420]  __slab_alloc.isra.0+0x63/0x110
[  331.728885][ T1420]  __kmalloc_node_track_caller_noprof+0x629/0x9d0
[  331.730891][ T1420]  kmemdup_noprof+0x29/0x60
[  331.732364][ T1420]  neigh_sysctl_register+0xb4/0x660
[  331.734033][ T1420]  addrconf_sysctl_register+0xb9/0x200
[  331.736051][ T1420]  ipv6_add_dev+0xaf2/0x1520
[  331.737647][ T1420]  addrconf_notify+0x563/0x19c0
[  331.739182][ T1420]  notifier_call_chain+0x99/0x3b0
[  331.740794][ T1420]  call_netdevice_notifiers_info+0xbe/0x110
[  331.742706][ T1420]  register_netdevice+0x16b9/0x21d0
[  331.744371][ T1420] page last free pid 5929 tgid 5929 stack trace:
[  331.746620][ T1420]  __free_frozen_pages+0x822/0x1130
[  331.748740][ T1420]  qlist_free_all+0x47/0xe0
[  331.750182][ T1420]  kasan_quarantine_reduce+0x1a0/0x1f0
[  331.751928][ T1420]  __kasan_slab_alloc+0x69/0x90
[  331.753485][ T1420]  __kmalloc_cache_noprof+0x2e1/0x810
[  331.755169][ T1420]  dropmon_net_event+0x15d/0x360
[  331.756953][ T1420]  notifier_call_chain+0x99/0x3b0
[  331.758535][ T1420]  call_netdevice_notifiers_info+0xbe/0x110
[  331.760418][ T1420]  register_netdevice+0x16b9/0x21d0
[  331.762054][ T1420]  veth_newlink+0x316/0xa00
[  331.763497][ T1420]  rtnl_newlink+0x1494/0x2380
[  331.765013][ T1420]  rtnetlink_rcv_msg+0x95e/0xe90
[  331.766601][ T1420]  netlink_rcv_skb+0x159/0x420
[  331.768527][ T1420]  netlink_unicast+0x5aa/0x870
[  331.770042][ T1420]  netlink_sendmsg+0x8b0/0xda0
[  331.771735][ T1420]  __sys_sendto+0x4aa/0x520
[  331.773198][ T1420] 
[  331.773972][ T1420] Memory state around the buggy address:
[  331.775741][ T1420]  ffff888035adcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  331.778450][ T1420]  ffff888035adcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  331.781299][ T1420] >ffff888035add000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  331.783860][ T1420]                                ^
[  331.785464][ T1420]  ffff888035add080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  331.787991][ T1420]  ffff888035add100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  331.791095][ T1420] ==================================================================
[  331.793718][ T1420] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  331.796066][ T1420] CPU: 1 UID: 0 PID: 1420 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  331.799378][ T1420] Tainted: [L]=SOFTLOCKUP
[  331.800928][ T1420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  331.804422][ T1420] Call Trace:
[  331.805832][ T1420]  <TASK>
[  331.807029][ T1420]  dump_stack_lvl+0x100/0x190
[  331.809037][ T1420]  vpanic+0x20d/0x630
[  331.810575][ T1420]  panic+0xd1/0xd1
[  331.811931][ T1420]  ? __pfx_panic+0x10/0x10
[  331.813347][ T1420]  ? check_panic_on_warn+0x1f/0x90
[  331.814969][ T1420]  check_panic_on_warn.cold+0x19/0x34
[  331.816687][ T1420]  end_report.part.0+0x3a/0x90
[  331.818202][ T1420]  kasan_report.cold+0xe/0x18
[  331.819715][ T1420]  ? handle_tx+0x5e0/0x620
[  331.821240][ T1420]  handle_tx+0x5e0/0x620
[  331.822607][ T1420]  dev_hard_start_xmit+0x127/0x6c0
[  331.824244][ T1420]  __dev_queue_xmit+0x6dd/0x46f0
[  331.825808][ T1420]  ? do_raw_spin_unlock+0x145/0x1e0
[  331.827441][ T1420]  ? __pfx___dev_queue_xmit+0x10/0x10
[  331.829149][ T1420]  ? __lock_acquire+0x4a5/0x2630
[  331.830732][ T1420]  ? ref_tracker_free+0x37e/0x6c0
[  331.832764][ T1420]  ? do_raw_spin_lock+0x128/0x260
[  331.834390][ T1420]  ? tx+0xa4/0x130
[  331.835606][ T1420]  ? rcu_is_watching+0x12/0xc0
[  331.837122][ T1420]  ? __pfx_tx+0x10/0x10
[  331.838438][ T1420]  tx+0xc4/0x130
[  331.839603][ T1420]  kthread+0x1d8/0x3c0
[  331.840905][ T1420]  ? __kthread_parkme+0xbb/0x230
[  331.842634][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.844315][ T1420]  ? rcu_is_watching+0x12/0xc0
[  331.845829][ T1420]  ? __pfx_default_wake_function+0x10/0x10
[  331.847679][ T1420]  ? __kthread_parkme+0x18c/0x230
[  331.849267][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.850734][ T1420]  kthread+0x3b3/0x730
[  331.852091][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.853628][ T1420]  ? ret_from_fork+0x79/0xaf0
[  331.855115][ T1420]  ? ret_from_fork+0x79/0xaf0
[  331.856624][ T1420]  ? rcu_is_watching+0x12/0xc0
[  331.858132][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.859608][ T1420]  ret_from_fork+0x754/0xaf0
[  331.861061][ T1420]  ? __pfx_ret_from_fork+0x10/0x10
[  331.862696][ T1420]  ? __switch_to+0x7b9/0x10c0
[  331.864296][ T1420]  ? __pfx_kthread+0x10/0x10
[  331.865762][ T1420]  ret_from_fork_asm+0x1a/0x30
[  331.867463][ T1420]  </TASK>
[  331.869382][ T1420] Kernel Offset: disabled
[  331.870737][ T1420] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:01:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000020000 RBX=ffff888054af0b58 RCX=0000000000000001 RDX=0000000000020007
RSI=0000000000000000 RDI=ffffffff8e5e32e0 RBP=ffff888054af0000 RSP=ffffc90003657238
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8e5e32e0 R11=0000000000000000
R12=0000000000000000 R13=0000000000000007 R14=0000000000020000 R15=0000000000000000
