last executing test programs:

5m27.040353786s ago: executing program 1 (id=548):
r0 = socket$kcm(0x10, 0x2, 0x4)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x8000)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030fff000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x0) (fail_nth: 9)

5m27.040254333s ago: executing program 1 (id=549):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000c4e129f9977265b56b0f784228663ef24c0f2da80f800000b8010000000f01d9c4033921820f47a753fd", 0x52}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m26.81018749s ago: executing program 1 (id=555):
accept(0xffffffffffffffff, &(0x7f00000000c0)=@tipc, &(0x7f0000000040)=0x80)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="4000000010000104000000000300000000000000", @ANYRES32=0x0, @ANYBLOB="10c00000000000001800128008000100677470000c00028008000100", @ANYRES32=r1, @ANYBLOB="080003"], 0x40}}, 0x0)

5m26.809921198s ago: executing program 1 (id=557):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

5m26.757764499s ago: executing program 1 (id=560):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020022003505d25a806f8c6394f90224fc60041411000a7403004714000037153e370248018000f01700", 0x2c}], 0x1}, 0x0)

5m26.480275805s ago: executing program 1 (id=563):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7fffffffc0000001, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0xa, 0x1, 0x0, "6040a7190200002000004f597cdc90d22b6000000006ff00", 0x38415262})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x22102, 0x0)
read$dsp(r2, &(0x7f00000000c0)=""/69, 0x45)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
write$evdev(r3, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x71)
ioctl$EVIOCGKEY(r3, 0x80404518, &(0x7f0000000300)=""/50)
r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f00000004c0)="fc44a32c", 0x4, 0x20044880, &(0x7f0000000340)={0x11, 0x8100, r7, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000080)={0x20, 0x1405, 0x621, 0x0, 0x0, "", [{{0x8, 0x1, 0x1}, {0x8, 0x3, 0x2}}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20040082)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x44, 0x8003, 0x0})
listen(r1, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f00000000c0)={0x4, 0x2, 0x26, 0x40})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(r1, 0x0, 0x0, 0x0)

5m26.44872533s ago: executing program 32 (id=563):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7fffffffc0000001, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0xa, 0x1, 0x0, "6040a7190200002000004f597cdc90d22b6000000006ff00", 0x38415262})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x22102, 0x0)
read$dsp(r2, &(0x7f00000000c0)=""/69, 0x45)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
write$evdev(r3, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x71)
ioctl$EVIOCGKEY(r3, 0x80404518, &(0x7f0000000300)=""/50)
r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f00000004c0)="fc44a32c", 0x4, 0x20044880, &(0x7f0000000340)={0x11, 0x8100, r7, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000080)={0x20, 0x1405, 0x621, 0x0, 0x0, "", [{{0x8, 0x1, 0x1}, {0x8, 0x3, 0x2}}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20040082)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x44, 0x8003, 0x0})
listen(r1, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f00000000c0)={0x4, 0x2, 0x26, 0x40})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(r1, 0x0, 0x0, 0x0)

47.714441743s ago: executing program 3 (id=4262):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a00fe"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000240)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r3, 0xc01464a6, &(0x7f00000002c0)={0x0, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000480)={r4, 0x5, &(0x7f0000000300)=[0x8841, 0x2, 0x3, 0xf4, 0xfffb], &(0x7f0000000340)=[0x0, 0x1, 0x8, 0x4, 0x2], &(0x7f0000000380)=[0xf, 0xa58]})
preadv(r3, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x48051)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xf}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000700000024000180060005004e2300000600010002000000080003"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000100)=0xa, 0x4)

45.468662773s ago: executing program 2 (id=4811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x121000, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
r5 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000080))
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f00000010c0)={0x0, 0x7, 0x8, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$kcm(r8, 0x0, 0x0)

39.51274446s ago: executing program 3 (id=4262):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a00fe"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000240)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r3, 0xc01464a6, &(0x7f00000002c0)={0x0, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000480)={r4, 0x5, &(0x7f0000000300)=[0x8841, 0x2, 0x3, 0xf4, 0xfffb], &(0x7f0000000340)=[0x0, 0x1, 0x8, 0x4, 0x2], &(0x7f0000000380)=[0xf, 0xa58]})
preadv(r3, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x48051)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xf}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000700000024000180060005004e2300000600010002000000080003"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000100)=0xa, 0x4)

37.159898183s ago: executing program 2 (id=4811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x121000, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
r5 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000080))
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f00000010c0)={0x0, 0x7, 0x8, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$kcm(r8, 0x0, 0x0)

30.897010728s ago: executing program 3 (id=4262):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a00fe"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000240)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r3, 0xc01464a6, &(0x7f00000002c0)={0x0, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000480)={r4, 0x5, &(0x7f0000000300)=[0x8841, 0x2, 0x3, 0xf4, 0xfffb], &(0x7f0000000340)=[0x0, 0x1, 0x8, 0x4, 0x2], &(0x7f0000000380)=[0xf, 0xa58]})
preadv(r3, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x48051)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xf}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000700000024000180060005004e2300000600010002000000080003"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000100)=0xa, 0x4)

28.929172279s ago: executing program 2 (id=4811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x121000, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
r5 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000080))
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f00000010c0)={0x0, 0x7, 0x8, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$kcm(r8, 0x0, 0x0)

22.514109572s ago: executing program 3 (id=4262):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a00fe"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000240)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r3, 0xc01464a6, &(0x7f00000002c0)={0x0, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000480)={r4, 0x5, &(0x7f0000000300)=[0x8841, 0x2, 0x3, 0xf4, 0xfffb], &(0x7f0000000340)=[0x0, 0x1, 0x8, 0x4, 0x2], &(0x7f0000000380)=[0xf, 0xa58]})
preadv(r3, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x48051)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xf}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000700000024000180060005004e2300000600010002000000080003"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000100)=0xa, 0x4)

20.003648107s ago: executing program 2 (id=4811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x121000, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
r5 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000080))
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f00000010c0)={0x0, 0x7, 0x8, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$kcm(r8, 0x0, 0x0)

14.005844023s ago: executing program 3 (id=4262):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a00fe"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000240)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r3, 0xc01464a6, &(0x7f00000002c0)={0x0, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000480)={r4, 0x5, &(0x7f0000000300)=[0x8841, 0x2, 0x3, 0xf4, 0xfffb], &(0x7f0000000340)=[0x0, 0x1, 0x8, 0x4, 0x2], &(0x7f0000000380)=[0xf, 0xa58]})
preadv(r3, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x48051)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xf}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000700000024000180060005004e2300000600010002000000080003"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000100)=0xa, 0x4)

11.395047801s ago: executing program 2 (id=4811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x121000, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
r5 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000080))
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f00000010c0)={0x0, 0x7, 0x8, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$kcm(r8, 0x0, 0x0)

5.451657915s ago: executing program 3 (id=4262):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a00fe"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000240)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r3, 0xc01464a6, &(0x7f00000002c0)={0x0, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000480)={r4, 0x5, &(0x7f0000000300)=[0x8841, 0x2, 0x3, 0xf4, 0xfffb], &(0x7f0000000340)=[0x0, 0x1, 0x8, 0x4, 0x2], &(0x7f0000000380)=[0xf, 0xa58]})
preadv(r3, &(0x7f0000000740)=[{0x0, 0xfdc5}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x7fff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r5, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x48051)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xf}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000700000024000180060005004e2300000600010002000000080003"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000100)=0xa, 0x4)

2.728682062s ago: executing program 2 (id=4811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$kvm(0x0, &(0x7f00000001c0), 0x121000, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
r5 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r5}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0xc048aeca, &(0x7f0000000080))
r8 = socket$kcm(0x10, 0x2, 0x0)
r9 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f00000010c0)={0x0, 0x7, 0x8, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}})
sendmsg$kcm(r8, 0x0, 0x0)

546.076324ms ago: executing program 0 (id=5702):
syz_open_dev$tty1(0xc, 0x4, 0x1)
accept4$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs, &(0x7f0000000000)=0x6e, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="040f04000001042af6934d77f5080a56431141485de9babf8221599f331b80635461b73462c966d41c3c247919"], 0x7)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_stack_internal={{0xfd, 0x2}, {0x40}}}, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x2, 0x80000000, 0x7f, 0x20080, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x1}, 0x50)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001e0001000000000000000000fdff"], 0x1c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000200)={'ip6gre0\x00', 0x0, 0x0, 0x6, 0x6, 0x6, 0x69, @private2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8000, 0xc597, 0x5}})
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000000, 0x13, 0xffffffffffffffff, 0xcd920000)
eventfd2(0x200, 0x800)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x28, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x600, &(0x7f0000000840)=[{&(0x7f0000000080)="2e00000310008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000002c0)={'vcan0\x00'})
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000300)=ANY=[@ANYBLOB="940000009cc79c7fba86e5ea42f57d2cfe1354059906b3b5b328934c6ace2cfed7b9677b5d501978bbb6aadb09a4f9e9d3a807f9f482feef74167b53b3a588532432158d4a87b4006d203407bba1a38c8c740fe72a098b7da3bb4dc8572a854796afc4ec4c9ba78b1d07b1c751b087e8cbcb9f4d37e7b968f5825cf9495a25cc2958c1d93a"])
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0xe8, 0x5, 0x9, 0x8, 0xe, 0x4, 0x8]}}]}]}]}, 0x38}}, 0x0)

545.763263ms ago: executing program 0 (id=5703):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/cgroup', 0x0, 0x0)
lseek(r1, 0x600000000000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0x100, 0x4000, 0x1, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x4}, {0xfff1, 0x6}, {0x5, 0x8}}}, 0x24}}, 0xd0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000)={0x0, 0x3}, 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffa0}, 0x48)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}, 0x1, 0x0, 0x0, 0x20040800}, 0x788f1701d35d6236)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
open(&(0x7f0000000100)='./file0\x00', 0x200, 0x100)
r3 = syz_open_pts(r0, 0x408182)
r4 = dup3(r3, r0, 0x0)
write$selinux_load(r4, 0x0, 0x0)

482.247507ms ago: executing program 4 (id=5704):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000001580), 0x138a09f12d160b2d, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)=0x401)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="ad56b6c5820fae9d6dcd3292ea54c7be", 0x10)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000001c0), 0x12)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$pmem0(0xffffff9c, &(0x7f00000000c0), 0x165101, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0x333, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x439, 0xc3, 0x0, {0x0, 0x0, 0x0, r5, 0x121}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x15}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

481.108134ms ago: executing program 0 (id=5705):
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000003c0)={0x0, 0x5, 0x1000, 0x476, 0x4000000000000000, 0xfffffffffffffffc, 0x3, 0x0, 0x81})

473.905557ms ago: executing program 0 (id=5706):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f00000000c0)=0x4e, 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000e1"])
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='qnx4\x00', 0x8, &(0x7f0000000080)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4, 0x2, 0x0, 0x0}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f0000000240), &(0x7f0000000300)=0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x4, "eb9c22c2"}, &(0x7f00000001c0)=0x2c)
r6 = creat(&(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80)
setsockopt$inet6_tcp_int(r5, 0x6, 0x10, &(0x7f0000000100)=0x9f8, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x8031, 0xffffffffffffffff, 0x0)
r7 = socket(0x1d, 0x80000, 0x6)
r8 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r8, 0x40084149, &(0x7f0000000000)=0xd)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x6a, 0x2, 0x0, &(0x7f00000000c0)=0xfffffffffffffd27)
bind$unix(r5, &(0x7f0000000000)=@file={0x0, './file1/file0\x00'}, 0x6e)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x38, 0x18, 0x10, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8, 0x1, 0x8}}}}]}, 0x38}}, 0x0)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="f80000003e000701feffffff00000000017c0000040042800c00018006000600800a0000d1000280cb0014"], 0xf8}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
ioctl$SNDCTL_TMR_SOURCE(r6, 0xc0045406)
ftruncate(r5, 0x8)
quotactl_fd$Q_SETQUOTA(r5, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0x4, 0xfff, 0x476, 0x4000000000000000, 0xfffffffffffffffc, 0x8000400000000003, 0x0, 0x2})

333.049999ms ago: executing program 4 (id=5707):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xff00, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0xfffffffc, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

225.590202ms ago: executing program 0 (id=5708):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000200)={'ip6gre0\x00', <r3=>0x0, 0x0, 0x6, 0x6, 0x6, 0x69, @private2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8000, 0xc597, 0x5}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRESDEC=0x0, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYRESDEC=r3], 0x28}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x48, r1, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TX_RATES={0x2c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x28, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x21, 0x1, [0x4, 0x6, 0x6, 0x60, 0x18, 0x3, 0x9, 0x36, 0x1, 0x30, 0x24, 0xc, 0x1, 0x60, 0x36, 0x3, 0x4, 0x3, 0x16, 0x60, 0x9, 0x18, 0x30, 0x16, 0xc, 0x24, 0x7, 0x9, 0x5]}]}]}]}, 0x48}}, 0x4000000)

225.453077ms ago: executing program 4 (id=5709):
r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
read(r0, &(0x7f0000000080)=""/116, 0xfffffeb2)
read(r0, &(0x7f0000000280)=""/96, 0x60)
add_key$keyring(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000440), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000140)={0x9, 0x4, 0x80, {0x3, 0x10}, 0x4, 0x7})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x5, 0xfff, 0x0, 'queue1\x00', 0x7})
write$sndseq(r1, &(0x7f0000000040)=[{0x84, 0x77, 0xff, 0x0, @tick, {}, {}, @raw32}, {0x74, 0x6, 0x6, 0x90, @tick=0x2, {0xfe, 0x8}, {0x4, 0x6}, @note={0x8, 0xb, 0x0, 0x2, 0x688cdb1e}}], 0x38)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f00000000c0)={0x2, @tick=0x8001, 0x7, {0x3, 0xbb}, 0x3d, 0x2, 0x9})

225.112824ms ago: executing program 0 (id=5710):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}, 0x1, 0xf000000}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

225.003296ms ago: executing program 4 (id=5711):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x1f, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xe, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

406.794µs ago: executing program 4 (id=5712):
syz_emit_ethernet(0x107, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x0, 0xf9, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @local}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x9b, 0x0, [], "49e0b317aced569b62b4bcc85d7091fb3ed335dc5c0fe9bd37ce5edda98fdceb8b83bb34615d3cc0cde9f8e39cc57aab2b6ecfaf3356159d0004733ea68b108eff7b8832c1a762345b6a1c083433c0b5c0a1e8d07e51d78273982839a84980b2474f06ac1030adba7323848d6f6a23d0fe7d88cc1aec268264c938c6ac83489f77523d3dfb2a9ea76c58093278d7d0b75f73b12ba8217f37cd86fc"}, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x800, [0xc9]}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x7, 0x81]}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x1, {0x7f}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x1}}}}}}}}, 0x0)

