last executing test programs:

2m28.638060965s ago: executing program 1 (id=2):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x108)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000280)="43e4e8865f41824be8bd82062c0ee1c6b3c0aca1b07a08e7577946a40b43fedf7448ec111385b877fe7a723841561a166d6bc765fd6ffde3c5ebebd45f476c69913a9f84650c90ba027c7108b5bf414a46c20c28d811f5b429f7799b51851e3e48f14aaedc9b614b709e841f5d77563d134bc784e4497d8ce4b0e2d3c084", &(0x7f0000000d00)="76013def80a2ff8d3e4614565206ed6e2d31160e22c1b0f8e1fb1fda8aeaa3a7072f9cb0f9d08913af8203fa9eacfca22751183a3776dd25050f3ea8350b8a09422de2ba2cfab04075cca9e89ab04a835b59e548b9b9c56bc50eaeb0529f540cfd5921e4a8d7c96f31b4182d5a62ad14b87f3b4693248ed392f362d93588e2a9a4d626daec49c950f33ed176e89fcc94fb0706b57e32c6ab8813d909b286c8c392966887b689"}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')

2m24.685885376s ago: executing program 1 (id=30):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000102c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="fc00000010000104fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000a00000001c0012800b00010062726964676500000c0002800600060001000000b8003480140035006261746164765f7a92d470655f3100001400350076657468315f766c616e0000000000001400350070696d7265670000000000000000000014003500697036677265300000000000000000001400350064766d72703000000000000000000000140035006970766c616e30000000000000000000140035006970766c616e300000000000000000001400350076657468315f746f5f626f6e64000000140035006261746164765f736c6176655f30000008001e0002000000"], 0xfc}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00000013000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000000cedb2f3585798fc06000280f9f2f3"], 0x2c}}, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f9"], 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r5, 0x2)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x50)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r6, 0xc0709411, &(0x7f00000000c0)={{<r7=>0x0, 0x31a75f34, 0x0, 0x6, 0x0, 0x9, 0x9, 0x130e, 0x7, 0x8, 0xff, 0x2, 0x7fffffff, 0x9, 0x7}, 0x18, [0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000180)={{r7, 0x8000000000000000, 0xc, 0x5, 0x6, 0xef, 0xffffffffffffff48, 0x4, 0x1e, 0xfffffffe, 0x1, 0x5, 0x9, 0x5, 0x80}, 0x10, [0x0, 0x0]})
r8 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r8, 0x10e, 0x1, &(0x7f0000000040)=0x1, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0xc4f32000)

2m23.474464611s ago: executing program 1 (id=40):
move_pages(0x0, 0x42, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth0_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x4, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}, {0xfff2, 0x4}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001340)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbf9, {0x0, 0x0, 0x0, r2, {0x7, 0xfff2}, {0xf, 0xffff}, {0x0, 0x9}}}, 0x24}}, 0x24004810)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_create_resource$binfmt(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000811010000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/vmstat\x00', 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x2, 0x4}}}]}, 0x3c}}, 0x4000010)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000002c40)={'ip6_vti0\x00', &(0x7f0000002bc0)={'syztnl1\x00', r2, 0x29, 0x5, 0x7, 0x2, 0x1, @dev={0xfe, 0x80, '\x00', 0x35}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x700, 0x40, 0x5, 0x4}})
sendmmsg$inet(r4, &(0x7f0000002dc0)=[{}, {{&(0x7f0000000140)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000002640)=[{&(0x7f00000024c0)="90c07b10e506c09b5efa8fd631aecae0bcdaa2aa", 0x14}, {&(0x7f0000002500)="55453ca4456f49a0bd29c4f365ef66f42aea35a1d51dccd08945c05a1c2ece2aaf86959450c6f52a570c9c3a35d97b4af0c66d1f", 0x34}, {&(0x7f0000002540)="d74354be50480e03c2a468ce717edeec2d337631437d73c260a49811ca4f5da686b84ab7ba38f626c870", 0x2a}, {&(0x7f0000002580)="a33987c6c138aa2bd7c26da0f7f66eb0ff4c4cb1cd92a357421afecfceb0eadac6cba274db9175ff7d7bc1a36a23ea56f11f44554bcc35574a740b5ed4c5d4476ea6eb204a18fdbec88d9087fc7be46e4e9fccc7539cb4d8b71ef99575062b6b27594dbf4034", 0x66}, {&(0x7f0000002600)="32658cf867aaf86e2f44b32be30987b79efb", 0x12}], 0x5, &(0x7f00000026c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x10}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_retopts={{0x9c, 0x0, 0x7, {[@generic={0x7, 0x5, "9fa597"}, @rr={0x7, 0x1b, 0x9d, [@rand_addr=0x64010100, @empty, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @rand_addr=0x64010101]}, @timestamp_prespec={0x44, 0x2c, 0x57, 0x3, 0x3, [{@empty, 0x1}, {@rand_addr=0x64010100, 0x6}, {@dev={0xac, 0x14, 0x14, 0x44}, 0x94e}, {@multicast1, 0xfffffff7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}]}, @cipso={0x86, 0x3f, 0x0, [{0x6, 0x4, "1125"}, {0x6, 0x4, '\a\x00'}, {0x6, 0xa, "0ab1c500436ffb08"}, {0x7, 0xf, "1b5d8dff8da3ffe55030ec9c7d"}, {0x2, 0x11, "a69a5364f7b91bb9dc77d556e288d9"}, {0x7, 0x7, "c3ad14a780"}]}]}}}], 0xd0}}, {{&(0x7f00000027c0)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000002b40)=[{&(0x7f0000002800)="b4a5b507874448378f96a4d32482a5266171a444d06fb0688202f4f3855471", 0x1f}, {&(0x7f0000002840)="76864ce3c27f1f117fa2b0570c55067846a7909941aef5cf3a1ded9b54becd7d0011800b40463875dbf597e2bc3424c7d08cdfb6e41140f191fd0162ddc8e994cb0e115f3e42eaace3bfac5e6c0bcae3517e82b0a2f9c298091b4ef567ace4b430cf17778825c991f4c77ff547fa1835b589426e86015e4c47b95fe6babd1af7e630362f83fd8f605a8b3c3bfafe3ce05047f105575f0892325788", 0x9b}, {&(0x7f0000002900)="917140fa77331fa62825df7efe8640000306de02f5cdff22ddd27e6462cdc0fa1d723fcaa61f70eab10a7d71657096afcb7caaf8402f1c9475366a51fb573f7f43ec0a850263cb85964765fcb0f48dd73ab27484b7721f0f03320a7f64998122a122150e67bac5a287c65740c0baacbcd514f94a4c212b30250b31c9baad16d5e296ff43237408904dc2978dbaa1730bdcc6137617ab7767a086341c2abb9bce668a53c9f38aaf524185a5bde10ae99466e58c684808f049c1ddd2e56e52a25aeb5b3b6b1ab2278380ebe03c21ed9aff25733e7d89efa31a7b82adaaa84a95526e4590f508f8aa24af59d818f1ca", 0xee}, {&(0x7f0000002a00)="cd1bf9caad87982be32cf552710abc8729faea85083131bf0e4f664325801c5ec62abef3c7ca02d00fe8fa244da47682370410e4b1bc01c9d9089f2bbbf750ec23be38abce910475b300f811477fa8d563e71abc5070b99c76b24f84b30f36754d9ed08546d3c68ed2f12dec67e990f2974073115b710560331fa7fce0433101c73123b4020d299940e2101d378f029e5eed23003d5ddad4b5cedfde612d953f6fa2f55ea9bd03447cdfe8c24ec028b192ce9bbb5fe307", 0xb7}, {&(0x7f0000002ac0)="589fcfe2fd400bce2438a4f2315436792a11536cf22fdc6cd94b0a87105a407f823c7aa7a8d23203cc045c611c53ba09cdd876ac687d2584be88c935dc905778448c657eba193fd170acec0aeb164157d97ace9318df82db2c", 0x59}], 0x5, &(0x7f0000002c80)}}], 0x3, 0x4000000)
read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x34, r8, 0x2799f5eec7981083, 0x70bd28, 0x259fdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c810}, 0x8000010)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={&(0x7f0000002240)="5627305c9a3b8477d31f90d7601d60493fabfff77b0091f4e7bf4c3e41197549af21e137a2f90b84bf7e04910b11bd0c781a44f745a6dea861bac1861d632ebc1c8a7afc3a8001e61e5c1a4a6873686adecefd9465acefa9214dd99fa70e6f6affd0b0ed8434aca0eb40dcbaf8a78d37c7e1d09b07258108d33f5f49e193f611405bf4cbde084366b4608f4b43", &(0x7f0000002300)=""/72, &(0x7f0000002380)="510ac7607da3928789f10ee41c67a9838c1e7831027e876dea000ec668c9315b0b2970fff9698b42307941849c94c3bd1e6f8c227357", &(0x7f00000023c0)="3df00e676cbe4a6e8e9096440f3fc80a948f62743a5b3d33088929c3c62e994361fb5fe53825fa6e3d521f90271d49f393e2f94c749289993d8f60c93aa450f4e8975657eda045a753a73b3664c6f41f717f0dcb1e474425084d004a09ee5d17222552abd9428e2fbef3140a89644a28a1eb34b061aa4c6a3b77690e0599d76391aaa0fe9714cdcae12b666735e9d78cca8e83c1a1007a6d1f0a658c648f5089e2f86bdced970ef1cf420c246f4a8564417102a75f72de437749bd8a93c5afd1298e5881e3d88b544688", 0x8, r3}, 0x38)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

2m23.423759937s ago: executing program 1 (id=41):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')

2m23.215744277s ago: executing program 1 (id=43):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2m23.171317882s ago: executing program 32 (id=43):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1m49.429359747s ago: executing program 4 (id=444):
socket$nl_route(0x10, 0x3, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
timer_create(0x4, &(0x7f0000000240)={0x0, 0x13, 0x0, @thr={&(0x7f0000000340)="8361e1cea14fc58c840bce0ffe9747bf48bd276bd5104509182d", &(0x7f00000002c0)="3e885898436659a46e2ac1d112748b6855e3c2546f4e4528db951281f460e07d05eba7f8c55ce53c828958131fc44a8af6bf10b025c0f70debb99eedfb585258de07d403cfa5594f9af4e991af00"/87}}, &(0x7f00000001c0))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x6, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r1 = open(&(0x7f0000000140)='.\x00', 0x82000, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'pim6reg0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010029bd7000ffdbdf2500000000", @ANYRES16=r3, @ANYBLOB="000804002010000024001280110001006272696467650019"], 0x44}, 0x1, 0x0, 0x0, 0x404c1}, 0x40040d4)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
pipe2$9p(&(0x7f0000000040), 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r5 = memfd_create(&(0x7f0000000380)='D\xa3\xd5Wj\x00\x00x0\xc1\xac*\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9\xd0\xc0\xa9\b\x98\xfc:\x1b\xc4\x80!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x00\x02\xdf\b~\xd5)\xa4\x80\xad\x97\'\x1b\xfd}\x96&\xd2\x0eGp\x8e\x1a\x19o\xf1\x14\xe2]J\xf2\xb5h\x9bt*\xd2\xfbT\x01ci\x87\x18\xc9\x13=\x1b\xadl;}\x9d\xbe\x9a\xee\x1a\xfc\x96 \x93\x12@\x19|f\x98\xdc,\x82SlA\x19\xcb\xfe\xccSKO}\xb2U\xd6\xc5\xa7=\xf8s\x1dp\xe0\x14\xe5\x92\xfd)\bB\xcd\xc2\xb6\x85$%nV\xd3*\x00`OE\x8e\xf0\xf9\xd2!KZ%\xad\xa1\x92b\x1e%\x9f!\xd8mV$\x1d?\xc2\f\xcc\xc5x\x9fJ#\xce\x90\xc5\x82\xfb\x97\xd2\xb7\xb5\xed\xb5\'J\xfc\xf4Z.\rS\x88\f\xd0zK\xc7\x81\xbe\xd5\xc2\xce\x89\xbc\x1e\xb78\xf6Z\xd5\x1b\xf1\x9bMD\f\xf6\xc5V\xe1\x12j\xdfW\x87\xf09\n\x1e\x1b\f\xe5p\xab\x9e\xe5}\x96\x9b\xea\x86\x0f\xca\xcf\x16\x96\x0e6\x8d\x11\xd2&\"eKKV\x8b?]<\xa7]\x93\xad\x1d\xfe\x13\xee\xca\xdc\x97\xa9\a\b\xac\xdd\xa0\xfe\x97\xa1?\xa2F\xae\xb7f\x85\xda', 0x0)
write(r5, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0xffffa000)
openat(r4, &(0x7f0000000040)='./file1\x00', 0x1, 0x100)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='setgroups\x00')
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="44000002", @ANYRES8, @ANYBLOB="110200000000000000000100000030000180060005004e210000140004000000000000000000000000000000000100cc0001000000060001000a000000"], 0x44}}, 0x0)

1m48.992927376s ago: executing program 4 (id=447):
r0 = socket$inet(0x2, 0x3, 0x4)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f0000000080)=""/22)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000ffff27bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="37ec000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r3], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000000, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000600)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x228, 0x2d0, 0xffffffff, 0xd8, 0x170, 0x2d0, 0x2d0, 0xffffffff, 0x2d0, 0x2d0, 0x5, 0x0, {[{{@ip={@rand_addr=0x640100fc, @rand_addr=0x64010101, 0xff, 0x0, 'veth1_macvtap\x00', 'ipvlan1\x00', {0xff}, {}, 0x33, 0x2, 0x14}, 0x0, 0x70, 0xa8, 0x48}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xf, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x67, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'veth1_vlan\x00'}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0xe, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x65, @port=0x4e21}}}, {{@ip={@private=0xa010100, @empty, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @gre_key=0xe, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
r5 = openat(0xffffffffffffffff, 0x0, 0x2000, 0x0)
getsockopt$inet_mreqsrc(r5, 0x0, 0x28, &(0x7f0000000100)={@initdev, @broadcast, @initdev}, &(0x7f0000000140)=0xc)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0}}], 0x1, 0xe000)

1m48.889218553s ago: executing program 4 (id=452):
r0 = socket$kcm(0x10, 0x2, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x1fd383, 0x1e4)
mount(0x0, &(0x7f0000000500)='./bus\x00', &(0x7f0000000040)='cifs\x00', 0x2853404, &(0x7f00000000c0)='d\b\xbda%\xe9A\xf3\xbb\xa9\xf1\xd3W\b;\xe4\xce\nc')
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000001000), 0x1, 0x0)
pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0xdfd00be7e7eec087, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_int(r1, &(0x7f0000000240)=0x2, 0x12)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffc58, &(0x7f00000000c0), 0x2, 0x0, 0x0, 0x1f00c00e}, 0xdd96bdb28f776cf7)

1m47.494419187s ago: executing program 4 (id=467):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="020000009817a95e87e1fe232d6337f3e1cbba2029ce65ca91f66cac540abfcb6a7789e3eb3075147c2d08f9480af582eb0d8f17ab021607862f2198ea378a12076ad68ccabcd3329ae30c27040ae83b243e722e2d54", @ANYRES16=r2, @ANYBLOB="00022abd7000fedbdf250c00000008000500090000001400028006000f0008000000060002004e200000080005007e0f0000"], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x4000040)
ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0x1e)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x3)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)

1m47.435223965s ago: executing program 4 (id=469):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x201, 0x4000003e, r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3}, 0x4)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3, 0x11, r3, 0xcc56a000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r5, 0x201, 0x400000, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x4004}}}, 0x24}}, 0x40)

1m47.274873081s ago: executing program 4 (id=471):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x4f}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x37}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}, 0x1, 0x0, 0x0, 0x20004000}, 0x24000840)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYRES32=0x0], 0x60}}, 0x0)

1m32.101139279s ago: executing program 33 (id=471):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x4f}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x37}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}, 0x1, 0x0, 0x0, 0x20004000}, 0x24000840)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYRES32=0x0], 0x60}}, 0x0)

3.42265045s ago: executing program 2 (id=2012):
r0 = socket$kcm(0x21, 0x2, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000600)}}], 0x1, 0x4008040)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="ad", 0x1)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000a1fa000324bd7002fd"], 0x14}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@x86={0x4, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x88, 0x1, 0x1, 0x0, 0x8, 0x1, 0x8, 0x72, 0x7, 0xba, '\x00', 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r4, 0xc018643a, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000300)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000380)={0x0, 0x0, r6, 0x0, 0x7, 0x1f5, 0x1, 0x0, {0x4, 0x2, 0x0, 0x1, 0x0, 0x3, 0x9, 0x0, 0x6, 0x0, 0x0, 0x373, 0x8001, 0xfffffffb, "b4bc3244f77d1f000071849800000800"}})
r7 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
r8 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r8, 0xc06864a1, &(0x7f0000000140)={0x0, 0x0, r9, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f00000000c0)={r10, 0x6, 0x3, 0x1, 0x1, [], [0x50, 0xc78, 0x80000001, 0x1ff], [0x2, 0x2, 0x41, 0x5], [0x6, 0x3, 0x3, 0x8]})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r7, 0x100000000)
r11 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r11, 0xc01c64a3, &(0x7f0000000280)={0x1, r9, 0x4, 0x0, 0x33, 0x8, 0x5})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
syz_emit_ethernet(0x46, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000ea07000081001000080048b41a340000001414bb8c1414aa071b25e000000200040000004e2240010000000000007784a4337b0cd659926510a5b4998e395149323feb88123078b4d2a7d4fcdb6d030ea1f7f33fb223410d788fe564163f2c022b08fce8003c30a78ff02e085ef37903512d0d14d91570dd62700a065d65c19e822378356ddd5c2e93e98ef08ec3ae51d936f1c94830e75fcdaa2222ecfa4728b632d6d000df9941f6411f2a2b0baece2dc020f8c6727663f8b162e44792bf0771", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090784000"], 0x0)

3.043451261s ago: executing program 2 (id=2013):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x11, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mount(0x0, 0x0, 0x0, 0x204041, 0x0)
listen(0xffffffffffffffff, 0xfffff789)
r2 = socket$igmp6(0xa, 0x3, 0x2)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, 0x0, 0x0, 0x40800)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x530, 0x1d8, 0xffffffff, 0xffffffff, 0x1d8, 0xffffffff, 0x460, 0xffffffff, 0xffffffff, 0x460, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x0, 0x300], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x1b0, 0x1d8, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@private1, [0xff000000, 0xffffffff, 0xff, 0xffffffff], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xff, 0xffffffff, 0xffffffff], @ipv6=@empty, [0xff000000, 0xff, 0xff, 0xff], @ipv6=@local, [0xffffffff, 0xff000000, 0xff000000, 0xffffff00], 0x80, 0x54, 0x3b, 0x4e20, 0x4e23, 0x4e21, 0x4e23, 0x446, 0x39a}, 0x100, 0x20}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0xe, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x590)

2.943234962s ago: executing program 2 (id=2015):
clock_gettime(0x6, &(0x7f0000000000)) (async)
syz_open_procfs(0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xd8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000010651fbe347b2c2b00000c000180080001"], 0x20}}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r3=>0x0, <r4=>0x0})
clock_settime(0x5, &(0x7f0000000040)={r3, r4+60000000}) (async)
mq_timedsend(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x7, 0x0)

2.893333912s ago: executing program 2 (id=2016):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi2\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r2, 0x0)

2.892348122s ago: executing program 2 (id=2017):
r0 = socket$unix(0x1, 0x4, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4c, &(0x7f00000000c0)=0xcdb, 0x4)
connect$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)

2.832008344s ago: executing program 2 (id=2020):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x800)
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000140)={0xb})
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000140)=""/210)

