last executing test programs:

2m13.625995304s ago: executing program 2 (id=1332):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000140)=@sack_info={r4, 0x7fff, 0x3d}, &(0x7f0000000180)=0xc)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
r6 = socket(0x2c, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$nl_route(r1, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=@ipv4_getroute={0x1c, 0x1a, 0x800, 0x70bd2d, 0x25dfdc01, {0x2, 0x80, 0x14, 0x1, 0x0, 0x3, 0x0, 0x5, 0x2c00}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x814)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r7, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r6}, 0x20)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@o_path={&(0x7f0000000080)='./file0\x00', r7, 0x4000, r1}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r5, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) (async)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
shutdown(r3, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) (async)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000140)=@sack_info={r4, 0x7fff, 0x3d}, &(0x7f0000000180)=0xc) (async)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) (async)
socket(0x2c, 0x3, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
sendmsg$nl_route(r1, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=@ipv4_getroute={0x1c, 0x1a, 0x800, 0x70bd2d, 0x25dfdc01, {0x2, 0x80, 0x14, 0x1, 0x0, 0x3, 0x0, 0x5, 0x2c00}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x814) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r7, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r6}, 0x20) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@o_path={&(0x7f0000000080)='./file0\x00', r7, 0x4000, r1}, 0x18) (async)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r5, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) (async)
socket(0x1, 0x803, 0x0) (async)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)

2m13.42888753s ago: executing program 2 (id=1334):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x4000c0, 0x0)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, &(0x7f0000000000), 0x4) (async)
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a0, 0x0, 0x4c, 0x1a, 0x0, 0x75, 0x320, 0x258, 0x258, 0x320, 0x258, 0x3, 0x0, {[{{@ipv6={@empty, @private2, [0xffffffff, 0xffffff00, 0xff, 0xffffff00], [0xff000000, 0xff, 0xff, 0xffffffff], 'syz_tun\x00', 'macvtap0\x00', {0x101}, {0xff}, 0x0, 0x3, 0x4, 0x20}, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, [0xffffffff, 0x0, 0xff000000, 0xff], 0x4e20, 0x4e23, 0x4e21, 0x4e22, 0x1ff, 0x9, 0x1, 0xc7ec, 0x1000}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x300)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600) (async)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
recvmsg$unix(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x2022)
ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000200)=""/168)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
preadv(r6, &(0x7f0000000340), 0x0, 0x787b, 0x13)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000180)="360f01b2000000000f015c40090f01c5b8010000000f01d9e600b9800000c00f3235000100000f3066440f38809bf5ffffff640f08c4c2792a39410f01cf", 0x3e}], 0x1, 0x43, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000180)="360f01b2000000000f015c40090f01c5b8010000000f01d9e600b9800000c00f3235000100000f3066440f38809bf5ffffff640f08c4c2792a39410f01cf", 0x3e}], 0x1, 0x43, 0x0, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'wp384\x00'}, 0x58) (async)
bind$alg(r8, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'wp384\x00'}, 0x58)
accept4(r8, 0x0, 0x0, 0x0) (async)
r9 = accept4(r8, 0x0, 0x0, 0x0)
accept$alg(r9, 0x0, 0x0) (async)
r10 = accept$alg(r9, 0x0, 0x0)
sendmmsg$alg(r10, &(0x7f0000001740)=[{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000380)="443d7ac2fdafd219acec64e5693258e0f22582e7ed262bedab8856494c3a653998657a8151caa417a2462b1689de7e601fd17e9554032ff0170c7b0536a05223", 0x40}], 0x1}], 0x1, 0x20000000)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x56, 0x0, 0x0)
socket(0x2a, 0x1, 0xcabe) (async)
socket(0x2a, 0x1, 0xcabe)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$PPPIOCGFLAGS1(r1, 0x8004745a, &(0x7f0000000100))

2m13.348921489s ago: executing program 2 (id=1338):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000001c0)={'ip6gre0\x00', <r1=>0x0, 0x29, 0x0, 0x6, 0xf0, 0x76, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x8, 0x9, 0x4}})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000004900000126bd7000ffdbdf250a003f00", @ANYRES32=r1, @ANYBLOB="ffffffff13000100ff020000000000000000000000004433b487e75ec50937a6860001"], 0x30}}, 0x50)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r2, 0x4, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)={0x30, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x40}]}, 0x30}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r3, 0x300, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x30, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="5bb4323b2489d15f936507baf6a514573277e4a76819fb3c3dd536c1bfbd764d"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x4}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c0}, 0x4000000)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000001c0)={'ip6gre0\x00', 0x0, 0x29, 0x0, 0x6, 0xf0, 0x76, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x8, 0x9, 0x4}}) (async)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000004900000126bd7000ffdbdf250a003f00", @ANYRES32=r1, @ANYBLOB="ffffffff13000100ff020000000000000000000000004433b487e75ec50937a6860001"], 0x30}}, 0x50) (async)
syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00') (async)
lseek(r2, 0x4, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)={0x30, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x40}]}, 0x30}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)) (async)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) (async)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, r3, 0x300, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x30, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="5bb4323b2489d15f936507baf6a514573277e4a76819fb3c3dd536c1bfbd764d"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x4}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c0}, 0x4000000) (async)

2m13.289347877s ago: executing program 2 (id=1339):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETGEN(r1, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000d40)={0x14, 0x10, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0xa}}, 0x14}}, 0x24000004)
dup(r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x23cdc43, 0x0) (async)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x23cdc43, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r3, 0x200000000114, 0x271e, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) (async)
getsockopt(r3, 0x200000000114, 0x271e, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000002440), r2)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000000)={0x20, r4, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20044845}, 0x800) (async)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000000)={0x20, r4, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20044845}, 0x800)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200), 0x13f, 0xa}}, 0x20) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={<r6=>0xffffffffffffffff}, 0x13f, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f0000000280)={0x7, 0x8, 0xfa00, {r6, 0x6}}, 0x10)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000001a00)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000880)=""/4089, 0xff9}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x0) (async)
r8 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000008508bc3abad2028581ceb97765a55ee0"])
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000a00)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f00000009c0), r6, 0x0, 0x2, 0x4}}, 0x20) (async)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000a00)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f00000009c0), r6, 0x0, 0x2, 0x4}}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0xfd}]}}, 0x0, 0x2a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)

2m13.239124549s ago: executing program 2 (id=1341):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xa)
r1 = socket$kcm(0x2, 0x3, 0x84)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000080)={<r2=>r1})
sendmsg$inet(r1, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0xfe, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0, @ANYRES16=r2, @ANYRES64=r2], 0x68}, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

2m12.158550332s ago: executing program 2 (id=1344):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002200), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="d00000001800010600000000fedbdf251c140000fe0000010000000005001a"], 0xd0}}, 0x2400c800)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0xffdf, r3, 0x5, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IE={0x4}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x30}}, 0x80)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f00000022c0)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002280)={&(0x7f0000002240)=ANY=[@ANYBLOB="34900700", @ANYRES16=r1, @ANYBLOB="000229bd7000fcdbdf254c00000008000300", @ANYRES32=r5, @ANYBLOB="0c00580005000000000000000c0058002700000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4000878}, 0x20084010)
r6 = syz_io_uring_setup(0x109, &(0x7f0000000000)={0x0, 0x9a9f, 0x400, 0x2, 0x10004000}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000002140))
io_uring_register$IORING_REGISTER_NAPI(r6, 0x1b, &(0x7f0000002100)={0x8, 0x8}, 0x1)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00')
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x10c, &(0x7f0000002180)=0x6, 0x0, 0x4)
read$FUSE(r8, &(0x7f0000000080)={0x2020}, 0x2020)
r9 = socket$caif_seqpacket(0x25, 0x5, 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_int(r10, &(0x7f00000002c0)='blkio.throttle.write_iops_device\x00', 0x2, 0x0)
preadv2(r11, &(0x7f0000000240)=[{&(0x7f0000000080)=""/8, 0x8}], 0x1, 0x6, 0x4, 0x2)
sendmmsg(r9, &(0x7f0000001080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
io_uring_enter(r8, 0x57f2, 0xd3df, 0x40, &(0x7f00000020c0)={[0x10001]}, 0x8)

2m12.105450965s ago: executing program 32 (id=1344):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002200), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="d00000001800010600000000fedbdf251c140000fe0000010000000005001a"], 0xd0}}, 0x2400c800)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0xffdf, r3, 0x5, 0x0, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IE={0x4}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x30}}, 0x80)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f00000022c0)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002280)={&(0x7f0000002240)=ANY=[@ANYBLOB="34900700", @ANYRES16=r1, @ANYBLOB="000229bd7000fcdbdf254c00000008000300", @ANYRES32=r5, @ANYBLOB="0c00580005000000000000000c0058002700000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4000878}, 0x20084010)
r6 = syz_io_uring_setup(0x109, &(0x7f0000000000)={0x0, 0x9a9f, 0x400, 0x2, 0x10004000}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000002140))
io_uring_register$IORING_REGISTER_NAPI(r6, 0x1b, &(0x7f0000002100)={0x8, 0x8}, 0x1)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00')
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x10c, &(0x7f0000002180)=0x6, 0x0, 0x4)
read$FUSE(r8, &(0x7f0000000080)={0x2020}, 0x2020)
r9 = socket$caif_seqpacket(0x25, 0x5, 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_int(r10, &(0x7f00000002c0)='blkio.throttle.write_iops_device\x00', 0x2, 0x0)
preadv2(r11, &(0x7f0000000240)=[{&(0x7f0000000080)=""/8, 0x8}], 0x1, 0x6, 0x4, 0x2)
sendmmsg(r9, &(0x7f0000001080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
io_uring_enter(r8, 0x57f2, 0xd3df, 0x40, &(0x7f00000020c0)={[0x10001]}, 0x8)

1m30.313727349s ago: executing program 1 (id=1914):
r0 = socket(0x23, 0x80805, 0x0)
accept(r0, 0x0, 0x0)
fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
close(0xffffffffffffffff)

1m30.219421311s ago: executing program 1 (id=1917):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r2=>0xffffffffffffffff}) (async)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000000c0)={"3c2486910284ed923431d4c5d5fbf514fd00", r3, <r4=>0xffffffffffffffff}) (async)
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000040)=0xa45) (async)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
ioctl$CDROMPLAYTRKIND(r5, 0x5304, &(0x7f0000000100)={0x8, 0xa, 0x2, 0x5})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f00000001c0)={"1322030de361dd494234901b30ca190b6505c85c0e8c361eb4b709000000bb0d", r2}) (async)
r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x2480, 0x0)
ioctl$CDROMREADMODE1(r6, 0x530d, &(0x7f0000000780)={0xa, 0xd, 0x6, 0xea, 0x0, 0x9d})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x5, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r8, 0x0, 0x83, &(0x7f0000000080)={'filter\x00', 0x0, 0x0, 0x90, [], 0x0, 0x0, 0x20000000}, &(0x7f0000000100)=0x108) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000086ed0e75c9b0dfb0", @ANYRES32=r7, @ANYBLOB="000000000000000085000000d30000009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1m30.016185289s ago: executing program 1 (id=1920):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000003540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003500)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x34000041)
recvmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, &(0x7f0000000180)=""/207, 0xcf}, 0x20) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r1) (async)
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272)