0s ago: executing program 4 (id=5713):
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x48, 0x0, 0x10, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x100}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40081c4}, 0x44000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008"], 0x48}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001800ef0100000000000000000a000000fc00000000000000a7000500de000000000000000a00000000000002"], 0x30}, 0x1, 0x11}, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e37bcdba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007f13a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff1ae0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a0064341697e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a202a991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000002480), 0xce4, r2}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r2, 0x0, 0x100000000000000}, 0x38)
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='net/netfilter\x00')
getdents64(r3, &(0x7f0000000240)=""/44, 0x7a)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000003500)={&(0x7f00000023c0)="cdbf604e26f46ff849f6ed491371e4956b9fff852ec8dc0f909d227228bbfe12b2a9200fe9c682431135c4e18e52b6d7f95ff999b5269cc24f81d48d538e1818d5d1a6ee843c445f2272a28c90ead9fb80fbed10b4fec9a282e8409a793db082ef74d00e332df143c79397940122d8c23c47b4d5e9160a12957afd4c9627aa8b0d4dd3ee62d787781a9db5d691b01cffe5", &(0x7f0000000380)=""/12, &(0x7f0000002480)="e92850de7bc28da0b556580c009b107b9521824960160d6f1218b573d3033dc2691480a06c1f1d8b2b5a4b54c67c635d99faa7b8bb58d09d5fb9869d1dc1569f125d8f0574e25aba372a7f37c40428fe6d495c651aede832f6a2e53356e8ba0787d64dd4104e6e02d9f3a738f256af4bd83f0f39e78e9288c10704111dc46aebda4bc5d513e08e3c90d0685b27b51a74923453b21d6deefa179a2e5bb186c53d7ffb86ef3bb9ff81dd64b2b1a970d09eb4640e6801c4b4799b2ebcd904a44bfaebe30f7389dc87af98c4ddbbd3ce8e01ebd0fdf8e49126f5b1a5ef4d4ba8f914f111e7d862394e7fa002810950087c601e4a2906f5936a148f0c0a40549214cabfe24eddc94864bad077cfd0ab821da81bd0dddd37822c142e651a88b5e072450579b2446585145a9f82a9cc5f7cdd480dc44d53d2d745a0cb0ead51403ab703e6ea89adf3583eae85c86eb3b13c9184db2eea7c870f0d86d9d92681ac21f9d6b446d7e16bcd098deae9fb7cfe64ae741a6b002acc914502ecb95f18c01949b49fafa17f55cad6f2d06da49f4a2ebd27bb3748d8a216239b0538300e99e1f49e9b8a6c20d34f44994c4242393806b24a8511fa5093e9117e877b0e04830410081f306ef2bd91ef46465b8e0b00f9134343e1d15887fbc01c1b38c463e99caa9d9188f36f20a08f39a75bc5ff36112a3c2626d6c867b4ef2578fffc1bbf76a43eaf9f1eb75984ab82e960b3f9c591d674ec3185da6eb422603acb65df85aa4bc02a041077567432af04a23528bce3d2b50d98114745875ed797e6377fb67686efde88c19aeaf982d0ae19e19cb417c1301d849f603fa4753d93115a7b69ddc07bad2c0c653e14afc2dc32e5271dbc9c8ff7379038f8783c1ca69f5dce803c2618899a0b6c4ae91d715c370d26952376e2af47685dd8266736ab570ac161a1ced0854b3cbdbbfdd15bc68470f512c2e062e7f8ef870ebb813a3c31759921f20d3921d2e60b9e02ebea712fb3015b3250e8472e6955805019b04d4b6cabd06be4ee8f08b7e539153751ed8393eb1804113dd2e53b10dd0f9ba7d4d6b77785fc4ea938ac1612816635cc8a2bb1a58b8f1558a3be081f7b0efd47b1a63ab89d108bc158fba50fb6f563ba24178638ad13ab369127fcf5097d69e354f4ef80d0b5f8c3c7f47173809307fed918f0878732d6a439078eb72d550d11ddb859362ec9e180136b6269a8a45e45b562e206fd8685dc4b8a0943e86b28de27f7ba9b079002a209a97bf6bd0dd3db9f506cbd4a5d8534dcd7eedd448f8ae87f0a894e604d265dcd38f45bb516d4edfe1a0abcfef225aaff6fc7c4ccc883ab34ed061c160c9895a9bfda5b5418496b2437ae74fdcf6727a521fcb29de404d8a4d147731aa4e7ef97e9aebf1f5742ea1ef1eab7da8e92a025d8e159fb5db13d8a1e912dcd0da3acc83e050f5f22a8e7e9170fef7d3846d3ba32fdaafb93e5bc48992f35aa9b98358811b0c5b06b5444a23fb13ab1b154cfa329542d0a77127ef2e97b70d458b03dbf84971d9599b7113e1af32692fbf21eea9dbcd82870b97ffed633affe2b71864458bfe83bd8d7f77290b11ec7053dceb29846d01dca0499111a4267b04947b0e05c0260b81a1a2d805d20767fd9450f3b1af1c17e1be46ac2d6cf2233d14d63bc9e71d8d7c65f380161a63e65217d44e16c9834ff2b5468fe59957499bf6dd3d60bd505d87c8b60dd191424d9b39c8fcc39f7d2d49034ef0b82062eb023e8f0c1b08e469bba55610fb1f7dd9791879636ff4686e5878eee4128b34c58a85f18eb62959c57cdb878c1fa13a4f0ae708ba5b8c514cbe15de5195fb030e18a7167a6a13e9cace77e56ebfc9a8b68fa83df63f2673115c91ca18f0feb82a696a0e3d75a0e8e4241c8ff0285d49375e5968222fb95742d30408ce7f5917922e0a52acb00af3e3f5d3d43aaaf7bbe3e138414454c783bf63920899dac494f2f52c695ca58a7fcc5818529b19753f07b5c7fd8d7dd510bdd22fe6e2170def12c779c0d03ad8d7155851abe83b25e56550a75866b4b559e2de5d83cf15b98d50747a291b043d641d85e700acbe15f93fa1f9bb85de04fbd70015ab35797b51cb4db55a5394830b5dfa86cd340773f508b3558c5c7b08ed2d625a3d56c9900572abeee54ce2b5afc9dba748d084ce4b13e7e525e88b2266265da78ed65c8172ab08843194a7f13192c144c811cc7d3ad0048b11789a253dc80b1bf22283370b52f4fe91bc912b1868957b43a937ac6c5103936c5bcb8b40aecf37f521e94b3a1a118925ec1280af497d5182aa3f6e40eb169b4605dc8aaabd1241a85dcdae4255ad7480d26f61128a64a7ec2c84fe7fb0184216abe1f85b173d80077122c0828492c9a3f5c6efbe7a595333d88149670ec1e9686abc086b6e20e051894b7615d82c691badf2a34917705dc4bcda27a5fda4516552af614f40cdcf781250e4910dc42cf7c145f4008d88b2edb11770e34f5faea90bf2a09aed0c4132eaa0f9a7321d898146339886699355da43712d76579a802d0c1675f5a27f22373e69ec07d70ab52296a5db8ffdef13a56077aedf0dd4c1810534152e8aa6104580422f583d1e93973c818e9ee96d613cfd41f100746b7e5201a1098960e1746f56247c61f6d6f51212851550bd7a56c414d3138a34f11a33816873dd5d6f4bb31895327c69923d05a019c645792507b068177664c20ddb6acff8d2727f2c2ec0dd1b4d18e91a167f9c4cdadc7f33cd802fde6c07e0ddfafbc3af1e32818e5211b331a8eb951914862865affc5141f52b0c81075a07106dbd60657652bca978e7af817f2a9b2a0dbe0add1f3da769106a81978fec46d5c1aa75a666b1e2ad7f94f4bef683bac9208ee3e4d9c5e33eb8296e10966f07d975f0460b9d8b64b72724e00cfe7dfad1b39b31498a838b898fcee554632bb9d0c64af09ba1b290039a492edbc96a2cc33f2515983f63191173544cf437381b929ae012357eac01439ac7f68d4773bc5350bb44b750c365183a44e4246f8049ec0cedad44eb4bae65092d109645ce92c932bedb72aa16aea2275d7f95c01270f4b3a5afd5478e5085172a43af12c959c0af980bfb014b07fa6fc80889879e2c7c76724b278d79abb728ef697b1886196a03d70e545e67afe310fc41118293f2205f2a62a3105d1ea2ea52e8aad36d077ba1301cc17800b76485a57c9e012f32ed40a9aff328366b2760918d422a047f0079b7716564e10b45d158264e26055594219b3aec4037e6c3804174e4267e8b70e513f2e944a4fbb28bd40f17a2fc125c37063aa288cb515af1a21fd9e570efd6d88780f4ac2f4b42f15b609fcf08c9cb7c4b17c6231c7f6a446e0546ab7955a523e113aacbd84f672dee4924039f0e3c805cd1cabd0342874f78bed02c469b0f0e938378c4d93ab20a7994cf6553a3644a47e2f09134ccbef7a7afaefe0d31048bf0272e7430ebc1c2046c34bf9724d822a1390584723c8c59c5ec74eb8e75219e98f750783af3f28b3dc28cf54d8733ad854f8221abc6eba63991839dec263f360f3428f889821663526a6f1fa56ad2e67128ff43e73cd62562c0b9b6ea39595cecf67adfa77a38a7806fe94a0ae27a0c3d669fa7e66f6d579489cf29bb1e7a2a4a00ead89179ebfe8cc27c4e3d8ef92e4589693c015e74aa3b557e424e16200a41e359d0202461b57339afc63c46b1814e3df7a69ecccad7f60a572379c1fa4a502ff18c165b2783b27eaba5a342db9569fcb126208f668c1dfb47a20e70c1d7b1a65c5e488cd24634cd21fbe6275149ff3f253b64ecc50b29556e398216d2896fd01263ba46301334abe6e709afdbf4ae3595da75748689c891a3a86bea8583676899d8e98a66c14dea5c05356a720f3bdde2ac26a00d2fabd4084b9816b9e28907e998c04dfe4915cf61960ee0e9e4d5e47ba7590e9930a7018d2879660a7ae26c3a3a5be1acae3dec4857e356bfcb980473e48b6ea328010b787f6374e6511a91b4f757d97069a8b60c632beb7d948cfd1147e744643ed737a5d945a920294b16f179f365d41a16d956ad752b66d9aa451b904b47850332c563a4354cb068f2a392d8a1d4ae130e34305c791df385854c602972e9db790896a51a311427ff8853415621e31b3a9b25ae33c45aa7d812543f27af938e74660eb292ebbcffe8dae3eb4486a7ee106bc91467035d831d9125f33ed3148aae188b57503caec3bd1849017e19dc9274d2ec9542b6a87ae26532259d2b60d9ef701e16929044690582b4a2cbd6d8aa76c46b495beefc60f1d579992e558f35a5e8c4bd7ec7136cea0c0468bc931ad09d9cebb1145d4188abb3f7e0ac66d83b728ab2d7d6cd04f548b2f88cbee87de9d0ea8df0c5f6a7127b909cb360ce437fa9fb2c43f8895b117cc8b5f59ac9fdb7c6a946474b44289fa1523a6ae8b6d99b46ead08030d6ce8843c02514c30a73ff15632c0f6e96bf48fddf825b89480f3c329cdd6deb6af3484d96602501a35ed8684b74d4d2992a427d78f19f42a4969d46901967fc59f454f9bb6c345f4c115901be05c4eee99d4e3e16d29a7a11418fd42ac2fc9e38fda7e34d92b2098a0aa84d2cb4310a9318443db9c97f320d8068a0601a9ea3b378703c88b1806e29fdb70ebc9219fcb9f19e6834a7e007a89be3d3cc2294db72c175c0d1f7ed536495927a51dfabc71e93081b1fa1eede2119a4993f40942d0ed2c4f0144dc0ca36dd99795ce6b81d313f04212695a4a35ee5ad85b4e2d998dca0899b738a3583aebc9c95795cc252d9733ff761445d4ea9533e5ec8266eb0a14e93820d8c64b6ca5377c92333286397868a20584419a021ad9bf010ebab72e38d00539f8489a362c868d4e8993089c6d887d54aa7a81c46078dbfafe15e1a8bc9438d947a7b82a888b0a41fe6b6ed17c0ce0f3ec6fc7fa6d1149bc711aa0a3b9a0640e1a9ab4c5ebf548e085b1f75bc2c833d3fadbc24f36583a0d3c1ce621ecb07dc80fb1f911518cb03d60e5e62fe6b408290b7d92001a8621d1d7f34f5b9b9da695c1ffc76af86bc5face089983905df16f6c526c077ff33ab05a92fe875e2501054111008bac38e7785d4834ac579c52a2239eafc3b00cd198773795851aa4486d5c9517b8c096c61f10e4ec8853da26f151ca88b02e452856a36cb9966465d4bfbc9f0e06979f0db4a794abbf239fa4779fe38db9f05c6027c0b09e5788cdf4d28d4f2f21e1b8e768e11b19219f5f8a0e052f547e6d26263f13c91c9e4e855408b4042721a0dde26f5f72c92331b7aa5c7ff63226c33cf9b84a0279dbba0049e24539a06e395f677c7d68040c97497d5d33d22e34b9af1e15b76468a68f47a199d54bf6f73cbddcf25a8a4678c614880de104dc437a26f5b1d4dfaa85753550bfec51725316aba1012e26e1e82f7e7e13bf69a0db83f6ae712998ec295d0e92ca9a8deb0cb203c506f36a3b2f0ba1019e9c3432d891363fe82247836c345b64deba2a814e9e21f79bb91703349e012793ec5d10a176fed288495d9c18a0b0e7456f2601d20956eb45505fdea2c7e517cfdda98220a0e13301bdea6499ec72a1e954ac86fb9287f22e934183b247cbdf5e2cd7851e7bba1336967aa9e42a3917c3b15d694047377ebc0c38f6b3d24dfc694e88efbc5486c965d54a7dde0c69d78223cb63d85d40cf2cebd13cf2435d05cd24df3cba48f961763634963cdd9d8276a5ce085abb46fea8a9c001d62e0c9c4c145610567017b7da083c32030dfeedcfb4", &(0x7f0000003480)="ce8568f41d42b1279255293d2fb34ce0645f67121ccfc99b88948d99ae732f8cd0cbd7332321f3aff190e28ca65cdc2265ed100223d98c28df89691150964683644174a0ce08766a213d84705b4d2a9bd5c0f3ce8e09729ed14597e993b3c7090c3cf9a1", 0xff, r3}, 0x38)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/rcu_normal', 0x80, 0x4)
syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x7a65, 0x2000, 0x1, 0x2000381, 0x0, r4}, &(0x7f00000000c0), &(0x7f0000000040))
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x26, 0x1, 0x0, 0x0, {0x1}, [@typed={0x8, 0x1, 0x0, 0x0, @uid}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc081}, 0x4000000)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
fsetxattr(0xffffffffffffffff, &(0x7f0000000440)=@known='security.selinux\x00', &(0x7f0000000480)='+\x00', 0x2, 0x3)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x24, r7, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x80000000}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x24}, 0x1, 0x0, 0x0, 0x44054}, 0x20000000)
pipe(&(0x7f0000000040))
r8 = socket$inet(0x2b, 0x801, 0x0)
listen(r8, 0x0)
splice(r2, 0x0, r1, 0x0, 0x0, 0x7)
syz_emit_ethernet(0x72, &(0x7f0000000000)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr=0x64010102, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@remote}, {}, {@dev}, {@local}, {@dev}]}]}}}}}}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="542b844892ffc9a4ad577e3a158bd8", @ANYRES16=r7, @ANYBLOB="00022abd7000ffdbdf250100000008003100060000000500300001000000"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x814)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)