2.21351154s ago: executing program 5 (id=2034):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000009702000020febfff7a0af0fff8ff00f869a4f0ff00000000b70600001218d1fe2d640500000000002404000000ffffffd404000040000000b704000010000020720700fe00000000850000002f000000b70000000a00000095000000000000006458c2c62fca868f0399d909a63396c113943219aab9d607000000cb3924b611f5969f62c28b22edf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa8a23f1740637c48468766af54043000000ec44631ac2622cdcae18c3d14bfbe96dd87235b44174f7c034318508f49f09781dc7a2cfbb9a0f119e31975f551557f05dc2dc2739e2e735d0ab961dac07f4f6d8aa1c3f16765d427c0e01000000fe4c16737d50d2a4bfc463450d524eacf2b734b0289c7a3a16eeca71296746681d61af491e4fa734318e0d72b8dbbc2b2b869af2f87903000000b6ecc7de09a2257e908cd92e664fa7aba7f07474863333c460e34caf0806a7e2575a56fba3eadd8efbd5dae6c024585d972b1bf8c4e872bba38160be9e92b6ddb90fc51b894917b50876b5708e64e70f7d8225da90ce9bc019084873ed07c0c59c4ba053fe77e0d37ccc3318da2e9fefaf025527e734ed1de5d12b4c56ca3b03dc121086061d1f26821a428d28eefa22ead6a3dab9388da53263b81ebe6be197a48a63440000a356240c4e2df57457000100000000000000000000008d2516510b29804b3cc034c19cef0d773f01064709edd63a185cbab8456c25283b9514b220fe401503ff536478088eb9fd932a0703a7bf9ea40429b2d49177824f210a69f8e5227fd32e7d5a2c7ecf57ac64509224090000000000000096e5a55d2c805bf725b9d14756c8cfa292aae0872866cf9fe063317741a0db9081d4393a7f9bcc0917d60a11b4a9ece831660ce625de441cef915eba31255d163f7033045ceb97f8ea006efc5b84f75ca1fb74c9faef444eb12f46b435de87feb2f7f2d7fb659395e4b38178b5c67e6ac100000000000000001b2e77bd5de136fa1bec1a26c622bb9662d9ee70147acc5605aa2318855cb8b918000000c5f265dcb5dce05f94ea051c4e8dcdf37d01ad7aff64f84ce32b841c799f47c2949725285fc50f1dd3f5e264023082eec752704c1f598151aa7d29e0d79522df196278acf327a74777d1f658f50c27020198770ff8ebef9df1b750d56d4d195ad7a267c46b3348b0e03ed33b5bca13cafc304dc6da78d20f029742d8d2f36acfdd331081ca00c1d5c8b7bed2ef603d6e7f1764246aab2d7d531559a971939a038055ac28625ec837f824ff537cd67993a3589be73a18680da50287b9e962b1a0235c290346a21ca5de55c49c78e411c791617000ef8df75411a5d300000000000000e0ffffff004deb8d49806823655735bd6deb49edb2e42f4ed9e6e9080366660b847bf03c144f6796920726dcf29e9a6c808459e82cbb0000000000000000000000000000000000006b5530865aaa7aa6171f66f2bca881a4201588427bb65ed3d5e7a74e9b5ece44067d4a9875a310bc7ec42b844b9eb3c9083560ef5c92b8a01188d615efbf70893d2eaf76517e990021fa5020a71023bca1194ad87cade480ba3dce8f57294e31ca24a8d181210bb6d18ff2c58293c2e314a7447ed3a1c870908aa8e3b33e6a94c7381bce9fa71dcbb758451f247e38d80d66e03d7564a5cddfaf06574b05cefb2670f30c2d501ee625ce3ffc08f15b53d28ce552c1807bc6866f06098a0e5517068aa48f2a82496fe83ee85218fe7f52b48742c7055f2a144c13e9c54be60b0a4f979ef7eb216897875946dc6ca1571930b1cf7c93de103f5289f782ae538e02612c717a76c787a873936eb8dcf1bfe581cc8ef965a0424bc140939e3274e251e519d188f6af680402c49458065dccfcb4f0d4f2ec9cf6fb3cf0a1807e34fb8d0108007734c1d2bc6a9d32d2560a88bad976b6000100002b712e632eeca810fb73fc8aaef94acf8bde18b9149cadc688254eabbe91f943592ccf68e717bcc6852828bd621e3a9dcb1cc6f1a6d1915200d95087838c2dc0a002c3aa554f725b965714144652cdc14761b0236f1a05b7f50f4149057e63d713103b5a6c2919161efc165a2e6981d76d29c95ad9f180135fb8962f59495fd33be3a6d35274941790bc1bd9da5e9c67c39de2c9f6fe35b8f528edbd8ea2a77dccdc3fe247feb121d9440a3ea9012a9d23a7e3110b0f25c5f8bf803d688de4d92b5dfdbd69fb8b426b55c10ba01b5f18b10cce8de3369300000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x29}, 0x48)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r0=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT=r0], 0x48)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x108)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={0x0, 0x0}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000480}, 0xc, 0x0}, 0x48054)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r5, 0x4068aea3, &(0x7f00000002c0)={0xbc, 0x0, 0x2})
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, 'x'}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x40000000}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty, 0x1}}]}, 0x80}, 0x1, 0x7}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e23, 0x7, @dev={0xfe, 0x80, '\x00', 0x2e}, 0x80000001}}, 0x5, 0x7, 0x101, 0x6, 0x0, 0x2, 0x11}, &(0x7f00000001c0)=0x9c)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r7, 0x2, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r8}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r8, &(0x7f0000000140), &(0x7f0000000000)=""/85}, 0x20)

1.953278217s ago: executing program 5 (id=2037):
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
readv(r0, &(0x7f0000001f40)=[{0x0}, {&(0x7f00000004c0)=""/36, 0x24}, {&(0x7f0000000540)=""/35, 0x23}, {0x0, 0x2400}, {0x0}], 0x5)

1.952245355s ago: executing program 5 (id=2038):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000000)={[{@inode32}]}) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x2040, 0x0)
ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e0000001eaf"]) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x439, 0x0, 0x60000, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x81}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x1ff}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x840}, 0x8000000)
r2 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
r3 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$yama_ptrace_scope(r3, &(0x7f0000000180)='1\x00', 0x2) (async)
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000200)={0x0, 0x7ff, 0x4, 0xffffff87, 0x2, [0x0, 0x0, <r4=>0x0], [0x5, 0x8, 0x7, 0x5731], [0xf20, 0xfffffffb, 0xb9a, 0x2], [0x4, 0x8, 0x2, 0x4]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, &(0x7f0000000580)={0x0, 0xbe, 0x81, 0x20203843, 0x2, [r4, 0x0, r4], [0x7c7, 0x9], [0x0, 0x0, 0x4]})

1.892528315s ago: executing program 5 (id=2040):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, &(0x7f0000000100))

1.833552746s ago: executing program 5 (id=2042):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000280)="43e4e8865f41824be8bd82062c0ee1c6b3c0aca1b07a08e7577946a40b43fedf7448ec111385b877fe7a723841561a166d6bc765fd6ffde3c5ebebd45f476c69913a9f84650c90ba027c7108b5bf414a46c20c28d811f5b429f7799b", &(0x7f0000000d00)="76013def80a2ff8d3e4614565206ed6e2d31160e22c1b0f8e1fb1fda8aeaa3a7072f9cb0f9d08913af8203fa9eacfca22751183a3776dd25050f3ea8350b8a09422de2ba2cfab04075cca9e89ab04a835b59e548b9b9c56bc50eaeb0529f540cfd5921e4a8d7c96f31b4182d5a62ad14b87f3b4693248ed392f362d93588e2a9a4d626daec49c950f33ed176e89fcc94fb0706b57e32c6ab8813d909b286c8c392966887b689"}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')

1.193604125s ago: executing program 0 (id=2051):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl0\x00', <r0=>0x0, 0x4, 0x9, 0xff, 0xc64, 0x68, @mcast1, @private2, 0x10, 0x8, 0x8, 0x8}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x20, 0x10, 0x40d, 0x70bd29, 0x25d7dbfc, {0x0, 0x0, 0x0, r0, 0x10}}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.132622428s ago: executing program 0 (id=2052):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r1}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/85}, 0x20)

1.132399709s ago: executing program 0 (id=2053):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi2\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xbd010000, 0x13, r0, 0x0)

1.132313028s ago: executing program 0 (id=2054):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001300050000000000feffffff07000000", @ANYRES32=r2, @ANYBLOB="003000000000000014001a80100004"], 0x34}, 0x1, 0x0, 0x0, 0x800c010}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

843.407472ms ago: executing program 0 (id=2055):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_FBUF(r0, 0x8030560a, &(0x7f0000000540)={0x1, 0x4, &(0x7f0000000040), {0x8000, 0xff, 0x44495658, 0x8, 0xfff, 0x0, 0x2, 0x400}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x16, &(0x7f0000000340)={@local, @local, @void, {@llc={0x4, {@snap={0x1, 0xab, "e8", "e091ab", 0x6006}}}}}, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000580))
close(r1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x2001001000000000, 0x22072a18}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x0)
socket$kcm(0x10, 0x2, 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8b28, &(0x7f0000000000)={'virt_wifi0\x00', @random='4\x00'})
r2 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x5)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8010002})
kcmp(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x40000)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r2, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

292.813794ms ago: executing program 3 (id=2058):
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000640), 0x800, 0x0)
syz_open_dev$loop(0x0, 0x8, 0x1c0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1, 0x0, 0x3})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00', <r1=>0x0})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x8510, 0x0, '\x00', r1, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd13}, 0x94)

292.600471ms ago: executing program 3 (id=2059):
r0 = socket$kcm(0x29, 0x7, 0x0)
r1 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x800)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000080)={<r2=>r1})
setsockopt$inet6_udp_int(r2, 0x11, 0xb, &(0x7f00000000c0)=0x6, 0x4)
r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x4140)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f0000000140)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r4 = syz_create_resource$binfmt(&(0x7f0000000380)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r4, 0x41, 0x1ff)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000003c0), 0x802, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000440)=@o_path={&(0x7f0000000400)='./file0\x00', 0x0, 0x4008, r1}, 0x18)
ioctl$BLKDISCARD(r3, 0x1277, &(0x7f0000000480)=0x6)
fallocate(r2, 0x48, 0x807, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f00000004c0)={0x1, 0x9, {<r6=>0xffffffffffffffff}, {0xee00}, 0x2, 0x6})
fcntl$lock(r5, 0x25, &(0x7f0000000500)={0x1, 0x1, 0x1ff, 0x8, r6})
r7 = accept4(r3, &(0x7f0000000540)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f00000005c0)=0x80, 0x100800)
close_range(r5, r7, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r3, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x64, &(0x7f00000006c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0x34, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
ioctl$TCSBRK(r3, 0x5409, 0x7fffffffffffffff)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000900)={r3, r3, 0x0, r3}, 0x10)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r3, 0x1e, &(0x7f0000000940)={r2}, 0x1)
r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000980), 0x80, 0x0)
close(r8)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f00000009c0)={'wlan1\x00', @random="64f6b68f4e26"})
getdents(r3, &(0x7f0000000a00)=""/99, 0x63)
write(r8, &(0x7f0000000a80)="a1be9ca638831ee7d3c5cf498515f77f113079f6add44404697d1b940572b52238fc049f3b0486dd1aa48a2ea0fab6ea655cf04ba431aef0779b13588946d01c6da95714da15e248428fa9e42ca4cb6c4216b42e0e7f87cba058cf3af2e124d1c954f6edd0a6c24bc9f48a884a33063a6d03300b51dd9736cba7da5c1a0a4a6007246799304947f22da8f09718e630e2ffb2b56b37ef447bbdbdab013cc6dc710d23549379c0bcab131f887b2ef7178e224e94def18880440260cd0983f5a59adc86bd595b13911415414c0d80bee6031010dfa071a72fa2fb395e64adc624a20b350f3185", 0xe5)
syz_emit_ethernet(0x70, &(0x7f0000000b80)={@empty, @broadcast, @void, {@llc_tr={0x11, {@llc={0xff, 0xf4, 'N', "ddef198b71f5f298f24078c4b1b61380470cd189dada69b5ed34b4294b7acb8e6f9d394ab4a39fcaed14346eda84f934ae299c2f2180a78611625b3b1a13ce678c02b0661533042202e1232f4ff88e0489bdaecf167576542b8075053223e9"}}}}}, &(0x7f0000000c00)={0x0, 0x1, [0xe0c, 0xbaf, 0xaae, 0x75]})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f0000000c40)={0x5, 0x2, 0x7, 0xbf8, 'syz1\x00', 0x200})
execve(&(0x7f0000000c80)='./file0\x00', &(0x7f0000000e80)={[&(0x7f0000000cc0)='(\x00', &(0x7f0000000d00)='@/\r\x00', &(0x7f0000000d40)='\x00', &(0x7f0000000d80)='\x00', &(0x7f0000000dc0)='}]$%!-{/\x00', &(0x7f0000000e00)='/dev/input/mice\x00', &(0x7f0000000e40)='#\x00']}, &(0x7f0000000f40)={[&(0x7f0000000ec0)='\x00', &(0x7f0000000f00)='syz1\x00']})
r9 = socket$inet6_icmp(0xa, 0x2, 0x3a)
getsockopt$inet6_mreq(r9, 0x29, 0x1c, &(0x7f0000000f80)={@initdev}, &(0x7f0000000fc0)=0x14)

221.493379ms ago: executing program 5 (id=2060):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0xffff, 0x5}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff2, 0x3}}]}}]}, 0x40}}, 0x800)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @broadcast})
r6 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r', 0x1}], 0x1}, 0x4)

142.912513ms ago: executing program 3 (id=2061):
gettid()
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000400)={r0, r0, 0x6, 0x0, 0x0, 0x9, 0x5f, 0xc08, 0x1012, 0xc3, 0x2, 0x5, 'syz0\x00'})

93.370666ms ago: executing program 3 (id=2062):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r1}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/85}, 0x20)

93.198647ms ago: executing program 3 (id=2063):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x11, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mount(0x0, 0x0, 0x0, 0x204041, 0x0)
listen(0xffffffffffffffff, 0xfffff789)
r2 = socket$igmp6(0xa, 0x3, 0x2)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, 0x0, 0x0, 0x40800)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x530, 0x1d8, 0xffffffff, 0xffffffff, 0x1d8, 0xffffffff, 0x460, 0xffffffff, 0xffffffff, 0x460, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x0, 0x700], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x1b0, 0x1d8, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@private1, [0xff000000, 0xffffffff, 0xff, 0xffffffff], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xff, 0xffffffff, 0xffffffff], @ipv6=@empty, [0xff000000, 0xff, 0xff, 0xff], @ipv6=@local, [0xffffffff, 0xff000000, 0xff000000, 0xffffff00], 0x80, 0x54, 0x3b, 0x4e20, 0x4e23, 0x4e21, 0x4e23, 0x446, 0x39a}, 0x100, 0x20}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0xe, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x590)