1m29.148576936s ago: executing program 1 (id=1927):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3={0x1001, 0x3a, 0x1000, 0x3a, 0x7fe, 0x0, 0xc}, 0x1c)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r1, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="025a4e000000000300060000000e0002000000e0000009000000000000000002000100000000020008000200000000030005000020000002000008e00000010000000000000000000000000000000000cd4097c022c8006d0d92c7f7fd17c71e0fa299d61ebc9b3637b88783a4d411c51d5cabeb4bf850aea8d131d86ef445a7b3fec6919b29c717e069ca47baa8e7292633734c58a5923b340fbce176dd88739eda8848b1999e78867faf5a6f65cc7142c34578a483990fe12692d8eb30d065f71f704f1f558de0af338d48035f5474cfb92f5587"], 0x50}}, 0x0)
r2 = socket(0x11, 0x3, 0x0)
connect$inet(r2, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_dev$audion(&(0x7f0000000040), 0x7fffffff, 0x204181)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000b40)=@nat={'nat\x00', 0x6a0, 0x5, 0x348, 0x208, 0x0, 0xfeffffff, 0x160, 0x160, 0x2b0, 0x2b0, 0xffffffff, 0x2b0, 0x2b0, 0x5, 0x0, {[{{@uncond, 0x3e7, 0x70, 0xb8, 0xe000000}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@local, @gre_key}}}, {{@ip={@rand_addr, @local, 0x0, 0x0, 'veth1_to_batadv\x00', 'xfrm0\x00', {}, {}, 0x0, 0x1}, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x7}}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x3, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'team_slave_1\x00', 'netpci0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @dev, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b0000140007800800060000000000080005"], 0xac}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0x1, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="b4000000", @ANYRES16=r5, @ANYBLOB="00042abd7000fcdbdf25090000002c00098008000100090000000800020005000000080002010900000008000100000000000800020005000000380002800400040004000400080002000010000008000200ff0000000400040008000100030000000c0003800800020006000000040004001400098008000100a304000008000100ff0700000c00078008000100040000001c00028008000200090000000800020001000000080001003600000063b4fe60005c67e4f4315fd53b66e0fdbb9b177ff1f2451e3d00b878c424e88e1c711ee6dfe352422e1738e25aa9d12dcfe54b0f7fafab3d4539dc12ce597dcbd4171445ceb9f6c4f291b6976fba71ca159dc9966591342c2e73cfdcbdbc3809e215b07190e773397f30cccbaa78d6d5cbea9977e84c1a800c593aaaabb3040daa4bef50f5d73bdb238e45a9e900edd9f121e8d596e45d058ced403e8db4314214109fd4d826218659f5b694445b54bda7e72e1fd920e41441a45ed38edf86396ab1ade8"], 0xb4}, 0x1, 0x0, 0x0, 0x400c844}, 0x810)
r6 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r6, 0x80045700, &(0x7f0000000300))
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r7=>0x0})
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r9, &(0x7f00000041c0)={0x2020, 0x0, <r10=>0x0, <r11=>0x0, <r12=>0x0}, 0x2020)
mount$bind(&(0x7f0000000080)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00', 0x0, 0x801004, 0x0)
write$FUSE_INIT(r9, &(0x7f0000000380)={0x50, 0x0, r10, {0x7, 0x27, 0x1, 0x2241100, 0x66d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r9, &(0x7f000000a280)="1695367704d10dd832678e4e2d01860484a69eaac410e2d6cf3b3d3925f9a3cb602592377170dffdc4de86f163e390e21d07459b0f058cfc248c4bcbe896f3c68006f3c2cbe07c55b87170871c1d364d740faeb750c8c8acb76aca18bc0c018ed341b55b0ef80cefe95b85756aac978a0e0b5ce59cae6657643e7ada0c1336bab310888351664553c2faa6dd39054e19e23cc7c4b4d33546407f880194aa0761f2a9360c4ba26de342328b92db81ae84fc9c1e9eefb4b7ec3f58a6d5d23b907327b14480a37f3c84305729a91c28807f8809b997235bfa2d4b6f45ee9568bb4a416df34f4140c5e272bfc068ea61a48b365490ccb02772a906dad457f5d2dd1a57cc1209e8897c8115049d7e4e3c756a7f5ad0c004ef66c8bf91f600910e73b4aa5f516bab5cd62ad93642960ab32b7fdaeacb1a9587a389a529c231f8a47a65fb6d27ba6a0eeb46660cd75dbf47df89e9f578eafa6992a12d9d7de56d69fd0e30b15caabd13c28d63921597466292f8c4e87f23d53d52e6e8f1c9295af0743c8c671a49273074ba44dbce9e9b1136a93dbc19d2b8e60cda5f50eba2d814822a68a0fd4ff5e6a25dd5346f96b26b5e1563ebb97829a76fd8c2aa467499fdced91b05b193b68316494f11f5ce97ed8e13d474b03c6f6eda4eff54b0ec362fda53003e6e2a3868a5d57e2426aed5adccdac8e162c6cc20361dd4709889b79b2810ba42f531fdd3746562a00da65b4211fb7d8f482a3610748d3b80d2942d8432471f98c6e9036cb57f3913b31dd8baddd6d85b44e8463b838fcfb6979628c5fa3dbd30688e10b9ede257ebc7b96d4092f38d11b9e6a4d10490a9df1387b3743cf51e206c7dbc0741c408bbebaae7f36d81b5ce5b21bb9fe992c8a0cb3a91ea2df21e571ff094b53b17c46fe22c0cead29144d203294eb42c984790a6b6348ed8b7b0317ee5b2353cc54bcfd808bf0f61f73917584e17bd9259c8a04d2ba3b4f931571947c77035975933471fb1203088dce478eb4e411ddb7b88caeb02e1cda741245df701a2b5c29c48a631eaf18549bd90c70222fd6dafe5550726bb58dd0fbf84ffeeae683a0379505f03740a652025add8e0e4e6b5bfb4bd0876dfe1ecb639acc110eba97294a4e4642aefbcad04ba50d830e945fd9900ee7e02488694041f43cbaa86280c1df64e8f1f81f7cd5130914efd19b58262f3bd2c43bd8b4a5beac09f1ba27020521994465e62c329debb50efe0716d22cf0056febc7cb95aa818e10639077e91cac3c80b37d6eebc6907dde971b578383ee04086a0dad18750ceff6b8d6d373afa93a51fee65fe1318c1ac291b784e45d66962c8b54571bc1e92a996c11561d94af6ecdd37948d35adbd1ad63c1c05c31c7f4afd707aa1956d1444fec1137fb6d81f56566887131777e5fe3e2fafe8af8f21ed34480afe74afb25d8d16f8089fcb851ac49dd826b7f273aa3d771856d712c62397d49c72d93e3c2a5e6b9767fcff0fc5b3d70dcd70ff8bad5dfd7f5a84c194f99450601f970104f9be026852ead21824152dd8f6536fcd01a69177a65f2af266e619d61d20de0c738680fbec29e7c594cad29f009d46d87908c951b2e4ad8d9a67db8be6f570fe5416d9e4dd22a108140a1c95369731807325ee7f4201209a795fa1609ce8fa27384677816f651a96cc08400e1b647bdddfb851313e3ccaa472b9a6a1da3a0936e119a6d7808f09de244d739c39df3ed36004b77cb54b6b1396b718c87fba28cb1439c7d1d140dae1ee2c2a7d647427b1e7472710c7ac4f1fb0fc0c9d15ecce28167d23e2e42474dbf1c63c0819606be9c9b6dc2eb59bf9932568ef408c20e9498cf105e84eee30460d4348f4cdfab623b416adadb4427887d9b1b6b8db75b224e8a55fa0351d21093b2b7e42e6685491cbfce100d602d0281f4bd086b50612f3ccf055fab1aad97a52695a233c3d458be4536b66b0acdda5ce0aaab48bb7d7f39a8af473c4478991f1c4569839eab0c1d684001ee1772290871653a2293bb7754c1eac178c60f86e2a98e1992dee198c76365f2d04d159d7c210c6cc58764e3b7dfb5bc15190555febd01c69cab8f55926c28a13fa4f9060dde1ca2df7e1f71fd99a0c350d7f0e341ece8e0685e9c205b486ef400910211b688f07fb05b542261c74b45f4ac23ff53e9e620ab12dad7b5131f67128bb8ed6a4a70caec437f2157f8bcb3d080091e5715dfc7d7539dd0320c90d0aab6a6d7a447ebeea893a0efa2176292c648c62cedd4138c9d0535ab0621855484fc43e0e3e84357db6951bb21fe2f4e99fa188ebecbc23f73ea879bd304408acd1c470fd112606ccfd7b7970e950ebd363afbba359a51877248a42845097094ff785dc82264225752f3aefa980d9ed5309b48f47a5b5ef49f69808b91bde955277b6525f55436ffeba0bfa8c13f6314c57ec97eea295afc66a9f4ec844474c0da6ff1ef0c6c65c035f3bb74a70ffa668359b58a46af97600c428626b45c81a4e372e198894c02e2bee8010fb4c2c075ea623a6ee24a99e225f809322df6ea6f39b1566b1aee5403d45ba648f94f70976013199b3241744458d030a5319360780897413289d89267c389e04f23de79adf4b864c5ca76efc225eb1ecf6424887f0d8b3ac13cbe9df4eb69f7b702e85fb396dc4a030d57a8c4edd227ee568fb11a9859935ad53dcfdb01727f106af352c569a020b7e405a1ad4c6b39e2e8796fe9f16db3794550f5ef3ecd6af2b2ab0383e6c198f17ada5840bde84ccbaa661d9c456d9ddaf92763ba450098cd5a971d847fd5030a4c9b066ab3b0096dfdf7e5ce2f8349165f94c493b7e4192e85239bb11552f910fb41c5e96ee10fc8dce711e88e0572ce0bbbd9c9f3b7c9dae89f1dfa6af309c4321755a5b19070c8731ac590c30fffb69feeb75f699aebb101d3a30f784f1745182cb4f0bf63a148b521f0a03c691927694ee453b278523e3ed256c150098a932f62c90ac65faa4b9782c27a3ef6ca2b5ecae6a01d8a1d7096bf6a7d1b317a9eab22ef4907c631bcca224f723f5fb9a44d7e1295186cf37fd71343919aa167fa70a505a73e9f52a11cfbd40d8c1087d4ffdfe45a40ed5aebfa4b0c3622c78a914d68dd92f46478711437ff88803ab28cd9ce2223aa0fa37eb9d9a4a7866dec4ca6bb66e794ccac6bd19b11daa0b6d4d42cbcf7d6426b5718030ca51bf92b3d8ea0b11c46ec5c0c6e3805c88b39731b2b751d9928ed1ddba7c66bcc5273d709fd295aa0792384435b98c1f44575c028ff2869074156713931f7e62f8b0f8c7ee9dfeaeb2e096e77600586a47d6f6a2e13a17dfceae46ad84858bf8873f9f1e35fc700aef0a648af168ab0774a3441a203ef325577f2c76f5f0e5808acdc7965bc65e8ad1ca816bc3b67711ea42e619c957d0f26b394be1f3b0c4ac9af8558eaebf5c1c27b6549022513479b4c28dbe3f1c3131cc9211eee768f96a9c8b5e0e6425bef921a355faccf0072ba19b16d88b75feb5dc8fcfc1b7b5973eb9654ca3dcfd482831ff5d1fe09fe7ae43cf129c8c17a6686685a13ed076f34608b7ac16eb8e9de6a44418c4e3f8162e6a679bc9482df96a04b14575ebf093b99bf5cc26495f5dd6e571129d9760de3f801b001a1f3248d14f579bc519de2b656641a88da758a2ed3baf15fdf2739ddb44f0e5892de7ea48e9302129d0c939137b9d0687b296577675bcbf433a53f6a9816797cbfef1ba0caa2b8602387b5a8bae24d3e15d42b34d81708738fd269c3e8cbacdc3ff5ab1d4816a783d7be0f0a8086e345a6b4c231ffd61745f6c45cfceaf6089e70542aea1574e3c78740f77a08eb55b37f03549c1dd318cb5a76094210e8cf800c350d328fbf9442d0437e7affd54b3bfc33da3f24558f3ea8e59da8e61ae60e7e7b4de7179b8cf941d51d420c8eee69143966800dc4f7bcb50a033331fcac02a65e88de28ab219c68388a9da9196e044dd1ebbd3994bf8cc862f6f8b419fa1f4f4e5427f10866b498935fa28b8e6f9c5e48be8b74b9c2262823390480f71aff6cf72281f526265877d223eef9ad7a4be7438f9afb6aff0e80c5125c2c612ceb83f0470ea04479979c0a10fbbd0bed7379e949cc19fe36fbcbcc59a9fe30a2662d3e4d22862e8841b587b8995ef8482bc60fe0863b41752ef3dd44a387eff101595822bf1ce440ff9e5f73e560e4f7fbfe4754d9dabbcd92de02017eb43d3cf7c75e45ba04009a782a68ce11eefd52253c721daa5f37c6408e37b48d1f2e36d7c1793300f2c9039e69a52057486b63c0fa644d00528ce48f2e551ca88e356ac25ae74c73492ed3e6233490acfbe7ed8244f23e2af86e0ade6b78bb34a75a86f6cbadbd39762680cb0821d6d28f18d427df13d0e747f6da54be970e43ef8ca8285dc8bf44e3cecdbf2d8757a9800bb889b846d58cc636a2648809451a95736a0ecec6ea3fe61fb24dcd8a00ac0b8933918189cda555b17e431d99ee190d6d0d9f769e665ec193ba8889ae72a01e18b98cebb75d20ed778e5778ef657ce85d40eafa44b46f293d64023b877e8c5d58587c3abecf9a1ad8d874a4cdba0bfbea61b7eb19e81f7c932be12a83bacc51017b42dbe2931dc11c742a5a942cb6ed9bd9922ad78f55b0f6cbae0e8d4235140263ed8c83ab22e71a0f0a62b6920b5d5109e415254e527546546bd025cf1583e3e8d9d5bf735a4651fa2e5c3c86a185bb77e9b75224cdda8cb0eb21d9e3bb19e286832aa5dce19f055539a0a5caccfd752742a31d0af882c4f02c29cbd90ac2cdf5cc61c448cd09eb7b82b930ca99962c0e5ed84124fe37f7d30aad0296ee340377a7e0aa7413c495ac8ab0b482c4c5f59872efd5a1ceadbc7606e67d3c79a77d095bd82519db0893b9d2bbc2b2f3a7391826840e49424703c006399cde5f2a52a9383e89dfbfca284be4d75dd3aafd8a43dc6c71bd7fde9460647eb5c97707e96ddb9124d6020da38ee7ad743db8fd0377a8711905194c496e39a2132d7bbf35b79f920b6dcaa73625bf8b5320da250513cd45bf42c8072809ad59d69c02f0554cf82b79ff291e42d9227de1948352b0dba0281b69876ae0ca24972a5e75aee7e0a46bd4fc83f5a0dd3f22d666f2d950ca580c6da6dfaaa293beded10d1328613611b6e01d5d8567541e81466467302d8050a3ae4791fbddc1aec749edb68173be5341166c1d5c42d63e7368473e48bafa43459de3fa3a5550a4ac979711dd9a2d6796b0bcf9b5881124ade4b12bf64fa55724976a0da9d642e76a036c430f5fb2c06d599b0f78e978580f8eb763d2846177ff18b9b5cf8c76197ed809ef24212bc5563a1713214ce78e0e6cced6e41578d46a07839795c83c189610244bc1b680535fce39f290da90d719078015d90020b1d4567a97081b48514709df8e327d814e8c15496d90efacae6b13e297ed520d280203896bbc3a23f3b638adf594de03a782bb292a93ef0b14b8b3e13c01787a0b7bfb3abd8ab15eebbc651b7b054d3e56ebb7808de9b9bd067560ec6a6432455b37054292a3d9d32434506bf84b2907560017089de3f60c2deb4dfb7371f96d65a575d446aa1d2df81867135120df4e24e9227f72ff9f8f015a7754948704ecd084a1a93fbeb5a44af086ef73e9fc1c072b7d5473e92558fc2824acf27f1dbe9b019247d3074bf4256a966ceb674a2c4222632c8e4b6c0736de019ccfe4cca40b9b07f8c4df9753cdfb4ad66643ed71510983e29c2b5f9ae7db4913cb74d9dd0461a900810650d0da73f766aa6882385f3bb40644bf43f01faf2aa4cd187659edb0498527f201442b64349afa814b3dae5ce815971f3b11d177e3e1aaf90c7674c097d475640218ad27e63f9071c9081c06d9b5d1f3a070da3eed4f4080190a74063e7f97b5f35706dd1173dcbfa13a70d5362e50d57d0c5105c8d3beb926d93f61699e737ebe1a935839c3aa5b629dc93aa209d9e7774c40de7f59fca1eb274a8280022a15934e5dd2579a8cf5cd16a3b0a1ff3ea712c4258164fe2fa17a4cbfa5630f4041bad4204605eb2e762d610fa17dafa415ed8a678da1d4b5a6618d71d0066d66e3ac10b3ce65137a5a02344abc57f1be4ce0cbf1a2ac66dcb5e94495e863819c627e4704fb479c232b27aa4a5dfca8896a7eb8e0592b6b392ec9fa2767f569d5c1356d7ef7a909d8ee344ba017c75ca664d98f5288230b7f1ffa2fa7a5d07fab5f4b53b7f19c3fb361795fd632fa8a654004d931b4b7fc0890927aec727160cded3c01b7e40e6b81ce015796895f9c007762a1c22acfb9513eccd93c845e91ea8b0960b299b3ce788cbcce5bea9a94325289d2c3573975c512d56e19c4655f849b3652f8b5f9fa6f49e03202f2031debe3c299c3ceceb1febf4b285da9033493088a36f885ed6d3958b8d05cc6be00f3465de8bf6e41796d17e393067585b459b143d592cea102f584e48676a45f896cf662bd6b3b2309aa7f46d2b8ec6597a063f12bcc88922050c8c1e070134ce77ab1cb7a7f29983a0b30d9b2abeca5cfbfc55e941376c616c2834b1c1c9a9473b531c86c3b708478ee95923fe6a8108c2c4dc8a78a9d5e995f6c815b292b986cab0afa233ef10567a49d4e8dc17f438b90b620df4d291b52549ac8e1b69078b62011ed4bb0e288db740817ff07d01e779e11cb8e0606b5ca3aac6c7b262499f5a115acdad8a67b6eb77503318ef3bf0008347b270aa986d9e79e2af174f38a4743250c1091e6053a7a785464483161aad3ef3ad976e5329b71afe9bbfd93d7541a1014db4cc159ac266021e841c665217fa150e130f921ebd4cfb5accdb87f5f9bc0fd94b402289db4d0ac3f0906a689aef044c09fc2c5a00f7795ea935aeb943eb32826bd2176c1d1cb058195e3229d293595ebc07514c6b038a1d964199c59e59d4fc621c54b7bbd3410ccec22f7fb6751527c2aa0940ed2f0c9dcfc4e99ced91d09ba4a37042b5f48b127439cad24df2951ff1e769d3892dc4788dbbe27cce60f7f0138789444712e84e059ac0a4e87557f6c3369fc61b9a843c816df3cb4ec77a11e16390234da24dc0420f6a44554fc7954cc74d63ec030d4d964898e14500d0dacdbb2959f7a8a191773f66448348f36c3f4904187088bcfeafda7dd721236810d04469e93ca4e7926305c25b1ef1380d775008fd238e33e8dd2dc5a9783f97414487a7ef70eba3dcf71331803fad223f65aadfc87d79512bf311c14926d619a089f5e84c46f4a9ff393969f8eacc8fa20acaa9eb01a8aab625853e415d3871e555a11ee71ee93cba85ee9cde60b3962e294c2c840f0a1ba87714bac54f1ca0ebda74daa3e8e19d382b951d64a22da48c632ec5754f42129214a807427e69a93c128b6b0a8697c9ee375818dd79244a38287fe8f66c7cc3aa18aee2fbf804fc1aadcc7d2daf75be82a60276b6902a51f2bbb64c261915b80053fb9635f405f1fa855d1ec8adc0ebe9648b8151eda70ec5ad5f704fa2a337bcfb7ecbc845a11cae7a68d6bc58f107ac7bb0c2f6b83edc48703ba00c94036b9af4ada51d6d78bfe697df06f47573c14cd7191ec52dc0f208ecdcf54669529bba2c2fb7a6b38f6f2b5ec5fe876f03c096ae092b6f881a84b00edd1e9f67449069d876afaa99eb1a446f20656b5104c72ed28bd8553c724785f4e8bfdc33194409960de4969b708ce26e4cd608d21ace0c38e27d54b55369a9e807cfda9a6240466dd94f6150d4b0105f7b9ae392009b2cf146d1dad5d7c8664463d7d60d11b45f30d01db7364e21ac557d37a4c9ad88926c472e98710d2cbfc4b70d6a5dbb128d46909e634761c6f6952bf9021aa5282c391dcee3278a25e3e2ee31a7f6713979a546084fb2e598214c36a3b7618bf23c57bb23b33e9c98dfe5192ef257dc2d891a6f7c11be334fbdab015eedafe1c4aea95ff1fa6d340d0cade542f3f782c1589470fa64c6fd9ac0c31536ecee0ae312f992733beea6fcaf7562dd6e0f2c016f712ce14d93f02a54f577c75b444fd7f46e9bd2cd9cd1f89195781d88f984eca45c97355095d3b48b0d9bd730c7d6f63b1dc78d2344bdb0f18c4e1554822345c11efa2ba32bcef4f29ed05315cf44617a80d7d1392de077bbda08669c8c3cb6c0b12f872f1247bc1d07634bf5bf4acc3a4ecdae7e6acd7c4af9820147afe55500a7270d7eb511f907339e5af54cfaf33e2364f54091ebee2a245ba048452d383cd441604c4dd1c6376e4df8b83ebf6070d2be248174fc1dc0a1352c103325360aeb3ab71cb73bb646ac6247dd68155fd48b90250c3b0f250a74f827780367e117a94094e5005e2f926accaef0b3e36c25e315c1e80cd4c3481f3465d99025c7de91c45bb8dd0a5577174c1f366017d87d2033239a8b6f399a9095845b5fafe9cca113b93f455bb790709b6c93fcbbd0c4bd7b5d621088dca06802e241836291226ad56d40b3b4e90eb68bd5845742baf4cb4a69b4bdb07f02d0bd6fbb5a5fad3af030816b254725e6db4073b7a0536b884c8985c3a159cdb105c73f7e0e03546248336449eff6afeb96cf8ad3617df18ee2247bc2d11ebbe10e0379f5578c41611872c5461541fb4da5be3f3348e0592982a61c352315370a9b452306c9f31f9040ef755ad096a8733dd9daf6bdbcb7a3521ad2282ae4fa7bfdb9cda5997ba3a6652af46c6d0205bb356dfb411e2b931b357723bb70254211819b74a461ed5c126cec6573cda4f6107fc3ebc76483621e9ab5789a5575ea3a91463f76138ea0f3ec9c44e1cddb2de59bef83333d235e922b920e267453676575b38e6415bd136534b8df2360ab489fb69eefd04b66758ab5dd105be7b0635f7194f9e4b158b22b21ac97fda4e804747a9718b40a32531cd5c3fd1d3c1dd8ba5ef9c86d3c8df8c71f81da1a9756e5db4dddf70755053f7129d656a8069fe83c39ab240cf7a73f0f880ec7a791c5115ab262184839b906c238eaabf2268dfcd6560c5bcb70fea00b580ad52e7de0333e6de63ae351952e6e5dee6edf284de0a2f53e2089db13bd5eca5f98883a24eb2e1a58ae199f8db9c60a5b6b85585b2d2a17d6b5406e5668685d95c4718c375db05f7953b363c25d2ed0906eda70eb659845acd31fec9b8e4d5951d12fd50bbb969dd824a78c72622c8311a980f0f2e6a1ddc368879a1f3a07d3c0780e85a4e5d13223a3424782e3f77bf6a1ebf823f468d41b777ff61345064f1096ed653c277bab90ca5afc8ad6d25f4447236cdd82950afff27763f3fef5308f034379f4ad4955cb8cc5280d51b5427de4eba374f64dde2f1e7a6ae628aa4696160a5cf0ae9fc70e307b4eb19c0a5af2c2855710c8e117211d73a7e7f3f7f2ba55d03a4b73d816c9c3fc1edb86ec95ddcd77884a913805ad6549e7a5f776a1c2385dd6d83877727f128207cda29f83462269a7f606fa31934d06a6e0efd238d0a180c754a9d2e85609fd20c880ea0e79cbe887c442f9f682801da783529e1e45eb3e70195fa2711fa291dca43ee0672b7afc14cf87b9506a7ebe223019c856777e1783f6ae1b0ed90486b32e3b6f7ff77be834c7b6676da6c8052fa49450e3e16a6f90ee33742bbfe3dc025832e0bbc7abeb625077b8c1ea07dee89c7dc26fa42514ff9ac21e848e32309bc2862a873fb57796e05923fce42fa2833c73866e22a04497ec13acebcdff6ae1df71dd8756f1febac04f2034c1f3e1d401ddbdb7f2ef676d5c85437830d527a5fb04c9bbf0d892ee1306d2d2df37008916a3a66e70f865cd6d25de16fdb4bb4f2616204cf86a3ffdbf147223968c092a46dc2aae4aedb32fb850b85d4adb87bfada328bce4c2c70ec42affde442179fcc1d3d9f5e4a848c8ba03b0df3065d1b2d5f1b08d8c25148c51bb54e191a87ea59903084000b4b520fffda111fe831d4bdcf62423c1fcd673b020c5f2c41973dd1b9698054368081f917715e1c1592bc78dd265e051bcda5bf5877821fedfcf7790a58b328cf780f71ee71491e59194504bc800d319251607e53ba0e1ed15cd4fd5c959eaff4d3a1c7cb28c479f2776256633ef7c0f0e98688b54e8c8634cf57e27e5c1ee1e43573ae23bfbb1ff1bef6cabd33c02ff165c44f0f190426ba8391ba4f03458be3351869c5c5c9d5fa5600edbcce523525b9cd9c3bb040e34771ea277d05cb76302c72fac5edc815412dbbbc651371d70d044c4f89a68da7abd836fb3a495e212b5fd13819c41c9a240405582ae69b7c35b30935af3085d457a4d76a94c9272c5eafcecc4c92dd4f314b04b4739864e626a5bab27fa2f345f052afe3bae2ff4c442c42a1c83091bfcc23a3b5e06a511d02cefcd618a6d9761de00af192cf1aacc902cf3ba98f898c48fbc74b6710db7ac890b4f7ed7377e0fa3b4c46a131e775130a80db5014a79e674c8fc8b45495066e88201d2e320320fa4561abab617d0e67e9e879b0080a8ab404f4eb007a088990aa6a7b29afce5b8dd038ce96d43e1271315f6070e761e759c44fba1ce78730e35ca31e0bf5840cc01289c81613a07c497f288ed70a6d10d9f58fe135558b2a862bd877fcc939d7536e7dc988409290cd73da04a3b1399b0a2637f737d5f86bba4a31019546e2000a3ca57f8291cd9af28299eb93909061200c9738cca998add04e7bb0137ecc460fc3ef72872e7d13c159914fcdf577910e6c5d7a1636b13b78c5088551c614e3c75befb0f37fb89b918f4aad0126a9efd3390d6a0cab97ed0e01c7eae0e798a4142345578beb10d6b61a90b4d1fe836022def90bb8e37e07428a4592e7bf30e935951e492234a8db96f081379e7c4e18c3b6ce4ed1f97698dc1da940f14217e877bb8e0f33b392d801a01c48ec62ce2774d2e4e55e9415c063e1bfa31a8f0633443ec19c5fab977c1485147e46c06f86742278fd071de4a165dff7eddd5390a1e031d80e3d44477f6009c9fc27a7d92b865a292b0d586083f681c2d92da7e7f42eabd076fa7d61eba0c2b406c75f1cec561b1a523dd4c6f344b02ed59bd473d7d30a24144e981fc8da434931adeb841d63bb705485f8f58a180da91af64bad1379356787b37467dc9b4a0d12496e5048e7ccb40a978eebee5eaac4e9dd96faf194aa93a22333d7f68cccde147dce26c9ff18d7c8ffe0d1377c70dd1057d54473b2c2b2b3eea82fb223952c0dc3796efd0cd94afea38341ab9a83c6a9ee77f26bf8dea8510dfc964f9b9b4942c08ade50e43f06e5101f2e6b68b6a7f9cc5443c862b1198627461938daf4bd1fc7b21d6d7fd3f775f0e4a1f60434a242b049f159dbe5de145e741c5c9b4e59a7f5d7de54a6d51cd87845dde819ca74e3abf60356fbcf18bfff3b6ae1c545e243c08f9f41b86e55ed6e71be453843e0bffc5b6bdcfeefd33075ee5110627d4f05e008e54ddd62fb6979d9c2a5e4a2cb45fad7b2d77bd17508952889b30df2124cdc2fe6a749a12c9f6dbbd01226cc4ba2693b7e6a858d3c36ac6519ee70e896588a6df81b0e3be3604bbbe1a845088cf1834a04368dde8b6ee76d0492911dc09b05cf6642e0003cd8faafd398872c1a8dc3e85d3658ec8", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)={0x90, 0x0, 0x8, {0x3, 0x100000000000, 0x100000003, 0x0, 0x0, 0x3881fffc, {0x5, 0xff, 0x1, 0x0, 0x3, 0x0, 0x6, 0x0, 0x0, 0x8000, 0x1, r11, r12, 0x2, 0x8009}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
connect$vsock_stream(r8, &(0x7f0000000000)={0x28, 0x0, 0xffffffff}, 0x10)
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0x4e6f, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540), 0x0, 0x0, 0x0, 0x4000}, 0x1)

1m28.999987375s ago: executing program 1 (id=1930):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000180)={0x7, 0x7, 0x7, 0x10001, 0xf})
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a5cfe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e4b2b9275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf138f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87acbeb48949b63b045313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65039cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$netlink(0x10, 0x3, 0xf) (async)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0xfe}]}, 0x10)
r2 = fspick(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000000)="0c000000010001", 0x7) (async)
write(r3, &(0x7f0000000000)="0c000000010001", 0x7)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r5, 0x101, 0x0, 0x0, {}, [@GTPA_NET_NS_FD={0x8, 0xd}, @GTPA_VERSION={0x8}, @GTPA_LINK={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r5, 0x101, 0x0, 0x0, {}, [@GTPA_NET_NS_FD={0x8, 0xd}, @GTPA_VERSION={0x8}, @GTPA_LINK={0x8}]}, 0x2c}}, 0x0)
unshare(0x62040200)