0s ago: executing program 4 (id=5714):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r2, 0x541b, &(0x7f0000000100))
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
sendmmsg$inet(r1, &(0x7f0000000580)=[{{&(0x7f0000000000)={0x2, 0x4a22, @broadcast}, 0x10, 0x0}}], 0x1, 0x20004000)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000080)={0x2000002, 0x0, 0x0, 0x1, 0x4000007})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000240)={0x50, 0xffffffffffffffda, r4, {0x7, 0x2b, 0xe, 0x1fd0c3466048d840, 0x2c, 0x5, 0xfffffffe, 0x4a, 0x0, 0x0, 0x4, 0x8000}}, 0x50)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000480)=0x1)
ioctl$TCSETS(r6, 0x5402, &(0x7f0000000080)={0x8400, 0x1, 0x0, 0x10000, 0x1b, "4415264a88b82c521113fb235902af2556c6b6"})
ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f0000000040)={0xfffffffffffffd52, 0x0})

kernel console output (not intermixed with test programs):

tered promiscuous mode
[  293.252498][T19579] bridge0: port 3(dummy0) entered blocking state
[  293.255238][T19579] bridge0: port 3(dummy0) entered disabled state
[  293.258052][T19579] dummy0: entered allmulticast mode
[  293.264661][T19579] bridge0: port 3(dummy0) entered blocking state
[  293.267349][T19579] bridge0: port 3(dummy0) entered forwarding state
[  293.272321][ T1337] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  293.296116][ T1337] usb 9-1: device descriptor read/8, error -71
[  293.550250][ T1337] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  293.575649][ T1337] usb 9-1: device descriptor read/8, error -71
[  293.585435][T19609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4752'.
[  293.588326][T19609] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4752'.
[  293.689827][ T1337] usb usb9-port1: unable to enumerate USB device
[  293.805009][T19666] 9pnet_virtio: no channels available for device syz
[  294.421107][   T40] audit: type=1800 audit(287.354:2584): pid=19701 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.4768" name="nullb0" dev="tmpfs" ino=1598 res=0 errno=0
[  294.441427][T19702] overlayfs: failed to clone upperpath
[  294.477101][   T40] audit: type=1400 audit(287.373:2585): avc:  denied  { mount } for  pid=19681 comm="syz.0.4760" name="/" dev="configfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  294.669029][T19713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4770'.
[  294.672290][T19713] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4770'.
[  295.378480][   T40] audit: type=1400 audit(288.243:2586): avc:  denied  { view } for  pid=19750 comm="syz.4.4776" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  295.489802][T19767] netlink: 'syz.4.4779': attribute type 4 has an invalid length.
[  295.492271][T19767] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4779'.
[  295.499176][T19767] : renamed from bond0 (while UP)
[  295.956262][   T34] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  296.116026][   T34] usb 9-1: Using ep0 maxpacket: 8
[  296.121242][   T34] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  296.125410][   T34] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  296.129768][   T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  296.132855][   T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  296.136063][   T34] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  296.142340][   T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  296.145857][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.344249][T19792] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4785'.
[  296.347438][T19792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19792 comm=syz.2.4785
[  296.372585][   T34] usb 9-1: usb_control_msg returned -32
[  296.374365][   T34] usbtmc 9-1:16.0: can't read capabilities
[  296.456378][T19801] fuse: Unknown parameter 'Cz����Y�����Kr���D�A4'v@�j	���Bϵ�n(����Ks�����"�t��0�x�y�ӑ��q�O�ٯ�{5��n&'
[  296.551952][T19807] netlink: 'syz.2.4791': attribute type 2 has an invalid length.
[  296.590076][   T40] audit: type=1326 audit(289.384:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19808 comm="syz.2.4792" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbfbc18e9a9 code=0x0
[  296.637962][T19816] 9pnet_virtio: no channels available for device syz
[  296.751561][T19826] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  296.770962][T19786] kvm: kvm [19785]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  296.844658][ T5980] usb 9-1: USB disconnect, device number 23
[  296.941127][T19839] overlayfs: failed to resolve './file1': -2
[  296.943705][T19839] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  296.946625][T19839] overlayfs: missing 'lowerdir'
[  297.090641][    C0] bridge0: port 1(bridge_slave_0) entered learning state
[  297.093782][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  297.602538][T19868] kvm: emulating exchange as write
[  297.650843][T19868] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19868 comm=syz.4.4809
[  297.668322][T19868] vlan4: entered allmulticast mode
[  297.670036][T19868] bond0: entered allmulticast mode
[  298.461439][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  298.466181][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  298.469468][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  298.473681][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  298.476655][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  298.502206][T19903] Failed to initialize the IGMP autojoin socket (err -2)
[  298.932770][T19927] netlink: 'syz.4.4814': attribute type 4 has an invalid length.
[  298.935288][T19927] __nla_validate_parse: 8 callbacks suppressed
[  298.935295][T19927] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4814'.
[  298.989625][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  298.997319][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  299.000969][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  299.006288][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  299.010415][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  299.039900][T19930] Failed to initialize the IGMP autojoin socket (err -2)
[  299.125917][   T40] audit: type=1400 audit(291.751:2588): avc:  denied  { relabelfrom } for  pid=19930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  299.142203][   T40] audit: type=1400 audit(291.760:2589): avc:  denied  { relabelto } for  pid=19930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  299.233769][T15830] dummy0: left allmulticast mode
[  299.239447][T15830] bridge0: port 3(dummy0) entered disabled state
[  299.247083][T15830] bridge_slave_1: left allmulticast mode
[  299.249204][T15830] bridge_slave_1: left promiscuous mode
[  299.252071][T15830] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.264597][T15830] bridge_slave_0: left allmulticast mode
[  299.266763][T15830] bridge_slave_0: left promiscuous mode
[  299.268679][T15830] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.326728][T15830] bond3 (unregistering): (slave ip6gre1): Releasing backup interface
[  299.416639][T15830] dvmrp1 (unregistering): left allmulticast mode
[  299.705371][T15830]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  299.712583][T15830]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  299.716306][T15830]  (unregistering): Released all slaves
[  299.802036][T15830] bond1 (unregistering): Released all slaves
[  299.890484][T15830] bond2 (unregistering): Released all slaves
[  299.970182][T15830] bond3 (unregistering): Released all slaves
[  299.977789][T15830] bond0 (unregistering): (slave bond4): Releasing backup interface
[  299.980847][T15830] bond0 (unregistering): Released all slaves
[  300.050692][T15830] bond4 (unregistering): Released all slaves
[  300.146077][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  300.149524][T15830] : left promiscuous mode
[  300.157204][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  300.160861][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  300.162905][   T40] audit: type=1400 audit(292.724:2590): avc:  denied  { connect } for  pid=19953 comm="syz.4.4817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  300.165294][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  300.172507][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  300.186650][T19951] Failed to initialize the IGMP autojoin socket (err -2)
[  300.215035][   T40] audit: type=1400 audit(292.770:2591): avc:  denied  { bind } for  pid=19953 comm="syz.4.4817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  300.221394][   T40] audit: type=1400 audit(292.789:2592): avc:  denied  { listen } for  pid=19953 comm="syz.4.4817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  300.227372][   T40] audit: type=1400 audit(292.789:2593): avc:  denied  { accept } for  pid=19953 comm="syz.4.4817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  300.281757][T19964] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.4817'.
[  300.379556][T19903] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  300.388361][T19903] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  300.397123][T19903] wireguard: wg0: Could not create IPv4 socket
[  300.400296][T19903] wireguard: wg1: Could not create IPv4 socket
[  300.404019][T19903] wireguard: wg2: Could not create IPv4 socket
[  300.443518][T15830] hsr_slave_0: left promiscuous mode
[  300.446718][T15830] hsr_slave_1: left promiscuous mode
[  300.449725][T15830] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.285383][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  301.293798][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  301.296826][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  301.306325][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  301.312306][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  301.418133][T19992] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4820'.
[  301.421057][T19992] netlink: 'syz.0.4820': attribute type 5 has an invalid length.
[  301.604535][T19988] Failed to initialize the IGMP autojoin socket (err -2)
[  301.657667][T19998] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=262 sclass=netlink_route_socket pid=19998 comm=syz.4.4822
[  301.747382][T20004] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4824'.
[  301.796536][T20007] getblk(): invalid block size 0 requested
[  301.799219][T20007] logical block size: 512
[  301.800942][T20007] CPU: 3 UID: 0 PID: 20007 Comm: syz.4.4825 Not tainted 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 PREEMPT(full) 
[  301.800970][T20007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  301.800982][T20007] Call Trace:
[  301.800989][T20007]  <TASK>
[  301.800998][T20007]  dump_stack_lvl+0x16c/0x1f0
[  301.801035][T20007]  __getblk_slow+0x54b/0x5f0
[  301.801059][T20007]  ? find_held_lock+0x2b/0x80
[  301.801084][T20007]  ? __pfx___might_resched+0x10/0x10
[  301.801115][T20007]  bdev_getblk+0xd4/0xe0
[  301.801139][T20007]  __bread_gfp+0x86/0x3c0
[  301.801163][T20007]  ntfs_bread+0xd9/0x210
[  301.801182][T20007]  ntfs_fill_super+0x676/0x4260
[  301.801227][T20007]  ? snprintf+0xc7/0x100
[  301.801254][T20007]  ? __pfx_snprintf+0x10/0x10
[  301.801281][T20007]  ? __pfx_ntfs_fill_super+0x10/0x10
[  301.801305][T20007]  ? do_raw_spin_lock+0x12c/0x2b0
[  301.801325][T20007]  ? find_held_lock+0x2b/0x80
[  301.801350][T20007]  ? sb_set_blocksize+0x188/0x1d0
[  301.801376][T20007]  ? setup_bdev_super+0x369/0x730
[  301.801404][T20007]  get_tree_bdev_flags+0x389/0x620
[  301.801428][T20007]  ? __pfx_ntfs_fill_super+0x10/0x10
[  301.801455][T20007]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  301.801481][T20007]  ? bpf_lsm_capable+0x9/0x10
[  301.801524][T20007]  ? security_capable+0x7e/0x260
[  301.801546][T20007]  vfs_get_tree+0x8b/0x340
[  301.801561][T20007]  path_mount+0x1414/0x2020
[  301.801575][T20007]  ? kmem_cache_free+0x2d1/0x4d0
[  301.801593][T20007]  ? __pfx_path_mount+0x10/0x10
[  301.801607][T20007]  ? putname+0x154/0x1a0
[  301.801620][T20007]  __x64_sys_mount+0x28d/0x310
[  301.801633][T20007]  ? __pfx___x64_sys_mount+0x10/0x10
[  301.801650][T20007]  do_syscall_64+0xcd/0x4c0
[  301.801662][T20007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.801674][T20007] RIP: 0033:0x7f18f778e9a9
[  301.801684][T20007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.801703][T20007] RSP: 002b:00007f18f86ad038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  301.801715][T20007] RAX: ffffffffffffffda RBX: 00007f18f79b5fa0 RCX: 00007f18f778e9a9
[  301.801728][T20007] RDX: 00002000000001c0 RSI: 0000200000000100 RDI: 0000200000000040
[  301.801739][T20007] RBP: 00007f18f7810d69 R08: 0000000000000000 R09: 0000000000000000
[  301.801752][T20007] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000
[  301.801762][T20007] R13: 0000000000000000 R14: 00007f18f79b5fa0 R15: 00007ffe74a68558
[  301.801788][T20007]  </TASK>
[  301.802008][T20007] ntfs3(nullb0): failed to read volume at offset 0x0
[  302.177971][   T10] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[  302.213840][T15830] IPVS: stop unused estimator thread 0...
[  302.295856][   T40] audit: type=1400 audit(294.725:2594): avc:  denied  { write } for  pid=20028 comm="syz.0.4832" path="socket:[66134]" dev="sockfs" ino=66134 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  302.338194][   T10] usb 9-1: Using ep0 maxpacket: 8
[  302.341120][   T10] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  302.343858][   T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  302.346873][   T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  302.350979][   T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  302.354101][   T10] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  302.358266][   T10] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  302.361792][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.429682][   T40] audit: type=1400 audit(294.847:2595): avc:  denied  { checkpoint_restore } for  pid=20032 comm="syz.0.4834" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  302.586991][   T10] usb 9-1: usb_control_msg returned -32
[  302.588763][   T10] usbtmc 9-1:16.0: can't read capabilities
[  302.972411][T20041] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  302.984704][T20011] kvm: kvm [20010]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  302.987704][T20011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4826'.
[  302.991798][T20011] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4826'.
[  303.082203][  T838] usb 9-1: USB disconnect, device number 24
[  303.233779][T20049] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  303.304825][T20055] 9pnet_fd: Insufficient options for proto=fd
[  303.514303][ T5954] Bluetooth: hci0: command tx timeout
[  303.791956][T20062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4844'.
[  304.085112][T20060] netlink: 51 bytes leftover after parsing attributes in process `syz.0.4843'.
[  304.407572][T20078] overlay: ./file0 is not a directory
[  305.171624][T20091] ptrace attach of "/syz-executor exec"[20092] was attempted by "/syz-executor exec"[20091]
[  305.221421][T20096] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4855'.
[  305.225266][T20096] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4855'.
[  305.579658][   T40] audit: type=1400 audit(297.794:2596): avc:  denied  { create } for  pid=20104 comm="syz.4.4859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  305.604269][   T40] audit: type=1400 audit(297.812:2597): avc:  denied  { write } for  pid=20104 comm="syz.4.4859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  305.720164][   T40] audit: type=1400 audit(297.924:2598): avc:  denied  { call } for  pid=20104 comm="syz.4.4859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  305.728150][ T5954] Bluetooth: hci0: command tx timeout
[  305.737924][T20113] overlayfs: failed to resolve './file0': -2
[  305.777254][T20115] netlink: 'syz.0.4862': attribute type 10 has an invalid length.
[  305.787114][T20115] veth0_vlan: left promiscuous mode
[  305.793732][T20115] veth0_vlan: entered promiscuous mode
[  305.798708][T20115] team0: Device veth0_vlan failed to register rx_handler
[  305.969620][T20125] netlink: 'syz.0.4866': attribute type 10 has an invalid length.
[  305.972490][T20125] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4866'.
[  305.977153][T20125] team0: entered promiscuous mode
[  305.978794][T20125] team_slave_0: entered promiscuous mode
[  305.981312][T20125] team_slave_1: entered promiscuous mode
[  305.983641][T20125] bridge0: port 3(team0) entered blocking state
[  305.985633][T20125] bridge0: port 3(team0) entered disabled state
[  305.987595][T20125] team0: entered allmulticast mode
[  305.989207][T20125] team_slave_0: entered allmulticast mode
[  305.991019][T20125] team_slave_1: entered allmulticast mode
[  306.000800][T20125] bridge0: port 3(team0) entered blocking state
[  306.002934][T20125] bridge0: port 3(team0) entered listening state
[  306.409537][T20134] netlink: 'syz.0.4869': attribute type 1 has an invalid length.
[  306.645640][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  306.654046][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  306.665381][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  306.675472][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  306.678197][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  306.791502][T20139] Failed to initialize the IGMP autojoin socket (err -2)
[  306.998865][T19988] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  307.059576][T19988] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  307.120277][T19988] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  307.165084][T19988] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  307.473025][T19988] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  307.492236][T19988] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  307.500362][T19988] wireguard: wg0: Could not create IPv4 socket
[  307.505712][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  307.505759][T19988] wireguard: wg1: Could not create IPv4 socket
[  307.514627][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  307.518112][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  307.521407][T19988] wireguard: wg2: Could not create IPv4 socket
[  307.521537][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  307.534372][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  307.577213][T20157] Failed to initialize the IGMP autojoin socket (err -2)
[  307.926290][   T40] audit: type=1400 audit(299.982:2599): avc:  denied  { unmount } for  pid=13831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  308.282325][T20177] netlink: 'syz.0.4882': attribute type 10 has an invalid length.
[  308.291415][T20177] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  308.295555][T20177] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  308.298135][T20177] : (slave netdevsim0): Enslaving as an active interface with an up link
[  308.324510][T20177] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4882'.
[  308.335670][T20180] netlink: 'syz.4.4883': attribute type 10 has an invalid length.
[  308.338209][T20180] netlink: 2 bytes leftover after parsing attributes in process `syz.4.4883'.
[  308.341051][T20180] team0: entered promiscuous mode
[  308.342633][T20180] team_slave_0: entered promiscuous mode
[  308.344653][T20180] team_slave_1: entered promiscuous mode
[  308.348130][T20180] 8021q: adding VLAN 0 to HW filter on device team0
[  308.350479][T20180] bridge0: port 4(team0) entered blocking state
[  308.350542][T20182] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.4884'.
[  308.352599][T20180] bridge0: port 4(team0) entered disabled state
[  308.358095][T20180] team0: entered allmulticast mode
[  308.359774][T20180] team_slave_0: entered allmulticast mode
[  308.361657][T20180] team_slave_1: entered allmulticast mode
[  308.380959][T20184] netlink: 52 bytes leftover after parsing attributes in process `syz.0.4885'.
[  308.451149][T20190] geneve3: entered promiscuous mode
[  308.492618][T20194] block device autoloading is deprecated and will be removed.
[  308.507638][   T40] audit: type=1400 audit(300.534:2600): avc:  denied  { ioctl } for  pid=20187 comm="syz.4.4886" path="/395/file0/file0" dev="fuse" ino=64 ioctlcmd=0x92b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  308.562685][T20194] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4886'.
[  308.567619][T20188] 9pnet_fd: Insufficient options for proto=fd
[  308.675052][T20157] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  308.686406][T20157] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  308.694432][T20157] wireguard: wg0: Could not create IPv4 socket
[  308.718802][T20157] wireguard: wg1: Could not create IPv4 socket
[  308.723832][T20157] wireguard: wg2: Could not create IPv4 socket