331.071µs ago: executing program 0 (id=2064):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$inet6(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000080)="944cf7", 0x3}], 0x1}, 0x20000010)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001900)=[{0x0, 0x0, &(0x7f0000001880)=[{&(0x7f00000000c0)="809a1f3def94ed1b", 0x8}, {&(0x7f0000000140)="cffb29bc745e50ffc1b6aefb2cb1e7d7a332e198a0341b5bc6961eefe66be866e1e538371e23277201cd2cc363529b329a2b9a5f8e7c0ea2d689343ce496ed403500d1423e4163f4ed7753291195616087e1cc13cd0ff0faa4bb3ae381eebbd298ca564a14d2b329d8db8254ba94eb9884e945d71d98178919096753a02b929121f6b0c5aed0c294287a73550bfe6b0aa7b0f1746e0a24a01abf32d9039172d1474b794fd09c1141d8c1976c33a9ff", 0xaf}, {&(0x7f0000000200)="67ecac4649464a2936aa07125337def00ab96deb676c5a0d4df9b7e433e9a6c10b8013bf9ee8fbbdb6b0f610514cf0ea1889979144bc78b8e70f618a982df9f9aaea3439adb130f9cb7493921e5ba19afa14fc6159bc5010ca4ec9ba41a3ee36666c25f1cc70cc82eb916f112c4891a1b8b60fce55993f3917926b98a34c3012956654b06fd84404ab012fedac25e52e0a8e44607e16ed96418c8f97620b03e0d62d5c2b84cea4b6234d027eb07ef0c6d4b702a5b0c9f3294a155356dd816d944cee304871132be7c104e258eee860e80667245233025bff55581c38482f394748b98f598e35db", 0xe7}, {&(0x7f0000000300)="e1d1ee81ada8da14b3edd78e6993b469be3cf501f432876e7c3e20e5a556f07b560a58f60d9201f1a1156adfb2d248eb1adf7b236bf885ac8e58ffd3f6d1f74c0e4c3c0308355c8ee9e28d468ce7f45947634099ffc859f434c8f4f114c0cf0b354eb8cf047cf63e4e3ffbc9a8fed1ad90fe6fce905e41baa9a29d7e2ecd0c275fc7d5027104bd26de53a75512b388ac2b0feb5d7623bcfffa", 0x99}, {&(0x7f0000000880)="eaae636106555071c74f3576b3f0b981bb604e4344fea039cd476b120edf80bc0581845cda1b4631062c9d4a8bac2a468553b24fffea5554b1d15e75eb1d01765f111931803bbdbe66a6cc6b1257ba73e057ab25567e8b8814fb4794e333f40a8c903c3aee0a797d300a8986fbf34d7cac2ff9602f423276627abca723a3e77c49a47735577a0f8ecc4a7c9b402f68f8c028aaab0f41a3dcdf53691f89b89e84e91a25e917ad719d1a1bbe337c50ed284e6927034b7a56e4b4f9a9cb980d82a806bec0f8ebba3487e478172990450accb3ac2d03b5340f98b76b68a385988645f3dea8d8bfe3354ebf9b18afa5100ef78c7bc7c30c93b17bc47c84d1e57c3ca213c8647ebc7d5bdc488eac53913f3b5e37d2bec5ec9f824a6a723969af60a1e97a87d5e2d5635941d4c85b6874689bd0cccfcf4e171bbf35676d99c23c581df7c871e521612b32e7f669886e4340b740af77a384c92488eed1fb0c201b812fff778b58db1203a371b61e898cf56249e1a0cd1ccbd250157c5e0638e5b27fc2f232d07dfbdee0c0223c3731be4dd46ddaa693b9cb8c34fb7d231938ade4b24393e0822c8d04fe2a04c5e6bb8e71bdbbfa833e7341215fddaae563d54e8c0b86c8f89d0308d439fb048d8e0d5cb8709cec3cba287e35e1bc29ba6be69367b12baf22a328830e0e2b1d2ab95c0ab9ef7739183bcac3b73b07a1464447a608a5e405c983c8d50f4897b9b0210a6eb373c2c8890722ace2fc165aa4a183e11c8530501f06ddf313a46f87c661b088a9aa2a4ae74b3465e04531e9a01682050a11e6ca9ed9f62f15ec1e303924947716e3ae2faa501d11314d89a80ab26883ed29bfa2ef13d8aad91a95503d0672bf11d503eb60c6cf9dd9b23d71b82231976b761e4e63242af7e718821ba9fb51c491ddc64845e51f7de5343472f49bac1ddc4e4acdecbfc53a0749f36223ef844a059f2524ea8ba7830b8f863eff0c7b9fc165c7488abf78624c9add0db56ee9d041da8733f8f1fe324a06b05e7e493631009fede590b3f07ff9446f8873370727c3cfa9ecd8cd4f38c5b1ea0a7094d8e6c3587360533e24e17028d921bc0478c4f7f5ce326ff0871350662c4bb35aeca37c361bc9874a000e661784fad3bbca14272652e3fd4c0a9328233c26f22f05362030f01d299024f4491693f085b9c5271619097245659d03c3c667e2acbef579f45286c1f80ecfd98e8c29d237b705fac22987f674add8c44a5c6400c376702220b3be7d7235a8a50032f31139148aa5ff0746eb1d33724212a64ee98943be8d1caed48eb92a0681a8181c2adb7c09f05d948ffa4490448f5e9038c45e3010a0cc359e9db04366b986af003d5c889871020a476815a78b4ab261173b13ed539c5004ccba0375ecdc120b29ec95b00883066d7a93794a7e7cb4f4c292a2abe4ecd907628a6e045b5337f0b5aff12c234aa37e52f79ec77f46414dd3be84915204cf7ebec6cf72f85b4d4c6ab9dac1b7a51418225783afc936f022403e66ba4f32c552d6758726d018a1534067df4f39be2597690859f353dc2f50b7da35cc60cecdfa1ed2f60d3aad4b5b801804b72ca9edb71a10c81bbab2d6a4e7cd73bb98227ff27aa6fd52a1ec69b9e42b6274ff19cd4bfda6c9a69b88ea321c9327bb1995b6e6d1e4c51463882e30d6880d1dbbd471cade7fdfd63b38ce32c126dc4400f6191d367e0e1c3a1ea9f4e075cbd0f02175cf20ff6380e1406cc320b95f8e2004e72059aa8c409e7263347dc13765b1e479164c129f22f2d211477d1e8842cde4d2513a67533e8485c6a857e58226f6ea8bff2b4d16158766e3bd2eb5bc6ccce4b06bc6dcb61729cce11e5a882c6e6294df57b1b6b8cda54262fdaae90310f3b74501feb30b732fc27b5fabb4756ee212026f3fae43d65e96c98c5db1fbb836fc1699f7bc467dd5c305097273dfad9058c39b2c8dc27d218b1378a63372f15ba8e00980a15ac92a21ca5a9fbb893ecfbf48d2d677f307e5c910a6e0d75a67aa1f49bd682636ed9be49f7e22a14dede32faec05916496217264f961383460397af26f78bd68dafb0cac4f704f8dee23ec220a114aa2ce7e1857b0ef4a4ec3bf310d4334d93340b25e17260d55acde933200b2d0c76deff82b019b21e0604f6f2ce934da5063ca6a39bea2d71589b91332b78624b7ff797cee215fe6db51592c6c31f2a9cdc917ccf0e15e4fb8b3d55ddceeff8d3dc834161dc2df85a6e75800bb299ac12b42ca5aab84e8cea40990b94f925bf9577fd8af0e4b73df24d60595abc1964f9adb39e2a95867f3b4edd1e02d97b68909683c6c31611d8c8f70531b25fd68262fcffbad96ed77e3181f429966fc10361035123ff1a430b980676d87195121e475d9ec31f871c500dbf269425d0b6b3c6c11a8ac9cb355658576dadbbb02acc92502484106382cfaf173b73ad8466410854f24862866facc577b47604beb59a4811fccdd44b3f5f395618eb55c05bd2da163ad09410138ff4fc15e77eea07dc11d18b4188b1e0f03a2c23bfca649971cc85dc78de72cdab544e9c9b884c48afe05a9c32b677d6f674388505b33c934029ff5c72bd3cd2369d5a195e59c4ef48a3601d21b4c511aab992d3276584c8e6beb2d71f77bcffcbaa728366f0674a6027e8b6810fb68c0e2274745643e5bb45b20fc33a040e53b534f8bba903b345424546adad92a5356c61f56667c691b787381acaa5fd3c6b82683491e7e1db71bfb76c7780e67a7aefbf0d7458eb730451cd8a34fd5ae9137a0109775c913c69ad700d3fef4eced4a8ca3705fe057f4c565955ce460f24db28032208971c8e8de6e2621e1c692ce00e674eb683364d908b113b18e297e4f11f3694bec30a9f7ec4f81104d5b5338e363041eaf9172daa60f35b34a368d748f473812fbb6ef05c24485a348d43a369d1a43231db5ea8ee5c590d427db73185cb9a60737916886fe0d35e0b82542f9ca7906b444d7f65f2fbbf815fa0d2cd772fb0be88c6f5f8d16eedfb587bba62ea71244603b69269c996df1e80846425b5f9c337063b1a630f5821448c93491af24f40724d9878f3ab181fc9880f89c09d90dad7757119603ec93b65bf745d4bc855c2014026e1069b0637b4f667649db76c3d1f67ce1405d7fefe80285f93e0694fc9df287a360ca5f944f4d403055fa79da0cf69b75edb01ae535910a7b4e7a20caaf84c9f07de91eeea34861d37ad387815dd262718486cd7e9afff386ab434ffde5d28e393c0524486129bcea0ea8ae78e9eeea6aa41f93db118e04406eaa7f80caff4dd3fd53164793aa29713b2502e4958a935991342366e56da16c9f691be22b34bc939725a4af70e2ea09268bf91a4a652c337864204cd4bc2e752b3bdb15bd47e522a8e6a9ef3ca7437ed880e3fc0c0e18c03da18aaf07b5037fc3b1c2931493dba77ada339577db749cf1b5090a95ad1a75d673b4f783ceb3dd59a6a5722aefedbf5e247fc7b128437315c1773c84668308e2b66c2efee36061ef1abdae0b276abb4cf4a8a0ec2bb2d6de6959d4884892b2e7b4fea3ff1a166a83bcc08920737304915623ac91dfe0de420690a413be02d7a789d485b61b46c98b19df7868936119a1d9a39621dad59217d2e360856bab91ffc6ec252c501e99d7593551e939df325f69853927f5ef068e113aa1a1446116bcdbb14c698570cc4f3c1b87d00dce083299f5472863872faba16c852e0765668b736525bfce3e3d3219fefd28e9f69f0e2e7365f02ee2bbf9ba731338b8fed4387b3b2f82857b7db565ab372f19b4035f13771b732f908698107b789a5c25342e78e779763ff0b796cc3e1fbeea7500c5063fbd0d8ddbd0a4cc91b16ab74f4d3c75034f7d48d3f991bce3bb9ccfcfa9957c145e070739a2cd3ea6f12e7ed910ec4286bcf9b5605476035d610951d021fda946eb3c8012a2646cba7df0879509087de9ea089925c59ac762c0c8262c133167fd5fd52c91909501dda17ed584a16721c99ba8a7d403a8acdf81631d1f1c6c4f5b3b626c8074944123425884bfbcf27a5ebaca22713d70beebda366b34deffdbca5484cb58ebafc6bd696a327f529ef01880472bea2262fb9f4267bc40a17bbfcbc65f7ca84ce5e082d8ec13549aae91f984e3f46f5156693b3e12768cfc275eb2ded9bbf6a692b85a40c1b2735537728a5c89248c2fffa40296ad56efbc59c328686c503927439fd67874eb1dfd64f54314693bf2f70c8fe24ef94fe9f833e6544fe6b0c7bc7a85a8efc9b5800d5b201b1c131a76fd648fd1cb84fa1653fb2fd80e986e5262198f1df31e13c7b695a290caa9e05d6c4919eee55dee36f33d7835ab124c0c3b971203f7274b2f0ec9ad86fc33359e80ab52afe8d8e980c1a61fd2a5b76b8eb26d028157d9f5dff6d15af35a4578c7143154ca53b5cb8941132626e09abb00b34411630f983942ec68d461707fdb94e3f57f4f160ccb5c213c32963a6b1cbe0205465c24be135e307867d4e8267e067fa62b327c12bb45b40433db218ad30afd62811aec82739d49c7d8ab2c544a7835d2be402a4e8fcaa5ef2cc9b2c0104437c15c39309e12cd6b3fcef8e8269a9d7b31328d0f627b8a2c1be85b43334be7eca17f931b07f81412637f15d6c5523e7d1225bcc7f98db8df20d23b9e4ba3a10f1dd0087c17aa3e44ccd2a94e3e9925f92e479ecced83149cbcd55fae4875c10238eacb499cad2b736840c7b2e3f635adf87acd90b6f6f4c48ade0b9e037ce85bcf5243ce57a1fa7d042cdccc6b27bff4b5ca739ab9ba17cd9018363fea682b3b70ebc2caeb4ac481cf0d003f79b080ab8ab6d22b25c44c8444662436ad117c39e5d320cdfb817cc342f5de3ee23f1066bee4d7cf31cd2fba8fd3934744a6f29ac0d96d8af0c278483e52eea543fc107bac5e6b4147b7528d15823d3ff7bd36280c9017aa6ccde259a5f7ad10deba42a72360ae90fcdec4391b0b955854dee7736bc40b7912b70638ce057d4f47a29d4e55dcbda59184e43b71164def92cbf8d1357c668e8a7cd2f051ab2ec4b2d7c3a0b32076a5d307668807f54b05ae77c0698904c003b80b8089820ff9c8da4b7ccd821b39c48976955f69cc80ae73bba2b023a16a875636f44fe4a5fa1eb87a6a5ceb912dc8b86e05e5acdc2b752abd89c973d3cd81ae8160bd6030e2e02047c474555fc110a9224e020a04a8227b85fc17bd8eadf97654c30621cb62677c3b92278c95bbf9a78c5312d315ab959a60e18d69404ca1b501c40115833de8c01bcb23ef9b2d13567a138b6e5543795054bf648d0f6df37a9aa3cb617702bd1b8ca13ba74bb61465c8ef1e9c3c32083d9cbc47fd8f956ca44b1f3c90ffe3bbd66b5e8dae9e302e34686b0a6c9936f82242900fdf60b930293edebc141c42a23a0b01db8f75a6a50e5512b21d2b6dfed4f70f950cec6114c89062a65700dd71a03be3019c1614328f32279c61dd432d04c2381e4d253631ccad8908de7fa355f0a238c4d5e07964050f161512203435b25989883ce40d3572f6a2d2c8562a6a0e40b6a8110290ab14c31e2d92cfdf3b65e14a0d5f10995dbdc4a5a642c1b79c18b123f4927b2f54f07b295de42d6965d464975189c05413aba1f9674fbfe216bd5a65a757dcdaf65bdccf64195bb31840eb573c0fb256186e1b0bd2887e84cd39e0f03a2b6f3a93b7c71ef82185bdafce87b6870ed809a195d28c22146a7b14475df36b3cc54ec729d3f5af0034373862c8f61f570c2930f0bca0996d4b3e7af43", 0x1000}], 0x5, 0x0, 0x0, 0x8000}], 0x1, 0x2004c810)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)

0s ago: executing program 3 (id=2065):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000000c0)={<r1=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f0000000100)={&(0x7f0000000040)=[r1], 0x1}) (async, rerun: 64)
lstat(&(0x7f0000000080)='./file0\x00', 0x0) (async, rerun: 64)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000500)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000002c0000000000000018000000000000000000000000000000950000000000000095"], &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x42}, 0x2810) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000020a2f6d592004fc4f8e3b2f3f70d0800000000d6bd03"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r3, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x1003ffffffc]}, 0x8, 0x0)
read$FUSE(r4, &(0x7f0000001340)={0x2020}, 0x2020) (async, rerun: 32)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01864c2, &(0x7f0000000240)={0x0, 0x0, r4}) (async, rerun: 32)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002d40)={&(0x7f0000002bc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x6, [@struct={0x1, 0x2, 0x0, 0x4, 0x1, 0x5, [{0x4, 0x1, 0x3}, {0x0, 0x1, 0x1}]}]}, {0x0, [0x5f, 0x0, 0x2e, 0x2e]}}, 0x0, 0x42, 0x0, 0x1, 0xfffffc00}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c00)={{r3}, &(0x7f0000001a40), &(0x7f0000001bc0)=r2}, 0x20) (async, rerun: 64)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r3, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) (rerun: 64)

kernel console output (not intermixed with test programs):

