last executing test programs:

11m1.838984761s ago: executing program 32 (id=2488):
r0 = socket$rds(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x4}, 0x1c)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f00000000c0)="4c83", 0x2, 0x240458d1, &(0x7f0000000200)={0x11, 0x88a8, r4, 0x1, 0x85, 0x6, @broadcast}, 0x14)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000007c0)=ANY=[@ANYBLOB="88020000", @ANYRES32=r0, @ANYBLOB="010000000000000000003b00000008000300", @ANYBLOB="4bd9395d650498ed131427d241bfd2c4c87ab629f16c2b4416c715294acfb8bc4883d0906b88b21a81f67e83b40e8db52a5a6858db1d1ad91d2c323f4ffc47534ef95d0bdbe503a7273ddffc762f1f3d898fdb95342d8ca14fcc6c10e38161cf4b6959264ed7950ea8fb4c5eae4902c112e70b712f1c51752c3a76e03c8c4e9f7879d6a94d8e63d34072cd811a46068853f7b0bc052ecff0bfa8d239b58da057217c57019b5404992fa826ba2ba3e364d6f477845697f9ec500ce4ec97ed5be9542aa8852122b84fef134a063d411eadf09751fdd492dcea38c1c7d0ad28bc1797ef75eda6e63f748c521db7b3ed2c686c2f55aab21109ba66a14c9ece602bf4bf713b7c5f7132c262c35ed74c46154b85bb20dd861dd351826dde30797cbb4566bfd031d786d74054ddf362211962df253344bb1c9dc8ee54f3754fe13b6c2a6dd44cbd206194ad1ee412ef14e730003d23fb4bcc98e7fcc37ce487d5e3da94a8670ad65f828d2f77691e67f3180bd9e20ab3ad18e830bd3c3b5f29226e072d348c80b7719b5bcf99167bd24b8a2a5d0dcfaf66839f20881e9476676cc7d907fda9d241306700e1340963625545584340d1f5b1033e489bc9e3510b3a169d1b935dae1ad745f995a3f71100d3557772a9cd6cbc5be26330af9c6f2be165f2a04473f7dedd744a9b78958c27ef6dd7bb71793ccc3031446e0d3d92364030d42079c9b844db99773bd3195b74159504939c21a05fffd71f4691a5612a2968f339c09af0ae97ec44c0c1ace2bade43aa6eff5d0da5b76bb6570209f9205223cfabd58b5d7f047eefcae950b5244a667243577ef0f6c6c6981628a193edc5e2017cda768160506485fa11ea4f2547a8a8a20f5f91fb438ac7a3f78d926837abd4545db29a1e36ca02b2b4babe1338af2432879de55cd48b7478fbcb55cace92dd79566ada8a4c874747c5fe91ed968c056396d93f066fbc0950aea01946e3b714a3ac9af74488984cf1961542ff543cd8b0029ecede3628ba25cf1ad84d8c22f5f0eb8077b94abeb6a4a27c1d8971e7ee4698f52ffc0dad6409434bce41b48fc5f837c87ad82034ca731634f7bdda2395aa14f14d0fdcd486c747b705f261717f58be44a6c282b7270f59dbab9f6c4816e3d01297c44073d67d81887c90e39a5a425d754ab48cf7e043a920c0ad0d7f8b3bdb2a3610900d39566b35ef8484765b32b493fa5067f989fbd98778e033db2e8737fa53077d23b60867ef1bc8a202ed0e61df9169811acb1b80eaf0b482998afa88a16db7bcfeb956a62a09a04fa4da9107d45b05bd6838935c0ebb6ab2ff931a9c51b6a72233830bc3aa8566d07020aecaa1b09e88fcec81b9cc070c5eef90f7ad6048102cb856892cf53f646d5c690d3d83553f7991f7543b4aec23d8b77f02bf9be6fa596a47d43819e38a514befecef6a365f640d8f9912a7ad23870dd306c92d797d1669cf9356683f32d4783e2807c20b2454d5692abe59b7d848d9e328262a0002a5e6e7d6acc8068d045fe95b56c8f075398a0e4f120db06bfeba55cbbb99417be5d065ee803c5700dee29f0505936e11a907480c6fc6a90419890af75455f3f927873f1aa03bb2a2492714ee2228a9eaf4c2e377b54aaaf90c4d70ed6c6f8448d53872cd247a0a42d751455f85e5207236acc9a2a75c4e5306c1e8320ff7ca21cb557e6134f0fb804db47b6d901db2060ca82e94f612d0cd0e79132f0e5c9cf42950a0e30e4c353fb83344eda9487e7fdb2e6b0a43eb097814918ef1aa22df2acaee0af31f9115bbb6b630d66d9a253281a0b10cd3c9067a1657ae86c62f71a61c6d5d3d392ced91da9cb080a0c1710115635a66a99867946fac2941c7d6a1414d0ffb394497a744fa3dc9cfa89de44ac05c8a8a53c9527875f2a5815086c4fe239e94529ae14f65fbc3b38d94357162afaf437c2378f93123738cb3f652a34ae530cf90c475b90b7698e1c83bfa1876b04f9799f54cda1eea5f0be500b9edea5dcb40640032db8e94678fcd62b723103fb57b1cede42818c2638d2089bcf5b17f6f0235d896e0d3ca62f49dc50a47321a545158e8add02f5c7c3bb367e425302ac2b1968411db72d0fc88740f9fc51e0ff46b20cefe01b7d8432dcc8f17003a7d948511344d8b581cee2395c505279c9303826701dafcc8bb49d1cd272441486605ab75b75830d7eb3705792776cdf9a309ee170a41384c816b935ee0e9d19dba6bec875ce8fdd4f0d9b966c51d151bd34563368431ba7ffb7a3f896a8f983db50831c3a43754a4c364de95ec87e6290bb237a7f94805d672cfc97dba0eb288cc7f4399e462aaceaa629c94760177f8204f5a8de97b4d01e459c107f33bfcbd5c98254361fcdade7ed4ba62adf12f26746c1b5372b09dd949ea324a67a33308e0a5a4fb5844e506fa626992b4f8cd9fb9c77b72fb829bf95cd45948f2b9046fb95a6ef1949b4f1957716a5ddc10ce19f20e3a66e12f0be7c041e9f5e393e89a5781c1909bd841d9091da3b3b2b08936e647372d6d82a1921a0420338d8f27f3f21265b657fd5b497c37b661ebd92b4ef0959aa18887263f51fe6614d5c46af74943edfc643f80f17fc5593da75f68accc26753073666011667fca6488a448e00ade3883c89aed71352b50ad2390c119dd6615048daab16afb71eba5c45d2d029669f070d3e7dae072224f6a3e2c10c8eb26e5ec324bf71a7bd3a4636a1843c5071b899f2590c0483eae296aa5d786bd19e622790db4744fd123550ae872ef53c409beb634c116999dfc77c780d906e2b82321c7745276097a87165fe55743b3cf88583fe7b58d11923d9d95430a2fb4be51f3643e6eb93a7962566b17c9fa2ce533733b98bcbd9f4e4f0f4bac07a42850d29daf75c4f1043c963e2d6fa86209a5e97c10c44d556bf50fa1e63dd5c24247436a4d63282db8c5b7eb1e46100a5510a22b1eb363faf63bd97275b39be37aebb564bbfb65f75934ac92e955a79ae5415237aa7dffbf7dff8914906ab041dbe48c453a5ec462a9ba06f878d165d8281f89dccc5dbd829da201eb121b9257d10b8581fbb20c335c4b0681305310c9ca34d8ae42d52f20e8f3353969818034170a6b520ed0df0fbbc37e3793f93d153bc64aaac6b0615838b4b0b94291ce9bfb05fbb0b8ff39978869677a32d53261d262fcbd052a1e20206c161c8d615c4f64032a1641bb35b6726b544590d140c88c4de4945561184d370e33c4045d46ef6f980086e5ec36960689819a76efdf1085cdf4cef6f45acbec66a629f2253c481bd1215b78935f47b1404e5894a041447b9cb635ffe9b341842a3014c72f142afc634b080c4dbe4abb3724ce56099c353afbad4500943c3e0077d8604499dedd812c797fa52c1e92d98220bda11f91a334ed49439c38ba0ddee07168e452fcb3c9bdb92a645483fcd39b0815c1d78689a115f882e53b33fdb322a543288fbbbd96f1aa0822a836418767be99c20ec9613ff543ef1ba8be5145e7132b5b23ba57f2a2db4f377162cc53aaa0557ea0bfd13265f66c839fd9190aabb8d2b85ee5fb4df948e8ef5121389cf4107a86a6a521577f8cc93bd27b7ef52194beeb6857fee273705da209d5681f5b643ead764d99b47957b6bba602d0340201481a50f5c2c9a8efbb42486b6445737d050e4969f018a32961432d2071daefdde49c9fcff603cd8f1b746da2eebae7819c2b902a411030d686a1c90a5e990a466f7b5dadc4850d995dbbc485407b97b605cfedfbe8836aa98a43f3828a87e92406fa76e2d3eb785897a7c56572d395cc8faff45c51c46be8d8ddc84e7937ad0d7ec85cba00755779b47d4a328c3260b58e98cf29a1ffe82954862167b340117b4e037350a446cb3b7d4ddf0b670b4cdf8bfcc0fce2777b7ea7acf5f4ff6e5595b27111f791ddb7e6f21e90d23665102ce925c828b02f25a88abe1f71092cd22e79fb07dbbd2cc2d29b9a1be23741735827b7297d93c42c1d370e04620e1dd015a7d07c11499faf290fb5f53e8a399b7c331e4db1c824c566f4e561698cd05c8f0b676b99cdf342ba6b1d78e493dc2e356eb5dd685c44e862e57c8dbbdafdeeac85f9728099da10b6bc72d76011e71aa5bd5e5b6e329279dc8f52168f71a721c0a82a0c3517b9a5c6211da33b34cad642b8a73cbb5e70a2ae57805a06ea9c03aa93bec41f59b50f73f5269b1309b15c7b64876591f4fc229c7a48b98933040ac0fa2777adaace7968ce80a5b3413561ce1d6e951785928f0fd8b507edea477cb5c3ddf974c5a030a6e3fb2ff1c89a776a568af79a99a6d639cc2d518d85590a545578e186bea1d92eca32f460f871ea6bf088c5691ab26fb2ed44586c271e559fb44b72817036a07b54a871d0b6b8bd2593478f4d44ae961cadae8f0f4836f26d35920349ffc16cae5646079a0680e1d616b10c8df04d7f0cf53d99f6d9b471ed20d60ddc4acfb44504ee52f5db36612c59fb470c341232c7716275a79413e963c00d541e37db81351fd8bd7ad5e52427cef294fc4dbae307094e3e141523a7bade587733bf2b00bd22c52349c1d11d9fd623e8052f898c9614bf31f9ac14f7cbf7c2352917019580583ecef905caba0f8fe7236031157703abc2022f3b2b5968c994506902fdea27b69d1b7ac07f130b64b83a4b3830880983ab4aa92975a8f533b344f810f01f8ab61760dec0e50e98ed24a28385a7ca2eb5eb9aa7a109ec386f64d869afe6eeed00cd4fbf7774fee09b754755f8ecb547284a9d713f0b4e7097a43f202afb95883a3d81c6745962db93febab3782569f76c75b711c7d8ae5ad21e8cc9b9b31f1aa6111fd0384d0d99a44a54a1a177eceb5408516012ab4b09fcd50d90ace43c417c67a100e130901c810ebe1c42fc41761a8041494b31752f8e398b61ef90754e258233d1f144591570bbc0d377a78de53ab081fd46af7da39949a482e0403f4809ec2042e1c6bab42a523067bb91dd25d26ece40a0278a633a9c1d3a19d6db99214ffd36f9116d120f064faed9a5ac42a710a40617c42aa7ca28d8930048a47e2f1fbe545a85f10d7d984539f4338d99d370a093e3caa508c065d24c51fe0f99af5a9fdcdd02d80aa6057b5dfc3ef5c6a207ba3906f429c1be95e90cf529929843573b660cb775a5fa8e3fd9c6013561b68ccb071f7fadb853748479555253342a60d6b082b1439fe39787a77c28650d5efe7d46ee8decc1e416cbc5d741f34194c5d90718d0d0df508c23513f4300e9f00c76e936d39ec5af8457bedeafab98bc221b48c92c078ce09bc67bae6f9c6b8bbe790c8663317aec7d980ba22cec92d48ca55c34a7dcd79ee055d8941207b1ab7e94b456ca297bc17f7068433dc6fcfe8fe8a425c54f5955ce986af5fcdee5e75f64135aa1cb4b6b86390fd9d963cf07cb5965d7356401cbb22e071c8ddfb93d61196b695151e8cfb2c25c3a8ab3e5d8a169a65e9eda35efe4c50362c901bb5bb289da07366ba19ef76e7e5be666ab63be827bb91a008d7af8e0223d7d3216448e0165dbb5aca8583e8750c9e68beb78166b8bec2d189bdcf5f709201f80081fc40877ba6feab303bb01368d6a1565daaebdf5bbec6e88362c6cc3b18c881b8b313719126640678490ac4e4dd5cc3a2671d2ea4399ae31c46938d0e348a6170d7433e2207787daaa6d657f2fce8a427caa8fb15a93fcd6c4411e39828f17419a25edb8077fb0d8adac7102bcd15384184c7e75e5e6e7aa89809cb36485b3e17d3fd833d59bf4de93e0", @ANYBLOB="610233005030010008021100000108021100000050505050505019b2b92777c7a367a7612f248278ae13ce439dcc511cad237415348db96627ec6f2975dcadca2eb2baf74ed486933080c2b51c2def01b649f566293a48615202fafcc2aefb8537d72d101ba908a637817b"], 0x288}, 0x1, 0x0, 0x0, 0x800}, 0x0)