1m28.690536323s ago: executing program 1 (id=1935):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x0, 0xfffffffe, {}, [@NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x0, {0x0, 0x0, 0x4, 0x0, 0x6, 0x10, 0xfc3}}}}}, @NHA_BLACKHOLE={0x4}]}, 0x34}}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000980)={'wg2\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r5}, 0x14)
r6 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000008c0)=@dellinkprop={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x0, 0x10008}, [@IFLA_PROP_LIST={0x4}]}, 0x24}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000080)={'wg2\x00', <r8=>0x0})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB=';'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$HIDIOCGRDESC(r11, 0x4008c002, 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x9, 0x9, 0x100, 0x2, 0xffffffffffffffff, 0x80000001, '\x00', r8, r9, 0x2, 0x1, 0x2, 0x5, @void, @value, @void, @value}, 0x50)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_usb_connect$cdc_ncm(0x6, 0xbf, &(0x7f00000003c0)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xad, 0x2, 0x1, 0x80, 0x0, 0xbf, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "800267adb3"}, {0x5, 0x24, 0x0, 0xe1b4}, {0xd, 0x24, 0xf, 0x1, 0x9, 0x27, 0xb, 0x1}, {0x6, 0x24, 0x1a, 0x2, 0x4}, [@country_functional={0xc, 0x24, 0x7, 0x4, 0x7, [0x4, 0xd4e6, 0x8d2]}, @mdlm={0x15, 0x24, 0x12, 0x1}, @acm={0x4, 0x24, 0x2, 0x1}, @mdlm={0x15, 0x24, 0x12, 0x6}, @mbim_extended={0x8, 0x24, 0x1c, 0x7a5e, 0xe1, 0x6}, @country_functional={0xa, 0x24, 0x7, 0x2, 0xd, [0x9, 0x1]}]}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0x7, 0x40}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x4, 0x5, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x7, 0xe, 0x80}}}}}}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x201, 0xff, 0x1, 0x7, 0x40, 0xb2}, 0x2f, &(0x7f0000000280)={0x5, 0xf, 0x2f, 0x3, [@ptm_cap={0x3}, @ssp_cap={0x24, 0x10, 0xa, 0xae, 0x6, 0xc, 0xf, 0x4, [0xff0000, 0xf, 0xff3f00, 0x180, 0x3f00, 0x30]}, @ptm_cap={0x3}]}})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@xino_auto}]})

1m28.643298018s ago: executing program 33 (id=1935):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x0, 0xfffffffe, {}, [@NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x0, {0x0, 0x0, 0x4, 0x0, 0x6, 0x10, 0xfc3}}}}}, @NHA_BLACKHOLE={0x4}]}, 0x34}}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000980)={'wg2\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r5}, 0x14)
r6 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000008c0)=@dellinkprop={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x0, 0x10008}, [@IFLA_PROP_LIST={0x4}]}, 0x24}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000080)={'wg2\x00', <r8=>0x0})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB=';'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$HIDIOCGRDESC(r11, 0x4008c002, 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x9, 0x9, 0x100, 0x2, 0xffffffffffffffff, 0x80000001, '\x00', r8, r9, 0x2, 0x1, 0x2, 0x5, @void, @value, @void, @value}, 0x50)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_usb_connect$cdc_ncm(0x6, 0xbf, &(0x7f00000003c0)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xad, 0x2, 0x1, 0x80, 0x0, 0xbf, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "800267adb3"}, {0x5, 0x24, 0x0, 0xe1b4}, {0xd, 0x24, 0xf, 0x1, 0x9, 0x27, 0xb, 0x1}, {0x6, 0x24, 0x1a, 0x2, 0x4}, [@country_functional={0xc, 0x24, 0x7, 0x4, 0x7, [0x4, 0xd4e6, 0x8d2]}, @mdlm={0x15, 0x24, 0x12, 0x1}, @acm={0x4, 0x24, 0x2, 0x1}, @mdlm={0x15, 0x24, 0x12, 0x6}, @mbim_extended={0x8, 0x24, 0x1c, 0x7a5e, 0xe1, 0x6}, @country_functional={0xa, 0x24, 0x7, 0x2, 0xd, [0x9, 0x1]}]}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0x7, 0x40}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x4, 0x5, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x7, 0xe, 0x80}}}}}}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x201, 0xff, 0x1, 0x7, 0x40, 0xb2}, 0x2f, &(0x7f0000000280)={0x5, 0xf, 0x2f, 0x3, [@ptm_cap={0x3}, @ssp_cap={0x24, 0x10, 0xa, 0xae, 0x6, 0xc, 0xf, 0x4, [0xff0000, 0xf, 0xff3f00, 0x180, 0x3f00, 0x30]}, @ptm_cap={0x3}]}})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@xino_auto}]})

23.445008942s ago: executing program 4 (id=2779):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000200)={0xf020000, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x7fff, '\x00', @value64=0x2}})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
unshare(0x2c040000)
r1 = syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0xfffffffd, 0x10100, 0x200, 0x1}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
io_uring_enter(r1, 0x567, 0x1000a387, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f000075f000/0x1000)=nil, 0x1000, 0x4, 0x810, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r4, 0xc4c85513, &(0x7f0000000b80)={0x5, 0x1, 0x2a, 0x5, 'syz1\x00', 0x5})

22.695391852s ago: executing program 4 (id=2790):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000640)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="02"], 0x10)
socket$kcm(0x2, 0x2, 0x73)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x3, 0x2, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x51}, 0x20000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000df25546b35e043b79d9eef8862c1117ce3c54bfc2e0000000000000000000000f1645a81af25e63111e8351112e6902c3e6c1247a2c4600c41bcf46333b67a265dbac6e06eb4859f39eaff59601b65cfec3b764f55f6c962935fe8a48c0222bb801dd62f6c0ac890ea9dc05705c09b42b6", @ANYRES32=0x0, @ANYBLOB="90010000305200001c00128009000100626f6e64000000000c0002800500160001000000"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="5000000000000000000000000000000000000000574272e752d1aa121787ac429c4dbe930b9740604848f3ecdb1dc9c0cba2c22df3d608bf74db2cee69132598b2c170e8446d43a62453018026", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)

22.621119443s ago: executing program 4 (id=2791):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}]}}}]}, 0x38}}, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_GET_KEEP_ORPHAN(r5, 0x2288, &(0x7f0000000000))
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x1, 0x10100, 0x3}, 0x0, 0x0)
bind$bt_hci(r6, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r6, 0x400448e6, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0x0, 0x0, 0x0, 0x733, 0x0, 0x0, 0x41000, 0x25, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x0, &(0x7f00000004c0)=[{0x3, 0x4, 0x7, 0x6}, {0x5, 0x2, 0xa, 0x3}, {0x2, 0x1, 0xe, 0x7}, {0x3, 0x5, 0x6, 0x3}, {0x0, 0x1, 0x2, 0x8}], 0x10, 0x8000, @void, @value}, 0x94)
ioctl$sock_bt_hci(r6, 0x400448e6, &(0x7f0000000500))
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e21, 0xca000000, @dev={0xfe, 0x80, '\x00', 0x23}, 0x3ff}, 0x1c)
sendto$packet(r0, &(0x7f0000000000)='1', 0x1, 0x40, &(0x7f0000000200)={0x11, 0x8100, r3, 0x1, 0x0, 0x6, @local}, 0x14)

22.493583722s ago: executing program 4 (id=2795):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x6, 0x20001)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000600)={0x0, 0x53, "f202a15e7db2c5dc79b0b3e6cf9be10ffbe832861afade6710a15add706fdcddf584a2f3b29d33b58ed9b0ffd65fac68471fe9794ef2f2ea64911518fb1d0fa2ce9bf3ae6daa0e177e7b39230f2574f3334148"}, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYRES8=r3, @ANYRES16=r3, @ANYRES32=r0, @ANYRES16=r1, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x44000}, 0x81)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
r6 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x101000)
ioctl$CEC_ADAP_G_CAPS(r6, 0xc04c6100, &(0x7f0000000080))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
setsockopt$sock_int(r8, 0x1, 0x31, &(0x7f0000001600), 0x4)
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000180)=[{&(0x7f0000000700)="580000001500add427323b472545b4560a117ffff4ff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000df", 0x59}], 0x1)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a0900000000000000000002000000140000001118010000000000000000000100000a"], 0x3c}}, 0x0)

15.242351476s ago: executing program 4 (id=2795):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x6, 0x20001)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000600)={0x0, 0x53, "f202a15e7db2c5dc79b0b3e6cf9be10ffbe832861afade6710a15add706fdcddf584a2f3b29d33b58ed9b0ffd65fac68471fe9794ef2f2ea64911518fb1d0fa2ce9bf3ae6daa0e177e7b39230f2574f3334148"}, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYRES8=r3, @ANYRES16=r3, @ANYRES32=r0, @ANYRES16=r1, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x44000}, 0x81)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
r6 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x101000)
ioctl$CEC_ADAP_G_CAPS(r6, 0xc04c6100, &(0x7f0000000080))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
setsockopt$sock_int(r8, 0x1, 0x31, &(0x7f0000001600), 0x4)
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000180)=[{&(0x7f0000000700)="580000001500add427323b472545b4560a117ffff4ff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000df", 0x59}], 0x1)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a0900000000000000000002000000140000001118010000000000000000000100000a"], 0x3c}}, 0x0)

7.093520109s ago: executing program 4 (id=2795):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x6, 0x20001)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000600)={0x0, 0x53, "f202a15e7db2c5dc79b0b3e6cf9be10ffbe832861afade6710a15add706fdcddf584a2f3b29d33b58ed9b0ffd65fac68471fe9794ef2f2ea64911518fb1d0fa2ce9bf3ae6daa0e177e7b39230f2574f3334148"}, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYRES8=r3, @ANYRES16=r3, @ANYRES32=r0, @ANYRES16=r1, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x44000}, 0x81)
ioctl$LOOP_SET_FD(r0, 0x4c00, r1)
r6 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x101000)
ioctl$CEC_ADAP_G_CAPS(r6, 0xc04c6100, &(0x7f0000000080))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
setsockopt$sock_int(r8, 0x1, 0x31, &(0x7f0000001600), 0x4)
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000180)=[{&(0x7f0000000700)="580000001500add427323b472545b4560a117ffff4ff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000df", 0x59}], 0x1)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a0900000000000000000002000000140000001118010000000000000000000100000a"], 0x3c}}, 0x0)

6.445475504s ago: executing program 5 (id=2999):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x7c, 0x0, 0x8, 0x0, 0x0, {0x4f}, [{{@pci={{0x8}, {0x11}}, {0x6, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x7fff}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x100}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x404c014}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

6.444167459s ago: executing program 5 (id=3001):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000001f650000000000006507000002000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa1a2ba7ba030c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07f8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, &(0x7f0000000000), 0xfffffffffffffe66, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x6c, 0x0, &(0x7f00000004c0)=[@free_buffer, @dead_binder_done, @decrefs={0x40046307, 0x3}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x18, &(0x7f00000002c0)={@flat=@weak_handle={0x77682a85, 0x1101, 0x1}, @flat=@binder={0x73622a85, 0x100b, 0x1}, @flat=@handle={0x73682a85, 0x110a}}, &(0x7f0000000400)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0}) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x5}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x58}}, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0xf, &(0x7f00000027c0)=@ringbuf={{}, {{0x18, 0x1, 0x0}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4}}, {}, [], {{0x5, 0x1, 0xb, 0x0}, {}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000a80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

6.377214163s ago: executing program 5 (id=3003):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x4030582b, &(0x7f0000000c00)={0x0, 0x1, 0x0, 0x4e1ee79f, 0x0, 0xf0})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r4=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f00000000c0)={@remote, r4}, 0x14)
sendmmsg$inet6(r0, &(0x7f0000000500)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000880)=[@pktinfo={{0x24, 0x29, 0x32, {@remote, r4}}}], 0x28}}], 0x1, 0x4000001)

6.189675458s ago: executing program 5 (id=3008):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x0, @local}, 0x2}}, 0x26) (async)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x0, @local}, 0x2}}, 0x26)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x3c, r4, 0x1, 0x60bd27, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x1}]}, 0x3c}}, 0x20)
ioctl$FS_IOC_GETVERSION(r1, 0x5b24, &(0x7f0000000040))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$MSR(&(0x7f0000002d40), 0x3, 0x0) (async)
r7 = syz_open_dev$MSR(&(0x7f0000002d40), 0x3, 0x0)
preadv(r7, &(0x7f0000003f80)=[{&(0x7f0000002d80)=""/4096, 0x1000}], 0x1, 0x5, 0x7)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRESDEC=0x0, @ANYRESOCT=r6, @ANYRES64=r6], 0xec}}, 0x8890)

2.908446768s ago: executing program 5 (id=3032):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000040)={0x1d, r1}, 0x10)
close(0x3)
r2 = fsopen(&(0x7f0000000000)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000180)='rootcontext', &(0x7f00000000c0)='E\xe11k\xe9\x890\xdd\xd7B\xf0\n7\x85\x00\x90\x90\x05>\xe8\x13\x8c\xf7\xfb\xd2\xe4?$l\x98\x9a\a\x17\x18B\xff\xda,\x00\x00:\x10\x0fJ \x8c\xb5?v\x0erWo.kf\xe7\xcf\x9a-1Q\x1f\xa1\x93F\x1bX\xb4\x121\xaf\xa8\xc7C\xe8?8\x96rD\xe6gZ\x8a\xd9\xf2\xed6\x8a9\x83\xde\xe7T\xb6\x11\xad\xcb\xc6G\xe0\x84\xf88\x9a\xd7:\x93B\xd2#K\xf1\x8c\xbd\x8a\xbc\x97>\x9cXL]\xbb\xb1\x99\x11\"\xb4\x0f\xfbdy\v\xb9b\xa5\xcc\xd2\xf2!', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x85)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_notify={{0x3b, 0xa}, {@any, 0xfffffffc}}}, 0xd)

2.566459212s ago: executing program 3 (id=3035):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001c000100020000000000000007000000", @ANYRES32=r2, @ANYBLOB="4000f6060a000200aaaaaaaaaa0c0003"], 0x28}, 0x1, 0x0, 0x0, 0x20040051}, 0x40c0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_RESET(r5, 0x4141, 0x0)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r5, 0xc0884113, &(0x7f0000000240)={0x1, 0x80, 0x10003, 0x10001, 0xf, 0xb, 0xc, 0x1001, 0x7, 0x2c, 0x3be40, 0x2})
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r5, 0xc06c4124, &(0x7f0000006500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})

2.405182635s ago: executing program 5 (id=3037):
r0 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
write(r0, &(0x7f0000002140)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000002c0)=ANY=[@ANYRES8=r0, @ANYBLOB="f7b1"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
ppoll(&(0x7f0000000000)=[{r2}], 0x1, 0x0, 0x0, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
ppoll(&(0x7f0000000200)=[{r0, 0x5}], 0x1, &(0x7f0000000240)={0x77359400}, &(0x7f0000000340)={[0x4f]}, 0x8)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000080)=0x1, 0x4)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0xc048aeca, &(0x7f0000000080)=ANY=[])
syz_usb_ep_read(r3, 0x6, 0x1000, &(0x7f0000000800)=""/4096)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01010000000000000000020000000900010073797a3100000000080002400000000114000000000a030000000000000000000700000028000000000e030000000000000000000200000008000240000000000900010073797a310000000014000000110001000000000001000000b400000a"], 0x8c}}, 0x0)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000440)={0x150, 0xb, 0x6, 0x3, 0x0, 0x0, {0x2}, [@IPSET_ATTR_ADT={0x20, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x28}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x54, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_IP2_TO={0x18, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x9}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x6}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x29}]}, @IPSET_ATTR_ADT={0x38, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x9}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR2={0x5, 0x15, 0xff}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x6}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_ADT={0x50, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x1ff}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x1}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0xa2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x18}}]}, @IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x3}}]}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x3}, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x7}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x1)

2.404570332s ago: executing program 3 (id=3038):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000fcffffff850000007300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff8c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000000)={'veth0_to_bridge\x00'})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r0}]}, @IFLA_IFNAME={0x14, 0x3, 'veth0_to_batadv\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4010800}, 0x8054)

2.287506473s ago: executing program 3 (id=3039):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r1 = fanotify_init(0x81, 0x0)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_all\x00', 0x275a, 0x0)
read$FUSE(r1, &(0x7f00000057c0)={0x2020}, 0x2020)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000100)='\x00', 0x0, r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xcc, r3, 0x200, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x54}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x1}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_BSS_SELECT={0x58, 0xe3, 0x0, 0x1, {0x54, 0x0, [@NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0xfff}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x195}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0xff}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0xa, 0x3}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x8, 0x2}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x7e}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x0, 0x9}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x9}]}}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, @random=0x9b4}, @NL80211_ATTR_MAC={0xa, 0x6, @random="fcd2cf713695"}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_BSS_SELECT={0x14, 0xe3, 0x0, 0x1, {0x10, 0x0, [@NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x1221}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}]}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008050)
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x58, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random='n'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x28, 0x51, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "dbbb6c8914"}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "aeda5b1c72"}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}]}]}]}, 0x58}}, 0x800)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r4, 0x8982, &(0x7f0000000000)={0x7, 'xfrm0\x00', {0x7}, 0x3ff})

2.220947259s ago: executing program 3 (id=3040):
r0 = socket(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket$packet(0x11, 0x3, 0x300) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0}) (async, rerun: 64)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) (async, rerun: 64)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x0) (async, rerun: 32)
unlink(&(0x7f0000000040)='./file0\x00') (rerun: 32)
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x6ae, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth1_macvtap\x00', <r4=>0x0}) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x7c}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfffffffffffffefd, &(0x7f0000000280)={&(0x7f0000000000)=@getqdisc={0x13, 0x26, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3, 0x4}, {0x6, 0xffff}, {0xfff3, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008}, 0x20000010) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
r5 = fcntl$dupfd(r3, 0x0, r3)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xd, 0xd9, 0x2, 0x3, 0x40000, r3, 0x822, '\x00', r4, r5, 0x4, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xf0b, 0xfffffffc, 0x25dfdbfa, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}, {0x15}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000080}, 0x40000) (async)
socket$nl_generic(0x10, 0x3, 0x10)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) (async, rerun: 64)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') (rerun: 64)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66) (async)
pread64(r6, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x24000040) (async)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x25dfdbfc, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4}, 0x2d}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.084297338s ago: executing program 3 (id=3042):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x83, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0x8006, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0x10, 0x5, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x20003, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x4, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x454f, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x8000, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0xfffff575, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x5, 0x6, 0x47, 0x8, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x4, 0x408, 0x4, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x9, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0xfffffffa, 0x8000000b, 0x5, 0x2, 0x2, 0x400003, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x0, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0xffffffff, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x807ff, 0x2006, 0x80a2ef, 0x1, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x1938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x14c, 0x60a7, 0x6, 0x7, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x803, 0xd7, 0x200, 0xb, 0xfff]}, 0x45c)
r0 = syz_io_uring_setup(0xd3c, &(0x7f00000003c0)={0x0, 0x576, 0x0, 0x0, 0x221}, &(0x7f0000000700)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0xce3, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x4ac9, 0x3900, 0x1800000000000000, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004f40), 0x1, 0x48100)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0xf, 0x9, '\x00', 0x9})
eventfd(0x80)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.999808245s ago: executing program 0 (id=3043):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_IP_TARGET={0x8, 0x8, 0x0, 0x1, [@multicast2]}]}}}]}, 0x3c}}, 0x8004)

1.934634195s ago: executing program 0 (id=3044):
socket$packet(0x11, 0x2, 0x300)
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a8"], 0x0}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_TABLE(r1, 0x0, 0xd1, &(0x7f0000000000)=0xfd, 0x4)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x83, &(0x7f0000000180)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x71, 0x2, 0x1, 0x6, 0x50, 0x6, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x7, 0x24, 0x6, 0x0, 0x1, "3088"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x90c7, 0xb, 0x7, 0x6}, {0x6, 0x24, 0x1a, 0xa6b, 0x8}, [@obex={0x5}, @network_terminal={0x7, 0x24, 0xa, 0x2, 0x2, 0x6, 0xf9}, @dmm={0x7, 0x24, 0x14, 0x4, 0x2}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x6, 0x9, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x3, 0x8, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x8, 0x6, 0x9}}}}}}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x0, 0x1, 0xcb, 0x1, 0x40, 0xd}, 0x8, &(0x7f00000000c0)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x2, [{0x2e, &(0x7f0000000100)=ANY=[@ANYBLOB="2e039241aef6f5b303fffb8b65ac752dc525423c5481fbf13d66c777b0ee69df63f365d712701993cf77c05b3480"]}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x2c}}]})
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000380)={0x14, &(0x7f00000002c0)={0x40, 0x8, 0x63, {0x63, 0x21, "26b26f76aad72e594a3e629416fb74b2ef3514971e26799b39513b8c46c981481f5113ec882be028cd837b4b2f42b75cd27565533b6c4dfa46d06066614c1b90b4487ec5002037b41048e4fada1955ffdbdae83f935464f641b7649d202d232532"}}, &(0x7f0000000340)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000600)={0x44, &(0x7f00000003c0)={0x40, 0x30, 0x6a, "c1e40c377827fe8cb165e7c22f4e606ea668e16ccaf7163256bb86e905187a550303f67e31031ea3a164994f45b1bd1a2c1df7ee95d586c675a182c22df780f5b786ed67835f0d3b2270a38eba71432ab493e352ec75803c889fcfc4a1ddaf30dedbeb4341f19cdaa162"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0xfc}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0xcc}, &(0x7f00000004c0)={0x20, 0x80, 0x1c, {0x100, 0x7, 0xfffffffa, 0x7d1, 0x6, 0x1, 0x6, 0x0, 0x5, 0x3, 0x0, 0x2}}, &(0x7f0000000500)={0x20, 0x85, 0x4, 0x9}, &(0x7f0000000540)={0x20, 0x83, 0x2}, &(0x7f0000000580)={0x20, 0x87, 0x2, 0xd}, &(0x7f00000005c0)={0x20, 0x89, 0x2}})
ioctl$HIDIOCINITREPORT(0xffffffffffffffff, 0x4805, 0x0)

