last executing test programs:

4m38.606435342s ago: executing program 0 (id=2095):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=@newlink={0x48, 0x10, 0x503, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21111, 0x48a33}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000001}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x48}, 0x1, 0x0, 0x0, 0x48890}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000840)={&(0x7f0000000600)="7205325888c445b1a50bec2bb3e3270d98a318176af6aa8fe690fd3aa750c8b915a860c7", &(0x7f0000000640)=""/190, &(0x7f0000000700)="d502efdc5d8882afb10e432dd7d8d665bb1be7c807ead5750f22fd1cc12294063bca2bb01015d7373f4209fc8e5ba4c2a7667e931392b41c48eb9968df80c0a9053639ab1f52577223467ab72a0d474b3b8091d2a92741dec8a5578cd31b740d62", &(0x7f0000000780)="8fce03b8c7f4b1f04b19c9717f4d94d8627e25d8276187e707e07a540f5b9ab28fb2882f07dec8fcab8757f6f58da3490e691324e782c39b9a8f89f8ae186b46513b9a8cac5c51f6c176c4ab4d019da93afc90ff3ea8", 0x5ef3, 0xffffffffffffffff, 0x4}, 0x38)
setns(r1, 0x24020000)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
recvmmsg(r5, &(0x7f0000001540)=[{{&(0x7f0000000000)=@caif=@dgm, 0x80, 0x0}, 0x6}], 0x1, 0x0, 0x0)
r6 = fsmount(r5, 0x1, 0x88)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='.\x00', 0x449)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
r9 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r9, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c)
r10 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r10, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
pread64(r8, &(0x7f0000000240)=""/152, 0x98, 0xe1)
r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='\x00', 0x89901)
move_mount(r11, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r12=>0x0}, 0x4000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x6000)
mount$fuseblk(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x1000000, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB="2c6b8d90e0745fee593d3030303030303030303030725f69643d00"/42, @ANYRESDEC=r12, @ANYBLOB=',group_id=', @ANYRESDEC=r13, @ANYBLOB=',blksize=0x0000000000001e00,smackfsfloor=@(,\x00'])

4m38.531449761s ago: executing program 0 (id=2097):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x46}}, './file0\x00'})
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f00000000c0)={0xffffffff, 0x5})
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f00000001c0)={0x1d, r2}, 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040)=0x1, 0x4)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TIOCEXCL(r0, 0x540c)
sendfile(r4, r3, 0x0, 0x4007)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r6 = socket(0x80000000000000a, 0x2, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_GETMODE(r7, 0x5601, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x2, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
close(r5)
sendmsg$can_raw(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{0x2, 0x0, 0x1}, 0x7, 0x1, 0x0, 0x0, "771a16b92ea6656b"}, 0x10}}, 0xd209f6d814827b13)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000340)={0x4b7}, 0x4)
recvmmsg(r1, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x10023, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000380), 0x410cc0, 0x0)

4m37.657515097s ago: executing program 0 (id=2108):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x20010010}}, 0x1c)

4m37.657053719s ago: executing program 0 (id=2109):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
fstat(r1, &(0x7f0000000300))
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x6, 0xa}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0xfffffff8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4854}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'pimreg0\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r6, r5, 0x25, 0x0, @val=@netfilter={0x7, 0x0, 0x7}}, 0x20)

4m37.536617802s ago: executing program 0 (id=2110):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async, rerun: 64)
fchmodat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xfffffe99) (async, rerun: 64)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async, rerun: 64)
r1 = fsmount(r0, 0x1, 0x0) (rerun: 64)
fchdir(r1) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x100)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@nfs_export_on}]}) (async)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x11)

4m37.296380843s ago: executing program 0 (id=2113):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e5", 0x26}, {&(0x7f0000000e80)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1e7db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac54536", 0x50}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2dca93ed6641e50fe5", 0xb3}, {&(0x7f0000000d00)}], 0x2}}], 0x2, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

4m37.238444899s ago: executing program 32 (id=2113):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e5", 0x26}, {&(0x7f0000000e80)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1e7db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac54536", 0x50}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2dca93ed6641e50fe5", 0xb3}, {&(0x7f0000000d00)}], 0x2}}], 0x2, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

4m34.507230858s ago: executing program 2 (id=2159):
r0 = io_uring_setup(0xf31, &(0x7f00000001c0)={0x0, 0x8dd3, 0x1, 0x3, 0x18a})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_INTERFACE(r3, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000002300)={&(0x7f00000022c0)={0x20, r4, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000800}, 0x100)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETDEBUG(r2, 0x400454c9, &(0x7f00000001c0)=0x2)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
r8 = socket$unix(0x1, 0x2, 0x0)
landlock_restrict_self(r6, 0x1)
bind$unix(r8, &(0x7f0000003000)=@file={0x1}, 0x6e)
connect$unix(r7, &(0x7f0000000640)=@file={0x1}, 0x6e)
write$cgroup_devices(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c9801288463"], 0xffdd)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r10 = accept4(r9, 0x0, 0x0, 0x800)
sendmmsg$alg(r10, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca3c70748412ba8", 0xa}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a", 0x27}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf15", 0x57}], 0x3, 0x0, 0x0, 0xc000}], 0x1, 0x40800)
recvmsg(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000540)=""/91, 0x5b}], 0x2}, 0x40010021)
close_range(r0, 0xffffffffffffffff, 0x0)

4m34.507075718s ago: executing program 2 (id=2160):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x170, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r2, {0xf1ff}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x140, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e0179832927deecf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236749b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ff7944f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990604b9f12033688caa0b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d600"}, @TCA_GRED_PARMS={0x38, 0x1, {0x7, 0x4, 0x9, 0x20009, 0x6, 0x800004, 0x1, 0xffff7fff, 0x3ff, 0x2, 0x9, 0xc, 0x5, 0x0, 0x3, 0x8}}]}}]}, 0x170}}, 0x20000004)

4m34.427255076s ago: executing program 2 (id=2161):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x3)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x4)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x7}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'wg0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
listen(r0, 0x10040)
syz_emit_ethernet(0x36, &(0x7f0000003a40)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x228900, 0x8}, 0x18)
openat2(r3, &(0x7f00000000c0)='./file0\x00', &(0x7f00000003c0)={0x181000, 0x4, 0x3b}, 0x18)
syz_extract_tcp_res(&(0x7f0000000040)={<r4=>0x41424344}, 0xf, 0x8)
syz_emit_ethernet(0x271, &(0x7f0000000400)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x5, 0x6, "d5f1dd", 0x23b, 0x6, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[@fragment={0x8, 0x0, 0x73, 0x1, 0x0, 0x16, 0x67}, @fragment={0x67, 0x0, 0x33, 0x1, 0x0, 0x6, 0x65}, @dstopts={0x4, 0x7, '\x00', [@calipso={0x7, 0x28, {0x3, 0x8, 0x1, 0x1, [0x9, 0x3, 0x3f, 0x10]}}, @generic={0x1}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0xe}, @enc_lim={0x4, 0x1, 0x5}]}, @hopopts={0x6c, 0xa, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x3, 0xa, 0x9, 0x3, [0x1008, 0x400000000000, 0xfffffffffffffffb, 0x6, 0xfd]}}, @enc_lim={0x4, 0x1, 0x91}, @pad1, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast1}}, @jumbo={0xc2, 0x4, 0xb4}]}, @dstopts={0x62, 0x0, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}, @routing={0x2e, 0x14, 0x0, 0x80, 0x0, [@private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @broadcast}, @private2, @private2, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, @loopback, @dev={0xfe, 0x80, '\x00', 0x33}, @local]}, @routing={0x39, 0x6, 0x2, 0x40, 0x0, [@ipv4={'\x00', '\xff\xff', @local}, @remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x29}}]}], {{0x4e21, 0x4e23, r4, 0x41424344, 0x1, 0x0, 0xd, 0x3, 0x9, 0x0, 0x4, {[@mss={0x2, 0x4, 0x9}, @exp_fastopen={0xfe, 0x14, 0xf989, "e85c5c46e1692a96b9fd38c64d57aa91"}, @sack_perm={0x4, 0x2}, @window={0x3, 0x3, 0xdf}]}}, {"6224b42d379db792994ad11fe21fb549671acf0a072d4ebf1cfe8630e52315548c7e589d06763521c500dfd3e6fe856fc89bc8b89a05895cfbe2d960d4b20422a7e5e78d20e90d2762356a51434bd48c43051fcd5db1c93f8440dc9c8a62e1"}}}}}}}, 0x0)

4m34.316570501s ago: executing program 2 (id=2162):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0xbd228beef318bda7, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000)
syz_emit_ethernet(0xda, &(0x7f0000000340)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xcc, 0x65, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010104, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x2b, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x26, 0x0, [{0x0, 0xd, "5e000000000000bfb48600"}, {0x0, 0x5, "4eb8a6"}, {0x0, 0xe, "9606053d0006ff00800000b6"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}, @cipso={0x86, 0x48, 0x0, [{0x0, 0x7, "4b6cefc500"}, {0x1, 0x12, "8c9300"/16}, {0x0, 0xa, "2189ea437f149b84"}, {0x0, 0x11, "ffd11634eea26b0faffa0dea2e9035"}, {0x2, 0x9, "02a20948fd7406"}, {0x0, 0x5, "ccf029"}]}, @timestamp_prespec={0x44, 0x14, 0xb5, 0x3, 0x3, [{@rand_addr=0x64010100, 0x7}, {@remote, 0x774}]}]}}, "a815a23d"}}}}}, 0x0)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x10, 0x5, 0x0, 0x0})
r5 = syz_open_dev$usbmon(&(0x7f0000000000), 0xd, 0xc00000)
ioctl$MON_IOCH_MFLUSH(r5, 0x9208, 0x2)
ioctl$SG_GET_SCSI_ID(r4, 0x2276, &(0x7f0000000040))

4m34.315505567s ago: executing program 2 (id=2163):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r1, &(0x7f0000000ac0)="f7", &(0x7f0000000080)=""/71}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000001680)=0x1, 0x4)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x6000076d, &(0x7f0000000140)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000300)='scalable', 0x8)
sendmmsg$inet(r3, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)="91f8a9849519def28691bb5ac2f580ade1b200cb9b6ca309c4173c3d6f357d0272b7319130feaab952ac4603cad06d2aeb6c69c90477eeaaf6fb51cd9e29dfc6429cdae874ca669078b5e9078329d9cb4f14dba7beda913ef2d4ffee964b0f73440d16d804e8fc8d3d39b7a6770f", 0x6e}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)='f', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000003c0)='v', 0x1}], 0x1}}], 0x3, 0xa0d0)
setresuid(0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000180)={<r4=>0x0})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000380)={{r4, 0x1, 0x7e46d354, 0xfffffffffffffff7, 0x10, 0x35f0a367, 0x10, 0x6, 0x1, 0x2, 0x1, 0x8, 0x2, 0x5, 0x10001}, 0x10, [0x0, 0x0]})
sendmmsg$inet6(r0, &(0x7f0000000000)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x5, @empty, 0xfffffffe}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1}}], 0x1, 0x20080058)

4m33.946177009s ago: executing program 2 (id=2172):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000200000000000000000000009536de771abac65fe06127feba173a735a958fa3e937b993aafbc2457acf0c42b85c5f38c4e0840a8647ec7be955d54071890605d0d3b66fd091a5bd2729c3fbbb6459d973e4a3394ddabf8671d29730ae64a1b7d44bf191"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd6018232500102c"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)

4m33.881213631s ago: executing program 33 (id=2172):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000200000000000000000000009536de771abac65fe06127feba173a735a958fa3e937b993aafbc2457acf0c42b85c5f38c4e0840a8647ec7be955d54071890605d0d3b66fd091a5bd2729c3fbbb6459d973e4a3394ddabf8671d29730ae64a1b7d44bf191"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd6018232500102c"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)

3m32.986194962s ago: executing program 1 (id=3459):
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x82)
syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x20, 0x6, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0xc5833c80, 0x7}]}}}}}}}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x42)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')

3m32.916203717s ago: executing program 1 (id=3461):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FE_GET_EVENT(r0, 0x80286f4e, &(0x7f0000001540)={0x0, {0x0, 0x0, @qam}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xfffffffffffffe58, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x40, 0x10, 0x403, 0x4, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000050}, 0x0)

3m32.656526674s ago: executing program 1 (id=3466):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0x0, 0x4})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
dup3(r2, r1, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x0, 0xfffffffffffffffd})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000002c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000240)={@flat=@binder={0x73622a85, 0x1, 0x2}, @ptr={0x70742a85, 0x20000000, 0x0, 0x0, 0x1, 0x26}, @fda={0x66646185, 0x4, 0xffffffffffffffff, 0x8b8}}, &(0x7f0000000000)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000007200010300000000000000000700000028"], 0x18}, 0x1, 0xf00, 0x0, 0x20000010}, 0x0)

3m32.638390153s ago: executing program 1 (id=3468):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) (async)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCRSCLRRT(r1, 0x89e4) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x20010, r0, 0x0) (rerun: 64)

3m32.555701304s ago: executing program 1 (id=3469):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8993, &(0x7f0000000080)={'bond0\x00', &(0x7f0000000300)=@ethtool_eeprom={0x43, 0x80000000, 0x3}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYBLOB="140006000000000005"], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r1, r1, 0x2e, 0x0, @void}, 0x10)
r3 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$inet6_int(r3, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
sendto$inet6(r3, &(0x7f00000002c0)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x27b6a97, @private2={0xfc, 0x2, '\x00', 0xff}, 0x8080}, 0x1c)
getsockopt$bt_hci(r3, 0x84, 0x6d, &(0x7f00000006c0)=""/4097, &(0x7f0000000040)=0x1001)
sigaltstack(0x0, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r2, 0x4)
r4 = socket$inet6(0x10, 0x3, 0x0)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000340)='\xcd\xd4\xdc\x8b\'\x00\xb9\x11JX\xc2\x0eP\va\x84\xcb\xa0\xa1r\xab\xd2\xaf\x81\xfd\x14M\xf4\x844z\xc8\xf8x\xa5&v\xe1\x12\xbb\x95\xae u\x1b\xeb\x11\xed\x9a\x83n\xc30L \a\xa7\xf6\xeb\xcb+\xa0\xc8\xb8eo\xb8\x89\xfaWy2\xee\x88\xab\xfb\f \x88\x95C_\r!\xd4\xc2\xa5c\xc6\x1f\x95\x83\x04\xa5\xeb\xa16\xba\a\xe7', &(0x7f0000000780)='&\b\x1a\x16\xd7\xd3K\x18YquL\xf1y\x14\x96:\xfco3\xe2\a\b\xd0\xe3\xd9\x1c!\x8f\xca\x9b\xaf\xc1\xeb\xe4\xde\xbb7O\xf1O\xb8\x05_\x11\x04\a\x82\x1c7h\xfbU\x03T\xf4\xc1\xe2\xd1\xcd<\f\x8bOHb#\x9d\x192\x9aAX\xa2\'\xd8\xb2U\xdbb\xba\xa9C\x8a/\x8d\xdb\x96\xed;A\x8aX\xc4\x14\xb0\x90\xfa4\x16\xdb\xb7\xd8\x05\xb42\x01\xb7\xa1S@\t\xb8.d\x9bT\f\xfa\xbe\xd5qT\xb6\x1e\xcc\xed\xa1\x8c\xa2\x0e\xda\x0fSk\x86\xe7W\xc5\x95\xf6\xda\x8f\xadRt\x9c\xed\xe97\x9dk\x8b\xb8\xc4+l>\x05\xdeJ\xd6\xe9\xb3g\xc050q\x82LL\xe9\xd6\x0e\xd7\x12\xf8\x8f\x1e\x9fj\x0f/\xc7\x91U\xcd\xb0k\x10\xa3#6a\t\xb9\xd3\xbe\xbc\x1f\xfd@\xdd\xb6\x02UJ\xb6\x90\x98\xbed\x1e\xfa\x81 \x0fh?\xb0G\xd2\xa0:$`a\xfd\t\xed\x9aF\\\xdd\xe6*\x1bR;\xe8D\x95\x12uw\xdc8\x06\xfel\xd6\xc7\xc0\xd9)J^\x1b\x14\v\xfc\x9d\xc8\xa1\x89C\xdcH\xb2\x03\x9a\x18\xd93\xd4\xda\x9d\x94\x18\x15\xc54\x8bf\x01\xff\xd1\\\xa6\xdb\xa6\x83\xdc\xcf\xbf\xf1p\xec\x82\xf3\x01\x88\xd4\x87\x02\xf1\xb0[\xbf\x1cr\xc3_1\xd6\xb3Z\xaa\xd7\x81L\xc2{\xfeuIk\xa7\x15\x15', 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=@ipv4_newaddr={0x40, 0x14, 0x509, 0x70bd2d, 0x25dfdbfd, {0x2, 0x20, 0x2d, 0xcb, r7}, [@IFA_BROADCAST={0x8, 0x4, @rand_addr=0x64010102}, @IFA_FLAGS={0x8, 0x8, 0x100}, @IFA_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1a}}, @IFA_RT_PRIORITY={0x8, 0x9, 0x3}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x80d0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="1800"], 0x18}}, 0x0)
unlink(&(0x7f0000000180)='./file0\x00')
sendto$inet6(r4, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081044e81f782db44b9040a1d08020a000000040000a118000200fe80ffff00000e1208000f0100810401a80016ea1f000b400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
vmsplice(r8, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000100)='e', 0x1}], 0x2, 0x3)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x8000, 0x60)
ioctl$FS_IOC_FSSETXATTR(r10, 0x401c5820, &(0x7f0000000080)={0x8})

3m31.696681052s ago: executing program 1 (id=3480):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB="1897ff00000000000000000000000000c6000100250000008510000001000000950000000000000018400000020000000000000000000000950000000000000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x807}, 0x94)

3m16.668303757s ago: executing program 34 (id=3480):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB="1897ff00000000000000000000000000c6000100250000008510000001000000950000000000000018400000020000000000000000000000950000000000000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x807}, 0x94)

3m8.246384393s ago: executing program 3 (id=3782):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd6018232500102c"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x33000000, 0x4}, 0x48)

3m8.126726147s ago: executing program 3 (id=3783):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB="18008800000000000000000000000000c6000100250000008510000001000000950000000000000018400000020000000000000000000000950000000000000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x807}, 0x94)

3m8.046214361s ago: executing program 3 (id=3786):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffffffffffff46, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x1c000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$inet_int(r1, 0x0, 0x13, 0x0, &(0x7f0000000040))
io_uring_setup(0x7042, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x80008, 0xc0})

3m7.155328926s ago: executing program 3 (id=3798):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="50000000020605000000000000000000070000000c00078008001340000000080500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a697000367553b3a22c1e505d29048f9d8df5bf5083b3dbd973c0810a176a0439370d9795a9cd6513879b3c6887627146"], 0x50}, 0x1, 0x0, 0x0, 0x810}, 0x20004000)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000040)='./file0\x00', 0x200000, 0x43)
rmdir(&(0x7f0000000140)='./file1\x00')
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)={0x28, 0x0, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}}, 0x28}, 0x1, 0x0, 0x0, 0x815}, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="d42406060007000000d29b0200fcffffff18430000faffffff0000000000000000186100000c0000000000000005000000184b0000feffffff00000000000000008520000005000000185700000200000000000000000000005eaf8e05000000716be0669c5ee0a1b1e4a2e694804e90b0be17cc2b00000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
r5 = io_uring_setup(0x3c91, &(0x7f0000000900)={0x0, 0x36e4, 0x80, 0x1, 0x62})
r6 = socket(0x11, 0x2, 0x0)
setsockopt(r6, 0x107, 0x1, &(0x7f0000000080)="010000000000060000071a80000001cc", 0x10)
close_range(r5, 0xffffffffffffffff, 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000005c0)='fd', 0x0, r3)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r4, 0x0, 0x2)
r8 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r8, r8)
setpgid(0x0, r8)
fchdir(r7)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x80101, 0x101)
mkdirat(r1, &(0x7f0000000340)='./file0\x00', 0xf3)
chdir(&(0x7f0000000200)='./file0\x00')

3m7.046376637s ago: executing program 3 (id=3799):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x84)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x300000d, 0x3)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x2, 0x0, 0xffff, 0x8, 0x2, 0x6, {0x6, 0xffffffffffffff42, 0xffffffffffffffff, 0x4922, 0x0, 0x40, 0x3, 0x401, 0x10, 0x4000, 0x9, 0x0, 0x0, 0xfffffffb, 0x8}}, {0x0, 0xd}}}, 0xa0)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x200, 0x117)