10m20.611560621s ago: executing program 4 (id=2923):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@dev={0xfe, 0x80, '\x00', 0xc}, @in6=@mcast2, 0x4, 0xb6e, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in=@loopback, 0x4d4, 0x32}, @in=@rand_addr=0x64010101, {0x0, 0x0, 0x1, 0x8000000000000001, 0xfffffffeffffffff, 0x10, 0x8001, 0x543}, {0x4, 0x7fffffffffffffff, 0xb, 0xfffffffffffffffd}, {0x0, 0xe}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}}, 0xf0}, 0x1, 0x0, 0x0, 0x880}, 0x2094)
sendmsg$NFNL_MSG_ACCT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="74000000010701030000000000000000030000040900010073797a3100000000540007800800024000000002080002400000b55a0800014000000001080001400000000108000240000000070800014000000006080001400000000808000240ffffdfda0800014000e000000806"], 0x74}, 0x1, 0x0, 0x0, 0x4000010}, 0x8000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000004900010000000000000000000a000000000000eb00000000141001"], 0x3c}, 0x1, 0x0, 0x0, 0x800400d}, 0x8001)
r2 = syz_open_dev$video4linux(&(0x7f0000000040), 0x200, 0x20000)
ioctl$VIDIOC_SUBDEV_G_FMT(r2, 0xc0585604, &(0x7f0000000100)={0x0, 0x0, {0x653e, 0x5, 0x201d, 0x3, 0x7, 0x2, 0x2, 0x7}})
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050841)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
close(0x3)
r5 = socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000000)=@in={0x2, 0x40, @initdev={0xac, 0x1e, 0x20, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x4001)
shutdown(r6, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r7=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) (async)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) (async)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000400)={0x9, 0x5, 0x2, 0x2d19, r8}, 0x10) (async)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000400)={0x9, 0x5, 0x2, 0x2d19, r8}, 0x10)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0) (async)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040)={r0}) (async)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000040)={r0})
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0) (async)
sendmsg$nl_xfrm(r9, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

10m20.560108132s ago: executing program 4 (id=2926):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0xfffffe40, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x24000800}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f00000001c0)={0x5}, 0x4)
sendto$inet6(r1, &(0x7f0000000100)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1c)

10m20.432017995s ago: executing program 4 (id=2928):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f00000000c0)={0xfffffffffffffbf7, 0x1, 0x2, 0x0, 0x4, 0x1000000, "7f2c00", 0x1, 0x16, 0x2, 0xfa, 0x9, 0x1, 0xd})

10m20.431383305s ago: executing program 4 (id=2929):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup2(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x2000000, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0xd5)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x5, 0x13, r1, 0x829c7000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
mount$cgroup2(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x2000000, 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) (async)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0xd5) (async)
openat$cgroup_ro(r0, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0) (async)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x5, 0x13, r1, 0x829c7000) (async)

10m20.321578718s ago: executing program 4 (id=2930):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000006c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@redirect_dir_nofollow}]})
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0) (async)
r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@fwd={0x0, 0x0, 0x0, 0x10, 0x2}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1}]}]}}, 0x0, 0x3e}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
mount(&(0x7f00000000c0)=@sg0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='anon_inodefs\x00', 0x80a, &(0x7f0000000280)='\b/\x00')
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r1, 0x25, 0x5, @void}, 0x10)

10m19.26197828s ago: executing program 4 (id=2945):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_io_uring_setup(0x4ec5, &(0x7f0000000140)={0x0, 0xbe46, 0x2, 0x3, 0x224}, &(0x7f0000000080), 0x0, 0x0)
syz_clone(0xaa0a1000, 0x0, 0x0, 0x0, 0x0, 0x0)

10m19.217935157s ago: executing program 33 (id=2945):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_io_uring_setup(0x4ec5, &(0x7f0000000140)={0x0, 0xbe46, 0x2, 0x3, 0x224}, &(0x7f0000000080), 0x0, 0x0)
syz_clone(0xaa0a1000, 0x0, 0x0, 0x0, 0x0, 0x0)

4m50.020197158s ago: executing program 3 (id=7169):
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x7eed1c6096b46919, 0x70bd29, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@assoc={0x18, 0x117, 0x4, 0x10}], 0x18, 0x40040}], 0x1, 0x8040)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r4)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000001500)={&(0x7f0000000500)=[0x13, 0x1ff, 0x3, 0x6, 0x55, 0x8001, 0x4461, 0x80, 0xffffffff, 0x1ff, 0x7231, 0x9, 0x2, 0x1, 0xffffffff, 0x8, 0x1, 0x6, 0x7fff, 0x200, 0x0, 0x3, 0x9, 0xc, 0x0, 0xa8, 0x2, 0x8, 0x8284, 0x101, 0xa6, 0x2, 0x1, 0x2, 0xd39f, 0xef, 0x6, 0x55, 0x0, 0x5, 0x5381, 0x300, 0x3, 0x80000001, 0x6, 0xfffffff8, 0x9, 0x9, 0x0, 0x1000, 0xf, 0x9, 0x4, 0xfff, 0x1, 0xffffff01, 0x8, 0xc2f4, 0xabe, 0x200, 0x2, 0x5, 0x20000, 0x1, 0x4, 0x9, 0x73f, 0x6, 0x2, 0x6, 0x2a9, 0x7, 0x6, 0x7, 0x0, 0x8, 0x81, 0x2797, 0x6, 0x2, 0x10001, 0x6, 0xffffd2a9, 0x7, 0x0, 0x584, 0x220, 0x4, 0x6, 0x5, 0x101, 0x6, 0x80000000, 0x4, 0x81, 0x6, 0xc7, 0x1, 0xc, 0xfff, 0x5, 0x1, 0x5, 0x9, 0x5, 0x100, 0xfff, 0xfff, 0xe, 0x4, 0x3, 0x48, 0xf, 0x8, 0x7, 0x5, 0x10001, 0x3, 0x2, 0x0, 0x0, 0x5, 0x7fffffff, 0x4, 0x400, 0xb8c, 0x77b4, 0x6, 0x8, 0xc9a6, 0x8, 0x20002, 0x0, 0xed77, 0xffffff7f, 0x2, 0x74, 0x2, 0x0, 0x2, 0x0, 0x6, 0x3, 0x8, 0x401, 0x1, 0x2, 0x0, 0xd108, 0xffffffff, 0x18, 0x8, 0xb, 0x5cc, 0x9, 0x4, 0x5, 0x4, 0x7, 0x6, 0xfffffffb, 0x7, 0x6, 0x4, 0x4, 0x20e8, 0x7, 0x0, 0x0, 0xffffdacc, 0x4, 0xf, 0x0, 0xffff, 0x9, 0xffff, 0xfffff585, 0x40000000, 0x200, 0x80000001, 0x7, 0x8000, 0x5, 0x2, 0x56, 0x2, 0xf62, 0xf1c, 0x8, 0x1, 0x3, 0x9, 0x4, 0x10000, 0x7a752b83, 0x3, 0x6, 0x5, 0x10, 0x2, 0x7, 0xd, 0x7ff, 0x0, 0x9, 0xff, 0xfffffffe, 0x0, 0x3, 0x400, 0x1f08000, 0x2, 0x3, 0x7fffffff, 0x483, 0x7, 0x2, 0x0, 0x5, 0x2d9b, 0x9, 0x100, 0x1, 0x9, 0x3, 0x8, 0xb, 0x7fffffff, 0x2, 0x2000, 0x6, 0x8, 0xd4, 0xfffffffe, 0x800, 0x9, 0x8, 0x3, 0x2, 0x9, 0x3, 0x1, 0x6, 0x9, 0x8, 0x1, 0x400, 0x200, 0x9, 0x9, 0x4, 0x3, 0x8, 0x7fffffff, 0x0, 0x1ff, 0x1, 0x10000, 0x4, 0xfff, 0x3b, 0x8364, 0x7, 0x9, 0x150a, 0x1, 0x3, 0x0, 0x2, 0x2, 0x4, 0x8, 0xe770, 0x3, 0xffffffc0, 0x10001, 0x6, 0xae, 0xfffffff7, 0x0, 0xfffffff9, 0x5, 0xf63, 0x2fa, 0xd0b, 0x10000, 0x762c, 0xffff90a5, 0x6, 0x1, 0x6, 0x6, 0x766, 0x4, 0x4, 0x0, 0x7, 0x6b4, 0x0, 0x4, 0x9, 0x3, 0x1000, 0x3, 0x81, 0x0, 0x3, 0x8, 0x6, 0x80000000, 0x3, 0x4, 0xff, 0x3ff, 0x2, 0x4864, 0x5, 0x1, 0x6, 0x8, 0x0, 0xbe5, 0xfe, 0x1, 0xfffffff8, 0x4, 0x8000, 0x3, 0x5, 0xff, 0xfffff000, 0x7, 0xe60a, 0x8, 0x2, 0x8, 0x8, 0x5, 0x7fffffff, 0x5, 0xe11f, 0x1, 0x6c4, 0x8, 0x4, 0x80, 0x9, 0x9, 0x5, 0x2, 0x4, 0x7ee4, 0x9, 0x7, 0x8, 0x4, 0x8, 0x10000, 0x0, 0x9, 0x7, 0x4, 0x80000001, 0x22, 0x8, 0x9, 0x3, 0x5, 0x0, 0x7, 0x1ff, 0x7, 0xaf, 0x7, 0x2, 0x9, 0x7, 0x3, 0x51f68c91, 0x0, 0x8, 0x9, 0x4, 0x5, 0x8, 0x80000000, 0x7, 0xd, 0x0, 0x7fffffff, 0x0, 0x32fc, 0x1, 0x0, 0x9, 0x14d6ae28, 0x2, 0x9, 0x1, 0x5, 0xb, 0x0, 0x388c, 0x0, 0x8, 0x100, 0xcf60, 0x7fff, 0x3ff, 0x5, 0x8e9, 0x6, 0x3, 0x9, 0x3ff, 0x2bf8, 0xf17, 0x9, 0xb, 0x7, 0x2, 0xffffffff, 0x0, 0x5, 0x7fff, 0xb, 0x9, 0x7, 0x8, 0x7, 0x0, 0xbd42, 0x2, 0x1, 0x4, 0x7, 0x1, 0x3, 0x6, 0x2, 0x100, 0x7, 0x86d2, 0x8, 0x9, 0x10, 0x0, 0x10000, 0x6, 0x6, 0x96b5, 0x42895c3b, 0x2, 0x1, 0x7f, 0x81, 0x2, 0xa, 0x8, 0x2, 0xd, 0x80000000, 0xffffffff, 0x8, 0x8, 0x5, 0xf13c, 0x6f0, 0x0, 0x80, 0x8, 0x0, 0x3, 0x4, 0x9, 0x4, 0x2, 0x3, 0x2, 0x0, 0x1, 0xffffffff, 0x7, 0x8, 0x2, 0x3, 0x2, 0x7, 0x7ff, 0x9, 0x879, 0xd5b, 0x7, 0x0, 0x6e, 0x80, 0x9, 0x0, 0xfffffc01, 0x8000, 0x1, 0x7fffffff, 0x3, 0x9, 0x8, 0x6, 0x7fffffff, 0x3, 0x9, 0x40, 0xfffffffe, 0x6, 0x7, 0xa78, 0x8, 0x21, 0x3327, 0x401, 0x52f2fe2a, 0x4, 0x3ff, 0x9, 0xfffeffff, 0x7f, 0x7ff, 0x1000, 0xe7, 0x3, 0xfffffff9, 0x8, 0xfffffffd, 0x8000, 0xc, 0x4, 0xed83, 0x6, 0x8, 0x2a, 0x8, 0x2, 0x8, 0x4, 0xffffffff, 0x0, 0x6631, 0x4, 0x1, 0x8, 0xff, 0x200, 0x73, 0x4, 0x9, 0x10, 0x4, 0x3, 0x0, 0xffffffff, 0x9, 0x7, 0x3, 0x8, 0x9, 0x8, 0xd, 0x8bd8, 0x1, 0x80000000, 0x0, 0xf8f, 0x1, 0x0, 0x2, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x7, 0x63ab, 0xff, 0xffff, 0xe, 0x9, 0x7fffffff, 0x3, 0xfae8, 0x8, 0x3, 0x4cfee5e0, 0x2f08, 0x7, 0x1aa8000, 0x7, 0x80000000, 0x7, 0xa004, 0x4, 0x47e, 0x3, 0x2, 0x3, 0x5, 0x4a, 0xe, 0x9462, 0x7fffffff, 0xa, 0x6, 0x5, 0x80000001, 0xffffffff, 0xffff, 0xe04d, 0x8001, 0xbf, 0x2, 0x2, 0x81, 0x2, 0x6, 0xe, 0x4, 0x7, 0x4, 0x7, 0x0, 0x100, 0x8, 0x6, 0x8, 0x9aff, 0x9, 0xfffffc05, 0x6, 0x0, 0x7, 0x8e3, 0x8, 0x0, 0x80, 0x717400, 0x3, 0xde5, 0x2, 0x8, 0x1, 0x6, 0x7ff, 0x800, 0x101, 0x2, 0x2, 0x5, 0xff, 0xa, 0x7, 0xf34, 0x2, 0x5, 0x4, 0x3, 0x200, 0x5, 0x7, 0x8, 0xb, 0x2, 0x101, 0x8, 0x1, 0x5, 0x6, 0x1, 0x7080, 0x2f, 0xa, 0x5, 0xffffff72, 0x3, 0x80, 0xd, 0x4, 0x3, 0xfffffffa, 0x1, 0xb13a, 0x7, 0x53, 0x2c, 0xfffffffb, 0x5, 0x22, 0x400, 0x2, 0xc, 0x3ff, 0xbdc9, 0xc832, 0x8, 0x0, 0x3, 0x80000000, 0x80, 0x38000, 0x79, 0x8000, 0x200, 0x10001, 0x8fb, 0x28, 0x1, 0xffffffff, 0x3, 0x1, 0x81, 0xfc0, 0xfffffff6, 0x2, 0x3, 0xfffffff8, 0x8, 0x9, 0x7, 0x2, 0x80000001, 0x5, 0x1, 0x3, 0xb73, 0x1, 0xfff, 0x1620, 0xffffd34e, 0x10, 0x10000000, 0xfffffffc, 0x8, 0x1, 0x28, 0x2, 0xfffffffe, 0x5, 0x7, 0xffffff8f, 0xfff, 0x8, 0xfffffffe, 0xe, 0x0, 0x7f, 0x7ff, 0x9, 0x6, 0x1ff, 0x80000001, 0x1, 0xc0, 0x10001, 0x5, 0x7bd, 0x1000, 0x80000000, 0x1, 0x2, 0x9, 0x3b, 0xffff98da, 0x4, 0x5, 0xaa78, 0xb4, 0x6, 0x6, 0x9, 0x4, 0x7f, 0xf518, 0xffff, 0xf6f3, 0xffffffff, 0xfc59, 0x5, 0x4, 0xe83, 0x9, 0x0, 0xe6a4, 0xd8, 0x4, 0x8c, 0xff, 0x10000, 0x9b, 0x9, 0x3, 0x2, 0x2, 0x4, 0x6, 0x200, 0x3, 0x3, 0x6, 0xd, 0x2, 0xb, 0x2, 0x5, 0x0, 0x6c937305, 0x6509ed1e, 0x9b, 0x7fffffff, 0x9, 0x9, 0xa, 0x6, 0x4, 0xff, 0x7, 0x4, 0x0, 0x3, 0x65af, 0x80000000, 0x3, 0x1, 0x6, 0x0, 0x4, 0x9, 0x9, 0xeae4, 0x3, 0x2, 0xfffff849, 0x22c09369, 0x0, 0x8, 0x3ff, 0x4c, 0x8, 0x4, 0x6, 0x101, 0x2, 0x4, 0x800, 0x8, 0x4, 0x3a, 0x4dbe, 0x3, 0x1ff, 0xe, 0xfffffff4, 0x0, 0x6cc1, 0x0, 0x0, 0x8, 0x7, 0x0, 0xff, 0x2, 0x7, 0x5, 0x5, 0xc, 0x100, 0x3, 0x5, 0xffffffff, 0x6, 0x0, 0x5, 0x6, 0x8, 0x5, 0x0, 0x3, 0x9, 0x2, 0x6, 0x10001, 0x10001, 0x4, 0x8, 0x65, 0xffffffff, 0x3, 0x9, 0x401, 0x1c, 0xdd0, 0x0, 0x5, 0xfffffffe, 0x44f, 0x5, 0x3, 0xffffffff, 0x0, 0x8, 0x7, 0x7fff, 0x0, 0x4, 0x5, 0x0, 0x7, 0x40000000, 0x5, 0x7, 0x9b07, 0x9, 0x0, 0x2, 0x3ff, 0xb88, 0x6, 0x4, 0x12e, 0x4, 0x6, 0x80000001, 0xfff, 0x9, 0xfffffffd, 0x0, 0x8, 0x76, 0xffff, 0x5, 0x9, 0xf, 0x7, 0x2, 0x0, 0xa829, 0x49a, 0x7, 0x7a1, 0x0, 0x9, 0xe0da, 0xff, 0xb3aa, 0xc14, 0x81, 0x6, 0xb1a9, 0x5, 0x7, 0xfffffffe, 0x10000, 0x9, 0x0, 0x3, 0x8, 0xd130, 0x5, 0x3, 0xffffb599, 0x7fff, 0x4, 0x0, 0x5, 0x1, 0xffff, 0x6, 0x3, 0x2, 0x1, 0x1fc00000, 0x7f, 0x7f, 0xfffffffc, 0x6, 0x0, 0x4, 0x0, 0x56b307be, 0x7, 0xbac1, 0x1, 0x5, 0xfffffff8, 0x0, 0x7, 0x6, 0x7ff, 0x1ff, 0x6, 0x101, 0x6, 0x6, 0x6, 0x2, 0x9, 0x6d, 0x0, 0x400, 0x9, 0x7, 0x2, 0xf, 0x6, 0x8, 0x0, 0x8, 0xe, 0x0, 0x5dc, 0xcdf, 0x99c, 0x1, 0xffff44d0, 0xfffffff8, 0x7, 0x8, 0xf], 0x4, 0x400, 0x1})
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x2, 0x5, 0x5}}, 0x30)