1.934018362s ago: executing program 3 (id=3045):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000640)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="3c75c2015e8724b5a4c586f2ae924b277f0443ec773eab27570e28988217c9b0", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000580)=[{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000040)="129efe070e35af65125f32ba0ccbfea5", 0x10}], 0x1, &(0x7f0000000280)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x24044094)
recvmmsg(r1, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000300)=""/37, 0x25}], 0x1}, 0x3}], 0x1, 0x42, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000100)=""/114, 0x72}], 0x1)
syz_usb_connect(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r5, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_buf(r6, 0x1, 0x31, 0x0, &(0x7f00000001c0))
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000080)={0x8, 0xd, 0x8, 0x4, 0x0, 0x2, 0xbd, 0xbf, 0x1c, 0x9, 0x4c, 0xd6, 0x0, 0xa2}, 0xe)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000180)="b6", 0x1}], 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
io_setup(0xfd, &(0x7f0000000080)=<r8=>0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3d0, 0x238, 0xc8, 0x8, 0x238, 0x5803, 0x300, 0x2e8, 0x2e8, 0x300, 0x2e8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, [], [0x0, 0x0, 0xff000000], 'erspan0\x00', 'geneve1\x00', {}, {}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x210, 0x238, 0x0, {0x0, 0x2000000000000}, [@common=@ah={{0x30}, {[0x4d4, 0x4d2], 0x40, 0x3, 0x3}}, @common=@rt={{0x138}, {0xfffffffc, [0x5, 0x5], 0x400, 0x1, 0x1, [@private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x3a}, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, @ipv4={'\x00', '\xff\xff', @empty}, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, @private1={0xfc, 0x1, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, @private0, @remote], 0x6}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x14, 0x7f, 0xfde3}}}, {{@ipv6={@remote, @mcast2, [0x0, 0x0, 0xff000000], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x430)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000001714"], 0x38}}, 0x800)
io_pgetevents(r8, 0x0, 0x24, 0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380), 0x8})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'netdevsim0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)

244.523879ms ago: executing program 0 (id=3046):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000080)="9a62c100000f01670f01d4c97b00660fc732f3dbad00800000440f20c03504000000440f22c00f21f8b9800000c00f3235004000000f30c4e22928d6", 0x3c}], 0x1, 0x43, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000400)={0x1f, 0x0, 0x1}, 0x6)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

85.428417ms ago: executing program 0 (id=3047):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0) (async)
setfsgid(0xee00)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000180)=0x6, 0x12)
setresgid(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
r3 = ioctl$NS_GET_PARENT(r2, 0xb702, 0x0) (rerun: 32)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000080)=0x3ff)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) (async, rerun: 32)
r4 = accept4(r1, 0x0, 0x0, 0x0) (rerun: 32)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r4) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'team_slave_1\x00', <r6=>0x0})
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r4, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0x88, r5, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x2}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x2}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x9b}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000011}, 0x20040000)
mount$cgroup(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000000c0), 0x10012, &(0x7f0000000180)={[{}, {@subsystem='blkio'}]}) (async)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)

58.24699ms ago: executing program 0 (id=3048):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000190001090000000000410000021800000002fd010000000008000100ac1414000800050002000000100016140c000100000000000000000408000b0004"], 0x44}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_int(r2, 0x6, 0x10, 0x0, &(0x7f0000000180)) (async)
getsockopt$inet_tcp_int(r2, 0x6, 0x10, 0x0, &(0x7f0000000180))
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x14, 0x42, 0xb, 0x70ad23, 0x25dfdbfe, {0x10}}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20040094)

0s ago: executing program 0 (id=3049):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, 0x0, 0x0)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = eventfd(0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r6, 0x400caed0, &(0x7f0000000180)={0x2, r4, 0xffffffff})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
mknod(&(0x7f0000000180)='./bus\x00', 0xc000, 0x100)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000040)='jfs\x00', 0x8080, &(0x7f00000001c0)='discard')
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc000000000000009fa37bbdc2581e8306402757b7d14f7d78587e60bf9a9757306cdacc956157d6e8cce10260ccf2fc046d623c1a5a886d7b97760ccf31049b92e5931c6a943302a96f2809f4cd76f223037194d1f1d32cb71937c6921da27eb61c1a5157000411980a2c599ba0e974b571a6123380fc39038191c30e461f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x2a)
close(r0)
lseek(r7, 0xfffffffffffffffc, 0x2)
execveat(r7, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)={[&(0x7f00000000c0)='/dev/ptmx\x00', &(0x7f0000000100)='/dev/ptmx\x00', &(0x7f0000000140)='/dev/ptmx\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000200)='\x00', &(0x7f0000000240)='/dev/ptmx\x00']}, &(0x7f0000000340)={[&(0x7f00000002c0)='/dev/ptmx\x00', &(0x7f0000000300)='/\x00']}, 0x1000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

kernel console output (not intermixed with test programs):