[  308.844408][   T40] audit: type=1400 audit(300.843:2601): avc:  denied  { write } for  pid=20209 comm="syz.4.4893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  308.944201][T20213] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.4894'.
[  309.028473][T20219] fuse: Bad value for 'fd'
[  309.104031][T20220] team0 (unregistering): left allmulticast mode
[  309.106491][T20220] team_slave_0: left allmulticast mode
[  309.108353][T20220] team_slave_1: left allmulticast mode
[  309.110206][T20220] bridge0: port 4(team0) entered disabled state
[  309.113926][T20220] team_slave_0: left promiscuous mode
[  309.124562][T20220] team0 (unregistering): Port device team_slave_0 removed
[  309.127423][T20220] team_slave_1: left promiscuous mode
[  309.131873][T20220] team0 (unregistering): Port device team_slave_1 removed
[  309.280070][T20222] netlink: 129704 bytes leftover after parsing attributes in process `syz.4.4898'.
[  311.491730][T20274] usb usb8: usbfs: process 20274 (syz.4.4919) did not claim interface 0 before use
[  311.825068][T20282] fuse: Bad value for 'fd'
[  311.870406][T20287] __nla_validate_parse: 3 callbacks suppressed
[  311.870418][T20287] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.4925'.
[  312.275295][T20295] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.4927'.
[  313.300522][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  313.317624][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  313.322065][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  313.325732][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  313.339800][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  313.357266][T20308] Failed to initialize the IGMP autojoin socket (err -2)
[  313.426619][T20323] ip6erspan0: tun_chr_ioctl cmd 1074025675
[  313.428486][T20323] ip6erspan0: persist enabled
[  313.459409][T20327] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.4938'.
[  313.494779][T20329] Failed to initialize the IGMP autojoin socket (err -2)
[  313.509625][    C0] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.511952][    C0] bridge0: topology change detected, propagating
[  313.514175][    C0] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.516393][    C0] bridge0: topology change detected, propagating
[  313.596326][T20329] netlink: zone id is out of range
[  313.598634][T20329] netlink: zone id is out of range
[  313.601948][T20329] netlink: zone id is out of range
[  313.605335][T20329] netlink: zone id is out of range
[  313.607872][T20329] netlink: zone id is out of range
[  313.609508][T20329] netlink: zone id is out of range
[  313.623780][T20329] netlink: set zone limit has 4 unknown bytes
[  313.670849][T20329] Failed to initialize the IGMP autojoin socket (err -2)
[  313.892525][   T40] audit: type=1400 audit(305.567:2602): avc:  denied  { create } for  pid=20349 comm="syz.0.4946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  313.898976][   T40] audit: type=1400 audit(305.576:2603): avc:  denied  { write } for  pid=20349 comm="syz.0.4946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  313.906198][   T40] audit: type=1400 audit(305.585:2604): avc:  denied  { ioctl } for  pid=20349 comm="syz.0.4946" path="socket:[68843]" dev="sockfs" ino=68843 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  313.989206][T20356] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4949'.
[  314.127261][T20364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4953'.
[  314.130407][T20364] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  314.132958][T20364] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  314.164726][T20366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=164 sclass=netlink_route_socket pid=20366 comm=syz.0.4954
[  314.728800][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  314.732344][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  314.735224][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  314.738222][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  314.743848][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  314.753872][T20372] Failed to initialize the IGMP autojoin socket (err -2)
[  314.901105][T20377] syz.4.4956: attempt to access beyond end of device
[  314.901105][T20377] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0
[  314.905174][T20377] exFAT-fs (nbd4): unable to read boot sector
[  314.907068][T20377] exFAT-fs (nbd4): failed to read boot sector
[  314.908942][T20377] exFAT-fs (nbd4): failed to recognize exfat type
[  315.290211][T20308] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  315.311548][T20308] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  315.336726][T20308] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  315.353864][T20308] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  315.563056][ T5954] Bluetooth: hci0: command tx timeout
[  315.601928][T20308] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  315.611634][T20308] wireguard: wg0: Could not create IPv4 socket
[  315.620459][T20308] wireguard: wg1: Could not create IPv4 socket
[  315.623531][T20308] wireguard: wg2: Could not create IPv4 socket
[  315.662610][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  315.666650][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  315.670586][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  315.673834][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  315.676394][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  315.688595][T20389] Failed to initialize the IGMP autojoin socket (err -2)
[  315.780505][T20393] macvlan2: entered promiscuous mode
[  315.782887][T20393] macvlan2: entered allmulticast mode
[  315.785765][T20393] bond0: (slave macvlan2): Opening slave failed
[  315.956651][T20398] netlink: 'syz.0.4961': attribute type 1 has an invalid length.
[  315.962489][T20398] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4961'.
[  316.004220][T20404] usb usb8: usbfs: process 20404 (syz.4.4964) did not claim interface 0 before use
[  316.368462][T20435] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4974'.
[  316.372771][T20435] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4974'.
[  316.418967][T20438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4975'.
[  316.422585][T20438] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4975'.
[  316.545753][   T24] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[  316.612329][T20389] wireguard: wg0: Could not create IPv4 socket
[  316.615501][T20389] wireguard: wg1: Could not create IPv4 socket
[  316.618568][T20389] wireguard: wg2: Could not create IPv4 socket
[  316.717145][   T24] usb 9-1: Using ep0 maxpacket: 8
[  316.722718][   T24] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  316.726131][   T24] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  316.730701][   T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  316.734666][   T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  316.738989][   T24] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  316.744404][   T24] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  316.748133][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.974210][   T24] usb 9-1: usb_control_msg returned -32
[  316.976517][   T24] usbtmc 9-1:16.0: can't read capabilities
[  316.996330][T20444] netlink: 'syz.0.4976': attribute type 39 has an invalid length.
[  317.467012][T20459] usbtmc 9-1:16.0: usb_control_msg returned -32
[  317.610129][T20471] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4984'.
[  317.613756][T20471] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4984'.
[  318.258418][T20475] fuse: Bad value for 'fd'
[  318.461390][   T40] audit: type=1800 audit(309.841:2605): pid=20482 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.4988" name="nullb0" dev="tmpfs" ino=2828 res=0 errno=0
[  318.558945][   T40] audit: type=1400 audit(309.935:2606): avc:  denied  { setopt } for  pid=20485 comm="syz.0.4990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  318.960519][T20495] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4993'.
[  318.972497][T20495] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4993'.
[  319.500210][ T1337] usb 9-1: USB disconnect, device number 25
[  319.649133][T20507] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4997'.
[  320.218581][T20522] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5003'.
[  320.431048][   T40] audit: type=1400 audit(311.684:2607): avc:  denied  { getopt } for  pid=20537 comm="syz.4.5009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  320.441384][   T40] audit: type=1400 audit(311.694:2608): avc:  denied  { accept } for  pid=20537 comm="syz.4.5009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  321.407845][T20546] ufs: Unknown parameter '�����yHO �I����c�˿N��3��ST��'
[  321.425697][T20548] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=20548 comm=syz.0.5011
[  321.534281][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  321.542864][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  321.547577][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  321.550697][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  321.553435][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  321.571713][T20555] Failed to initialize the IGMP autojoin socket (err -2)
[  321.721880][T20569] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  322.340698][T20555] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  322.366124][T20555] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  322.378849][T20555] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  322.398922][T20555] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  322.404402][    C3] bridge0: port 3(team0) entered learning state
[  322.490929][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  322.495761][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  322.499137][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  322.506799][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  322.520719][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  322.538196][T20577] Failed to initialize the IGMP autojoin socket (err -2)
[  322.624421][T20555] net_ratelimit: 4 callbacks suppressed
[  322.624433][T20555] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  322.634106][T20555] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  322.651409][T20555] wireguard: wg0: Could not create IPv4 socket
[  322.654546][T20555] wireguard: wg1: Could not create IPv4 socket
[  322.657379][T20555] wireguard: wg2: Could not create IPv4 socket
[  323.496141][T20599] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5028'.
[  323.565212][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  323.568193][   T40] audit: type=1400 audit(314.612:2609): avc:  denied  { load_policy } for  pid=20605 comm="syz.4.5029" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  323.570757][T20606] SELinux: failed to load policy
[  323.575631][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  323.579332][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  323.582560][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  323.584945][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  323.607184][T20609] Failed to initialize the IGMP autojoin socket (err -2)
[  323.734132][T20627] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5035'.
[  323.841202][T20633] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5038'.
[  323.945012][T20640] netlink: 132 bytes leftover after parsing attributes in process `syz.4.5041'.
[  323.986612][T20644] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5043'.
[  324.013035][T20646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5044'.
[  324.066215][T20650] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=20650 comm=syz.4.5046
[  324.070455][T20650] comedi: No check for data length of config insn id 7 is implemented
[  324.073665][T20650] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  324.077142][T20650] comedi: Assuming n=15 is correct
[  324.280317][   T40] audit: type=1400 audit(315.286:2610): avc:  denied  { watch } for  pid=20655 comm="syz.4.5048" path="/454/file0" dev="rpc_pipefs" ino=69016 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  324.296659][   T40] audit: type=1400 audit(315.304:2611): avc:  denied  { unmount } for  pid=20655 comm="syz.4.5048" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  324.427652][T20609] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  324.435123][T20609] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  324.447471][T20609] wireguard: wg0: Could not create IPv4 socket
[  324.452085][T20609] wireguard: wg1: Could not create IPv4 socket
[  324.456113][T20609] wireguard: wg2: Could not create IPv4 socket
[  324.606592][ T6037] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[  324.766898][ T6037] usb 9-1: Using ep0 maxpacket: 8
[  324.770873][ T6037] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  324.774516][ T6037] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  324.779053][ T6037] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  324.783189][ T6037] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  324.787361][ T6037] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  324.791962][ T6037] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  324.795762][ T6037] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.021914][ T6037] usb 9-1: usb_control_msg returned -32
[  325.024910][ T6037] usbtmc 9-1:16.0: can't read capabilities
[  325.039795][T20670] SELinux: security_context_str_to_sid (�) failed with errno=-22
[  325.104441][T20674] Failed to initialize the IGMP autojoin socket (err -2)
[  325.171908][T20674] overlayfs: failed to clone lowerpath
[  325.400378][T20689] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  325.413324][T20661] kvm: kvm [20660]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  325.416142][T20661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5049'.
[  325.418742][T20661] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5049'.
[  325.549227][ T6037] usb 9-1: USB disconnect, device number 26
[  325.829227][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  325.831368][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  325.904844][T20691] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5060'.
[  325.914375][T20691] 9pnet_virtio: no channels available for device syz
[  326.215116][T20696] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.5062'.
[  326.258773][ T6037] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  326.262233][ T6037] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  326.265728][ T1176] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  326.268062][ T1176] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  326.270218][ T1176] wlan1: authentication with 08:02:11:00:00:00 timed out
[  328.299503][T20713] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  329.540450][T20717] gfs2: Unknown parameter 'barrier���'
[  329.540651][   T40] audit: type=1400 audit(320.206:2612): avc:  denied  { connect } for  pid=20716 comm="syz.4.5071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  329.571163][T20721] new mount options do not match the existing superblock, will be ignored
[  329.642586][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  329.646714][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  329.650831][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  329.656643][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  329.661625][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  329.682148][T20726] Failed to initialize the IGMP autojoin socket (err -2)
[  330.127274][T20730] 9pnet_virtio: no channels available for device syz
[  330.297534][T20734] __nla_validate_parse: 3 callbacks suppressed
[  330.297545][T20734] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5076'.
[  330.302256][T20734] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5076'.
[  330.757365][T20726] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  330.776030][T20726] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  330.798499][T20726] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  330.816539][T20726] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  331.028552][T20726] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  331.038090][T20726] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  331.047058][T20726] wireguard: wg0: Could not create IPv4 socket
[  331.050409][T20726] wireguard: wg1: Could not create IPv4 socket
[  331.055427][T20726] wireguard: wg2: Could not create IPv4 socket
[  331.389372][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  331.392958][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  331.396783][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  331.400019][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  331.403003][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  331.422174][T20751] Failed to initialize the IGMP autojoin socket (err -2)
[  331.426430][T20754] program syz.4.5082 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  331.432595][   T40] audit: type=1800 audit(321.974:2613): pid=20754 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.5082" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  331.444467][T20754] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  331.464728][T20760] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5085'.
[  331.468441][T20760] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5085'.
[  331.504287][T20754] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  331.563585][T20754] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  331.569773][   T40] audit: type=1400 audit(322.105:2614): avc:  denied  { write } for  pid=20753 comm="syz.4.5082" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  332.055654][T20767] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5086'.
[  332.088357][T20751] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  332.096857][T20751] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  332.104430][T20751] wireguard: wg0: Could not create IPv4 socket
[  332.107493][T20751] wireguard: wg1: Could not create IPv4 socket
[  332.110504][T20751] wireguard: wg2: Could not create IPv4 socket
[  332.215691][T20776] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5090'.
[  332.619557][T20780] usb usb8: usbfs: process 20780 (syz.4.5091) did not claim interface 0 before use
[  332.653789][   T40] audit: type=1400 audit(323.115:2615): avc:  denied  { read write } for  pid=20781 comm="syz.4.5092" name="usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  332.662110][   T40] audit: type=1400 audit(323.115:2616): avc:  denied  { open } for  pid=20781 comm="syz.4.5092" path="/dev/usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  332.673538][   T40] audit: type=1400 audit(323.115:2617): avc:  denied  { ioctl } for  pid=20781 comm="syz.4.5092" path="/dev/usbmon5" dev="devtmpfs" ino=753 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  332.833109][T20788] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5095'.
[  333.062833][   T24] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[  333.223125][   T24] usb 9-1: Using ep0 maxpacket: 8
[  333.227201][   T24] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  333.229918][   T24] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  333.232953][   T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  333.236179][   T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  333.239363][   T24] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  333.243388][   T24] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  333.246959][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.474457][   T24] usb 9-1: usb_control_msg returned -32
[  333.476346][   T24] usbtmc 9-1:16.0: can't read capabilities
[  333.757497][   T40] audit: type=1326 audit(324.144:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20813 comm="syz.0.5107" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f188d18e9a9 code=0x0
[  333.849161][T20815] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  333.852294][T20786] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5094'.
[  333.856121][T20786] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5094'.
[  333.860824][   T24] usb 9-1: USB disconnect, device number 27
[  333.872601][T20816] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  334.672331][T20821] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5109'.
[  334.748646][T20828] syzkaller0: entered promiscuous mode
[  334.750426][T20828] syzkaller0: entered allmulticast mode
[  335.685904][T20836] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25360 sclass=netlink_route_socket pid=20836 comm=syz.0.5115
[  335.739654][T20838] __nla_validate_parse: 3 callbacks suppressed
[  335.739671][T20838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5116'.
[  335.746111][T20838] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5116'.