4m49.945415011s ago: executing program 3 (id=7172):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000702000a2c0000000e0a0300000abdba00000000000000060900010073797a31000000000900020073797a3100000000140000001100010000000000000000000200000a3225d5c995225447c99eadc982bead10ec40ee468ab39bc9a5e2f4f067f144ee63b184b4e8264692612813a63677b18dae221e2ab7f786afc41548b10c16ce66d3a0f75b94caf6309a32"], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m49.891423599s ago: executing program 3 (id=7175):
r0 = io_uring_setup(0x5013, &(0x7f0000000140)={0x0, 0xfffffffc, 0x3681, 0x0, 0x273})
io_uring_enter(r0, 0x0, 0x0, 0xf, &(0x7f0000000000), 0x18)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2}) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8) (async)
bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 64)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0) (async, rerun: 64)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x8) (async)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000340)={<r2=>0x0, 0x7fffffff}, &(0x7f0000000440)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000480)={r2, 0x9, 0x4, 0x5, 0x7fffffff, 0x6a}, &(0x7f00000004c0)=0x14) (async)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000157a82ade252ca4e4783cf6a91089b79d7b40ac42f2a13a36e03d95b4b5878b43f1241c433a57c62dbde50d9e010c2cfeb253805548a70cc10bbfc5149d8d08b7e36fffb52b14b20c4a022a9b0a7"], 0x48) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000080)="f20f11d6263e0f06f30f1efa0f320f015f7b0f238b0f320fc79800680f796f000f06", 0x22}], 0x1, 0x74, 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async, rerun: 64)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
ioctl$BTRFS_IOC_QUOTA_CTL(r5, 0xc0109428, &(0x7f0000000300)={0x2, 0x100000000}) (async)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="671d00000000fbdbdf25460000000e00011c3b4a9900007673696d0000000f0002006e657464657673696d30000008008e00020000807864cdff8f0000ffffffffffffffebff8f00f8ffffffffffffff"], 0x54}, 0x1, 0x0, 0x0, 0x4040010}, 0x44004) (async)
r9 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000001c0), 0x400000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYRESOCT=r1, @ANYRES32=r3, @ANYRESHEX=r9], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x2, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

4m49.827202404s ago: executing program 3 (id=7177):
waitid(0x1, 0x0, 0x0, 0x2, 0x0)
r0 = gettid()
r1 = syz_clone3(&(0x7f0000001ac0)={0x202200000, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000480), {0x10}, &(0x7f00000004c0)=""/48, 0x30, &(0x7f0000001940)=""/169, &(0x7f0000001a80)=[0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff, r0], 0x6}, 0x58)
rt_tgsigqueueinfo(0xffffffffffffffff, r1, 0x16, &(0x7f0000001b40)={0x3a, 0xe, 0xe8})
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000340)={'syz_tun\x00', 0x101})
sendto$inet6(r2, &(0x7f0000000040), 0x3000, 0x0, 0x0, 0x0)
syz_ublk_setup_queues(0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x157a, 0x4000, 0x1, 0xa}, &(0x7f00000005c0)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0xa377, 0x4000, 0x0, 0x21f}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0xfaa4, 0x2010, 0x0, 0x192}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7e7a, 0x1000, 0x3, 0xe3}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x9, 0x10, 0x3, 0x1c3}}], 0x4, &(0x7f00000001c0)={0x2e, 0x50, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x0, {0x7e33}, 0x0, 0x0, '\x00', {0x4, 0x391, 0x0, &(0x7f0000000880)=@buf_1k="68a9c30ff0162a6c4b96a12ef1e1637cc1be2395caa2ffc2e6a77ec45ac1e10f302deab77b08d1f68d18d4b679f7c769ddeaeb7beb73f5998aa0a5747f6b9ced84788534ddd4357a1ef4e2bad0faaa7e52815284026b5eeb7ef65697734e8165e3c202f8761419fce185bbbf10e3f5a4c2248907d9d490cc94ffb572934fea886c0a0c1f65402e6c4102919a9548e2064c2cfdd71a32c0eee358123de9954220b22a8590b3e6dbca3158c39a5a8a578dae705ca562c4f10526a9d9fbb6916f75b3abc9ddee2578e6cbaf44542831ac7b12325f7c22eefcff5b726adc3c63b3a4dccccccd334fe0e909dbb4a5993f6a45a7b842706bf67bd96a76cf8823cd2da530cbde292547ece4c1860201dd7a6c914645ef6f4d3b4e75803c30daf1b580926ab9c26c7e66fee95adfea33635e20b747783500de9c7a9807b4c6861991b42fb000c3424e099f7390dfeedfcf80980ff4f98439684c4729fa1f74f1ed45aa2cc52c6e325f23e9703852ede1fa687d1149dbdc387f3d5aba981e8ad1e2016d24649d9e89d71bd6aeb61a690ad166d0b5d6892a3ea54206a8e7c75818dc0da9a51082eb53daa4a8f30d26a5744f6b6a5cb2fa11f191a29956ca2072344144f001ea11fc18219dde9e06ee4520b3beb5d83374d1ba032cc1e8159c15d85ce8f6003551cbe595a1fa260c219560d89334c32a91fd6d775b2d24608c37ffbbff4312a55412bf712ee313f8c7e299f8b5ccb7859bf6ff90ab0690e19d1413c3a1a9feb3626a7d7ac25d42aad927cfc93a92069394337f7e87b97d6d49dc055acc346220f79a18f29f0afbe078c9adcfc645aacc768b0b1682d305a44abcf8476d6a00b9b708744f93b892c09b4e66d351c26cebe9c138d45ee5d017b71648a3db77ad3f349257415033e7d36dd404c8a96a4b0e50188afdccb5604e5b8ee9756e54542d5bbe0813dabd259dc9822912868bfc266207edbe398f27e964be19c2d0d14e1eb5f38806ab9f7bdc86e0821737e8b2257318d6edb16a739dbc61d9709e4721e2409336fa329902eba737aa203eef422c3229e5185590dd7f1f5e7ef51ab4e6edaf22b05453255e7c24279189128df28202f97583623309bcd2c2982a672a80624f79e4250892d14025f23d456f1cbc3112de8d6b77c1b9b415b664327ddf6fd3606267ce5e71c35822ef7544c511dc1b6267060f6d787572b000ed7afd6c7576aaa0b0530366948ba64b9973b4ffb146a82655af9e0839cef1753f1b53e32d25ad563f9ed34840af02ea79a6c393bf25743471f4bce83b9c99f3ed957dd91b4bd19266939c3f46403c3b5d6a0e7d484eb19527545a04b74511ba6f6fbcb3512894956610a8a9c879d745b88240e21a29faed72c5606538996658c284845b4d50c4fcf0f2c35f208d07c6324041531daa0d7e387901db80ca44bf13b7cae4ff"}}, &(0x7f0000001900))
prctl$PR_SET_KEEPCAPS(0x59616d61, 0x1ffffffffffffff)
timerfd_create(0x7, 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
pselect6(0x40, &(0x7f0000000180)={0x0, 0x0, 0x12, 0x2, 0x7, 0x9, 0x42, 0x1}, 0x0, &(0x7f0000000240)={0x1f, 0x112, 0x8000000000000001, 0x2, 0x3aaa, 0x91, 0x4, 0x3}, 0x0, 0x0)
setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f0000000200), 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="1b0000001a006da800000056cf208561f6756e7596fc0000000000000800010000"], 0x24}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0)
getpgid(0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r6 = socket(0x2d, 0x2, 0x0)
bind$xdp(r6, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0x3e}, 0x10)
r7 = dup(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)

4m48.966840227s ago: executing program 3 (id=7194):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000a40)={'dummy0\x00', <r2=>0x0})
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128008000100687372001c000280050007000100000008000200", @ANYRES32=r1, @ANYBLOB="0800fe00", @ANYRES32=r2], 0x48}}, 0x20000000)

4m48.556758298s ago: executing program 3 (id=7208):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000702000a2c0000000e0a0300000abdba00000000000000060900010073797a31000000000900020073797a3100000000140000001100010000000000000000000200000a3225d5c995225447c99eadc982bead10ec40ee468ab39bc9a5e2f4f067f144ee63b184b4e8264692612813a63677b18dae221e2ab7f786afc41548b10c16ce66d3a0f75b94caf6309a32"], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m48.495905919s ago: executing program 34 (id=7208):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000702000a2c0000000e0a0300000abdba00000000000000060900010073797a31000000000900020073797a3100000000140000001100010000000000000000000200000a3225d5c995225447c99eadc982bead10ec40ee468ab39bc9a5e2f4f067f144ee63b184b4e8264692612813a63677b18dae221e2ab7f786afc41548b10c16ce66d3a0f75b94caf6309a32"], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m19.32489353s ago: executing program 6 (id=7680):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0) (async)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc3) (async)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2}) (async)
r6 = fanotify_init(0x200, 0x0)
fanotify_mark(r6, 0x1, 0x4800003e, r5, 0x0) (async)
read(r6, &(0x7f0000000340)=""/111, 0x6f)
syz_clone(0x200, 0x0, 0xfffffffffffffef9, 0x0, 0x0, 0x0) (async)
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000300))
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000000)=0xe)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000200)="e061b9bc0200000f32b8000000000f23d00f21f835200000060f23f82e36f30f09f3ab66260f20d7b9800000c00f3235000800000f300f01c566baf80cb82338cd81ef66bafc0cecc4c248f50b", 0x4d}], 0x1, 0x1d, &(0x7f00000002c0), 0x0) (async)
fspick(r2, &(0x7f00000000c0)='./file0\x00', 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r7, 0x65, 0x5, 0x0, &(0x7f00000008c0)) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x84, 0x30, 0x12f, 0x0, 0x25dfdbfe, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x84}}, 0x0) (async)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r11=>0x0)
timer_settime(r11, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
timer_getoverrun(r11) (async)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="eeeb8b3f88", @ANYRES16=r8, @ANYBLOB="05002dbd7000040000000600000008000300", @ANYRES32=r9, @ANYBLOB="05005300010000000500530000000000"], 0x2c}}, 0x4000000)