ribute type 39 has an invalid length.
[  206.397646][T13992] xt_hashlimit: size too large, truncated to 1048576
[  206.461331][T13996] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2277'.
[  206.627841][T13996] team0: Port device team_slave_0 removed
[  206.790602][T14012] netlink: 11 bytes leftover after parsing attributes in process `syz.3.2281'.
[  206.790933][T14013] random: crng reseeded on system resumption
[  206.812272][T14012] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=14012 comm=syz.3.2281
[  206.931811][T14013] Restarting kernel threads ... done.
[  206.933707][   T40] audit: type=1400 audit(205.779:899): avc:  denied  { lock } for  pid=14015 comm="syz.3.2283" path="socket:[56363]" dev="sockfs" ino=56363 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  206.936270][T14013] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2282'.
[  206.980286][T14018] netlink: 396 bytes leftover after parsing attributes in process `syz.3.2284'.
[  206.980297][T14019] netlink: 396 bytes leftover after parsing attributes in process `syz.3.2284'.
[  207.214386][   T40] audit: type=1400 audit(206.041:900): avc:  denied  { bind } for  pid=14021 comm="syz.3.2285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  207.454468][T14030] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  207.594987][T14043] netlink: 'syz.5.2292': attribute type 10 has an invalid length.
[  207.598119][T14043] lo: entered promiscuous mode
[  207.601549][T14043] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  208.030942][T14067] sp0: Synchronizing with TNC
[  208.033556][T14067] sp0: Found TNC
[  208.064384][ T5971] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  208.085517][T14071] syzkaller1: entered promiscuous mode
[  208.088506][T14071] syzkaller1: entered allmulticast mode
[  208.122935][   T40] audit: type=1326 audit(206.892:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14072 comm="syz.4.2302" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd92218e969 code=0x0
[  208.180486][T14074] SELinux: syz.4.2302 (14074) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  208.224758][ T5283] Bluetooth: hci4: command tx timeout
[  208.239721][ T5971] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  208.243381][ T5971] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  208.246840][ T5971] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  208.249934][ T5971] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.254328][T14055] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  208.258958][ T5971] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  208.292085][   T40] audit: type=1400 audit(207.051:902): avc:  denied  { bind } for  pid=14079 comm="syz.4.2304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  208.370328][   T40] audit: type=1326 audit(207.126:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14079 comm="syz.4.2304" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd92218e969 code=0x0
[  208.426060][T14082] SELinux:  policydb magic number 0x65730000 does not match expected magic number 0xf97cff8c
[  208.430733][T14082] SELinux: failed to load policy
[  208.479750][ T5971] usb 10-1: USB disconnect, device number 4
[  208.509594][T14089] openvswitch: netlink: Port 10289156 exceeds max allowable 65535
[  208.517252][T14089] ALSA: seq fatal error: cannot create timer (-16)
[  208.701778][T14091] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  208.748245][T14093] netlink: 'syz.3.2308': attribute type 58 has an invalid length.
[  208.925095][T14096] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.968266][T14102] ipt_REJECT: TCP_RESET invalid for non-tcp
[  208.995467][   T40] audit: type=1400 audit(207.715:904): avc:  denied  { append } for  pid=14103 comm="syz.3.2312" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  209.201667][T14118] netlink: 'syz.4.2316': attribute type 12 has an invalid length.
[  209.210131][T14123] netlink: 'syz.3.2317': attribute type 11 has an invalid length.
[  209.246078][T14126] netlink: 'syz.3.2318': attribute type 3 has an invalid length.
[  209.272658][ T5973] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  209.411123][   T40] audit: type=1400 audit(208.089:905): avc:  denied  { setattr } for  pid=14134 comm="syz.5.2322" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  209.422173][ T5973] usb 5-1: device descriptor read/64, error -71
[  209.425618][T14136] overlayfs: failed to resolve './file2': -2
[  209.634331][   T40] audit: type=1400 audit(208.304:906): avc:  denied  { setopt } for  pid=14146 comm="syz.3.2326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  209.682131][T14149] GUP no longer grows the stack in syz.3.2327 (14149): 200000004000-20000000a000 (200000002000)
[  209.686894][T14149] CPU: 3 UID: 0 PID: 14149 Comm: syz.3.2327 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full) 
[  209.686909][T14149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.686916][T14149] Call Trace:
[  209.686921][T14149]  <TASK>
[  209.686926][T14149]  dump_stack_lvl+0x16c/0x1f0
[  209.686964][T14149]  gup_vma_lookup+0x1d2/0x220
[  209.686980][T14149]  __get_user_pages+0x234/0x36f0
[  209.687000][T14149]  ? __pfx___get_user_pages+0x10/0x10
[  209.687019][T14149]  get_user_pages_remote+0x258/0xb20
[  209.687035][T14149]  ? __pfx_mtree_load+0x10/0x10
[  209.687049][T14149]  ? __pfx_get_user_pages_remote+0x10/0x10
[  209.687069][T14149]  __access_remote_vm+0x233/0x9d0
[  209.687084][T14149]  ? __pfx___access_remote_vm+0x10/0x10
[  209.687099][T14149]  proc_pid_cmdline_read+0x4de/0x900
[  209.687117][T14149]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  209.687134][T14149]  ? rw_verify_area+0xcf/0x680
[  209.687147][T14149]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  209.687162][T14149]  vfs_readv+0x6bc/0x8a0
[  209.687179][T14149]  ? __pfx_vfs_readv+0x10/0x10
[  209.687202][T14149]  ? __fget_files+0x20e/0x3c0
[  209.687221][T14149]  ? do_preadv+0x1af/0x270
[  209.687234][T14149]  do_preadv+0x1af/0x270
[  209.687247][T14149]  ? __pfx_do_preadv+0x10/0x10
[  209.687261][T14149]  ? rcu_is_watching+0x12/0xc0
[  209.687277][T14149]  do_syscall_64+0xcd/0x260
[  209.687293][T14149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.687304][T14149] RIP: 0033:0x7f483478e969
[  209.687312][T14149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.687322][T14149] RSP: 002b:00007f48355f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  209.687332][T14149] RAX: ffffffffffffffda RBX: 00007f48349b5fa0 RCX: 00007f483478e969
[  209.687338][T14149] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  209.687344][T14149] RBP: 00007f4834810ab1 R08: 0000000000000000 R09: 0000000000000000
[  209.687350][T14149] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  209.687356][T14149] R13: 0000000000000000 R14: 00007f48349b5fa0 R15: 00007ffc5a65a228
[  209.687369][T14149]  </TASK>
[  209.689339][ T5973] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[  209.717090][T14151] ip6t_rpfilter: unknown options
[  209.765669][   T40] audit: type=1326 audit(208.435:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14152 comm="syz.3.2329" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483478e969 code=0x7fc00000
[  209.862785][ T5973] usb 5-1: device descriptor read/64, error -71
[  209.868892][T14169] overlayfs: overlapping lowerdir path
[  209.875426][T14169] overlayfs: failed to verify upper root origin
[  209.987385][T14178] program syz.3.2337 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.991139][ T5973] usb usb5-port1: attempt power cycle
[  210.206902][T14204] program syz.3.2343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  210.287324][T14219] ipt_REJECT: TCP_RESET invalid for non-tcp
[  210.373779][ T5973] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  210.397306][ T5973] usb 5-1: device descriptor read/8, error -71
[  210.401530][T14227] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  210.411547][T14222] __nla_validate_parse: 6 callbacks suppressed
[  210.411557][T14222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2346'.
[  210.426707][T14222] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  210.430208][T14222] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (7)
[  210.437928][ T5283] Bluetooth: hci4: command tx timeout
[  210.446614][T14229] netlink: 14601 bytes leftover after parsing attributes in process `syz.5.2350'.
[  210.503421][T14232] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2351'.
[  210.530836][T14236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2352'.
[  210.643455][T14236] bond0: (slave bond_slave_0): Releasing backup interface
[  210.662119][ T5973] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  210.695864][ T5973] usb 5-1: device descriptor read/8, error -71
[  210.817745][ T5973] usb usb5-port1: unable to enumerate USB device
[  211.056274][T14255] netlink: 'syz.3.2359': attribute type 10 has an invalid length.
[  211.086927][ T5972] IPVS: starting estimator thread 0...
[  211.088804][T14263] Invalid source name
[  211.091694][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.091904][T14263] Invalid source name
[  211.095839][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.096040][T14263] Invalid source name
[  211.100847][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.101136][T14263] Invalid source name
[  211.105102][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.105291][T14263] Invalid source name
[  211.109055][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.109234][T14263] Invalid source name
[  211.113941][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.114122][T14263] Invalid source name
[  211.118271][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.118466][T14263] Invalid source name
[  211.123605][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.123816][T14263] Invalid source name
[  211.127655][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.127971][T14263] Invalid source name
[  211.132212][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.132914][T14263] Invalid source name
[  211.136747][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.136934][T14263] Invalid source name
[  211.140672][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.140847][T14263] Invalid source name
[  211.145671][T14263] UBIFS error (pid: 14263): cannot open "./file0", error -22
[  211.186052][T14261] IPVS: using max 47 ests per chain, 112800 per kthread
[  211.421230][ T5971] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  211.583392][ T5971] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.587063][ T5971] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.590192][ T5971] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  211.594454][ T5971] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  211.597548][ T5971] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.601635][ T5971] usb 9-1: config 0 descriptor??
[  211.629766][T14291] binder: 14289:14291 ioctl c0306201 2000000003c0 returned -14
[  211.632921][T14291] binder: 14289:14291 ioctl 80045503 200000000000 returned -22
[  211.788647][T14299] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  211.791989][T14299] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  211.800620][T14299] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  211.820958][T14299] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  211.823684][T14299] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  211.836937][T14299] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  211.874460][T14307] netlink: 'syz.5.2376': attribute type 1 has an invalid length.
[  211.877036][T14307] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2376'.
[  212.041755][ T5971] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  212.046457][ T5971] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  212.275177][T14313] veth1_to_batadv: entered promiscuous mode
[  212.277322][T14313] macsec1: entered promiscuous mode
[  212.312540][   T24] usb 9-1: USB disconnect, device number 9
[  212.385656][T14315] trusted_key: encrypted_key: insufficient parameters specified
[  212.465152][T14321] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2381'.
[  212.520865][T14325] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  212.524895][T14325] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  212.528746][T14325] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  212.532598][T14325] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  212.904990][T14350] use of bytesused == 0 is deprecated and will be removed in the future,
[  212.908060][T14350] use the actual size instead.
[  212.951437][T14356] team0: Device gtp2 is of different type
[  213.082342][T14364] netlink: 'syz.3.2392': attribute type 29 has an invalid length.
[  213.085723][T14364] netlink: 'syz.3.2392': attribute type 29 has an invalid length.
[  213.092671][T14364] netlink: 500 bytes leftover after parsing attributes in process `syz.3.2392'.
[  213.106662][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  213.106671][   T40] audit: type=1400 audit(211.550:910): avc:  denied  { map } for  pid=14363 comm="syz.3.2392" path="socket:[55136]" dev="sockfs" ino=55136 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  213.602206][   T29] page_pool_release_retry() stalled pool shutdown: id 39, 1 inflight 60 sec
[  213.745870][T14376] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2395'.
[  213.750283][T14376] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma?
[  213.779762][   T40] audit: type=1400 audit(212.186:911): avc:  denied  { map } for  pid=14377 comm="syz.4.2396" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  213.944188][ T5283] Bluetooth: hci2: command 0x0405 tx timeout
[  214.029733][ T5283] Bluetooth: hci4: command 0x0c1a tx timeout
[  214.065055][T14383] binder: 14382:14383 ioctl c01064b5 200000000380 returned -22
[  214.068203][   T40] audit: type=1400 audit(212.458:912): avc:  denied  { read } for  pid=14382 comm="syz.3.2398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  214.123998][T14383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2398'.
[  214.128951][T14383] overlay: Unknown parameter 'smackfsdef'
[  214.161712][T14390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2399'.
[  214.318309][ T5972] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  214.478674][ T5972] usb 5-1: Using ep0 maxpacket: 16
[  214.482660][ T5972] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  214.488165][ T5972] usb 5-1: New USB device found, idVendor=056a, idProduct=00fb, bcdDevice= 0.00
[  214.492461][ T5972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.498447][ T5972] usb 5-1: config 0 descriptor??
[  214.720162][ T5972] usbhid 5-1:0.0: can't add hid device: -71
[  214.722237][ T5972] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  214.726667][ T5972] usb 5-1: USB disconnect, device number 30
[  215.119792][T14401] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=38283 sclass=netlink_route_socket pid=14401 comm=syz.5.2402
[  215.126926][T14402] vlan0: entered promiscuous mode
[  215.137246][T14402] team0: Port device vlan0 added
[  215.140616][T14401] tipc: Started in network mode
[  215.143438][T14401] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  215.146906][T14401] tipc: Enabled bearer <eth:team0>, priority 0
[  215.411245][T14415] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  215.415141][T14415] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (5)
[  215.750959][ T5972] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  215.766847][T14440] __nla_validate_parse: 1 callbacks suppressed
[  215.766857][T14440] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2417'.
[  215.772899][T14444] loop6: detected capacity change from 0 to 524287999
[  215.813674][T14448] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2420'.
[  215.819248][T14448] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2420'.
[  215.822871][T14448] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2420'.
[  215.830103][T14450] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2420'.
[  215.833291][T14450] netlink: 164 bytes leftover after parsing attributes in process `syz.5.2420'.
[  215.836237][T14450] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2420'.
[  215.895105][ T5972] usb 5-1: device descriptor read/64, error -71
[  215.907183][T14454] netlink: 'syz.5.2422': attribute type 8 has an invalid length.
[  215.910734][T14454] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2422'.
[  215.927199][T14454] netlink: 'syz.5.2422': attribute type 1 has an invalid length.
[  215.930641][T14454] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  216.135719][   T34] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  216.157077][ T5972] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  216.178522][ T5283] Bluetooth: hci2: command 0x0405 tx timeout
[  216.264011][ T5283] Bluetooth: hci4: command 0x0c1a tx timeout
[  216.317449][   T34] usb 9-1: Using ep0 maxpacket: 8
[  216.320179][ T5972] usb 5-1: device descriptor read/64, error -71
[  216.323334][   T34] usb 9-1: config 0 has no interfaces?
[  216.325183][   T34] usb 9-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  216.328318][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.332997][   T34] usb 9-1: config 0 descriptor??
[  216.351373][   T34] tipc: Node number set to 11578026
[  216.435463][ T5972] usb usb5-port1: attempt power cycle
[  216.734535][ T5971] usb 9-1: USB disconnect, device number 10
[  216.819925][ T5972] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  216.842558][ T5972] usb 5-1: device descriptor read/8, error -71
[  217.108663][ T5972] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  217.138594][ T5972] usb 5-1: device descriptor read/8, error -71
[  217.195956][T14464] SELinux:  Context system_u:object_r:dbusd_exec_t:s0 is not valid (left unmapped).
[  217.199315][   T40] audit: type=1400 audit(215.385:913): avc:  denied  { relabelfrom } for  pid=14461 comm="syz.4.2424" name="NETLINK" dev="sockfs" ino=57369 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  217.210921][   T40] audit: type=1400 audit(215.385:914): avc:  denied  { relabelto } for  pid=14461 comm="syz.4.2424" name="NETLINK" dev="sockfs" ino=57369 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_route_socket permissive=1 trawcon="system_u:object_r:dbusd_exec_t:s0"
[  217.223229][   T40] audit: type=1326 audit(215.404:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14466 comm="syz.5.2425" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbab7d8e969 code=0x0
[  217.230657][T14469] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2426'.
[  217.238853][   T40] audit: type=1400 audit(215.423:916): avc:  denied  { mount } for  pid=14468 comm="syz.4.2426" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  217.269587][ T5972] usb usb5-port1: unable to enumerate USB device
[  217.275261][   T40] audit: type=1400 audit(215.451:917): avc:  denied  { map_create } for  pid=14470 comm="syz.4.2427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  217.281543][   T40] audit: type=1400 audit(215.451:918): avc:  denied  { map_read map_write } for  pid=14470 comm="syz.4.2427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  217.289346][   T40] audit: type=1400 audit(215.460:919): avc:  denied  { prog_load } for  pid=14470 comm="syz.4.2427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  217.352714][T14476] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2428'.
[  217.631713][T14490] SET target dimension over the limit!
[  218.007489][T14505] hsr_slave_0 (unregistering): left promiscuous mode
[  218.326050][T14515] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  218.328386][T14515] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  218.748523][T14540] overlayfs: failed to resolve './file0': -2
[  218.779713][T14542] netlink: 'syz.4.2446': attribute type 4 has an invalid length.
[  218.960297][T14557] hfsplus: unable to find HFS+ superblock
[  219.013717][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  219.013727][   T40] audit: type=1400 audit(217.088:924): avc:  denied  { write } for  pid=14561 comm="syz.4.2453" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  219.333501][   T40] audit: type=1400 audit(217.378:925): avc:  denied  { name_connect } for  pid=14576 comm="syz.0.2456" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  219.463686][T14578] xfrm1: entered promiscuous mode
[  219.466126][T14578] xfrm1: entered allmulticast mode
[  219.607022][   T40] audit: type=1400 audit(217.630:926): avc:  denied  { setattr } for  pid=14600 comm="syz.5.2463" path="socket:[57308]" dev="sockfs" ino=57308 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  219.610407][T14601] Option 'n4:v®êšmäÛÌð¨áçžRÝfÍêËR­Oq±rúsJ)º¿rq' to dns_resolver key: bad/missing value
[  219.658979][T14604] netlink: 'syz.5.2464': attribute type 16 has an invalid length.
[  219.663028][T14604] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.745071][   T40] audit: type=1400 audit(217.761:927): avc:  denied  { read } for  pid=14611 comm="syz.0.2467" path="socket:[58607]" dev="sockfs" ino=58607 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  219.984492][  T835] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  220.118354][   T40] audit: type=1326 audit(218.117:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14614 comm="syz.3.2468" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f483478e969 code=0x0
[  220.155523][  T835] usb 10-1: Using ep0 maxpacket: 32
[  220.160641][  T835] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.165459][  T835] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.174561][  T835] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  220.180442][  T835] usb 10-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  220.184156][  T835] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.198436][  T835] usb 10-1: config 0 descriptor??
[  220.293306][T14623] netlink: 'syz.3.2470': attribute type 7 has an invalid length.
[  220.392542][T14628] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  220.444280][ T5939] Bluetooth: hci2: command 0x0405 tx timeout
[  220.489928][T14634] netlink: 'syz.3.2475': attribute type 1 has an invalid length.
[  220.513849][T14634] 8021q: adding VLAN 0 to HW filter on device bond6
[  220.540306][ T5939] Bluetooth: hci4: command 0x0c1a tx timeout
[  220.659637][T14647] overlayfs: conflicting lowerdir path
[  220.735380][   T40] audit: type=1400 audit(218.697:929): avc:  denied  { name_bind } for  pid=14655 comm="syz.4.2482" src=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  220.854049][T14610] xt_policy: output policy not valid in PREROUTING and INPUT
[  220.864166][  T835] usbhid 10-1:0.0: can't add hid device: -71
[  220.869373][  T835] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  220.875987][  T835] usb 10-1: USB disconnect, device number 5
[  220.914386][ T5990] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  221.089924][ T5990] usb 5-1: config 9 has an invalid interface number: 254 but max is 1
[  221.093319][ T5990] usb 5-1: config 9 has an invalid interface number: 226 but max is 1
[  221.098079][ T5990] usb 5-1: config 9 has an invalid interface number: 130 but max is 1
[  221.101665][ T5990] usb 5-1: config 9 has an invalid interface number: 254 but max is 1
[  221.105213][ T5990] usb 5-1: config 9 has 3 interfaces, different from the descriptor's value: 2
[  221.109671][ T5990] usb 5-1: config 9 has no interface number 0
[  221.112045][ T5990] usb 5-1: config 9 has no interface number 1
[  221.114714][ T5990] usb 5-1: config 9 has no interface number 2
[  221.117549][ T5990] usb 5-1: config 9 interface 254 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  221.122009][ T5990] usb 5-1: config 9 interface 254 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  221.126583][ T5990] usb 5-1: too many endpoints for config 9 interface 226 altsetting 107: 255, using maximum allowed: 30
[  221.137831][ T5990] usb 5-1: config 9 interface 226 altsetting 107 endpoint 0xD has invalid maxpacket 1023, setting to 64
[  221.142269][ T5990] usb 5-1: config 9 interface 226 altsetting 107 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[  221.147103][ T5990] usb 5-1: config 9 interface 130 altsetting 16 has an endpoint descriptor with address 0xDE, changing to 0x8E
[  221.152259][ T5990] usb 5-1: config 9 interface 130 altsetting 16 has a duplicate endpoint with address 0xD, skipping
[  221.156039][ T5990] usb 5-1: config 9 interface 130 altsetting 16 has a duplicate endpoint with address 0xA, skipping
[  221.160792][ T5990] usb 5-1: config 9 interface 130 altsetting 16 has 5 endpoint descriptors, different from the interface descriptor's value: 12
[  221.166196][ T5990] usb 5-1: too many endpoints for config 9 interface 254 altsetting 118: 137, using maximum allowed: 30
[  221.170473][ T5990] usb 5-1: config 9 interface 254 altsetting 118 has a duplicate endpoint with address 0xD, skipping
[  221.174730][ T5990] usb 5-1: config 9 interface 254 altsetting 118 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  221.179456][ T5990] usb 5-1: config 9 interface 254 altsetting 118 has a duplicate endpoint with address 0xF, skipping
[  221.183469][ T5990] usb 5-1: config 9 interface 254 altsetting 118 has an invalid descriptor for endpoint zero, skipping
[  221.187564][ T5990] usb 5-1: config 9 interface 254 altsetting 118 has a duplicate endpoint with address 0xD, skipping
[  221.192193][ T5990] usb 5-1: config 9 interface 254 altsetting 118 has a duplicate endpoint with address 0x2, skipping
[  221.196932][ T5990] usb 5-1: config 9 interface 254 altsetting 118 has 7 endpoint descriptors, different from the interface descriptor's value: 137
[  221.202733][ T5990] usb 5-1: config 9 interface 254 has no altsetting 0
[  221.205872][ T5990] usb 5-1: config 9 interface 226 has no altsetting 0
[  221.208851][ T5990] usb 5-1: config 9 interface 130 has no altsetting 0
[  221.658867][   T40] audit: type=1400 audit(219.557:930): avc:  denied  { getattr } for  pid=14669 comm="syz.4.2486" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  221.716203][   T40] audit: type=1400 audit(219.604:931): avc:  denied  { setopt } for  pid=14669 comm="syz.4.2486" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  221.886983][T14683] sp0: Synchronizing with TNC
[  221.900033][T14682] [U] è
[  222.001228][T14685] __nla_validate_parse: 11 callbacks suppressed
[  222.001245][T14685] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2491'.
[  222.580700][   T40] audit: type=1326 audit(220.418:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.4.2498" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd92218e969 code=0x7ffc0000
[  222.583257][T14710] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  222.588336][   T40] audit: type=1326 audit(220.418:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14709 comm="syz.4.2498" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd92218e969 code=0x7ffc0000
[  222.764016][ T5939] Bluetooth: hci4: command 0x0c1a tx timeout
[  222.837388][T14720] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2501'.
[  222.846086][T14720] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2501'.
[  223.416052][   T64] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  223.440122][T14757] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  223.442549][T14757] overlayfs: failed to set xattr on upper
[  223.444541][T14757] overlayfs: ...falling back to redirect_dir=nofollow.
[  223.447085][T14757] overlayfs: ...falling back to index=off.
[  223.449639][T14757] overlayfs: ...falling back to uuid=null.
[  223.451609][T14757] overlayfs: ...falling back to xino=off.
[  223.453560][T14757] overlayfs: conflicting lowerdir path
[  223.576502][   T64] usb 10-1: Using ep0 maxpacket: 8
[  223.581298][   T64] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  223.584885][   T64] usb 10-1: config 0 has no interface number 0
[  223.592247][   T64] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  223.596162][   T64] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  223.599554][   T64] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.603778][   T64] usb 10-1: config 0 descriptor??
[  223.612653][   T64] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  223.699787][T14761] xt_hashlimit: size too large, truncated to 1048576
[  223.726269][ T5973] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  223.883017][ T5990] usb 5-1: New USB device found, idVendor=04da, idProduct=2372, bcdDevice=56.6a
[  223.886041][ T5990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.893000][ T5990] usb 5-1: can't set config #9, error -71
[  223.896626][ T5990] usb 5-1: USB disconnect, device number 35
[  223.901712][ T5973] usb 9-1: Using ep0 maxpacket: 16
[  223.905108][ T5973] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  223.914661][ T5973] usb 9-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  223.917711][ T5973] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.922568][ T5973] usb 9-1: Product: syz
[  223.924010][ T5973] usb 9-1: Manufacturer: syz
[  223.925727][ T5973] usb 9-1: SerialNumber: syz
[  223.929001][ T5973] usb 9-1: config 0 descriptor??
[  223.934012][ T5973] hub 9-1:0.0: bad descriptor, ignoring hub
[  223.935967][ T5973] hub 9-1:0.0: probe with driver hub failed with error -5
[  223.941425][ T5973] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input25
[  224.059837][T14772] sctp: [Deprecated]: syz.0.2518 (pid 14772) Use of int in maxseg socket option.
[  224.059837][T14772] Use struct sctp_assoc_value instead
[  224.065533][T14772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2518'.
[  224.071086][T14772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2518'.
[  224.079061][T14772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2518'.
[  224.083428][T14772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2518'.
[  224.147306][T14774] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  224.254005][T14779] netlink: 'syz.0.2520': attribute type 10 has an invalid length.
[  224.265308][T14779] team0: Device ipvlan1 failed to register rx_handler
[  224.350397][T14785] openvswitch: netlink: Geneve opt len 126 is not a multiple of 4.
[  224.623224][T14797] netlink: 'syz.3.2523': attribute type 5 has an invalid length.
[  224.637598][    T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!!
[  224.688023][T14801] netlink: 'syz.0.2526': attribute type 1 has an invalid length.
[  224.744986][T14806] program syz.0.2527 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  224.752935][T14808] tmpfs: Bad value for 'mpol'
[  224.823023][T14812] fuse: Bad value for 'user_id'
[  224.824705][T14812] fuse: Bad value for 'user_id'
[  224.960153][T14817] binder: BINDER_SET_CONTEXT_MGR already set
[  224.962241][T14817] binder: 14816:14817 ioctl 4018620d 2000000000c0 returned -16
[  224.964820][T14817] binder: BINDER_SET_CONTEXT_MGR already set
[  224.967034][T14817] binder: 14816:14817 ioctl 4018620d 2000000000c0 returned -16
[  224.969754][T14817] binder: BINDER_SET_CONTEXT_MGR already set
[  224.972964][T14817] binder: 14816:14817 ioctl 4018620d 2000000000c0 returned -16
[  224.976960][ T5939] Bluetooth: hci4: command 0x0c1a tx timeout
[  225.404815][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  225.516772][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  225.516782][   T40] audit: type=1400 audit(223.159:949): avc:  denied  { bind } for  pid=14834 comm="syz.4.2537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  225.525847][T14835] random: crng reseeded on system resumption
[  225.607255][T14838] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  225.719965][T14842] syzkaller1: entered promiscuous mode
[  225.722481][T14842] syzkaller1: entered allmulticast mode
[  225.729932][ T5939] Bluetooth: hci4: unexpected subevent 0x04 length: 9 < 11
[  226.076201][T14859] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64 sclass=netlink_xfrm_socket pid=14859 comm=syz.0.2548
[  226.224736][T14875] ipt_REJECT: TCP_RESET invalid for non-tcp
[  226.227272][T14875] Invalid source name
[  226.229766][T14875] UBIFS error (pid: 14875): cannot open "ubifs", error -22
[  226.267595][T14877] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  226.276005][T14877] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2554'.
[  226.343717][T14884] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2556'.
[  226.376874][   T64] usb 10-1: USB disconnect, device number 6
[  226.429008][   T40] audit: type=1400 audit(224.010:950): avc:  denied  { read } for  pid=14889 comm="syz.4.2559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  226.438032][   T40] audit: type=1400 audit(224.010:951): avc:  denied  { write } for  pid=14889 comm="syz.4.2559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  226.444708][   T40] audit: type=1400 audit(224.010:952): avc:  denied  { read } for  pid=14889 comm="syz.4.2559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  226.446802][T14888] hub 2-0:1.0: USB hub found
[  226.454034][T14888] hub 2-0:1.0: 2 ports detected
[  226.623198][ T5972] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  226.633649][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.636403][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.638848][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.641247][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.643678][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.647352][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.649802][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.652189][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.654620][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.657188][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.659655][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.662060][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.664447][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.667066][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.669490][ T9607] hid-generic 00A0:000B:0007.0008: unknown main item tag 0x0
[  226.674444][ T9607] hid-generic 00A0:000B:0007.0008: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  226.736900][T14906] lo speed is unknown, defaulting to 1000
[  226.785299][T14907] vlan0: left promiscuous mode
[  226.804968][ T5972] usb 5-1: Using ep0 maxpacket: 32
[  226.808955][ T5972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.811842][T14909] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2565'.
[  226.813632][ T5972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.813677][ T5972] usb 5-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00
[  226.826403][ T5972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.833145][ T5972] usb 5-1: config 0 descriptor??
[  226.855720][T14909] bridge0: port 1(syz_tun) entered disabled state
[  226.902729][T14909] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  226.908770][ T5990] lo speed is unknown, defaulting to 1000
[  226.910743][ T5990] syz0: Port: 1 Link DOWN
[  226.921777][ T5990] lo speed is unknown, defaulting to 1000
[  227.169401][T14922] overlayfs: missing 'lowerdir'
[  227.204618][ T5972] usbhid 5-1:0.0: can't add hid device: -71
[  227.206779][ T5972] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  227.213468][ T5972] usb 5-1: USB disconnect, device number 36
[  227.276845][   T29] hid (null): unknown global tag 0xc
[  227.280265][   T40] audit: type=1400 audit(224.814:953): avc:  denied  { map } for  pid=14932 comm="syz.4.2574" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  227.280390][   T29] hid-generic 0101:0400:0000.0009: unknown main item tag 0x6
[  227.290782][   T29] hid-generic 0101:0400:0000.0009: unknown main item tag 0x7
[  227.293185][   T29] hid-generic 0101:0400:0000.0009: unexpected long global item
[  227.295895][   T29] hid-generic 0101:0400:0000.0009: probe with driver hid-generic failed with error -22
[  227.794319][   T40] audit: type=1400 audit(225.291:954): avc:  denied  { read } for  pid=14940 comm="syz.0.2577" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  227.804113][   T40] audit: type=1400 audit(225.291:955): avc:  denied  { open } for  pid=14940 comm="syz.0.2577" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  227.857471][T14947] xt_limit: Overflow, try lower: 1207959552/384
[  227.900967][   T34] usb 9-1: USB disconnect, device number 11
[  228.123775][T14959] __nla_validate_parse: 1 callbacks suppressed
[  228.123786][T14959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2584'.
[  228.169334][T14962] bridge0: port 2(veth0_to_bridge) entered blocking state
[  228.171803][T14962] bridge0: port 2(veth0_to_bridge) entered disabled state
[  228.174512][T14962] veth0_to_bridge: entered allmulticast mode
[  228.178055][T14962] veth0_to_bridge: entered promiscuous mode
[  228.329458][   T40] audit: type=1804 audit(225.796:956): pid=14967 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.2586" name="/newroot/344/file1" dev="fuse" ino=1 res=1 errno=0
[  228.381085][   T40] audit: type=1800 audit(225.843:957): pid=14967 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.2586" name="/" dev="fuse" ino=1 res=0 errno=0
[  228.393645][T14975] No control pipe specified
[  228.601010][ T5990] usb 10-1: new full-speed USB device number 7 using dummy_hcd
[  228.763329][ T5990] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  228.765835][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  228.769485][ T5990] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  228.773456][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  228.777025][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  228.781684][ T5990] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  228.784433][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  228.787949][ T5990] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  228.791781][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  228.795839][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  228.800370][ T5990] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  228.802992][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  228.806784][ T5990] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  228.810608][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  228.814309][ T5990] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  228.820545][ T5990] usb 10-1: string descriptor 0 read error: -22
[  228.822661][ T5990] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  228.826063][ T5990] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.833186][ T5990] adutux 10-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  229.055178][T14985] netlink: 'syz.3.2592': attribute type 1 has an invalid length.
[  229.060151][T14988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2593'.
[  229.069582][T14988] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2593'.
[  229.079367][T14988] geneve2: entered promiscuous mode
[  229.081901][T14988] geneve2: entered allmulticast mode
[  229.401724][T15008] kvm: kvm [15007]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x2203
[  229.415625][   T40] audit: type=1326 audit(226.816:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15010 comm="syz.4.2601" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd92218e969 code=0x0
[  229.732800][T15025] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2605'.
[  229.737297][T15025] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2605'.
[  229.778088][T15028] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2606'.
[  230.023569][ T5283] Bluetooth: hci4: unexpected event for opcode 0x0c7c
[  230.084862][T15045] netlink: 'syz.0.2610': attribute type 10 has an invalid length.
[  230.088852][T15045] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2610'.
[  230.097337][T15045] team0: Port device geneve0 added
[  230.110891][T15045] 9pnet: p9_errstr2errno: server reported unknown error �@íÿÿÿÿÿÿÿÿ	 
[  230.600008][T15059] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2614'.
[  230.609053][T15059] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  230.613059][T15059] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  230.617011][T15059] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  230.620165][T15059] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  230.625175][T15059] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.628539][T15059] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.631521][T15059] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.635250][T15059] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.823224][T15073] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2618'.
[  230.868274][T15077] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2620'.
[  230.871487][T15077] netlink: 'syz.3.2620': attribute type 30 has an invalid length.
[  230.922744][T15081] futex_wake_op: syz.4.2622 tries to shift op by -33; fix this program