3m6.896060417s ago: executing program 3 (id=3800):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000240)={0x8f, 0x0, 0x2})
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r2, 0x2, &(0x7f00000000c0)={0x3}, 0x0) (async)
landlock_restrict_self(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000140)="67f3afb9800000c00f3235000100000f308fe9c8907d0066bad00466edb94c0b0000b805000000ba000000000f300f380b83f3000000c744240042db7a6e3e0f00d7c7442406000000000f0114240f20d835200000000f22d864bafc0eb8f836908bef66bafc0cb000708fe92895c1"}], 0x1, 0x4, 0x0, 0x45) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0x8000000, 0x9, 0x10001, 0xfffffffe, 0x0, [{0x2, 0x4, 0x87, '\x00', 0xa0}, {0x9, 0x8, 0x2, '\x00', 0xb}, {0xff, 0x80, 0xd6, '\x00', 0x67}, {0x0, 0x5, 0x6, '\x00', 0xf}, {0x5, 0x9, 0xc, '\x00', 0xfb}, {0x0, 0x4, 0x54, '\x00', 0xff}, {0x71, 0xd5, 0xf1, '\x00', 0x7f}, {0x7, 0x4, 0xc}, {0x7f, 0x5, 0x4, '\x00', 0x8}, {0xd7, 0xa, 0xcc, '\x00', 0xff}, {0x0, 0x28, 0x80, '\x00', 0x9c}, {0xfb, 0x1, 0xfe, '\x00', 0xc}, {0xfe, 0x47, 0x26}, {0xcf, 0x3, 0x1, '\x00', 0x6}, {0xf, 0xee, 0x7, '\x00', 0x3}, {0x39, 0x2, 0x6, '\x00', 0xb}, {0x9, 0x6, 0x2, '\x00', 0x8}, {0x5, 0xc, 0x5, '\x00', 0xc}, {0x7, 0x1, 0x47, '\x00', 0xc0}, {0x8, 0x80, 0xf, '\x00', 0x7f}, {0x1, 0xc, 0x80, '\x00', 0x7f}, {0x10, 0x2, 0x3, '\x00', 0x66}, {0x1, 0x23, 0xf3, '\x00', 0x4}, {0x7, 0x6, 0x4, '\x00', 0xa}]}})

3m6.836801722s ago: executing program 35 (id=3800):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000240)={0x8f, 0x0, 0x2})
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r2, 0x2, &(0x7f00000000c0)={0x3}, 0x0) (async)
landlock_restrict_self(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000140)="67f3afb9800000c00f3235000100000f308fe9c8907d0066bad00466edb94c0b0000b805000000ba000000000f300f380b83f3000000c744240042db7a6e3e0f00d7c7442406000000000f0114240f20d835200000000f22d864bafc0eb8f836908bef66bafc0cb000708fe92895c1"}], 0x1, 0x4, 0x0, 0x45) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0x8000000, 0x9, 0x10001, 0xfffffffe, 0x0, [{0x2, 0x4, 0x87, '\x00', 0xa0}, {0x9, 0x8, 0x2, '\x00', 0xb}, {0xff, 0x80, 0xd6, '\x00', 0x67}, {0x0, 0x5, 0x6, '\x00', 0xf}, {0x5, 0x9, 0xc, '\x00', 0xfb}, {0x0, 0x4, 0x54, '\x00', 0xff}, {0x71, 0xd5, 0xf1, '\x00', 0x7f}, {0x7, 0x4, 0xc}, {0x7f, 0x5, 0x4, '\x00', 0x8}, {0xd7, 0xa, 0xcc, '\x00', 0xff}, {0x0, 0x28, 0x80, '\x00', 0x9c}, {0xfb, 0x1, 0xfe, '\x00', 0xc}, {0xfe, 0x47, 0x26}, {0xcf, 0x3, 0x1, '\x00', 0x6}, {0xf, 0xee, 0x7, '\x00', 0x3}, {0x39, 0x2, 0x6, '\x00', 0xb}, {0x9, 0x6, 0x2, '\x00', 0x8}, {0x5, 0xc, 0x5, '\x00', 0xc}, {0x7, 0x1, 0x47, '\x00', 0xc0}, {0x8, 0x80, 0xf, '\x00', 0x7f}, {0x1, 0xc, 0x80, '\x00', 0x7f}, {0x10, 0x2, 0x3, '\x00', 0x66}, {0x1, 0x23, 0xf3, '\x00', 0x4}, {0x7, 0x6, 0x4, '\x00', 0xa}]}})

1m58.545650713s ago: executing program 5 (id=4778):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c0000001000370400000084fb82e942e58ef700", @ANYRES32=0x0, @ANYBLOB="00000000000000003c00128009000100626f6e64000000002c00028005001d00000000000500010004000000050015"], 0x5c}}, 0x0)
r3 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000280)={0x0, &(0x7f0000000480)=[@nested_create_vm={0x12d, 0x18}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x0, @save_area=0x588, 0x8, 0x7, 0x6}}, @uexit={0x0, 0x18, 0x4}, @nested_amd_clgi={0x17f, 0x10}, @nested_amd_vmload={0x182, 0x18}, @nested_vmlaunch={0x12f, 0x18, 0x2}, @cpuid={0x64, 0x18, {0x7fff, 0x1}}, @wrmsr={0x65, 0x20, {0x3a0, 0x8}}, @uexit={0x0, 0x18, 0x3}, @nested_amd_invlpga={0x17d, 0x20, {0x50000, 0x9cbc}}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0xa0, 0x4, 0xe8}}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_amd_set_intercept={0x181, 0x30, {0x3, 0x2, 0x4}}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @wr_crn={0x67, 0x20, {0x0, 0x735}}, @nested_vmresume={0x130, 0x18, 0x1}, @set_irq_handler={0xc8, 0x20, {0xb1}}, @wr_crn={0x67, 0x20, {0x4, 0x629}}, @rdmsr={0x66, 0x18, {0x94c}}, @wrmsr={0x65, 0x20, {0x961, 0x5}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @enable_nested={0x12c, 0x18}, @uexit={0x0, 0x18, 0xf18}, @set_irq_handler={0xc8, 0x20, {0x22, 0x2}}, @nested_amd_inject_event={0x180, 0x38, {0x2, 0x6, 0x5, 0x10, 0x3}}, @nested_vmresume={0x130, 0x18}], 0x330})
ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f00000002c0)={0x5, 0x0, [{0x988, 0x0, 0x2}, {0x2ad, 0x0, 0x7fff}, {0x13, 0x0, 0x6}, {0x963, 0x0, 0xe}, {0x242, 0x0, 0x6}]})
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x6)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x200)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000640)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000540)="8a21d57b0000", 0x0, 0x0, 0x12, 0x0, 0x0})
r7 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x400000)
ioctl$SG_SET_TIMEOUT(r7, 0x2201, &(0x7f0000000400)=0x200)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f00009b3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000040)="b9800000c00f3235004000000f30b9fa000000130f01d9300d76c4020a1bf7b805000000b90000c0fe0f3cae0a41d941d9000f20e035020000000f22e0ba00e500000f30660fc775022e0fba600c9864660ffc76002f3166b85766baa00066ed00d0", 0x62}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f00000001c0))
mount(&(0x7f0000000300), &(0x7f0000000100)='.\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
r8 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x20000)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r9, 0x2, 0x1}, 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000009c0)={r9, 0x20, &(0x7f0000000980)={&(0x7f0000000800)=""/71, 0x47, 0x0, &(0x7f0000000880)=""/217, 0xd9}}, 0x10)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f00000007c0)={0x1, 0x0, [{0x80000000, 0xfffffffd, 0x4, 0x10, 0x9, 0x40, 0x5}]})
write$evdev(r8, &(0x7f0000000200)=[{{0x77359400}, 0x14, 0x9, 0xe4}, {{}, 0x11, 0xed, 0xff}], 0x30)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="10000000", @ANYRES16, @ANYBLOB="200027bd7000fcdbdf252100000044002d8005000400000000000500010004000000080002"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$IEEE802154_START_REQ(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x8, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x6}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x2}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x3}, @IEEE802154_ATTR_BAT_EXT={0x5, 0x1a, 0x8}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x20004851)

1m57.634277072s ago: executing program 5 (id=4792):
fchown(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=@newqdisc={0x2c, 0x24, 0x800, 0x70bd2b, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1}, {0x1, 0xc}, {0xfff3, 0x5}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000400)=ANY=[@ANYBLOB="628ebfbf637cc329e3df3caf100550000080", @ANYRES16=r2, @ANYBLOB="070600000000000000002d0000000c002d000201aaaaaaaaaaaa0c00050000000000000000000a0001007770616e3000000008002f000500000005002e001500000005002b0003000000"], 0x50}}, 0x40000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r4, 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r6, &(0x7f0000000b40)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYRES64=r3, @ANYRES32, @ANYRES64=r5], 0x20}, 0x1, 0x0, 0x0, 0x3}, 0x8)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan3\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan4\x00', <r8=>0x0})
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r1, &(0x7f00000003c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000380)={&(0x7f0000000780)=ANY=[@ANYBLOB="86bfbddec8507a86f572a12499ac7533f2adddae8889f8db6ae1f7e66f9f8082f372377feb159925462b7fcd279d45737640393b97e54586a3d8be80281c16d8f3afca68f41689cd844eb06e1a083ac574c70973fbbf6c00e8395f4ec5e2293627999c8b1b4cdb0eadedef41d9b23d67f31566be716a2c91b1075c44515d40ac02d53aac42d10d4fcdb90e73177ac0cff1496408bab71b6c0a511653b42ae7732c26063325edc9787c91f4f5", @ANYRES16=r5, @ANYBLOB="340125bd7000fedbdf251f0000000c000600000000000000000008000300", @ANYRES32=r7, @ANYBLOB="0c000600000000000000000008000300", @ANYRES32=r8, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x18}, 0x20000000)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000084)
r9 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r10 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000090000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0)
syz_usb_control_io$printer(r10, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r10)
syz_usb_connect(0x0, 0x83, &(0x7f0000000900)=ANY=[@ANYBLOB="12015302a3716d10b00d2038bbd00102030109021200015407700509e57a55af2affc53a4c04450c00c6ff560e95ab3d462ebea3ea70d057b8f311bf5785bfe05e1c6bedf79adc411f8ab6"], &(0x7f0000003640)={0xa, &(0x7f0000003400)={0xa, 0x6, 0x201, 0x7b, 0x7, 0x0, 0x20, 0x5}, 0x38, &(0x7f0000003440)=ANY=[], 0x4, [{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x4, &(0x7f0000000880)=ANY=[@ANYBLOB="00035d41fdbe2d1257c24de06940975a0b1e09db43752af34e06000000c2a3aceef8a99c50f81d1e6ff932cc3b90d8f5cd8754e5479d8effdb1e3c85eed8f8f1afb935fe255bac8069d7f18e20acc2ce737de89b9472e09904000000000000002eee3d208e17a31c22536bd2d12334cd5facd4e6aa90"]}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x4001, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0xc)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c0020df1c1654969632bb89c11dbdd5bbf95cfb8b27ae58a19d0c527c30be2f625dc6b9c6cd2e8a20ca452031f88ad705327c080174a71185ae27b0606a5a0461d960d9c3811dbf6f1e0a0000e72a5aba0348eb2336243f8b97ae4ce7af906f21e1da5a83d70466f7d978ab72173a5cf10d33f2909414240d45ecea2aecadd7412e2a4731d1c047f249b45e35cba8aeff", @ANYRES16=0x0, @ANYBLOB="000228bd7000fddbdf250300000008000a0002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40)
openat(r9, &(0x7f00000002c0)='./file0\x00', 0x30a000d, 0x192)
ioctl$EVIOCGBITSW(r9, 0x80404525, &(0x7f00000001c0)=""/218)

1m56.663419734s ago: executing program 5 (id=4803):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
r1 = syz_open_dev$audion(&(0x7f0000000040), 0xa, 0x204300)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000c24000/0x1000)=nil, 0x1000}, 0x6})
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

1m56.606111068s ago: executing program 5 (id=4804):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x1) (async)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) (async)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="66643d6f377ca4f84a9fee1757635e11bc2e7d44d5d18cff24659091a60237b9f2a04be1daad3610a60d53c975307f9363ee0f7e00000000000000000000006047d70f5c45618c1bf6db73449ce6ec7a42afb5c0e38272e22907111112f870851da223ff61e94d72c6e7908c9561d26937e62e4bef629ae0e6a41adecddaf64bb84815e498374b005d76d30993775afab31743cd8b0192224117b8aeca33151e1af5b717dd3ef010834933453eee68070875daacfb7bd867aa14b35a307670aa03fee0923bda9ac048e128e86ee12c0a5b9c6733000e3f8d3312cc", @ANYRESHEX=r2, @ANYRES8=0x0, @ANYRES64=r0, @ANYRESOCT=r2, @ANYRESDEC=0x0]) (async, rerun: 64)
move_mount(r1, &(0x7f0000000140)='.\x00', r0, &(0x7f0000000300)='./file0\x00', 0x41) (rerun: 64)
move_mount(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000100)='./file0\x00', 0x220)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x9, 0x7, 0x80000000, 0x0, 0x5, 0x5200}, [@TCA_NETEM_RATE={0x14, 0x6, {0x9, 0x1, 0xb, 0x7}}]}}}]}, 0x60}}, 0x0)

1m56.443580111s ago: executing program 5 (id=4805):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f00000000c0)={'veth1_vlan\x00', 0x0, 0x9})
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000080)={'bond0\x00', @ifru_names='nr0\x00'}) (async)
ioctl$sock_netdev_private(r0, 0x89f2, &(0x7f0000000680)="0d8a15137902ab9038317020ece04c3cfae89329f67d") (async)
ioctl$XFS_IOC_PATH_TO_HANDLE(r0, 0xc0385869, &(0x7f0000000000)={<r1=>r0, &(0x7f0000000580)='#$-#.\xcf..)\\+\x00;\xb6\xdc4\xf7\xd7\xe5\xd9\x9132\x10~\x97\xba&\x90{Q\xf1\x93\xcamsY\x04\nZg\xfc\x7f\xdf\xe1\x17^je\xd9*\x05\xcf\x8b\x9c\x85\xfc\xa7\xf2H\x01\xae#\xaa\x8a\xc3\xcd\x1f\xb7V\xa2\xb2\xd0\xd3??\x13\x1f#E\xae\x1f8Ai\xc1\xe0*\x89Q4\xaf\tk\xe2z\to\x15\xed\xf6\xfe\x05\xee\xd0\x80\xf7\x81\xa7\xa9\x91\xb3\xd6\x12|\x83j\x90\x82y\xe3\xbf7_\xc8\xa7K\xe0\xef\xb9QS\xb9\r\xf0h\xe7\xb3\xc0\xfa\xf6eQ\xa6\x9bH;\x8a\xff\xc0 \xaf^\xa6\x16m\xa5]`\xbc\x8b\xca\xbf', 0x40a002, &(0x7f0000000040)={@_ha_fsid={[0xfffffff8, 0x4]}, {0x3999, 0x3, 0xfffffc01, 0x8000}}, 0x6, &(0x7f00000001c0)={@_ha_fsid}, &(0x7f0000000200)=0x2}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000002c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_mtu(r3, 0x0, 0xa, 0x0, &(0x7f0000000040)) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x28, r4, 0x5, 0x70bd2b, 0x3, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5, 0x11, 0x1}]}]}, 0x28}}, 0x4008000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x2) (async)
r6 = syz_io_uring_setup(0x88f, &(0x7f00000001c0)={0x0, 0xaee2, 0x80, 0x200002, 0x1f9}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0\x00', 0xe5, 0x208000}) (async)
io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0) (async)
io_uring_enter(r1, 0x5da1, 0xf9, 0x4, &(0x7f0000000640)={[0x9]}, 0x8)
umount2(&(0x7f00000001c0)='./file0\x00', 0x1) (async)
chown(&(0x7f00000003c0)='./file0\x00', 0x0, 0xee01) (async)
r9 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$PTP_ENABLE_PPS(r9, 0x40043d04, 0x1) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0xe1, 0x33, &(0x7f0000000280)="2835dc4857e699fe0a82cde381d52d74795ec7ee32a2a858c3c129c5eff4c20a2e1463a20f0a28858fa39ef382621310294504c4461f9ee52c3bb5a6fdda6a64547aaeeb66cda76a51a6616c18bd0ee8da5a3f00a5d74ab59a1fa7dc075f147ed6e06d8a02190a93d453a9629ab2fd5812fae33aa453bfb821aba503a66dc1399872a693de321f404bb9663dd966bddae1a42f6bb3b0e31d2733ea1493b4de50529915a3165ed5bffc0ae9143e3cdbaf62d5e9cdb31aa7aae13cb249e657d9dbe4f68dfa70296276792c602cddd129b0b4c203e385ae2017a5dfa240ac4ef49513", &(0x7f0000000380)=""/51, 0x7, 0x0, 0xaf, 0x5c, &(0x7f00000003c0)="0b2922d2fd36e3d9a8cca9226d8dd64cbf3678921168fc5399bd7ec432700c820e605bda58860ff1f561395c390b8b05bcee9a651e8d5ce510875142931ea3cf3638b8c9fa8c40e64866ca8a1cdadee8bebe0c7c25f9c27d2d713a044a6a33c71aef22e1248ab328f9481953e897f5a82fa116222734b9c0a6585660e860fdde2bf54c739d6d313034eb9993a2102bb5df56b1b7e5848dee8f6b86b63e53c917138c99b074219491b3ff3e3f0c75a6", &(0x7f0000000480)="a8a71fa3bf92877ef1b1c148dc4af3a48f19887a29bde1ebd27c52f1e6a1d801680db47b6c711ae5a43e11e5c718431993173dfe484f7b7cd5a79f2acb2195d171a2912d4a978205d9de084cdfaf5de7f600062bc93343edb1d41e83", 0x7, 0x0, 0x80}, 0x50)

1m51.53478973s ago: executing program 5 (id=4816):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20) (async)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) (async)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0xffffff7e)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0xffffffffffffffda, r4, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50) (async)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000880)={0x30, 0x5, 0x0, {0x0, 0x1, 0x4, 0x3}}, 0x30) (async)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) (async)
connect$inet6(r2, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="0200000001"], 0x48) (async)
r6 = fsmount(r0, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f00)={{r5}, &(0x7f00000006c0), &(0x7f0000000ec0)=r6}, 0x20) (async)
fchdir(r6) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000f43100020000000000"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000002090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r9}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000000)='./file0\x00', r5}, 0x18)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) (async)
pread64(r10, &(0x7f00000003c0)=""/128, 0x80, 0x9) (async)
open$dir(&(0x7f0000000000)='./file0\x00', 0x101001, 0x20) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x170bd26, 0x25dfdbff, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@loopback, 0x800}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008011}, 0x4040) (async)
getsockopt$inet_mreqn(r8, 0x0, 0x24, &(0x7f0000000300)={@dev, @rand_addr, <r11=>0x0}, &(0x7f0000000340)=0xc)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r10, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x78, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r11}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xcbbc}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x8081)

1m51.432815033s ago: executing program 36 (id=4816):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20) (async)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) (async)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0xffffff7e)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0xffffffffffffffda, r4, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50) (async)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000880)={0x30, 0x5, 0x0, {0x0, 0x1, 0x4, 0x3}}, 0x30) (async)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) (async)
connect$inet6(r2, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="0200000001"], 0x48) (async)
r6 = fsmount(r0, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f00)={{r5}, &(0x7f00000006c0), &(0x7f0000000ec0)=r6}, 0x20) (async)
fchdir(r6) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000f43100020000000000"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000002090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r9}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000000)='./file0\x00', r5}, 0x18)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) (async)
pread64(r10, &(0x7f00000003c0)=""/128, 0x80, 0x9) (async)
open$dir(&(0x7f0000000000)='./file0\x00', 0x101001, 0x20) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x170bd26, 0x25dfdbff, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@loopback, 0x800}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008011}, 0x4040) (async)
getsockopt$inet_mreqn(r8, 0x0, 0x24, &(0x7f0000000300)={@dev, @rand_addr, <r11=>0x0}, &(0x7f0000000340)=0xc)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r10, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x78, 0x0, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x8}, @MPTCP_PM_ATTR_ADDR={0x34, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r11}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xcbbc}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x8081)

42.830949633s ago: executing program 6 (id=6005):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x4, 0x1000001)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r3, @ANYBLOB="01980000000000402000128008000100667265001400028008000700ac1414000600030008000000d1736b2a4ed9b30a3e1f7c65e8d21f88c5e5d243c93267aba8895057835d7e1b6896624f724f7e3bbfbf940ed476adb96a5ecd676b8ac7dd7351f10203e6af2cb1957c6350aaea12a1583cce8715f0224fc08660c8d0bbef08d3b760225797a3f6fa0ed7705493eeb9bf268aa4ca4d71f24fa1af6bb46500"/174], 0x40}}, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000040)={&(0x7f0000000680)={0x154, 0x0, 0x1, 0x5, 0x0, 0x0, {0xb, 0x0, 0x1}, [@CTA_SYNPROXY={0x3c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x200}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x48}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0xf}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0x9, 0x1, 'snmp\x00'}}, @CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}]}, @CTA_NAT_DST={0x48, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x44, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}]}]}, @CTA_NAT_DST={0x70, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @loopback}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x25}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @private=0xa010101}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @remote}, @CTA_NAT_PROTO={0x34, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @local}, @CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xa}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x4}]}, 0x154}, 0x1, 0x0, 0x0, 0x4094}, 0x2000800)
sendfile(r4, r5, 0x0, 0x3fffff)
sendto$packet(r0, &(0x7f0000000240)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df75e3ffe46630d4a1741b1554dd5a55e66eaecea76d5d174c21eea8e02493ac4beba5ab57d22b47f9e9db8fb29de336d8af9753fcd0c84", 0x6a, 0x0, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

41.59498868s ago: executing program 6 (id=6006):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES32=0x0, @ANYBLOB="ac1414"], 0x50}}], 0x1, 0xc080)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3, 0x401}}}]}, 0x3c}}, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00', @mcast1, 0x9, 0x7, 0x10, 0x0, 0x2, 0x4100000, r4})
r5 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x0, 0x2b5}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000580)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r8 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r5, 0x46bc, 0x3, 0x20, 0x0, 0x20)