4m19.195017571s ago: executing program 6 (id=7682):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000e77910c0000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x94, &(0x7f00000000c0)=""/148}, 0x94)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
r4 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r4, 0x40106f52, &(0x7f0000000040)={0x39, &(0x7f00000000c0)=[{0x6, '\x00', @buffer={"5f5a3ffce1de2e1897a192d003308c61cc5df155017a64a34dd5cfe4d1006c4d", 0x20}}, {0x2e, '\x00', @st={0x4, [{0x0, @svalue=0x9}, {0x0, @svalue=0x1}, {0x2, @uvalue=0x8}, {0x2, @uvalue=0xcd2d}]}, 0x3}]})
r5 = accept4$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, &(0x7f0000000480)=0x6e, 0x80000)
bind$unix(r5, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYRESDEC=r3, @ANYBLOB="f5518498d2165623dfad24aae6f53bca1065b7057d28e203de129d30ed5449dc67bc979c8d66ae6147e5f6365b7759fd4fb89576ddb62801aaed2384be043451c696a41939ecbff23085457aceaea325a45766c9105f640e011b8be7b8c852579839ebc16c3f28eb74dd81974ee45e1dd0909c2003378744178a0f05cc70b882b763a8d21681cf8d575a05b182006a34f62dd6992f6ed5e5cd10cc2fe230d7363df17ff419d692ddb620439b6cf9afecc9067efb28fffa810c6a2be2ccb0e16d02ba64c3fe56979538a7d534478dc394e7ae457d27a06c667953171fff2482d22057a1d7ba4f48b7a83f97c7178b6d65bb9ae09d94744b467c51fb88e38475e4eb659b3c031b37af19812335746756209f8ab236ee182d91419c5da83a518d3d21b49eb96b980fb3e1127a72d99b2d63e242fd48f6a259a6a16b8e3489857df177012b172685a9145a5d3a22b7d0326092f46988d161f2c488ecfb2d1d5a2d9e883e887e7f8ee942e7e8eabaa8b3023652fbfb08868b2f1f39296b5ddf8369bdcc9ee511fc564d3d5f63d6c169aa23d955fdb2b7bc658cb0d31426197305ec1a8d2780bcddf9a299afebde294da254b12e367f26cbeec41bf9065219d55aa3136f5962c7dab4bf8a87fa8968ee876a91b3069985c168842a3cdec2ffd0b9c6660e5110c2071c8c71950dc0b9bfb446df08c7c5bcd12b0bed6bab8cbf3a7d42cb9f0de087183ea31685b889abac000c77da530d826a5b4bd9a2ebdbdfddb6fff6f306b2c8b844fb8c6606ebb0d6a7d64307c7f7e6244d534f222ebcd7c4a46536f08873a13abd6dde56e26e831e4e32099c5ca030fdc4dae0befd11a9f0dc7b28b2178c3c9f2885d272ad96e22259243d03404305a66191c7548518d80ef18f69f2ea97896e34ed7605305fc6d53980b9756214c2c82558f82b82e794c69efbea70f916eba37b58bd36188ef4c7162b9171f3f0901b4207a4b53ad396f1a0faedeb1af8eb66f3da38f87a9ea1fd337874a40b7966ff62f8d615960056d8a60a22f45bd8b00790f6db84429045003beebd94e4eb4030dc015a82613ca3e996ea83d087bbde936309c10daf47f8b9e96a0cd11d09088612c0af80b09b555c8e6d0e313f160cd902f18380781f236da14be7a53884da6824ab74e07d26ebd4587af79ba99eb1356c05fb8fbaf5d363310920d1d02507158604e92f516a520793321e6f3799a44b3574f462e132851047fc1ab2644e7a54cdb9c76ed055d133af9746f2a2f9af9db61573dacff7f1743c5571acf0328e2cc8db8ee29464e84c532af8baa17a3b477239b25565a59f65f8fe8ededa82e84d9640e0aa3145ac4ef5b5b3cff9726f1e0584ef8ca0f47b49f4d74ce8e7227e779512136264d87e2467f04512891d75bd4c9f583aeb576901fc7f5f20a61395169441c9f0ab5c034aed557be414a0c839d376b145608b8a453e4819b950ae87cd577f02c760c81c535cfdd96534e4e3bd469d47aa0a1989ddc71f2015cbc4d7745d2c2d614378f0dd33075938b6fb8bf6f4964082a037e59f1a3882be60656fdd405a71a71b792f51a5fca92eb1583e46b99c89a2b8fd1752140b0d717cba0400970f16df3dc0103c103df021652c06bf4f5a1fcd59802b790af39e0dea881dfdf00638a296a6bb96d97245fa20916c4b99a73171511783367f5cc7545bd278002252f7b0670f967be021b1a56b162210d368b38e411467057333b9f313fe18d1b0cdd974a579036dd95dc9367f7091b3640c1844c22aadb7a52066a8274be59b1545cbdb22801d07fce6f0593692b6106f5177e27e9f231a767fc66fd4a5bc0a41782ceb19f77c2b402b3433b13c147aa790777d6501c64fccd1a1e5de9ae345b61db2ddaa61f12fe7e9137cee7ccb686b38b170f289782bcbf19c3d23f62c68f84e18a2bf44217b8a9e090a7a3ff8d3e6016820ee143219bbb1cec737badf5106691d3a3d0e59a5bf223c4c87889306f11a908fff602db187f7e228a53f952a6ac43a9df4455484f4028e47ac9cbe8a02ec95f2976a09ed9ffa43161f28a7f34f83d682dba31e17699dccffee001ead7516b5d9e2ec20dd77fad315f3e66befc99ad683e31248179db9265becc29ccfe724a7a86b97ed3fc34a0aba680d9d598ef3efaca9aa7700e19ddb0823639358d4c89b3080c1e516068bc5cadb1fe04d504ffba8272bee19d0294fbfe144c3c28e3004cde0954071028c131b5630b3aa8dbbf3dc55e3262d4012e42a02545730e50e579e351362eeaf4709ba8f839260a935285cccf5d3668147d5b0deeb3000dfa994782d498a60c4a45759b8010c5052e8c9c8e80b688f17951603ab1b7725ee4e132853c6ec20c4e03808105ffdf0331f7cd307f03d61b9e02f992431368ac0aa46dbd4d9e56fbc76c1efac1b79ffe57393b06bc7bcafea4828f56e5d6e608fd9258f7ff2f53222770e48baf200b5bd8bf6f299f329301a671b3942f9a5ba49e96830030e8c520a3bc610e40abf8dd51fc63e4f272dc7b208442a4cd5593600bf6440c32ce1f65da9f237da9b63b6abcb780240163cc637b73031e0fd2fb3b504de3dbd8f31624c891d62befa15748f67a4a946e30219ceccc2938ce7e318b7a5ffb507039bcb4da6bb0b76e8ef6d75b0e97a1f531b5fd59fa0404c469302b12017a7fcf0104ae547b6aa559af572780b95ad6faa74ca8bf8d80996cd7cb4e1ca652fc9af5b3460b87af59d8f612e43a12bbd8945f6d40ad85c2684dcc86929e58f6e5c801b0952551e528f51992ed9d94d051ff5556f0dc5803b2ea5ef5f014d9382c59ee07761b80f60af4daf75c9ad14639ed998b5555ec395d14df9f2d04d1bf653c7a4b127fd90c178d8240f7f83865c7558928055988272aca395c1796b125da85915cdc1f51e6453f3c8a9bad7413fe3e1434b9329a8e037f849d8cc60a45aef60f3b4c10bcd24174cedf94d8b87c14f05a6ce1b72e50a245ac9fc99371010413423c564d9862ba12940710ba651a8607e047c6829aede6e0a41c33511e16a3b046a22ea9b6a7b602c93e452adc93ed2eb09e073350798ee195d83a27cd97542b01b77569f132e394a77096fd4a7bb13efdc9b4744e37d49f5c0463c9b4061d1eb33a61b1492eca9173d729e52425c6430e69d502806fd3dc05178d86e517b4faa551a14651f393d3bf64248ca157c8e2d2df70d78bcbb7c27739ec3dcd5672a8bf95d958d67d4f5cf3e2d124c2022e691295e915796b5f2af63e5bac55e5a365ac74ff616882f8e26a27a350d1b7d256409ff16eaea8dc2c2535883e066c132d81465c2a27262d338ae0664c3533e4e18900e1cdd440f1ebd0636e2b5bb8bd0db58b009e283ca14e4e89f1c5f7560386efbd5cea904d301fb6041306fe614d5417462255a608979d1c0ec8fad13218178caa2d91bcc4b798fe048e930ea86ce044e56699197c692048eeceb47261f5945caea431933a0151c622faf6e89aebeaebb2a42024f5a65396236f626155fb4ed4b0946bc55df323d19ee93b5fa3f4c747acce407d25b983332c9846d1cc125c474e112ec6fb607b9efd70dadfadf2be9628db0876d594bdd55b63fef9a5fad205f0435f2b3ecb1bd386812a2bb7da2029a7bb4b0a926068bde3cbe08cb7e508bcad4157751b6d47e85a3c7c890e11c05dc6bb8264b9adb71371d069743059acb8d69c4863744b0cc2a7e537fb9a605f3c9b80bad9ebde843cc86ba681231e3635cad498b55306da9a6610a2ebd1eba4e3cbdcbed0e57c6caa41a1872afc9f6198d088bce3b9882c2aa8d4d34080281742d8bada640e39767892dd470f13a8c74d26ac94e9bbc215c012723fb5867547d0b2fc3ca44d4c9568e6dd50017e92cc22b2453f1e1be65a6fc9847d89151641e0f36a4b038b50cc6226b9c5cf4cd2a5554ee01ec9fc175f5b7d5465ee35f72413bcb81261aa9007fc35eacb4680dcf0785a9d29304b74f0c23925280506c4ae0c77b19c8de5d03ee2fd6bb54fe20ae899feba4baade7e65704b6ab10831a28a6a5de3a34b18ff1cbc1cd6edc451e0e49fde9e374e2c7c14f0ffbfadcff6d90942823f72c5a2d14effa3ccb74a1a0382f515b0fa262906c4b29874c19c3488babb252c3d1bbe4560f23db6f26ace283c34d52a7b67ad0191a2227fa7f34e1a20b7f50aafe300ed030c80e51a072561b11834968f2b65fa19e9e6be390fcc116e425db4c4c18b0a009fb1d86995b91d65053d9d8c89d46cf2997bedcbb15ed2ba124517fb47a5b9025938c455bf912c92ec0e95170fcb245ec0f0b9b86e3c2d178acbd8099b231c503e1a21d6c7d3da43d2b7ee4b4c630c562ae72cd356227bb8a32c7ac21ee6af1b2431ab967df055996ea0d376ea7119b1ddcc38cb5934a94295584f27615461b19218924c7d2a8df9d87b8cba9eab949e0a3cf7b68bb700770d7ad7151ce2da417054feb953bac8ef0995e15aa180beb4c570cde87f144a2d2ab050cb9c8691c4a88e790179814d35680c7ca15889063dcb3eba4ff07c8e8602f0678f3505642513829bf3e84cead307544d6e243e0dbfbaf1c8e0a477849e5ca8ff707af9fa26e2459d4f5c2e02472916e67a27c865a476b064b44b815df130d1ec7e71f64107444af318c850c06b9aab01fba4dfc1d3ab3e0c04d5d7b87f7ba6e9092549319ce1ae47c8dc16f36a3e2750c1b55d38ec62a059d76d4d2bab06cef4929898f8653d08373e41f8fe9e6ae86b88de05311ee4a8bf34ab8432469cc8ebd7024b3d8be89791f8082bea0e918577092388a3bd2ef67e7082645ea1a6809dee552eb380c3e4f83e4758a788d19a94176091d3ac8a957cf3c01868d566bb226f4081cfa1b231360dda79fcd41be4fbfbaa1aec1210133f81332c0ba7934bafc7ca5795b24aa21c7e91d1612e54a127a5aba12a5524c3205beac1463d5536c70310f57cfd5387b902faa7fa79b40d9315a971ceacbf57172983d4e8cd7c5553f2387d2967e23da2df7263bd92d65b5d542b7387e329c3e2e656e2817860954af50c91e2ce649048133a4798d0a40236046f1f532b73afd74794ed7535b7f2fc125ccf6dd8ae3b19ff808ab220d8a45b7e66f59b91d12ad3f88d24a310e382d3a32e97079a47a8fe6ec5c8272e4521effb922699fe7c92500034253364ca798f023c4fd8d1d740cd46545cb8215994dbea515184ee77e0b84e60b3115aa54c6cb2fe0fad07ee363bfaf415b1c7763a320cd06a33ad7deb0c8f4273cc823c6b1c6d500bcc8e2aa26fbcbbc115e4232ff64e735ee5afef3258a835a2586e992bb6449885f2aaba138c7406b3b04fc336916883dfba427e2170281744d5152a14d92f9c3b46773b385890bac11a40c9e906ac8b3eaaf4969c7da35c00f9c0833dea82698fa8ab65c5b7cb3341b588ccae037f230a419dc03d70fc8acee5e5799382a10e6946356100ef33759734ae5cae6d23eac263e48902ff6570ee8be302c512cd74a7fcdfdcd4339c595d904dbbf57e8882f06ab2d853bdd4468e4792c53e2b0534d3b37b9cb46b2c17379f619c1b3b446f752c3b8221183a837ff7cef05e27747359c6c1e6bf1f0a476f518c3300d54ab83f2e81a09d6ad77f265c4e80520134480de61c350fd304bb2c825e17a3643fe603b8eb74a922e2110a62cc64b10e5b6d26efa994d7709000ed2b2a093d3326e66c327d4037174c8c6f89170ae595e1fa43716c73b42f4aa21418f10a2610733a885d569a6ac99bbcc668bd8c79a0c0f410e0f596a30b1f84bd2f4e61bae396338", @ANYRES8=0x0, @ANYRESDEC=r2, @ANYRES8=r3, @ANYRES8=r0, @ANYRESHEX=r1, @ANYRESOCT=r3, @ANYRES64=r1, @ANYBLOB="6f5b566e693c0706e362edd21a524f0f7116fe8bea1096f4415ab0d153659ba1d8327707ddd5ed00287a6d2f1b99f29154f663d15a80b2cc4b47e0908b1f3ed9ef5764165111c44b7992c1f788fbf49461b25645173a1dbcaf83906a980257a43901661be7d1de3467d4a8aed81a05db41b05a15f3f73f24a83d522a05977ab17281b0a7f2eb58b34cff32122d2b412ed3e4b828050595bc75e7a38c7ffa62993118b57d89ddd8e6cf2ec1fb39e3fa62c21dc41ff0f74e", @ANYRESDEC=r3, @ANYBLOB="5eaecd5474dc5315b51a4c4cb263ddb321d2464f0fea4e0ae045bccc14c183ebaf583052e543c934c4c91dce5c1ebf24daf8f88ea6d6d4ed881b5032d639eea963828f5c49de8bc09005ed1f3d0bbbbaaf4604df20fe6a2e92a7a61b299c7238a37969617d89f5eb052e946da29fb4225d35a66d1af971bba4b4034c277266b65e3a5145a6"], 0x2c}, 0x1, 0x0, 0x0, 0x4000800}, 0x40804)