all_64+0x10b/0xf80
[  167.430543][T10660]  ? clear_bhb_loop+0x40/0x90
[  167.430565][T10660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.430583][T10660] RIP: 0033:0x7f75a9b9cdd9
[  167.430599][T10660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  167.430616][T10660] RSP: 002b:00007f75aab2b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.430635][T10660] RAX: ffffffffffffffda RBX: 00007f75a9e15fa0 RCX: 00007f75a9b9cdd9
[  167.430771][T10660] RDX: 0000000000040000 RSI: 0000200000000540 RDI: 0000000000000003
[  167.430783][T10660] RBP: 00007f75aab2b090 R08: 0000000000000000 R09: 0000000000000000
[  167.430818][T10660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.430829][T10660] R13: 00007f75a9e16038 R14: 00007f75a9e15fa0 R15: 00007fffd6714318
[  167.430855][T10660]  </TASK>
[  167.716194][ T5884] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  167.907768][ T5884] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  167.911532][ T5884] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  167.914861][ T5884] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  167.918323][ T5884] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.924102][T10662] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  167.929719][ T5884] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  167.941493][T10671] loop2: detected capacity change from 0 to 7
[  167.951801][T10671]  loop2:
[  167.953244][T10671] loop2: partition table partially beyond EOD, truncated
[  168.203353][ T5884] usb 8-1: USB disconnect, device number 11
[  168.878233][T10665] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  168.933111][T10676] tmpfs: Too few inodes for current use
[  168.997529][T10678] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1464'.
[  169.208571][T10683] ip6gre1: left promiscuous mode
[  169.210605][T10683] erspan1: left promiscuous mode
[  169.404882][T10639] Process accounting resumed
[  169.500606][T10691] vlan2: left allmulticast mode
[  169.502794][T10691] ip6gretap0: left allmulticast mode
[  169.505123][T10691] vlan2: left promiscuous mode
[  169.507624][T10691] ip6gretap0: left promiscuous mode
[  169.511255][T10691] bridge0: port 3(vlan2) entered disabled state
[  169.518602][T10691] bridge_slave_1: left allmulticast mode
[  169.521135][T10691] bridge_slave_1: left promiscuous mode
[  169.523680][T10691] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.530511][T10691] bridge_slave_0: left allmulticast mode
[  169.532996][T10691] bridge_slave_0: left promiscuous mode
[  169.535456][T10691] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.604706][T10704] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1473'.
[  169.633319][T10709] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1475'.
[  169.636046][T10696] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1471'.
[  169.711586][T10713] No source specified
[  169.861573][T10733] pim6reg1: entered promiscuous mode
[  169.863898][T10733] pim6reg1: entered allmulticast mode
[  169.999725][   T39] audit: type=1800 audit(1777835408.245:835): pid=10739 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.1486" name="file0" dev="tmpfs" ino=1740 res=0 errno=0
[  170.030167][T10741] xt_hashlimit: size too large, truncated to 1048576
[  170.040602][T10736] netlink: 'syz.2.1485': attribute type 10 has an invalid length.
[  170.228058][T10745] tipc: Trying to set illegal importance in message
[  170.333336][T10747] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1489'.
[  170.585027][T10757] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1493'.
[  170.670952][   T39] audit: type=1400 audit(1777835408.915:836): avc:  denied  { setopt } for  pid=10764 comm="syz.5.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  170.771137][T10771] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2052 sclass=netlink_route_socket pid=10771 comm=syz.3.1497
[  170.836929][T10778] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  170.977133][   T39] audit: type=1400 audit(1777835409.215:837): avc:  denied  { execute } for  pid=10792 comm="syz.0.1504" path="/blkio.bfq.io_wait_time" dev="ramfs" ino=36858 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  171.076877][ T5735] usb 10-1: new low-speed USB device number 7 using dummy_hcd
[  171.227470][ T5735] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  171.230769][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  171.235590][ T5735] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  171.240936][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  171.245934][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  171.252093][ T5735] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  171.255464][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  171.260251][ T5735] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  171.265485][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  171.270593][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  171.276252][ T5735] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  171.279422][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  171.284130][ T5735] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  171.288899][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  171.293663][ T5735] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  171.302150][ T5735] usb 10-1: string descriptor 0 read error: -22
[  171.305225][ T5735] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  171.309619][ T5735] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.323007][ T5735] adutux 10-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  171.612576][T10808] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.622722][T10808] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.625906][T10808] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.692428][ T5842] usb 10-1: USB disconnect, device number 7
[  171.700959][T10809] usb 10-1: Couldn't submit interrupt_out_urb -19
[  172.014901][T10824] __nla_validate_parse: 2 callbacks suppressed
[  172.014919][T10824] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1513'.
[  172.029810][T10827] /dev/nullb0: Can't lookup blockdev
[  172.032289][T10827] /dev/nullb0: Can't lookup blockdev
[  172.034460][T10827] /dev/nullb0: Can't lookup blockdev
[  172.036592][T10827] /dev/nullb0: Can't lookup blockdev
[  172.038912][T10827] /dev/nullb0: Can't lookup blockdev
[  172.041244][T10827] /dev/nullb0: Can't lookup blockdev
[  172.047635][T10827] /dev/nullb0: Can't lookup blockdev
[  172.049565][T10827] /dev/nullb0: Can't lookup blockdev
[  172.060081][T10827] /dev/nullb0: Can't lookup blockdev
[  172.062186][T10827] /dev/nullb0: Can't lookup blockdev
[  172.064084][T10827] /dev/nullb0: Can't lookup blockdev
[  172.066622][T10827] /dev/nullb0: Can't lookup blockdev
[  172.068545][T10827] /dev/nullb0: Can't lookup blockdev
[  172.070402][T10827] /dev/nullb0: Can't lookup blockdev
[  172.072325][T10827] /dev/nullb0: Can't lookup blockdev
[  172.074205][T10827] /dev/nullb0: Can't lookup blockdev
[  172.076416][T10827] /dev/nullb0: Can't lookup blockdev
[  172.157077][T10830] gfs2: error -5 reading superblock
[  172.312723][T10839] netlink: 'syz.3.1519': attribute type 1 has an invalid length.
[  172.339439][T10841] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1521'.
[  172.356373][T10846] dns_resolver: Unsupported server list version (0)
[  172.371284][   T39] audit: type=1400 audit(1777835410.615:838): avc:  denied  { write } for  pid=10845 comm="syz.2.1520" name="/" dev="ocfs2_dlmfs" ino=37349 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  172.381824][T10846] (syz.2.1520,10846,2):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  172.388410][   T39] audit: type=1400 audit(1777835410.625:839): avc:  denied  { create } for  pid=10845 comm="syz.2.1520" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  172.419644][   T39] audit: type=1400 audit(1777835410.625:840): avc:  denied  { associate } for  pid=10845 comm="syz.2.1520" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  172.491676][T10850] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1523'.
[  172.677755][T10877] netlink: 'syz.2.1530': attribute type 1 has an invalid length.
[  172.785761][T10887] netlink: 'syz.2.1534': attribute type 21 has an invalid length.
[  172.792624][T10887] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1534'.
[  172.951776][T10892] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1536'.
[  173.187046][T10902] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.190746][T10902] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.200046][T10904] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  173.228393][T10902] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.290917][ T8329] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.298608][ T8329] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.306992][ T8329] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.313598][ T8329] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.321483][ T8329] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.326116][ T8329] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.333433][ T8329] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  173.335729][T10909] sctp: [Deprecated]: syz.2.1542 (pid 10909) Use of int in maxseg socket option.
[  173.335729][T10909] Use struct sctp_assoc_value instead
[  173.343977][ T8329] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.355662][T10911] netlink: 'syz.0.1541': attribute type 1 has an invalid length.
[  173.392178][T10913] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  173.395645][T10913] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  173.403125][   T39] audit: type=1400 audit(1777835411.645:841): avc:  denied  { firmware_load } for  pid=10912 comm="syz.5.1543" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  173.405490][T10913] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  173.422739][T10915] fuse: fd is not a fuse device
[  173.449233][   T39] audit: type=1400 audit(1777835411.695:842): avc:  denied  { bind } for  pid=10916 comm="syz.0.1545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  173.450351][T10921] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1545'.
[  173.462771][T10923] xt_hashlimit: size too large, truncated to 1048576
[  173.541996][T10928] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1548'.
[  173.679819][T10940] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1553'.
[  173.742058][T10942] netlink: 'syz.0.1554': attribute type 1 has an invalid length.
[  173.751170][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1554'.
[  173.765342][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1554'.
[  173.765348][ T8330] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  173.786611][ T8330] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  173.790609][ T8330] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  173.794133][ T8330] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  173.809655][T10942] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10942 comm=syz.0.1554
[  173.877850][T10955] loop9: detected capacity change from 0 to 7
[  173.889080][    C1] blk_print_req_error: 45 callbacks suppressed
[  173.889092][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.894170][    C1] buffer_io_error: 45 callbacks suppressed
[  173.894179][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.903848][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.908007][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.911704][    C2] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.914879][    C2] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.917641][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.921824][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.925415][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.928488][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.934194][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.938033][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.941741][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.944845][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.949912][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.953033][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.956178][    C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.959617][    C3] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.965581][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  173.968710][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  173.972763][T10955] ldm_validate_partition_table(): Disk read failed.
[  173.976487][T10955] Dev loop9: unable to read RDB block 0
[  173.979612][T10955]  loop9: unable to read partition table
[  173.982329][T10955] loop9: partition table beyond EOD, truncated
[  173.985211][T10955] loop_reread_partitions: partition scan of loop9 (��) failed (rc=-5)
[  173.996434][ T8330] nci: nci_ntf_packet: unsupported ntf opcode 0xf00
[  174.020484][T10964] bond6: option xmit_hash_policy: invalid value (6)
[  174.032558][T10964] bond6 (unregistering): Released all slaves
[  174.089321][T10969] syzkaller0: entered promiscuous mode
[  174.091184][T10969] syzkaller0: entered allmulticast mode
[  175.585719][T10993] 9pnet_fd: p9_fd_create_tcp (10993): problem connecting socket to 127.0.0.1
[  175.616617][   T39] audit: type=1400 audit(1777835413.865:843): avc:  denied  { ioctl } for  pid=10996 comm="syz.0.1568" path="socket:[38408]" dev="sockfs" ino=38408 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  175.638676][   T39] audit: type=1400 audit(1777835413.885:844): avc:  denied  { shutdown } for  pid=10996 comm="syz.0.1568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  175.694703][   T39] audit: type=1400 audit(1777835413.935:845): avc:  denied  { write } for  pid=11002 comm="syz.5.1571" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  175.708228][   T39] audit: type=1400 audit(1777835413.955:846): avc:  denied  { remove_name } for  pid=11002 comm="syz.5.1571" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  175.719911][   T39] audit: type=1400 audit(1777835413.965:847): avc:  denied  { unlink } for  pid=11002 comm="syz.5.1571" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  175.737749][   T39] audit: type=1400 audit(1777835413.965:848): avc:  denied  { write } for  pid=11002 comm="syz.5.1571" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  175.796174][ T5884] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  175.946451][ T5884] usb 8-1: Using ep0 maxpacket: 32
[  175.952507][ T5884] usb 8-1: config 0 has an invalid interface number: 119 but max is 0
[  175.959353][ T5884] usb 8-1: config 0 has no interface number 0
[  175.962304][ T5884] usb 8-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  175.967971][ T5884] usb 8-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  175.973156][ T5884] usb 8-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  175.977757][ T5884] usb 8-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  175.984893][ T5884] usb 8-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  175.989100][ T5884] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.992529][ T5884] usb 8-1: Product: syz
[  175.994410][ T5884] usb 8-1: Manufacturer: syz
[  175.996701][ T5884] usb 8-1: SerialNumber: syz
[  176.001650][ T5884] usb 8-1: config 0 descriptor??
[  176.004734][T10990] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  176.013594][ T5884] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.119/input/input22
[  176.022770][ T5125] usb 8-1: BOGUS urb xfer, pipe 1 != type 3
[  176.061418][    C3] bcm5974 8-1:0.119: trackpad urb failed: -1
[  176.229367][   T39] audit: type=1400 audit(1777835414.475:849): avc:  denied  { setopt } for  pid=10989 comm="syz.3.1566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  176.255742][ T5839] usb 8-1: USB disconnect, device number 12
[  176.618409][   T39] audit: type=1400 audit(1777835414.865:850): avc:  denied  { write } for  pid=11012 comm="syz.0.1575" name="/" dev="9p" ino=73943855 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  176.638795][   T39] audit: type=1400 audit(1777835414.875:851): avc:  denied  { lock } for  pid=11012 comm="syz.0.1575" path="/346/file0/cpuset.effective_cpus" dev="9p" ino=73943887 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  176.659159][   T39] audit: type=1400 audit(1777835414.875:852): avc:  denied  { mounton } for  pid=11012 comm="syz.0.1575" path="/346/file0/file0" dev="9p" ino=73943857 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  176.950764][T11019] random: crng reseeded on system resumption
[  177.279237][T11023] xt_hashlimit: size too large, truncated to 1048576
[  177.507318][T11029] netlink: 'syz.0.1580': attribute type 1 has an invalid length.
[  177.528258][T11029] bond6: entered promiscuous mode
[  177.533005][T11029] 8021q: adding VLAN 0 to HW filter on device bond6
[  177.552173][T11029] __nla_validate_parse: 7 callbacks suppressed
[  177.552187][T11029] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1580'.
[  177.559771][T11029] bond6: entered allmulticast mode
[  177.589654][T11029] bond6: (slave bridge3): making interface the new active one
[  177.596352][T11029] bridge3: entered promiscuous mode
[  177.598253][T11029] bridge3: entered allmulticast mode
[  177.605695][T11029] bond6: (slave bridge3): Enslaving as an active interface with an up link
[  177.619687][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1580'.
[  177.628644][T11029] bond0: entered promiscuous mode
[  177.631389][T11029] batadv_slave_0: entered promiscuous mode
[  177.633963][T11029] debugfs: 'hsr0' already exists in 'hsr'
[  177.635928][T11029] Cannot create hsr debugfs directory
[  177.690541][T11035] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8212 sclass=netlink_xfrm_socket pid=11035 comm=syz.0.1582
[  178.179895][T11044] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1584'.
[  178.464130][T11058] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1588'.
[  178.486708][ T5101] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  178.616138][ T5101] usb 10-1: device descriptor read/64, error -71
[  178.641490][T11065] xt_recent: hitcount (134217728) is larger than allowed maximum (65535)
[  178.783116][T11075] netlink: 'syz.2.1594': attribute type 21 has an invalid length.
[  178.788537][T11075] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1594'.
[  178.856165][ T5101] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  178.986162][ T5101] usb 10-1: device descriptor read/64, error -71
[  178.999489][T11083] netlink: 'syz.2.1597': attribute type 3 has an invalid length.
[  179.099947][ T5101] usb usb10-port1: attempt power cycle
[  179.241912][T11086] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1598'.
[  179.436216][ T5101] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  179.454273][ T5735] libceph: connect (1)[c::]:6789 error -99
[  179.457370][ T5101] usb 10-1: device descriptor read/8, error -71
[  179.461396][ T5735] libceph: mon0 (1)[c::]:6789 connect error
[  179.696179][ T5101] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  179.719185][ T5735] libceph: connect (1)[c::]:6789 error -99
[  179.721297][ T5101] usb 10-1: device descriptor read/8, error -71
[  179.724173][ T5735] libceph: mon0 (1)[c::]:6789 connect error
[  179.733453][T11107] xt_hashlimit: size too large, truncated to 1048576
[  179.826263][ T5101] usb usb10-port1: unable to enumerate USB device
[  179.868189][T11114] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1608'.
[  180.093037][T11124] xt_hashlimit: size too large, truncated to 1048576
[  180.238853][ T5101] libceph: connect (1)[c::]:6789 error -99
[  180.241507][ T5101] libceph: mon0 (1)[c::]:6789 connect error
[  180.274087][T11090] ceph: No mds server is up or the cluster is laggy
[  180.393168][T11142] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1617'.
[  180.421861][T11148] xt_hashlimit: size too large, truncated to 1048576
[  181.050985][T11157] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1623'.
[  181.275507][ T5090] Bluetooth: hci2: unexpected event for opcode 0x1408
[  181.291172][T11176] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  181.297194][T11179] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1630'.
[  181.355976][T11181] netlink: 'syz.3.1631': attribute type 9 has an invalid length.
[  181.462684][T11190] xt_hashlimit: size too large, truncated to 1048576
[  182.093188][T11198] program syz.5.1636 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  182.219182][   T39] kauditd_printk_skb: 7 callbacks suppressed
[  182.219195][   T39] audit: type=1400 audit(1777835420.465:860): avc:  denied  { validate_trans } for  pid=11204 comm="syz.5.1639" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  182.386531][   T39] audit: type=1400 audit(1777835420.635:861): avc:  denied  { getopt } for  pid=11211 comm="syz.5.1641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  182.406366][T11212] netlink: 'syz.5.1641': attribute type 64 has an invalid length.
[  182.455121][T11214] netlink: 'syz.5.1642': attribute type 11 has an invalid length.
[  182.571030][T11216] xt_hashlimit: size too large, truncated to 1048576
[  183.365136][T11237] __nla_validate_parse: 1 callbacks suppressed
[  183.365149][T11237] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1649'.
[  183.540731][T11243] batadv_slave_1: entered promiscuous mode
[  183.544657][T11242] batadv_slave_1: left promiscuous mode
[  183.572093][   T39] audit: type=1400 audit(1777835421.815:862): avc:  denied  { execute } for  pid=11244 comm="syz.0.1652" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  183.701981][   T39] audit: type=1400 audit(1777835421.945:863): avc:  denied  { block_suspend } for  pid=11254 comm="syz.2.1654" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  183.829223][T11266] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1658'.
[  184.067421][T11290] netlink: 'syz.2.1665': attribute type 39 has an invalid length.
[  184.117337][T11292] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1668'.
[  184.436179][   T39] audit: type=1400 audit(1777835422.665:864): avc:  denied  { map } for  pid=11308 comm="syz.0.1674" path="socket:[41059]" dev="sockfs" ino=41059 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  184.456172][   T39] audit: type=1400 audit(1777835422.665:865): avc:  denied  { read accept } for  pid=11308 comm="syz.0.1674" path="socket:[41059]" dev="sockfs" ino=41059 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  184.476591][   T39] audit: type=1400 audit(1777835422.725:866): avc:  denied  { map } for  pid=11308 comm="syz.0.1674" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  184.773191][   T39] audit: type=1400 audit(1777835423.015:867): avc:  denied  { write } for  pid=11320 comm="syz.0.1677" name="secretmem" dev="secretmem" ino=39526 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  184.915943][   T39] audit: type=1400 audit(1777835423.155:868): avc:  denied  { relabelfrom } for  pid=11325 comm="syz.0.1678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  184.926287][   T39] audit: type=1400 audit(1777835423.165:869): avc:  denied  { relabelto } for  pid=11325 comm="syz.0.1678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  185.721927][T11334] xt_hashlimit: size too large, truncated to 1048576
[  185.833944][T11337] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1682'.
[  187.675309][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  187.675327][   T39] audit: type=1400 audit(1777835425.915:871): avc:  denied  { getopt } for  pid=11380 comm="syz.3.1696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  187.828023][T11392] xt_hashlimit: size too large, truncated to 1048576
[  187.940687][T11404] fuse: fd is not a fuse device
[  187.945127][T11404] "syz.2.1702" (11404) uses obsolete ecb(arc4) skcipher
[  188.112379][T11419] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1709'.
[  188.216511][ T1039] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  188.221109][T11431] xt_hashlimit: size too large, truncated to 1048576
[  188.313342][   T39] audit: type=1400 audit(1777835426.555:872): avc:  denied  { write } for  pid=11440 comm="syz.0.1716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  188.316625][T11443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1717'.
[  188.323498][T11443] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1717'.