26.695743719s ago: executing program 6 (id=6012):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x358, 0x130, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x288, 0xffffffff, 0xffffffff, 0x288, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [0xffff00, 0xff000000], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x88}, 0x0, 0x108, 0x130, 0x0, {}, [@common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x3096, 0x8000, 0x56e5, {0xd}}}, @common=@ipv6header={{0x28}, {0x0, 0x80}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [0x0, 0x0, 0x0, 0xff000000], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x4}, 0x0, 0x128, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x18, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff, 0x40}}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfffffffe, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3b8) (async, rerun: 64)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2) (rerun: 64)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0) (async)
r2 = socket$inet6(0xa, 0x2, 0x0) (async)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='k', 0x1, 0xfffffffffffffffb)
keyctl$unlink(0x9, r3, 0xfffffffffffffffb) (async, rerun: 32)
keyctl$set_timeout(0xf, r3, 0x800) (rerun: 32)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) (async)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x3}, {{0x0, 0x0, 0x0}, 0xa1}], 0x40000000000020a, 0x0, 0x0)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000000)) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
keyctl$instantiate_iov(0x14, r3, &(0x7f0000000ac0)=[{&(0x7f0000000400)}, {&(0x7f0000000a80)="40f655644fc10de9109c442f4bb47d511bb80097bffd1754e10489ba087902c736064817355f68f34d9f68c40c4c68bfde118d6218c3fb11ec163c4ecc", 0x3d}], 0x2, r3)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r6, {0x1c, 0x1}, {}, {0xffe0, 0xc}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x80010001}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x240488d0) (rerun: 64)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) (async)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random=0xfffb, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @val={0x25, 0x3, {0x1, 0xb7, 0x5}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}, 0x43)
sendmsg$inet(r2, &(0x7f00000003c0)={&(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="45d4b20cd3c7645187df3d7e6085b98a95344f54a336d5326b609a1bb29281833d4cc9b1770753e12e9da1cdaf623f0021e8838449a71ee7fd3b5682db100afa83d2a81486eb8ad0399bdf6129c92f51bda0a60ee131eb6685176ae88aef315d9e5889d1bea93bf4f9d85e6e6a", 0x6d}, {&(0x7f0000000240)="c753876aaf0d07f395bb1d1852c3065776bf76d1c006a49cf07519f61e0fa65ba403c1a55024187b4110bb5fac8ede466898bc47b37a41fb5cdfce2a9b5f189bfa1f791c25cea7551e175f10f21a0dc369ff511069509fe4df079e789ba3a7ee1520237468e620551d203f7cb84ec4c6722eb96e69c31e6b1929dec184d07eda39", 0x81}, {&(0x7f0000000340)="3465aafcd88acaf00b7bfc558bf914505df6952cd4dcd2c5e114c511b6c2cf2df1b9", 0x22}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xdce}}, @ip_retopts={{0xec, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x24, 0xf1, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x30}, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3ff}, {@empty, 0x6}, {@empty, 0x5}]}, @cipso={0x86, 0x3c, 0x2, [{0x6, 0x10, "c5aa3ebe589c5ec0e54fcd0d55e7"}, {0x5, 0x11, "ecdd3bcfd129b7e0277e5bfbfd4e69"}, {0x5, 0x4, "eb19"}, {0x5, 0x8, "fdd3765b1073"}, {0x1, 0x9, "9bbce9bc6c6a5e"}]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0x2, [{@remote, 0xff}, {@loopback, 0x9}]}, @timestamp={0x44, 0x10, 0xa8, 0x0, 0xb, [0x21, 0x9, 0x3189]}, @cipso={0x86, 0x26, 0x2, [{0x1, 0x10, "05b2a3f9037fe8853eb948e7de13"}, {0x7, 0x10, "6d7b9bdf69274cbcd7f6b192665d"}]}, @timestamp={0x44, 0x8, 0x52, 0x0, 0x0, [0x8]}, @timestamp_addr={0x44, 0xc, 0xd5, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x17}, 0x1ab4}]}, @lsrr={0x83, 0x7, 0x97, [@remote]}, @cipso={0x86, 0x16, 0xffffffffffffffff, [{0x6, 0x4, "0ede"}, {0x0, 0xc, "9b17b4e34103f558fe0d"}]}, @end]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9f3}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000000}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x83, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback]}, @timestamp={0x44, 0x8, 0x3d, 0x0, 0x4, [0x800]}, @noop, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x28, 0x8, 0x0, 0x8, [0x32bd, 0xfc66, 0x7, 0x10000, 0x9, 0x1648, 0x5, 0xff, 0x8]}, @generic={0x89, 0xa, "2bae99fee488307e"}, @ra={0x94, 0x4}, @lsrr={0x83, 0x7, 0xec, [@dev={0xac, 0x14, 0x14, 0x10}]}]}}}], 0x220}, 0x4000)

17.531276357s ago: executing program 6 (id=6012):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x358, 0x130, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x288, 0xffffffff, 0xffffffff, 0x288, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [0xffff00, 0xff000000], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x88}, 0x0, 0x108, 0x130, 0x0, {}, [@common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x3096, 0x8000, 0x56e5, {0xd}}}, @common=@ipv6header={{0x28}, {0x0, 0x80}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [0x0, 0x0, 0x0, 0xff000000], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x4}, 0x0, 0x128, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x18, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff, 0x40}}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfffffffe, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3b8) (async, rerun: 64)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2) (rerun: 64)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0) (async)
r2 = socket$inet6(0xa, 0x2, 0x0) (async)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='k', 0x1, 0xfffffffffffffffb)
keyctl$unlink(0x9, r3, 0xfffffffffffffffb) (async, rerun: 32)
keyctl$set_timeout(0xf, r3, 0x800) (rerun: 32)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) (async)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x3}, {{0x0, 0x0, 0x0}, 0xa1}], 0x40000000000020a, 0x0, 0x0)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000000)) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
keyctl$instantiate_iov(0x14, r3, &(0x7f0000000ac0)=[{&(0x7f0000000400)}, {&(0x7f0000000a80)="40f655644fc10de9109c442f4bb47d511bb80097bffd1754e10489ba087902c736064817355f68f34d9f68c40c4c68bfde118d6218c3fb11ec163c4ecc", 0x3d}], 0x2, r3)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r6, {0x1c, 0x1}, {}, {0xffe0, 0xc}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x80010001}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x240488d0) (rerun: 64)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) (async)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random=0xfffb, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @val={0x25, 0x3, {0x1, 0xb7, 0x5}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}, 0x43)
sendmsg$inet(r2, &(0x7f00000003c0)={&(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="45d4b20cd3c7645187df3d7e6085b98a95344f54a336d5326b609a1bb29281833d4cc9b1770753e12e9da1cdaf623f0021e8838449a71ee7fd3b5682db100afa83d2a81486eb8ad0399bdf6129c92f51bda0a60ee131eb6685176ae88aef315d9e5889d1bea93bf4f9d85e6e6a", 0x6d}, {&(0x7f0000000240)="c753876aaf0d07f395bb1d1852c3065776bf76d1c006a49cf07519f61e0fa65ba403c1a55024187b4110bb5fac8ede466898bc47b37a41fb5cdfce2a9b5f189bfa1f791c25cea7551e175f10f21a0dc369ff511069509fe4df079e789ba3a7ee1520237468e620551d203f7cb84ec4c6722eb96e69c31e6b1929dec184d07eda39", 0x81}, {&(0x7f0000000340)="3465aafcd88acaf00b7bfc558bf914505df6952cd4dcd2c5e114c511b6c2cf2df1b9", 0x22}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xdce}}, @ip_retopts={{0xec, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x24, 0xf1, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x30}, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3ff}, {@empty, 0x6}, {@empty, 0x5}]}, @cipso={0x86, 0x3c, 0x2, [{0x6, 0x10, "c5aa3ebe589c5ec0e54fcd0d55e7"}, {0x5, 0x11, "ecdd3bcfd129b7e0277e5bfbfd4e69"}, {0x5, 0x4, "eb19"}, {0x5, 0x8, "fdd3765b1073"}, {0x1, 0x9, "9bbce9bc6c6a5e"}]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0x2, [{@remote, 0xff}, {@loopback, 0x9}]}, @timestamp={0x44, 0x10, 0xa8, 0x0, 0xb, [0x21, 0x9, 0x3189]}, @cipso={0x86, 0x26, 0x2, [{0x1, 0x10, "05b2a3f9037fe8853eb948e7de13"}, {0x7, 0x10, "6d7b9bdf69274cbcd7f6b192665d"}]}, @timestamp={0x44, 0x8, 0x52, 0x0, 0x0, [0x8]}, @timestamp_addr={0x44, 0xc, 0xd5, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x17}, 0x1ab4}]}, @lsrr={0x83, 0x7, 0x97, [@remote]}, @cipso={0x86, 0x16, 0xffffffffffffffff, [{0x6, 0x4, "0ede"}, {0x0, 0xc, "9b17b4e34103f558fe0d"}]}, @end]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9f3}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000000}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x83, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback]}, @timestamp={0x44, 0x8, 0x3d, 0x0, 0x4, [0x800]}, @noop, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x28, 0x8, 0x0, 0x8, [0x32bd, 0xfc66, 0x7, 0x10000, 0x9, 0x1648, 0x5, 0xff, 0x8]}, @generic={0x89, 0xa, "2bae99fee488307e"}, @ra={0x94, 0x4}, @lsrr={0x83, 0x7, 0xec, [@dev={0xac, 0x14, 0x14, 0x10}]}]}}}], 0x220}, 0x4000)

9.058261951s ago: executing program 6 (id=6012):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x358, 0x130, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x288, 0xffffffff, 0xffffffff, 0x288, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [0xffff00, 0xff000000], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x88}, 0x0, 0x108, 0x130, 0x0, {}, [@common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x3096, 0x8000, 0x56e5, {0xd}}}, @common=@ipv6header={{0x28}, {0x0, 0x80}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [0x0, 0x0, 0x0, 0xff000000], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x4}, 0x0, 0x128, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x18, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff, 0x40}}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfffffffe, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3b8) (async, rerun: 64)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2) (rerun: 64)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0) (async)
r2 = socket$inet6(0xa, 0x2, 0x0) (async)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='k', 0x1, 0xfffffffffffffffb)
keyctl$unlink(0x9, r3, 0xfffffffffffffffb) (async, rerun: 32)
keyctl$set_timeout(0xf, r3, 0x800) (rerun: 32)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) (async)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x3}, {{0x0, 0x0, 0x0}, 0xa1}], 0x40000000000020a, 0x0, 0x0)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000000)) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
keyctl$instantiate_iov(0x14, r3, &(0x7f0000000ac0)=[{&(0x7f0000000400)}, {&(0x7f0000000a80)="40f655644fc10de9109c442f4bb47d511bb80097bffd1754e10489ba087902c736064817355f68f34d9f68c40c4c68bfde118d6218c3fb11ec163c4ecc", 0x3d}], 0x2, r3)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r6, {0x1c, 0x1}, {}, {0xffe0, 0xc}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x80010001}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x240488d0) (rerun: 64)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) (async)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random=0xfffb, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @val={0x25, 0x3, {0x1, 0xb7, 0x5}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}, 0x43)
sendmsg$inet(r2, &(0x7f00000003c0)={&(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="45d4b20cd3c7645187df3d7e6085b98a95344f54a336d5326b609a1bb29281833d4cc9b1770753e12e9da1cdaf623f0021e8838449a71ee7fd3b5682db100afa83d2a81486eb8ad0399bdf6129c92f51bda0a60ee131eb6685176ae88aef315d9e5889d1bea93bf4f9d85e6e6a", 0x6d}, {&(0x7f0000000240)="c753876aaf0d07f395bb1d1852c3065776bf76d1c006a49cf07519f61e0fa65ba403c1a55024187b4110bb5fac8ede466898bc47b37a41fb5cdfce2a9b5f189bfa1f791c25cea7551e175f10f21a0dc369ff511069509fe4df079e789ba3a7ee1520237468e620551d203f7cb84ec4c6722eb96e69c31e6b1929dec184d07eda39", 0x81}, {&(0x7f0000000340)="3465aafcd88acaf00b7bfc558bf914505df6952cd4dcd2c5e114c511b6c2cf2df1b9", 0x22}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xdce}}, @ip_retopts={{0xec, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x24, 0xf1, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x30}, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3ff}, {@empty, 0x6}, {@empty, 0x5}]}, @cipso={0x86, 0x3c, 0x2, [{0x6, 0x10, "c5aa3ebe589c5ec0e54fcd0d55e7"}, {0x5, 0x11, "ecdd3bcfd129b7e0277e5bfbfd4e69"}, {0x5, 0x4, "eb19"}, {0x5, 0x8, "fdd3765b1073"}, {0x1, 0x9, "9bbce9bc6c6a5e"}]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0x2, [{@remote, 0xff}, {@loopback, 0x9}]}, @timestamp={0x44, 0x10, 0xa8, 0x0, 0xb, [0x21, 0x9, 0x3189]}, @cipso={0x86, 0x26, 0x2, [{0x1, 0x10, "05b2a3f9037fe8853eb948e7de13"}, {0x7, 0x10, "6d7b9bdf69274cbcd7f6b192665d"}]}, @timestamp={0x44, 0x8, 0x52, 0x0, 0x0, [0x8]}, @timestamp_addr={0x44, 0xc, 0xd5, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x17}, 0x1ab4}]}, @lsrr={0x83, 0x7, 0x97, [@remote]}, @cipso={0x86, 0x16, 0xffffffffffffffff, [{0x6, 0x4, "0ede"}, {0x0, 0xc, "9b17b4e34103f558fe0d"}]}, @end]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9f3}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000000}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x83, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback]}, @timestamp={0x44, 0x8, 0x3d, 0x0, 0x4, [0x800]}, @noop, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x28, 0x8, 0x0, 0x8, [0x32bd, 0xfc66, 0x7, 0x10000, 0x9, 0x1648, 0x5, 0xff, 0x8]}, @generic={0x89, 0xa, "2bae99fee488307e"}, @ra={0x94, 0x4}, @lsrr={0x83, 0x7, 0xec, [@dev={0xac, 0x14, 0x14, 0x10}]}]}}}], 0x220}, 0x4000)

2.052073638s ago: executing program 4 (id=6498):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x10, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000900)=[@text16={0x10, 0x0}], 0x1, 0x13, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1a, 0x5, 0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0xe13aefb, 0x7, 0x1, 0xff, 0x0, 0xc7, 0x101, 0x80, 0xfff, 0xffffffff, 0x400007b, 0x6, 0x4007f, 0xe, 0xfffffffffffff001, 0x7ff], 0x80a0000, 0x2000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.904277433s ago: executing program 8 (id=6501):
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
readahead(0xffffffffffffffff, 0xfffffffffffffff9, 0x4)

1.828923083s ago: executing program 4 (id=6502):
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e23, 0x1, @local, 0x7}}, 0x0, 0x0, 0x59, 0x0, "cebd7ceedb7b0ad952e966b92b346b023df2cb59e32e10366456deac64d99f206bd4aea40b7161161a8b2749fe18aab0d08bd23f603d373fcc250c30136f9ef2ef8b00"}, 0xd8)
write$binfmt_aout(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000040)={0x0, 0x7, 0x41, 0x0, 0x83, "00000000000000000000ffff00"})
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x80000001})
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000001800)={0x4, 0x4, 0x6, 0x5, 0x1b, "3e533005a5b152308435c559a2e30053a727c9"})

1.784841595s ago: executing program 4 (id=6503):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x5, 0x2, 0x9, 0x4, 0x7fff, 0x7, 0xfffffffffffffffa, 0x91a}, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r0, 0x1, &(0x7f0000000140)={&(0x7f0000000000)=""/120, 0x78})

1.704057649s ago: executing program 8 (id=6504):
memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x13)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f00005a4000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x840)
r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0x1, 0x20002f6})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_setup(0x57eb, &(0x7f0000000140)={0x0, 0x0, 0x3000})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{0x3c, 0x7, 0x1, 0x5}, {0x6, 0x25, 0x4, 0x207}]}, 0x10)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_pid(r1, &(0x7f0000000000), 0xffffff98)
connect$vsock_stream(0xffffffffffffffff, &(0x7f00000001c0)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x3c7})
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)

854.625278ms ago: executing program 8 (id=6512):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000001c0)="d8df7e23b3b9ce000000b807000000ba000000000f301b8154fea900b9b60a000080320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000000b9a6080000b800000100ba000000000f300f300fc79d53bf0000c4b9e16dc301012202", 0x62}], 0x1, 0x10, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000900)=[@text16={0x10, 0x0}], 0x1, 0x13, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000580)={0x1e, 0x5, 0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x1, 0x7, 0x1, 0xff, 0x6, 0x4, 0x452, 0x7, 0x3, 0xffffffff, 0x400007b, 0x7, 0x1, 0x13, 0x4c7, 0x7ff], 0x3000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

854.545694ms ago: executing program 4 (id=6513):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000240)={0x0, 0x964, 0x89f8}, 0x8)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000002c0)={0x0, 0x1, 0x6000}, 0x8)

784.725211ms ago: executing program 8 (id=6515):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x2, 0x0, 0x0)

784.664203ms ago: executing program 4 (id=6516):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x52, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x6a, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

784.49253ms ago: executing program 8 (id=6518):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000280)={[0x60000000004, 0x1000000000, 0x80000000000005, 0x41, 0x2000000, 0x0, 0x2004cb, 0xffffffffeffffffe, 0xa1d, 0x9, 0x5, 0x0, 0x3, 0x2, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000340)=@arm64={0x80, 0x9, 0xb, '\x00', 0x55})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xfec00000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x7, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x2000, 0x5000, 0xc, 0xff, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x8, 0x0, 0x6}, {0xeeee8000, 0xffff1000, 0x9, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0xa, 0xfe, 0x0, 0x0, 0x3}, {0x0, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xca, 0x26}, {0x80a0000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x10000, 0x50, 0x0, 0xf801, 0xeeee8000, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

714.743934ms ago: executing program 7 (id=6519):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xe, 0x0, 0x2003fffe, 0x7, 0x2, 0xb, 0xfffffffd, 0x100000, 0x7}})

714.61506ms ago: executing program 7 (id=6520):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000100)={0x0, 0x0})
ioctl$KVM_KVMCLOCK_CTRL(r3, 0xaead)

714.241269ms ago: executing program 6 (id=6012):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x358, 0x130, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x288, 0xffffffff, 0xffffffff, 0x288, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast2, @mcast2, [0xffff00, 0xff000000], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x88}, 0x0, 0x108, 0x130, 0x0, {}, [@common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x3096, 0x8000, 0x56e5, {0xd}}}, @common=@ipv6header={{0x28}, {0x0, 0x80}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [0x0, 0x0, 0x0, 0xff000000], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x4}, 0x0, 0x128, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x18, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff, 0x40}}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfffffffe, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3b8) (async, rerun: 64)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2) (rerun: 64)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0) (async)
r2 = socket$inet6(0xa, 0x2, 0x0) (async)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='k', 0x1, 0xfffffffffffffffb)
keyctl$unlink(0x9, r3, 0xfffffffffffffffb) (async, rerun: 32)
keyctl$set_timeout(0xf, r3, 0x800) (rerun: 32)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) (async)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, 0x3}, {{0x0, 0x0, 0x0}, 0xa1}], 0x40000000000020a, 0x0, 0x0)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000000)) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
keyctl$instantiate_iov(0x14, r3, &(0x7f0000000ac0)=[{&(0x7f0000000400)}, {&(0x7f0000000a80)="40f655644fc10de9109c442f4bb47d511bb80097bffd1754e10489ba087902c736064817355f68f34d9f68c40c4c68bfde118d6218c3fb11ec163c4ecc", 0x3d}], 0x2, r3)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r6, {0x1c, 0x1}, {}, {0xffe0, 0xc}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x80010001}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x240488d0) (rerun: 64)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) (async)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac=@device_b}, 0x0, @random=0xfffb, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @val={0x25, 0x3, {0x1, 0xb7, 0x5}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}, 0x43)
sendmsg$inet(r2, &(0x7f00000003c0)={&(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="45d4b20cd3c7645187df3d7e6085b98a95344f54a336d5326b609a1bb29281833d4cc9b1770753e12e9da1cdaf623f0021e8838449a71ee7fd3b5682db100afa83d2a81486eb8ad0399bdf6129c92f51bda0a60ee131eb6685176ae88aef315d9e5889d1bea93bf4f9d85e6e6a", 0x6d}, {&(0x7f0000000240)="c753876aaf0d07f395bb1d1852c3065776bf76d1c006a49cf07519f61e0fa65ba403c1a55024187b4110bb5fac8ede466898bc47b37a41fb5cdfce2a9b5f189bfa1f791c25cea7551e175f10f21a0dc369ff511069509fe4df079e789ba3a7ee1520237468e620551d203f7cb84ec4c6722eb96e69c31e6b1929dec184d07eda39", 0x81}, {&(0x7f0000000340)="3465aafcd88acaf00b7bfc558bf914505df6952cd4dcd2c5e114c511b6c2cf2df1b9", 0x22}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xdce}}, @ip_retopts={{0xec, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x24, 0xf1, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x30}, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3ff}, {@empty, 0x6}, {@empty, 0x5}]}, @cipso={0x86, 0x3c, 0x2, [{0x6, 0x10, "c5aa3ebe589c5ec0e54fcd0d55e7"}, {0x5, 0x11, "ecdd3bcfd129b7e0277e5bfbfd4e69"}, {0x5, 0x4, "eb19"}, {0x5, 0x8, "fdd3765b1073"}, {0x1, 0x9, "9bbce9bc6c6a5e"}]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0x2, [{@remote, 0xff}, {@loopback, 0x9}]}, @timestamp={0x44, 0x10, 0xa8, 0x0, 0xb, [0x21, 0x9, 0x3189]}, @cipso={0x86, 0x26, 0x2, [{0x1, 0x10, "05b2a3f9037fe8853eb948e7de13"}, {0x7, 0x10, "6d7b9bdf69274cbcd7f6b192665d"}]}, @timestamp={0x44, 0x8, 0x52, 0x0, 0x0, [0x8]}, @timestamp_addr={0x44, 0xc, 0xd5, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x17}, 0x1ab4}]}, @lsrr={0x83, 0x7, 0x97, [@remote]}, @cipso={0x86, 0x16, 0xffffffffffffffff, [{0x6, 0x4, "0ede"}, {0x0, 0xc, "9b17b4e34103f558fe0d"}]}, @end]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9f3}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xf6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000000}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x83, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback]}, @timestamp={0x44, 0x8, 0x3d, 0x0, 0x4, [0x800]}, @noop, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x28, 0x8, 0x0, 0x8, [0x32bd, 0xfc66, 0x7, 0x10000, 0x9, 0x1648, 0x5, 0xff, 0x8]}, @generic={0x89, 0xa, "2bae99fee488307e"}, @ra={0x94, 0x4}, @lsrr={0x83, 0x7, 0xec, [@dev={0xac, 0x14, 0x14, 0x10}]}]}}}], 0x220}, 0x4000)