[  335.987071][T20843] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.5118'.
[  336.053316][T20847] netlink: 'syz.4.5120': attribute type 3 has an invalid length.
[  336.303935][T20850] ubi31: attaching mtd0
[  336.306924][T20850] ubi31: scanning is finished
[  336.308455][T20850] ubi31: empty MTD device detected
[  336.313082][T20852] Failed to initialize the IGMP autojoin socket (err -2)
[  336.431457][T20850] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  336.433956][T20850] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  336.436963][T20850] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  336.439446][T20850] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  336.442365][T20850] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  336.445122][T20850] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  336.448047][T20850] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 535364843
[  336.451761][T20850] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  336.456171][T20855] ubi31: background thread "ubi_bgt31d" started, PID 20855
[  336.469872][T20852] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20852 comm=syz.0.5122
[  336.606618][T20857] overlayfs: failed to clone upperpath
[  336.617475][   T40] audit: type=1800 audit(326.828:2619): pid=20857 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5123" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  336.628826][T20857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  336.686293][T20857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  336.744702][T20857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  337.987946][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  337.994223][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  337.997960][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  338.002045][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  338.005928][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  338.030300][T20862] Failed to initialize the IGMP autojoin socket (err -2)
[  338.050784][T20860] bridge0: port 3(team0) entered disabled state
[  338.131484][T20860] team0 (unregistering): left allmulticast mode
[  338.134234][T20860] team_slave_0: left allmulticast mode
[  338.136461][T20860] team_slave_1: left allmulticast mode
[  338.138345][T20860] bridge0: port 3(team0) entered disabled state
[  338.146156][T20860] team_slave_0: left promiscuous mode
[  338.157431][T20860] team0 (unregistering): Port device team_slave_0 removed
[  338.160599][T20860] team_slave_1: left promiscuous mode
[  338.168551][T20860] team0 (unregistering): Port device team_slave_1 removed
[  338.673033][T20868] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5125'.
[  338.727690][T20869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5125'.
[  338.811558][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  338.817036][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  338.820869][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  338.823791][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  338.826943][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  338.848050][T20870] Failed to initialize the IGMP autojoin socket (err -2)
[  338.923167][T20862] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  338.943794][T20862] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  338.962168][T20862] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  339.002022][T20862] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  339.193053][T20862] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  339.205052][T20862] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  339.212001][T20862] wireguard: wg0: Could not create IPv4 socket
[  339.215117][T20862] wireguard: wg1: Could not create IPv4 socket
[  339.217868][T20862] wireguard: wg2: Could not create IPv4 socket
[  340.196903][T20886] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=53 sclass=netlink_route_socket pid=20886 comm=syz.0.5129
[  340.201641][T20886] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5129'.
[  340.226707][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  340.230606][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  340.236576][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  340.237109][T20892] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  340.240531][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  340.250429][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  340.262450][T20889] Failed to initialize the IGMP autojoin socket (err -2)
[  340.414933][T20901] netlink: 'syz.0.5134': attribute type 11 has an invalid length.
[  340.510479][T20903] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5135'.
[  341.099968][T20928] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5145'.
[  341.117496][T20934] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5146'.
[  341.164169][T20889] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  341.171539][T20889] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  341.177956][T20889] wireguard: wg0: Could not create IPv4 socket
[  341.181059][T20889] wireguard: wg1: Could not create IPv4 socket
[  341.184266][T20889] wireguard: wg2: Could not create IPv4 socket
[  341.353033][T20961] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.5156'.
[  341.399226][T20969] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  341.425070][T20971] fuse: Unknown parameter 'roITw��t$2~C7W��(�ot�ode'
[  341.482052][T20977] Process accounting resumed
[  341.581479][   T40] audit: type=1400 audit(331.468:2620): avc:  denied  { setattr } for  pid=20982 comm="syz.4.5166" path="/dev/snd/controlC0" dev="devtmpfs" ino=1318 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  341.754185][   T40] audit: type=1400 audit(331.627:2621): avc:  denied  { shutdown } for  pid=20987 comm="syz.4.5168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  341.758094][T20988] cgroup: subsys name conflicts with all
[  341.760327][   T40] audit: type=1400 audit(331.627:2622): avc:  denied  { read } for  pid=20987 comm="syz.4.5168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  342.256680][   T29] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[  342.417257][   T29] usb 9-1: Using ep0 maxpacket: 16
[  342.428592][   T29] usb 9-1: config 0 has an invalid interface number: 145 but max is 0
[  342.431206][   T29] usb 9-1: config 0 has no interface number 0
[  342.434804][   T29] usb 9-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  342.437563][   T29] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.440687][   T29] usb 9-1: Product: syz
[  342.442817][   T29] usb 9-1: Manufacturer: syz
[  342.444305][   T29] usb 9-1: SerialNumber: syz
[  342.448620][   T29] usb 9-1: config 0 descriptor??
[  342.451582][   T29] hub 9-1:0.145: bad descriptor, ignoring hub
[  342.453470][   T29] hub 9-1:0.145: probe with driver hub failed with error -5
[  342.459306][   T29] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.145/input/input12
[  342.665870][   T40] audit: type=1400 audit(332.488:2623): avc:  denied  { read } for  pid=20994 comm="syz.4.5171" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  342.672918][   T40] audit: type=1400 audit(332.488:2624): avc:  denied  { open } for  pid=20994 comm="syz.4.5171" path="/dev/input/mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  343.029142][   T10] usb 9-1: USB disconnect, device number 28
[  343.403924][   T40] audit: type=1400 audit(333.170:2625): avc:  denied  { search } for  pid=21002 comm="syz.0.5174" name="/" dev="configfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  343.417297][   T40] audit: type=1400 audit(333.189:2626): avc:  denied  { search } for  pid=21002 comm="syz.0.5174" name="/" dev="configfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  343.424013][   T40] audit: type=1400 audit(333.189:2627): avc:  denied  { watch watch_reads } for  pid=21002 comm="syz.0.5174" path="/" dev="configfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  343.430948][   T40] audit: type=1400 audit(333.189:2628): avc:  denied  { search } for  pid=21002 comm="syz.0.5174" name="/" dev="configfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  343.439191][   T40] audit: type=1400 audit(333.189:2629): avc:  denied  { search } for  pid=21002 comm="syz.0.5174" name="/" dev="configfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  343.462596][   T40] audit: type=1800 audit(333.189:2630): pid=21003 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5174" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  343.469442][   T40] audit: type=1400 audit(333.189:2631): avc:  denied  { ioctl } for  pid=21002 comm="syz.0.5174" path="socket:[73480]" dev="sockfs" ino=73480 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  344.378450][   T40] audit: type=1400 audit(334.087:2632): avc:  denied  { accept } for  pid=21023 comm="syz.0.5183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  345.840987][T21037] Invalid logical block size (3840)
[  345.885918][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  345.890662][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  345.903725][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  345.908018][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  345.910651][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  345.931414][T21048] overlayfs: failed to clone upperpath
[  345.938597][T21043] Failed to initialize the IGMP autojoin socket (err -2)
[  345.946327][T21048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  346.009987][T21051] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  346.067679][T21048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  346.645887][T21055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5193'.
[  346.648716][T21055] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5193'.
[  347.094666][T21043] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  347.105762][T21043] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  347.125438][T21043] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  347.144019][T21043] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  347.321548][T21043] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  347.327954][T21043] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  347.333775][T21043] wireguard: wg0: Could not create IPv4 socket
[  347.337035][T21043] wireguard: wg1: Could not create IPv4 socket
[  347.340017][T21043] wireguard: wg2: Could not create IPv4 socket
[  348.101892][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  348.106419][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  348.111026][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  348.115821][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  348.118799][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  348.131564][T21078] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5197'.
[  348.134940][T21075] Failed to initialize the IGMP autojoin socket (err -2)
[  348.142292][T21078] ipip0: entered promiscuous mode
[  348.180759][T21080] libceph: resolve '
[  348.180759][T21080] -&���f�Y�ǝ�a���2i�
[  348.180759][T21080] .���?��&�*��&' (ret=-3): failed
[  348.187429][T21080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  348.224663][ T6037] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  348.227473][ T6037] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  348.229690][T15820] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  348.231707][T15820] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  348.240431][T15820] wlan1: authentication with 08:02:11:00:00:00 timed out
[  348.249639][T21085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5201'.
[  348.385392][T21088] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5202'.
[  348.388169][T21088] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5202'.
[  348.953048][T21075] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  348.959383][T21075] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  348.973727][T21075] wireguard: wg0: Could not create IPv4 socket
[  348.977272][T21075] wireguard: wg1: Could not create IPv4 socket
[  348.980242][T21075] wireguard: wg2: Could not create IPv4 socket
[  349.025589][T21103] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  349.130295][T21109] kAFS: unparsable volume name
[  349.212662][T21113] overlayfs: failed to clone upperpath
[  349.219407][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  349.219421][   T40] audit: type=1800 audit(338.614:2634): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5211" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0
[  349.233672][T21113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  349.291922][T21113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  349.349801][T21113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  349.857725][   T40] audit: type=1400 audit(339.204:2635): avc:  denied  { override_creds } for  pid=21114 comm="syz.4.5212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  349.941969][T21121] tmpfs: Bad value for 'mpol'
[  349.946027][T21119] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5214'.
[  351.600281][ T6040] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[  351.655087][T21142] netlink: 'syz.0.5223': attribute type 1 has an invalid length.
[  351.672996][T21142] bond6: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  351.679332][   T40] audit: type=1400 audit(340.915:2636): avc:  denied  { mounton } for  pid=21141 comm="syz.0.5223" path="/file0" dev="ramfs" ino=76056 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  351.716139][T21142] veth5: entered promiscuous mode
[  351.721703][T21142] bond6: (slave veth5): Enslaving as a backup interface with a down link
[  351.771344][ T6040] usb 9-1: Using ep0 maxpacket: 16
[  351.783190][ T6040] usb 9-1: config 0 has an invalid interface number: 145 but max is 0
[  351.786068][ T6040] usb 9-1: config 0 has no interface number 0
[  351.789791][ T6040] usb 9-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  351.793173][ T6040] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.796768][ T6040] usb 9-1: Product: syz
[  351.798208][ T6040] usb 9-1: Manufacturer: syz
[  351.799766][ T6040] usb 9-1: SerialNumber: syz
[  351.815180][ T6040] usb 9-1: config 0 descriptor??
[  351.821286][ T6040] hub 9-1:0.145: bad descriptor, ignoring hub
[  351.823397][ T6040] hub 9-1:0.145: probe with driver hub failed with error -5
[  351.860432][ T6040] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.145/input/input13
[  352.319850][ T6040] usb 9-1: USB disconnect, device number 29
[  352.759585][T21156] 9pnet_fd: Insufficient options for proto=fd
[  352.856734][T21160] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5230'.
[  352.998277][T21164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5232'.
[  353.001239][T21165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5232'.
[  353.139950][T21174] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5236'.
[  353.207241][T21179] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5238'.
[  353.276410][T21186] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5240'.
[  354.798374][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  354.802004][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  354.805308][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  354.816662][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  354.820305][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  354.833155][T21192] Failed to initialize the IGMP autojoin socket (err -2)
[  355.586815][T21192] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  355.609775][T21192] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  355.624563][T21192] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  355.650351][T21192] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  355.837248][T21192] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  355.843532][T21192] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  355.850020][T21192] wireguard: wg0: Could not create IPv4 socket
[  355.853027][T21192] wireguard: wg1: Could not create IPv4 socket
[  355.857569][T21192] wireguard: wg2: Could not create IPv4 socket
[  355.986358][T21202] kvm: kvm [21201]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  356.015928][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  356.020484][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  356.024260][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  356.037832][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  356.041383][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  356.059618][T21205] Failed to initialize the IGMP autojoin socket (err -2)
[  356.379172][   T40] audit: type=1400 audit(345.303:2637): avc:  denied  { create } for  pid=21221 comm="syz.4.5251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  356.384965][   T40] audit: type=1400 audit(345.303:2638): avc:  denied  { connect } for  pid=21221 comm="syz.4.5251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  357.013390][T21205] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  357.020147][T21205] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  357.028146][T21205] wireguard: wg0: Could not create IPv4 socket
[  357.033481][T21205] wireguard: wg1: Could not create IPv4 socket
[  357.036557][T21205] wireguard: wg2: Could not create IPv4 socket
[  357.185608][T21248] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5257'.
[  357.215467][T21250] 9pnet_virtio: no channels available for device syz
[  357.247596][T21252] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  357.853778][   T40] audit: type=1400 audit(346.698:2639): avc:  denied  { append } for  pid=21271 comm="syz.4.5264" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  357.863355][T21272] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5264'.
[  358.328465][T21296] binder: 21295:21296 unknown command 0
[  358.330505][T21296] binder: 21295:21296 ioctl c0306201 200000000100 returned -22
[  358.333919][T21296] binder: 21295:21296 ioctl c0306201 200000000180 returned -22
[  358.525275][T21307] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5280'.
[  358.576193][T21312] netlink: 76 bytes leftover after parsing attributes in process `syz.0.5282'.
[  358.647554][T21312] 9pnet: Could not find request transport: fd<rfdno="U�1����6�47V@��z/��!ƣ��m���@_�����A����9���25R���{��{��t�d��!AE�������pϦ��� ��%
[  358.733778][T21307] afs: Unknown parameter '�PF�nn���Wd'
[  358.737487][   T40] audit: type=1400 audit(347.512:2640): avc:  denied  { mounton } for  pid=21306 comm="syz.4.5280" path="/542/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  359.647987][T21347] Failed to initialize the IGMP autojoin socket (err -2)
[  359.803389][   T40] audit: type=1326 audit(348.512:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21346 comm="syz.0.5296" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f188d18e9a9 code=0x0
[  359.918123][   T40] audit: type=1400 audit(348.625:2642): avc:  denied  { bind } for  pid=21346 comm="syz.0.5296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  360.211140][T21356] erofs (device nbd4): cannot find valid erofs superblock
[  360.685651][T21375] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5308'.
[  360.694677][T21375] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21375 comm=syz.0.5308
[  360.699772][T21375] veth1_macvtap: mtu less than device minimum
[  360.703196][T21375] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=22 sclass=netlink_tcpdiag_socket pid=21375 comm=syz.0.5308
[  360.839785][T21380] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21380 comm=syz.0.5310
[  360.949960][T21381] block nbd4: shutting down sockets
[  361.292650][T21400] Set syz1 is full, maxelem 65536 reached
[  362.821010][T21408] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.5319'.
[  362.924846][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  362.928228][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  362.931693][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  362.935454][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  362.938901][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  362.956866][T21409] Failed to initialize the IGMP autojoin socket (err -2)
[  363.689789][T21409] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  363.722275][T21409] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  363.738994][T21409] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  363.770036][T21409] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  364.005600][T21409] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  364.012193][T21409] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  364.019930][T21409] wireguard: wg0: Could not create IPv4 socket
[  364.024977][T21409] wireguard: wg1: Could not create IPv4 socket
[  364.029089][T21409] wireguard: wg2: Could not create IPv4 socket