[  230.932166][T15082] binder: 15076:15082 ioctl c0306201 2000000003c0 returned -14
[  230.986461][T15085] 8021q: adding VLAN 0 to HW filter on device bond7
[  231.003035][T15085] gretap1: entered allmulticast mode
[  231.087733][T15085] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  231.088112][   T40] audit: type=1400 audit(228.369:959): avc:  denied  { append } for  pid=15084 comm="syz.3.2623" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  231.135260][   T40] audit: type=1400 audit(228.425:960): avc:  denied  { getopt } for  pid=15088 comm="syz.4.2624" lport=51389 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  231.224351][   T64] usb 10-1: USB disconnect, device number 7
[  231.361767][   T40] audit: type=1400 audit(228.631:961): avc:  denied  { read append } for  pid=15104 comm="syz.4.2631" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  231.375088][T15105] bond0: entered promiscuous mode
[  231.377314][T15105] bond_slave_0: entered promiscuous mode
[  231.380013][T15105] bond_slave_1: entered promiscuous mode
[  231.380726][   T40] audit: type=1400 audit(228.631:962): avc:  denied  { open } for  pid=15104 comm="syz.4.2631" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  231.390787][   T40] audit: type=1400 audit(228.631:963): avc:  denied  { map } for  pid=15104 comm="syz.4.2631" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  231.391565][T15105] bond1: entered promiscuous mode
[  231.399287][   T40] audit: type=1400 audit(228.631:964): avc:  denied  { write execute } for  pid=15104 comm="syz.4.2631" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  231.401752][T15105] batadv0: entered promiscuous mode
[  231.413684][T15105] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  231.416937][T15105] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  231.420717][T15105] 8021q: adding VLAN 0 to HW filter on device hsr1
[  231.425267][T15105] bond0: left promiscuous mode
[  231.427141][T15105] bond_slave_0: left promiscuous mode
[  231.429318][T15105] bond_slave_1: left promiscuous mode
[  231.431281][T15105] bond1: left promiscuous mode
[  231.433737][T15105] batadv0: left promiscuous mode
[  231.613546][T15117] geneve3: entered promiscuous mode
[  231.615368][T15117] geneve3: entered allmulticast mode
[  231.715433][T15132] netlink: 'syz.4.2639': attribute type 14 has an invalid length.
[  231.795174][T15140] Cannot find map_set index 0 as target
[  231.853897][   T40] audit: type=1400 audit(229.089:965): avc:  denied  { read } for  pid=15143 comm="syz.5.2645" name="file0" dev="9p" ino=35913827 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  231.888055][T15149] 9pnet: p9_errstr2errno: server reported unknown error �@íÿÿÿÿÿÿÿÿ	
[  232.000656][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  232.064167][T15160] binder: 15159:15160 ioctl c00c620f 0 returned -14
[  232.086483][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  232.097881][T15168] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  232.218906][T15174] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  232.225436][   T40] audit: type=1400 audit(229.444:966): avc:  denied  { connect } for  pid=15173 comm="syz.4.2655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  232.364059][   T34] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  232.524542][   T34] usb 10-1: Using ep0 maxpacket: 32
[  232.529406][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.534254][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.538786][   T34] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  232.542731][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.549479][   T34] usb 10-1: config 0 descriptor??
[  232.648098][T15199] netlink: 'syz.3.2665': attribute type 10 has an invalid length.
[  232.652480][T15199] bond0: (slave `ëÿÿ): Enslaving as an active interface with an up link
[  232.928783][   T40] audit: type=1400 audit(230.090:967): avc:  granted  { setsecparam } for  pid=15205 comm="syz.3.2668" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  232.995749][   T34] savu 0003:1E7D:2D5A.000A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[  233.147350][   T40] audit: type=1400 audit(230.305:968): avc:  denied  { bind } for  pid=15216 comm="syz.3.2671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  233.232068][T15222] syz.3.2671 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  233.443624][T15225] lo speed is unknown, defaulting to 1000
[  234.179804][ T5283] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  234.184113][ T5283] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  234.188505][ T5283] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  234.193587][ T5283] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  234.197186][ T5283] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  234.253938][T15243] lo speed is unknown, defaulting to 1000
[  234.430206][T15243] chnl_net:caif_netlink_parms(): no params data found
[  234.494113][ T5990] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  234.507860][   T84] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.512352][   T84] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.589738][   T84] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.593134][   T84] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.634489][T15243] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.637008][T15243] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.640193][T15243] bridge_slave_0: entered allmulticast mode
[  234.645213][T15243] bridge_slave_0: entered promiscuous mode
[  234.649824][T15243] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.653285][ T5990] usb 5-1: Using ep0 maxpacket: 16
[  234.655690][T15243] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.659591][T15243] bridge_slave_1: entered allmulticast mode
[  234.660468][T15248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.664155][T15243] bridge_slave_1: entered promiscuous mode
[  234.664715][T15248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.670341][T15248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.674585][T15248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.681576][T15255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.686924][T15255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.690431][T15256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.693688][T15256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.704820][ T5990] usb 5-1: unable to get BOS descriptor or descriptor too short
[  234.708191][ T5990] usb 5-1: unable to read config index 0 descriptor/start: -71
[  234.710690][ T5990] usb 5-1: can't read configurations, error -71
[  234.719446][   T84] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  234.723917][   T84] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.746333][T15243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.752055][T15243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.785117][T15243] team0: Port device team_slave_0 added
[  234.788783][T15243] team0: Port device team_slave_1 added
[  234.834587][T15243] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.836871][T15243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.846295][T15243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.850744][T15243] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.853041][T15243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.861358][T15243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.919626][T15243] hsr_slave_0: entered promiscuous mode
[  234.922789][T15243] hsr_slave_1: entered promiscuous mode
[  234.926305][T15243] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.929564][T15243] Cannot create hsr debugfs directory
[  235.005394][   T84] bridge0: port 3(batadv0) entered disabled state
[  235.009715][   T84] bridge_slave_1: left allmulticast mode
[  235.011588][   T84] bridge_slave_1: left promiscuous mode
[  235.013520][   T84] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.017688][   T84] bridge_slave_0: left allmulticast mode
[  235.019601][   T84] bridge_slave_0: left promiscuous mode
[  235.021537][   T84] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.079583][ T5990] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  235.167093][T15261] __nla_validate_parse: 8 callbacks suppressed
[  235.167110][T15261] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2681'.
[  235.220240][T15264] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2682'.
[  235.243880][ T5990] usb 5-1: config 1 interface 0 altsetting 11 endpoint 0x81 has invalid wMaxPacketSize 0
[  235.247066][ T5990] usb 5-1: config 1 interface 0 altsetting 11 endpoint 0x2 has an invalid bInterval 164, changing to 11
[  235.258994][ T5990] usb 5-1: config 1 interface 0 has no altsetting 0
[  235.263480][ T5990] usb 5-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.40
[  235.266410][ T5990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.269105][ T5990] usb 5-1: Product: syz
[  235.270468][ T5990] usb 5-1: Manufacturer: syz
[  235.272519][ T5990] usb 5-1: SerialNumber: syz
[  235.614982][   T29] usb 10-1: reset high-speed USB device number 8 using dummy_hcd
[  235.620970][   T29] usb 10-1: device reset changed ep0 maxpacket size!
[  235.643036][ T5971] usb 10-1: USB disconnect, device number 8
[  235.717898][   T84] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.723060][   T84] bond0 (unregistering): (slave `ëÿÿ): Releasing backup interface
[  235.730998][   T84] bond0 (unregistering): Released all slaves
[  235.737214][   T84] bond1 (unregistering): Released all slaves
[  235.763231][T15265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.768427][T15265] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.817185][ T5971] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  235.844134][   T84] bond2 (unregistering): Released all slaves
[  235.931781][   T84] bond3 (unregistering): Released all slaves
[  235.938522][   T84] bond4 (unregistering): Released all slaves
[  235.944775][   T84] bond5 (unregistering): Released all slaves
[  235.950923][T15268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2683'.
[  236.000631][ T5971] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  236.005468][ T5971] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  236.008727][ T5971] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  236.012726][ T5971] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  236.017620][ T5971] usb 10-1: New USB device found, idVendor=0738, idProduct=a2c5, bcdDevice=1e.ce
[  236.020981][ T5971] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.023945][ T5971] usb 10-1: Product: syz
[  236.025722][ T5971] usb 10-1: Manufacturer: syz
[  236.027696][ T5971] usb 10-1: SerialNumber: syz
[  236.031885][ T5971] usb 10-1: config 0 descriptor??
[  236.040577][ T5971] xpad 10-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  236.040599][   T84] bond6 (unregistering): Released all slaves
[  236.046335][ T5971] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input26
[  236.156473][   T84] bond7 (unregistering): Released all slaves
[  236.201633][ T5990] usbhid 5-1:1.0: can't add hid device: -71
[  236.203780][ T5990] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  236.215358][ T5990] usb 5-1: USB disconnect, device number 38
[  236.250121][T15264] fuse: Bad value for 'user_id'
[  236.252033][T15264] fuse: Bad value for 'user_id'
[  236.316590][T15272] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  236.343511][   T84] tipc: Disabling bearer <udp:syz0>
[  236.346832][   T84] tipc: Left network mode
[  236.438204][ T5939] Bluetooth: hci0: command tx timeout
[  236.595360][   T40] audit: type=1326 audit(233.523:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15300 comm="syz.4.2689" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd92218e969 code=0x0
[  236.882401][T15243] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  236.888563][T15243] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  236.914862][T15243] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  236.926528][T15243] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  237.000634][   T84] hsr_slave_1: left promiscuous mode
[  237.003234][   T84] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  237.008782][   T84] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.124768][T15352] overlayfs: empty lowerdir
[  237.408754][   T84] team0 (unregistering): Port device team_slave_1 removed
[  237.903037][T15243] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.938942][T15243] 8021q: adding VLAN 0 to HW filter on device team0
[  237.947449][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.949907][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.957724][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.960174][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.995612][T15243] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  238.127246][T15243] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.164654][T15243] veth0_vlan: entered promiscuous mode
[  238.173202][T15243] veth1_vlan: entered promiscuous mode
[  238.191544][T15243] veth0_macvtap: entered promiscuous mode
[  238.196250][T15243] veth1_macvtap: entered promiscuous mode
[  238.209262][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.214283][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.215505][T15384] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  238.218029][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.220476][T15384] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  238.224767][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.227540][T15384] vhci_hcd vhci_hcd.0: Device attached
[  238.231235][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.240464][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.245575][T15243] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.252792][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.256880][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.260202][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.264560][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.269690][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.273068][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.276489][T15243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.280178][T15243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.284240][T15243] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.291444][T15243] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.294188][T15243] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.297011][T15243] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.300354][T15243] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.328429][   T84] IPVS: stop unused estimator thread 0...
[  238.347280][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.349994][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.365483][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.368091][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.430521][T15389] lo speed is unknown, defaulting to 1000
[  238.441247][  T835] usb 10-1: USB disconnect, device number 9
[  238.446198][  T835] xpad 10-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  238.475006][T15393] IPv6: NLM_F_CREATE should be specified when creating new route
[  238.479190][T15393] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  238.481978][T15393] IPv6: NLM_F_CREATE should be set when creating new route
[  238.484830][T15393] IPv6: NLM_F_CREATE should be set when creating new route
[  238.488069][T15392] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  238.535444][   T24] usb 46-1: SetAddress Request (2) to port 0
[  238.538794][   T24] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  238.660914][ T5939] Bluetooth: hci0: command tx timeout
[  238.861022][T15407] delete_channel: no stack
[  239.054021][T15429] program syz.0.2716 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.057867][T15429] ata1.00: non-matching transfer count (32/0)
[  239.084027][   T40] audit: type=1400 audit(235.852:970): avc:  denied  { rename } for  pid=15425 comm="syz.0.2716" name="file0" dev="tmpfs" ino=612 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  239.149153][T15432] nfs: Unknown parameter 'noach\Œ˜šðˆ¨ey†Ý¨ÆéoÙÕ§p€Ñ
jÁë
cٴh
Uà²ÆíQVQlpYCj'
[  239.185840][T15434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2718'.
[  239.224286][   T40] audit: type=1400 audit(235.983:971): avc:  denied  { mounton } for  pid=15435 comm="syz.0.2719" path="/" dev="proc" ino=56192 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_net_t tclass=dir permissive=1
[  239.229860][T15436] input: syz0 as /devices/virtual/input/input27
[  239.254273][T15436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2719'.
[  239.500082][   T40] audit: type=1400 audit(236.245:972): avc:  denied  { node_bind } for  pid=15442 comm="syz.0.2722" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  239.558670][T15450] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2724'.
[  239.587454][T15450] Context (ID=0x4d2) not attached to queue pair (handle=0x4d2:0x3)
[  239.620230][   T40] audit: type=1400 audit(236.357:973): avc:  denied  { write } for  pid=15451 comm="syz.0.2726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  239.700593][T15454] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2725'.
[  239.753660][T15456] syzkaller0: entered promiscuous mode
[  239.755450][T15456] syzkaller0: entered allmulticast mode
[  240.554083][T15461] netlink: 'syz.0.2729': attribute type 10 has an invalid length.
[  240.741309][   T40] audit: type=1400 audit(237.405:974): avc:  denied  { ioctl } for  pid=15460 comm="syz.0.2729" path="socket:[65094]" dev="sockfs" ino=65094 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  240.884599][ T5939] Bluetooth: hci0: command tx timeout
[  241.160789][T15461] team0: Device ipvlan1 failed to register rx_handler
[  241.268269][   T40] audit: type=1400 audit(237.891:975): avc:  denied  { getopt } for  pid=15477 comm="syz.5.2735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  241.282278][T15474] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2734'.
[  241.367953][T15495] nbd: must specify a size in bytes for the device
[  241.465185][T15507] lo speed is unknown, defaulting to 1000
[  241.509392][T15514] hpfs: Bad magic ... probably not HPFS
[  241.907813][T15549] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  241.946380][T15549] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  241.950508][T15549] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  241.953314][T15549] kvm: requested 29333 ns i8254 timer period limited to 200000 ns
[  241.956700][T15549] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  241.962515][T15549] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  241.966463][T15549] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  241.970178][T15549] kvm: requested 93028 ns i8254 timer period limited to 200000 ns
[  241.973794][T15549] kvm: requested 7542 ns i8254 timer period limited to 200000 ns
[  241.977517][T15549] kvm: requested 10057 ns i8254 timer period limited to 200000 ns
[  242.060620][   T64] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  242.067842][T15561] netlink: 'syz.0.2756': attribute type 1 has an invalid length.
[  242.099153][T15564] netlink: 'syz.0.2757': attribute type 27 has an invalid length.
[  242.176390][T15570] netlink: 'syz.3.2759': attribute type 10 has an invalid length.
[  242.186709][T15570] 8021q: adding VLAN 0 to HW filter on device team0
[  242.191704][T15570] bond0: (slave team0): Enslaving as an active interface with an up link
[  242.196379][T15570] netlink: 'syz.3.2759': attribute type 1 has an invalid length.
[  242.204419][T15570] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  242.220863][   T64] usb 10-1: Using ep0 maxpacket: 32
[  242.223932][   T64] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  242.234474][   T64] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  242.237513][   T64] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  242.240715][   T64] usb 10-1: Product: syz
[  242.242274][   T64] usb 10-1: Manufacturer: syz
[  242.243906][   T64] usb 10-1: SerialNumber: syz
[  242.251954][   T64] usb 10-1: config 0 descriptor??
[  242.255651][T15545] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  242.258713][   T64] hub 10-1:0.0: bad descriptor, ignoring hub
[  242.260699][   T64] hub 10-1:0.0: probe with driver hub failed with error -5
[  242.389206][   T40] audit: type=1400 audit(238.939:976): avc:  denied  { write } for  pid=15580 comm="syz.4.2763" name="file0" dev="tmpfs" ino=2183 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  242.390944][T15583] Bluetooth: MGMT ver 1.23
[  242.397802][   T40] audit: type=1400 audit(238.939:977): avc:  denied  { open } for  pid=15580 comm="syz.4.2763" path="/397/file0" dev="tmpfs" ino=2183 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  242.407711][   T40] audit: type=1400 audit(238.967:978): avc:  denied  { ioctl } for  pid=15580 comm="syz.4.2763" path="/397/file0" dev="tmpfs" ino=2183 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  242.430196][T15588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15588 comm=syz.3.2765
[  242.558398][T15604] program syz.4.2771 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.562399][T15604] ubi31: attaching mtd0
[  242.569821][T15604] ubi31: scanning is finished
[  242.571939][T15604] ubi31: empty MTD device detected
[  242.608062][ T5796] usb 10-1: USB disconnect, device number 10
[  242.713271][T15604] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  242.715840][T15604] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  242.718631][T15604] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  242.720887][T15604] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  242.724831][T15604] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  242.727124][T15604] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  242.729829][T15604] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2769632351
[  242.733098][T15604] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  242.738405][T15614] ubi31: background thread "ubi_bgt31d" started, PID 15614
[  242.800029][T15619] ptm ptm4: ldisc open failed (-12), clearing slot 4
[  243.070888][T15630] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2780'.
[  243.110570][ T5939] Bluetooth: hci0: command tx timeout
[  243.142766][   T40] audit: type=1400 audit(239.650:979): avc:  denied  { append } for  pid=15633 comm="syz.5.2782" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  243.156413][   T40] audit: type=1400 audit(239.659:980): avc:  denied  { read } for  pid=15633 comm="syz.5.2782" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  243.164611][   T40] audit: type=1400 audit(239.678:981): avc:  denied  { open } for  pid=15633 comm="syz.5.2782" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  243.173403][   T40] audit: type=1400 audit(239.687:982): avc:  denied  { ioctl } for  pid=15633 comm="syz.5.2782" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  243.216065][   T40] audit: type=1400 audit(239.724:983): avc:  denied  { write } for  pid=15633 comm="syz.5.2782" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  243.412046][   T40] audit: type=1400 audit(239.902:984): avc:  denied  { watch_with_perm } for  pid=15636 comm="syz.5.2783" path="/169/bus" dev="tmpfs" ino=961 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  243.466466][T15639] can0: slcan on ptm0.
[  243.592289][T15641] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  243.664615][T15639] can0 (unregistered): slcan off ptm0.
[  243.762208][T15658] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15658 comm=syz.4.2790
[  243.762994][T15657] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2789'.
[  243.818151][T15662] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2789'.
[  243.822313][T15661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2792'.
[  243.850672][T15387] syz_tun (unregistering): left allmulticast mode
[  243.852952][T15387] syz_tun (unregistering): left promiscuous mode
[  243.855692][T15387] bridge0: port 1(syz_tun) entered disabled state
[  243.912181][T15385] vhci_hcd: connection reset by peer
[  243.919669][ T1142] vhci_hcd: stop threads
[  243.921379][ T1142] vhci_hcd: release socket
[  243.923099][ T1142] vhci_hcd: disconnect device
[  243.951169][T15666] kvm: kvm [15665]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000004)
[  243.974437][   T24] usb 46-1: device descriptor read/8, error -110
[  244.000843][ T1142] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.007106][ T1142] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  244.103334][ T1142] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.107773][ T1142] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  244.126079][ T5283] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  244.131486][ T5283] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  244.140139][ T5283] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  244.145972][ T5283] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  244.152035][ T5283] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  244.156256][   T40] audit: type=1400 audit(240.604:985): avc:  denied  { create } for  pid=15674 comm="syz.0.2797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  244.175914][T15672] lo speed is unknown, defaulting to 1000
[  244.195732][ T1142] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.201326][ T1142] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  244.289886][ T1142] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.295128][ T1142] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  244.412978][   T24] usb usb46-port1: attempt power cycle
[  244.419764][T15672] chnl_net:caif_netlink_parms(): no params data found
[  244.462434][ T1142] veth0_to_bridge: left allmulticast mode
[  244.464972][ T1142] veth0_to_bridge: left promiscuous mode
[  244.467715][ T1142] bridge0: port 2(veth0_to_bridge) entered disabled state
[  244.985407][T15686] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2800'.
[  244.990781][T15686] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2800'.
[  245.002906][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  245.008222][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  245.016197][ T1142] bond0 (unregistering): (slave bond1): Releasing backup interface
[  245.020613][ T1142] bond0 (unregistering): Released all slaves
[  245.038187][   T24] usb usb46-port1: unable to enumerate USB device
[  245.125618][ T1142] bond1 (unregistering): Released all slaves
[  245.172154][T15686] bridge0: entered promiscuous mode
[  245.174722][T15686] batadv_slave_1: entered promiscuous mode
[  245.260701][T15672] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.261875][T15698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2804'.
[  245.263049][T15672] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.269915][T15672] bridge_slave_0: entered allmulticast mode
[  245.272605][T15672] bridge_slave_0: entered promiscuous mode
[  245.292351][T15672] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.294861][T15672] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.297262][T15672] bridge_slave_1: entered allmulticast mode
[  245.300149][T15672] bridge_slave_1: entered promiscuous mode
[  245.356083][T15672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.366695][T15672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.467502][T15672] team0: Port device team_slave_0 added
[  245.473937][T15672] team0: Port device team_slave_1 added
[  245.524224][T15672] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.526535][T15672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.535521][T15672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.539974][T15672] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.542271][T15672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.552384][T15672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.562554][T15708] bond0: entered promiscuous mode
[  245.564772][T15708] bond_slave_0: entered promiscuous mode
[  245.567381][T15708] bond_slave_1: entered promiscuous mode
[  245.627588][T15716] netlink: 'syz.0.2807': attribute type 1 has an invalid length.
[  245.633623][T15716] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2807'.
[  245.685889][T15672] hsr_slave_0: entered promiscuous mode
[  245.688197][T15672] hsr_slave_1: entered promiscuous mode
[  245.690518][T15672] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  245.693090][T15672] Cannot create hsr debugfs directory
[  245.843481][ T1142] hsr_slave_0: left promiscuous mode
[  245.854110][ T1142] hsr_slave_1: left promiscuous mode
[  245.859023][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.861564][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.864531][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.867071][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.886378][ T1142] veth1_macvtap: left promiscuous mode
[  245.888374][ T1142] veth0_macvtap: left promiscuous mode
[  246.263342][T15729] tmpfs: Bad value for 'mpol'
[  246.368770][ T5939] Bluetooth: hci1: command tx timeout
[  246.510173][ T1142] team_slave_1 (unregistering): left promiscuous mode
[  246.516001][ T1142] team0 (unregistering): Port device team_slave_1 removed
[  246.561813][ T1142] team_slave_0 (unregistering): left promiscuous mode
[  246.566550][ T1142] team0 (unregistering): Port device team_slave_0 removed
[  247.174257][T15737] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2813'.
[  247.177887][T15737] netlink: 'syz.3.2813': attribute type 7 has an invalid length.
[  247.180560][T15737] netlink: 'syz.3.2813': attribute type 8 has an invalid length.
[  247.183334][T15737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2813'.
[  247.214676][   T65] smc: removing ib device syz0
[  247.632644][T15776] netlink: 'syz.3.2824': attribute type 58 has an invalid length.
[  247.636123][T15776] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2824'.
[  247.640515][T15769] netlink: 272 bytes leftover after parsing attributes in process `syz.0.2821'.
[  247.985213][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  247.985225][   T40] audit: type=1400 audit(245.180:996): avc:  denied  { create } for  pid=15793 comm="syz.3.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  248.005496][   T40] audit: type=1326 audit(245.180:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15793 comm="syz.3.2829" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f629e98e969 code=0x0
[  248.062927][   T40] audit: type=1400 audit(245.245:998): avc:  denied  { create } for  pid=15793 comm="syz.3.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  248.072960][   T40] audit: type=1400 audit(245.245:999): avc:  denied  { write } for  pid=15793 comm="syz.3.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  248.080806][   T40] audit: type=1400 audit(245.245:1000): avc:  denied  { node_bind } for  pid=15793 comm="syz.3.2829" saddr=224.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  248.255715][T15672] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  248.266899][T15672] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  248.290381][ T1142] IPVS: stop unused estimator thread 0...
[  248.292868][T15672] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  248.315658][T15672] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  248.382500][T15672] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.394218][T15672] 8021q: adding VLAN 0 to HW filter on device team0
[  248.399656][  T218] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.402158][  T218] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.413333][  T218] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.415700][  T218] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.593609][ T5939] Bluetooth: hci1: command tx timeout
[  248.642384][T15672] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.852601][T15672] veth0_vlan: entered promiscuous mode
[  248.859298][T15672] veth1_vlan: entered promiscuous mode
[  248.879616][T15672] veth0_macvtap: entered promiscuous mode
[  248.884013][   T40] audit: type=1804 audit(246.012:1001): pid=15832 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2831" name="/newroot/148/file0" dev="tmpfs" ino=814 res=1 errno=0
[  248.885980][T15672] veth1_macvtap: entered promiscuous mode
[  248.910260][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.915310][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.918595][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.922129][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.926327][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.929485][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.933478][T15672] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.943386][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.947169][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.950401][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.953772][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.958385][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.961683][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.964767][T15672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.969813][T15672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.973917][T15672] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.976701][T15842] netlink: 'syz.0.2831': attribute type 1 has an invalid length.
[  248.989242][T15672] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.992109][T15672] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.995162][T15672] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.997945][T15672] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.028019][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2835'.
[  249.033080][T15846] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2835'.
[  249.038057][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2835'.
[  249.041042][T15846] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2835'.
[  249.123054][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.126129][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.154268][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.157305][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.184819][T15846] netlink: 'syz.3.2835': attribute type 11 has an invalid length.
[  249.188091][T15846] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2835'.
[  249.295734][T15870] netlink: 'syz.3.2841': attribute type 5 has an invalid length.
[  249.299469][T15870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2841'.
[  249.410309][T15876] PM: Enabling pm_trace changes system date and time during resume.
[  249.410309][T15876] PM: Correct system time has to be restored manually after resume.
[  249.459252][T15886] vivid-007: disconnect
[  249.527528][ T5283] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  249.577010][T15885] vivid-007: reconnect
[  249.739503][   T40] audit: type=1400 audit(246.826:1002): avc:  denied  { map } for  pid=15901 comm="syz.5.2850" path="socket:[67328]" dev="sockfs" ino=67328 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  250.943760][T15933] ptrace attach of "/syz-executor exec"[13856] was attempted by ""[15933]
[  250.951810][T15933] ptrace attach of "/syz-executor exec"[13856] was attempted by ""[15933]
[  250.995482][   T40] audit: type=1400 audit(247.995:1003): avc:  denied  { node_bind } for  pid=15937 comm="syz.0.2859" saddr=::1 src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  251.108090][   T40] audit: type=1400 audit(248.107:1004): avc:  denied  { create } for  pid=15942 comm="syz.5.2860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  251.115995][   T40] audit: type=1400 audit(248.107:1005): avc:  denied  { write } for  pid=15942 comm="syz.5.2860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  251.247053][ T1142] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.386780][T15963] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  251.406686][ T5283] Bluetooth: hci0: command 0x0406 tx timeout
[  251.461361][ T5930] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  251.470751][ T5930] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  251.474148][ T5930] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  251.477088][ T5930] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  251.481664][ T5930] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  251.587003][T15993] devpts: Bad value for 'max'
[  251.602595][T15971] chnl_net:caif_netlink_parms(): no params data found
[  251.604697][T15994] netlink: 'syz.0.2872': attribute type 30 has an invalid length.
[  251.607792][T15994] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  251.610743][T15994] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  251.709566][T15971] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.712047][T15971] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.716397][T15971] bridge_slave_0: entered allmulticast mode
[  251.719158][T15971] bridge_slave_0: entered promiscuous mode
[  251.722289][T15971] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.724897][T15971] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.727265][T15971] bridge_slave_1: entered allmulticast mode
[  251.730024][T15971] bridge_slave_1: entered promiscuous mode
[  251.777086][T15971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  251.782223][T15971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  251.826030][T15971] team0: Port device team_slave_0 added
[  251.829815][T15971] team0: Port device team_slave_1 added
[  251.866233][T15971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  251.868547][T15971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  251.877443][T15971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  251.881908][T15971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  251.884211][T15971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  251.891910][T16019] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  251.893307][T15971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  251.894663][T16019] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  251.894958][T16019] vhci_hcd vhci_hcd.0: Device attached
[  251.904549][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  251.913267][T16025] vim2m vim2m.0: vidioc_s_fmt queue busy
[  251.916061][T16025] fuse: Bad value for 'user_id'
[  251.917029][T16020] vhci_hcd: connection closed
[  251.919675][T16025] fuse: Bad value for 'user_id'
[  251.919958][  T218] vhci_hcd: stop threads
[  251.926716][  T218] vhci_hcd: release socket
[  251.928510][  T218] vhci_hcd: disconnect device
[  251.944959][T15971] hsr_slave_0: entered promiscuous mode
[  251.948253][T15971] hsr_slave_1: entered promiscuous mode
[  251.951348][T15971] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  251.953964][T15971] Cannot create hsr debugfs directory
[  252.070700][T16027] bond0: (slave team0): Releasing backup interface
[  252.093720][T16027] team0 (unregistering): Port device team_slave_0 removed
[  252.099809][T16027] team0 (unregistering): Port device team_slave_1 removed
[  252.390001][T16047] xt_CT: You must specify a L4 protocol and not use inversions on it
[  252.420861][T16050] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  252.424730][T16050] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  252.434686][T16053] input: syz0 as /devices/virtual/input/input29
[  252.458640][T16055] overlay: Unknown parameter 'measure'
[  252.499747][T16059] netlink: 'syz.3.2895': attribute type 2 has an invalid length.
[  252.508541][T16053] ipt_ECN: cannot use operation on non-tcp rule
[  252.552912][T16065] overlay: Unknown parameter 'fsmagic'
[  252.761811][T16079] __nla_validate_parse: 10 callbacks suppressed
[  252.761826][T16079] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2902'.
[  252.779464][T16081] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2902'.
[  252.836161][T16086] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  252.898955][T16094] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2905'.
[  253.142594][ T1142] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.213458][ T1142] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.278516][ T1142] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.335971][T16107] futex_wake_op: syz.0.2910 tries to shift op by -1; fix this program
[  253.401683][ T1142] bridge_slave_1: left allmulticast mode
[  253.407111][ T1142] bridge_slave_1: left promiscuous mode
[  253.409624][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.414856][ T1142] bridge_slave_0: left allmulticast mode
[  253.417354][ T1142] bridge_slave_0: left promiscuous mode
[  253.419952][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.627811][ T5283] Bluetooth: hci1: command tx timeout