[  188.327508][   T39] audit: type=1400 audit(1777835426.575:873): avc:  denied  { read } for  pid=11441 comm="syz.3.1717" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  188.376353][ T1039] usb 10-1: Using ep0 maxpacket: 16
[  188.380342][ T1039] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  188.383444][ T1039] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  188.386849][ T1039] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  188.390241][ T1039] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  188.393102][ T1039] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  188.396156][T11450] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=28530 sclass=netlink_route_socket pid=11450 comm=syz.3.1717
[  188.397803][ T1039] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  188.404454][ T1039] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  188.409171][ T1039] usb 10-1: Manufacturer: syz
[  188.413562][ T1039] usb 10-1: config 0 descriptor??
[  188.598334][   T39] audit: type=1400 audit(1777835426.845:874): avc:  denied  { ioctl } for  pid=11458 comm="syz.3.1722" path="socket:[41395]" dev="sockfs" ino=41395 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  188.616395][ T5826] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  188.622356][T11406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.628225][T11406] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.683192][T11463] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1723'.
[  188.686267][ T1039] rc_core: IR keymap rc-hauppauge not found
[  188.688097][ T1039] Registered IR keymap rc-empty
[  188.689798][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.706588][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.727074][ T1039] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  188.731544][ T1039] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input23
[  188.740373][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.766243][ T5826] usb 5-1: Using ep0 maxpacket: 16
[  188.767866][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.771079][ T5826] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  188.774053][ T5826] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  188.777728][ T5826] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  188.780502][ T5826] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  188.783344][ T5826] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  188.787340][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.790376][ T5826] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  188.793061][ T5826] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  188.795435][ T5826] usb 5-1: Manufacturer: syz
[  188.799103][ T5826] usb 5-1: config 0 descriptor??
[  188.816353][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.827821][T11463] nbd0: detected capacity change from 0 to 1215
[  188.836770][T11469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.840713][T11469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.846516][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.877183][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.888629][T11473] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1724'.
[  188.896452][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.916378][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.936737][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.956416][ T1039] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  188.988034][ T1039] mceusb 10-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  188.990724][ T1039] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  188.995983][ T1039] usb 10-1: USB disconnect, device number 12
[  189.069052][ T5826] rc_core: IR keymap rc-hauppauge not found
[  189.074366][ T5826] Registered IR keymap rc-empty
[  189.083057][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.102587][T11483] xt_hashlimit: size too large, truncated to 1048576
[  189.109508][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.137818][ T5826] rc rc1: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc1
[  189.145612][ T5826] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc1/input24
[  189.154861][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.187122][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.208475][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.236510][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.257766][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.276567][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.307503][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.327785][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.347520][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.366190][ T5826] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  189.388552][ T5826] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  189.395255][ T5826] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  189.401307][ T5826] usb 5-1: USB disconnect, device number 11
[  189.478376][ T5090] block nbd0: Receive control failed (result -104)
[  189.667282][ T5090] Bluetooth: hci3: unexpected event 0x18 length: 247 > 23
[  189.742012][   T39] audit: type=1326 audit(1777835427.985:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.3.1731" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f320d19cdd9 code=0x7fc00000
[  189.742063][   T39] audit: type=1326 audit(1777835427.985:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.3.1731" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f320d19cdd9 code=0x7fc00000
[  189.771677][   T39] audit: type=1326 audit(1777835427.985:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.3.1731" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f320d19cdd9 code=0x7fc00000
[  189.771726][   T39] audit: type=1326 audit(1777835427.985:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.3.1731" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f320d19cdd9 code=0x7fc00000
[  189.771761][   T39] audit: type=1326 audit(1777835427.985:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.3.1731" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f320d19cdd9 code=0x7fc00000
[  189.771854][   T39] audit: type=1326 audit(1777835427.985:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.3.1731" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f320d19cdd9 code=0x7fc00000
[  189.951685][T11525] netlink: 1371 bytes leftover after parsing attributes in process `syz.2.1740'.
[  190.154759][T11533] dvmrp0: entered allmulticast mode
[  190.196993][T11540] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1744'.
[  190.208981][T11540] cgroup: Unknown subsys name 'cpuset'
[  190.237455][T11544] netem: change failed
[  190.262298][T11544] bond7: Removing last ns target with arp_interval on
[  190.516356][T11560] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  190.613153][T11560] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  190.817430][ T5735] libceph: connect (1)[c::]:6789 error -101
[  190.820182][ T5735] libceph: mon0 (1)[c::]:6789 connect error
[  190.875663][T11560] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  190.890383][T11573] syzkaller0: entered promiscuous mode
[  190.892306][T11573] syzkaller0: entered allmulticast mode
[  190.951923][T11560] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  191.080495][T11576] FAULT_INJECTION: forcing a failure.
[  191.080495][T11576] name failslab, interval 1, probability 0, space 0, times 0
[  191.087051][T11576] CPU: 3 UID: 0 PID: 11576 Comm: syz.5.1754 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  191.087068][T11576] Tainted: [L]=SOFTLOCKUP
[  191.087071][T11576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  191.087078][T11576] Call Trace:
[  191.087095][T11576]  <TASK>
[  191.087100][T11576]  dump_stack_lvl+0x100/0x190
[  191.087123][T11576]  should_fail_ex.cold+0x5/0xa
[  191.087139][T11576]  ? tomoyo_encode2+0xfb/0x3c0
[  191.087176][T11576]  should_failslab+0xc2/0x120
[  191.087189][T11576]  __kmalloc_noprof+0xe0/0x850
[  191.087207][ T5735] libceph: connect (1)[c::]:6789 error -101
[  191.087208][T11576]  tomoyo_encode2+0xfb/0x3c0
[  191.087224][T11576]  tomoyo_encode+0x29/0x50
[  191.087237][T11576]  tomoyo_realpath_from_path+0x18c/0x690
[  191.087255][T11576]  tomoyo_path_number_perm+0x23c/0x580
[  191.087267][T11576]  ? tomoyo_path_number_perm+0x22e/0x580
[  191.087279][T11576]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  191.087305][T11576]  ? find_held_lock+0x2b/0x80
[  191.087315][T11576]  ? __fget_files+0x215/0x3d0
[  191.087327][T11576]  ? hook_file_ioctl_common+0x149/0x410
[  191.087343][T11576]  ? __fget_files+0x215/0x3d0
[  191.087358][T11576]  ? __fget_files+0x21f/0x3d0
[  191.087373][T11576]  security_file_ioctl+0xd3/0x230
[  191.087401][T11576]  __x64_sys_ioctl+0xb7/0x210
[  191.087413][T11576]  do_syscall_64+0x10b/0xf80
[  191.087435][T11576]  ? clear_bhb_loop+0x40/0x90
[  191.087448][T11576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.087459][T11576] RIP: 0033:0x7fef3b39cdd9
[  191.087468][T11576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  191.087478][T11576] RSP: 002b:00007fef3c232028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  191.087489][T11576] RAX: ffffffffffffffda RBX: 00007fef3b615fa0 RCX: 00007fef3b39cdd9
[  191.087495][T11576] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  191.087501][T11576] RBP: 00007fef3c232090 R08: 0000000000000000 R09: 0000000000000000
[  191.087512][T11576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.087518][T11576] R13: 00007fef3b616038 R14: 00007fef3b615fa0 R15: 00007ffdfb6c9578
[  191.087531][T11576]  </TASK>
[  191.087542][T11576] ERROR: Out of memory at tomoyo_realpath_from_path.
[  191.092107][ T5735] libceph: mon0 (1)[c::]:6789 connect error
[  191.258962][ T8328] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  191.274942][   T59] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  191.290451][   T59] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  191.302117][ T8328] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  191.338610][T11582] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  191.371743][T11585] cgroup: name respecified
[  191.586166][   T34] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  191.638386][T11590] netlink: 'syz.5.1759': attribute type 10 has an invalid length.
[  191.642073][T11590] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1759'.
[  191.709580][ T5101] libceph: connect (1)[c::]:6789 error -101
[  191.712486][ T5101] libceph: mon0 (1)[c::]:6789 connect error
[  191.767979][   T34] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  191.775660][   T34] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  191.783496][   T34] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  191.867045][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.871592][T11594] IPv6: NLM_F_CREATE should be specified when creating new route
[  191.872515][T11584] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  191.879974][   T34] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  192.105757][ T5101] usb 5-1: USB disconnect, device number 12
[  192.130391][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 2 seconds
[  192.134628][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 2 seconds
[  192.140004][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 2 seconds
[  192.143611][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 2 seconds
[  192.473266][T11604] 9p: Bad value for 'rfdno'
[  192.686494][ T5101] libceph: connect (1)[c::]:6789 error -101
[  192.690746][ T5101] libceph: mon0 (1)[c::]:6789 connect error
[  192.692322][T11606] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1764'.
[  192.697245][T11606] netlink: 200 bytes leftover after parsing attributes in process `syz.5.1764'.
[  192.702177][T11606] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1764'.
[  192.793532][T11613] trusted_key: encrypted_key: master key parameter is missing
[  192.999496][   T39] kauditd_printk_skb: 740 callbacks suppressed
[  192.999514][   T39] audit: type=1400 audit(1777835431.245:1621): avc:  denied  { write } for  pid=11625 comm="syz.0.1769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  193.307659][T11639] overlayfs: missing 'workdir'
[  193.451302][T11644] FAULT_INJECTION: forcing a failure.
[  193.451302][T11644] name failslab, interval 1, probability 0, space 0, times 0
[  193.455524][T11644] CPU: 2 UID: 0 PID: 11644 Comm: syz.0.1773 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  193.455540][T11644] Tainted: [L]=SOFTLOCKUP
[  193.455544][T11644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  193.455550][T11644] Call Trace:
[  193.455579][T11644]  <TASK>
[  193.455585][T11644]  dump_stack_lvl+0x100/0x190
[  193.455609][T11644]  should_fail_ex.cold+0x5/0xa
[  193.455626][T11644]  should_failslab+0xc2/0x120
[  193.455638][T11644]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  193.455654][T11644]  ? copy_process+0x69a/0x7e00
[  193.455663][T11644]  ? mark_held_locks+0x40/0x70
[  193.455679][T11644]  copy_process+0x69a/0x7e00
[  193.455696][T11644]  ? __pfx_copy_process+0x10/0x10
[  193.455708][T11644]  ? lockdep_init_map_type+0x5c/0x250
[  193.455722][T11644]  ? lockdep_init_map_type+0x5c/0x250
[  193.455736][T11644]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  193.455750][T11644]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  193.455767][T11644]  vhost_task_create+0x1db/0x370
[  193.455782][T11644]  ? __pfx_vhost_task_create+0x10/0x10
[  193.455795][T11644]  ? register_lock_class+0x40/0x560
[  193.455812][T11644]  ? __pfx_vhost_task_fn+0x10/0x10
[  193.455828][T11644]  ? __pfx___mutex_lock+0x10/0x10
[  193.455852][T11644]  ? kasan_quarantine_put+0x104/0x240
[  193.455871][T11644]  kvm_mmu_post_init_vm+0x1b3/0x370
[  193.455888][T11644]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  193.455903][T11644]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  193.455918][T11644]  kvm_vcpu_ioctl+0x730/0x1720
[  193.455930][T11644]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  193.455942][T11644]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  193.455956][T11644]  ? do_vfs_ioctl+0x226/0x13e0
[  193.455967][T11644]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  193.455978][T11644]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  193.456022][T11644]  ? __fget_files+0x215/0x3d0
[  193.456034][T11644]  ? hook_file_ioctl_common+0x149/0x410
[  193.456067][T11644]  ? selinux_file_ioctl+0x13b/0x290
[  193.456081][T11644]  ? selinux_file_ioctl+0xb6/0x290
[  193.456095][T11644]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  193.456107][T11644]  __x64_sys_ioctl+0x18e/0x210
[  193.456119][T11644]  do_syscall_64+0x10b/0xf80
[  193.456131][T11644]  ? clear_bhb_loop+0x40/0x90
[  193.456144][T11644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.456155][T11644] RIP: 0033:0x7f75a9b9cdd9
[  193.456164][T11644] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  193.456174][T11644] RSP: 002b:00007f75aab0a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.456185][T11644] RAX: ffffffffffffffda RBX: 00007f75a9e16090 RCX: 00007f75a9b9cdd9
[  193.456191][T11644] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  193.456197][T11644] RBP: 00007f75aab0a090 R08: 0000000000000000 R09: 0000000000000000
[  193.456203][T11644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.456209][T11644] R13: 00007f75a9e16128 R14: 00007f75a9e16090 R15: 00007fffd6714318
[  193.456223][T11644]  </TASK>
[  193.612829][T11646] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1015 sclass=netlink_route_socket pid=11646 comm=syz.3.1775
[  193.729933][ T5101] libceph: connect (1)[c::]:6789 error -101
[  193.732665][ T5101] libceph: mon0 (1)[c::]:6789 connect error
[  193.749741][T11654] xt_hashlimit: size too large, truncated to 1048576
[  193.810621][T11568] ceph: No mds server is up or the cluster is laggy
[  193.940044][T11672] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=2570 sclass=netlink_tcpdiag_socket pid=11672 comm=syz.2.1780
[  193.992954][T11675] bridge5: entered promiscuous mode
[  193.994801][T11675] bridge5: entered allmulticast mode
[  194.035766][T11676] bridge6: entered promiscuous mode
[  194.041243][T11676] bridge6: entered allmulticast mode
[  194.092139][T11679] FAULT_INJECTION: forcing a failure.
[  194.092139][T11679] name failslab, interval 1, probability 0, space 0, times 0
[  194.098699][ T5741] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  194.103701][T11679] CPU: 2 UID: 0 PID: 11679 Comm: syz.3.1784 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  194.103728][T11679] Tainted: [L]=SOFTLOCKUP
[  194.103735][T11679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  194.103744][T11679] Call Trace:
[  194.103751][T11679]  <TASK>
[  194.103758][T11679]  dump_stack_lvl+0x100/0x190
[  194.103784][T11679]  should_fail_ex.cold+0x5/0xa
[  194.103809][T11679]  ? lsm_blob_alloc+0x68/0x90
[  194.103856][T11679]  should_failslab+0xc2/0x120
[  194.103875][T11679]  __kmalloc_noprof+0xe0/0x850
[  194.103900][T11679]  ? audit_alloc+0xa2/0x7b0
[  194.103927][T11679]  lsm_blob_alloc+0x68/0x90
[  194.103953][T11679]  security_task_alloc+0x2a/0x260
[  194.103980][T11679]  copy_process+0x2865/0x7e00
[  194.104011][T11679]  ? __pfx_copy_process+0x10/0x10
[  194.104032][T11679]  ? lockdep_init_map_type+0x5c/0x250
[  194.104058][T11679]  ? lockdep_init_map_type+0x5c/0x250
[  194.104082][T11679]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  194.104103][T11679]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  194.104131][T11679]  vhost_task_create+0x1db/0x370
[  194.104157][T11679]  ? __pfx_vhost_task_create+0x10/0x10
[  194.104179][T11679]  ? register_lock_class+0x40/0x560
[  194.104209][T11679]  ? __pfx_vhost_task_fn+0x10/0x10
[  194.104235][T11679]  ? __pfx___mutex_lock+0x10/0x10
[  194.104258][T11679]  ? kasan_quarantine_put+0x104/0x240
[  194.104291][T11679]  kvm_mmu_post_init_vm+0x1b3/0x370
[  194.104317][T11679]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  194.104383][T11679]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  194.104408][T11679]  kvm_vcpu_ioctl+0x730/0x1720
[  194.104429][T11679]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  194.104455][T11679]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  194.104478][T11679]  ? do_vfs_ioctl+0x226/0x13e0
[  194.104496][T11679]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  194.104514][T11679]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  194.104544][T11679]  ? __fget_files+0x215/0x3d0
[  194.104564][T11679]  ? hook_file_ioctl_common+0x149/0x410
[  194.104597][T11679]  ? selinux_file_ioctl+0x13b/0x290
[  194.104618][T11679]  ? selinux_file_ioctl+0xb6/0x290
[  194.104642][T11679]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  194.104661][T11679]  __x64_sys_ioctl+0x18e/0x210
[  194.104680][T11679]  do_syscall_64+0x10b/0xf80
[  194.104700][T11679]  ? clear_bhb_loop+0x40/0x90
[  194.104721][T11679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.104738][T11679] RIP: 0033:0x7f320d19cdd9
[  194.104753][T11679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  194.104768][T11679] RSP: 002b:00007f320dfe1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  194.104785][T11679] RAX: ffffffffffffffda RBX: 00007f320d415fa0 RCX: 00007f320d19cdd9
[  194.104795][T11679] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  194.104805][T11679] RBP: 00007f320dfe1090 R08: 0000000000000000 R09: 0000000000000000
[  194.104814][T11679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.104824][T11679] R13: 00007f320d416038 R14: 00007f320d415fa0 R15: 00007fff0fdd08d8
[  194.104846][T11679]  </TASK>
[  194.232445][ T5741] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  194.248561][ T5741] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  194.257501][ T5741] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  194.261269][ T5741] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  194.407352][   T39] audit: type=1400 audit(1777835432.655:1622): avc:  denied  { map } for  pid=11693 comm="syz.3.1794" path="/dev/comedi2" dev="devtmpfs" ino=1303 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  194.609785][T11713] syz_tun: entered allmulticast mode
[  194.621400][T11715] xt_hashlimit: size too large, truncated to 1048576
[  194.636905][T11712] syz_tun: left allmulticast mode
[  194.656500][T11717] syzkaller1: entered promiscuous mode
[  194.658944][T11717] syzkaller1: entered allmulticast mode
[  194.844834][T11681] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.850311][T11681] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.853814][T11681] bridge_slave_0: entered allmulticast mode
[  194.858231][T11681] bridge_slave_0: entered promiscuous mode
[  194.863485][T11681] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.866779][T11681] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.870042][T11681] bridge_slave_1: entered allmulticast mode
[  194.874015][T11681] bridge_slave_1: entered promiscuous mode
[  194.903357][T11681] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.911279][T11681] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.926704][T11681] team0: Port device team_slave_0 added
[  194.929742][T11681] team0: Port device team_slave_1 added
[  194.946504][T11681] batman_adv: batadv0: Adding interface: batadv_slave_0
[  194.948951][T11681] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  194.958184][T11681] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  194.962473][T11681] batman_adv: batadv0: Adding interface: batadv_slave_1
[  194.964761][T11681] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  194.966180][ T5842] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  194.973622][T11681] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.005892][T11681] hsr_slave_0: entered promiscuous mode
[  195.008546][T11681] hsr_slave_1: entered promiscuous mode
[  195.010776][T11681] debugfs: 'hsr0' already exists in 'hsr'
[  195.012591][T11681] Cannot create hsr debugfs directory
[  195.136416][ T5842] usb 5-1: Using ep0 maxpacket: 16
[  195.142003][ T5842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  195.146448][ T5842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  195.150913][ T5842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  195.154840][ T5842] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  195.161431][ T5842] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  195.167105][ T5842] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  195.171107][ T5842] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  195.174567][ T5842] usb 5-1: Manufacturer: syz
[  195.178580][ T5842] usb 5-1: config 0 descriptor??
[  195.436193][ T5842] rc_core: IR keymap rc-hauppauge not found
[  195.438263][ T5842] Registered IR keymap rc-empty
[  195.440008][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.456600][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.486576][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 4 seconds
[  195.490054][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 4 seconds
[  195.491059][ T5842] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  195.493552][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 4 seconds
[  195.493587][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 4 seconds
[  195.510869][T11681] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  195.522067][T11681] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  195.524987][T11681] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  195.525067][ T5842] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input25
[  195.534696][T11681] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  195.537686][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.537892][T11681] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  195.545239][T11681] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  195.548650][T11681] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  195.553046][T11681] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  195.558738][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.574331][T11681] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.577500][T11681] bridge0: port 2(bridge_slave_1) entered forwarding state
[  195.578788][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.581468][T11681] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.587807][T11681] bridge0: port 1(bridge_slave_0) entered forwarding state