4m16.947815023s ago: executing program 6 (id=7685):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x4800000000000000)

4m16.888278479s ago: executing program 6 (id=7687):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f000001f9c0)={0xa, {0x8000, 0x2e7, 0xffe7}})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000002c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x10}, @op={0x18, 0x117, 0x3, 0x1}], 0x30, 0x40040}], 0x1, 0x8040)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000004c0)=ANY=[], 0x114}, 0x1, 0x0, 0x0, 0x4044094}, 0x14)
recvmsg(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000003c0)=""/84, 0x54}, {&(0x7f0000000a80)=""/134, 0x86}], 0x2}, 0x40012001)

4m16.877063322s ago: executing program 6 (id=7689):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250101f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) (fail_nth: 3)

4m16.791441036s ago: executing program 6 (id=7691):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r0, 0x0) (async)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept4(r1, &(0x7f00000001c0)=@rc, &(0x7f0000000240)=0x80, 0x80800) (async)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$TIOCNOTTY(r2, 0x5422) (async)
mount$9p_unix(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f0000000140))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r3) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3) (async)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000500)={0x14, 0x7, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x80) (async)
pwrite64$ublk_bdev(r3, &(0x7f0000000280)="fac5c77572fd5930117f436758162bf17bfbbcb975c257898d9a80ce26c3c2e7d32bea1273a633f24a58c2bd6068a352aaaab7750cabd4282978290f6b1552a33a09a67189eaa244c5b986308c508f1010210852f86631f6ed9236ca42f3c1d51f9239ad88ea79594eed8910", 0x6c, 0xe)

3m59.363850825s ago: executing program 35 (id=7691):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r0, 0x0) (async)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept4(r1, &(0x7f00000001c0)=@rc, &(0x7f0000000240)=0x80, 0x80800) (async)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$TIOCNOTTY(r2, 0x5422) (async)
mount$9p_unix(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f0000000140))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r3) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3) (async)
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000500)={0x14, 0x7, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x80) (async)
pwrite64$ublk_bdev(r3, &(0x7f0000000280)="fac5c77572fd5930117f436758162bf17bfbbcb975c257898d9a80ce26c3c2e7d32bea1273a633f24a58c2bd6068a352aaaab7750cabd4282978290f6b1552a33a09a67189eaa244c5b986308c508f1010210852f86631f6ed9236ca42f3c1d51f9239ad88ea79594eed8910", 0x6c, 0xe)

3m48.946050703s ago: executing program 7 (id=7978):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000a40)={'veth0_to_team\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000008000000002800128008000100687372001c000280050007000100000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x48}}, 0x20000000)

3m48.803629141s ago: executing program 7 (id=7979):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040))
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6gre0\x00'})
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x2, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000100)={0x8000, 0xa36, 0xa5d, 0x8})
ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r1, {0x4}}, './file0\x00'})
ioctl$RNDADDENTROPY(r3, 0x40085203, &(0x7f0000000180)={0x4, 0xb3, "b3a25225b583e9056f127eb7bbf380cae2500a407580198e508a5c791485cbe554c3ace85b17c45aa584b612196f672d0d009ddafc3235ee40fa193c98e3d72bd4b362a865d39940ef1e25bf5f53528cbd70e02b64df30cb1e5a46e15f146b5c1f72648dc7bd7e0d34e52c311a0b5fdccb33ae8b8e3c00fadc563abea7e18175cafc50b74339d9ceeffda9208bf3920d7c30491fea04894857533086407566121a77697264412158ff941d32201c1bf548be2e"})
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r3, 0xf503, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r1, 0xc038943b, &(0x7f0000000280)={0x8, 0x18, '\x00', 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0]})
getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
write$sndseq(r3, &(0x7f0000000380)=[{0x1, 0x7, 0xa, 0x80, @tick, {0x4, 0x5}, {0xad, 0xff}, @control={0x7, 0x800, 0x3}}, {0x2, 0x7, 0xff, 0x9, @tick=0xc, {0x7, 0xb}, {0x2, 0xfc}, @quote={{0x2, 0xff}, 0x3, &(0x7f0000000340)={0x3, 0x2, 0x5, 0xa0, @tick=0xf, {0x2, 0x1}, {0x3, 0x37}, @control={0xfd, 0x2, 0x9dc2}}}}, {0x4, 0x23, 0x8, 0x6, @tick=0x8, {0x4, 0x4}, {0x6}, @addr={0x0, 0x9}}, {0x7, 0x1, 0x3, 0x7, @tick=0x8, {0x7f, 0xfe}, {0x10, 0x90}, @control={0x6, 0x401, 0xa9d}}, {0x0, 0xe, 0x2, 0x7, @time={0x5, 0x9}, {0x1, 0x6b}, {0x5, 0x5}, @time=@time={0x3, 0xfffffff0}}, {0xfb, 0x2, 0x5, 0x5, @tick=0x5aa0, {0x0, 0x6}, {0x4, 0x28}, @queue={0x9, {0x0, 0x7}}}, {0x0, 0x72, 0x5, 0x62, @tick=0xdd7, {0x1, 0x8}, {0x5, 0x7f}, @note={0x8, 0xac, 0x6, 0x3, 0x7}}], 0xc4)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f0000000a80)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000a40)={&(0x7f00000004c0)={0x54c, 0x0, 0x4, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x538, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xc, 0x3, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0x57, 0x4, "f9f9708776d88ace22751171641dce4b8d9d2b4be75c63a1cd503a8d9afa702dbcf8e5b669f8e27712aff8b097a631567fade36fa394869809e8de2a016bab0af6d8b8789bd2e5c088ff29b6edfef5592cd6e3"}, @ETHTOOL_A_BITSET_BITS={0x38, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '+b!%+[-.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8000}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0xaa, 0x5, "1574fa0a78478298395dd1020240c05a446687871aa2afdbc8bd205368362bd5f7de1e0117ed89ad50a0c1bc60fa1442570db56843e8c7eb3e4baccbfdcbaca12eec3c6125a245d89ced8c2ad031ebbf9a9fb7b79bd0402c3b6f6b8dac23a313e46384a87d0dd4a834b26666f88b1bda024d4c607c703f493f8e54977bf0ee3c4c137d8619258728a404e304c4f449b9b7c7d547abb7fdefa846d537f5801a2f35d3cf409e41"}, @ETHTOOL_A_BITSET_BITS={0x1ec, 0x3, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10000}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '\'\x83,!*A)\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7f}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '/\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000001}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '-^\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xa}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '[\x00'}]}, {0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xbd3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xbf}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, '/dev/net/tun\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ip6gre0\x00'}]}, {0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, '/dev/net/tun\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x200}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '-%$\\,\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ip6gre0\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '$\x9c\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfdec}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '##].\x98-\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10000}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe19f}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '(\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, '/dev/net/tun\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0x46, 0x4, "34f0db31f46744d89429b4f5d1540849a99e9421d444dc813f94d921d6394147187e4ba9ba4b3e98034a33e70adaa965e66813bfbbdb98ac98aa3fd1be5920225d18"}, @ETHTOOL_A_BITSET_MASK={0xda, 0x5, "7fb46485dfb0c177403692f5f6bd7c14e56ed93916b7aeb64122a9177cf45d306a9a634f47c19a9e086445b4cfc424683a18e87ce17e604fde7c16c47e6b85a6c935f79ac6e809cd5fdccde566bf85b5b7f3ed65186e8d72057166145c7a79df9bf95263258d072843b3281a813be4df6be8d5bb448d34a423754bbd27e3613073715f1b48d2d5987204aeb5f014bdd2de3fba2f03718c872880e82fd456933572b26f1b9842e488a50ad832cdb4ed2b7ffd026925c5ad958604267ee193ce24f6e8e5eae04849be8d360b2f535ac43b6affcc0a65c0"}, @ETHTOOL_A_BITSET_MASK={0xe, 0x5, "ce028866ee955158396f"}, @ETHTOOL_A_BITSET_BITS={0xc4, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\xc7\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ':\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x4}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10002}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x40}]}]}, 0x54c}, 0x1, 0x0, 0x0, 0x4040840}, 0x0)
pipe2$9p(&(0x7f0000000ac0)={<r4=>0xffffffffffffffff}, 0x4800)
ioctl$NILFS_IOCTL_CHANGE_CPMODE(r4, 0x40106e80, &(0x7f0000000b00)={0x8, 0x1})
write$binfmt_misc(r3, &(0x7f0000000b40), 0x0)
r5 = accept4$tipc(r3, &(0x7f0000000b80), &(0x7f0000000bc0)=0x10, 0x0)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r5, 0x941c, 0x0)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r6, 0x4018f514, &(0x7f0000000c40)={0x7fffffff, 0x3, 0x2})
pipe2$9p(&(0x7f0000000c80)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4000)
write$P9_RGETLOCK(r7, &(0x7f0000000cc0)={0x25, 0x37, 0x1, {0x1, 0x400000000, 0x5, 0xffffffffffffffff, 0x7, '##].\x98-\x00'}}, 0x25)
ioctl$FS_IOC_GETFSSYSFSPATH(r1, 0x80811501, &(0x7f0000000d00)={0x80})
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000dc0)={@broadcast, @multicast2, @empty}, 0xc)
ioctl$TUNGETFILTER(r3, 0x801054db, &(0x7f0000000e00)=""/127)
r8 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000e80), 0x100, 0x0)
write$FUSE_ATTR(r8, &(0x7f0000003100)={0x78, 0x0, 0x0, {0x4, 0x7, 0x0, {0x2, 0x5, 0x2, 0xebce, 0x2, 0x2, 0x9, 0x8, 0x6, 0x1000, 0x7fffffff, 0x0, 0x0, 0x0, 0x9}}}, 0x78)

3m48.803420065s ago: executing program 7 (id=7980):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r4=>0x0})
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@rand_addr=0x64010101, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0xa0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0xe839, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x70}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r4, 0x2}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0xf462431e9bb1dbeb, 0x3f)
sendfile(r5, r5, 0x0, 0x9)
r6 = openat$cgroup_subtree(r1, &(0x7f0000000200), 0x2, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/../file0\x00', &(0x7f0000000280)={0x2c2103, 0x1c, 0xb}, 0x18)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000040)={[{0x2b, 'cpu'}]}, 0x5)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250101f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$AUDIT_TRIM(r5, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x3f6, 0x1, 0x70bd2a, 0x25dfdbfb, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000004}, 0x24000000)

3m48.754036722s ago: executing program 7 (id=7981):
syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000084}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500001e05000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

3m48.565337294s ago: executing program 7 (id=7982):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0x9})
r1 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000a00)={0x2020}, 0x2020)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x109)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000180)={@hyper, 0x1})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r3, 0x7cb, &(0x7f0000000100)={&(0x7f0000001080)={{@any, 0xfff}, {@any, 0x5}, 0x400, "4145fdc5fec7663a106cef95c8d86f03d655b82e62dc5204ff06732791d90936bf31f7b4eafad3ed43e8da42de6780edce2e2f941399c9b9002a6a538fc1ebd3e994ce6fa4a67c775c476cdbedebbe34904cbe0d5808cf5892aa1e563f949f38cd2ebaa2c46464183ead798b1af0ba7ad5db77736a5329e7297e674242854f87ef03b0fba724523033529e64be44188740b9e9a0ba6944e9724c4aaa8470ab8d35a1746a1da4dfa2112cb5135d97efae0975e7fa5e421fe7ec12a8bbd7714076b63ddaca822d7c0383ccc4e21b11c8a0443850c05f4bb6716b6ba83016b709b44a9959c44daa717edf6b43f7c235fae47730ff2d435ed29d062451ab74bd9f65d9bf96e1afc645ca2249c89146fc815210d465ca0ede0acbfe1165b15d222ed668b79b14f901178d35e7421637588c887b0f2335ea84a442fc95bbcf0ea3b308ee18d913901cb8f40dd2798e781c4b1c620c23565b5bc18e25c206f772c863c8a8864f460c239033717d41f94fbf13b1d0c7271364bd6d144160e1df33fcb33e5d45a5e7ea4264d089397d7e022c6e1f37a2e464c01b4df6a906d3a46d9432ba1966d73aa0627491e3b3c33bee03ff2138896b64862910f24dbacc3c686e0059ff5915c8b69bce3c4022c5c80d574274d1107c9935898ae444a6c38dbd8319e778e1a86a293094bd98d0ae3ae2c32a4bcb20e0517c03e7b46839f4e3601ff98244ca5485cacbfe53c935cf14038bba908af19834a86b56cf68a7170448a434b55d66c080ea095b02ba4c3f8ba492c9e50111bf1b3085cc0f3938a58609a337e89eba9271ee071a8b9f3ab4ad0fc3c92a48cb6bc63ed74877d8425c88eb40d18c6260d2221dc295d1fa1557cfcfe1cb3a1d61b4b1235e28903ae5a4d3d358f6d3e2c87b110e38aab0fd1ca2c047b3ea826d8cd9b980b3fc64fbf38d0d3fed0057b30612880a3d93aa3e16e1c1902cc8c206d7732f426fbb063b020a03d08e3bcd4ff32c30c8ea424ea0c746e72c23e8d53576cc801bdf82f8bba865074e5dde3177820c24be87b9bd36e30a81d1d50b5aa0628262d46d19060ae37a33aa8e515fed3f8bfdf65ba5f8e11e4d517a50ce03f82bc5b3c8e9b3eb6572f1a686430170ce64bc1a61246fd99b2d8a3215104478eead271fcca07bc66e637d5543ad47147f5ad50cc5a203a37b7d2f67bb0387ae189ee7d5cfc0a421b0f0e6286aaf28a3eadfad1b8c83a26ac0a1d4a3846d93e161c82be100278d94e35fc7b5f1feb833f1b975adb33bec5d777cfbdb2c5fe171e205fd6596b37ba646b9ecb163fabcd89a469f6ad539a80937748105298b0a6364d75c6de3cbcbb96c440d5489f3f47149551e7f53d3a22d837cfb59c3e43f0c95760791ed36ff84ae82a679e4e062461bda5db7c27fb00c3238266734bc7c16d45ce7cd3f0b7e63c309977816048f24"}, 0x418, 0x8})
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_opts(r4, 0x0, 0xd, 0x0, &(0x7f0000000100))
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$setregs(0xd, r5, 0x0, 0x0)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ptrace(0x4200, r5)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r6=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r6, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x18a42000)
fremovexattr(r2, &(0x7f0000000000)=@known='system.posix_acl_default\x00')
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000548ef0da1638c509637572dab605d9244237709dc522da999bfb00920bc15f429d1835440d3f6180ab7f72", @ANYRES16=0x0, @ANYBLOB="010028bd7040010000000f000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x18)