RIP=ffffffff81e2f8fb RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d65d9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb4be748060 CR3=000000000e392000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffc0000 Opmask01=000000000000c00f Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d534e4f4954504f 5f4e415341006365 786500726f747563 6578652d7a79732f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb4be74d020 00007fb4bdbe5460 00007fb4bdbe5470 00007fb4bdbe54b0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb4bdbe5498 00007fb4bdbe5468 00007fb4bdbe54a0 00007fb4bdbe5480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff8569b430 RDI=ffffffff9b209c00 RBP=ffffffff9b209bc0 RSP=ffffc9000725f348
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000032343154
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff36413d2 R15=dffffc0000000000
RIP=ffffffff8569b457 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66d9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055557acff4e8 CR3=000000000e392000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffff00 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4322d9f45ed39ffb fb449ec1be76e787
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 72679c9a0eccac4a 8f563487b8dc7c9b
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 dec9bf3067160c41 afbcaa6d20f82db4
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9b2865847cfc9d81 5cbfe0d6ff78cf57
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e8ba845933b484af b8003f0500685679
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a13c4dd307811885 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 479acaef549d70f0 93631c198b83d78e
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d650a46b00000000 aa9a128c66ba9ff6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 513e748c8dd9eb98 1ded90b0212e874b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 63f775d49a2deb4a 955de31c7767d202
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7974697275636573
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000002b5c01 RBX=ffff88801def4980 RCX=ffffffff8b76d4b5 RDX=0000000000000000
RSI=ffffffff8dc45ba3 RDI=ffffffff8bfa3620 RBP=0000000000000002 RSP=ffffc90000187df0
R8 =0000000000000001 R9 =ffffed100d4c673d R10=ffff88806a6339eb R11=0000000000000000
R12=ffffed1003bde930 R13=0000000000000002 R14=ffffffff90b749d0 R15=0000000000000000
RIP=ffffffff8b76be1f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67d9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fd8ff800218 CR3=000000000e392000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000afe8 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 db805a9ea2594e05 9262681b181d3739
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 081b7f4df9f2e9b1 7031f3865eee3085
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8949379d12807159 8d8fc80c68d551db
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f67c9e7c169de6af 474fdc199f36419a
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000015400
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e44639f6e9a9c368 000000c900000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e99e56ae00a369fe ebae311000cdbe25
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00a1a72300000000 000000c9000000c9
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c900000000 eb275b2a00000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 41a35f90d11a1a12 fe0867f3b75863bc
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 22e5af0b60f6fdc9 b550aa8cb444728e
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6174616201ffffff fffffffffff10802 000000000000000b 0000555000000001
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000039 0000000000000000 000055557a92f220 00007fd9063e5d20
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08003c980000003a 3c90030800000000 030a08003c800302 08003bf8031fffff
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003cc0030000003b b803120800000000 0008003ca8034880 808008003ca0030c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8008003c0000003c 003ce00300000000 d8030408003cd003 0a08003cc8031208
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000810 3df0030608003de8 030a08003de00306 08003dd80000003f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003dd00300000000 c8030608003dc003 0c08003db8031208 003db0030000003e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bc08003d00000000 003da0030008003d 98033ffe08003d90 030408000000003d
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08003d8000000000 8608003cf8031008 003cf0031ffffc80 8008003c0000003c
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff8880633d54b0 RCX=0000000000000000 RDX=00000000fe09d4ff
RSI=0000000068c1bacb RDI=00000000ef9d33e4 RBP=ffff8880633d4980 RSP=ffffc9000df870b8
R8 =0000000086db7919 R9 =0000000000000007 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000007 R14=0000000000020000 R15=0ac0d5affe09d4ff
RIP=ffffffff81e2fdad RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055557fd2d500 ffffffff 00c00000
GS =0000 ffff8880d68d9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f26fa416038 CR3=000000002e5e0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0661ea3ef1356d15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffc0000 Opmask01=000000000000c00f Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d534e4f4954504f 5f4e415341006365 786500726f747563 6578652d7a79732f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f26faf4d020 00007f26fa3e5460 00007f26fa3e5470 00007f26fa3e54b0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f26fa3e5498 00007f26fa3e5468 00007f26fa3e54a0 00007f26fa3e5480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000