[  195.596610][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.626454][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.637621][T11681] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.650891][ T8328] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.656637][ T8328] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.656771][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.672496][T11681] 8021q: adding VLAN 0 to HW filter on device team0
[  195.676904][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.680997][ T8328] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.683520][ T8328] bridge0: port 1(bridge_slave_0) entered forwarding state
[  195.694159][ T8328] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.696693][ T8328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  195.706343][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.736221][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.766401][ T5842] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.799997][ T5842] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  195.808694][ T5842] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  195.821173][ T5842] usb 5-1: USB disconnect, device number 13
[  195.844386][   T39] audit: type=1400 audit(1777835434.085:1623): avc:  denied  { read } for  pid=11755 comm="syz.5.1801" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  195.856249][   T39] audit: type=1400 audit(1777835434.085:1624): avc:  denied  { open } for  pid=11755 comm="syz.5.1801" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  195.864535][   T39] audit: type=1400 audit(1777835434.085:1625): avc:  denied  { ioctl } for  pid=11755 comm="syz.5.1801" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  196.020260][T11681] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.049852][T11681] veth0_vlan: entered promiscuous mode
[  196.054938][T11681] veth1_vlan: entered promiscuous mode
[  196.076645][T11681] veth0_macvtap: entered promiscuous mode
[  196.082700][T11681] veth1_macvtap: entered promiscuous mode
[  196.097601][T11681] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.105990][T11681] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.125338][ T8329] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.131038][ T8329] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.143323][ T8329] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.147257][ T8329] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.286327][ T5741] Bluetooth: hci4: command tx timeout
[  196.291603][ T8328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.298043][ T8328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.322221][ T8328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.325139][ T8328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.415944][T11772] loop6: detected capacity change from 0 to 8
[  196.467927][   T39] audit: type=1400 audit(1777835434.715:1626): avc:  denied  { read write } for  pid=11792 comm="syz.2.1785" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  196.477875][   T39] audit: type=1400 audit(1777835434.715:1627): avc:  denied  { open } for  pid=11792 comm="syz.2.1785" path="/0/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  196.479120][T11772] loop6: detected capacity change from 8 to 7
[  196.541868][   T39] audit: type=1400 audit(1777835434.785:1628): avc:  denied  { bind } for  pid=11771 comm="syz.5.1804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  196.554912][T11775] loop6: detected capacity change from 7 to 0
[  196.560406][    C3] blk_print_req_error: 10 callbacks suppressed
[  196.560424][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.566517][    C3] buffer_io_error: 10 callbacks suppressed
[  196.566527][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  196.572065][T11772] ldm_validate_partition_table(): Disk read failed.
[  196.574692][ T5734] Buffer I/O error on dev loop6, logical block 0, async page read
[  196.578113][T11772] Dev loop6: unable to read RDB block 0
[  196.579984][T11772]  loop6: unable to read partition table
[  196.596436][T11772] loop6: partition table beyond EOD, truncated
[  196.599289][T11772] loop_reread_partitions: partition scan of loop6 (�u�G��ܱ.:����0�������
[  196.599289][T11772] 咁<l�k�3"	[8�S~) failed (rc=-5)
[  197.009366][T11818] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1816'.
[  197.017646][T11818] netlink: 'syz.2.1816': attribute type 30 has an invalid length.
[  197.036363][ T8329] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  197.039580][ T8329] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  197.044631][ T8329] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  197.047630][ T8329] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  197.277298][T11837] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input26
[  197.341771][T11845] trusted_key: syz.5.1821 sent an empty control message without MSG_MORE.
[  197.348175][T11845] tmpfs: Unknown parameter 'gr'
[  197.405410][T11837] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1819'.
[  197.411178][T11847] nvme_fabrics: missing parameter 'transport=%s'
[  197.413466][T11847] nvme_fabrics: missing parameter 'nqn=%s'
[  197.426179][ T5842] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  197.556370][ T5842] usb 5-1: device descriptor read/64, error -71
[  197.589904][T11855] pim6reg: entered allmulticast mode
[  197.798104][ T5842] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  197.864370][T11861] /dev/sr0: Can't lookup blockdev
[  197.866695][T11861] /dev/sr0: Can't lookup blockdev
[  197.895089][T11864] netlink: 'syz.2.1829': attribute type 1 has an invalid length.
[  197.898711][T11864] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  197.908618][T11864] /dev/sg0: Can't lookup blockdev
[  197.926248][ T5842] usb 5-1: device descriptor read/64, error -71
[  198.049177][ T5842] usb usb5-port1: attempt power cycle
[  198.203885][T11871] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1831'.
[  198.208763][T11873] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11873 comm=syz.3.1832
[  198.209993][T11874] netlink: 'syz.3.1832': attribute type 1 has an invalid length.
[  198.213283][T11873] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11873 comm=syz.3.1832
[  198.216038][T11875] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=11875 comm=syz.3.1832
[  198.221138][T11874] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  198.248688][ T5741] Bluetooth: hci2: unexpected event 0x03 length: 14 > 11
[  198.273949][T11881] xt_hashlimit: max too large, truncated to 1048576
[  198.280611][T11881] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  198.284012][T11881] netlink: 'syz.3.1834': attribute type 1 has an invalid length.
[  198.286958][T11882] netlink: 'syz.3.1834': attribute type 1 has an invalid length.
[  198.292690][T11885] xt_hashlimit: size too large, truncated to 1048576
[  198.343694][   T39] audit: type=1400 audit(1777835436.585:1629): avc:  denied  { ioctl } for  pid=11880 comm="syz.3.1834" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  198.376226][ T5741] Bluetooth: hci4: command tx timeout
[  198.396545][ T5842] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  198.437357][ T5842] usb 5-1: device descriptor read/8, error -71
[  198.646150][   T34] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  198.686632][ T5842] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  198.716882][ T5842] usb 5-1: device descriptor read/8, error -71
[  198.796224][   T34] usb 10-1: Using ep0 maxpacket: 16
[  198.799417][   T34] usb 10-1: no configurations
[  198.801625][   T34] usb 10-1: can't read configurations, error -22
[  198.836455][ T5842] usb usb5-port1: unable to enumerate USB device
[  198.847222][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 6 seconds
[  198.850717][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 6 seconds
[  198.854160][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 6 seconds
[  198.857779][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 6 seconds
[  198.926243][   T34] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  199.086362][   T34] usb 10-1: Using ep0 maxpacket: 16
[  199.088936][   T34] usb 10-1: no configurations
[  199.091001][   T34] usb 10-1: can't read configurations, error -22
[  199.095000][   T34] usb usb10-port1: attempt power cycle
[  199.247544][ T1434] ieee802154 phy0 wpan0: encryption failed: -22
[  199.436179][   T34] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  199.461229][   T34] usb 10-1: Using ep0 maxpacket: 16
[  199.464640][   T34] usb 10-1: no configurations
[  199.466834][   T34] usb 10-1: can't read configurations, error -22
[  199.596173][   T34] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  199.616905][   T34] usb 10-1: Using ep0 maxpacket: 16
[  199.619793][   T34] usb 10-1: no configurations
[  199.621880][   T34] usb 10-1: can't read configurations, error -22
[  199.625111][   T34] usb usb10-port1: unable to enumerate USB device
[  200.446605][ T5741] Bluetooth: hci4: command tx timeout
[  200.714456][T11910] xt_hashlimit: size too large, truncated to 1048576
[  200.781374][T11913] Unsupported ieee802154 address type: 0
[  200.963788][   T39] audit: type=1326 audit(1777835439.205:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11919 comm="syz.2.1847" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd747f9cdd9 code=0x0
[  201.017634][T11924] 9p: Bad value for 'rfdno'
[  201.027247][   T39] audit: type=1400 audit(1777835439.275:1631): avc:  denied  { ioctl } for  pid=11919 comm="syz.2.1847" path="/19/file0/file0" dev="fuse" ino=64 ioctlcmd=0x4d0d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  201.191916][T11929] netlink: 'syz.0.1850': attribute type 1 has an invalid length.
[  201.211740][T11929] 8021q: adding VLAN 0 to HW filter on device bond7
[  201.247472][T11929] bond7: (slave veth5): Enslaving as an active interface with a down link
[  201.266301][T11929] vlan0: entered allmulticast mode
[  201.268621][T11929] bond7: entered allmulticast mode
[  201.271946][T11929] bond7: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  201.447965][T11938] program syz.5.1853 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.502052][T11940] FAULT_INJECTION: forcing a failure.
[  201.502052][T11940] name failslab, interval 1, probability 0, space 0, times 0
[  201.507597][T11940] CPU: 3 UID: 0 PID: 11940 Comm: syz.0.1854 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  201.507624][T11940] Tainted: [L]=SOFTLOCKUP
[  201.507630][T11940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  201.507639][T11940] Call Trace:
[  201.507645][T11940]  <TASK>
[  201.507652][T11940]  dump_stack_lvl+0x100/0x190
[  201.507677][T11940]  should_fail_ex.cold+0x5/0xa
[  201.507699][T11940]  should_failslab+0xc2/0x120
[  201.507718][T11940]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  201.507742][T11940]  ? alloc_pid+0x1bd/0x1910
[  201.507760][T11940]  ? kvm_mmu_post_init_vm+0x1b3/0x370
[  201.507788][T11940]  alloc_pid+0x1bd/0x1910
[  201.507811][T11940]  ? __pfx_alloc_pid+0x10/0x10
[  201.507840][T11940]  ? __lock_acquire+0x4a5/0x2630
[  201.507860][T11940]  ? avc_has_perm_noaudit+0x145/0x3b0
[  201.507895][T11940]  ? fpu_clone+0x226/0x7a0
[  201.507921][T11940]  ? copy_thread+0x729/0xbe0
[  201.507945][T11940]  copy_process+0x446d/0x7e00
[  201.507975][T11940]  ? __pfx_copy_process+0x10/0x10
[  201.507994][T11940]  ? lockdep_init_map_type+0x5c/0x250
[  201.508016][T11940]  ? lockdep_init_map_type+0x5c/0x250
[  201.508037][T11940]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  201.508057][T11940]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  201.508082][T11940]  vhost_task_create+0x1db/0x370
[  201.508104][T11940]  ? __pfx_vhost_task_create+0x10/0x10
[  201.508123][T11940]  ? register_lock_class+0x40/0x560
[  201.508150][T11940]  ? __pfx_vhost_task_fn+0x10/0x10
[  201.508174][T11940]  ? __pfx___mutex_lock+0x10/0x10
[  201.508193][T11940]  ? kasan_quarantine_put+0x104/0x240
[  201.508253][T11940]  kvm_mmu_post_init_vm+0x1b3/0x370
[  201.508278][T11940]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  201.508300][T11940]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  201.508323][T11940]  kvm_vcpu_ioctl+0x730/0x1720
[  201.508342][T11940]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  201.508360][T11940]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  201.508381][T11940]  ? do_vfs_ioctl+0x226/0x13e0
[  201.508398][T11940]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  201.508414][T11940]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  201.508444][T11940]  ? __fget_files+0x215/0x3d0
[  201.508461][T11940]  ? hook_file_ioctl_common+0x149/0x410
[  201.508492][T11940]  ? selinux_file_ioctl+0x13b/0x290
[  201.508512][T11940]  ? selinux_file_ioctl+0xb6/0x290
[  201.508540][T11940]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  201.508558][T11940]  __x64_sys_ioctl+0x18e/0x210
[  201.508577][T11940]  do_syscall_64+0x10b/0xf80
[  201.508595][T11940]  ? clear_bhb_loop+0x40/0x90
[  201.508616][T11940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.508632][T11940] RIP: 0033:0x7f75a9b9cdd9
[  201.508646][T11940] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  201.508661][T11940] RSP: 002b:00007f75aab2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  201.508695][T11940] RAX: ffffffffffffffda RBX: 00007f75a9e15fa0 RCX: 00007f75a9b9cdd9
[  201.508707][T11940] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  201.508717][T11940] RBP: 00007f75aab2b090 R08: 0000000000000000 R09: 0000000000000000
[  201.508726][T11940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  201.508736][T11940] R13: 00007f75a9e16038 R14: 00007f75a9e15fa0 R15: 00007fffd6714318
[  201.508760][T11940]  </TASK>
[  201.784312][T11950] overlayfs: failed to resolve './bus': -2
[  202.112021][T11958] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  202.148690][T11963] FAULT_INJECTION: forcing a failure.
[  202.148690][T11963] name failslab, interval 1, probability 0, space 0, times 0
[  202.155856][T11963] CPU: 2 UID: 0 PID: 11963 Comm: syz.2.1861 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  202.155881][T11963] Tainted: [L]=SOFTLOCKUP
[  202.155886][T11963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  202.155894][T11963] Call Trace:
[  202.155900][T11963]  <TASK>
[  202.155906][T11963]  dump_stack_lvl+0x100/0x190
[  202.155929][T11963]  should_fail_ex.cold+0x5/0xa
[  202.155949][T11963]  should_failslab+0xc2/0x120
[  202.155964][T11963]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  202.155984][T11963]  ? anon_vma_clone+0x2ba/0xcd0
[  202.156005][T11963]  anon_vma_clone+0x2ba/0xcd0
[  202.156028][T11963]  __split_vma+0x51f/0xd90
[  202.156066][T11963]  ? __pfx___split_vma+0x10/0x10
[  202.156091][T11963]  ? __pfx_mas_prev+0x10/0x10
[  202.156108][T11963]  ? kernel_text_address+0x8d/0x100
[  202.156132][T11963]  vms_gather_munmap_vmas+0x3a5/0x1720
[  202.156156][T11963]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  202.156182][T11963]  ? mas_walk+0x6ef/0x9b0
[  202.156204][T11963]  __mmap_region+0x4aa/0x2da0
[  202.156249][T11963]  ? __pfx___mmap_region+0x10/0x10
[  202.156270][T11963]  ? __pfx___might_resched+0x10/0x10
[  202.156292][T11963]  ? find_held_lock+0x2b/0x80
[  202.156304][T11963]  ? process_measurement+0x4c8/0x2350
[  202.156324][T11963]  ? process_measurement+0x4c8/0x2350
[  202.156349][T11963]  ? process_measurement+0x1f4/0x2350
[  202.156370][T11963]  ? find_held_lock+0x2b/0x80
[  202.156392][T11963]  ? __lock_acquire+0x4a5/0x2630
[  202.156416][T11963]  ? __lock_acquire+0x4a5/0x2630
[  202.156434][T11963]  ? find_held_lock+0x2b/0x80
[  202.156446][T11963]  ? is_bpf_text_address+0x8a/0x1a0
[  202.156488][T11963]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  202.156515][T11963]  mmap_region+0x527/0x620
[  202.156538][T11963]  ? __pfx_mmap_region+0x10/0x10
[  202.156558][T11963]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  202.156575][T11963]  ? selinux_mmap_addr+0x2b/0x110
[  202.156596][T11963]  ? bpf_lsm_mmap_addr+0x9/0x30
[  202.156608][T11963]  ? security_mmap_addr+0x71/0x1e0
[  202.156628][T11963]  ? __get_unmapped_area+0x255/0x3e0
[  202.156645][T11963]  do_mmap+0xc63/0x12f0
[  202.156664][T11963]  ? __pfx_do_mmap+0x10/0x10
[  202.156680][T11963]  ? __pfx_down_write_killable+0x10/0x10
[  202.156703][T11963]  vm_mmap_pgoff+0x29e/0x470
[  202.156723][T11963]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  202.156737][T11963]  ? __fget_files+0x215/0x3d0
[  202.156757][T11963]  ? __fget_files+0x21f/0x3d0
[  202.156777][T11963]  ksys_mmap_pgoff+0x3cb/0x610
[  202.156794][T11963]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  202.156808][T11963]  ? fput+0x79/0x100
[  202.156826][T11963]  ? ksys_write+0x1ac/0x250
[  202.156841][T11963]  ? __pfx_ksys_write+0x10/0x10
[  202.156857][T11963]  __x64_sys_mmap+0x125/0x190
[  202.156877][T11963]  do_syscall_64+0x10b/0xf80
[  202.156893][T11963]  ? clear_bhb_loop+0x40/0x90
[  202.156910][T11963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.156924][T11963] RIP: 0033:0x7fd747f9cdd9
[  202.156936][T11963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.156949][T11963] RSP: 002b:00007fd748ebb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  202.156964][T11963] RAX: ffffffffffffffda RBX: 00007fd748215fa0 RCX: 00007fd747f9cdd9
[  202.156972][T11963] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000000000
[  202.156981][T11963] RBP: 00007fd748ebb090 R08: 0000000000000003 R09: 0000000000000000
[  202.156989][T11963] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[  202.156996][T11963] R13: 00007fd748216038 R14: 00007fd748215fa0 R15: 00007ffd57af9bb8
[  202.157015][T11963]  </TASK>
[  202.218347][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 8 seconds
[  202.309629][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 8 seconds
[  202.313161][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 8 seconds
[  202.316793][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 8 seconds
[  202.368903][T11971] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1863'.
[  202.437861][T11976] FAULT_INJECTION: forcing a failure.
[  202.437861][T11976] name failslab, interval 1, probability 0, space 0, times 0
[  202.442102][T11976] CPU: 3 UID: 0 PID: 11976 Comm: syz.5.1865 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  202.442118][T11976] Tainted: [L]=SOFTLOCKUP
[  202.442122][T11976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  202.442128][T11976] Call Trace:
[  202.442132][T11976]  <TASK>
[  202.442137][T11976]  dump_stack_lvl+0x100/0x190
[  202.442154][T11976]  should_fail_ex.cold+0x5/0xa
[  202.442170][T11976]  should_failslab+0xc2/0x120
[  202.442182][T11976]  __kvmalloc_node_noprof+0xfa/0xa00
[  202.442198][T11976]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  202.442215][T11976]  __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  202.442230][T11976]  ? find_held_lock+0x2b/0x80
[  202.442242][T11976]  mmu_topup_memory_caches+0x25/0x170
[  202.442258][T11976]  kvm_mmu_load+0xd6/0x23e0
[  202.442271][T11976]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  202.442282][T11976]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  202.442294][T11976]  ? __pfx_kvm_mmu_load+0x10/0x10
[  202.442308][T11976]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  202.442320][T11976]  ? kvm_check_and_inject_events+0x961/0x1070
[  202.442335][T11976]  ? record_steal_time+0x3d0/0xbc0
[  202.442348][T11976]  vcpu_run+0x39f4/0x5ca0
[  202.442368][T11976]  ? __pfx_vcpu_run+0x10/0x10
[  202.442388][T11976]  ? rcu_is_watching+0x12/0xc0
[  202.442406][T11976]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  202.442421][T11976]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  202.442441][T11976]  kvm_vcpu_ioctl+0x730/0x1720
[  202.442453][T11976]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  202.442465][T11976]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  202.442479][T11976]  ? do_vfs_ioctl+0x226/0x13e0
[  202.442491][T11976]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  202.442501][T11976]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  202.442521][T11976]  ? __fget_files+0x215/0x3d0
[  202.442533][T11976]  ? hook_file_ioctl_common+0x149/0x410
[  202.442553][T11976]  ? selinux_file_ioctl+0x13b/0x290
[  202.442566][T11976]  ? selinux_file_ioctl+0xb6/0x290
[  202.442584][T11976]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  202.442596][T11976]  __x64_sys_ioctl+0x18e/0x210
[  202.442608][T11976]  do_syscall_64+0x10b/0xf80
[  202.442620][T11976]  ? clear_bhb_loop+0x40/0x90
[  202.442633][T11976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.442644][T11976] RIP: 0033:0x7fef3b39cdd9
[  202.442653][T11976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.442663][T11976] RSP: 002b:00007fef3c232028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.442674][T11976] RAX: ffffffffffffffda RBX: 00007fef3b615fa0 RCX: 00007fef3b39cdd9
[  202.442680][T11976] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  202.442686][T11976] RBP: 00007fef3c232090 R08: 0000000000000000 R09: 0000000000000000
[  202.442692][T11976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  202.442698][T11976] R13: 00007fef3b616038 R14: 00007fef3b615fa0 R15: 00007ffdfb6c9578
[  202.442711][T11976]  </TASK>
[  202.973527][T11996] FAULT_INJECTION: forcing a failure.
[  202.973527][T11996] name failslab, interval 1, probability 0, space 0, times 0
[  202.979350][T11996] CPU: 2 UID: 0 PID: 11996 Comm: syz.0.1870 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  202.979377][T11996] Tainted: [L]=SOFTLOCKUP
[  202.979383][T11996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  202.979393][T11996] Call Trace:
[  202.979399][T11996]  <TASK>
[  202.979405][T11996]  dump_stack_lvl+0x100/0x190
[  202.979434][T11996]  should_fail_ex.cold+0x5/0xa
[  202.979460][T11996]  should_failslab+0xc2/0x120
[  202.979480][T11996]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  202.979506][T11996]  ? vm_area_alloc+0x1f/0x160
[  202.979536][T11996]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  202.979561][T11996]  vm_area_alloc+0x1f/0x160
[  202.979584][T11996]  __mmap_region+0x104d/0x2da0
[  202.979613][T11996]  ? __pfx___mmap_region+0x10/0x10
[  202.979643][T11996]  ? find_held_lock+0x2b/0x80
[  202.979659][T11996]  ? process_measurement+0x4c8/0x2350
[  202.979710][T11996]  ? process_measurement+0x4c8/0x2350
[  202.979742][T11996]  ? process_measurement+0x1f4/0x2350
[  202.979769][T11996]  ? find_held_lock+0x2b/0x80
[  202.979798][T11996]  ? __lock_acquire+0x4a5/0x2630
[  202.979835][T11996]  ? find_held_lock+0x2b/0x80
[  202.979851][T11996]  ? is_bpf_text_address+0x8a/0x1a0
[  202.979905][T11996]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  202.979942][T11996]  mmap_region+0x527/0x620
[  202.979970][T11996]  ? __pfx_mmap_region+0x10/0x10
[  202.979996][T11996]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  202.980018][T11996]  ? selinux_mmap_addr+0x2b/0x110
[  202.980038][T11996]  ? bpf_lsm_mmap_addr+0x9/0x30
[  202.980054][T11996]  ? security_mmap_addr+0x71/0x1e0
[  202.980077][T11996]  ? __get_unmapped_area+0x255/0x3e0
[  202.980101][T11996]  do_mmap+0xc63/0x12f0
[  202.980125][T11996]  ? __pfx_do_mmap+0x10/0x10
[  202.980145][T11996]  ? __pfx_down_write_killable+0x10/0x10
[  202.980175][T11996]  vm_mmap_pgoff+0x29e/0x470
[  202.980220][T11996]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  202.980241][T11996]  ? __fget_files+0x215/0x3d0
[  202.980267][T11996]  ? __fget_files+0x21f/0x3d0
[  202.980294][T11996]  ksys_mmap_pgoff+0x3cb/0x610
[  202.980316][T11996]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  202.980334][T11996]  ? fput+0x79/0x100
[  202.980358][T11996]  ? ksys_write+0x1ac/0x250
[  202.980376][T11996]  ? __pfx_ksys_write+0x10/0x10
[  202.980398][T11996]  __x64_sys_mmap+0x125/0x190
[  202.980424][T11996]  do_syscall_64+0x10b/0xf80
[  202.980443][T11996]  ? clear_bhb_loop+0x40/0x90
[  202.980465][T11996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.980483][T11996] RIP: 0033:0x7f75a9b9cdd9
[  202.980500][T11996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.980521][T11996] RSP: 002b:00007f75aab2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  202.980540][T11996] RAX: ffffffffffffffda RBX: 00007f75a9e15fa0 RCX: 00007f75a9b9cdd9
[  202.980552][T11996] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000000000
[  202.980561][T11996] RBP: 00007f75aab2b090 R08: 0000000000000003 R09: 0000000000000000
[  202.980573][T11996] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[  202.980583][T11996] R13: 00007f75a9e16038 R14: 00007f75a9e15fa0 R15: 00007fffd6714318
[  202.980607][T11996]  </TASK>