103.060577ms ago: executing program 4 (id=6521):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000003c0)="0f326635004000000f300f00d636808a0d0001ba4300b80b00eb66b88c5000000f23d02a3ff866352000000e0f23f80f01c30f789deb32660f3a21cf220f2bb00058660f1bde", 0x46}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
syz_io_uring_setup(0x666c, &(0x7f0000000180)={0x0, 0xa604, 0x1000, 0x0, 0x24f}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

102.646597ms ago: executing program 8 (id=6522):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x4370, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
fallocate(r2, 0x1, 0x100000000, 0x10000)

102.57486ms ago: executing program 7 (id=6523):
select(0x40, &(0x7f0000000040)={0x9, 0x8, 0xff, 0x1, 0x7, 0x1, 0x1, 0x2ec1}, 0x0, 0x0, 0x0)
unshare(0x40400)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
bpf$LINK_DETACH(0x22, &(0x7f0000000040), 0x4)

102.496074ms ago: executing program 7 (id=6524):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000001c0)="d8df7e23b3b9ce000000b807000000ba000000000f301b8154fea900b9b60a000080320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000000b9a6080000b800000100ba000000000f300f300fc79d53bf0000c4b9e16dc301012202", 0x62}], 0x1, 0x10, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000900)=[@text16={0x10, 0x0}], 0x1, 0x13, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000580)={0x1e, 0x5, 0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x1, 0x7, 0x1, 0xff, 0x6, 0x4, 0x452, 0x7, 0x3, 0xffffffff, 0x400007b, 0x7, 0x1, 0x13, 0x4c7, 0x7ff], 0x3000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.734832ms ago: executing program 7 (id=6525):
gettid()
timer_create(0x1, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
openat$kvm(0xffffffffffffff9c, 0x0, 0x83, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/udp\x00')
utimensat(r0, 0x0, &(0x7f0000000880)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0)

0s ago: executing program 7 (id=6526):
r0 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000140)=0xf8, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x6568, 0x4)
syz_emit_ethernet(0x3e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6c370c8900083c0120010000000000000000000000000000fe8000000000000000000000000000aaff"], 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x9f69a7a086f70ae8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x38, 0x80}}], 0x1, 0x4801)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

kernel console output (not intermixed with test programs):

oot:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  352.478950][T21536] binder: BINDER_SET_CONTEXT_MGR already set
[  352.484592][T21536] binder: 21535:21536 ioctl 4018620d 200000004a80 returned -16
[  352.492459][T21541] xt_recent: Unsupported userspace flags (000000b2)
[  352.526001][   T40] audit: type=1400 audit(1772018791.844:12445): avc:  denied  { bind } for  pid=21538 comm="syz.8.5051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  352.588393][   T40] audit: type=1804 audit(1772018791.904:12446): pid=21549 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.5052" name="/newroot/272/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  352.798678][   T40] audit: type=1400 audit(1772018792.114:12447): avc:  denied  { getopt } for  pid=21555 comm="syz.8.5054" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  352.845664][T21560] 9pnet_virtio: no channels available for device syz
[  352.871927][T21560] sctp: [Deprecated]: syz.8.5055 (pid 21560) Use of int in maxseg socket option.
[  352.871927][T21560] Use struct sctp_assoc_value instead
[  353.040341][T21566] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  353.044234][T21567] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  353.497702][T21573] comedi comedi2: dt2817: I/O port conflict (0x3,5)
[  354.062222][T21592] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5065'.
[  354.065454][T21592] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5065'.
[  354.072589][T21592] dvmrp0: entered allmulticast mode
[  354.188503][T21600] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5068'.
[  354.313599][T21604] netlink: 'syz.6.5069': attribute type 1 has an invalid length.
[  354.817621][T21628] rdma_op ffff88802eeee9f0 conn xmit_rdma 0000000000000000
[  354.827586][T21628] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  354.867066][ T6021] usb 9-1: usb_control_msg returned -71
[  354.869420][ T6021] usbtmc 9-1:16.0: can't read capabilities
[  354.885617][ T6021] usb 9-1: USB disconnect, device number 15
[  355.068254][T21641] [U] VŌ3øĀFŁ¾"SĒĮ/ÉŹ4:ĆXTZ“W”T‘’LWµ«=
[  355.070958][T21640] [U] J"—E:ĄĘ"