[  365.033173][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  365.037951][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  365.042708][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  365.046575][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  365.052585][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  365.065125][T21441] overlay: Unknown parameter 'smackfstransmute'
[  365.067062][T21438] Failed to initialize the IGMP autojoin socket (err -2)
[  365.084741][   T40] audit: type=1326 audit(353.451:2643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21440 comm="syz.4.5329" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f18f778e9a9 code=0x0
[  365.192518][T21442] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  365.607556][T21445] Failed to initialize the IGMP autojoin socket (err -2)
[  365.935890][T21438] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  365.987341][T21438] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  366.001771][T21456] input: syz1 as /devices/virtual/input/input14
[  366.005340][T21438] wireguard: wg0: Could not create IPv4 socket
[  366.012361][T21438] wireguard: wg1: Could not create IPv4 socket
[  366.021944][T21438] wireguard: wg2: Could not create IPv4 socket
[  366.309833][T21468] ubi: mtd0 is already attached to ubi31
[  366.962788][T21470] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5338'.
[  366.967609][T21470] netlink: 'syz.0.5338': attribute type 4 has an invalid length.
[  366.970573][T21470] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5338'.
[  367.003156][T21472] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5339'.
[  368.324962][T21488] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5345'.
[  370.863848][T21497] netlink: 'syz.4.5349': attribute type 10 has an invalid length.
[  370.873756][T21497] syz_tun: entered promiscuous mode
[  370.879062][T21497] : (slave syz_tun): Enslaving as an active interface with an up link
[  370.966134][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  370.972125][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  370.975866][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  370.981937][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  370.985561][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  371.004178][T21504] Failed to initialize the IGMP autojoin socket (err -2)
[  371.025942][T21510] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5353'.
[  371.030384][T21510] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21510 comm=syz.0.5353
[  371.053927][T21512] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5354'.
[  371.102105][T21512] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5354'.
[  371.190860][T21512]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  371.195011][T21512]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  371.199117][T21512]  (unregistering): (slave syz_tun): Releasing backup interface
[  371.202590][T21512]  (unregistering): Released all slaves
[  371.509810][T21538] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5362'.
[  372.143262][T21504] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  372.154187][T21504] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  372.168183][T21504] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  372.190725][T21504] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  372.370110][T21504] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  372.380131][T21504] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  372.388187][T21504] wireguard: wg0: Could not create IPv4 socket
[  372.391327][T21504] wireguard: wg1: Could not create IPv4 socket
[  372.396094][T21504] wireguard: wg2: Could not create IPv4 socket
[  373.286246][T21553] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5365'.
[  373.468412][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  373.472681][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  373.475909][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  373.478834][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  373.482166][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  373.501257][T21555] netlink: 'syz.0.5366': attribute type 1 has an invalid length.
[  373.503729][T21555] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.5366'.
[  373.508055][T21561] Failed to initialize the IGMP autojoin socket (err -2)
[  373.611072][T21567] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5369'.
[  373.626782][T21567]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  373.629654][T21567] bond_slave_0: left promiscuous mode
[  373.631401][T21567] bond_slave_0: left allmulticast mode
[  373.634766][T21567]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  373.637540][T21567] bond_slave_1: left promiscuous mode
[  373.639259][T21567] bond_slave_1: left allmulticast mode
[  373.642147][T21567]  (unregistering): (slave netdevsim0): Releasing backup interface
[  373.646577][T21567] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  373.648801][T21567] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  373.652149][T21567]  (unregistering): Released all slaves
[  373.978101][   T40] audit: type=1326 audit(361.776:2644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21575 comm="syz.0.5370" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f188d18e9a9 code=0x0
[  374.378063][T21561] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  374.385274][T21561] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  374.396358][T21561] wireguard: wg0: Could not create IPv4 socket
[  374.399885][T21561] wireguard: wg1: Could not create IPv4 socket
[  374.416893][T21561] wireguard: wg2: Could not create IPv4 socket
[  374.911221][T21599] overlayfs: failed to clone upperpath
[  374.918401][T21599] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5378'.
[  374.922171][T21599] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5378'.
[  374.957988][T21604] program syz.4.5381 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  374.963416][   T40] audit: type=1800 audit(362.693:2645): pid=21604 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.5381" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  375.265808][T21629] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  375.672309][   T40] audit: type=1400 audit(363.350:2646): avc:  denied  { ioctl } for  pid=21643 comm="syz.4.5398" path="socket:[82485]" dev="sockfs" ino=82485 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  375.720722][T21647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5397'.
[  375.723558][T21647] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5397'.
[  375.726462][T21647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5397'.
[  375.729408][T21647] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5397'.
[  376.393362][T21663] netlink: 'syz.4.5405': attribute type 32 has an invalid length.
[  376.425661][T21665] FAULT_INJECTION: forcing a failure.
[  376.425661][T21665] name failslab, interval 1, probability 0, space 0, times 0
[  376.430027][T21665] CPU: 3 UID: 0 PID: 21665 Comm: syz.4.5406 Not tainted 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 PREEMPT(full) 
[  376.430043][T21665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  376.430050][T21665] Call Trace:
[  376.430055][T21665]  <TASK>
[  376.430060][T21665]  dump_stack_lvl+0x16c/0x1f0
[  376.430100][T21665]  should_fail_ex+0x512/0x640
[  376.430122][T21665]  ? fs_reclaim_acquire+0xae/0x150
[  376.430137][T21665]  ? tomoyo_encode2+0x100/0x3e0
[  376.430147][T21665]  should_failslab+0xc2/0x120
[  376.430159][T21665]  __kmalloc_noprof+0xd2/0x510
[  376.430176][T21665]  ? d_absolute_path+0x136/0x1a0
[  376.430193][T21665]  tomoyo_encode2+0x100/0x3e0
[  376.430206][T21665]  tomoyo_encode+0x29/0x50
[  376.430216][T21665]  tomoyo_realpath_from_path+0x18f/0x6e0
[  376.430235][T21665]  tomoyo_path_number_perm+0x245/0x580
[  376.430251][T21665]  ? tomoyo_path_number_perm+0x237/0x580
[  376.430269][T21665]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  376.430286][T21665]  ? find_held_lock+0x2b/0x80
[  376.430313][T21665]  ? find_held_lock+0x2b/0x80
[  376.430326][T21665]  ? hook_file_ioctl_common+0x145/0x410
[  376.430343][T21665]  ? __fget_files+0x20e/0x3c0
[  376.430356][T21665]  security_file_ioctl+0x9b/0x240
[  376.430375][T21665]  __x64_sys_ioctl+0xb7/0x210
[  376.430392][T21665]  do_syscall_64+0xcd/0x4c0
[  376.430404][T21665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.430416][T21665] RIP: 0033:0x7f18f778e9a9
[  376.430425][T21665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.430436][T21665] RSP: 002b:00007f18f86ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  376.430447][T21665] RAX: ffffffffffffffda RBX: 00007f18f79b5fa0 RCX: 00007f18f778e9a9
[  376.430455][T21665] RDX: 0000200000000200 RSI: 0000000000001277 RDI: 0000000000000003
[  376.430462][T21665] RBP: 00007f18f86ad090 R08: 0000000000000000 R09: 0000000000000000
[  376.430469][T21665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.430475][T21665] R13: 0000000000000000 R14: 00007f18f79b5fa0 R15: 00007ffe74a68558
[  376.430489][T21665]  </TASK>
[  376.430501][T21665] ERROR: Out of memory at tomoyo_realpath_from_path.
[  376.555692][   T40] audit: type=1400 audit(364.183:2647): avc:  denied  { getopt } for  pid=21666 comm="syz.4.5407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  376.606279][T21671] FAULT_INJECTION: forcing a failure.
[  376.606279][T21671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.611411][T21671] CPU: 2 UID: 0 PID: 21671 Comm: syz.4.5409 Not tainted 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 PREEMPT(full) 
[  376.611436][T21671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  376.611448][T21671] Call Trace:
[  376.611455][T21671]  <TASK>
[  376.611463][T21671]  dump_stack_lvl+0x16c/0x1f0
[  376.611495][T21671]  should_fail_ex+0x512/0x640
[  376.611525][T21671]  _copy_from_user+0x2e/0xd0
[  376.611544][T21671]  __sys_bpf+0x21d/0x4ea0
[  376.611572][T21671]  ? __pfx___sys_bpf+0x10/0x10
[  376.611596][T21671]  ? ksys_write+0x190/0x250
[  376.611656][T21671]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  376.611689][T21671]  ? fput+0x70/0xf0
[  376.611708][T21671]  ? ksys_write+0x1ac/0x250
[  376.611733][T21671]  ? __pfx_ksys_write+0x10/0x10
[  376.611763][T21671]  __x64_sys_bpf+0x78/0xc0
[  376.611787][T21671]  ? lockdep_hardirqs_on+0x7c/0x110
[  376.611813][T21671]  do_syscall_64+0xcd/0x4c0
[  376.611832][T21671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.611850][T21671] RIP: 0033:0x7f18f778e9a9
[  376.611864][T21671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.611882][T21671] RSP: 002b:00007f18f86ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  376.611899][T21671] RAX: ffffffffffffffda RBX: 00007f18f79b5fa0 RCX: 00007f18f778e9a9
[  376.611910][T21671] RDX: 0000000000000090 RSI: 0000200000000340 RDI: 0000000000000005
[  376.611921][T21671] RBP: 00007f18f86ad090 R08: 0000000000000000 R09: 0000000000000000
[  376.611932][T21671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.611942][T21671] R13: 0000000000000000 R14: 00007f18f79b5fa0 R15: 00007ffe74a68558
[  376.611964][T21671]  </TASK>
[  376.703420][T21673] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5410'.
[  376.782089][T21681] netlink: 'syz.0.5414': attribute type 8 has an invalid length.
[  377.162520][T21713] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  377.166161][T21713] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.168898][T21713] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.171709][T21713] bridge0: left promiscuous mode
[  377.177514][T21713] bridge0: entered allmulticast mode
[  377.225536][T21715] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  377.277253][T21718] ptrace attach of "/syz-executor exec"[13831] was attempted by ""[21718]
[  379.847166][T21744] __nla_validate_parse: 5 callbacks suppressed
[  379.847182][T21744] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5437'.
[  379.984564][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  379.989003][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  379.993122][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  379.999129][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  380.002377][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  380.019151][T21755] Failed to initialize the IGMP autojoin socket (err -2)
[  380.873990][T21755] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  380.886535][T21755] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  380.906640][T21755] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  380.927216][T21755] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  381.131137][T21755] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  381.137257][T21755] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  381.143968][T21755] wireguard: wg0: Could not create IPv4 socket
[  381.147476][T21755] wireguard: wg1: Could not create IPv4 socket
[  381.151499][T21755] wireguard: wg2: Could not create IPv4 socket
[  381.987979][T21785] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=23 sclass=netlink_tcpdiag_socket pid=21785 comm=syz.4.5449
[  382.001169][T21783] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5448'.
[  382.046788][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  382.050679][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  382.055298][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  382.061342][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  382.064374][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  382.082369][T21792] Failed to initialize the IGMP autojoin socket (err -2)
[  382.389039][   T29] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[  382.570803][   T29] usb 9-1: Using ep0 maxpacket: 16
[  382.575463][   T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.578906][   T29] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  382.583393][   T29] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  382.586432][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.590439][   T29] usb 9-1: config 0 descriptor??
[  382.939302][T21805] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5454'.
[  383.066275][T21792] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  383.083721][T21792] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  383.118244][T21792] wireguard: wg0: Could not create IPv4 socket
[  383.123866][T21792] wireguard: wg1: Could not create IPv4 socket
[  383.132558][T21792] wireguard: wg2: Could not create IPv4 socket
[  383.353664][T21823] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5458'.
[  384.055970][T21831] overlayfs: failed to clone upperpath
[  384.368289][T21836] fuse: Bad value for 'fd'
[  385.133102][T21849] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.135422][T21849] bridge0: port 2(bridge_slave_1) entered listening state
[  385.137963][T21849] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.140366][T21849] bridge0: port 1(bridge_slave_0) entered listening state
[  385.143668][T21849] bridge0: entered promiscuous mode
[  385.145469][T21849] bridge0: left allmulticast mode
[  385.406932][   T29] usbhid 9-1:0.0: can't add hid device: -71
[  385.408876][   T29] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  385.418838][   T29] usb 9-1: USB disconnect, device number 30
[  385.468310][T21863] netlink: 2640 bytes leftover after parsing attributes in process `syz.0.5473'.
[  385.523714][T21864] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5473'.
[  385.550177][T21861] ubi: mtd0 is already attached to ubi31
[  385.553229][T21861] overlayfs: conflicting options: nfs_export=on,index=off
[  388.109441][T21870] netlink: 'syz.0.5474': attribute type 10 has an invalid length.
[  388.194163][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  388.199362][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  388.202247][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  388.205924][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  388.208656][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  388.226563][T21875] Failed to initialize the IGMP autojoin socket (err -2)
[  388.354483][  T838] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[  388.525523][  T838] usb 9-1: Using ep0 maxpacket: 8
[  388.529252][  T838] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  388.532080][  T838] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  388.535230][  T838] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  388.538658][  T838] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  388.541727][  T838] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  388.545799][  T838] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  388.557508][  T838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.801430][  T838] usb 9-1: usb_control_msg returned -32
[  388.805593][  T838] usbtmc 9-1:16.0: can't read capabilities
[  388.909664][T21875] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  388.944637][T21875] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  388.961176][T21875] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  388.991057][T21875] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  389.188032][T21883] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  389.197331][T21869] kvm: kvm [21868]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  389.222542][T21875] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  389.228723][T21875] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  389.236573][T21875] wireguard: wg0: Could not create IPv4 socket
[  389.239612][T21875] wireguard: wg1: Could not create IPv4 socket
[  389.244619][  T838] usb 9-1: USB disconnect, device number 31
[  389.252045][T21875] wireguard: wg2: Could not create IPv4 socket
[  390.361812][T21887] bridge0: port 3(dummy0) entered blocking state
[  390.363954][T21887] bridge0: port 3(dummy0) entered forwarding state
[  390.366186][T21887] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.368408][T21887] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.370939][T21887] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.373211][T21887] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.376379][T21887] bridge0: left allmulticast mode
[  390.422846][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  390.427596][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  390.430988][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  390.434752][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  390.437991][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  390.463032][T21897] Failed to initialize the IGMP autojoin socket (err -2)
[  390.520098][T21906] 9pnet_virtio: no channels available for device syz
[  390.533601][T21902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5481'.
[  390.537325][T21902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5481'.
[  390.779408][T21931] overlayfs: failed to clone upperpath
[  390.784192][T21931] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5494'.
[  390.856435][ T1337] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[  390.889932][T21937] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5497'.
[  391.027067][ T1337] usb 9-1: Using ep0 maxpacket: 8
[  391.029888][ T1337] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  391.032514][ T1337] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  391.049033][ T1337] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  391.052949][ T1337] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  391.056188][ T1337] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  391.069833][ T1337] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  391.073482][ T1337] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.252109][T21953] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5502'.
[  391.329989][ T1337] usb 9-1: usb_control_msg returned -32
[  391.331803][ T1337] usbtmc 9-1:16.0: can't read capabilities
[  391.339184][T21897] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  391.345348][T21897] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  391.369325][T21897] wireguard: wg0: Could not create IPv4 socket
[  391.372736][T21897] wireguard: wg1: Could not create IPv4 socket
[  391.375819][T21897] wireguard: wg2: Could not create IPv4 socket
[  391.460177][   T40] audit: type=1400 audit(378.120:2648): avc:  denied  { append } for  pid=21959 comm="syz.0.5505" path="socket:[85065]" dev="sockfs" ino=85065 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  391.512880][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  391.514932][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  391.706956][T21961] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  391.720310][T21913] kvm: kvm [21912]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  391.770444][ T5980] usb 9-1: USB disconnect, device number 32