[  203.453119][T12011] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.457869][T12011] 8021q: adding VLAN 0 to HW filter on device team0
[  203.465145][T12011] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.483084][T12011] bridge_slave_1: entered promiscuous mode
[  203.503586][T12011] veth1_macvtap: left promiscuous mode
[  203.507448][T12011] veth0_macvtap: left promiscuous mode
[  203.510835][T12011] veth0_macvtap: entered promiscuous mode
[  203.514989][T12011] veth1_macvtap: entered promiscuous mode
[  203.524316][T12011] 8021q: adding VLAN 0 to HW filter on device bond1
[  203.528385][T12011] 8021q: adding VLAN 0 to HW filter on device bond2
[  203.532260][T12011] 8021q: adding VLAN 0 to HW filter on device bond3
[  203.534863][T12011] 8021q: adding VLAN 0 to HW filter on device bond4
[  203.539753][T12011] A link change request failed with some changes committed already. Interface geneve2 may have been left with an inconsistent configuration, please check.
[  203.569240][ T8330] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.572703][ T8330] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.579587][ T8330] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.583188][   T39] audit: type=1326 audit(1777835441.825:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.593430][ T8330] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.596206][   T39] audit: type=1326 audit(1777835441.825:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.608368][   T39] audit: type=1326 audit(1777835441.825:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.619599][   T39] audit: type=1326 audit(1777835441.825:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.629579][   T39] audit: type=1326 audit(1777835441.825:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.640428][   T39] audit: type=1326 audit(1777835441.825:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.651150][   T39] audit: type=1326 audit(1777835441.825:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.671580][   T39] audit: type=1326 audit(1777835441.825:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.681108][   T39] audit: type=1326 audit(1777835441.825:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  203.691097][   T39] audit: type=1326 audit(1777835441.825:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12013 comm="syz.5.1875" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fef3b39cdd9 code=0x7ffc0000
[  204.126542][T12038] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  204.247562][T12048] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input27
[  204.326357][T12050] FAULT_INJECTION: forcing a failure.
[  204.326357][T12050] name failslab, interval 1, probability 0, space 0, times 0
[  204.334534][T12050] CPU: 2 UID: 0 PID: 12050 Comm: syz.2.1886 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  204.334553][T12050] Tainted: [L]=SOFTLOCKUP
[  204.334557][T12050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  204.334563][T12050] Call Trace:
[  204.334567][T12050]  <TASK>
[  204.334571][T12050]  dump_stack_lvl+0x100/0x190
[  204.334589][T12050]  should_fail_ex.cold+0x5/0xa
[  204.334605][T12050]  should_failslab+0xc2/0x120
[  204.334617][T12050]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  204.334633][T12050]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  204.334650][T12050]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  204.334666][T12050]  mmu_topup_memory_caches+0x25/0x170
[  204.334682][T12050]  kvm_mmu_load+0xd6/0x23e0
[  204.334696][T12050]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  204.334707][T12050]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  204.334741][T12050]  ? __pfx_kvm_mmu_load+0x10/0x10
[  204.334754][T12050]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  204.334767][T12050]  ? kvm_check_and_inject_events+0x961/0x1070
[  204.334782][T12050]  ? record_steal_time+0x3d0/0xbc0
[  204.334794][T12050]  vcpu_run+0x39f4/0x5ca0
[  204.334815][T12050]  ? __pfx_vcpu_run+0x10/0x10
[  204.334834][T12050]  ? rcu_is_watching+0x12/0xc0
[  204.334852][T12050]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  204.334868][T12050]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  204.334887][T12050]  kvm_vcpu_ioctl+0x730/0x1720
[  204.334900][T12050]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  204.334912][T12050]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  204.334925][T12050]  ? do_vfs_ioctl+0x226/0x13e0
[  204.334937][T12050]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  204.334948][T12050]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  204.334967][T12050]  ? __fget_files+0x215/0x3d0
[  204.334979][T12050]  ? hook_file_ioctl_common+0x149/0x410
[  204.334999][T12050]  ? selinux_file_ioctl+0x13b/0x290
[  204.335012][T12050]  ? selinux_file_ioctl+0xb6/0x290
[  204.335026][T12050]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  204.335038][T12050]  __x64_sys_ioctl+0x18e/0x210
[  204.335050][T12050]  do_syscall_64+0x10b/0xf80
[  204.335063][T12050]  ? clear_bhb_loop+0x40/0x90
[  204.335076][T12050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.335086][T12050] RIP: 0033:0x7fd747f9cdd9
[  204.335095][T12050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  204.335105][T12050] RSP: 002b:00007fd748ebb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  204.335116][T12050] RAX: ffffffffffffffda RBX: 00007fd748215fa0 RCX: 00007fd747f9cdd9
[  204.335123][T12050] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  204.335129][T12050] RBP: 00007fd748ebb090 R08: 0000000000000000 R09: 0000000000000000
[  204.335135][T12050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  204.335141][T12050] R13: 00007fd748216038 R14: 00007fd748215fa0 R15: 00007ffd57af9bb8
[  204.335154][T12050]  </TASK>
[  204.515763][T12066] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  204.520890][T12066] VFS: Can't find a romfs filesystem on dev nullb0.
[  204.520890][T12066] 
[  204.836509][T12093] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  204.870073][T12086] tunl0: Master is either lo or non-ether device
[  204.873621][T12089] FAULT_INJECTION: forcing a failure.
[  204.873621][T12089] name failslab, interval 1, probability 0, space 0, times 0
[  204.882392][T12089] CPU: 2 UID: 0 PID: 12089 Comm: syz.5.1903 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  204.882422][T12089] Tainted: [L]=SOFTLOCKUP
[  204.882428][T12089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  204.882438][T12089] Call Trace:
[  204.882446][T12089]  <TASK>
[  204.882453][T12089]  dump_stack_lvl+0x100/0x190
[  204.882480][T12089]  should_fail_ex.cold+0x5/0xa
[  204.882513][T12089]  should_failslab+0xc2/0x120
[  204.882534][T12089]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  204.882562][T12089]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  204.882584][T12089]  ? kvm_mmu_load+0xc6/0x23e0
[  204.882609][T12089]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  204.882638][T12089]  mmu_topup_memory_caches+0x25/0x170
[  204.882666][T12089]  kvm_mmu_load+0xd6/0x23e0
[  204.882689][T12089]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  204.882710][T12089]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  204.882731][T12089]  ? __pfx_kvm_mmu_load+0x10/0x10
[  204.882754][T12089]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  204.882775][T12089]  ? kvm_check_and_inject_events+0x961/0x1070
[  204.882800][T12089]  ? record_steal_time+0x3d0/0xbc0
[  204.882822][T12089]  vcpu_run+0x39f4/0x5ca0
[  204.882858][T12089]  ? __pfx_vcpu_run+0x10/0x10
[  204.882893][T12089]  ? rcu_is_watching+0x12/0xc0
[  204.882924][T12089]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  204.882950][T12089]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  204.882982][T12089]  kvm_vcpu_ioctl+0x730/0x1720
[  204.883005][T12089]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  204.883025][T12089]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  204.883049][T12089]  ? do_vfs_ioctl+0x226/0x13e0
[  204.883069][T12089]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  204.883087][T12089]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  204.883121][T12089]  ? __fget_files+0x215/0x3d0
[  204.883142][T12089]  ? hook_file_ioctl_common+0x149/0x410
[  204.883177][T12089]  ? selinux_file_ioctl+0x13b/0x290
[  204.883200][T12089]  ? selinux_file_ioctl+0xb6/0x290
[  204.883224][T12089]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  204.883245][T12089]  __x64_sys_ioctl+0x18e/0x210
[  204.883264][T12089]  do_syscall_64+0x10b/0xf80
[  204.883285][T12089]  ? clear_bhb_loop+0x40/0x90
[  204.883308][T12089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.883325][T12089] RIP: 0033:0x7fef3b39cdd9
[  204.883342][T12089] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  204.883359][T12089] RSP: 002b:00007fef3c232028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  204.883377][T12089] RAX: ffffffffffffffda RBX: 00007fef3b615fa0 RCX: 00007fef3b39cdd9
[  204.883388][T12089] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  204.883399][T12089] RBP: 00007fef3c232090 R08: 0000000000000000 R09: 0000000000000000
[  204.883409][T12089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  204.883419][T12089] R13: 00007fef3b616038 R14: 00007fef3b615fa0 R15: 00007ffdfb6c9578
[  204.883445][T12089]  </TASK>
[  205.020887][T12105] binder: 12104:12105 ioctl c0306201 0 returned -14
[  205.074818][T12106] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1906'.
[  205.646369][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 10 seconds
[  205.649921][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 10 seconds
[  205.653509][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 10 seconds
[  205.657307][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 10 seconds
[  206.206268][ T5738] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  206.336206][ T5738] usb 5-1: device descriptor read/64, error -71
[  206.596171][ T5738] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  206.610055][T12140] overlayfs: failed to resolve './file1': -2
[  206.746168][ T5738] usb 5-1: device descriptor read/64, error -71
[  206.856780][ T5738] usb usb5-port1: attempt power cycle
[  207.216331][ T5738] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  207.238330][ T5738] usb 5-1: device descriptor read/8, error -71
[  207.396756][T12153] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1927'.
[  207.412365][T12153] xt_hashlimit: overflow, rate too high: 0
[  207.476281][ T5738] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  207.498005][ T5738] usb 5-1: device descriptor read/8, error -71
[  207.606470][ T5738] usb usb5-port1: unable to enumerate USB device
[  207.688206][T12159] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1930'.
[  207.691809][T12160] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1930'.
[  207.960483][T12174] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1935'.
[  207.965059][T12174] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1935'.
[  208.003646][T12176] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1936'.
[  208.063140][T12180] ieee802154 phy0 wpan0: encryption failed: -22
[  208.186571][T12199] kvm: user requested TSC rate below hardware speed
[  208.189447][T12201] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  208.346207][  T843] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  208.506433][  T843] usb 10-1: Using ep0 maxpacket: 8
[  208.513014][  T843] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  208.517877][  T843] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  208.521953][  T843] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.531788][  T843] usb 10-1: config 0 descriptor??
[  208.703792][   T39] kauditd_printk_skb: 27 callbacks suppressed
[  208.703810][   T39] audit: type=1400 audit(1777835446.945:1669): avc:  denied  { map } for  pid=12221 comm="syz.3.1952" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=49381 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  208.718706][   T39] audit: type=1400 audit(1777835446.945:1670): avc:  denied  { read } for  pid=12221 comm="syz.3.1952" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=49381 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  208.739302][  T843] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  208.757533][  T843] usb 10-1: USB disconnect, device number 17
[  208.759765][T12228] binder: 12227:12228 ioctl c0306201 200000000480 returned -14
[  208.820783][T12230] misc userio: Can't change port type on an already running userio instance
[  209.006700][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 12 seconds
[  209.010091][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 12 seconds
[  209.014132][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 12 seconds
[  209.020828][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 12 seconds
[  209.115835][   T39] audit: type=1400 audit(1777835447.355:1671): avc:  denied  { accept } for  pid=12254 comm="syz.0.1962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  209.130268][   T39] audit: type=1400 audit(1777835447.365:1672): avc:  denied  { setattr } for  pid=12254 comm="syz.0.1962" name="NETLINK" dev="sockfs" ino=48895 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  209.161098][   T39] audit: type=1400 audit(1777835447.405:1673): avc:  denied  { write } for  pid=12258 comm="syz.0.1964" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  209.274955][T12267] openvswitch: netlink: IP tunnel dst address not specified
[  209.395994][T12276] loop9: detected capacity change from 0 to 7
[  209.403563][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.407483][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.415338][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.419198][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.425164][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.428193][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.430754][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.434658][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.438258][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.442040][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.445474][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.449338][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.453176][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.457141][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.458396][   T39] audit: type=1400 audit(1777835447.705:1674): avc:  denied  { setattr } for  pid=12277 comm="syz.0.1972" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  209.479731][    C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.482749][    C3] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.485576][    C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.488628][    C3] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.494401][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  209.498177][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.502210][T12276] ldm_validate_partition_table(): Disk read failed.
[  209.509546][T12276] Dev loop9: unable to read RDB block 0
[  209.513854][T12276]  loop9: unable to read partition table
[  209.516756][T12276] loop9: partition table beyond EOD, truncated
[  209.525681][T12276] loop_reread_partitions: partition scan of loop9 (��) failed (rc=-5)
[  209.602755][T12282] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1973'.
[  209.708250][   T39] audit: type=1400 audit(1777835447.955:1675): avc:  denied  { write } for  pid=12289 comm="syz.5.1975" name="mdstat" dev="proc" ino=4026532009 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_mdstat_t tclass=file permissive=1
[  210.032024][T12303] xt_hashlimit: size too large, truncated to 1048576
[  210.142493][T12311] netlink: 5252 bytes leftover after parsing attributes in process `syz.2.1984'.
[  210.226748][T12316] tmpfs: Bad value for 'mpol'
[  210.583787][T12334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1993'.
[  210.648724][T12337] MTD: Couldn't look up '/dev/sg0': -15
[  210.650913][T12337] /dev/sg0: Can't lookup blockdev
[  210.655511][T12336] FAULT_INJECTION: forcing a failure.
[  210.655511][T12336] name failslab, interval 1, probability 0, space 0, times 0
[  210.661485][T12336] CPU: 2 UID: 0 PID: 12336 Comm: syz.0.1994 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  210.661510][T12336] Tainted: [L]=SOFTLOCKUP
[  210.661516][T12336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  210.661527][T12336] Call Trace:
[  210.661534][T12336]  <TASK>
[  210.661541][T12336]  dump_stack_lvl+0x100/0x190
[  210.661567][T12336]  should_fail_ex.cold+0x5/0xa
[  210.661591][T12336]  should_failslab+0xc2/0x120
[  210.661610][T12336]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  210.661635][T12336]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  210.661663][T12336]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  210.661687][T12336]  mmu_topup_memory_caches+0x25/0x170
[  210.661711][T12336]  kvm_mmu_load+0xd6/0x23e0
[  210.661734][T12336]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  210.661750][T12336]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  210.661771][T12336]  ? __pfx_kvm_mmu_load+0x10/0x10
[  210.661794][T12336]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  210.661815][T12336]  ? kvm_check_and_inject_events+0x961/0x1070
[  210.661840][T12336]  ? record_steal_time+0x3d0/0xbc0
[  210.661861][T12336]  vcpu_run+0x39f4/0x5ca0
[  210.661898][T12336]  ? __pfx_vcpu_run+0x10/0x10
[  210.661931][T12336]  ? rcu_is_watching+0x12/0xc0
[  210.661962][T12336]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  210.661988][T12336]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  210.662020][T12336]  kvm_vcpu_ioctl+0x730/0x1720
[  210.662042][T12336]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  210.662063][T12336]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  210.662086][T12336]  ? do_vfs_ioctl+0x226/0x13e0
[  210.662104][T12336]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  210.662124][T12336]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  210.662156][T12336]  ? __fget_files+0x215/0x3d0
[  210.662176][T12336]  ? hook_file_ioctl_common+0x149/0x410
[  210.662210][T12336]  ? selinux_file_ioctl+0x13b/0x290
[  210.662232][T12336]  ? selinux_file_ioctl+0xb6/0x290
[  210.662255][T12336]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  210.662276][T12336]  __x64_sys_ioctl+0x18e/0x210
[  210.662297][T12336]  do_syscall_64+0x10b/0xf80
[  210.662319][T12336]  ? clear_bhb_loop+0x40/0x90
[  210.662337][T12336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.662356][T12336] RIP: 0033:0x7f75a9b9cdd9
[  210.662372][T12336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  210.662387][T12336] RSP: 002b:00007f75aab2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  210.662406][T12336] RAX: ffffffffffffffda RBX: 00007f75a9e15fa0 RCX: 00007f75a9b9cdd9
[  210.662418][T12336] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  210.662427][T12336] RBP: 00007f75aab2b090 R08: 0000000000000000 R09: 0000000000000000
[  210.662436][T12336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  210.662451][T12336] R13: 00007f75a9e16038 R14: 00007f75a9e15fa0 R15: 00007fffd6714318
[  210.662476][T12336]  </TASK>
[  211.122088][T12348] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1998'.
[  211.132409][T12350] fuse: Unknown parameter 'fd90x0000000000000006'
[  211.137288][T12350] program syz.0.1999 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  211.140879][T12348] bond2: entered promiscuous mode
[  211.141083][T12350] ata1.00: non-matching transfer count (1027229220/0)
[  211.143352][T12348] bond2: entered allmulticast mode
[  211.233409][T12358] xt_hashlimit: size too large, truncated to 1048576
[  211.361220][T12363] fuse: Unknown parameter '9ȜD0�cP�	�K�o]{L������z͕��id	�4V����*r�a�&'
[  211.604814][T12380] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  211.607623][T12380] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  211.611966][T12380] vhci_hcd vhci_hcd.0: Device attached
[  211.619089][T12380] vhci_hcd vhci_hcd.0: port 0 already used
[  211.628528][   T39] audit: type=1400 audit(1777835449.875:1676): avc:  denied  { remount } for  pid=12376 comm="syz.3.2010" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  211.628562][T12380] binder: Binderfs stats mode cannot be changed during a remount
[  211.725797][   T39] audit: type=1400 audit(1777835449.965:1677): avc:  denied  { map } for  pid=12385 comm="syz.2.2012" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  211.737776][   T39] audit: type=1400 audit(1777835449.965:1678): avc:  denied  { execute } for  pid=12385 comm="syz.2.2012" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  211.876282][ T5826] usb 44-1: SetAddress Request (2) to port 0
[  211.879439][ T5826] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  212.012359][T12391] xt_hashlimit: size too large, truncated to 1048576
[  212.092593][T12381] vhci_hcd: connection reset by peer
[  212.103450][ T8337] vhci_hcd vhci_hcd.3: stop threads
[  212.113115][ T8337] vhci_hcd vhci_hcd.3: release socket
[  212.115679][ T8337] vhci_hcd vhci_hcd.3: disconnect device
[  212.208575][T12405] QAT: Invalid ioctl -2146929151
[  212.281436][T12413] FAULT_INJECTION: forcing a failure.
[  212.281436][T12413] name failslab, interval 1, probability 0, space 0, times 0
[  212.286866][T12413] CPU: 1 UID: 0 PID: 12413 Comm: syz.5.2021 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  212.286895][T12413] Tainted: [L]=SOFTLOCKUP
[  212.286900][T12413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  212.286911][T12413] Call Trace:
[  212.286917][T12413]  <TASK>
[  212.286923][T12413]  dump_stack_lvl+0x100/0x190
[  212.286950][T12413]  should_fail_ex.cold+0x5/0xa
[  212.286973][T12413]  should_failslab+0xc2/0x120
[  212.286992][T12413]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  212.287016][T12413]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  212.287041][T12413]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  212.287066][T12413]  mmu_topup_memory_caches+0x25/0x170
[  212.287092][T12413]  kvm_mmu_load+0xd6/0x23e0
[  212.287114][T12413]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  212.287130][T12413]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  212.287151][T12413]  ? __pfx_kvm_mmu_load+0x10/0x10
[  212.287170][T12413]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  212.287191][T12413]  ? kvm_check_and_inject_events+0x961/0x1070
[  212.287214][T12413]  ? record_steal_time+0x3d0/0xbc0
[  212.287233][T12413]  vcpu_run+0x39f4/0x5ca0
[  212.287266][T12413]  ? __pfx_vcpu_run+0x10/0x10
[  212.287297][T12413]  ? rcu_is_watching+0x12/0xc0
[  212.287326][T12413]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  212.287349][T12413]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  212.287380][T12413]  kvm_vcpu_ioctl+0x730/0x1720
[  212.287404][T12413]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  212.287425][T12413]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.287445][T12413]  ? do_vfs_ioctl+0x226/0x13e0
[  212.287463][T12413]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  212.287481][T12413]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  212.287511][T12413]  ? __fget_files+0x215/0x3d0
[  212.287531][T12413]  ? hook_file_ioctl_common+0x149/0x410
[  212.287563][T12413]  ? selinux_file_ioctl+0x13b/0x290
[  212.287583][T12413]  ? selinux_file_ioctl+0xb6/0x290
[  212.287606][T12413]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  212.287625][T12413]  __x64_sys_ioctl+0x18e/0x210
[  212.287645][T12413]  do_syscall_64+0x10b/0xf80
[  212.287665][T12413]  ? clear_bhb_loop+0x40/0x90
[  212.287685][T12413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.287703][T12413] RIP: 0033:0x7fef3b39cdd9
[  212.287719][T12413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  212.287734][T12413] RSP: 002b:00007fef3c232028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  212.287752][T12413] RAX: ffffffffffffffda RBX: 00007fef3b615fa0 RCX: 00007fef3b39cdd9
[  212.287762][T12413] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  212.287772][T12413] RBP: 00007fef3c232090 R08: 0000000000000000 R09: 0000000000000000
[  212.287782][T12413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  212.287791][T12413] R13: 00007fef3b616038 R14: 00007fef3b615fa0 R15: 00007ffdfb6c9578
[  212.287815][T12413]  </TASK>