3m48.087848633s ago: executing program 0 (id=7986):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r1)
ioctl$SIOCGSTAMP(r0, 0x8906, &(0x7f0000000000))
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x439, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, 0x49801, 0x49a41}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_FLOWINFO={0x8, 0x7, 0x7ff}, @IFLA_IPTUN_ENCAP_LIMIT={0x5, 0x6, 0x8}]}}}]}, 0x48}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close(0x3)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x74, r2, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xff}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3ff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@map=r6, 0x7, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x658}, 0x1, 0x0, 0x0, 0x4801}, 0x4040005)
sendto$packet(r0, &(0x7f0000000400)="05d936277c6f5422007f83477ca1b278e3e4018a34e7bfd3de1a00ad6762646c95c716727eb53bcc", 0x28, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x4, 0x6, @local}, 0x14)

3m48.012096006s ago: executing program 0 (id=7987):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000a40)={'veth0_to_team\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00000000010000002800128008000100687372001c000280050007000100000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x48}}, 0x20000000)

3m47.914049049s ago: executing program 0 (id=7988):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x1}}}}}}]}, 0x48}, 0x1, 0x4801000000000000}, 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x1ff, 0x7f, 0x8, 0x1d, 0x402})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0x6, 0x0, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi4\x00', 0x800, 0x0)
ioctl$COMEDI_CMDTEST(r2, 0x8050640a, &(0x7f0000000280)={0x4, 0x30000, 0x80, 0x30, 0xffffffff, 0x4, 0x1, 0xffffff81, 0x40, 0x32000000, 0x0, 0x401, &(0x7f0000000100)=[0x400, 0xfffffbff, 0x9, 0x1ff, 0x5, 0x8000, 0x7f], 0x7, &(0x7f00000001c0)="be9cd6da793eaeb8c10154e5321399db85d9ca65fc5db6a7f29cfb7e5f08503d5a9f6b98816872ecb2c524e237e98154d56772abf03e2622cdf0c0cbeed40992cfb2af9c6af20ecdcaf8cd8b5b71ca2406bf4d95f9e831fc63d98db1d9b63a9c03b7f9afb23eaaa57ef61306476966a6d68402efc2667bb008274cb629ec732ceb5e", 0xfffffe71})
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f00000006c0)={'syz0\x00', {0x4, 0x2, 0xff, 0x8}, 0x1b, [0xffff, 0xffffff51, 0x1ff, 0x340a21e5, 0xfff, 0x6, 0x120, 0x1ff, 0x5, 0x7, 0x7fffffff, 0x4, 0x9, 0x8, 0xce0, 0x0, 0x0, 0x387def80, 0x1, 0x7, 0xfffffff9, 0x81, 0x8, 0x0, 0xc, 0x7, 0x0, 0xd8, 0xeff2, 0xb, 0x6, 0x3, 0xfff, 0x3, 0x40, 0x3, 0x8, 0x1, 0x1, 0x2, 0x3, 0x7, 0x8a, 0x7d, 0x7, 0x2, 0x1, 0x83bec9d, 0xe, 0x40, 0x6, 0x10001, 0xffffff91, 0x3, 0x50, 0x3, 0x3ff, 0x9, 0x2, 0xde, 0xffffff66, 0xfb4, 0x8, 0xc01], [0xfff, 0x5, 0x3800000, 0x9, 0x4, 0x4, 0xce7, 0x8, 0x8, 0x8, 0x3, 0x1, 0x40, 0x6, 0x1, 0x801, 0x6, 0x6486e900, 0x700000, 0x7, 0x4, 0x6, 0x81, 0xf13, 0xffff, 0x3, 0x0, 0x79, 0x7f, 0x2, 0x1, 0x101, 0x6, 0x9, 0x7fff, 0x9, 0x6, 0x9, 0x5, 0x9, 0x7, 0x1, 0x7fffffff, 0x6, 0x2, 0x9, 0xf7, 0x5, 0x0, 0x7, 0x1c4, 0x1, 0x9f, 0x40, 0x9, 0x64, 0x5, 0x127, 0x7, 0x4, 0x8000, 0xd61f, 0x4, 0x71], [0x6, 0x8, 0x2, 0xfffffffa, 0x1, 0x3, 0x3, 0x4, 0xe87a, 0x9, 0xfff, 0x5, 0x8, 0xb7, 0x8, 0xfffffffa, 0xa6a, 0x1, 0x6, 0x2, 0x3, 0x6, 0x7f, 0x1, 0x32e6, 0x0, 0x9, 0x1, 0x4, 0x401, 0x1, 0x7, 0x2, 0x1, 0xdee, 0x7, 0x3, 0x3, 0x1ddf, 0x7, 0x1, 0x7f, 0x3e7, 0xb1c66cfa, 0x401, 0x5, 0x10001, 0x200, 0xe, 0x7, 0xfe82, 0x60, 0x1, 0xc, 0x1, 0x0, 0x1000, 0x9, 0x4, 0x4, 0x7, 0xea3, 0x1, 0x2ce], [0x16, 0x7, 0xc709, 0x5, 0x9, 0x9, 0x7, 0x1, 0x0, 0x36, 0xb43, 0x80000000, 0x1, 0x8001, 0x0, 0x2c000000, 0x4, 0x9, 0x5e, 0x800, 0x4, 0x8, 0x3, 0x7, 0x200, 0x0, 0x9, 0x9, 0x2, 0x8, 0x500, 0x9, 0x401, 0xcf3, 0x4, 0x3, 0xfffffff0, 0x1, 0xfffffffb, 0x16, 0x8, 0x3, 0x10000, 0xffff, 0x2a, 0x4f713725, 0xfff, 0x10000, 0x3, 0xff, 0x3, 0xf8, 0x7, 0xa6, 0x7, 0x9, 0x80, 0x7, 0x7ff, 0xfffffc00, 0x7, 0x3f5b, 0x10, 0x8001]}, 0x45c)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x44, 0x0, 0x0)
ioctl$F2FS_IOC_COMPRESS_FILE(r5, 0xf518, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r8=>r6}, './file0\x00'})
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, &(0x7f0000000300)={<r9=>0x0}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000380)={r9, 0x98aa, 0x7, 0x6, 0x2, 0xfffffffe}, &(0x7f00000003c0)=0x14)
ioctl$KVM_SET_FPU(r7, 0x41a0ae8d, &(0x7f0000000500)={'\x00', 0x0, 0x10, 0x8d, 0x0, 0x5, 0x58000, 0x6800, '\x00', 0x401})

3m47.751231956s ago: executing program 0 (id=7989):
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000280)='.\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1091, 0x0)
chroot(&(0x7f0000000580)='./file0/../file0\x00')
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000100))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1900000004000000040000000280000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000008200"], 0x50)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

3m47.620994637s ago: executing program 7 (id=7990):
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})

3m46.849563197s ago: executing program 0 (id=8000):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x4, @local, 0xb}, 0x1c)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe80000000000000fffff000000000aa4e200e22"], 0x0)

3m46.546030003s ago: executing program 0 (id=8001):
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x2c41, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x1)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='befs\x00', 0x20c41a, 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000100)=0x44)

3m46.511372855s ago: executing program 36 (id=8001):
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x2c41, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x1)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='befs\x00', 0x20c41a, 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000100)=0x44)

3m31.331154067s ago: executing program 37 (id=7990):
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})

19.670239699s ago: executing program 8 (id=10717):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x7, &(0x7f0000000100)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0xc, 0x8000000}, [@map_idx_val={0x18, 0x4, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc9, &(0x7f0000000340)=""/201, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x3]}]}, 0x6c}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="5c00000002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e65740000000c00078008000640"], 0x5c}}, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000000)='D', 0x1, 0x28004044, &(0x7f0000000140)={0xa, 0x4001, 0xfffc, @loopback, 0xfffffffd}, 0x1c)

19.513740553s ago: executing program 8 (id=10721):
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x20d01, 0x0) (async, rerun: 32)
prlimit64(0x0, 0xf, &(0x7f0000000100)={0x3, 0xa7d}, 0x0) (rerun: 32)
r1 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) (async, rerun: 32)
r2 = io_uring_setup(0x65db, &(0x7f0000000000)={0x0, 0x9eb6, 0x800, 0x3, 0x1e3}) (rerun: 32)
io_uring_register$IORING_UNREGISTER_NAPI(r2, 0x1c, &(0x7f0000000080), 0x1) (async)
ioctl$FE_GET_PROPERTY(r1, 0x80106f53, &(0x7f0000000340)={0x1e, &(0x7f00000003c0)=[{0x43, '\x00', @data=0x4, 0xbd}]}) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1)

19.353608528s ago: executing program 8 (id=10723):
syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000084}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd000000080002e4", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

19.247951612s ago: executing program 8 (id=10724):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x20200, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000ec0)={0x48, 0x17, 0x0, 0x0, <r1=>0x0, 0x0, 0x0, 0x1})
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000001c0)='ceph\x00', 0x208004, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x1c8)
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x315901c, 0x0)
chroot(&(0x7f0000001140)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00')
r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000580)={0x0, &(0x7f00000002c0)=[@nested_load_syzos={0x136, 0xb9, {0x2, 0x0, [@nested_vmresume={0x130, 0x18, 0x2}, @code={0xa, 0x71, {"470f0666baf80cb82065fc8bef66bafc0cb87ba60000ef0fc7ab10000080b8010000000f01d948b870bb4b5e000000000f23c00f21f835010004000f23f866baa00066b8008066ef66420f5e9103000000b98e0200000f320fc72af2430f79d3"}}, @nested_amd_clgi={0x17f, 0x10}]}}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_amd_inject_event={0x180, 0x38, {0x2, 0x71, 0x0, 0x6, 0x3}}, @out_dx={0x6a, 0x28, {0x6720, 0x3, 0x8}}, @in_dx={0x69, 0x20, {0x94d9, 0x2}}, @nested_amd_vmsave={0x183, 0x18, 0x3}, @nested_amd_vmload={0x182, 0x18}, @nested_load_code={0x12e, 0x79, {0x1, "0f3066ba6100ed48b800900000000000000f23c00f21f835030007000f23f8b805000000b98470436d0f01c148b800000000000000000f23d80f21f835400000200f23f8b9ee0900000f32c402f902e0c462d991744d00c4c27918ca66ba4300ed"}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x0, @guest32=0x4816, 0x40, 0x6, 0x6}}, @set_irq_handler={0xc8, 0x20, {0xae}}, @enable_nested={0x12c, 0x18}, @out_dx={0x6a, 0x28, {0xdfca, 0x2, 0x1}}], 0x2aa})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000005c0)={[0x1ff, 0x6, 0x80000001, 0x4, 0x179, 0x2, 0x5159, 0x8, 0xd40, 0x9, 0x0, 0xb, 0x2, 0x4, 0x9, 0xa734], 0x8080000, 0x300})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r4})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r4, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x1004000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000200)={0x48, 0xa, r1, 0x0, r4})
rt_sigpending(&(0x7f0000007f80), 0x8)
io_setup(0x2278, &(0x7f0000000180))

19.020245636s ago: executing program 8 (id=10726):
mkdir(&(0x7f0000000080)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000002540)={0x2020}, 0x2020) (fail_nth: 1)

18.55412874s ago: executing program 8 (id=10729):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b142b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2003}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xe000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

18.509507279s ago: executing program 38 (id=10729):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b142b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2003}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xe000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

9.080424777s ago: executing program 2 (id=10828):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000002200), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000002240)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_TIMEOUT={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000010}, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x204001, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xfffffffffffffffd, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @multicast}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000010}, 0x4008000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nbd(&(0x7f0000002200), 0xffffffffffffffff) (async)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000002240)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_TIMEOUT={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000010}, 0x4) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x204001, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xfffffffffffffffd, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @multicast}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000010}, 0x4008000) (async)

8.832823956s ago: executing program 2 (id=10830):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
io_uring_setup(0x524, 0x0)
timer_settime(0x0, 0x1, 0x0, &(0x7f00000000c0))
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x77c, @empty, 0x1}, 0x1c)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3)
listen(r1, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = timerfd_create(0x4, 0x80000)
timerfd_settime(r5, 0x2, &(0x7f0000000080)={{0x77359400}, {0x77359400}}, &(0x7f0000000140))
r6 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r4, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)

7.878809603s ago: executing program 2 (id=10838):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0xffff, 0xfffffffe, @empty, 0x7}, 0x1c) (async)
ioctl$sock_SIOCOUTQNSD(r0, 0x8905, &(0x7f0000000540))