[  392.436914][T21972] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  392.443719][T21972] syz.4.5508: attempt to access beyond end of device
[  392.443719][T21972] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0
[  392.448330][T21972] gfs2: error -5 reading superblock
[  392.774162][T21981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5511'.
[  392.777701][T21981] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5511'.
[  392.782941][T21981] netlink: 'syz.4.5511': attribute type 20 has an invalid length.
[  393.088810][T21995] overlayfs: failed to resolve '
': -2
[  393.256037][T22001] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5519'.
[  393.753193][  T838] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  393.855428][T22008] 9pnet_virtio: no channels available for device syz
[  393.934928][  T838] usb 9-1: Using ep0 maxpacket: 8
[  393.946715][  T838] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  393.950159][  T838] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  393.954158][  T838] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  393.958525][  T838] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  393.962609][  T838] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  393.968170][  T838] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  393.971877][  T838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.058948][T22011] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5523'.
[  394.209048][  T838] usb 9-1: usb_control_msg returned -32
[  394.210874][  T838] usbtmc 9-1:16.0: can't read capabilities
[  394.585953][T22012] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  394.596028][T22006] kvm: kvm [22005]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  394.690689][ T1337] usb 9-1: USB disconnect, device number 33
[  396.851385][T22021] comedi: No check for data length of config insn id 7 is implemented
[  396.854475][T22021] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  396.857305][T22021] comedi: Assuming n=15 is correct
[  396.945792][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  396.950492][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  396.954120][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  396.956975][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  396.959435][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  396.974380][T22022] Failed to initialize the IGMP autojoin socket (err -2)
[  397.670871][T22022] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  397.685346][T22022] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  397.701943][T22022] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  397.716252][T22022] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  397.886574][T22022] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  397.897389][T22022] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  397.904762][T22022] wireguard: wg0: Could not create IPv4 socket
[  397.907759][T22022] wireguard: wg1: Could not create IPv4 socket
[  397.910717][T22022] wireguard: wg2: Could not create IPv4 socket
[  398.810474][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  398.822478][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  398.825985][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  398.830387][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  398.833426][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  398.837700][   T40] audit: type=1400 audit(385.023:2649): avc:  denied  { getopt } for  pid=22038 comm="syz.4.5530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  398.849486][T22036] Failed to initialize the IGMP autojoin socket (err -2)
[  399.757951][   T40] audit: type=1400 audit(385.884:2650): avc:  denied  { append } for  pid=22042 comm="syz.4.5531" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  400.282574][T22036] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  400.306663][T22036] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  400.314442][T22036] wireguard: wg0: Could not create IPv4 socket
[  400.329456][T22036] wireguard: wg1: Could not create IPv4 socket
[  400.333627][T22036] wireguard: wg2: Could not create IPv4 socket
[  400.616568][ T5980] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[  400.798606][ T5980] usb 9-1: Using ep0 maxpacket: 8
[  400.802658][ T5980] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  400.805162][ T5980] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  400.808282][ T5980] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  400.812127][ T5980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  400.815209][ T5980] usb 9-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  400.819245][ T5980] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  400.823447][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.828483][ T5980] usbtmc 9-1:16.0: bulk endpoints not found
[  400.995468][T22065] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5538'.
[  401.161226][T22080] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  401.165132][T22080] netlink: 129704 bytes leftover after parsing attributes in process `syz.0.5544'.
[  401.265681][T22088] netlink: 576 bytes leftover after parsing attributes in process `syz.0.5548'.
[  401.340483][T22094] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5551'.
[  401.703512][T22119] 9pnet_virtio: no channels available for device syz
[  401.762785][T22123] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5562'.
[  401.765957][T22123] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5562'.
[  401.771118][    C2] bridge0: port 1(bridge_slave_0) entered learning state
[  401.773608][    C2] bridge0: port 2(bridge_slave_1) entered learning state
[  401.796846][   T40] audit: type=1400 audit(387.792:2651): avc:  denied  { ioctl } for  pid=22050 comm="syz.4.5533" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x5b02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  402.669595][T22146] overlayfs: failed to clone upperpath
[  402.674326][   T40] audit: type=1800 audit(388.615:2652): pid=22146 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5569" name="SYSV00000000" dev="hugetlbfs" ino=6 res=0 errno=0
[  403.584304][ T1337] usb 9-1: USB disconnect, device number 34
[  405.276003][T22153] netlink: 348 bytes leftover after parsing attributes in process `syz.4.5572'.
[  405.332430][   T40] audit: type=1400 audit(391.094:2653): avc:  denied  { mounton } for  pid=22158 comm="syz.4.5573" path="/642/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  405.344885][   T40] audit: type=1400 audit(391.113:2654): avc:  denied  { add_name } for  pid=22148 comm="syz.0.5570" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  405.352960][   T40] audit: type=1400 audit(391.113:2655): avc:  denied  { associate } for  pid=22148 comm="syz.0.5570" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  405.353388][T22159] overlayfs: missing 'workdir'
[  405.357370][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  405.358693][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  405.361392][   T40] audit: type=1400 audit(391.113:2656): avc:  denied  { write open } for  pid=22148 comm="syz.0.5570" path="/1131/file0" dev="tmpfs" ino=5988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  405.364477][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  405.368465][   T40] audit: type=1400 audit(391.113:2657): avc:  denied  { read append } for  pid=22148 comm="syz.0.5570" name="file0" dev="tmpfs" ino=5988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  405.380033][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  405.390690][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  405.405272][T22160] Failed to initialize the IGMP autojoin socket (err -2)
[  405.410772][   T40] audit: type=1400 audit(391.178:2658): avc:  denied  { unmount } for  pid=13831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  405.866281][  T837] usb 9-1: new low-speed USB device number 35 using dummy_hcd
[  406.038382][  T837] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  406.041622][  T837] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  406.044467][  T837] usb 9-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  406.048216][  T837] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  406.051648][  T837] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  406.055043][  T837] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  406.057858][  T837] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.064026][T22176] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  406.067893][  T837] hub 9-1:1.0: bad descriptor, ignoring hub
[  406.071746][  T837] hub 9-1:1.0: probe with driver hub failed with error -5
[  406.077013][  T837] cdc_wdm 9-1:1.0: skipping garbage
[  406.078687][  T837] cdc_wdm 9-1:1.0: skipping garbage
[  406.081801][  T837] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  406.083984][  T837] cdc_wdm 9-1:1.0: Unknown control protocol
[  406.150311][   T40] audit: type=1400 audit(391.861:2659): avc:  denied  { unlink } for  pid=12923 comm="syz-executor" name="file0" dev="tmpfs" ino=5988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  406.154059][T22160] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  406.174950][T22160] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  406.192066][T22160] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  406.212085][T22160] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  406.296847][   T40] audit: type=1400 audit(392.001:2660): avc:  denied  { read write } for  pid=22175 comm="syz.4.5577" name="cdc-wdm0" dev="devtmpfs" ino=3304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[  406.312887][   T40] audit: type=1400 audit(392.001:2661): avc:  denied  { open } for  pid=22175 comm="syz.4.5577" path="/dev/cdc-wdm0" dev="devtmpfs" ino=3304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[  406.447380][T22160] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  406.459089][T22160] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  406.469107][T22160] wireguard: wg0: Could not create IPv4 socket
[  406.472318][T22160] wireguard: wg1: Could not create IPv4 socket
[  406.476278][T22160] wireguard: wg2: Could not create IPv4 socket
[  406.917773][T22176] usb 9-1: reset low-speed USB device number 35 using dummy_hcd
[  407.249739][T22180] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  407.259465][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.262381][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.266580][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.269331][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.272469][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.275232][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.559200][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.561286][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.563448][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.565532][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.568044][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.570120][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.573164][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.575229][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.577669][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.579720][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.581808][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.583867][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.585949][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  407.588008][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  407.716288][T22184] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.718631][T22184] bridge0: port 1(bridge_slave_0) entered disabled state
[  407.721397][T22184] bridge0: left promiscuous mode
[  407.723153][T22184] bridge0: entered allmulticast mode
[  407.774154][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  407.780200][T22189] overlayfs: failed to clone upperpath
[  407.783921][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  407.786798][   T40] audit: type=1800 audit(393.395:2662): pid=22189 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5579" name="SYSV00000000" dev="hugetlbfs" ino=7 res=0 errno=0
[  407.789012][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  407.797354][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  407.802381][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  407.816344][T22188] Failed to initialize the IGMP autojoin socket (err -2)
[  408.529579][T22188] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  408.535824][T22188] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  408.543500][T22188] wireguard: wg0: Could not create IPv4 socket
[  408.546524][T22188] wireguard: wg1: Could not create IPv4 socket
[  408.551547][T22188] wireguard: wg2: Could not create IPv4 socket
[  408.564159][T22206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5582'.
[  408.684615][T22212] 9pnet_virtio: no channels available for device syz
[  408.870666][ T1337] usb 9-1: USB disconnect, device number 35
[  408.912751][T22216] tmpfs: Invalid uid '0x00000000ffffffff'
[  408.915513][T22216] devpts: Unknown parameter 'appraise'
[  409.088127][T22219] kvm: kvm [22217]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  409.556503][T22225] program syz.4.5589 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  410.163064][T22239] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5595'.
[  410.447375][T22257] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.450415][T22257] bridge0: port 2(bridge_slave_1) entered listening state
[  410.453643][T22257] bridge0: port 1(bridge_slave_0) entered blocking state
[  410.456623][T22257] bridge0: port 1(bridge_slave_0) entered listening state
[  410.459966][T22257] bridge0: entered promiscuous mode
[  410.462251][T22257] bridge0: left allmulticast mode
[  410.505519][T22262] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  410.509278][T22262] bridge0: port 2(bridge_slave_1) entered disabled state
[  410.511692][T22262] bridge0: port 1(bridge_slave_0) entered disabled state
[  410.514210][T22262] bridge0: left promiscuous mode
[  410.516039][T22262] bridge0: entered allmulticast mode
[  410.548097][   T53] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[  410.708819][   T53] usb 9-1: Using ep0 maxpacket: 16
[  410.715645][   T53] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.726300][   T53] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.730214][   T53] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  410.735229][   T53] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  410.738664][   T53] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.743861][   T53] usb 9-1: config 0 descriptor??
[  411.190539][   T53] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  411.193080][   T53] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  411.195413][   T53] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  411.198031][   T53] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  411.200842][   T53] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  411.204639][   T53] input: HID 0955:7214 Haptics as /devices/virtual/input/input15
[  411.235891][   T53] shield 0003:0955:7214.0008: Registered Thunderstrike controller
[  411.238542][   T53] shield 0003:0955:7214.0008: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0
[  411.400458][T22250] netlink: 'syz.4.5599': attribute type 2 has an invalid length.
[  411.402992][T22250] netlink: 244 bytes leftover after parsing attributes in process `syz.4.5599'.
[  411.410498][T20610] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  411.410659][   T10] usb 9-1: USB disconnect, device number 36
[  411.414309][T20610] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  411.422351][T20610] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  411.425998][T20610] shield 0003:0955:7214.0008: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  411.558076][T22269] netlink: 129704 bytes leftover after parsing attributes in process `syz.0.5606'.
[  411.587591][T22271] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5607'.
[  413.909417][T22288] program syz.4.5612 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  413.916640][T22289] bridge0: port 2(bridge_slave_1) entered blocking state
[  413.919614][T22289] bridge0: port 2(bridge_slave_1) entered listening state
[  413.922693][T22289] bridge0: port 1(bridge_slave_0) entered blocking state
[  413.925053][T22289] bridge0: port 1(bridge_slave_0) entered listening state
[  413.928516][T22289] bridge0: entered promiscuous mode
[  413.930654][T22289] bridge0: left allmulticast mode
[  413.977316][T22291] overlayfs: failed to clone upperpath
[  413.983021][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  413.991385][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  413.996398][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  414.000011][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  414.004121][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  414.019036][T22292] Failed to initialize the IGMP autojoin socket (err -2)
[  414.312752][T22306] overlayfs: failed to clone upperpath
[  414.318173][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  414.318188][   T40] audit: type=1800 audit(399.503:2669): pid=22306 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5619" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  414.733993][T22292] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  414.761649][T22292] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  414.775182][T22292] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  414.793909][T22292] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  415.005440][T22292] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  415.014553][T22292] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  415.025135][T22292] wireguard: wg0: Could not create IPv4 socket
[  415.030230][T22292] wireguard: wg1: Could not create IPv4 socket
[  415.034589][T22292] wireguard: wg2: Could not create IPv4 socket
[  416.410129][T22318] netlink: 'syz.4.5621': attribute type 10 has an invalid length.
[  416.452385][T22322] netlink: 'syz.0.5623': attribute type 2 has an invalid length.
[  416.497179][T22325] 9pnet_virtio: no channels available for device syz
[  416.520239][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  416.526836][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  416.530840][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  416.537462][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  416.540204][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  416.555362][T22326] Failed to initialize the IGMP autojoin socket (err -2)
[  416.704047][T22335] bridge0: port 3(dummy0) entered disabled state
[  416.706966][T22335] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.710125][T22335] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.719475][T22335] bridge0: entered allmulticast mode
[  416.808348][T22339] ptrace attach of "/syz-executor exec"[22340] was attempted by "/syz-executor exec"[22339]
[  417.054834][   T40] audit: type=1400 audit(402.066:2670): avc:  denied  { lock } for  pid=22346 comm="syz.4.5631" path="socket:[86946]" dev="sockfs" ino=86946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  417.220904][T22352] could not allocate digest TFM handle poly1305-generic
[  417.372885][T22364] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5634'.
[  417.381419][T22364] netlink: 'syz.4.5634': attribute type 3 has an invalid length.
[  417.389760][T22364] netlink: 'syz.4.5634': attribute type 3 has an invalid length.
[  417.395053][T22364] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5634'.
[  417.445423][T22371] netlink: 'syz.4.5637': attribute type 10 has an invalid length.
[  417.488733][T22368] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.491879][T22368] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.495264][T22368] bridge0: left promiscuous mode
[  417.513914][T22368] bridge0: entered allmulticast mode
[  417.542408][T22326] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  417.549989][T22326] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  417.563801][T22326] wireguard: wg0: Could not create IPv4 socket
[  417.571249][T22326] wireguard: wg1: Could not create IPv4 socket
[  417.575106][T22326] wireguard: wg2: Could not create IPv4 socket
[  418.121589][T22410] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  418.468396][T22439] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  418.472500][T22439] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5661'.
[  418.475345][T22439] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5661'.
[  418.544705][   T10] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[  418.705383][   T10] usb 9-1: Using ep0 maxpacket: 8