[  212.366365][ T2133] block nbd0: Possible stuck request ffff888029670000: control (read@0,1024B). Runtime 14 seconds
[  212.418375][ T2133] block nbd0: Possible stuck request ffff8880296701c0: control (read@1024,1024B). Runtime 14 seconds
[  212.422875][ T2133] block nbd0: Possible stuck request ffff888029670380: control (read@2048,1024B). Runtime 14 seconds
[  212.427906][ T2133] block nbd0: Possible stuck request ffff888029670540: control (read@3072,1024B). Runtime 14 seconds
[  212.949242][T12451] FAULT_INJECTION: forcing a failure.
[  212.949242][T12451] name failslab, interval 1, probability 0, space 0, times 0
[  212.955008][T12451] CPU: 2 UID: 0 PID: 12451 Comm: syz.3.2035 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  212.955034][T12451] Tainted: [L]=SOFTLOCKUP
[  212.955040][T12451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  212.955050][T12451] Call Trace:
[  212.955056][T12451]  <TASK>
[  212.955062][T12451]  dump_stack_lvl+0x100/0x190
[  212.955088][T12451]  should_fail_ex.cold+0x5/0xa
[  212.955113][T12451]  should_failslab+0xc2/0x120
[  212.955132][T12451]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  212.955157][T12451]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  212.955183][T12451]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  212.955209][T12451]  mmu_topup_memory_caches+0x25/0x170
[  212.955234][T12451]  kvm_mmu_load+0xd6/0x23e0
[  212.955256][T12451]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  212.955273][T12451]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  212.955293][T12451]  ? __pfx_kvm_mmu_load+0x10/0x10
[  212.955341][T12451]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  212.955361][T12451]  ? kvm_check_and_inject_events+0x961/0x1070
[  212.955385][T12451]  ? record_steal_time+0x3d0/0xbc0
[  212.955406][T12451]  vcpu_run+0x39f4/0x5ca0
[  212.955444][T12451]  ? __pfx_vcpu_run+0x10/0x10
[  212.955476][T12451]  ? rcu_is_watching+0x12/0xc0
[  212.955507][T12451]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  212.955531][T12451]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  212.955562][T12451]  kvm_vcpu_ioctl+0x730/0x1720
[  212.955583][T12451]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  212.955602][T12451]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.955624][T12451]  ? do_vfs_ioctl+0x226/0x13e0
[  212.955642][T12451]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  212.955659][T12451]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  212.955690][T12451]  ? __fget_files+0x215/0x3d0
[  212.955710][T12451]  ? hook_file_ioctl_common+0x149/0x410
[  212.955744][T12451]  ? selinux_file_ioctl+0x13b/0x290
[  212.955765][T12451]  ? selinux_file_ioctl+0xb6/0x290
[  212.955788][T12451]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  212.955807][T12451]  __x64_sys_ioctl+0x18e/0x210
[  212.955826][T12451]  do_syscall_64+0x10b/0xf80
[  212.955846][T12451]  ? clear_bhb_loop+0x40/0x90
[  212.955865][T12451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.955882][T12451] RIP: 0033:0x7f320d19cdd9
[  212.955896][T12451] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  212.955911][T12451] RSP: 002b:00007f320dfe1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  212.955928][T12451] RAX: ffffffffffffffda RBX: 00007f320d415fa0 RCX: 00007f320d19cdd9
[  212.955939][T12451] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  212.955949][T12451] RBP: 00007f320dfe1090 R08: 0000000000000000 R09: 0000000000000000
[  212.955958][T12451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  212.955968][T12451] R13: 00007f320d416038 R14: 00007f320d415fa0 R15: 00007fff0fdd08d8
[  212.955992][T12451]  </TASK>
[  212.960418][T12453] 9p: Unknown uid 00000000004294967295
[  213.153229][T12463] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  213.317112][T12478] netlink: 'syz.0.2045': attribute type 1 has an invalid length.
[  213.320560][T12478] __nla_validate_parse: 1 callbacks suppressed
[  213.320572][T12478] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2045'.
[  213.335185][T12482] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2046'.
[  213.345071][T12482] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2046'.
[  213.357033][T12482] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2046'.
[  213.361084][T12482] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2046'.
[  213.447881][T12485] FAULT_INJECTION: forcing a failure.
[  213.447881][T12485] name failslab, interval 1, probability 0, space 0, times 0
[  213.456597][T12485] CPU: 1 UID: 0 PID: 12485 Comm: syz.0.2047 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  213.456628][T12485] Tainted: [L]=SOFTLOCKUP
[  213.456635][T12485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  213.456646][T12485] Call Trace:
[  213.456652][T12485]  <TASK>
[  213.456659][T12485]  dump_stack_lvl+0x100/0x190
[  213.456686][T12485]  should_fail_ex.cold+0x5/0xa
[  213.456711][T12485]  should_failslab+0xc2/0x120
[  213.456731][T12485]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  213.456754][T12485]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  213.456780][T12485]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  213.456807][T12485]  mmu_topup_memory_caches+0x25/0x170
[  213.456833][T12485]  kvm_mmu_load+0xd6/0x23e0
[  213.456857][T12485]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  213.456875][T12485]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  213.456898][T12485]  ? __pfx_kvm_mmu_load+0x10/0x10
[  213.456920][T12485]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  213.456940][T12485]  ? kvm_check_and_inject_events+0x961/0x1070
[  213.456987][T12485]  ? record_steal_time+0x3d0/0xbc0
[  213.457009][T12485]  vcpu_run+0x39f4/0x5ca0
[  213.457045][T12485]  ? __pfx_vcpu_run+0x10/0x10
[  213.457079][T12485]  ? rcu_is_watching+0x12/0xc0
[  213.457109][T12485]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  213.457133][T12485]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  213.457165][T12485]  kvm_vcpu_ioctl+0x730/0x1720
[  213.457186][T12485]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  213.457207][T12485]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  213.457229][T12485]  ? do_vfs_ioctl+0x226/0x13e0
[  213.457249][T12485]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  213.457269][T12485]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  213.457304][T12485]  ? __fget_files+0x215/0x3d0
[  213.457325][T12485]  ? hook_file_ioctl_common+0x149/0x410
[  213.457359][T12485]  ? selinux_file_ioctl+0x13b/0x290
[  213.457381][T12485]  ? selinux_file_ioctl+0xb6/0x290
[  213.457416][T12485]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  213.457437][T12485]  __x64_sys_ioctl+0x18e/0x210
[  213.457458][T12485]  do_syscall_64+0x10b/0xf80
[  213.457479][T12485]  ? clear_bhb_loop+0x40/0x90
[  213.457501][T12485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.457518][T12485] RIP: 0033:0x7f75a9b9cdd9
[  213.457534][T12485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  213.457550][T12485] RSP: 002b:00007f75aab2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  213.457569][T12485] RAX: ffffffffffffffda RBX: 00007f75a9e15fa0 RCX: 00007f75a9b9cdd9
[  213.457580][T12485] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  213.457591][T12485] RBP: 00007f75aab2b090 R08: 0000000000000000 R09: 0000000000000000
[  213.457600][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  213.457610][T12485] R13: 00007f75a9e16038 R14: 00007f75a9e15fa0 R15: 00007fffd6714318
[  213.457634][T12485]  </TASK>
[  213.954826][T12503] syz.0.2054: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  213.959787][T12503] CPU: 1 UID: 0 PID: 12503 Comm: syz.0.2054 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  213.959824][T12503] Tainted: [L]=SOFTLOCKUP
[  213.959828][T12503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  213.959837][T12503] Call Trace:
[  213.959855][T12503]  <TASK>
[  213.959860][T12503]  dump_stack_lvl+0x100/0x190
[  213.959885][T12503]  warn_alloc.cold+0x95/0x1c1
[  213.959913][T12503]  ? __pfx_warn_alloc+0x10/0x10
[  213.959934][T12503]  ? stack_depot_save_flags+0x27/0x9d0
[  213.959961][T12503]  ? __lock_acquire+0x4a5/0x2630
[  213.959981][T12503]  ? xskq_create+0xfb/0x1d0
[  213.959999][T12503]  __vmalloc_node_range_noprof+0x136c/0x1630
[  213.960019][T12503]  ? xskq_create+0xfb/0x1d0
[  213.960033][T12503]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  213.960073][T12503]  ? xskq_create+0xfb/0x1d0
[  213.960085][T12503]  vmalloc_user_noprof+0x9e/0xe0
[  213.960105][T12503]  ? xskq_create+0xfb/0x1d0
[  213.960115][T12503]  xskq_create+0xfb/0x1d0
[  213.960127][T12503]  xsk_setsockopt+0x743/0xab0
[  213.960146][T12503]  ? __pfx_xsk_setsockopt+0x10/0x10
[  213.960164][T12503]  ? find_held_lock+0x2b/0x80
[  213.960174][T12503]  ? __fget_files+0x215/0x3d0
[  213.960191][T12503]  ? selinux_socket_setsockopt+0x6a/0x80
[  213.960220][T12503]  ? __pfx_xsk_setsockopt+0x10/0x10
[  213.960239][T12503]  do_sock_setsockopt+0xf3/0x1d0
[  213.960254][T12503]  __sys_setsockopt+0x195/0x220
[  213.960274][T12503]  __x64_sys_setsockopt+0xbd/0x160
[  213.960290][T12503]  ? do_syscall_64+0x90/0xf80
[  213.960302][T12503]  ? lockdep_hardirqs_on+0x78/0x100
[  213.960316][T12503]  do_syscall_64+0x10b/0xf80
[  213.960327][T12503]  ? clear_bhb_loop+0x40/0x90
[  213.960341][T12503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.960353][T12503] RIP: 0033:0x7f75a9b9cdd9
[  213.960363][T12503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  213.960373][T12503] RSP: 002b:00007f75aab2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  213.960384][T12503] RAX: ffffffffffffffda RBX: 00007f75a9e15fa0 RCX: 00007f75a9b9cdd9
[  213.960391][T12503] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  213.960397][T12503] RBP: 00007f75a9c32d69 R08: 0000000000000004 R09: 0000000000000000
[  213.960404][T12503] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.960410][T12503] R13: 00007f75a9e16038 R14: 00007f75a9e15fa0 R15: 00007fffd6714318
[  213.960424][T12503]  </TASK>
[  213.960428][T12503] Mem-Info:
[  214.050421][T12503] active_anon:12131 inactive_anon:1492 isolated_anon:0
[  214.050421][T12503]  active_file:28905 inactive_file:1024 isolated_file:0
[  214.050421][T12503]  unevictable:1768 dirty:152 writeback:0
[  214.050421][T12503]  slab_reclaimable:7937 slab_unreclaimable:78569
[  214.050421][T12503]  mapped:23489 shmem:9971 pagetables:13191
[  214.050421][T12503]  sec_pagetables:318 bounce:0
[  214.050421][T12503]  kernel_misc_reclaimable:0
[  214.050421][T12503]  free:378575 free_pcp:20828 free_cma:0
[  214.065381][T12503] Node 0 active_anon:2680kB inactive_anon:5884kB active_file:524kB inactive_file:636kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:54032kB dirty:52kB writeback:0kB shmem:3568kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14976kB pagetables:24168kB sec_pagetables:1228kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  214.079654][T12503] Node 1 active_anon:45844kB inactive_anon:84kB active_file:115096kB inactive_file:3460kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:39924kB dirty:556kB writeback:0kB shmem:36316kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:256kB pagetables:28596kB sec_pagetables:44kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  214.091002][T12503] Node 0 DMA free:10836kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:104kB local_pcp:104kB free_cma:0kB
[  214.100930][T12503] lowmem_reserve[]: 0 1231 1231 1231 1231
[  214.102843][T12503] Node 0 DMA32 free:135652kB boost:0kB min:27480kB low:34348kB high:41216kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2676kB inactive_anon:5884kB active_file:524kB inactive_file:636kB unevictable:3536kB writepending:52kB zspages:0kB present:2080628kB managed:1260908kB mlocked:0kB bounce:0kB free_pcp:40488kB local_pcp:3028kB free_cma:0kB
[  214.113574][T12503] lowmem_reserve[]: 0 0 0 0 0
[  214.115153][T12503] Node 1 Normal free:1335316kB boost:0kB min:39756kB low:49692kB high:59628kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45844kB inactive_anon:84kB active_file:115096kB inactive_file:3460kB unevictable:3536kB writepending:556kB zspages:6872kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:47080kB local_pcp:24584kB free_cma:0kB
[  214.126373][T12503] lowmem_reserve[]: 0 0 0 0 0
[  214.127965][T12503] Node 0 DMA: 19*4kB (UM) 23*8kB (UM) 23*16kB (UM) 27*32kB (UM) 24*64kB (UM) 15*128kB (UM) 5*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 10836kB
[  214.133290][T12503] Node 0 DMA32: 35*4kB (UME) 92*8kB (ME) 22*16kB (ME) 5*32kB (ME) 19*64kB (UME) 33*128kB (UME) 66*256kB (UM) 141*512kB (U) 21*1024kB (UM) 1*2048kB (U) 0*4096kB = 119468kB
[  214.138943][T12503] Node 1 Normal: 1576*4kB (UME) 1494*8kB (UME) 1363*16kB (UME) 1125*32kB (UME) 799*64kB (UME) 929*128kB (UME) 699*256kB (UME) 426*512kB (UME) 230*1024kB (UME) 45*2048kB (UM) 89*4096kB (UME) = 1335392kB
[  214.145378][T12503] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  214.148694][T12503] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  214.151614][T12503] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  214.154944][T12503] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  214.158244][T12503] 43496 total pagecache pages
[  214.159786][T12503] 3579 pages in swap cache
[  214.161266][T12503] Free swap  = 76820kB
[  214.162558][T12503] Total swap = 124996kB
[  214.164177][T12503] 1048443 pages RAM
[  214.165703][T12503] 0 pages HighMem/MovableOnly
[  214.167328][T12503] 283905 pages reserved
[  214.168713][T12503] 0 pages cma reserved
[  214.210811][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  214.210823][   T39] audit: type=1400 audit(1777835708.448:1682): avc:  denied  { read write } for  pid=12505 comm="syz.0.2055" name="vhost-net" dev="devtmpfs" ino=1299 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  214.220899][   T39] audit: type=1400 audit(1777835708.448:1683): avc:  denied  { open } for  pid=12505 comm="syz.0.2055" path="/dev/vhost-net" dev="devtmpfs" ino=1299 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  214.851557][T12518] syzkaller0: entered promiscuous mode
[  214.853297][   T39] audit: type=1400 audit(1777835709.088:1684): avc:  denied  { lock } for  pid=12515 comm="syz.3.2059" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  214.854151][T12518] syzkaller0: entered allmulticast mode
[  215.090529][T12529] ------------[ cut here ]------------
[  215.093056][T12529] 1
[  215.093066][T12529] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x23da/0x2bc0, CPU#2: syz.3.2065/12529
[  215.099399][T12529] Modules linked in:
[  215.101197][T12529] CPU: 2 UID: 0 PID: 12529 Comm: syz.3.2065 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.106224][T12529] Tainted: [L]=SOFTLOCKUP
[  215.108171][T12529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.112605][T12529] RIP: 0010:__alloc_frozen_pages_noprof+0x23da/0x2bc0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  215.115573][T12529] Code: 00 45 31 c9 49 83 bc 24 78 05 00 00 00 4c 89 4c 24 50 0f 85 64 f8 ff ff c6 44 24 10 00 e9 f2 ea ff ff c6 05 b4 4d 57 0e 01 90 <0f> 0b 90 e9 79 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41
[  215.124753][T12529] RSP: 0018:ffffc90003e177a0 EFLAGS: 00010246
[  215.127612][T12529] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  215.131275][T12529] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0
[  215.134819][T12529] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009
[  215.138518][T12529] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0
[  215.142017][T12529] R13: 1ffff920007c2f43 R14: 0000000000000016 R15: 1ffff920007c2f0d
[  215.149967][T12529] FS:  00007f320dfe16c0(0000) GS:ffff8880d6576000(0000) knlGS:0000000000000000
[  215.153999][T12529] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  215.157318][T12529] CR2: 00007f320d186400 CR3: 0000000000ba6000 CR4: 0000000000352ef0
[  215.160875][T12529] Call Trace:
[  215.162349][T12529]  <TASK>
[  215.163677][T12529]  ? bpf_ksym_find+0x128/0x1c0
[  215.165888][T12529]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  215.168778][T12529]  ? is_bpf_text_address+0x94/0x1a0
[  215.171139][T12529]  ? kernel_text_address+0x8d/0x100
[  215.173501][T12529]  ? __pfx_widen_string+0x10/0x10
[  215.175807][T12529]  ? __kernel_text_address+0xd/0x30
[  215.178547][T12529]  ? unwind_get_return_address+0x59/0xa0
[  215.181040][T12529]  ? arch_stack_walk+0xa6/0xf0
[  215.183175][T12529]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  215.185995][T12529]  ? tomoyo_path_number_perm+0x46d/0x580
[  215.188661][T12529]  ? stack_trace_save+0x8e/0xc0
[  215.190840][T12529]  ? stack_depot_save_flags+0x27/0x9d0
[  215.193290][T12529]  ? __lock_acquire+0x4a5/0x2630
[  215.195506][T12529]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  215.198298][T12529]  ? policy_nodemask+0xed/0x4f0
[  215.200484][T12529]  alloc_pages_mpol+0x1fb/0x540
[  215.202658][T12529]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  215.205035][T12529]  ? find_held_lock+0x2b/0x80
[  215.207510][T12529]  ? avc_has_extended_perms+0x33a/0x1080
[  215.210022][T12529]  ? avc_has_extended_perms+0x33a/0x1080
[  215.212532][T12529]  ? drm_syncobj_array_find+0x34/0x3b0
[  215.214994][T12529]  ___kmalloc_large_node+0xe5/0x120
[  215.217446][T12529]  __kmalloc_large_node_noprof+0x1c/0x70
[  215.219931][T12529]  __kmalloc_noprof+0x5be/0x850
[  215.222116][T12529]  drm_syncobj_array_find+0x34/0x3b0
[  215.224474][T12529]  drm_syncobj_reset_ioctl+0x20b/0x370
[  215.227007][T12529]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[  215.229548][T12529]  ? drm_dev_exit+0x41/0x60
[  215.231100][T12529]  ? drm_dev_exit+0x41/0x60
[  215.232634][T12529]  drm_ioctl_kernel+0x1f3/0x3e0
[  215.234264][T12529]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[  215.236627][T12529]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  215.238416][T12529]  drm_ioctl+0x5e6/0xc60
[  215.239893][T12529]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[  215.241894][T12529]  ? __pfx_drm_ioctl+0x10/0x10
[  215.243502][T12529]  ? selinux_file_ioctl+0x13b/0x290
[  215.245243][T12529]  ? selinux_file_ioctl+0xb6/0x290
[  215.247012][T12529]  ? __pfx_drm_ioctl+0x10/0x10
[  215.248597][T12529]  __x64_sys_ioctl+0x18e/0x210
[  215.250197][T12529]  do_syscall_64+0x10b/0xf80
[  215.251714][T12529]  ? clear_bhb_loop+0x40/0x90
[  215.253244][T12529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.255158][T12529] RIP: 0033:0x7f320d19cdd9
[  215.256761][T12529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  215.263584][T12529] RSP: 002b:00007f320dfe1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  215.267093][T12529] RAX: ffffffffffffffda RBX: 00007f320d415fa0 RCX: 00007f320d19cdd9
[  215.269749][T12529] RDX: 0000200000000100 RSI: 00000000c01064c4 RDI: 0000000000000003
[  215.272347][T12529] RBP: 00007f320d232d69 R08: 0000000000000000 R09: 0000000000000000
[  215.275212][T12529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  215.278022][T12529] R13: 00007f320d416038 R14: 00007f320d415fa0 R15: 00007fff0fdd08d8
[  215.280665][T12529]  </TASK>
[  215.281709][T12529] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  215.284165][T12529] CPU: 2 UID: 0 PID: 12529 Comm: syz.3.2065 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  215.287990][T12529] Tainted: [L]=SOFTLOCKUP
[  215.289502][T12529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.293069][T12529] Call Trace:
[  215.294498][T12529]  <TASK>
[  215.295777][T12529]  dump_stack_lvl+0x100/0x190
[  215.297513][T12529]  vpanic+0x552/0x970
[  215.298845][T12529]  ? __pfx_vpanic+0x10/0x10
[  215.300417][T12529]  panic+0xd1/0xe0
[  215.301809][T12529]  ? __pfx_panic+0x10/0x10
[  215.303276][T12529]  ? check_panic_on_warn+0x1f/0x90
[  215.304972][T12529]  check_panic_on_warn.cold+0x19/0x34
[  215.306749][T12529]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  215.308780][T12529]  __warn.cold+0x191/0x328
[  215.310302][T12529]  __report_bug+0x296/0x3d0
[  215.311805][T12529]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  215.313806][T12529]  ? __pfx___report_bug+0x10/0x10
[  215.315424][T12529]  ? hrtimer_start_range_ns+0x860/0x1a50
[  215.317301][T12529]  ? __lock_acquire+0x4a5/0x2630
[  215.318894][T12529]  ? __lock_acquire+0x4a5/0x2630
[  215.320597][T12529]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  215.322642][T12529]  report_bug+0xb2/0x220
[  215.324068][T12529]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  215.326099][T12529]  handle_bug+0x16a/0x2a0
[  215.327570][T12529]  exc_invalid_op+0x17/0x50
[  215.329090][T12529]  asm_exc_invalid_op+0x1a/0x20
[  215.330746][T12529] RIP: 0010:__alloc_frozen_pages_noprof+0x23da/0x2bc0
[  215.333406][T12529] Code: 00 45 31 c9 49 83 bc 24 78 05 00 00 00 4c 89 4c 24 50 0f 85 64 f8 ff ff c6 44 24 10 00 e9 f2 ea ff ff c6 05 b4 4d 57 0e 01 90 <0f> 0b 90 e9 79 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41
[  215.341322][T12529] RSP: 0018:ffffc90003e177a0 EFLAGS: 00010246
[  215.343849][T12529] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  215.347152][T12529] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0
[  215.350455][T12529] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009
[  215.353776][T12529] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0
[  215.357086][T12529] R13: 1ffff920007c2f43 R14: 0000000000000016 R15: 1ffff920007c2f0d
[  215.360345][T12529]  ? bpf_ksym_find+0x128/0x1c0
[  215.362364][T12529]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  215.364935][T12529]  ? is_bpf_text_address+0x94/0x1a0
[  215.367097][T12529]  ? kernel_text_address+0x8d/0x100
[  215.369251][T12529]  ? __pfx_widen_string+0x10/0x10
[  215.371372][T12529]  ? __kernel_text_address+0xd/0x30
[  215.373565][T12529]  ? unwind_get_return_address+0x59/0xa0
[  215.375901][T12529]  ? arch_stack_walk+0xa6/0xf0
[  215.377938][T12529]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  215.380367][T12529]  ? tomoyo_path_number_perm+0x46d/0x580
[  215.382231][T12529]  ? stack_trace_save+0x8e/0xc0
[  215.383853][T12529]  ? stack_depot_save_flags+0x27/0x9d0
[  215.385672][T12529]  ? __lock_acquire+0x4a5/0x2630
[  215.387752][T12529]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  215.389737][T12529]  ? policy_nodemask+0xed/0x4f0
[  215.391339][T12529]  alloc_pages_mpol+0x1fb/0x540
[  215.392970][T12529]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  215.394753][T12529]  ? find_held_lock+0x2b/0x80
[  215.396323][T12529]  ? avc_has_extended_perms+0x33a/0x1080
[  215.398180][T12529]  ? avc_has_extended_perms+0x33a/0x1080
[  215.400075][T12529]  ? drm_syncobj_array_find+0x34/0x3b0
[  215.401835][T12529]  ___kmalloc_large_node+0xe5/0x120
[  215.403530][T12529]  __kmalloc_large_node_noprof+0x1c/0x70
[  215.405396][T12529]  __kmalloc_noprof+0x5be/0x850
[  215.407303][T12529]  drm_syncobj_array_find+0x34/0x3b0
[  215.409460][T12529]  drm_syncobj_reset_ioctl+0x20b/0x370
[  215.411295][T12529]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[  215.413339][T12529]  ? drm_dev_exit+0x41/0x60
[  215.415004][T12529]  ? drm_dev_exit+0x41/0x60
[  215.416948][T12529]  drm_ioctl_kernel+0x1f3/0x3e0
[  215.419100][T12529]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[  215.421678][T12529]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  215.423943][T12529]  drm_ioctl+0x5e6/0xc60
[  215.425767][T12529]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[  215.428209][T12529]  ? __pfx_drm_ioctl+0x10/0x10
[  215.430205][T12529]  ? selinux_file_ioctl+0x13b/0x290
[  215.432387][T12529]  ? selinux_file_ioctl+0xb6/0x290
[  215.434508][T12529]  ? __pfx_drm_ioctl+0x10/0x10
[  215.436534][T12529]  __x64_sys_ioctl+0x18e/0x210
[  215.438541][T12529]  do_syscall_64+0x10b/0xf80
[  215.440461][T12529]  ? clear_bhb_loop+0x40/0x90
[  215.442431][T12529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.444491][T12529] RIP: 0033:0x7f320d19cdd9
[  215.445929][T12529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  215.452252][T12529] RSP: 002b:00007f320dfe1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  215.454918][T12529] RAX: ffffffffffffffda RBX: 00007f320d415fa0 RCX: 00007f320d19cdd9
[  215.457429][T12529] RDX: 0000200000000100 RSI: 00000000c01064c4 RDI: 0000000000000003
[  215.460040][T12529] RBP: 00007f320d232d69 R08: 0000000000000000 R09: 0000000000000000
[  215.462545][T12529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  215.465471][T12529] R13: 00007f320d416038 R14: 00007f320d415fa0 R15: 00007fff0fdd08d8
[  215.468375][T12529]  </TASK>
[  215.470324][T12529] Kernel Offset: disabled
[  215.472265][T12529] Rebooting in 86400 seconds..