7.791176417s ago: executing program 2 (id=10840):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', r0}, 0x18) (async)
ioctl$XFS_IOC_READLINK_BY_HANDLE(r0, 0xc038586c, &(0x7f00000001c0)={r0, &(0x7f00000000c0)='//\x00', 0x30080, &(0x7f0000000100)={@align=0x6, {0x7, 0x1, 0xbc2, 0x2}}, 0x5, &(0x7f0000000140)={@_ha_fsid}, &(0x7f0000000180)=0x425}) (async)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x1, 0x0, 0x4, 0x2, 0x8}, 0x6, 0x7, 0x6}) (async)
r1 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000280), 0xaa6b5cd5c8553443)
connect(r1, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x80)
ioctl$XFS_IOC_SCRUBV_METADATA(r0, 0xc0285840, &(0x7f0000000380)={0x4, 0x2, 0x8000, 0x0, 0x885b, 0x1, 0x0, &(0x7f0000000340)=[{0x15, 0x1ff, 0x8001}]}) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000500)={r0, &(0x7f00000003c0)="3e68d7e8b46a9e362261b3", &(0x7f0000000400)=""/227}, 0x20)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r0, 0x4058587a, &(0x7f0000000680)={{<r2=>r1, &(0x7f0000000540)=']](:\x00', 0x0, &(0x7f0000000580)={@align, {0xfff9, 0x7fff, 0x8e, 0x3}}, 0x2, &(0x7f00000005c0), &(0x7f0000000600)=0xac8}, {[0xbb, 0x3, 0x28, 0x9]}, 0xec, 0x19, &(0x7f0000000640)=""/25})
ioctl$RTC_VL_CLR(r2, 0x7014) (async)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000700)={0x0, 0x4}) (async)
r3 = openat$cgroup_ro(r2, &(0x7f0000000740)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000780)="4979c80cea5fbf8cb5b6641969a196687941b89dbb62645fa8eb4908909fe0355cd3a3dfb9641e5d8425142f026cf8230709be64d11d470c6e0a2f2f0b43cb", 0x3f}, {&(0x7f00000007c0)="5bb6f72b4b8e811aeb38bfd6f1f958eafeb1b0416370513afc4625836b55c61731aae3979095c0e21c74fc02e194046c62fe636a2da58026bb69d6c6d16ade1cbd3199013a95e9e3d6932f4d6c9bf73d812f4806507957b3c46516cb337047889dfcd85f16132c02043d16e35a69eacca8953c3bebc0670c64af8012754d11f83f4183aa", 0x84}, {&(0x7f0000000880)="63a5846e9a192a6e90a89aabe01c8030c64ebb60e805f4ea4d67f192382b051868fb780b03b44969118dd7bf5f97a27cb59fa72824bc46ce0c07cbc44f026bad4ca9c7269c4f61a7d97dda6fdc1aadd29925bda30f8f8b5ff45b7ebb7b8501e43e9f83fd702507e4b5464b29a7adeca640e0f80e61634b09ec4075ac950e37", 0x7f}, {&(0x7f0000000900)="b65cbdb1365e41e3bca68eef675b2498ae1c8f0dce9165aecb1834f58cf7be9bde5d0d4f7f2becc95076826e1699eb625502ff1cac93f12d4b4dbb84aca42d38b0ec8a4638f49c40fe5853675b010af04182ea7de6ef77ca4176a03bdb23888a9f67b21def9e39c9c532a91b4d259f14107c7fbb431e556adfb89eee648b4a80640ab701d3826d1aa052c74edf94434f893d084a69a9152b4284fc87c2c08838710c09f60f14f621ada486ff0aba7aeafca860a86d6de1a20725c0dd9c663150589d95298a5fd0", 0xc7}], 0x4, &(0x7f0000000a40)=[{0x58, 0xff, 0x2, "d120bcb4a79bd54309d691e507d684084d00e7cb0777514c40ba98f96b65a089387e89c13182ccdaa2c529d75c5dbd3ccd4c39fca02f13c24bf972765fbb07fcfaaf"}, {0x50, 0x111, 0x4, "0150b2f887104a02692e7d949d7740c72c7e3e43ac52cfcc83b495e0f23cae1b64c2fb2324b65155fe6994c7f2b7d35d44f3b8d253bd4f523729a3e2e975"}, {0x28, 0x115, 0x49bcf847, "8d151fcfb023d208e306d0e4ad5dc33edc"}, {0x90, 0x88, 0x1, "53ce4ae6436f8a47b4562bdc22e0f0409eb3a18c5d38c36bd77fd6a9a441a72b447349d576de7685ed4f3d407a3e97b2f3fa0cbb9a2b0cbfb801e003c993391677de42108044a8cbe1d06b12e23a839e12052bb03fb542527fd0f8d0bcb162c8566087b85574d0254d45efdb78f39a68d85e3fa25765a8b610046e19e9f3490c"}], 0x160}, 0x4808) (async)
connect$l2tp(r2, &(0x7f0000000c00)={0x2, 0x0, @remote, 0x3}, 0x10) (async)
fstatfs(r2, &(0x7f0000000c40)=""/225)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000d40)=0x108001, 0x4)
r4 = syz_open_dev$radio(&(0x7f0000000dc0), 0x1, 0x2)
r5 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000e00)=@o_path={&(0x7f0000000d80)='./file0\x00', 0x0, 0x8010, r4}, 0x18) (async)
r6 = syz_pidfd_open(0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000e40)={{0x1, 0x1, 0x18, <r7=>r5, {<r8=>r6}}, './file0\x00'}) (async)
sendmsg$kcm(r3, &(0x7f0000001280)={&(0x7f0000000e80)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x18}}, 0x3, 0x4, 0x3, 0x4}}, 0x80, &(0x7f0000001040)=[{&(0x7f0000000f00)="09bfcb21cf34809c47e7e8a3f6307c31750c8f2930ec886ce665a89d3e64cd7a90d4f892dbbcd942", 0x28}, {&(0x7f0000000f40)="8d0bdb5d0f7b16fc0897594fe6ea8deabc157de43ead11df93b3b965178657d5ec1386416eb5d588a8bd6f94aba563db5bd437b125112b6afa00f12f3edc896188d49c92ed41ea7f234b53651a2c3f3e47723f0f32f53911d582296426dbc4b023ca9dc2050446b00a7905e703f292650d97f51656c3c5d6b0de45c2fe9f9d56e36e295ee1be29fe4c0feb1237ac53c03de8e9be4415dd4a12dc7c6b011fa4039c53d4ef10be1587e3f758113353c1f907dc353551c14abbfa07eb5ab3c5d266cf68689aeaf2", 0xc6}], 0x2, &(0x7f0000001080)=[{0xe8, 0x4, 0x2fa, "e8e3043901df32e292945df7683c724016c0a00053447f5bc8ab4dd6a54751e0f12bb2533fd011b2667d84e2920a0055b0d4eef19bea58d499c924813fddb722397e6abad1979494bd2faabf6d4dcb5697c2b35ea06a79288177e52802ed6100e8f1db547deacaf9c2ecef3e52b7e95b55e861110fcc683b2ede0dc7a717a5b2e267979def21daf1424e1a25d011a55bb6315c5cab810afb1feb0ecce66acd872795c55b68114ddb502aa373ca57a1196072cffc6c7b2e20ca508f28be88fbce9e3cbcf1f50ed7791fb028813d1e927e367196f132"}, {0x20, 0x110, 0x8, "70ae01b5fbc946b4088f"}, {0xf8, 0x113, 0xfffffbff, "e5a1ea11c365df3d229c68fa2f5e77b6636fbb7a3e0e0609b73ea1c2bbcdcc98f542119c3c0fd434dcfb0ea9a83dc34be560ccddc2ca07e43e58e9d88af507ec2a7b06f6113d54ffc515da616d56f2c0405a2fc9e39ce2b7035b4b423e35dba0cc153104179263637d48870cce4287d056029568dc8ec541522f7a79c5d4e759a6a43cfc52b6cb5d92476bd1ff5e1aa625b721196bf783bd958af08f797630a3db3f08c8a5ef11e497e6c96c06e40468f09ea6c44fea28baa27fad39c1305569037c192cb404fb9ff43406a25c4e1fb8ce933bf78fce6f31c70b009375cdc778373ba0fb75d8"}], 0x200}, 0x0) (async)
ioctl$XFS_IOC_EXCHANGE_RANGE(r3, 0x40285881, &(0x7f00000012c0)={r3, 0x0, 0x0, 0xffffffffffffff80, 0x4, 0x4})
write$P9_RLINK(r7, &(0x7f0000001300)={0x7, 0x47, 0x2}, 0x7) (async)
getsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000001340), &(0x7f0000001380)=0x4)
syz_open_dev$evdev(&(0x7f00000013c0), 0x1, 0x101402) (async)
write$P9_RXATTRCREATE(r2, &(0x7f0000001400)={0x7, 0x21, 0x2}, 0x7) (async)
socket$kcm(0x29, 0x5, 0x0) (async)
fsetxattr$trusted_overlay_upper(r2, &(0x7f0000001440), &(0x7f0000001480)={0x0, 0xfb, 0x1a, 0x1, 0x4, "0c2287072b1eaee33f81d51721435a2d", "a4f90b0d21"}, 0x1a, 0x0) (async)
ioctl$RTC_EPOCH_READ(r8, 0x8008700d, &(0x7f00000014c0))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000001500)='-\'\'\x00', &(0x7f0000001540)='\x00', 0x0)

7.716550848s ago: executing program 2 (id=10841):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
r1 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x18, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0xffffffff}, 0x50) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0) (async)
sendmsg$inet(r1, &(0x7f00000062c0)={0x0, 0x0, 0x0}, 0x4c084)
r3 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000000c0)={'veth1_to_team\x00', &(0x7f0000000040)=@ethtool_rxfh_indir={0x38}}) (async)
getsockopt$WPAN_WANTACK(r0, 0x0, 0x0, 0x0, &(0x7f0000000040))

7.563983599s ago: executing program 2 (id=10845):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabbcc", 0x3}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000240)="aabbcc", 0x3}], 0x1}}], 0x2, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xdb) (async, rerun: 64)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) (rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 32)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_usbip_server_init(0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}) (async)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff"], 0x15) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue1\x00', 0x4000007}) (async)
write$sndseq(r2, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {0x8}, {}, @raw32={[0x0, 0x1, 0xfdffffff]}}], 0x1c)
r6 = syz_open_procfs(0x0, &(0x7f0000000b40)='attr/current\x00')
read$eventfd(r6, 0x0, 0x0)

2.872548974s ago: executing program 5 (id=10904):
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, &(0x7f0000000000)={0x8000001, 0x1c, &(0x7f0000000040), 0x2, 0x4})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd) (fail_nth: 4)

2.81175395s ago: executing program 5 (id=10905):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x5, &(0x7f0000000240)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3198cd96}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x94)
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, &(0x7f0000000000)={0x8000001, 0x1c, &(0x7f0000000040), 0x2, 0x4})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r0, 0x1, 0x26, 0x0, &(0x7f00000000c0))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xdfff, 0x1}, 0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a01020000000000000000010000000900030073797a32000000000900010073797a3100000000080007006e617400140004800800014000000003080002400ce055622c000000050a01020000000000000000010000000c00024000000000000500010900010073797a310000000028000000000a05000000000000000000010000080900010073797a3100000000080002400000000114"], 0xe4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)="65679b109e90d801e6e497995187c764228031f8199c642d221011146900ac3ea39ab41ee1bdbf5328db76eddc5df0fb1f51aad81a6fc7f93921c07a30fb6cba5c5d70e63a5ff18a136d9869695afb2f5320b2f13d80d1b6434c432c4093349b95ce1bfe3b15d2072f21fc5a0b038356f6adafc94a02df2baf3c1475781838d288e2b8adcfc0a73da548f653cc40d5c1a4f434981dcdd42202c7e94605f06f98075795fee7c488ff6c1d3a59217a442a005fd4dc6bc8", 0xb6)

2.730200158s ago: executing program 5 (id=10906):
gettid() (async)
r0 = gettid()
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0) (async)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
close_range(r1, r2, 0x2)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x88042, 0x0)
write$dsp(r3, &(0x7f0000000280)="dbd74658", 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000080)='ns/uts\x00')

1.462292991s ago: executing program 1 (id=10926):
r0 = syz_usbip_server_init(0x2)
syz_emit_ethernet(0x46, &(0x7f0000000040)={@random="0c2ba1a0d9b1", @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, {[@lsrr={0x83, 0x3, 0xf1}, @ssrr={0x89, 0xb, 0xe3, [@private=0xa010102, @dev={0xac, 0x14, 0x14, 0x3f}]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
write$usbip_server(r0, &(0x7f0000002b40)=@ret_unlink={{0x4, 0x6}, {0x8}}, 0x30)

1.214170023s ago: executing program 5 (id=10927):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='omfs\x00', 0x208000, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x24042, 0x0)
sendfile(r0, r0, 0x0, 0x2000fb)

1.136885553s ago: executing program 5 (id=10928):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1000002, 0x2, 0x1, 0x0, 0x9})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x7, {}, {0x0, 0x1, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCGICOUNT(r1, 0x5409, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
close(r0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000b40)={0x0, [[0x9ef8, 0x7, 0x0, 0x4, 0x5d11, 0x9, 0x0, 0xe], [0x5c0, 0x80000000, 0x0, 0x0, 0x3a3, 0x0, 0x0, 0x4], [0x7, 0x0, 0x0, 0xfffffffc, 0xc6df, 0x0, 0x4]], '\x00', [{}, {0x3, 0x8}, {0x1}, {0x0, 0x80000000}, {0x3, 0x4, 0x0, 0x1, 0x1}, {0x18, 0x5f}, {0xfffffffc}, {0x0, 0x6}, {0x0, 0x3}, {0x0, 0xfffffffe}, {0x0, 0x7}, {0x7fffffe, 0x3}], '\x00', 0x1000})

856.550531ms ago: executing program 1 (id=10929):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1a, 0x0, 0x0, 0x0, 0x80000002, 0x57, 0x0, 0x0, 0x0, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x1000, 0x0, 0xde0}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r1, 0x0)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000cc0)={'ip6_vti0\x00', &(0x7f0000000c40)={'syztnl2\x00', 0x0, 0x4, 0x10, 0x8, 0x2, 0x41, @empty, @empty, 0x7800, 0x7800, 0x5, 0x2}})