[  253.628687][ T5930] Bluetooth: hci0: command 0x0406 tx timeout
[  253.665718][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  253.665728][   T40] audit: type=1400 audit(250.493:1014): avc:  denied  { ioctl } for  pid=16117 comm="syz.3.2913" path="socket:[66145]" dev="sockfs" ino=66145 ioctlcmd=0x941a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  253.675911][   T40] audit: type=1400 audit(250.493:1015): avc:  denied  { read } for  pid=16117 comm="syz.3.2913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  253.823873][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.830232][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.836590][ T1142] bond0 (unregistering): Released all slaves
[  254.084341][   T40] audit: type=1800 audit(250.886:1016): pid=16143 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2917" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  254.146757][   T40] audit: type=1800 audit(250.942:1017): pid=16137 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2917" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  254.210219][ T1142] hsr_slave_0: left promiscuous mode
[  254.215954][ T1142] hsr_slave_1: left promiscuous mode
[  254.218751][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.233345][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.239243][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.243533][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.300372][ T1142] veth1_macvtap: left promiscuous mode
[  254.302811][ T1142] veth0_macvtap: left promiscuous mode
[  254.304917][ T1142] veth1_vlan: left promiscuous mode
[  254.306997][ T1142] veth0_vlan: left promiscuous mode
[  254.866980][T16149] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2919'.
[  255.193649][T16154] netlink: 'syz.5.2920': attribute type 142 has an invalid length.
[  255.237086][ T1142] team0 (unregistering): Port device team_slave_1 removed
[  255.281265][T16157] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2921'.
[  255.377898][ T1142] team0 (unregistering): Port device team_slave_0 removed
[  255.410019][   T40] audit: type=1400 audit(252.120:1018): avc:  denied  { read } for  pid=16159 comm="syz.5.2922" name="file0" dev="tmpfs" ino=1226 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  255.521584][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  255.620698][T16167] kvm: pic: non byte read
[  255.626075][T16167] kvm: pic: single mode not supported
[  255.626243][T16167] kvm: pic: level sensitive irq not supported
[  255.632442][T16167] kvm: pic: non byte read
[  255.638633][T16167] kvm: pic: single mode not supported
[  255.639007][T16167] kvm: pic: non byte read
[  255.644675][T16167] kvm: pic: level sensitive irq not supported
[  255.645024][T16167] kvm: pic: non byte read
[  255.650661][T16167] kvm: pic: single mode not supported
[  255.650670][T16167] kvm: pic: level sensitive irq not supported
[  255.652692][T16167] kvm: pic: non byte read
[  255.660072][T16167] kvm: pic: level sensitive irq not supported
[  255.660339][T16167] kvm: pic: non byte read
[  255.666686][T16167] kvm: pic: non byte read
[  255.675121][T16167] kvm: pic: non byte read
[  255.678856][T16167] kvm: pic: non byte read
[  255.852769][ T5939] Bluetooth: hci1: command tx timeout
[  256.270225][   T40] audit: type=1400 audit(252.925:1019): avc:  denied  { ioctl } for  pid=16181 comm="syz.0.2926" path="socket:[68929]" dev="sockfs" ino=68929 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  256.272274][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  256.299945][T16182] sp0: Synchronizing with TNC
[  256.319605][ T5939] Bluetooth: hci4: unexpected event for opcode 0x1005
[  256.385516][T15971] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  256.400429][T15971] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  256.411727][T15971] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  256.424578][T15971] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  256.472539][T15971] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.476146][T16193] loop6: detected capacity change from 0 to 524287999
[  256.488516][T15971] 8021q: adding VLAN 0 to HW filter on device team0
[  256.496665][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.499051][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.511535][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.513898][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.529974][   T40] audit: type=1400 audit(253.177:1020): avc:  denied  { egress } for  pid=29 comm="kworker/1:0" daddr=ff02::16 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  256.535281][T15971] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  256.537975][   T40] audit: type=1400 audit(253.177:1021): avc:  denied  { sendto } for  pid=29 comm="kworker/1:0" daddr=ff02::16 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  256.542393][T15971] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  256.698391][T16214] netlink: 'syz.5.2934': attribute type 1 has an invalid length.
[  256.714401][T16214] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2934'.
[  256.720681][T15971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.726536][   T40] audit: type=1400 audit(253.355:1022): avc:  denied  { append } for  pid=16213 comm="syz.5.2934" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  256.775447][T16221] --map-set only usable from mangle table
[  256.790735][T16226] program syz.0.2937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  256.795313][T16226] program syz.0.2937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  256.799623][T16226] program syz.0.2937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  256.806704][T16226] program syz.0.2937 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  256.931068][T15971] veth0_vlan: entered promiscuous mode
[  256.940434][T15971] veth1_vlan: entered promiscuous mode
[  256.941813][   T40] audit: type=1400 audit(253.551:1023): avc:  denied  { setopt } for  pid=16242 comm="syz.5.2941" lport=48257 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  256.964129][T16245] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2942'.
[  256.968179][T15971] veth0_macvtap: entered promiscuous mode
[  256.974724][T15971] veth1_macvtap: entered promiscuous mode
[  256.988272][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.992985][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.998665][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.002375][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.007710][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.012074][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.017947][T15971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.023592][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.028442][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.032695][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.036458][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.040851][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.044591][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.048180][T15971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.053127][T15971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.057525][T15971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.075489][T16245] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  257.086315][T15971] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.089511][T15971] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.093701][T15971] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.097661][T15971] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.161788][  T218] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.165258][  T218] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.194262][ T1196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.197970][ T1196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.209925][T16267] tmpfs: Bad value for 'huge'
[  257.265694][T16274] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2949'.
[  257.308054][T16274] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16274 comm=syz.5.2949
[  257.313188][T16275] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16275 comm=syz.5.2949
[  257.319944][T16274] xt_hashlimit: size too large, truncated to 1048576
[  257.616385][T16316] netlink: 'syz.3.2958': attribute type 1 has an invalid length.
[  257.619474][T16317] netlink: 'syz.3.2958': attribute type 1 has an invalid length.
[  257.683631][T16324] CIFS mount error: No usable UNC path provided in device string!
[  257.683631][T16324] 
[  257.687481][T16324] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  257.798532][ T5939] Bluetooth: hci4: unexpected event for opcode 0x1004
[  257.803400][T16337] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16337 comm=syz.0.2964
[  257.814494][T16340] openvswitch: netlink: VXLAN extension 173 out of range max 1
[  257.880638][T16344] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.910111][T16348] netlink: 376 bytes leftover after parsing attributes in process `syz.0.2966'.
[  257.912751][T16348] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2966'.
[  258.184276][ T5939] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  258.186793][ T5939] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  258.266834][T16373] SET target dimension over the limit!
[  258.275714][T16371] bridge_slave_0: left promiscuous mode
[  258.278495][T16371] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.286222][T16371] bridge_slave_1: left promiscuous mode
[  258.288431][T16371] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.293856][T16371] bond0: (slave bond_slave_0): Releasing backup interface
[  258.301457][T16371] bond0: (slave bond_slave_1): Releasing backup interface
[  258.318648][T16371] team0: Port device team_slave_0 removed
[  258.326318][T16371] team0: Port device team_slave_1 removed
[  258.329445][T16371] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.338020][T16371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.343022][T16371] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.347586][T16371] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.358880][T16371] team0: Port device vlan0 removed
[  258.378992][  T218] tipc: Resetting bearer <eth:team0>
[  258.383455][T16376] __nla_validate_parse: 4 callbacks suppressed
[  258.383465][T16376] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2975'.
[  258.390715][T16377] netlink: 'syz.0.2975': attribute type 2 has an invalid length.
[  258.408174][ T5939] Bluetooth: hci2: Malformed LE Event: 0x0d
[  258.434059][T16382] netlink: 'syz.0.2977': attribute type 7 has an invalid length.
[  258.436803][T16382] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2977'.
[  258.778842][T16399] ipvlan2: entered allmulticast mode
[  258.781365][T16399] macvlan0: entered allmulticast mode
[  258.783763][T16399] veth1_vlan: entered allmulticast mode
[  258.820110][T16408] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2983'.
[  258.854731][T16414] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2985'.
[  258.907394][T16419] xt_l2tp: missing protocol rule (udp|l2tpip)
[  258.957418][T16422] bridge5: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  259.150285][T16428] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2990'.
[  259.410414][ T1196] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.491222][T16433] vivid-007: =================  START STATUS  =================
[  259.494481][T16433] vivid-007: Enable Output Cropping: true
[  259.500243][T16433] vivid-007: Enable Output Composing: true
[  259.503313][T16433] vivid-007: Enable Output Scaler: true
[  259.505679][T16433] vivid-007: Tx RGB Quantization Range: Automatic
[  259.508901][T16433] vivid-007: Transmit Mode: HDMI
[  259.511088][T16433] vivid-007: Hotplug Present: 0x00000000
[  259.512997][T16433] vivid-007: RxSense Present: 0x00000000
[  259.514937][T16433] vivid-007: EDID Present: 0x00000000
[  259.516843][T16433] vivid-007: ==================  END STATUS  ==================
[  259.592748][ T5930] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  259.598989][ T5930] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  259.605221][ T5930] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  259.609281][ T5930] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  259.613218][ T5930] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  259.615321][   T65] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  259.779104][T16437] chnl_net:caif_netlink_parms(): no params data found
[  259.871313][ T5939] Bluetooth: hci0: command 0x0406 tx timeout
[  259.901696][T16437] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.905248][T16437] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.907770][T16437] bridge_slave_0: entered allmulticast mode
[  259.910643][T16437] bridge_slave_0: entered promiscuous mode
[  259.915508][T16437] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.920744][T16437] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.923993][T16437] bridge_slave_1: entered allmulticast mode
[  259.928609][T16437] bridge_slave_1: entered promiscuous mode
[  259.967260][T16437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.973904][T16437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.002023][T16467] binder: 16465:16467 ioctl 4018620d 0 returned -22
[  260.019597][T16437] team0: Port device team_slave_0 added
[  260.023834][T16437] team0: Port device team_slave_1 added
[  260.072698][T16437] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.076030][T16437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.085270][T16437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.090048][T16437] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.092269][T16437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.102232][T16437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.169672][T16483] netlink: 480 bytes leftover after parsing attributes in process `syz.3.3004'.
[  260.175521][T16483] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3004'.
[  260.190523][T16437] hsr_slave_0: entered promiscuous mode
[  260.193541][T16437] hsr_slave_1: entered promiscuous mode
[  260.195650][T16437] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  260.198117][T16437] Cannot create hsr debugfs directory
[  260.300025][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  260.300040][   T40] audit: type=1400 audit(256.704:1033): avc:  denied  { getopt } for  pid=16486 comm="syz.0.3007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  260.431947][   T40] audit: type=1400 audit(256.825:1034): avc:  denied  { recv } for  pid=28 comm="ksoftirqd/1" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=51936 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  260.441975][T16499] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3012'.
[  260.445204][T16499] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  260.450108][T16499] IPVS: Unknown mcast interface: pim6reg1
[  260.452969][   T40] audit: type=1400 audit(256.844:1035): avc:  denied  { create } for  pid=16497 comm="syz.3.3012" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  260.462197][   T40] audit: type=1400 audit(256.844:1036): avc:  denied  { ioctl } for  pid=16497 comm="syz.3.3012" path="socket:[71784]" dev="sockfs" ino=71784 ioctlcmd=0x89ee scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  260.476635][   T40] audit: type=1400 audit(256.844:1037): avc:  denied  { read } for  pid=16497 comm="syz.3.3012" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  260.486356][   T40] audit: type=1400 audit(256.844:1038): avc:  denied  { open } for  pid=16497 comm="syz.3.3012" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  260.499783][   T40] audit: type=1400 audit(256.853:1039): avc:  denied  { ioctl } for  pid=16497 comm="syz.3.3012" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  260.510295][   T57] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  260.677666][   T57] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  260.681922][   T57] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  260.686150][   T57] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  260.691035][   T57] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  260.695072][   T57] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.708576][   T57] usbtmc 10-1:16.0: probe with driver usbtmc failed with error -22
[  260.726392][ T5990] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  260.753603][T16509] mac80211_hwsim hwsim30 wlan0: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  260.910088][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.914818][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.919110][ T5990] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  260.922994][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.928822][ T5990] usb 5-1: config 0 descriptor??
[  261.119166][ T1196] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.157867][ T5990] usbhid 5-1:0.0: can't add hid device: -71
[  261.160992][ T5990] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  261.167544][ T5990] usb 5-1: USB disconnect, device number 39
[  261.182485][ T1196] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.244493][ T1196] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.306513][   T40] audit: type=1400 audit(257.639:1040): avc:  denied  { read } for  pid=16488 comm="syz.5.3008" name="msr" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  261.316973][   T40] audit: type=1400 audit(257.639:1041): avc:  denied  { open } for  pid=16488 comm="syz.5.3008" path="/dev/cpu/3/msr" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  261.326901][   T40] audit: type=1400 audit(257.639:1042): avc:  denied  { read } for  pid=16488 comm="syz.5.3008" name="msr" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  261.395555][ T1196] bridge_slave_1: left allmulticast mode
[  261.398072][ T1196] bridge_slave_1: left promiscuous mode
[  261.401011][ T1196] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.408083][ T1196] bridge_slave_0: left allmulticast mode
[  261.411049][ T1196] bridge_slave_0: left promiscuous mode
[  261.413641][ T1196] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.753437][T16525] netlink: 'syz.0.3019': attribute type 1 has an invalid length.
[  261.756161][T16525] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  261.792269][ T1196] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.800519][ T1196] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.806291][ T1196] bond0 (unregistering): Released all slaves
[  261.844861][ T5939] Bluetooth: hci1: command tx timeout
[  261.863333][T16536] netlink: 272 bytes leftover after parsing attributes in process `syz.3.3022'.
[  262.101447][ T5939] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  262.107269][ T5939] Bluetooth: hci4: Injecting HCI hardware error event
[  262.111132][ T5930] Bluetooth: hci4: hardware error 0x00
[  262.178549][T16556] create_pit_timer: 42 callbacks suppressed
[  262.178564][T16556] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  262.196943][T16556] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  262.199947][T16556] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  262.206613][T16556] kvm: requested 29333 ns i8254 timer period limited to 200000 ns
[  262.212928][T16556] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  262.216725][T16556] kvm: requested 12571 ns i8254 timer period limited to 200000 ns
[  262.220612][T16556] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  262.224662][T16556] kvm: requested 93028 ns i8254 timer period limited to 200000 ns
[  262.228256][T16556] kvm: requested 7542 ns i8254 timer period limited to 200000 ns
[  262.232707][T16556] kvm: requested 10057 ns i8254 timer period limited to 200000 ns
[  262.250412][ T1196] hsr_slave_0: left promiscuous mode
[  262.253836][ T1196] hsr_slave_1: left promiscuous mode
[  262.258105][ T1196] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.261423][ T1196] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.267283][ T1196] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.270468][ T1196] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.323778][ T1196] veth1_macvtap: left promiscuous mode
[  262.326357][ T1196] veth0_macvtap: left promiscuous mode
[  262.328753][ T1196] veth1_vlan: left promiscuous mode
[  262.331515][ T1196] veth0_vlan: left promiscuous mode
[  262.338683][T16571] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3030'.
[  263.177684][ T1196] team0 (unregistering): Port device team_slave_1 removed
[  263.288195][ T1196] team0 (unregistering): Port device team_slave_0 removed
[  263.292319][  T218] wlan0: Trigger new scan to find an IBSS to join
[  263.474161][ T1334] usb 10-1: USB disconnect, device number 11
[  263.645913][T16585] SELinux: security_context_str_to_sid (Eá1ké‰0Ý×Bð
[  263.645913][T16585] 7…) failed with errno=-22
[  263.965919][T16591] bridge_slave_0: default FDB implementation only supports local addresses
[  264.073095][ T5939] Bluetooth: hci1: command tx timeout
[  264.097403][T16437] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  264.103592][T16437] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  264.114646][T16437] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  264.119516][T16437] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  264.180607][T16437] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.195487][T16437] 8021q: adding VLAN 0 to HW filter on device team0
[  264.203609][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.206429][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  264.222545][  T218] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.224901][  T218] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.265060][ T1334] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  264.331830][ T5930] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  264.404464][T16437] 8021q: adding VLAN 0 to HW filter on device batadv0
[  264.414678][ T1334] usb 10-1: device descriptor read/64, error -71
[  264.586819][T16437] veth0_vlan: entered promiscuous mode
[  264.594636][T16437] veth1_vlan: entered promiscuous mode
[  264.623330][T16437] veth0_macvtap: entered promiscuous mode
[  264.630425][T16437] veth1_macvtap: entered promiscuous mode
[  264.642540][T16437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.647138][T16437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.652166][T16437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.656437][T16437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.661635][T16437] batman_adv: batadv0: Interface activated: batadv_slave_0
[  264.668406][T16437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.672948][T16437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.677098][T16437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.684815][T16437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.688011][T16437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.691459][T16437] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.694617][ T1334] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  264.697362][T16437] batman_adv: batadv0: Interface activated: batadv_slave_1
[  264.705311][T16437] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.709355][T16437] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.713171][T16437] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.717532][T16437] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.748685][ T5990] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  264.765460][ T1196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.770112][ T1196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.795678][ T1196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.798917][ T1196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.831651][ T1334] usb 10-1: device descriptor read/64, error -71
[  264.919467][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.923921][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.928443][ T5990] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  264.933697][ T5990] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  264.937407][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.944155][ T5990] usb 5-1: config 0 descriptor??
[  264.960844][ T1334] usb usb10-port1: attempt power cycle
[  265.346654][ T1334] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  265.366951][ T1334] usb 10-1: device descriptor read/8, error -71
[  265.381558][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.383943][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.386268][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.389033][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.391423][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.393826][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.396182][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.398809][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.401155][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.403463][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.405768][ T5990] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  265.408474][ T5990] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  265.412622][ T5990] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  265.593136][T16640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.596344][T16640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.600447][  T835] usb 5-1: USB disconnect, device number 40
[  265.622867][ T1334] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  265.644405][ T1334] usb 10-1: device descriptor read/8, error -71
[  265.761706][ T1334] usb usb10-port1: unable to enumerate USB device
[  266.334375][T16654] cgroup: subsys name conflicts with all
[  266.461579][ T1140] wlan0: Trigger new scan to find an IBSS to join
[  266.469301][T16660] ------------[ cut here ]------------
[  266.472009][T16660] WARNING: CPU: 2 PID: 16660 at arch/x86/kvm/../../../virt/kvm/pfncache.c:267 __kvm_gpc_refresh+0x1933/0x2820
[  266.475685][T16660] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  266.477526][T16660] CPU: 2 UID: 0 PID: 16660 Comm: syz.0.3049 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full) 
[  266.483522][T16660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.486936][T16660] RIP: 0010:__kvm_gpc_refresh+0x1933/0x2820
[  266.489045][T16660] Code: c1 ea 03 80 3c 02 00 0f 85 15 0e 00 00 48 89 9d 08 01 00 00 48 8b 3c 24 31 db e8 98 d6 36 0a e9 5d f5 ff ff e8 ae 95 82 00 90 <0f> 0b 90 e9 4a f5 ff ff e8 a0 95 82 00 e8 3b 29 34 0a 31 ff 89 c3
[  266.495188][T16660] RSP: 0018:ffffc9000457f280 EFLAGS: 00010287
[  266.497161][T16660] RAX: 0000000000000724 RBX: ffffffffffffffff RCX: ffffc90027783000
[  266.499860][T16660] RDX: 0000000000080000 RSI: ffffffff81389d42 RDI: 0000000000000000
[  266.502369][T16660] RBP: ffffc90003b223c0 R08: 0000000000000000 R09: 0000000000000001
[  266.504951][T16660] R10: 0000000000000001 R11: 0000000000000000 R12: dffffc0000000000
[  266.507509][T16660] R13: ffff888000000000 R14: ffff888000000001 R15: ffff887fffffff01
[  266.510180][T16660] FS:  00007f09573f66c0(0000) GS:ffff8880d6be1000(0000) knlGS:0000000000000000
[  266.513099][T16660] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  266.515248][T16660] CR2: 000000110c3d4c72 CR3: 0000000050c4b000 CR4: 0000000000352ef0
[  266.517827][T16660] DR0: 0000000000000000 DR1: 000000000000000b DR2: 0000000000000000
[  266.520555][T16660] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  266.523236][T16660] Call Trace:
[  266.524344][T16660]  <TASK>
[  266.525345][T16660]  ? __mutex_lock+0x1ca/0xb90
[  266.526914][T16660]  ? kvm_gpc_refresh+0x25/0x140
[  266.528489][T16660]  ? __pfx___kvm_gpc_refresh+0x10/0x10
[  266.530253][T16660]  kvm_gpc_refresh+0xc3/0x140
[  266.531999][T16660]  kvm_xen_set_evtchn.part.0+0x19c/0x270
[  266.533878][T16660]  ? kvm_xen_set_evtchn.part.0+0x187/0x270
[  266.535942][T16660]  kvm_xen_hvm_evtchn_send+0x22f/0x290
[  266.537812][T16660]  ? __pfx_kvm_xen_hvm_evtchn_send+0x10/0x10
[  266.539825][T16660]  kvm_arch_vm_ioctl+0x112e/0x1cf0
[  266.541560][T16660]  ? __lock_acquire+0xaa4/0x1ba0
[  266.543269][T16660]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  266.545034][T16660]  ? __lock_acquire+0x5ca/0x1ba0
[  266.547098][T16660]  ? __lock_acquire+0x5ca/0x1ba0
[  266.548780][T16660]  ? __lock_acquire+0x5ca/0x1ba0
[  266.550675][T16660]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  266.552757][T16660]  ? is_bpf_text_address+0x94/0x1a0
[  266.554648][T16660]  ? kernel_text_address+0x8d/0x100
[  266.556514][T16660]  ? __kernel_text_address+0xd/0x40
[  266.558388][T16660]  ? unwind_get_return_address+0x59/0xa0
[  266.560358][T16660]  ? arch_stack_walk+0xa6/0x100
[  266.562190][T16660]  ? stack_trace_save+0x8e/0xc0
[  266.563898][T16660]  ? __pfx_stack_trace_save+0x10/0x10
[  266.565873][T16660]  ? stack_depot_save_flags+0x28/0xa50
[  266.567853][T16660]  ? __lock_acquire+0xaa4/0x1ba0
[  266.569455][T16660]  ? kasan_save_stack+0x42/0x60
[  266.571029][T16660]  ? kasan_save_stack+0x33/0x60
[  266.572889][T16660]  ? kasan_save_track+0x14/0x30
[  266.574702][T16660]  ? kasan_save_free_info+0x3b/0x60
[  266.576412][T16660]  ? __kasan_slab_free+0x51/0x70
[  266.578226][T16660]  ? kfree+0x2b6/0x4d0
[  266.579729][T16660]  ? tomoyo_path_number_perm+0x470/0x580
[  266.581870][T16660]  ? security_file_ioctl+0x9b/0x240
[  266.583603][T16660]  ? __x64_sys_ioctl+0xb7/0x200
[  266.585387][T16660]  ? do_syscall_64+0xcd/0x260
[  266.587191][T16660]  kvm_vm_ioctl+0x1985/0x3d40
[  266.588849][T16660]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  266.590615][T16660]  ? kasan_quarantine_put+0x10a/0x240
[  266.592676][T16660]  ? lockdep_hardirqs_on+0x7c/0x110
[  266.594807][T16660]  ? find_held_lock+0x2b/0x80
[  266.596942][T16660]  ? tomoyo_path_number_perm+0x295/0x580
[  266.598992][T16660]  ? tomoyo_path_number_perm+0x18d/0x580
[  266.600796][T16660]  ? do_raw_spin_unlock+0x84/0x230
[  266.602508][T16660]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  266.604492][T16660]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  266.606957][T16660]  ? do_vfs_ioctl+0x512/0x1990
[  266.608608][T16660]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  266.610319][T16660]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  266.612526][T16660]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  266.614809][T16660]  ? hook_file_ioctl_common+0x145/0x410
[  266.616764][T16660]  ? selinux_file_ioctl+0x180/0x270
[  266.618696][T16660]  ? selinux_file_ioctl+0xb4/0x270
[  266.620386][T16660]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  266.622048][T16660]  __x64_sys_ioctl+0x190/0x200
[  266.623716][T16660]  do_syscall_64+0xcd/0x260
[  266.625207][T16660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.627190][T16660] RIP: 0033:0x7f095958e969
[  266.628801][T16660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.634876][T16660] RSP: 002b:00007f09573f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  266.637983][T16660] RAX: ffffffffffffffda RBX: 00007f09597b5fa0 RCX: 00007f095958e969
[  266.640760][T16660] RDX: 0000200000000180 RSI: 00000000400caed0 RDI: 0000000000000002
[  266.643359][T16660] RBP: 00007f0959610ab1 R08: 0000000000000000 R09: 0000000000000000
[  266.645900][T16660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  266.648430][T16660] R13: 0000000000000000 R14: 00007f09597b5fa0 R15: 00007ffc6aaee438
[  266.651036][T16660]  </TASK>
[  266.652048][T16660] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  266.654382][T16660] CPU: 2 UID: 0 PID: 16660 Comm: syz.0.3049 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full) 
[  266.658301][T16660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.661747][T16660] Call Trace:
[  266.662882][T16660]  <TASK>
[  266.663838][T16660]  dump_stack_lvl+0x3d/0x1f0
[  266.665344][T16660]  panic+0x71c/0x800
[  266.666622][T16660]  ? __pfx_panic+0x10/0x10
[  266.668116][T16660]  ? show_trace_log_lvl+0x29b/0x3e0
[  266.669814][T16660]  ? __kvm_gpc_refresh+0x1933/0x2820
[  266.671495][T16660]  check_panic_on_warn+0xab/0xb0
[  266.673135][T16660]  __warn+0xf6/0x3c0
[  266.674414][T16660]  ? __kvm_gpc_refresh+0x1933/0x2820
[  266.676111][T16660]  report_bug+0x3c3/0x580
[  266.677562][T16660]  ? __kvm_gpc_refresh+0x1933/0x2820
[  266.679246][T16660]  handle_bug+0x184/0x210
[  266.680626][T16660]  exc_invalid_op+0x17/0x50
[  266.682159][T16660]  asm_exc_invalid_op+0x1a/0x20
[  266.683781][T16660] RIP: 0010:__kvm_gpc_refresh+0x1933/0x2820
[  266.685741][T16660] Code: c1 ea 03 80 3c 02 00 0f 85 15 0e 00 00 48 89 9d 08 01 00 00 48 8b 3c 24 31 db e8 98 d6 36 0a e9 5d f5 ff ff e8 ae 95 82 00 90 <0f> 0b 90 e9 4a f5 ff ff e8 a0 95 82 00 e8 3b 29 34 0a 31 ff 89 c3
[  266.692044][T16660] RSP: 0018:ffffc9000457f280 EFLAGS: 00010287
[  266.694054][T16660] RAX: 0000000000000724 RBX: ffffffffffffffff RCX: ffffc90027783000
[  266.697119][T16660] RDX: 0000000000080000 RSI: ffffffff81389d42 RDI: 0000000000000000
[  266.699543][T16660] RBP: ffffc90003b223c0 R08: 0000000000000000 R09: 0000000000000001
[  266.702045][T16660] R10: 0000000000000001 R11: 0000000000000000 R12: dffffc0000000000
[  266.704575][T16660] R13: ffff888000000000 R14: ffff888000000001 R15: ffff887fffffff01
[  266.707150][T16660]  ? __kvm_gpc_refresh+0x1932/0x2820
[  266.708942][T16660]  ? __mutex_lock+0x1ca/0xb90
[  266.710451][T16660]  ? kvm_gpc_refresh+0x25/0x140
[  266.711963][T16660]  ? __pfx___kvm_gpc_refresh+0x10/0x10
[  266.714185][T16660]  kvm_gpc_refresh+0xc3/0x140
[  266.716247][T16660]  kvm_xen_set_evtchn.part.0+0x19c/0x270
[  266.718705][T16660]  ? kvm_xen_set_evtchn.part.0+0x187/0x270
[  266.721226][T16660]  kvm_xen_hvm_evtchn_send+0x22f/0x290
[  266.723605][T16660]  ? __pfx_kvm_xen_hvm_evtchn_send+0x10/0x10
[  266.726181][T16660]  kvm_arch_vm_ioctl+0x112e/0x1cf0
[  266.728562][T16660]  ? __lock_acquire+0xaa4/0x1ba0
[  266.730711][T16660]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  266.733075][T16660]  ? __lock_acquire+0x5ca/0x1ba0
[  266.735174][T16660]  ? __lock_acquire+0x5ca/0x1ba0
[  266.737332][T16660]  ? __lock_acquire+0x5ca/0x1ba0
[  266.739479][T16660]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  266.742132][T16660]  ? is_bpf_text_address+0x94/0x1a0
[  266.744351][T16660]  ? kernel_text_address+0x8d/0x100
[  266.746559][T16660]  ? __kernel_text_address+0xd/0x40
[  266.748778][T16660]  ? unwind_get_return_address+0x59/0xa0
[  266.751158][T16660]  ? arch_stack_walk+0xa6/0x100
[  266.753107][T16660]  ? stack_trace_save+0x8e/0xc0
[  266.754681][T16660]  ? __pfx_stack_trace_save+0x10/0x10
[  266.756471][T16660]  ? stack_depot_save_flags+0x28/0xa50
[  266.758619][T16660]  ? __lock_acquire+0xaa4/0x1ba0
[  266.760822][T16660]  ? kasan_save_stack+0x42/0x60
[  266.762979][T16660]  ? kasan_save_stack+0x33/0x60
[  266.765122][T16660]  ? kasan_save_track+0x14/0x30
[  266.767264][T16660]  ? kasan_save_free_info+0x3b/0x60
[  266.769572][T16660]  ? __kasan_slab_free+0x51/0x70
[  266.771711][T16660]  ? kfree+0x2b6/0x4d0
[  266.773482][T16660]  ? tomoyo_path_number_perm+0x470/0x580
[  266.775939][T16660]  ? security_file_ioctl+0x9b/0x240
[  266.778232][T16660]  ? __x64_sys_ioctl+0xb7/0x200
[  266.780360][T16660]  ? do_syscall_64+0xcd/0x260
[  266.782206][T16660]  kvm_vm_ioctl+0x1985/0x3d40
[  266.783700][T16660]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  266.785385][T16660]  ? kasan_quarantine_put+0x10a/0x240
[  266.787147][T16660]  ? lockdep_hardirqs_on+0x7c/0x110
[  266.788990][T16660]  ? find_held_lock+0x2b/0x80
[  266.790513][T16660]  ? tomoyo_path_number_perm+0x295/0x580
[  266.792290][T16660]  ? tomoyo_path_number_perm+0x18d/0x580
[  266.794042][T16660]  ? do_raw_spin_unlock+0x84/0x230
[  266.795689][T16660]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  266.797746][T16660]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  266.799675][T16660]  ? do_vfs_ioctl+0x512/0x1990
[  266.801271][T16660]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  266.802900][T16660]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  266.805061][T16660]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  266.807282][T16660]  ? hook_file_ioctl_common+0x145/0x410
[  266.809060][T16660]  ? selinux_file_ioctl+0x180/0x270
[  266.810752][T16660]  ? selinux_file_ioctl+0xb4/0x270
[  266.812422][T16660]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  266.814074][T16660]  __x64_sys_ioctl+0x190/0x200
[  266.815652][T16660]  do_syscall_64+0xcd/0x260
[  266.817136][T16660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.819080][T16660] RIP: 0033:0x7f095958e969
[  266.820516][T16660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.826703][T16660] RSP: 002b:00007f09573f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  266.829377][T16660] RAX: ffffffffffffffda RBX: 00007f09597b5fa0 RCX: 00007f095958e969
[  266.831930][T16660] RDX: 0000200000000180 RSI: 00000000400caed0 RDI: 0000000000000002
[  266.834523][T16660] RBP: 00007f0959610ab1 R08: 0000000000000000 R09: 0000000000000000
[  266.837103][T16660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  266.839681][T16660] R13: 0000000000000000 R14: 00007f09597b5fa0 R15: 00007ffc6aaee438
[  266.842677][T16660]  </TASK>
[  266.844748][T16660] Kernel Offset: disabled
[  266.846233][T16660] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:15:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000001 RBX=0000000000000001 RCX=ffffffff822c2903 RDX=ffff88802bdc4880
RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc9000346f768
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffff88801e4641e0 R13=0000000000000001 R14=0000000000000001 R15=0000000000001406
RIP=ffffffff81bb2c88 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69e1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f19c72e7d60 CR3=0000000023630000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000b DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19c67836a3 00007f19c67836a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe156a5010 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555801830db 0000555580182830
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555801834fb 0000555580183140
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000ae00300786d74 702f7665642f01ff ffffffffffffffeb 080980030980040a
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100002d0ee08 0001000000080606 0126ea408010000d 80040a8004028004
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000e08060a01 05840010000da003 002f01ffffffffff fffffffb080c8003
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c80040d90030078 6d74702f7665642f 01ffffffffffffff ffeb080b80030b80
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 040d80030010000a e00300786d74702f 7665642f01ffffff ffffffffffeb0809
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000002cfba7 RBX=0000000000000001 RCX=ffffffff8b6cd419 RDX=0000000000000000
RSI=ffffffff8dbe17c7 RDI=ffffffff8bf48320 RBP=ffffed1003ad0488 RSP=ffffc90000177df8
R8 =0000000000000001 R9 =ffffed100d4a65bd R10=ffff88806a532deb R11=0000000000000000
R12=0000000000000001 R13=ffff88801d682440 R14=ffffffff9084ee10 R15=0000000000000000
RIP=ffffffff8b6cbcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ae1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffe43a74bec CR3=0000000029fab000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0272034098ef5eab 1fa71a23f635fd28 0272034098ef5eab 1fa71a23f635fd28 0272034098ef5eab 1fa71a23f635fd28 0272034098ef5eab 1fa71a23f635fd28
ZMM18=671f5f4983b90e0e 5499781333a9c2cf 671f5f4983b90e0e 5499781333a9c2cf 671f5f4983b90e0e 5499781333a9c2cf 671f5f4983b90e0e 5499781333a9c2cf
ZMM19=9510000000000000 0000000000000005 9510000000000000 0000000000000004 9510000000000000 0000000000000003 9510000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0407 a003018004079003 0fffffffffffff04 0780030010000210
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00028004060273e6 0002000700236472 61632f6972642f76 65642f01ffffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffe1080280 0300100002100002 8004060073e60023 647261632f697264
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c08018003018004 0280030280042003 1ffffffc84080010 030fffffffffffff
ZMM25=035d1e76035d1e76 035d1e76035d1e76 035d1e76035d1e76 035d1e76035d1e76 035d1e76035d1e76 035d1e76035d1e76 035d1e76035d1e76 035d1e76035d1e76
ZMM26=d79a8ed3d79a8ed3 d79a8ed3d79a8ed3 d79a8ed3d79a8ed3 d79a8ed3d79a8ed3 d79a8ed3d79a8ed3 d79a8ed3d79a8ed3 d79a8ed3d79a8ed3 d79a8ed3d79a8ed3
ZMM27=17a3046917a30469 17a3046917a30469 17a3046917a30469 17a3046917a30469 17a3046917a30469 17a3046917a30469 17a3046917a30469 17a3046917a30469
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=6a0d00006a0d0000 6a0d00006a0d0000 6a0d00006a0d0000 6a0d00006a0d0000 6a0d00006a0d0000 6a0d00006a0d0000 6a0d00006a0d0000 6a0d00006a0d0000
info registers vcpu 2