[  418.709006][   T10] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  418.711617][   T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  418.714632][   T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  418.717918][   T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  418.720984][   T10] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  418.725380][   T10] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  418.728736][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.920630][T22464] 9pnet_virtio: no channels available for device syz
[  418.955325][   T10] usb 9-1: usb_control_msg returned -32
[  418.957194][   T10] usbtmc 9-1:16.0: can't read capabilities
[  419.185971][T22478] 9pnet_virtio: no channels available for device syz
[  419.286955][T22482] 9pnet_virtio: no channels available for device syz
[  419.331514][T22485] usbtmc 9-1:16.0: stb usb_control_msg returned -32
[  419.341350][T22425] kvm: kvm [22424]: vcpu1, guest rIP: 0xfff0 Unhandled RDMSR(0x4000007c)
[  419.344494][T22425] netlink: 84 bytes leftover after parsing attributes in process `syz.4.5656'.
[  419.478924][   T10] usb 9-1: USB disconnect, device number 37
[  419.891491][T22491] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5681'.
[  419.939473][T22493] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  419.991504][   T40] audit: type=1400 audit(404.816:2671): avc:  denied  { map } for  pid=22494 comm="syz.0.5683" path="socket:[88884]" dev="sockfs" ino=88884 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  419.998807][   T40] audit: type=1400 audit(404.816:2672): avc:  denied  { read accept } for  pid=22494 comm="syz.0.5683" path="socket:[88884]" dev="sockfs" ino=88884 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  420.146302][T22501] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5686'.
[  420.147847][   T40] audit: type=1400 audit(404.957:2673): avc:  denied  { write } for  pid=22500 comm="syz.4.5686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  420.165604][T22501] bond4: entered promiscuous mode
[  420.168061][T22501] 8021q: adding VLAN 0 to HW filter on device bond4
[  422.636009][T22524] tmpfs: Unknown parameter 'mpol��Q��ފRd'
[  422.642616][T22524] program syz.4.5691 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  422.646592][T22524] overlayfs: failed to decode file handle (len=6, type=65535, flags=0, err=-22)
[  422.698438][T22529] 9p: Unknown access argument 00000000000000000000�: -22
[  422.747974][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  422.752933][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  422.755719][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  422.758595][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  422.761353][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  422.777229][T22532] Failed to initialize the IGMP autojoin socket (err -2)
[  422.822673][T22540] block nbd4: shutting down sockets
[  422.951254][T22549] netlink: 'syz.0.5698': attribute type 10 has an invalid length.
[  423.618254][T22532] netdevsim netdevsim3 netdevsim0: renamed from eth10
[  423.640699][T22532] netdevsim netdevsim3 netdevsim1: renamed from eth11
[  423.661133][T22532] netdevsim netdevsim3 netdevsim2: renamed from eth12
[  423.676849][T22532] netdevsim netdevsim3 netdevsim3: renamed from eth13
[  423.865090][T22532] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  423.872613][T22532] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  423.880665][T22532] wireguard: wg0: Could not create IPv4 socket
[  423.885210][T22532] wireguard: wg1: Could not create IPv4 socket
[  423.889776][T22532] wireguard: wg2: Could not create IPv4 socket
[  425.159440][T22561] orangefs_mount: mount request failed with -4
[  425.159571][T22564] orangefs_mount: mount request failed with -4
[  425.274166][T22574] bridge0: port 3(dummy0) entered blocking state
[  425.276233][T22574] bridge0: port 3(dummy0) entered forwarding state
[  425.278483][T22574] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.280708][T22574] bridge0: port 2(bridge_slave_1) entered forwarding state
[  425.283150][T22574] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.285380][T22574] bridge0: port 1(bridge_slave_0) entered forwarding state
[  425.289197][T22574] bridge0: left allmulticast mode
[  425.316419][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  425.321115][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  425.335685][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  425.338970][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  425.341560][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  425.355414][T22582] netlink: 'syz.4.5707': attribute type 1 has an invalid length.
[  425.396270][T22579] Failed to initialize the IGMP autojoin socket (err -2)
[  425.411418][T22582] 8021q: adding VLAN 0 to HW filter on device bond6
[  425.415650][T22582] bond5: (slave bond6): making interface the new active one
[  425.418405][T22582] bond5: (slave bond6): Enslaving as an active interface with an up link
[  425.699430][T22598] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present
[  425.702216][T22598] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9)
[  425.705701][T22598] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5713'.
[  425.708861][T22598] IPv6: NLM_F_CREATE should be specified when creating new route
[  425.755974][T22600] ------------[ cut here ]------------
[  425.757850][T22600] WARNING: CPU: 3 PID: 22600 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x30b/0x23f0
[  425.761124][T22600] Modules linked in:
[  425.762802][T22600] CPU: 3 UID: 0 PID: 22600 Comm: syz.4.5714 Not tainted 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 PREEMPT(full) 
[  425.768016][T22600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  425.771334][T22600] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  425.773539][T22600] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 8d 42 7d 0e 00 75 0b c6 05 84 42 7d 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  425.779511][T22600] RSP: 0018:ffffc90003b87908 EFLAGS: 00010246
[  425.781403][T22600] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  425.784023][T22600] RDX: 0000000000000000 RSI: 000000000000001a RDI: 0000000000040dc0
[  425.786622][T22600] RBP: 00000027ffff94d0 R08: 0000000000000007 R09: 0000000000000000
[  425.789074][T22600] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000000001a
[  425.791594][T22600] R13: 1ffff92000770f36 R14: 00000027ffff94d0 R15: 000000000000001a
[  425.794210][T22600] FS:  00007f18f86ad6c0(0000) GS:ffff8880d6a22000(0000) knlGS:0000000000000000
[  425.797061][T22600] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  425.799168][T22600] CR2: 0000200000003000 CR3: 000000004fbe9000 CR4: 0000000000352ef0
[  425.801751][   T40] audit: type=1400 audit(410.214:2674): avc:  denied  { write } for  pid=5936 comm="syz-executor" path="pipe:[7196]" dev="pipefs" ino=7196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  425.801844][T22600] Call Trace:
[  425.810325][T22600]  <TASK>
[  425.811274][T22600]  ? __pfx_stack_trace_save+0x10/0x10
[  425.813084][T22600]  ? stack_depot_save_flags+0x28/0xa40
[  425.815299][T22600]  ? __lock_acquire+0xb8a/0x1c90
[  425.816957][T22600]  ? __lock_acquire+0xb8a/0x1c90
[  425.818532][T22600]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  425.820692][T22600]  ? __mutex_trylock_common+0xe9/0x250
[  425.822404][T22600]  ? __lock_acquire+0xb8a/0x1c90
[  425.823963][T22600]  ? comedi_unlocked_ioctl+0x1757/0x2e90
[  425.825855][T22600]  __alloc_pages_noprof+0xb/0x1b0
[  425.827436][T22600]  ___kmalloc_large_node+0x84/0x1e0
[  425.829067][T22600]  ? comedi_unlocked_ioctl+0x1757/0x2e90
[  425.830812][T22600]  __kmalloc_large_node_noprof+0x1c/0x70
[  425.832568][T22600]  __kmalloc_noprof.cold+0xc/0x61
[  425.834147][T22600]  comedi_unlocked_ioctl+0x1757/0x2e90
[  425.835925][T22600]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  425.837809][T22600]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  425.839611][T22600]  ? do_vfs_ioctl+0x523/0x1a60
[  425.841115][T22600]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  425.842685][T22600]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  425.844698][T22600]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  425.846824][T22600]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  425.848944][T22600]  ? hook_file_ioctl_common+0x145/0x410
[  425.850684][T22600]  ? selinux_file_ioctl+0x180/0x270
[  425.852323][T22600]  ? selinux_file_ioctl+0xb4/0x270
[  425.853943][T22600]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  425.855787][T22600]  __x64_sys_ioctl+0x18e/0x210
[  425.857386][T22600]  do_syscall_64+0xcd/0x4c0
[  425.858816][T22600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.860658][T22600] RIP: 0033:0x7f18f778e9a9
[  425.862053][T22600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.868059][T22600] RSP: 002b:00007f18f86ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  425.870631][T22600] RAX: ffffffffffffffda RBX: 00007f18f79b5fa0 RCX: 00007f18f778e9a9
[  425.873088][T22600] RDX: 0000200000000040 RSI: 000000008010640b RDI: 0000000000000003
[  425.875529][T22600] RBP: 00007f18f7810d69 R08: 0000000000000000 R09: 0000000000000000
[  425.878022][T22600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  425.880930][T22600] R13: 0000000000000000 R14: 00007f18f79b5fa0 R15: 00007ffe74a68558
[  425.883304][T22600]  </TASK>
[  425.884294][T22600] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  425.886609][T22600] CPU: 3 UID: 0 PID: 22600 Comm: syz.4.5714 Not tainted 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 PREEMPT(full) 
[  425.890316][T22600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.893694][T22600] Call Trace:
[  425.894766][T22600]  <TASK>
[  425.895729][T22600]  dump_stack_lvl+0x3d/0x1f0
[  425.897250][T22600]  panic+0x71c/0x800
[  425.898494][T22600]  ? __pfx_panic+0x10/0x10
[  425.899895][T22600]  ? show_trace_log_lvl+0x29b/0x3e0
[  425.901538][T22600]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  425.903434][T22600]  check_panic_on_warn+0xab/0xb0
[  425.904998][T22600]  __warn+0xf6/0x3c0
[  425.906263][T22600]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  425.908153][T22600]  report_bug+0x3c3/0x580
[  425.909520][T22600]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  425.911405][T22600]  handle_bug+0x184/0x210
[  425.912767][T22600]  exc_invalid_op+0x17/0x50
[  425.914185][T22600]  asm_exc_invalid_op+0x1a/0x20
[  425.915730][T22600] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  425.917838][T22600] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 8d 42 7d 0e 00 75 0b c6 05 84 42 7d 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  425.923720][T22600] RSP: 0018:ffffc90003b87908 EFLAGS: 00010246
[  425.925639][T22600] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  425.928111][T22600] RDX: 0000000000000000 RSI: 000000000000001a RDI: 0000000000040dc0
[  425.930745][T22600] RBP: 00000027ffff94d0 R08: 0000000000000007 R09: 0000000000000000
[  425.933471][T22600] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000000001a
[  425.935935][T22600] R13: 1ffff92000770f36 R14: 00000027ffff94d0 R15: 000000000000001a
[  425.938412][T22600]  ? __pfx_stack_trace_save+0x10/0x10
[  425.940089][T22600]  ? stack_depot_save_flags+0x28/0xa40
[  425.941790][T22600]  ? __lock_acquire+0xb8a/0x1c90
[  425.943329][T22600]  ? __lock_acquire+0xb8a/0x1c90
[  425.944879][T22600]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  425.946882][T22600]  ? __mutex_trylock_common+0xe9/0x250
[  425.948595][T22600]  ? __lock_acquire+0xb8a/0x1c90
[  425.950140][T22600]  ? comedi_unlocked_ioctl+0x1757/0x2e90
[  425.951899][T22600]  __alloc_pages_noprof+0xb/0x1b0
[  425.953490][T22600]  ___kmalloc_large_node+0x84/0x1e0
[  425.955208][T22600]  ? comedi_unlocked_ioctl+0x1757/0x2e90
[  425.957289][T22600]  __kmalloc_large_node_noprof+0x1c/0x70
[  425.959032][T22600]  __kmalloc_noprof.cold+0xc/0x61
[  425.960628][T22600]  comedi_unlocked_ioctl+0x1757/0x2e90
[  425.962326][T22600]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  425.964162][T22600]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  425.966029][T22600]  ? do_vfs_ioctl+0x523/0x1a60
[  425.967540][T22600]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  425.969125][T22600]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  425.971139][T22600]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  425.973169][T22600]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  425.975286][T22600]  ? hook_file_ioctl_common+0x145/0x410
[  425.977082][T22600]  ? selinux_file_ioctl+0x180/0x270
[  425.978715][T22600]  ? selinux_file_ioctl+0xb4/0x270
[  425.980317][T22600]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  425.982188][T22600]  __x64_sys_ioctl+0x18e/0x210
[  425.983698][T22600]  do_syscall_64+0xcd/0x4c0
[  425.985131][T22600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.987011][T22600] RIP: 0033:0x7f18f778e9a9
[  425.988419][T22600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.994370][T22600] RSP: 002b:00007f18f86ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  425.997010][T22600] RAX: ffffffffffffffda RBX: 00007f18f79b5fa0 RCX: 00007f18f778e9a9
[  425.999450][T22600] RDX: 0000200000000040 RSI: 000000008010640b RDI: 0000000000000003
[  426.001914][T22600] RBP: 00007f18f7810d69 R08: 0000000000000000 R09: 0000000000000000
[  426.004345][T22600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  426.006892][T22600] R13: 0000000000000000 R14: 00007f18f79b5fa0 R15: 00007ffe74a68558
[  426.009304][T22600]  </TASK>
[  426.010954][T22600] Kernel Offset: disabled
[  426.012299][T22600] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:01:46  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000007 RBX=0000000000000000 RCX=00000000fffffffe RDX=0000000000000000
RSI=00000000ffffffff RDI=ffff888028380af0 RBP=ffff888028380000 RSP=ffffc90003ec7220
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff888028380af0 R13=ffff888028380af0 R14=0000000000000000 R15=0000000000000001
RIP=ffffffff81981793 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3c001c8740 ffffffff 00c00000
GS =0000 ffff8880d6722000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b33a1eff8 CR3=0000000034568000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001800000 Opmask01=0000000000008000 Opmask02=000000003511001f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff72949f68 00007fff72949f68
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff7294a470 0000003000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff0f 0e0d0c0b0a090807
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c0039cb20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055de75be1700 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 05001eac00000002
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 66206e6f69746174 6963696c6f532072 6574756f5220676e 6979616c6564203a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373657264646120 4c4c20726f66206e 6f69746174696369 6c6f532072657475
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 414b4056051f5600 0056564057414144 054c4c05574a4305 4b4a4c5144514c46
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30386566203a3673 67616c6672646461 5f6669203a737264 64616e7261656c5f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0d30010001004d87 4a0cff133dd00502 39773b3a3633211c 1a0f0c060379010e
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff 0101910101740050 a4d291827bd65e9b 0d30010001004d87
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a0cff133dd00502 39773b3a3633211c 1a0f0c060379010e 3701013563538263
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005569005a066c 0000000000000021 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=1ffff920007d2fbb RCX=ffffffff823996ac RDX=ffff888030150000
RSI=ffffffff817f898e RDI=00007fff7294b140 RBP=00007fff7294b140 RSP=ffffc90003e97dd0
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000008 R13=dffffc0000000000 R14=00007fff7294b140 R15=0000000000000008
RIP=ffffffff817f898e RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3c001c8740 ffffffff 00c00000
GS =0000 ffff8880d6822000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c28a6e6 CR3=0000000031fe6000 CR4=00352ef0
DR0=0000000000000004 DR1=0000000000000006 DR2=0000000000000004 DR3=0000000000001000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000feffffd0 Opmask01=000000000000003f Opmask02=000000000100003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055de75be3630
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c0039cb20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ffffff00 ff00ff00ff00ff00
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff00ffff0000 ff00000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0030303030303031 3132303830780000 390000303d73656d 616e66692e74656e
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000d0d0d0d0d0d0c 0c0f0d050d450000 0400000d004e5850 5c535b5413495853
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055de75bd3190 000055de75be4260 00000000000001d1 000035336e616c77
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000080fe00010014 0000014afd80780a 89c9da7600000126 0002001400000048
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000003000b0005 0000008000080008 00006ef600006ef6 ffffffffffffffff
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00060014e5cd02fe ff9f255c00000000 000080fe00010014 0000014afd80400a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 89c9da7600000126 0002001400000050 0000008000080008 00006f0400006f04
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 000600142b000000 0000000000000000 000080fe00010014
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 36005f20615f206e 6120323220206361 692061200a322030 3100366565640a65
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff84e177f6 RDX=ffff888036cd8000
RSI=0000000000000020 RDI=0000000000000001 RBP=ffffffff8c15bf60 RSP=ffffc900030f71c8
R8 =0000000000000001 R9 =0000000000000020 R10=0000000000000040 R11=0000000000000001
R12=0000000000000040 R13=0000000000000001 R14=0000000000000003 R15=ffffffff8c15c3f3
RIP=ffffffff81bbe4f4 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7790d99300 ffffffff 00c00000
GS =0000 ffff8880d6922000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055f3ff81a000 CR3=000000002bd44000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001659 0000001400000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffdf080480030008 0006100020100006 0071960a0000023a 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0304ddfeeff80800 0698030008000690 03160400068c0360 040006880301d008
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006800306800403 8003038004038aa0 03000800038a9003 0fffffffffffff04
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 038a800300080006 1000201000060471 960804a002050480 0404a4e608000100
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000080606013bba 0000000000000000 000000306d616574 01ffffffffffffff
ZMM24=fc99e15bfc99e15b fc99e15bfc99e15b fc99e15bfc99e15b fc99e15bfc99e15b fc99e15bfc99e15b fc99e15bfc99e15b fc99e15bfc99e15b fc99e15bfc99e15b
ZMM25=94407ba194407ba1 94407ba194407ba1 94407ba194407ba1 94407ba194407ba1 94407ba194407ba1 94407ba194407ba1 94407ba194407ba1 94407ba194407ba1
ZMM26=3c123ad03c123ad0 3c123ad03c123ad0 3c123ad03c123ad0 3c123ad03c123ad0 3c123ad03c123ad0 3c123ad03c123ad0 3c123ad03c123ad0 3c123ad03c123ad0
ZMM27=258c8859258c8859 258c8859258c8859 258c8859258c8859 258c8859258c8859 258c8859258c8859 258c8859258c8859 258c8859258c8859 258c8859258c8859
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=511e0000511e0000 511e0000511e0000 511e0000511e0000 511e0000511e0000 511e0000511e0000 511e0000511e0000 511e0000511e0000 511e0000511e0000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855a3e65 RDI=ffffffff9b0b7e20 RBP=ffffffff9b0b7de0 RSP=ffffc90003b87270
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=000000000000002d R14=ffffffff9b0b7de0 R15=ffffffff855a3e00
RIP=ffffffff855a3e8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f18f86ad6c0 ffffffff 00c00000
GS =0000 ffff8880d6a22000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000003000 CR3=000000004fbe9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=00000000f802fefc Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7811d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7811d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7811d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7811d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7811de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7811ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7986488 00007f18f7986480 00007f18f7986478 00007f18f7986450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f84ed100 00007f18f7986440 00007f18f7986458 00007f18f79864a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18f7986498 00007f18f7986490 00007f18f7986488 00007f18f7986480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000