[  355.115553][   T40] audit: type=1400 audit(1772018794.434:12448): avc:  denied  { accept } for  pid=21645 comm="syz.4.5080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  355.279198][T21660] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5083'.
[  355.371310][T21667] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=21667 comm=syz.4.5087
[  355.459213][T21681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5090'.
[  355.492856][T21681] 8021q: adding VLAN 0 to HW filter on device bond1
[  355.500299][T21681] netlink: 416 bytes leftover after parsing attributes in process `syz.4.5090'.
[  355.529149][T21686] xt_policy: output policy not valid in PREROUTING and INPUT
[  355.555949][T21689] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5091'.
[  355.644235][T21683] md: array md2 already initialised!
[  356.863803][   T40] audit: type=1326 audit(1772018796.164:12449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21759 comm="syz.6.5112" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x7fc00000
[  356.947271][   T40] audit: type=1400 audit(1772018796.264:12450): avc:  denied  { accept } for  pid=21766 comm="syz.6.5114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  356.981989][T21770] exFAT-fs (nullb0): invalid boot record signature
[  356.986600][T21770] exFAT-fs (nullb0): failed to read boot sector
[  356.989371][T21770] exFAT-fs (nullb0): failed to recognize exfat type
[  357.161966][   T40] audit: type=1400 audit(1772018796.474:12451): avc:  denied  { create } for  pid=21782 comm="syz.6.5119" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  357.177087][   T40] audit: type=1400 audit(1772018796.494:12452): avc:  denied  { mounton } for  pid=21782 comm="syz.6.5119" path="/407/file0" dev="tmpfs" ino=2369 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  357.210826][   T40] audit: type=1400 audit(1772018796.524:12453): avc:  denied  { unmount } for  pid=17302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  357.248008][   T40] audit: type=1400 audit(1772018796.564:12454): avc:  denied  { setattr } for  pid=21782 comm="syz.6.5119" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  357.263138][   T40] audit: type=1326 audit(1772018796.584:12455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21782 comm="syz.6.5119" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x80000000
[  357.349607][   T40] audit: type=1400 audit(1772018796.664:12456): avc:  denied  { bind } for  pid=21798 comm="syz.7.5126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  357.391510][   T40] audit: type=1400 audit(1772018796.704:12457): avc:  denied  { bind } for  pid=21801 comm="syz.7.5127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  357.392596][T21803] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5127'.
[  357.466903][T21808] xt_hashlimit: size too large, truncated to 1048576
[  357.901395][T21826] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5135'.
[  358.323381][T21839] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=99 sclass=netlink_xfrm_socket pid=21839 comm=syz.4.5143
[  358.353469][T21839] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5143'.
[  358.357097][T21839] openvswitch: netlink: nsh attr 8 is out of range max 3
[  358.377939][T21842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  358.406817][T21844] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5137'.
[  358.424026][T21844] netlink: 88 bytes leftover after parsing attributes in process `syz.6.5137'.
[  358.705926][T21857] netlink: 'syz.6.5146': attribute type 1 has an invalid length.
[  358.813383][T21861] netlink: 'syz.6.5146': attribute type 1 has an invalid length.
[  359.596262][T21875] netlink: 184 bytes leftover after parsing attributes in process `syz.6.5153'.
[  359.622141][T21880] Mount JFS Failure: -22
[  359.633369][T21879] Mount JFS Failure: -22
[  359.715383][T21887] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  359.832530][T21906] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5163'.
[  359.835632][T21906] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5163'.
[  359.842965][T21906] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5163'.
[  359.842990][T19167] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  359.847231][T21906] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5163'.
[  359.850877][T19167] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  359.857369][T19167] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  359.860351][T19167] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  360.147963][T21929] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  360.537870][   T40] kauditd_printk_skb: 397 callbacks suppressed
[  360.537889][   T40] audit: type=1326 audit(1772018799.854:12855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21932 comm="syz.6.5171" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7fb779c629 code=0x0
[  360.748896][T21952] nfs4: Unknown parameter '’’’’’’’’'
[  360.751832][T21953] nfs4: Unknown parameter '’’’’’’’’'
[  360.844059][ T6000] usb 11-1: new high-speed USB device number 17 using dummy_hcd
[  360.976315][T21978] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5481 sclass=netlink_route_socket pid=21978 comm=syz.8.5185
[  361.003838][ T6000] usb 11-1: Using ep0 maxpacket: 8
[  361.011806][ T6000] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  361.015927][ T6000] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  361.019499][ T6000] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  361.027997][ T6000] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  361.032956][ T6000] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  361.036321][ T6000] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.063571][T19171] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0x40
[  361.074683][   T40] audit: type=1400 audit(1772018800.394:12856): avc:  denied  { ioctl } for  pid=21983 comm="syz.8.5187" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 ioctlcmd=0x9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  361.094870][T21984] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=25108 sclass=netlink_xfrm_socket pid=21984 comm=syz.8.5187
[  361.252862][ T6000] usb 11-1: GET_CAPABILITIES returned 0
[  361.255291][ T6000] usbtmc 11-1:16.0: can't read capabilities
[  361.380245][T22002] f2fs: Unknown parameter 'grpquota
'
[  361.446707][    C0] usbtmc 11-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  361.592849][T22009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  361.606803][T22009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  361.880758][T22023] overlay: filesystem on ./file0 not supported as upperdir
[  361.975874][   T40] audit: type=1400 audit(1772018801.294:12857): avc:  denied  { connect } for  pid=22032 comm="syz.4.5201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  361.988241][T22033] tipc: Started in network mode
[  361.990490][T22033] tipc: Node identity ac14140f, cluster identity 4711
[  361.993646][T22033] tipc: New replicast peer: 255.255.255.255
[  361.998071][T22033] tipc: Enabled bearer <udp:syz2>, priority 10
[  362.001255][T22033] tipc: Disabling bearer <udp:syz2>
[  362.023809][   T40] audit: type=1400 audit(1772018801.334:12858): avc:  denied  { getopt } for  pid=22032 comm="syz.4.5201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  362.069385][T22039] 9pnet_fd: p9_fd_create_tcp (22039): problem connecting socket to 127.0.0.1
[  362.254289][T22060] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  362.425028][T22076] xt_bpf: check failed: parse error
[  362.504238][T22080] binder_alloc: binder_alloc_mmap_handler: 22078 200000ffc000-200000ffd000 already mapped failed -16
[  362.668491][T22093] __nla_validate_parse: 5 callbacks suppressed
[  362.668510][T22093] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5221'.
[  362.673418][T22093] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5221'.
[  362.676462][T22093] netlink: 'syz.8.5221': attribute type 12 has an invalid length.
[  363.195777][ T5703] usb 13-1: new low-speed USB device number 3 using dummy_hcd
[  363.253497][   T40] audit: type=1400 audit(1772018802.564:12859): avc:  denied  { ioctl } for  pid=22129 comm="syz.7.5233" path="socket:[80566]" dev="sockfs" ino=80566 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  363.296038][T22130] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5233'.
[  363.347949][ T5703] usb 13-1: config 168 descriptor has 1 excess byte, ignoring
[  363.350001][T22141] netlink: 'syz.7.5236': attribute type 1 has an invalid length.
[  363.350435][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  363.356763][ T5703] usb 13-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  363.360652][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  363.361733][T22141] 8021q: adding VLAN 0 to HW filter on device bond5
[  363.365995][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  363.371932][ T5703] usb 13-1: config 168 descriptor has 1 excess byte, ignoring
[  363.374584][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  363.380763][ T5703] usb 13-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  363.385087][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  363.388828][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  363.393186][ T5703] usb 13-1: config 168 descriptor has 1 excess byte, ignoring
[  363.396189][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  363.399654][ T5703] usb 13-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  363.403373][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  363.407226][ T5703] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  363.412824][ T5703] usb 13-1: string descriptor 0 read error: -22
[  363.414871][ T5703] usb 13-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  363.418092][ T5703] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.420568][T22141] bond5: (slave ip6erspan0): making interface the new active one
[  363.425647][T22141] bond5: (slave ip6erspan0): Enslaving as an active interface with an up link
[  363.432730][ T5703] adutux 13-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  363.548695][T22150] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=22150 comm=syz.7.5238
[  363.552756][T22150] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=22150 comm=syz.7.5238
[  363.556192][ T6002] usb 11-1: USB disconnect, device number 17
[  363.649496][ T5703] usb 13-1: USB disconnect, device number 3
[  363.660657][T22165] x_tables: ip6_tables: mh match: only valid for protocol 135
[  363.669764][T22165] tipc: Cannot configure node identity twice
[  363.705677][   T40] audit: type=1804 audit(1772018803.024:12860): pid=22169 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.5243" name="/newroot/322/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  363.729261][T22163] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5242'.
[  363.762777][T22171] ip6gre1: entered promiscuous mode
[  363.765849][T22171] ip6gre1: entered allmulticast mode
[  363.974687][   T40] audit: type=1400 audit(1772018803.284:12861): avc:  denied  { view } for  pid=22182 comm="syz.4.5249" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  363.980641][T22183] netlink: 788 bytes leftover after parsing attributes in process `syz.4.5249'.
[  363.985265][T22183] bond0: entered allmulticast mode
[  363.987619][T22183] bond_slave_0: entered allmulticast mode
[  363.990158][T22183] bond_slave_1: entered allmulticast mode
[  364.277731][T22197] 9pnet_virtio: no channels available for device syz
[  364.286732][T22198] 9pnet_virtio: no channels available for device syz
[  364.312293][T22202] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5255'.
[  364.345499][   T40] audit: type=1326 audit(1772018803.664:12862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22203 comm="syz.8.5256" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9d19c629 code=0x7ffc0000
[  364.353320][   T40] audit: type=1326 audit(1772018803.664:12863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22203 comm="syz.8.5256" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9d19c629 code=0x7ffc0000
[  364.363867][   T40] audit: type=1326 audit(1772018803.664:12864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22203 comm="syz.8.5256" exe="/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7efc9d19c629 code=0x7ffc0000
[  364.418754][T22209] smc: net device wg2 applied user defined pnetid SYZ2
[  364.429299][T22215] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048)
[  364.992366][T22270] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  364.996911][T22272] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5276'.
[  365.014969][T22270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5277'.
[  365.019007][T22270] netlink: 'syz.6.5277': attribute type 30 has an invalid length.
[  365.031228][T22272] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=22272 comm=syz.8.5276
[  365.114278][T22285] netlink: 880 bytes leftover after parsing attributes in process `syz.6.5283'.
[  365.118183][T22287] netlink: 880 bytes leftover after parsing attributes in process `syz.6.5283'.
[  365.127762][T22290] erspan1: entered allmulticast mode
[  365.171643][T22295] netlink: 'syz.6.5285': attribute type 83 has an invalid length.
[  365.224651][T22283] nbd: must specify a size in bytes for the device
[  365.371219][T22317] xfrm1: entered promiscuous mode
[  365.372985][T22317] xfrm1: entered allmulticast mode
[  365.408836][T22321] sch_fq: defrate 0 ignored.
[  365.469559][T22329] ubi31: attaching mtd0
[  365.473166][T22329] ubi31: scanning is finished
[  365.476111][T22329] ubi31: empty MTD device detected
[  365.655393][ T5703] usb 13-1: new high-speed USB device number 4 using dummy_hcd
[  365.662780][T22329] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  365.668042][T22329] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  365.670913][T22329] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  365.675603][T22329] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  365.678978][T22329] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  365.682024][T22329] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  365.685670][T22329] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3974132981
[  365.689650][T22329] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  365.693474][T22343] ubi31: background thread "ubi_bgt31d" started, PID 22343
[  365.813801][ T5703] usb 13-1: Using ep0 maxpacket: 8
[  365.816705][ T5703] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  365.820328][ T5703] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  365.825096][ T5703] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  365.828386][ T5703] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  365.836854][ T5703] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  365.839960][ T5703] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.885771][T22352] set match dimension is over the limit!
[  366.047488][ T5703] usb 13-1: GET_CAPABILITIES returned 0
[  366.049276][ T5703] usbtmc 13-1:16.0: can't read capabilities
[  366.057080][T22356] random: crng reseeded on system resumption
[  366.248729][    C3] usbtmc 13-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  366.254262][ T5703] usb 13-1: USB disconnect, device number 4
[  366.378022][T22371] PKCS7: Unknown OID: [4] 0.38.35.36.951720.33.17
[  366.380843][T22371] PKCS7: Only support pkcs7_signedData type
[  366.565746][T22378] : entered promiscuous mode
[  366.740191][   T40] kauditd_printk_skb: 40 callbacks suppressed
[  366.740202][   T40] audit: type=1400 audit(1772018806.054:12905): avc:  denied  { override_creds } for  pid=22389 comm="syz.6.5315" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  366.767324][   T40] audit: type=1400 audit(1772018806.084:12906): avc:  denied  { mount } for  pid=22391 comm="syz.7.5317" name="/" dev="ramfs" ino=79625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  366.784356][   T63] Bluetooth: hci1: command tx timeout
[  366.851437][T22398] sctp: [Deprecated]: syz.8.5318 (pid 22398) Use of struct sctp_assoc_value in delayed_ack socket option.
[  366.851437][T22398] Use struct sctp_sack_info instead
[  366.863859][   T40] audit: type=1804 audit(1772018806.174:12907): pid=22400 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.5319" name="/newroot/288/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  366.993761][   T40] audit: type=1400 audit(1772018806.304:12908): avc:  denied  { open } for  pid=22405 comm="syz.8.5321" path="/dev/ptyr4" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  367.004017][   T40] audit: type=1400 audit(1772018806.304:12909): avc:  denied  { ioctl } for  pid=22405 comm="syz.8.5321" path="/dev/ptyr4" dev="devtmpfs" ino=147 ioctlcmd=0x4b67 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  367.015211][   T40] audit: type=1400 audit(1772018806.334:12910): avc:  denied  { unmount } for  pid=20689 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  367.080844][   T40] audit: type=1400 audit(1772018806.394:12911): avc:  denied  { bind } for  pid=22416 comm="syz.8.5326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  367.127683][T22418] netlink: 'syz.8.5326': attribute type 2 has an invalid length.
[  367.169777][T22424] F2FS-fs (nbd7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  367.173526][T22424] F2FS-fs (nbd7): Can't find valid F2FS filesystem in 1th superblock
[  367.226189][T22424] F2FS-fs (nbd7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  367.229576][T22424] F2FS-fs (nbd7): Can't find valid F2FS filesystem in 2th superblock
[  367.321449][   T40] audit: type=1400 audit(1772018806.624:12912): avc:  denied  { write } for  pid=22433 comm="syz.6.5331" name="file0" dev="fuse" ino=16390 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  367.338360][   T40] audit: type=1400 audit(1772018806.654:12913): avc:  denied  { create } for  pid=22442 comm="syz.8.5333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  367.592468][   T40] audit: type=1804 audit(1772018806.904:12914): pid=22467 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.8.5339" name="/newroot/132/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  367.701985][T22482] overlay: Bad value for 'workdir'
[  367.737910][T22485] 9pnet_virtio: no channels available for device syz
[  367.783917][T22492] vivid-000: =================  START STATUS  =================
[  367.787411][T22492] vivid-000: Radio HW Seek Mode: Bounded
[  367.791332][T22492] vivid-000: Radio Programmable HW Seek: false
[  367.793415][T22492] vivid-000: RDS Rx I/O Mode: Block I/O
[  367.796814][T22492] vivid-000: Generate RBDS Instead of RDS: false
[  367.798953][T22492] vivid-000: RDS Reception: true
[  367.800629][T22492] vivid-000: RDS Program Type: 0 inactive
[  367.802705][T22492] vivid-000: RDS PS Name:  inactive
[  367.807197][T22492] vivid-000: RDS Radio Text:  inactive
[  367.809096][T22492] vivid-000: RDS Traffic Announcement: false inactive
[  367.811337][T22492] vivid-000: RDS Traffic Program: false inactive
[  367.813593][T22492] vivid-000: RDS Music: false inactive
[  367.816308][T22492] vivid-000: ==================  END STATUS  ==================
[  367.845614][T22500] overlay: ./file0 is not a directory
[  368.089161][T22513] tmpfs: Bad value for 'gid'
[  368.090804][T22513] tmpfs: Bad value for 'gid'
[  368.133128][T22516] dummy0: entered allmulticast mode
[  368.136496][T22516] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22516 comm=syz.7.5350
[  368.141909][T22515] dummy0: left allmulticast mode
[  368.173140][T22518] tc_dump_action: action bad kind
[  368.473880][ T6000] usb 12-1: new high-speed USB device number 12 using dummy_hcd
[  368.639320][ T6000] usb 12-1: Using ep0 maxpacket: 8
[  368.646128][ T6000] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  368.650579][ T6000] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  368.655172][ T6000] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  368.659419][ T6000] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  368.665138][ T6000] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  368.669023][ T6000] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.883036][ T6000] usb 12-1: GET_CAPABILITIES returned 0
[  368.885012][ T6000] usbtmc 12-1:16.0: can't read capabilities
[  369.032096][T22545] ŖŖŖŖŖŖ: renamed from vlan0 (while UP)
[  369.087801][ T6002] usb 12-1: USB disconnect, device number 12
[  369.526750][T22571] __nla_validate_parse: 10 callbacks suppressed
[  369.526762][T22571] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5372'.
[  369.526781][T22572] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5372'.
[  369.618969][T22583] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048)
[  369.669643][ T6025] libceph: mon0 (1)[c::]:6789 connect error
[  369.710561][T22589] openvswitch: netlink: Message has 4 unknown bytes.
[  369.712926][T22590] ceph: No mds server is up or the cluster is laggy
[  369.713909][T22589] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  369.767108][T22600] befs: (nullb0): No write support. Marking filesystem read-only
[  369.769883][T22600] befs: (nullb0): invalid magic header
[  370.696642][T22608] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5381'.
[  370.725377][T22612] fuse: Unknown parameter 'groS¢ĀUżĻµ¤up_id'
[  371.011131][T22628] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5389'.
[  371.016182][T22628] hsr_slave_0: left promiscuous mode
[  371.019431][T22628] hsr_slave_1: left promiscuous mode
[  371.080312][T22632] max out of range
[  371.125854][T22636] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[  371.180773][T22641] netlink: 'syz.8.5393': attribute type 8 has an invalid length.
[  371.563975][ T6025] usb 13-1: new low-speed USB device number 5 using dummy_hcd
[  371.727178][ T6025] usb 13-1: config 0 has an invalid interface number: 1 but max is 0
[  371.733806][ T6025] usb 13-1: config 0 has no interface number 0
[  371.736636][ T6025] usb 13-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  371.741481][ T6025] usb 13-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  371.747303][ T6025] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  371.751150][ T6025] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.761196][ T6025] usb 13-1: config 0 descriptor??
[  371.764303][T22652] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  371.773171][ T6025] iowarrior 13-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  371.951425][T22662] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(4)
[  371.954290][T22662] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  371.958008][T22662] vhci_hcd vhci_hcd.0: Device attached
[  371.975994][    C1] iowarrior 13-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[  371.979764][ T6025] usb 13-1: USB disconnect, device number 5
[  372.144048][ T6000] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  372.203817][ T6000] usb 49-1: new high-speed USB device number 2 using vhci_hcd
[  372.256057][T22674] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5401'.
[  372.278399][T22674] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5401'.
[  372.292934][T22674] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5401'.
[  372.306469][T22674] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5401'.
[  372.317651][T22674] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5401'.
[  372.329712][T22674] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5401'.
[  372.723821][T22663] vhci_hcd: connection reset by peer
[  372.729560][T19167] vhci_hcd vhci_hcd.6: stop threads
[  372.743903][T19167] vhci_hcd vhci_hcd.6: release socket
[  372.745973][T19167] vhci_hcd vhci_hcd.6: disconnect device
[  372.803973][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  372.803993][   T40] audit: type=1400 audit(1772018812.124:12918): avc:  denied  { create } for  pid=22732 comm="syz.4.5406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  372.818332][T22734] netlink: 'syz.4.5406': attribute type 1 has an invalid length.
[  372.823642][   T40] audit: type=1400 audit(1772018812.134:12919): avc:  denied  { write } for  pid=22732 comm="syz.4.5406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  372.894262][   T40] audit: type=1804 audit(1772018812.204:12920): pid=22743 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.8.5407" name="/newroot/150/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  373.040931][   T40] audit: type=1400 audit(1772018812.354:12921): avc:  denied  { accept } for  pid=22761 comm="syz.4.5411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  373.141926][T22773] Failed to initialize the IGMP autojoin socket (err -2)
[  373.202053][T22786] Failed to initialize the IGMP autojoin socket (err -2)
[  373.414000][ T6021] usb 12-1: new full-speed USB device number 13 using dummy_hcd
[  373.461286][   T40] audit: type=1326 audit(1772018812.774:12922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22817 comm="syz.6.5425" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7fb779c629 code=0x0
[  373.524129][T22822] netlink: 'syz.4.5426': attribute type 4 has an invalid length.
[  373.532508][T22822] `: renamed from bond0 (while UP)
[  373.586855][ T6021] usb 12-1: not running at top speed; connect to a high speed hub
[  373.590555][ T6021] usb 12-1: config 5 has an invalid interface number: 181 but max is 1
[  373.593489][ T6021] usb 12-1: config 5 contains an unexpected descriptor of type 0x2, skipping
[  373.597482][ T6021] usb 12-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  373.601478][ T6021] usb 12-1: config 5 has 1 interface, different from the descriptor's value: 2
[  373.604664][ T6021] usb 12-1: config 5 has no interface number 0
[  373.606907][ T6021] usb 12-1: config 5 interface 181 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 13
[  373.612346][ T6021] usb 12-1: config 5 interface 181 has no altsetting 0
[  373.617723][ T6021] usb 12-1: New USB device found, idVendor=0403, idProduct=6043, bcdDevice=e6.26
[  373.621567][ T6021] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.625343][ T6021] usb 12-1: Product: syz
[  373.627157][ T6021] usb 12-1: Manufacturer: syz
[  373.629192][ T6021] usb 12-1: SerialNumber: syz
[  373.673168][T22831] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  373.679932][   T40] audit: type=1400 audit(1772018812.994:12923): avc:  denied  { recv } for  pid=22827 comm="syz.4.5429" saddr=fe80::2 daddr=ff02::1 netif=eth0 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  373.855145][ T6021] ftdi_sio 12-1:5.181: FTDI USB Serial Device converter detected
[  373.858888][ T6021] ftdi_sio ttyUSB0: unknown device type: 0xe626
[  373.866387][ T6021] usb 12-1: USB disconnect, device number 13
[  373.869377][ T6021] ftdi_sio 12-1:5.181: device disconnected
[  373.874284][ T6002] usb 11-1: new high-speed USB device number 18 using dummy_hcd
[  374.023819][ T6002] usb 11-1: Using ep0 maxpacket: 8
[  374.029125][ T6002] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  374.033260][ T6002] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  374.038107][ T6002] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  374.041274][ T6002] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  374.045875][ T6002] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  374.048697][ T6002] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.293818][ T1469] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  374.443996][ T1469] usb 9-1: Using ep0 maxpacket: 8
[  374.447056][ T1469] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  374.449311][ T1469] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  374.453344][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.463525][ T1469] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.473770][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.478186][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.482671][ T1469] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  374.488694][ T1469] usb 9-1: config 168 interface 0 has no altsetting 0
[  374.492858][ T1469] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  374.496528][ T1469] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  374.501037][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.506067][ T1469] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.510138][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.513579][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.519169][ T1469] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  374.525010][ T1469] usb 9-1: config 168 interface 0 has no altsetting 0
[  374.529236][ T1469] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  374.532217][ T1469] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  374.537255][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.541151][ T1469] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.545797][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.549661][ T1469] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.553803][ T1469] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  374.558617][ T1469] usb 9-1: config 168 interface 0 has no altsetting 0
[  374.563352][ T1469] usb 9-1: string descriptor 0 read error: -22