CPU#2
RAX=0000000000000073 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854f50f5 RDI=ffffffff9adf74e0 RBP=ffffffff9adf74a0 RSP=ffffc9000457ebf0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000073 R14=ffffffff9adf74a0 R15=ffffffff854f5090
RIP=ffffffff854f511f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f09573f66c0 ffffffff 00c00000
GS =0000 ffff8880d6be1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3d4c72 CR3=0000000050c4b000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000b DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959611a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959611a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959611a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959611aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959611b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959611c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959783488 00007f0959783480 00007f0959783478 00007f0959783450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f095a2ed100 00007f0959783440 00007f0959783458 00007f09597834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0959783498 00007f0959783490 00007f0959783488 00007f0959783480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000022c80f RBX=0000000000000003 RCX=ffffffff8b6cd419 RDX=0000000000000000
RSI=ffffffff8dbe17c7 RDI=ffffffff8bf48320 RBP=ffffed1003bd3000 RSP=ffffc90000197df8
R8 =0000000000000001 R9 =ffffed100d4e65bd R10=ffff88806a732deb R11=0000000000000000
R12=0000000000000003 R13=ffff88801de98000 R14=ffffffff9084ee10 R15=0000000000000000
RIP=ffffffff8b6cbcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ce1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f09573f5f98 CR3=0000000054870000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc463df7d0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f629ea11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f629ea11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f629ea11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f629ea11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f629ea11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f629ea11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000