[  374.565707][ T1469] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  374.568443][ T1469] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.595522][ T1469] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  374.794320][T22860] __nla_validate_parse: 58 callbacks suppressed
[  374.794340][T22860] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5440'.
[  374.802307][ T6025] usb 9-1: USB disconnect, device number 16
[  374.826115][T22871] netlink: 44 bytes leftover after parsing attributes in process `syz.7.5444'.
[  375.383344][T22893] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  375.418969][T22896] random: crng reseeded on system resumption
[  375.449454][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.451809][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.454832][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.457865][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.460895][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.463500][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.466569][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.469598][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.472504][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.475592][T22898] syz.4.5454: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  375.864578][T22903] netem: change failed
[  375.987541][T22912] syzkaller0: entered promiscuous mode
[  375.989684][T22912] syzkaller0: entered allmulticast mode
[  376.210697][T22915] : entered promiscuous mode
[  376.215167][T22915] Context (ID=0x4e0) not attached to queue pair (handle=0x1:0x1)
[  376.371864][T22925] openvswitch: netlink: nsh attr 0 has unexpected len 3 expected 0
[  376.458550][ T6002] usb 11-1: usb_control_msg returned -71
[  376.460492][ T6002] usbtmc 11-1:16.0: can't read capabilities
[  376.465262][T22896] Hibernate inconsistent memory map detected!
[  376.466217][ T6002] usb 11-1: USB disconnect, device number 18
[  376.467862][T22896] PM: hibernation: Image mismatch: architecture specific data
[  376.511580][T22933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5465'.
[  376.514079][   T40] audit: type=1400 audit(1772018815.824:12924): avc:  denied  { bind } for  pid=22931 comm="syz.4.5465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  376.514766][T22933] netlink: 'syz.4.5465': attribute type 26 has an invalid length.
[  376.682248][   T40] audit: type=1326 audit(1772018815.994:12925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22951 comm="syz.4.5472" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f71ac39c629 code=0x0
[  376.783872][ T6002] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  376.935610][ T6002] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  376.939729][ T6002] usb 13-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  376.942909][ T6002] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.948748][ T6002] usb 13-1: config 0 descriptor??
[  376.983815][ T2309] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  377.133802][ T2309] usb 9-1: Using ep0 maxpacket: 8
[  377.137621][ T2309] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  377.141058][ T2309] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  377.144472][ T2309] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  377.147597][ T2309] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  377.152158][ T2309] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  377.153398][ T6002] usbhid 13-1:0.0: can't add hid device: -71
[  377.156310][ T2309] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.161284][ T6002] usbhid 13-1:0.0: probe with driver usbhid failed with error -71
[  377.169558][ T6002] usb 13-1: USB disconnect, device number 6
[  377.192908][   T40] audit: type=1400 audit(1772018816.504:12926): avc:  denied  { accept } for  pid=22975 comm="syz.7.5480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  377.333842][ T6000] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  377.463821][ T6002] usb 13-1: new high-speed USB device number 7 using dummy_hcd
[  377.613788][ T6002] usb 13-1: Using ep0 maxpacket: 32
[  377.620238][ T6002] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.624885][ T6002] usb 13-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  377.628615][ T6002] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.635829][ T6002] usb 13-1: config 0 descriptor??
[  377.645798][ T6002] ldusb 13-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  377.653546][ T6002] ldusb 13-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  377.858091][ T6021] usb 13-1: USB disconnect, device number 7
[  377.864787][ T6021] ldusb 13-1:0.0: LD USB Device #0 now disconnected
[  378.224530][T23015] af_packet: tpacket_rcv: packet too big, clamped from 48 to 4294967272. macoff=96
[  378.228041][T23015] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5492'.
[  378.320774][T23020] openvswitch: netlink: Message has 195 unknown bytes.
[  378.351832][T23020] overlayfs: failed to resolve './file0': -2
[  378.382368][T23025] overlayfs: invalid origin (0000)
[  378.408068][T23031] overlayfs: failed to resolve './file1': -2
[  378.457623][T23039] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.5499'.
[  378.465413][T23039] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.5499'.
[  378.468976][T23039] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.5499'.
[  378.472549][T23039] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.5499'.
[  378.476996][T23039] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.5499'.
[  378.481053][T23039] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.5499'.
[  378.545959][T23052] CUSE: info not properly terminated
[  378.642981][T23062] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23062 comm=syz.7.5508
[  378.731300][T23078] NILFS (nullb0): couldn't find nilfs on the device
[  378.811307][T23074] tipc: Trying to set illegal importance in message
[  378.817067][T23074] loop7: detected capacity change from 0 to 7
[  378.825483][    C0] blk_print_req_error: 10 callbacks suppressed
[  378.825498][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.831109][T23086] batman_adv: batadv0: Removing interface: batadv_slave_0
[  378.832316][    C0] buffer_io_error: 10 callbacks suppressed
[  378.832349][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.834370][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.845470][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.849077][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.850287][T23086] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.853141][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.859334][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.863316][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.866884][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.870903][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.875459][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.878622][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.881402][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.884610][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.887196][T23074] ldm_validate_partition_table(): Disk read failed.
[  378.891344][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.894794][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.897688][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.900854][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.903666][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  378.907719][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  378.911307][T23074] Dev loop7: unable to read RDB block 0
[  378.914488][T23074]  loop7: unable to read partition table
[  378.917076][T23074] loop7: partition table beyond EOD, truncated
[  378.919913][T23074] loop_reread_partitions: partition scan of loop7 (śłƒå”™‰ü¾CźjĢ–ć¢P=Ć½?ć}X‹ŗŠ	œėÜ%õ֐˜Čµ4FLQkŻŠ5) failed (rc=-5)
[  379.195120][   T40] audit: type=1400 audit(1772018818.514:12927): avc:  denied  { ioctl } for  pid=23104 comm="syz.7.5522" path="socket:[86870]" dev="sockfs" ino=86870 ioctlcmd=0xf508 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  379.703785][   T40] audit: type=1400 audit(1772018819.014:12928): avc:  denied  { append } for  pid=23116 comm="syz.8.5526" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  379.727320][ T2309] usb 9-1: usb_control_msg returned -71
[  379.729830][ T2309] usbtmc 9-1:16.0: can't read capabilities
[  379.740681][ T2309] usb 9-1: USB disconnect, device number 17
[  379.760505][T23125] tmpfs: Bad value for 'nr_blocks'
[  379.793638][   T40] audit: type=1804 audit(1772018819.104:12929): pid=23127 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.5530" name="/newroot/329/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  379.896747][T23129] __nla_validate_parse: 62 callbacks suppressed
[  379.896759][T23129] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5531'.
[  379.948664][T23142] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5536'.
[  379.955971][T23141] netlink: 'syz.4.5532': attribute type 8 has an invalid length.
[  379.960793][T23142] openvswitch: netlink: nsh attr 0 has unexpected len 3 expected 0
[  379.968820][T23141] netlink: 92 bytes leftover after parsing attributes in process `syz.4.5532'.
[  379.991851][T23144] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  379.999405][   T40] audit: type=1400 audit(1772018819.314:12930): avc:  denied  { relabelto } for  pid=23143 comm="syz.6.5537" name="cgroup.procs" dev="cgroup" ino=468 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  380.008777][   T40] audit: type=1326 audit(1772018819.314:12931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23145 comm="syz.4.5538" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f71ac39c629 code=0x0
[  380.019686][   T40] audit: type=1400 audit(1772018819.334:12932): avc:  denied  { associate } for  pid=23143 comm="syz.6.5537" name="cgroup.procs" dev="cgroup" ino=468 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:semanage_exec_t:s0"
[  380.053484][T23148] netlink: 36 bytes leftover after parsing attributes in process `syz.7.5539'.
[  380.057365][T23148] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.059935][T23148] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.074425][T23151] netlink: 68 bytes leftover after parsing attributes in process `syz.6.5540'.
[  380.131856][   T40] audit: type=1804 audit(1772018819.444:12933): pid=23156 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.5541" name="/newroot/404/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  380.148997][T23158] syzkaller0: entered promiscuous mode
[  380.151538][T23158] syzkaller0: entered allmulticast mode
[  380.158235][   T40] audit: type=1400 audit(1772018819.474:12934): avc:  denied  { mount } for  pid=23157 comm="syz.6.5542" name="/" dev="pstore" ino=2611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  380.161131][T23158] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5542'.
[  380.178544][   T40] audit: type=1400 audit(1772018819.494:12935): avc:  denied  { lock } for  pid=23157 comm="syz.6.5542" path="socket:[83910]" dev="sockfs" ino=83910 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  380.313802][ T6002] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  380.323353][T23163] ocfs2: Unknown parameter 'grpquota'
[  380.433886][T23175] input: syz0 as /devices/virtual/input/input25
[  380.458165][T23177] delete_channel: no stack
[  380.473808][ T6002] usb 9-1: Using ep0 maxpacket: 8
[  380.477292][ T6002] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  380.481063][ T6002] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  380.484453][ T6002] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  380.487779][ T6002] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  380.492604][ T6002] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  380.496824][ T6002] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.513773][   T40] audit: type=1804 audit(1772018819.824:12936): pid=23179 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.6.5551" name="/newroot/492/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  380.538377][T23175] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  380.570615][T23182] netlink: 64 bytes leftover after parsing attributes in process `syz.7.5552'.
[  380.578172][T23182] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5552'.
[  380.607095][T23190] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5555'.
[  380.609940][T23190] netlink: 200 bytes leftover after parsing attributes in process `syz.8.5555'.
[  380.613849][   T63] Bluetooth: hci1: Malformed HCI Event: 0x22
[  380.892024][T23201] F2FS-fs (nbd6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  380.895478][T23201] F2FS-fs (nbd6): Can't find valid F2FS filesystem in 1th superblock
[  380.899972][T23201] F2FS-fs (nbd6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  380.903294][T23201] F2FS-fs (nbd6): Can't find valid F2FS filesystem in 2th superblock
[  381.051352][T23207] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  381.055979][T23207] SELinux: failed to load policy
[  381.920801][T23242] input: syz0 as /devices/virtual/input/input26
[  381.988953][T23242] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  382.036916][T23252] loop8: detected capacity change from 0 to 7
[  382.048717][T23252] ldm_validate_partition_table(): Disk read failed.
[  382.052765][T23252] Dev loop8: unable to read RDB block 0
[  382.057796][T23252]  loop8: unable to read partition table
[  382.060506][T23252] loop8: partition table beyond EOD, truncated
[  382.063897][T23252] loop_reread_partitions: partition scan of loop8 (śłƒå”™‰ü¾CźjĢ–ć¢P=Ć½?ć}X‹ŗŠ	œėÜ%õ«`Éęրł…ˆ{ķ©Ö˜Čµ4FLQkŻŠ) failed (rc=-5)
[  382.656901][T23299] syzkaller0: entered promiscuous mode
[  382.659294][T23299] syzkaller0: entered allmulticast mode
[  383.022691][ T6002] usb 9-1: usb_control_msg returned -71
[  383.026709][ T6002] usbtmc 9-1:16.0: can't read capabilities
[  383.038919][ T6002] usb 9-1: USB disconnect, device number 18
[  383.099073][T23329] 9p: Could not find request transport: jrtio
[  383.157904][T23344] netlink: 'syz.8.5605': attribute type 1 has an invalid length.
[  383.212742][T23358] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.236414][T23358] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.243666][T23364] Failed to initialize the IGMP autojoin socket (err -2)
[  383.268258][T23367] bond2: option downdelay: invalid value (18446744073709551615)
[  383.270987][T23367] bond2: option downdelay: allowed values 0 - 2147483647
[  383.276212][T23367] bond2 (unregistering): Released all slaves
[  383.656420][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  384.013465][T23425] netlink: zone id is out of range
[  384.016743][T23425] netlink: get zone limit has 4 unknown bytes
[  384.021015][T23425] 9pnet_virtio: no channels available for device syz
[  384.025857][T23425] netlink: 'syz.4.5632': attribute type 39 has an invalid length.
[  384.284635][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  384.284652][   T40] audit: type=1400 audit(1772018823.604:12947): avc:  denied  { remount } for  pid=23436 comm="syz.7.5637" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  384.297750][T23437] devtmpfs: Cannot change global quota limit on remount
[  384.378272][T23446] netlink: 'syz.6.5638': attribute type 10 has an invalid length.
[  384.380625][T23439] SELinux: failed to load policy
[  384.505285][   T63] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  384.609089][T23482] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config
[  384.772402][T23487] netlink: 'syz.7.5654': attribute type 32 has an invalid length.
[  384.795562][T23487] bond67: Setting coupled_control to off (0)
[  384.895133][   T40] audit: type=1400 audit(1772018824.214:12948): avc:  denied  { connect } for  pid=23511 comm="syz.7.5663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  384.896230][T23514] netlink: 'syz.7.5663': attribute type 21 has an invalid length.
[  384.907704][T23514] IPv6: NLM_F_CREATE should be specified when creating new route
[  384.911026][T23514] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  384.913566][T23514] IPv6: NLM_F_CREATE should be set when creating new route
[  384.915991][T23514] IPv6: NLM_F_CREATE should be set when creating new route
[  384.918550][T23514] IPv6: NLM_F_CREATE should be set when creating new route
[  384.922358][T23512] __nla_validate_parse: 15 callbacks suppressed
[  384.922368][T23512] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5663'.
[  385.028502][T23520] kvm: pic: non byte read
[  385.032145][T23520] kvm: pic: non byte read
[  385.039114][T23520] kvm: pic: non byte read
[  385.042123][T23520] kvm: pic: single mode not supported
[  385.042221][T23520] kvm: pic: level sensitive irq not supported
[  385.044961][T23520] kvm: pic: non byte read
[  385.049945][T23520] kvm: pic: level sensitive irq not supported
[  385.050253][T23520] kvm: pic: non byte read
[  385.055503][T23520] kvm: pic: single mode not supported
[  385.055837][T23520] kvm: pic: non byte read
[  385.061135][T23520] kvm: pic: non byte read
[  385.065069][T23520] kvm: pic: non byte read
[  385.070333][T23520] kvm: pic: non byte read
[  385.119067][   T40] audit: type=1400 audit(1772018824.434:12949): avc:  denied  { write } for  pid=23532 comm="syz.4.5668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  385.120602][T23520] netlink: 88 bytes leftover after parsing attributes in process `syz.6.5664'.
[  385.264439][T23542] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5671'.
[  385.275410][T13581] usb 12-1: new high-speed USB device number 14 using dummy_hcd
[  385.368192][T23537] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5669'.
[  385.373525][T23536] delete_channel: no stack
[  385.426221][T13581] usb 12-1: Using ep0 maxpacket: 8
[  385.431739][T13581] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  385.437244][T13581] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  385.441450][T13581] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  385.445730][T13581] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  385.450800][T13581] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  385.454795][T13581] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.671172][T13581] usb 12-1: usb_control_msg returned -71
[  385.673266][T13581] usbtmc 12-1:16.0: can't read capabilities
[  385.683859][T13581] usb 12-1: USB disconnect, device number 14
[  386.213318][   T40] audit: type=1400 audit(1772018825.524:12950): avc:  denied  { mounton } for  pid=23604 comm="syz.7.5690" path="/449/file0" dev="tmpfs" ino=2536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  386.213425][T23605] Invalid source name
[  386.222697][T23605] UBIFS error (pid: 23605): cannot open "./file0", error -22
[  386.226659][T23605] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5690'.
[  386.235290][T23605] hsr_slave_0: left promiscuous mode
[  386.237877][T23605] hsr_slave_1: left promiscuous mode
[  386.506058][T23584] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  386.508722][T23584] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  386.513962][T23584] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  386.564086][T23615] fuse: Bad value for 'fd'
[  386.631996][T23618] SELinux: failed to load policy
[  386.732233][T23630] netlink: 'syz.4.5700': attribute type 1 has an invalid length.
[  386.750297][T23630] bond2: (slave geneve2): Opening slave failed
[  386.963846][   T39] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[  387.016793][T23638] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5703'.
[  387.023774][   T40] audit: type=1400 audit(1772018826.334:12951): avc:  denied  { map } for  pid=23637 comm="syz.4.5703" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  387.031631][   T40] audit: type=1400 audit(1772018826.334:12952): avc:  denied  { execute } for  pid=23637 comm="syz.4.5703" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  387.123819][   T39] usb 13-1: Using ep0 maxpacket: 8
[  387.126990][   T39] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  387.130197][   T39] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  387.133343][   T39] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  387.136696][   T39] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  387.140958][   T39] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  387.143977][   T39] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.244232][T23649] syzkaller0: entered promiscuous mode
[  387.246657][T23649] syzkaller0: entered allmulticast mode
[  387.356584][   T39] usb 13-1: usb_control_msg returned -71
[  387.361892][   T39] usbtmc 13-1:16.0: can't read capabilities
[  387.379991][   T39] usb 13-1: USB disconnect, device number 8
[  387.684309][T23665] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5712'.
[  387.814777][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  387.841837][T23671] netlink: 64 bytes leftover after parsing attributes in process `syz.7.5712'.
[  388.398800][T23689] netlink: 64 bytes leftover after parsing attributes in process `syz.8.5719'.
[  388.451491][   T40] audit: type=1326 audit(1772018827.764:12953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23697 comm="syz.6.5721" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7fb779c629 code=0x0
[  388.512575][T23701] netlink: 'syz.4.5722': attribute type 10 has an invalid length.
[  388.516185][T23701] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5722'.
[  388.549772][   T40] audit: type=1400 audit(1772018827.864:12954): avc:  denied  { connect } for  pid=23705 comm="syz.7.5724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  388.677688][T23716] fuse: Bad value for 'fd'
[  388.764788][ T5703] usb 11-1: new high-speed USB device number 19 using dummy_hcd
[  388.797263][T23720] netlink: 'syz.7.5729': attribute type 1 has an invalid length.
[  388.823105][T23720] 8021q: adding VLAN 0 to HW filter on device bond68
[  388.896161][T23725] netlink: 'syz.8.5731': attribute type 1 has an invalid length.
[  388.899262][T23720] bond68: (slave veth7): Enslaving as an active interface with a down link
[  388.902696][T23725] netlink: 'syz.8.5731': attribute type 1 has an invalid length.
[  388.907322][T23725] netlink: 'syz.8.5731': attribute type 8 has an invalid length.
[  388.919568][ T5703] usb 11-1: Using ep0 maxpacket: 8
[  388.923668][ T5703] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  388.928209][ T5703] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  388.932565][ T5703] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  388.936412][ T5703] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  388.942281][ T5703] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  388.946555][ T5703] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.954979][T23729] Unknown options in mask b7f2
[  388.987832][T23731] bond2: option downdelay: invalid value (18446744073709551615)
[  388.990610][T23731] bond2: option downdelay: allowed values 0 - 2147483647
[  388.993984][   T39] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  388.995542][T23731] bond2 (unregistering): Released all slaves
[  389.018773][   T40] audit: type=1326 audit(1772018828.334:12955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23730 comm="syz.8.5733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc9d19c629 code=0x7ffc0000
[  389.030133][   T40] audit: type=1326 audit(1772018828.334:12956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23730 comm="syz.8.5733" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc9d15cece code=0x7ffc0000
[  389.153911][   T39] usb 9-1: Using ep0 maxpacket: 8
[  389.157596][   T39] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  389.161381][   T39] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.178968][   T39] pvrusb2: Hardware description: Terratec Grabster AV400
[  389.182088][   T39] pvrusb2: **********
[  389.187610][   T39] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  389.193759][   T39] pvrusb2: Important functionality might not be entirely working.
[  389.197090][   T39] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  389.201811][   T39] pvrusb2: **********
[  389.376048][ T2490] pvrusb2: Invalid write control endpoint
[  389.417096][ T2490] pvrusb2: Invalid write control endpoint
[  389.419644][ T2490] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  389.423628][ T2490] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  389.427306][ T2490] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  389.431592][ T2490] pvrusb2: Device being rendered inoperable
[  389.434810][ T2490] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  389.437954][ T2490] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  389.442174][ T2490] pvrusb2: Attached sub-driver cx25840
[  389.444773][ T2490] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  389.449162][ T2490] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  389.582898][T23718] pvrusb2: Attempted to execute control transfer when device not ok
[  389.593432][T21615] usb 9-1: USB disconnect, device number 20
[  389.893984][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  390.048702][T23749] macsec1: entered promiscuous mode
[  390.071436][T23754] netlink: 'syz.8.5738': attribute type 1 has an invalid length.
[  390.096671][T23754] bond2: (slave vxcan5): The slave device specified does not support setting the MAC address
[  390.101085][T23754] bond2: (slave vxcan5): Error -95 calling set_mac_address
[  390.139689][T23758] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  390.148198][T23758] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  390.161642][T23758] gretap1: entered promiscuous mode
[  390.461977][T23772] __nla_validate_parse: 4 callbacks suppressed
[  390.462038][T23772] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5744'.
[  390.509970][T23776] 9p: Bad value for 'version'
[  390.517422][T23775] netlink: 212304 bytes leftover after parsing attributes in process `syz.4.5745'.
[  390.521501][T23775] openvswitch: netlink: Message has 6 unknown bytes.
[  390.525352][T23775] fuse: Bad value for 'user_id'
[  390.527294][T23775] fuse: Bad value for 'user_id'
[  390.710095][T23784] syzkaller0: entered promiscuous mode
[  390.712015][T23784] syzkaller0: entered allmulticast mode
[  390.722446][   T40] audit: type=1400 audit(1772018830.034:12957): avc:  denied  { mounton } for  pid=23783 comm="syz.4.5748" path="/syzcgroup/unified/syz4" dev="pstore" ino=2611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1
[  390.910080][T23794] netlink: 'syz.4.5750': attribute type 1 has an invalid length.
[  390.955930][T23794] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  390.960913][T23794] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  391.003612][T23797] gretap1: entered promiscuous mode
[  391.008515][T23797] bond3: (slave gretap1): making interface the new active one
[  391.011453][T23797] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  391.242079][T23809] netlink: 'syz.7.5756': attribute type 1 has an invalid length.
[  391.393859][ T5999] usb 13-1: new high-speed USB device number 9 using dummy_hcd
[  391.465260][ T5703] usb 11-1: usb_control_msg returned -71
[  391.472800][ T5703] usbtmc 11-1:16.0: can't read capabilities
[  391.479081][ T5703] usb 11-1: USB disconnect, device number 19
[  391.507460][T23821] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5760'.
[  391.510963][T23821] netlink: 75 bytes leftover after parsing attributes in process `syz.7.5760'.
[  391.520946][   T40] audit: type=1400 audit(1772018830.834:12958): avc:  denied  { write } for  pid=23820 comm="syz.7.5760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  391.546546][ T5999] usb 13-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  391.554500][ T5999] usb 13-1: config 220 has 1 interface, different from the descriptor's value: 3
[  391.558670][ T5999] usb 13-1: config 220 interface 0 has no altsetting 0
[  391.562625][ T5999] usb 13-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  391.565797][ T5999] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.568638][ T5999] usb 13-1: Product: syz
[  391.570124][ T5999] usb 13-1: Manufacturer: syz
[  391.571789][ T5999] usb 13-1: SerialNumber: syz
[  391.796193][ T5999] uvcvideo 13-1:220.0: Found UVC 0.00 device syz (8086:0b07)
[  391.798623][T23848] netlink: 'syz.6.5767': attribute type 10 has an invalid length.
[  391.800451][ T5999] uvcvideo 13-1:220.0: No valid video chain found.
[  391.804918][ T5999] usb 13-1: USB disconnect, device number 9
[  391.826929][   T40] audit: type=1326 audit(1772018831.144:12959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23849 comm="syz.4.5768" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f71ac39c629 code=0x0
[  391.969788][   T40] audit: type=1326 audit(1772018831.284:12960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x7ffc0000
[  391.974184][T23864] netlink: 108 bytes leftover after parsing attributes in process `syz.6.5773'.
[  391.980459][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  391.983390][T23864] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5773'.
[  391.985568][   T40] audit: type=1326 audit(1772018831.284:12961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x7ffc0000
[  391.997003][   T40] audit: type=1326 audit(1772018831.284:12962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fb779c629 code=0x7ffc0000
[  392.004917][   T40] audit: type=1326 audit(1772018831.284:12963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x7ffc0000
[  392.012045][   T40] audit: type=1326 audit(1772018831.284:12964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x7ffc0000
[  392.019641][   T40] audit: type=1326 audit(1772018831.284:12965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fb779dec7 code=0x7ffc0000
[  392.026957][   T40] audit: type=1326 audit(1772018831.284:12966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.6.5773" exe="/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f7fb775cece code=0x7ffc0000
[  392.044659][T23869] fuse: blksize only supported for fuseblk
[  392.134300][ T6000] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  392.283881][ T6000] usb 9-1: Using ep0 maxpacket: 8
[  392.289025][ T6000] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  392.289989][T23876] netlink: 'syz.6.5778': attribute type 1 has an invalid length.
[  392.292837][ T6000] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  392.299096][ T6000] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  392.302479][ T6000] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  392.306858][ T6000] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  392.309954][ T6000] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.313865][T23876] bond4: (slave geneve4): Opening slave failed
[  392.859860][T23904] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  392.864327][T23904] openvswitch: netlink: Message has 4 unknown bytes.
[  392.867101][T23904] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  392.871963][T23905] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  392.926513][T23913] syzkaller0: entered promiscuous mode
[  392.928961][T23913] syzkaller0: entered allmulticast mode
[  393.064849][T23916] sp0: Synchronizing with TNC
[  393.067325][T23917] sp0: Found TNC
[  393.070633][T23915] [U] č`
[  393.245322][T23922] xt_time: invalid argument - start or stop time greater than 23:59:59
[  393.939978][T23949] 9p: Bad value for 'version'
[  394.053280][T23959] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23959 comm=syz.6.5804
[  394.057790][T23959] netlink: 'syz.6.5804': attribute type 1 has an invalid length.
[  394.197896][T23968] lo speed is unknown, defaulting to 1000
[  394.212748][T23968] lo speed is unknown, defaulting to 1000
[  394.219463][T23968] lo speed is unknown, defaulting to 1000
[  394.361350][T23968] infiniband syU×: set down
[  394.364484][T23968] infiniband syU×: added lo
[  394.370231][T23968] syU×: rxe_create_qp: returned err = -2
[  394.372428][T23968] infiniband syU×: Couldn't create ib_mad QP1
[  394.376901][ T5999] lo speed is unknown, defaulting to 1000
[  394.380085][T23968] infiniband syU×: Couldn't open port 1
[  394.406790][T23968] RDS/IB: syU×: added
[  394.408932][T23968] smc: adding ib device syU× with port count 1
[  394.411684][T23968] smc:    ib device syU× port 1 has no pnetid
[  394.419543][ T5999] lo speed is unknown, defaulting to 1000
[  394.426165][T23968] lo speed is unknown, defaulting to 1000
[  394.515700][T23968] lo speed is unknown, defaulting to 1000
[  394.580133][T23977] 9p: Bad value for 'version'
[  394.608947][T23968] lo speed is unknown, defaulting to 1000
[  394.693638][T23981] "syz.8.5812" (23981) uses obsolete ecb(arc4) skcipher
[  394.741456][T23968] lo speed is unknown, defaulting to 1000
[  394.818872][ T6000] usb 9-1: usb_control_msg returned -71
[  394.820868][ T6000] usbtmc 9-1:16.0: can't read capabilities
[  394.845703][ T6000] usb 9-1: USB disconnect, device number 21
[  394.904469][T23968] lo speed is unknown, defaulting to 1000
[  395.052664][T23968] lo speed is unknown, defaulting to 1000
[  395.136138][T23987] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23987 comm=syz.4.5814
[  395.143204][T23999] syzkaller0: entered promiscuous mode
[  395.146290][T23999] syzkaller0: entered allmulticast mode
[  395.198842][T24003] 9p: Bad value for 'version'
[  395.236667][T24005] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5820'.
[  395.311363][T24012] netlink: 172 bytes leftover after parsing attributes in process `syz.6.5823'.
[  395.570772][T24026] 9p: Bad value for 'version'
[  395.638121][T24033] syzkaller0: entered promiscuous mode
[  395.639960][T24033] syzkaller0: entered allmulticast mode
[  395.894963][T24053] tipc: Invalid UDP bearer configuration
[  395.895035][T24053] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  396.065538][T24057] usb usb9: usbfs: process 24057 (syz.8.5837) did not claim interface 0 before use
[  396.105224][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  396.105236][   T40] audit: type=1400 audit(1772018835.424:12987): avc:  denied  { ioctl } for  pid=24065 comm="syz.7.5839" path="/dev/ptp0" dev="devtmpfs" ino=729 ioctlcmd=0x3d0b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  396.118469][T24066] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false
[  396.300737][T24077] Failed to initialize the IGMP autojoin socket (err -2)
[  396.380584][T24077] evm: overlay not supported
[  396.431915][T24086] mkiss: ax0: crc mode is auto.
[  396.656599][   T40] audit: type=1400 audit(1772018835.974:12988): avc:  denied  { map } for  pid=24099 comm="syz.8.5852" path="/proc/754/auxv" dev="proc" ino=92667 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  396.860119][T24123] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5860'.
[  397.079284][   T40] audit: type=1400 audit(1772018836.394:12989): avc:  denied  { setopt } for  pid=24141 comm="syz.8.5865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  397.137504][T24153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5868'.
[  397.188653][T24155] netlink: 'syz.4.5869': attribute type 163 has an invalid length.
[  397.333604][   T40] audit: type=1400 audit(1772018836.644:12990): avc:  denied  { lock } for  pid=24167 comm="syz.8.5873" path="socket:[94238]" dev="sockfs" ino=94238 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  397.397129][T24172] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  397.472562][T24178] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  397.475884][T24181] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5878'.
[  397.516024][T24183] openvswitch: netlink: EtherType 50a is less than min 600
[  397.536331][T24186] netlink: 'syz.6.5879': attribute type 1 has an invalid length.
[  397.622678][   T40] audit: type=1400 audit(1772018836.934:12991): avc:  denied  { map } for  pid=24190 comm="syz.8.5882" path="/proc/785/task/786/net/netfilter" dev="proc" ino=4026533188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  397.945429][   T40] audit: type=1400 audit(1772018837.264:12992): avc:  denied  { write } for  pid=24205 comm="syz.6.5889" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  398.048817][T24227] random: crng reseeded on system resumption
[  398.052893][   T40] audit: type=1804 audit(1772018837.364:12993): pid=24225 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.5892" name="/newroot/402/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  398.356515][T24247] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5899'.
[  398.359621][T24244] bond69: option xmit_hash_policy: invalid value (6)
[  398.364998][T24244] bond69 (unregistering): Released all slaves
[  398.399426][T24248] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5898'.
[  398.403119][T24248] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5898'.
[  398.511504][   T40] audit: type=1804 audit(1772018837.824:12994): pid=24260 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.5902" name="/newroot/510/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  398.526651][   T40] audit: type=1326 audit(1772018837.844:12995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24261 comm="syz.4.5903" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f71ac39c629 code=0x0
[  398.729906][T24269] binder: 24268:24269 unknown command 0
[  398.731762][T24269] binder: 24268:24269 ioctl c0306201 200000000080 returned -22
[  398.736974][T24269] 9p: Bad value for 'version'
[  398.833855][ T5999] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  399.022112][ T5999] usb 9-1: Using ep0 maxpacket: 8
[  399.028867][ T5999] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  399.033156][ T5999] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  399.046376][ T5999] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  399.046396][ T5999] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  399.046470][ T5999] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  399.046484][ T5999] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.983841][T13581] usb 12-1: new high-speed USB device number 15 using dummy_hcd
[  400.135263][T13581] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  400.138961][T13581] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.142295][T13581] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  400.146852][T13581] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  400.149809][T13581] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.155074][T13581] usb 12-1: config 0 descriptor??
[  400.173286][   T40] audit: type=1400 audit(1772018839.484:12996): avc:  denied  { listen } for  pid=24303 comm="syz.6.5918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  400.308771][T24307] tmpfs: Too few inodes for current use
[  400.310930][T24307] tmpfs: Too few inodes for current use
[  400.313112][T24307] tmpfs: Too few inodes for current use
[  400.315541][T24307] tmpfs: Too few inodes for current use
[  400.317943][T24307] tmpfs: Too few inodes for current use
[  400.319868][T24307] tmpfs: Too few inodes for current use
[  400.321823][T24307] tmpfs: Too few inodes for current use
[  400.324360][T24307] tmpfs: Too few inodes for current use
[  400.327116][T24307] tmpfs: Too few inodes for current use
[  400.329167][T24307] tmpfs: Too few inodes for current use
[  400.331099][T24307] tmpfs: Too few inodes for current use
[  400.333036][T24307] tmpfs: Too few inodes for current use
[  400.335073][T24307] tmpfs: Too few inodes for current use
[  400.337053][T24307] tmpfs: Too few inodes for current use
[  400.339556][T24307] tmpfs: Too few inodes for current use
[  400.341827][T24307] tmpfs: Too few inodes for current use
[  400.343951][T24307] tmpfs: Too few inodes for current use
[  400.345903][T24307] tmpfs: Too few inodes for current use
[  400.347925][T24307] tmpfs: Too few inodes for current use
[  400.349945][T24307] tmpfs: Too few inodes for current use
[  400.351908][T24307] tmpfs: Too few inodes for current use
[  400.353956][T24307] tmpfs: Too few inodes for current use
[  400.356122][T24307] tmpfs: Too few inodes for current use
[  400.358385][T24307] tmpfs: Too few inodes for current use
[  400.417795][T24314] netlink: zone id is out of range
[  400.420035][T24314] netlink: zone id is out of range
[  400.422226][T24314] netlink: zone id is out of range
[  400.424943][T24314] netlink: zone id is out of range
[  400.427194][T24314] netlink: zone id is out of range
[  400.429461][T24314] netlink: zone id is out of range
[  400.431133][T24314] netlink: zone id is out of range
[  400.432825][T24314] netlink: zone id is out of range
[  400.434822][T24314] netlink: zone id is out of range
[  400.722752][T24322] netlink: 'syz.8.5923': attribute type 11 has an invalid length.
[  400.826405][T13581] usbhid 12-1:0.0: can't add hid device: -71
[  400.829071][T13581] usbhid 12-1:0.0: probe with driver usbhid failed with error -71
[  400.838137][T13581] usb 12-1: USB disconnect, device number 15
[  401.046095][T24336] netlink: 72 bytes leftover after parsing attributes in process `syz.6.5927'.
[  401.096183][T24339] sch_tbf: burst 19920 is lower than device lo mtu (65550) !
[  401.372776][T24348] 9p: Unknown uid 00000000004294967295
[  401.460870][T24355] JFS: discard option not supported on device
[  401.465769][T24355] Mount JFS Failure: -5
[  401.542694][ T5999] usb 9-1: usb_control_msg returned -71
[  401.549726][ T5999] usbtmc 9-1:16.0: can't read capabilities
[  401.572640][ T5999] usb 9-1: USB disconnect, device number 22
[  401.729943][T24370] syzkaller1: entered promiscuous mode
[  401.732471][T24370] syzkaller1: entered allmulticast mode
[  401.846578][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  401.846594][   T40] audit: type=1326 audit(1772018841.164:12998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24379 comm="syz.4.5943" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f71ac39c629 code=0x0
[  401.963874][T24387] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  401.968061][T24387] overlayfs: overlapping lowerdir path
[  401.974826][   T63] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  402.014756][T24392] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5948'.
[  402.022056][T24392] netlink: 'syz.7.5948': attribute type 30 has an invalid length.
[  402.022445][T24393] FAULT_INJECTION: forcing a failure.
[  402.022445][T24393] name failslab, interval 1, probability 0, space 0, times 0
[  402.030814][T24393] CPU: 1 UID: 0 PID: 24393 Comm: syz.8.5949 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  402.030841][T24393] Tainted: [L]=SOFTLOCKUP
[  402.030848][T24393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  402.030859][T24393] Call Trace:
[  402.030894][T24393]  <TASK>
[  402.030901][T24393]  dump_stack_lvl+0x100/0x190
[  402.030964][T24393]  should_fail_ex.cold+0x5/0xa
[  402.031010][T24393]  ? tomoyo_realpath_from_path+0xb6/0x690
[  402.031038][T24393]  should_failslab+0xc2/0x120
[  402.031090][T24393]  __kmalloc_noprof+0xe0/0x850
[  402.031146][T24393]  tomoyo_realpath_from_path+0xb6/0x690
[  402.031174][T24393]  tomoyo_path_number_perm+0x23c/0x580
[  402.031202][T24393]  ? tomoyo_path_number_perm+0x22e/0x580
[  402.031232][T24393]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  402.031304][T24393]  ? find_held_lock+0x2b/0x80
[  402.031350][T24393]  ? __fget_files+0x215/0x3d0
[  402.031384][T24393]  ? hook_file_ioctl_common+0x146/0x410
[  402.031415][T24393]  ? __fget_files+0x21f/0x3d0
[  402.031436][T24393]  security_file_ioctl+0xd3/0x230
[  402.031457][T24393]  __x64_sys_ioctl+0xb7/0x210
[  402.031485][T24393]  do_syscall_64+0x106/0xf80
[  402.031522][T24393]  ? clear_bhb_loop+0x40/0x90
[  402.031545][T24393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.031563][T24393] RIP: 0033:0x7efc9d19c629
[  402.031580][T24393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  402.031597][T24393] RSP: 002b:00007efc9e10d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  402.031634][T24393] RAX: ffffffffffffffda RBX: 00007efc9d415fa0 RCX: 00007efc9d19c629
[  402.031645][T24393] RDX: 00002000000011c0 RSI: 00000000c06864a2 RDI: 0000000000000003
[  402.031656][T24393] RBP: 00007efc9e10d090 R08: 0000000000000000 R09: 0000000000000000
[  402.031667][T24393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.031677][T24393] R13: 00007efc9d416038 R14: 00007efc9d415fa0 R15: 00007fff8a1f9698
[  402.031704][T24393]  </TASK>
[  402.031727][T24393] ERROR: Out of memory at tomoyo_realpath_from_path.
[  402.066871][T24396] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5948'.
[  402.103865][   T40] audit: type=1326 audit(1772019097.412:12999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24394 comm="syz.6.5950" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7fb779c629 code=0x0
[  402.104797][T24396] netlink: 'syz.7.5948': attribute type 30 has an invalid length.
[  402.144018][ T6000] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  402.303881][ T6000] usb 9-1: Using ep0 maxpacket: 8
[  402.307647][ T6000] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  402.311697][ T6000] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  402.320076][ T6000] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  402.324636][ T6000] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  402.329938][ T6000] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  402.333614][ T6000] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.480078][   T40] audit: type=1804 audit(1772019097.802:13000): pid=24413 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.8.5956" name="/newroot/302/file0/file0" dev="9p" ino=72614009 res=1 errno=0
[  402.525221][T24415] wg1: entered promiscuous mode
[  402.527169][T24415] wg1: entered allmulticast mode
[  402.853820][T24427] netlink: 'syz.8.5961': attribute type 1 has an invalid length.
[  402.857245][T24427] netlink: 228 bytes leftover after parsing attributes in process `syz.8.5961'.
[  403.016804][   T34] hid_parser_main: 7 callbacks suppressed
[  403.016822][   T34] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  403.054934][T24443] comedi: valid board names for 8255 driver are:
[  403.061290][T24443]  8255
[  403.064929][T24443] comedi: valid board names for vmk80xx driver are:
[  403.071259][T24443]  vmk80xx
[  403.072727][T24443] comedi: valid board names for usbduxsigma driver are:
[  403.076711][   T34] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  403.085279][T24443]  usbduxsigma
[  403.086725][T24443] comedi: valid board names for usbduxfast driver are:
[  403.089562][T24443]  usbduxfast
[  403.091025][T24443] comedi: valid board names for usbdux driver are:
[  403.093639][T24443]  usbdux
[  403.095977][T24443] comedi: valid board names for ni6501 driver are:
[  403.098845][T24443]  ni6501
[  403.100177][T24443] comedi: valid board names for dt9812 driver are:
[  403.103015][T24443]  dt9812
[  403.105090][T24443] comedi: valid board names for ni_labpc_cs driver are:
[  403.107933][T24443]  ni_labpc_cs
[  403.109458][T24443] comedi: valid board names for ni_daq_700 driver are:
[  403.112437][T24443]  ni_daq_700
[  403.114193][T24443] comedi: valid board names for labpc_pci driver are:
[  403.117026][T24443]  labpc_pci
[  403.118445][T24443] comedi: valid board names for adl_pci9118 driver are:
[  403.121280][T24443]  pci9118dg
[  403.122684][T24443]  pci9118hg
[  403.124403][T24443]  pci9118hr
[  403.125802][T24443] comedi: valid board names for 8255_pci driver are:
[  403.128675][T24443]  8255_pci
[  403.129649][T24446] fido_id[24446]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  403.131895][T24443] comedi: valid board names for s526 driver are:
[  403.138880][T24443]  s526
[  403.140164][T24443] comedi: valid board names for multiq3 driver are:
[  403.143392][T24443]  multiq3
[  403.147907][T24443] comedi: valid board names for pcmuio driver are:
[  403.150637][T24443]  pcmuio48
[  403.152055][T24443]  pcmuio96
[  403.153274][T24443] comedi: valid board names for pcmmio driver are:
[  403.156022][T24443]  pcmmio
[  403.158100][T24443] comedi: valid board names for pcmda12 driver are:
[  403.160449][T24443]  pcmda12
[  403.161570][T24443] comedi: valid board names for pcmad driver are:
[  403.165347][T24443]  pcmad12
[  403.166449][T24443]  pcmad16
[  403.167561][T24443] comedi: valid board names for ni_labpc driver are:
[  403.169832][T24443]  lab-pc-1200
[  403.170971][T24443]  lab-pc-1200ai
[  403.172162][T24443]  lab-pc+
[  403.173215][T24443] comedi: valid board names for atmio16 driver are:
[  403.175839][T24443]  atmio16
[  403.177134][T24443]  atmio16d
[  403.178287][T24443] comedi: valid board names for ni_at_ao driver are:
[  403.180729][T24443]  at-ao-6
[  403.181851][T24443]  at-ao-10
[  403.183018][T24443] comedi: valid board names for ni_at_a2150 driver are:
[  403.185454][T24443]  ni_at_a2150
[  403.186899][T24443] comedi: valid board names for adq12b driver are:
[  403.189693][T24443]  adq12b
[  403.190788][T24443] comedi: valid board names for mpc624 driver are:
[  403.192920][T24443]  mpc624
[  403.195454][T24443] comedi: valid board names for c6xdigio driver are:
[  403.199050][T24443]  c6xdigio
[  403.200528][T24443] comedi: valid board names for aio_iiro_16 driver are:
[  403.203142][T24443]  aio_iiro_16
[  403.204797][T24443] comedi: valid board names for aio_aio12_8 driver are:
[  403.207411][T24443]  aio_aio12_8
[  403.208765][T24443]  aio_ai12_8
[  403.210228][T24443]  aio_ao12_4
[  403.211700][T24443] comedi: valid board names for fl512 driver are:
[  403.215241][T24443]  fl512
[  403.216556][T24443] comedi: valid board names for dmm32at driver are:
[  403.219359][T24443]  dmm32at
[  403.220747][T24443] comedi: valid board names for dt282x driver are:
[  403.223448][T24443]  dt2821
[  403.225933][T24443]  dt2821-f
[  403.227294][T24443]  dt2821-g
[  403.228647][T24443]  dt2823
[  403.229886][T24443]  dt2824-pgh
[  403.231356][T24443]  dt2824-pgl
[  403.232831][T24443]  dt2825
[  403.234715][T24443]  dt2827
[  403.236039][T24443]  dt2828
[  403.237353][T24443]  dt2829
[  403.238628][T24443]  dt21-ez
[  403.239996][T24443]  dt23-ez
[  403.241389][T24443]  dt24-ez
[  403.242719][T24443]  dt24-ez-pgl
[  403.245042][T24443] comedi: valid board names for dt2817 driver are:
[  403.248220][T24443]  dt2817
[  403.249640][T24443] comedi: valid board names for dt2815 driver are:
[  403.252384][T24443]  dt2815
[  403.254989][T24443] comedi: valid board names for dt2814 driver are:
[  403.257848][T24443]  dt2814
[  403.259292][T24443] comedi: valid board names for dt2811 driver are:
[  403.262070][T24443]  dt2811-pgh
[  403.263416][T24443]  dt2811-pgl
[  403.264954][T24443] comedi: valid board names for dt2801 driver are:
[  403.267041][T24443]  dt2801
[  403.268319][T24443] comedi: valid board names for das6402 driver are:
[  403.270385][T24443]  das6402-12
[  403.271498][T24443]  das6402-16
[  403.272642][T24443] comedi: valid board names for das1800 driver are:
[  403.276079][T24443]  das-1701st
[  403.277207][T24443]  das-1701st-da
[  403.278375][T24443]  das-1702st
[  403.279458][T24443]  das-1702st-da
[  403.280636][T24443]  das-1702hr
[  403.281752][T24443]  das-1702hr-da
[  403.283209][T24443]  das-1701ao
[  403.285616][T24443]  das-1702ao
[  403.286715][T24443]  das-1801st
[  403.287788][T24443]  das-1801st-da
[  403.288966][T24443]  das-1802st
[  403.290060][T24443]  das-1802st-da
[  403.291280][T24443]  das-1802hr
[  403.292414][T24443]  das-1802hr-da
[  403.293581][T24443]  das-1801hc
[  403.295291][T24443]  das-1802hc
[  403.296532][T24443]  das-1801ao
[  403.297653][T24443]  das-1802ao
[  403.298736][T24443] comedi: valid board names for das800 driver are:
[  403.300893][T24443]  das-800
[  403.301944][T24443]  cio-das800
[  403.303093][T24443]  das-801
[  403.304568][T24443]  cio-das801
[  403.305675][T24443]  das-802
[  403.306686][T24443]  cio-das802
[  403.307785][T24443]  cio-das802/16
[  403.308952][T24443] comedi: valid board names for isa-das08 driver are:
[  403.311117][T24443]  isa-das08
[  403.312207][T24443]  das08-pgm
[  403.313354][T24443]  das08-pgh
[  403.315453][T24443]  das08-pgl
[  403.316574][T24443]  das08-aoh
[  403.317616][T24443]  das08-aol
[  403.318658][T24443]  das08-aom
[  403.319743][T24443]  das08/jr-ao
[  403.320895][T24443]  das08jr-16-ao
[  403.322070][T24443]  pc104-das08
[  403.323210][T24443]  das08jr/16
[  403.324802][T24443] comedi: valid board names for das16m1 driver are:
[  403.326924][T24443]  das16m1
[  403.327958][T24443] comedi: valid board names for dac02 driver are:
[  403.329996][T24443]  dac02
[  403.330907][T24443] comedi: valid board names for rti802 driver are:
[  403.333042][T24443]  rti802
[  403.336161][T24443] comedi: valid board names for rti800 driver are:
[  403.338173][T24443]  rti800
[  403.339098][T24443]  rti815
[  403.340090][T24443] comedi: valid board names for pcm3724 driver are:
[  403.342190][T24443]  pcm3724
[  403.343181][T24443] comedi: valid board names for pcl818 driver are:
[  403.345727][T24443]  pcl818l
[  403.346712][T24443]  pcl818h
[  403.347737][T24443]  pcl818hd
[  403.348788][T24443]  pcl818hg
[  403.349824][T24443]  pcl818
[  403.350766][T24443]  pcl718
[  403.351730][T24443]  pcm3718
[  403.352797][T24443] comedi: valid board names for pcl816 driver are:
[  403.354975][T24443]  pcl816
[  403.355976][T24443]  pcl814b
[  403.356999][T24443] comedi: valid board names for pcl812 driver are:
[  403.359082][T24443]  pcl812
[  403.360047][T24443]  pcl812pg
[  403.361088][T24443]  acl8112pg
[  403.362167][T24443]  acl8112dg
[  403.363428][T24443]  acl8112hg
[  403.364948][T24443]  a821pgl
[  403.366199][T24443]  a821pglnda
[  403.367475][T24443]  a821pgh
[  403.368679][T24443]  a822pgl
[  403.369709][T24443]  a822pgh
[  403.370737][T24443]  a823pgl
[  403.371740][T24443]  a823pgh
[  403.372766][T24443]  pcl813
[  403.374628][T24443]  pcl813b
[  403.375659][T24443]  acl8113
[  403.376683][T24443]  iso813
[  403.377649][T24443]  acl8216
[  403.378685][T24443]  a826pg
[  403.379645][T24443] comedi: valid board names for pcl730 driver are:
[  403.381655][T24443]  pcl730
[  403.382845][T24443]  iso730
[  403.384135][T24443]  acl7130
[  403.385498][T24443]  pcm3730
[  403.386586][T24443]  pcl725
[  403.387563][T24443]  p8r8dio
[  403.388658][T24443]  acl7225b
[  403.389700][T24443]  p16r16dio
[  403.390893][T24443]  pcl733
[  403.392177][T24443]  pcl734
[  403.393488][T24443]  opmm-1616-xt
[  403.395217][T24443]  pearl-mm-p
[  403.396751][T24443]  ir104-pbf
[  403.398043][T24443] comedi: valid board names for pcl726 driver are:
[  403.400174][T24443]  pcl726
[  403.401173][T24443]  pcl727
[  403.402162][T24443]  pcl728
[  403.403191][T24443]  acl6126
[  403.404662][T24443]  acl6128
[  403.405559][T24443] comedi: valid board names for pcl724 driver are:
[  403.407598][T24443]  pcl724
[  403.408615][T24443]  pcl722
[  403.409605][T24443]  pcl731
[  403.410606][T24443]  acl7122
[  403.411623][T24443]  acl7124
[  403.412670][T24443]  pet48dio
[  403.413923][T24443]  pcmio48
[  403.414935][T24443]  onyx-mm-dio
[  403.416055][T24443] comedi: valid board names for pcl711 driver are:
[  403.418124][T24443]  pcl711
[  403.419090][T24443]  pcl711b
[  403.420101][T24443]  acl8112hg
[  403.421181][T24443]  acl8112dg
[  403.422311][T24443] comedi: valid board names for amplc_pc263 driver are:
[  403.424577][T24443]  pc263
[  403.425538][T24443] comedi: valid board names for amplc_pc236 driver are:
[  403.427721][T24443]  pc36at
[  403.428691][T24443] comedi: valid board names for amplc_dio200 driver are:
[  403.430933][T24443]  pc212e
[  403.431893][T24443]  pc214e
[  403.432898][T24443]  pc215e
[  403.434291][T24443]  pc218e
[  403.435467][T24443]  pc272e
[  403.436442][T24443] comedi: valid board names for comedi_parport driver are:
[  403.438879][T24443]  comedi_parport
[  403.440209][T24443] comedi: valid board names for comedi_test driver are:
[  403.442399][T24443]  comedi_test
[  403.443510][T24443] comedi: valid board names for comedi_bond driver are:
[  403.445863][T24443]  comedi_bond
[  403.503345][   T40] audit: type=1400 audit(1772019098.822:13001): avc:  denied  { bind } for  pid=24467 comm="syz.7.5971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  403.515363][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.519782][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.523415][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.527335][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.530874][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.535941][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.539146][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.541954][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.546726][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.549492][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.553017][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.559072][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.562656][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.566175][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.566942][T24470] binder: 24469:24470 unknown command 1079187737
[  403.569753][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.572567][T24470] binder: 24469:24470 ioctl c0306201 200000000080 returned -22
[  403.576505][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.582645][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.587367][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.590799][T24471] binder: BINDER_SET_CONTEXT_MGR already set
[  403.593453][T24471] binder: 24469:24471 ioctl 4018620d 2000000000c0 returned -16
[  403.773856][T24483] netlink: 'syz.8.5975': attribute type 1 has an invalid length.
[  403.776559][T24482] netlink: 'syz.8.5975': attribute type 1 has an invalid length.
[  404.109396][T24511] xt_l2tp: invalid flags combination: 8
[  404.153024][T24515] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5983'.
[  404.165322][   T40] audit: type=1400 audit(1772019099.492:13002): avc:  denied  { read } for  pid=24514 comm="syz.8.5983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  404.222441][T24520] netlink: 20 bytes leftover after parsing attributes in process `syz.8.5985'.
[  404.280443][T24522] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  404.302897][T24527] netlink: 64 bytes leftover after parsing attributes in process `syz.8.5988'.
[  404.307053][T24528] netlink: 64 bytes leftover after parsing attributes in process `syz.8.5988'.
[  404.524448][   T40] audit: type=1400 audit(1772019099.842:13003): avc:  denied  { connect } for  pid=24535 comm="syz.6.5992" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  404.609626][   T40] audit: type=1400 audit(1772019099.932:13004): avc:  denied  { mounton } for  pid=24555 comm="syz.7.5996" path="mnt:[4026532883]" dev="nsfs" ino=4026532883 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  404.610800][T24556] exFAT-fs (nbd7): unable to read boot sector
[  404.621379][T24556] exFAT-fs (nbd7): failed to read boot sector
[  404.623901][T24556] exFAT-fs (nbd7): failed to recognize exfat type
[  404.655317][T24558] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5997'.
[  404.658134][T24558] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5997'.
[  404.705635][T24561] netlink: 220 bytes leftover after parsing attributes in process `syz.7.5998'.
[  404.878225][ T6000] usb 9-1: usb_control_msg returned -71
[  404.881009][ T6000] usbtmc 9-1:16.0: can't read capabilities
[  404.901380][ T6000] usb 9-1: USB disconnect, device number 23
[  404.986203][T24569] fuse: root generation should be zero
[  405.095484][T24574] syzkaller0: entered promiscuous mode
[  405.097313][T24574] syzkaller0: entered allmulticast mode
[  406.721578][T24590] netlink: 'syz.4.6008': attribute type 9 has an invalid length.
[  406.727749][T24590] netlink: 'syz.4.6008': attribute type 11 has an invalid length.
[  406.732146][T24590] netlink: 'syz.4.6008': attribute type 12 has an invalid length.
[  406.737229][   T40] audit: type=1326 audit(1772019102.062:13005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24591 comm="syz.8.6009" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efc9d19c629 code=0x0
[  406.805798][T24597] net_ratelimit: 47 callbacks suppressed
[  406.805816][T24597] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  406.924600][ T5945] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  406.929891][ T5945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  406.939900][ T5945] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  406.948938][ T5945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  406.954338][ T5945] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  406.985266][T24603] Failed to initialize the IGMP autojoin socket (err -2)
[  407.053912][ T1469] usb 13-1: new high-speed USB device number 10 using dummy_hcd
[  407.086768][T24606] syzkaller0: entered promiscuous mode
[  407.088567][T24606] syzkaller0: entered allmulticast mode
[  407.216965][ T1469] usb 13-1: Using ep0 maxpacket: 8
[  407.221017][ T1469] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  407.225870][ T1469] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  407.230196][ T1469] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  407.235366][ T1469] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  407.239577][ T1469] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  407.242646][ T1469] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.779657][   T40] audit: type=1400 audit(1772019103.102:13006): avc:  denied  { listen } for  pid=24614 comm="syz.4.6017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  408.938980][  T106] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  408.972336][T24603] chnl_net:caif_netlink_parms(): no params data found
[  409.014403][ T5945] Bluetooth: hci2: command tx timeout
[  409.036666][T24625] netlink: 'syz.4.6019': attribute type 9 has an invalid length.
[  409.084902][  T106] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  409.174694][  T106] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  409.186172][T24603] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.189432][T24603] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.192714][T24603] bridge_slave_0: entered allmulticast mode
[  409.199808][T24603] bridge_slave_0: entered promiscuous mode
[  409.203115][T24634] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  409.204857][T24603] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.205905][T24634] UDF-fs: Scanning with blocksize 2048 failed
[  409.208796][T24603] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.215805][T24603] bridge_slave_1: entered allmulticast mode
[  409.217656][T24634] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  409.219993][T24603] bridge_slave_1: entered promiscuous mode
[  409.221675][T24634] UDF-fs: Scanning with blocksize 4096 failed
[  409.270016][  T106] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  409.298505][T24603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.311224][T24603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.349546][T24603] team0: Port device team_slave_0 added
[  409.365437][T24603] team0: Port device team_slave_1 added
[  409.427362][T24603] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.429713][T24603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  409.438222][T24603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.443551][T24603] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.446395][T24603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  409.455365][T24603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.556489][T24643] __nla_validate_parse: 3 callbacks suppressed
[  409.556501][T24643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6023'.
[  409.560966][T24603] hsr_slave_0: entered promiscuous mode
[  409.561934][T24643] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6023'.
[  409.565325][T24603] hsr_slave_1: entered promiscuous mode
[  409.571940][T24643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6023'.
[  409.577562][T24643] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6023'.
[  409.623291][  T106] bridge_slave_1: left allmulticast mode
[  409.627134][  T106] bridge_slave_1: left promiscuous mode
[  409.629480][  T106] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.637041][  T106] ¾x9’: left allmulticast mode
[  409.638869][  T106] ¾x9’: left promiscuous mode
[  409.640699][  T106] bridge0: port 1(
1¾x9’) entered disabled state
[  409.695066][   T10] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  409.754525][ T1469] usb 13-1: usb_control_msg returned -71
[  409.764963][ T1469] usbtmc 13-1:16.0: can't read capabilities
[  409.784765][ T1469] usb 13-1: USB disconnect, device number 10
[  409.846170][  T106] bond3 (unregistering): (slave geneve3): Releasing active interface
[  409.870628][  T106] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  410.911396][  T106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.918005][  T106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.923446][  T106] bond0 (unregistering): Released all slaves
[  410.931073][  T106] bond1 (unregistering): Released all slaves
[  410.943297][  T106] bond2 (unregistering): (slave veth5): Releasing active interface
[  410.948997][  T106] bond2 (unregistering): Released all slaves
[  410.959699][  T106] bond3 (unregistering): Released all slaves
[  410.972546][  T106] bond4 (unregistering): Released all slaves
[  410.990641][  T106] bond5 (unregistering): Released all slaves
[  411.002753][  T106] bond6 (unregistering): Released all slaves
[  411.100871][ T5945] Bluetooth: hci2: command tx timeout
[  411.112627][T24661] syzkaller0: entered promiscuous mode
[  411.115738][T24661] syzkaller0: entered allmulticast mode
[  411.135004][   T40] audit: type=1400 audit(1772019106.452:13007): avc:  denied  { map } for  pid=24671 comm="syz.4.6030" path="socket:[96072]" dev="sockfs" ino=96072 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  411.513878][T13579] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[  411.664145][T13579] usb 9-1: Using ep0 maxpacket: 8
[  411.669237][T13579] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  411.674271][T13579] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  411.678193][T13579] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  411.683128][T13579] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  411.688284][T13579] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  411.692953][T13579] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.708317][T13579] hub 9-1:1.0: bad descriptor, ignoring hub
[  411.710806][T13579] hub 9-1:1.0: probe with driver hub failed with error -5
[  411.717339][T13579] cdc_wdm 9-1:1.0: skipping garbage
[  411.719517][T13579] cdc_wdm 9-1:1.0: skipping garbage
[  411.725000][T13579] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  411.727531][T13579] cdc_wdm 9-1:1.0: Unknown control protocol
[  411.919799][T24658] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6028'.
[  412.182254][T24687] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6034'.
[  412.185189][T24687] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6034'.
[  412.189049][T24687] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6034'.
[  412.192121][T24687] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6034'.
[  412.325686][T24680] usb 9-1: reset high-speed USB device number 24 using dummy_hcd
[  412.864245][ T5999] usb 9-1: USB disconnect, device number 24
[  413.129480][T24693] syzkaller0: entered promiscuous mode
[  413.131418][T24693] syzkaller0: entered allmulticast mode
[  413.136895][T24693] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24693 comm=syz.8.6036
[  413.173868][ T5945] Bluetooth: hci2: command tx timeout
[  415.239901][  T106] team0 (unregistering): Port device team_slave_1 removed
[  415.254432][ T5945] Bluetooth: hci2: command tx timeout
[  415.259696][  T106] team0 (unregistering): Port device team_slave_0 removed
[  415.355540][T19169] smc: removing ib device syU×
[  415.715363][T24603] netdevsim netdevsim6 netdevsim0: renamed from eth18
[  415.737882][T24603] netdevsim netdevsim6 netdevsim1: renamed from eth19
[  415.748476][T24603] netdevsim netdevsim6 netdevsim2: renamed from eth20
[  415.770185][T24603] netdevsim netdevsim6 netdevsim3: renamed from eth21
[  416.030923][T24603] 8021q: adding VLAN 0 to HW filter on device bond0
[  416.168561][T24603] 8021q: adding VLAN 0 to HW filter on device team0
[  416.220967][T19165] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.223345][T19165] bridge0: port 1(bridge_slave_0) entered forwarding state
[  416.252389][T19167] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.254771][T19167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  416.362498][T24788] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=546 sclass=netlink_route_socket pid=24788 comm=syz.8.6069
[  416.565407][  T106] IPVS: stop unused estimator thread 0...
[  416.647725][T24603] 8021q: adding VLAN 0 to HW filter on device batadv0
[  416.942358][T24603] veth0_vlan: entered promiscuous mode
[  416.948354][T24838] ptrace attach of "/syz-executor exec"[24839] was attempted by "/syz-executor exec"[24838]
[  416.970226][T24603] veth1_vlan: entered promiscuous mode
[  417.007547][T24841] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  417.095658][T24841] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  417.099348][T24841] kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[  417.102037][T24841] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  417.112011][T24841] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  417.121292][T24603] veth0_macvtap: entered promiscuous mode
[  417.131060][T24841] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  417.134932][T24841] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  417.138585][T24841] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  417.141979][T24841] kvm: requested 100571 ns i8254 timer period limited to 200000 ns
[  417.146387][T24841] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  417.154513][T24603] veth1_macvtap: entered promiscuous mode
[  417.240759][T24603] batman_adv: batadv0: Interface activated: batadv_slave_0
[  417.256529][T24603] batman_adv: batadv0: Interface activated: batadv_slave_1
[  417.262051][T24603] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  417.274829][T24603] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  417.287312][T24603] wireguard: wg0: Could not create IPv4 socket
[  417.293090][T24603] wireguard: wg1: Could not create IPv4 socket
[  417.694387][T24856] kvm_intel: kvm [24855]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0xe130e9d
[  417.741441][T24856] kvm: kvm [24855]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0xe1348b6
[  418.178916][T24895] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  418.726471][T24930] kvm: kvm [24929]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0x5623
[  419.253964][   T40] audit: type=1400 audit(1772019114.572:13008): avc:  denied  { audit_read } for  pid=24995 comm="syz.7.6128" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  421.010315][   T40] audit: type=1800 audit(1772019116.332:13009): pid=25080 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.7.6142" name="bus" dev="tmpfs" ino=3329 res=0 errno=0
[  421.731848][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  421.738406][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  421.741474][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  421.745995][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  421.749480][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  421.781839][T25131] Failed to initialize the IGMP autojoin socket (err -2)
[  422.223086][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x9048 Unhandled WRMSR(0xc0010006) = 0x8000
[  422.240777][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x9048 Unhandled WRMSR(0xc0010006) = 0x8000
[  422.248598][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x9048 Unhandled WRMSR(0xc0010004) = 0x8000
[  422.272502][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x9048 Unhandled WRMSR(0xc0010000) = 0x8000
[  422.276619][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x8028 Unhandled WRMSR(0xc0010000) = 0x8000
[  422.280385][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x8028 Unhandled WRMSR(0xc0010000) = 0x8000
[  422.284893][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x8028 Unhandled WRMSR(0xc0010000) = 0x8000
[  422.289092][T25152] kvm: kvm [25151]: vcpu0, guest rIP: 0x8028 Unhandled WRMSR(0xc0010000) = 0x8000
[  422.509792][T25181] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=546 sclass=netlink_route_socket pid=25181 comm=syz.4.6162
[  423.684137][T25131] netdevsim netdevsim6 netdevsim0: renamed from eth18
[  423.692392][T25131] netdevsim netdevsim6 netdevsim1: renamed from eth19
[  423.707401][T25131] netdevsim netdevsim6 netdevsim2: renamed from eth20
[  423.718345][T25131] netdevsim netdevsim6 netdevsim3: renamed from eth21
[  423.818309][ T5945] Bluetooth: hci0: command tx timeout
[  424.205937][T25131] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  424.212689][T25131] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  424.222260][T25131] wireguard: wg0: Could not create IPv4 socket
[  424.228699][T25131] wireguard: wg1: Could not create IPv4 socket
[  427.782895][   T40] audit: type=1400 audit(1772019123.102:13010): avc:  denied  { shutdown } for  pid=25497 comm="syz.7.6213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  430.618127][T25676] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=25676 comm=syz.8.6259
[  430.975615][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  430.985640][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  430.990560][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  430.995850][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  430.999307][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  431.037106][T25686] Failed to initialize the IGMP autojoin socket (err -2)
[  431.927696][T25686] netdevsim netdevsim6 netdevsim0: renamed from eth18
[  431.937366][T25686] netdevsim netdevsim6 netdevsim1: renamed from eth19
[  431.948523][T25686] netdevsim netdevsim6 netdevsim2: renamed from eth20
[  431.954765][T25686] netdevsim netdevsim6 netdevsim3: renamed from eth21
[  432.368544][T25686] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  432.376451][T25686] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  432.388705][T25686] wireguard: wg0: Could not create IPv4 socket
[  432.393573][T25686] wireguard: wg1: Could not create IPv4 socket
[  433.838231][T25843] create_pit_timer: 5 callbacks suppressed
[  433.838314][T25843] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  434.261943][T25861] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  434.581834][T25877] kvm: requested 16761 ns i8254 timer period limited to 200000 ns
[  434.632627][T25877] kvm: requested 25142 ns i8254 timer period limited to 200000 ns
[  434.950374][T25881] kvm_intel: kvm [25879]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0xe13a205
[  434.971789][T25881] kvm_pr_unimpl_wrmsr: 463 callbacks suppressed
[  434.971810][T25881] kvm: kvm [25879]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0xe132c1e
[  434.979698][T25881] kvm: kvm [25879]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0xe1321af
[  435.225535][T25891] kvm: kvm [25888]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x56fd
[  435.317444][T25910] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  435.856439][T25942] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  436.141297][T25961] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  436.518590][T26000] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  436.979753][T26037] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  437.513443][T26078] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  438.498756][   T40] audit: type=1326 audit(1772019133.822:13011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.514020][   T40] audit: type=1326 audit(1772019133.822:13012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.539181][   T40] audit: type=1326 audit(1772019133.822:13013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.549533][   T40] audit: type=1326 audit(1772019133.822:13014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.562623][   T40] audit: type=1326 audit(1772019133.822:13015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.594160][   T40] audit: type=1326 audit(1772019133.822:13016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.604792][   T40] audit: type=1326 audit(1772019133.822:13017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.619656][T26141] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  438.627161][   T40] audit: type=1326 audit(1772019133.842:13018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.639480][   T40] audit: type=1326 audit(1772019133.842:13019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  438.650711][   T40] audit: type=1326 audit(1772019133.842:13020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26135 comm="syz.4.6351" exe="/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f71ac39c629 code=0x7ffc0000
[  439.468688][ T5945] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  439.475768][ T5945] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  439.478910][ T5945] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  439.485265][ T5945] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  439.494157][ T5945] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  439.534146][T26203] Failed to initialize the IGMP autojoin socket (err -2)
[  440.018135][T26235] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  440.371001][T26203] netdevsim netdevsim6 netdevsim0: renamed from eth18
[  440.387798][T26203] netdevsim netdevsim6 netdevsim1: renamed from eth19
[  440.400387][T26203] netdevsim netdevsim6 netdevsim2: renamed from eth20
[  440.417488][T26203] netdevsim netdevsim6 netdevsim3: renamed from eth21
[  440.758415][T26203] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  440.771340][T26203] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  440.782709][T26203] wireguard: wg0: Could not create IPv4 socket
[  440.791751][T26203] wireguard: wg1: Could not create IPv4 socket
[  443.410083][T26523] "syz.8.6448" (26523) uses obsolete ecb(arc4) skcipher
[  445.109615][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  446.998041][T26720] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6507'.
[  447.092860][T26724] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  447.497822][T26753] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  448.164473][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  448.169937][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  448.174138][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  448.180186][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  448.184220][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  448.253639][T26783] Failed to initialize the IGMP autojoin socket (err -2)
[  448.274909][T26776] ------------[ cut here ]------------
[  448.278030][T26776] enable_ept && !allow_smaller_maxphyaddr
[  448.278043][T26776] WARNING: arch/x86/kvm/vmx/vmx.c:5444 at handle_exception_nmi+0xa6e/0x1bb0, CPU#1: syz.4.6521/26776
[  448.286646][T26776] Modules linked in:
[  448.289085][T26776] CPU: 1 UID: 0 PID: 26776 Comm: syz.4.6521 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  448.292769][T26776] Tainted: [L]=SOFTLOCKUP
[  448.294480][T26776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  448.298007][T26776] RIP: 0010:handle_exception_nmi+0xa6e/0x1bb0
[  448.300172][T26776] Code: 08 84 d2 0f 85 fd 10 00 00 44 0f b6 2d b6 ac 39 0f 31 ff 44 89 ee e8 e1 fc 68 00 45 84 ed 0f 85 b5 0e 00 00 e8 83 02 69 00 90 <0f> 0b 90 31 ff 44 89 e6 e8 25 fd 68 00 45 85 e4 0f 85 7f 0b 00 00
[  448.307033][T26776] RSP: 0018:ffffc90003de79d8 EFLAGS: 00010287
[  448.309237][T26776] RAX: 000000000000f1b1 RBX: ffff88804b7329c0 RCX: ffffc9003104e000
[  448.312034][T26776] RDX: 0000000000080000 RSI: ffffffff819f9cdd RDI: ffff88802d3cc900
[  448.314972][T26776] RBP: 000000000f6632eb R08: 0000000000000001 R09: 0000000000000000
[  448.317789][T26776] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  448.320637][T26776] R13: 0000000000000000 R14: ffff888061ac8000 R15: ffff88804b732a98
[  448.323401][T26776] FS:  00007f71ad2826c0(0000) GS:ffff8880d644a000(0000) knlGS:0000000000000000
[  448.326570][T26776] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  448.328880][T26776] CR2: 000000000f6632eb CR3: 000000002c80d000 CR4: 0000000000352ef0
[  448.331629][T26776] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000008000
[  448.335131][T26776] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  448.338053][   T40] kauditd_printk_skb: 567 callbacks suppressed
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  448.338066][   T40] audit: type=1400 audit(1772019143.662:13588): avc:  denied  { write } for  pid=5917 comm="syz-executor" path="pipe:[6874]" dev="pipefs" ino=6874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  448.339223][T26776] Call Trace:
[  448.352787][T26776]  <TASK>
[  448.354577][T26776]  ? __pfx_handle_exception_nmi+0x10/0x10
[  448.357064][T26776]  vmx_handle_exit+0x84d/0x1f40
[  448.359253][T26776]  vcpu_run+0x34cf/0x5ca0
[  448.361189][T26776]  ? __pfx_vcpu_run+0x10/0x10
[  448.363228][T26776]  ? rcu_is_watching+0x12/0xc0
[  448.365496][T26776]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  448.367991][T26776]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  448.370498][T26776]  kvm_vcpu_ioctl+0x730/0x1730
[  448.372680][T26776]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  448.375112][T26776]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  448.377724][T26776]  ? do_vfs_ioctl+0x226/0x13e0
[  448.379860][T26776]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  448.382176][T26776]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  448.385472][T26776]  ? __fget_files+0x215/0x3d0
[  448.387600][T26776]  ? hook_file_ioctl_common+0x146/0x410
[  448.390130][T26776]  ? selinux_file_ioctl+0x139/0x290
[  448.392457][T26776]  ? selinux_file_ioctl+0xb4/0x290
[  448.394728][T26776]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  448.396939][T26776]  __x64_sys_ioctl+0x18e/0x210
[  448.399213][T26776]  do_syscall_64+0x106/0xf80
[  448.401294][T26776]  ? clear_bhb_loop+0x40/0x90
[  448.403402][T26776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.406500][T26776] RIP: 0033:0x7f71ac39c629
[  448.408492][T26776] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.417862][T26776] RSP: 002b:00007f71ad282028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.421567][T26776] RAX: ffffffffffffffda RBX: 00007f71ac615fa0 RCX: 00007f71ac39c629
[  448.425083][T26776] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  448.428567][T26776] RBP: 00007f71ac432b39 R08: 0000000000000000 R09: 0000000000000000
[  448.432108][T26776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.435685][T26776] R13: 00007f71ac616038 R14: 00007f71ac615fa0 R15: 00007ffd6519a5c8
[  448.439211][T26776]  </TASK>
[  448.440604][T26776] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  448.443829][T26776] CPU: 1 UID: 0 PID: 26776 Comm: syz.4.6521 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  448.448526][T26776] Tainted: [L]=SOFTLOCKUP
[  448.450417][T26776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  448.454918][T26776] Call Trace:
[  448.456402][T26776]  <TASK>
[  448.457731][T26776]  dump_stack_lvl+0x100/0x190
[  448.459836][T26776]  vpanic+0x552/0x970
[  448.461599][T26776]  ? __pfx_vpanic+0x10/0x10
[  448.463576][T26776]  panic+0xd1/0xe0
[  448.465258][T26776]  ? __pfx_panic+0x10/0x10
[  448.467265][T26776]  check_panic_on_warn.cold+0x19/0x34
[  448.469659][T26776]  ? handle_exception_nmi+0xa6e/0x1bb0
[  448.472067][T26776]  __warn.cold+0x191/0x348
[  448.474006][T26776]  __report_bug+0x296/0x3d0
[  448.476009][T26776]  ? handle_exception_nmi+0xa6e/0x1bb0
[  448.478354][T26776]  ? __pfx___report_bug+0x10/0x10
[  448.480571][T26776]  ? __pfx_skip_emulated_instruction+0x10/0x10
[  448.483258][T26776]  ? kvm_pmu_trigger_event.isra.0+0x789/0xc00
[  448.485927][T26776]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  448.488521][T26776]  ? handle_exception_nmi+0xa6e/0x1bb0
[  448.490827][T26776]  report_bug+0xb2/0x220
[  448.492718][T26776]  ? handle_exception_nmi+0xa6e/0x1bb0
[  448.495121][T26776]  handle_bug+0x166/0x2a0
[  448.497093][T26776]  exc_invalid_op+0x17/0x50
[  448.499067][T26776]  asm_exc_invalid_op+0x1a/0x20
[  448.501265][T26776] RIP: 0010:handle_exception_nmi+0xa6e/0x1bb0
[  448.503944][T26776] Code: 08 84 d2 0f 85 fd 10 00 00 44 0f b6 2d b6 ac 39 0f 31 ff 44 89 ee e8 e1 fc 68 00 45 84 ed 0f 85 b5 0e 00 00 e8 83 02 69 00 90 <0f> 0b 90 31 ff 44 89 e6 e8 25 fd 68 00 45 85 e4 0f 85 7f 0b 00 00
[  448.512127][T26776] RSP: 0018:ffffc90003de79d8 EFLAGS: 00010287
[  448.514548][T26776] RAX: 000000000000f1b1 RBX: ffff88804b7329c0 RCX: ffffc9003104e000
[  448.518015][T26776] RDX: 0000000000080000 RSI: ffffffff819f9cdd RDI: ffff88802d3cc900
[  448.521395][T26776] RBP: 000000000f6632eb R08: 0000000000000001 R09: 0000000000000000
[  448.524833][T26776] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  448.528346][T26776] R13: 0000000000000000 R14: ffff888061ac8000 R15: ffff88804b732a98
[  448.531798][T26776]  ? handle_exception_nmi+0xa6d/0x1bb0
[  448.534121][T26776]  ? handle_exception_nmi+0xa6d/0x1bb0
[  448.536484][T26776]  ? __pfx_handle_exception_nmi+0x10/0x10
[  448.538880][T26776]  vmx_handle_exit+0x84d/0x1f40
[  448.541002][T26776]  vcpu_run+0x34cf/0x5ca0
[  448.542964][T26776]  ? __pfx_vcpu_run+0x10/0x10
[  448.545111][T26776]  ? rcu_is_watching+0x12/0xc0
[  448.547290][T26776]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  448.549741][T26776]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  448.552088][T26776]  kvm_vcpu_ioctl+0x730/0x1730
[  448.554192][T26776]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  448.556450][T26776]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  448.559018][T26776]  ? do_vfs_ioctl+0x226/0x13e0
[  448.561090][T26776]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  448.563220][T26776]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  448.566087][T26776]  ? __fget_files+0x215/0x3d0
[  448.568157][T26776]  ? hook_file_ioctl_common+0x146/0x410
[  448.570634][T26776]  ? selinux_file_ioctl+0x139/0x290
[  448.572886][T26776]  ? selinux_file_ioctl+0xb4/0x290
[  448.575102][T26776]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  448.577385][T26776]  __x64_sys_ioctl+0x18e/0x210
[  448.579439][T26776]  do_syscall_64+0x106/0xf80
[  448.581461][T26776]  ? clear_bhb_loop+0x40/0x90
[  448.583528][T26776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.586170][T26776] RIP: 0033:0x7f71ac39c629
[  448.588168][T26776] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.596558][T26776] RSP: 002b:00007f71ad282028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.600224][T26776] RAX: ffffffffffffffda RBX: 00007f71ac615fa0 RCX: 00007f71ac39c629
[  448.603591][T26776] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  448.606956][T26776] RBP: 00007f71ac432b39 R08: 0000000000000000 R09: 0000000000000000
[  448.610405][T26776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.613806][T26776] R13: 00007f71ac616038 R14: 00007f71ac615fa0 R15: 00007ffd6519a5c8
[  448.617265][T26776]  </TASK>
[  448.619510][T26776] Kernel Offset: disabled
[  448.621431][T26776] Rebooting in 86400 seconds..