854.926214ms ago: executing program 1 (id=10930):
r0 = socket$kcm(0x21, 0x2, 0x2)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r1, 0xc0384707, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x400000, 0x12, "3eccd8fd0000000000000010000000040100"})
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000140)="441f08d600270bee724ef54e91eeffbe1e68d5040d73161feeb0f24cb1", 0x1d)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0xffffff1f}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb71658bda99b49720fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

780.885691ms ago: executing program 5 (id=10931):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6(0xa, 0x1, 0x84) (async)
r1 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0xffff, 0xcd3, 0x0, 0xb2, 0x0, 0x2}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close(r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})

672.060081ms ago: executing program 9 (id=10933):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x7400}, 0x40855)
socket$kcm(0x10, 0x2, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) (async)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x7400}, 0x40855) (async)

596.097104ms ago: executing program 9 (id=10934):
syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000084}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

487.804419ms ago: executing program 9 (id=10935):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x6, r0, 0x8, 0x0, 0x4e, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000000000000000000000071184b000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x22)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sysvipc/sem\x00', 0x0, 0x0)
unshare(0x4000080)
preadv(r2, &(0x7f0000000000)=[{&(0x7f0000001100)=""/4104, 0x1008}], 0x1, 0x33, 0x0)

487.321367ms ago: executing program 9 (id=10936):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
io_uring_setup(0x524, 0x0)
timer_settime(0x0, 0x1, 0x0, &(0x7f00000000c0))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000040)=0xd, 0x4)
close(r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x201, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0xb8}}, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x77c, @empty, 0x1}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r4, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)

413.081051ms ago: executing program 1 (id=10937):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x101a02, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0400000004fa1c09382abeb5f79e928f000000040000000218000000000000", @ANYRESDEC=r0, @ANYRESDEC], 0x48)
pwritev(r0, &(0x7f0000002240)=[{&(0x7f00000001c0)="fd", 0x4}], 0x1, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.avg_queue_size\x00', 0x26e1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'macvtap0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=@newqdisc={0x43c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xfff3}, {0x0, 0xfff1}, {0x2, 0x8}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x80000001, 0x8001, 0x3, 0x0, 0x6, 0x4, 0x8, 0x9, 0x401, 0xfffffffc, 0x6, 0x40000, 0x3, 0x3, 0x4, 0x3, 0x100, 0x8, 0xff, 0x80, 0x9, 0x8001, 0x80, 0x7, 0x101, 0x7, 0xeb, 0x7ff, 0x7, 0x10001, 0x9, 0x6, 0x9c01, 0x7, 0x4, 0x0, 0xfaa, 0xc88, 0x6, 0x8d1, 0x1ff, 0x2, 0x3, 0x80000000, 0x6a, 0xffffffff, 0x7, 0x4, 0x3, 0x6, 0x0, 0x100, 0x4, 0x9, 0x8, 0x3, 0xd, 0x14574, 0x0, 0x7f, 0x7, 0x1, 0x314, 0x7, 0xe, 0x4, 0x2, 0x45, 0x7, 0x80000004, 0x2, 0x8, 0x5, 0x3, 0x1, 0x4, 0x1, 0x40, 0xb, 0x3ff, 0xfffffff9, 0x6, 0x9, 0x8, 0x80, 0x59b, 0x1, 0x2, 0x6, 0xc, 0x0, 0xfffffffa, 0x4, 0xfa65, 0x4, 0x0, 0x70e, 0x9, 0xd, 0x1, 0x0, 0xed6, 0x7fff, 0xfff, 0x4, 0x4, 0xac1, 0x5, 0x4, 0x9, 0x5, 0x9, 0x7, 0x5371, 0x709d7f5b, 0xa09a, 0xfffffffe, 0x4b8a, 0x9, 0x7, 0x4, 0x3, 0x8a9, 0x6, 0x4, 0x10001, 0xc0000000, 0x4, 0x7, 0xf, 0x86, 0x7, 0x3, 0x9, 0x9, 0x663, 0xfffffffd, 0xe2, 0x0, 0x4, 0x4, 0x6, 0xff, 0x1, 0x9, 0x8, 0x7, 0x8001, 0x0, 0x4, 0x5, 0xfd, 0x90, 0xffff, 0x5, 0xfffeffff, 0x7, 0x9, 0x8e0e, 0x1, 0xe, 0x8, 0x1, 0x2, 0x5, 0x0, 0xb, 0x6, 0x4, 0x9, 0x9, 0x0, 0xc, 0xaa8, 0xcb1a, 0x7, 0xffffffff, 0x9, 0x2, 0x81, 0x401, 0x280, 0x0, 0x8, 0x9, 0x8, 0xfffffff9, 0x800, 0x18e, 0x5, 0x5, 0x1, 0x32, 0x6, 0x4f, 0x8, 0xfffffff9, 0x1, 0x0, 0x6, 0x1, 0x7, 0x8001, 0x7, 0x53f, 0x4, 0xd13b, 0xb, 0x6, 0xb, 0x100, 0x7, 0x5, 0x6, 0x1, 0x10001, 0x6, 0x4, 0x7, 0x82, 0xf0, 0x4, 0x3, 0x6, 0x4, 0x5, 0x400, 0x0, 0x0, 0x1004, 0x6, 0xc, 0x2, 0x1, 0x3, 0xc, 0x8, 0x80000001, 0x8, 0xa4eb, 0x7, 0x4, 0xffffffff, 0x1ff, 0x3ff, 0x3, 0x80, 0x3, 0x8001, 0x1, 0x8, 0xe1, 0xc, 0x5, 0x3, 0x95]}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x11}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
close(r1)
write$cgroup_subtree(r1, &(0x7f00000006c0)=ANY=[], 0xcfa4)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000180)={0x0, 0x1, 0x12, 0x6, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309002500000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc60efd680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca512b5f379c4eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7f804bb4713019a83353dc519d11c3cc1c22a3b86cf3c645413fcea0ce9ded703699d2bb6a4a663b99b6069da5aaf64785a58847440f064b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200216032811fadcf1e0f49a514df529061e09ce45e3f303a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a250200000000000000d23d324205000000000000000a617f22133b6cb5087f4c6057942ad995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a3cff46591ccaff3075b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8841416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedcbefc5990d7fed29a002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d559b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756d732533c2722e03002293e37966611602f297de6ff5408777d7a93c45cee3ee5c56e8a3e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f6579ef62866a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c909cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc562507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f80000000000001700000000000000000000000000000000000200"})
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="94233a00", @ANYRES16=r6, @ANYBLOB="000129bd7000fcdbdf250b00000080000180080003000200000008000300010000001400020076657468315f766c616e0000000000001400020076657468315f746f5f68737200000000080003000300000014000200776c616e3000000000000000000000001400020076657468305f746f5f7465616d000000140002006e723000"/142], 0x94}, 0x1, 0x0, 0x0, 0x4008010}, 0x40)
socket$nl_route(0x10, 0x3, 0x0)

411.306877ms ago: executing program 9 (id=10938):
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x1, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x28}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)=@x86={0x60, 0x4, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x1, 0x0, 0x0, 0x8, 0x0, 0xff, 0xff, 0x0, '\x00', 0x0, 0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x6d, 0x0, 0x100000000005, 0x20, 0x3, 0x2, 0x80000000106c, 0x100, 0x9, 0x80000004400080, 0x1c00000, 0x6, 0x0, 0x4, 0x0, 0x8000], 0x1, 0x3c4210})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

335.948852ms ago: executing program 1 (id=10939):
r0 = io_uring_setup(0x2f4f, &(0x7f0000000280)={0x0, 0x10, 0x1, 0x0, 0xfb})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r2)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000408000001800128008000100736974000c00028008000100", @ANYRES32=r3], 0x38}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000340)={'syztnl1\x00', r3, 0x1, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x9, 0x0, 0x0, @empty, @empty}}}})
r4 = socket(0x2b, 0x1, 0x1)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001880)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x240000c4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

335.412476ms ago: executing program 9 (id=10940):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580), 0x8)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x5)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x15, 0x0, &(0x7f0000000100))
r4 = accept4$unix(r1, 0x0, 0x0, 0x0)
sendto$packet(r2, &(0x7f0000000600)="5f0efc3e1792a50972d2eb21bdff9ca4ac804c2847fe7bf05ddc63ff512d4074687760a5fbd1fc97772c6f5027dcea15b6658de3b024a6ea22baafb445bf8427c8055d00", 0xffffff3d, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)=""/74, 0x4a}], 0x1}, 0x10002)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

0s ago: executing program 1 (id=10941):
r0 = memfd_create(&(0x7f0000001cc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc0sr\x95\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\x00\x01\x00\x00\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, 0x0)
write$binfmt_script(r0, &(0x7f0000000940)={'#! ', './file0', [{0x20, '/dev/sr0\x00'}]}, 0x15)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r0, 0x80286722, &(0x7f0000000180)={&(0x7f00000000c0)=""/158, 0x9e, 0x6, 0x83d})
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, &(0x7f0000000000)={0x8000001, 0x1c, &(0x7f0000000040), 0x2, 0x4})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r4, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r2}, 0x20)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r6, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
recvfrom$inet6(r2, &(0x7f0000000040)=""/62, 0x3e, 0x0, 0x0, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e22, @local}, 0x10)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sysvipc/sem\x00', 0x0, 0x0)
lseek(r8, 0x0, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SNDCTL_TMR_METRONOME(r8, 0x40045407)
bind$bt_hci(r9, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r9, &(0x7f0000000000), 0xd)

kernel console output (not intermixed with test programs):

_u:object_r:root_t tclass=dir permissive=1
[  835.764594][ T5371] lo speed is unknown, defaulting to 1000
[  835.946758][ T5371] ��������3��k� speed is unknown, defaulting to 1000
[  836.192445][ T5149] EXT4-fs error: 17 callbacks suppressed
[  836.192461][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  836.202588][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  836.207796][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  836.235632][ T5396] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:63: iget: checksum invalid
[  836.250789][   T40] audit: type=1400 audit(1783385029.923:35017): avc:  denied  { connect } for  pid=5393 comm="syz.9.10244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  836.250936][ T5398] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:63: iget: checksum invalid
[  836.346220][ T5371] bridge0: port 1(bridge_slave_0) entered blocking state
[  836.349615][ T5371] bridge0: port 1(bridge_slave_0) entered disabled state
[  836.352749][ T5371] bridge_slave_0: entered allmulticast mode
[  836.357008][ T5371] bridge_slave_0: entered promiscuous mode
[  836.362207][ T5371] bridge0: port 2(bridge_slave_1) entered blocking state
[  836.365295][ T5371] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.368402][ T5371] bridge_slave_1: entered allmulticast mode
[  836.372232][ T5371] bridge_slave_1: entered promiscuous mode
[  836.399437][ T5371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  836.407131][ T5371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  836.433950][ T5371] team0: Port device team_slave_0 added
[  836.438713][ T5371] team0: Port device team_slave_1 added
[  836.463385][ T5371] batman_adv: batadv0: Adding interface: batadv_slave_0
[  836.466410][ T5371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  836.477940][ T5371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  836.484952][ T5371] batman_adv: batadv0: Adding interface: batadv_slave_1
[  836.487913][ T5371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  836.498374][ T5371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  836.547164][ T5371] hsr_slave_0: entered promiscuous mode
[  836.550844][ T5371] hsr_slave_1: entered promiscuous mode
[  836.554130][ T5371] debugfs: 'hsr0' already exists in 'hsr'
[  836.556579][ T5371] Cannot create hsr debugfs directory
[  836.720329][ T5371] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.734581][ T5411] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  836.737270][ T5411] IPv6: NLM_F_CREATE should be set when creating new route
[  836.740183][ T5411] IPv6: NLM_F_CREATE should be set when creating new route
[  836.742833][ T5411] IPv6: NLM_F_CREATE should be set when creating new route
[  836.790574][ T5413] netlink: 'syz.2.10250': attribute type 63 has an invalid length.
[  836.909683][ T5371] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.933513][ T5427] veth0_to_team: entered promiscuous mode
[  836.938238][ T5427] veth0_to_team: left promiscuous mode
[  837.040027][ T5371] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.131164][   T40] audit: type=1400 audit(1783385030.745:35018): avc:  denied  { shutdown } for  pid=5440 comm="syz.2.10257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  837.146165][ T5371] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.173909][ T5446] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  837.176558][ T5446] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  837.256263][   T40] audit: type=1400 audit(1783385030.855:35019): avc:  denied  { setopt } for  pid=5455 comm="syz.9.10260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  837.313233][ T5461] affs: No valid root block on device nullb0
[  837.542616][ T5371] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  837.557514][ T5371] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  837.572643][ T5371] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  837.580776][ T5371] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  837.585892][ T5371] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  837.607315][ T5371] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  837.611533][ T5371] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  837.625373][ T5371] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  837.704958][   T40] audit: type=1401 audit(1783385031.270:35020): op=setxattr invalid_context="system_u:object_r:crond_var_run_t:s0"
[  837.712084][ T5371] 8021q: adding VLAN 0 to HW filter on device bond0
[  837.728095][ T5371] 8021q: adding VLAN 0 to HW filter on device team0
[  837.736406][T10468] bridge0: port 1(bridge_slave_0) entered blocking state
[  837.738730][T10468] bridge0: port 1(bridge_slave_0) entered forwarding state
[  837.750780][   T87] bridge0: port 2(bridge_slave_1) entered blocking state
[  837.753258][   T87] bridge0: port 2(bridge_slave_1) entered forwarding state
[  837.794913][ T5491] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:32: iget: checksum invalid
[  837.802905][ T5492] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:32: iget: checksum invalid
[  837.813132][ T5493] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:36: iget: checksum invalid
[  837.818773][ T5494] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:36: iget: checksum invalid
[  837.836790][ T5497] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:36: iget: checksum invalid
[  837.868785][ T5371] 8021q: adding VLAN 0 to HW filter on device batadv0
[  837.926981][ T5371] veth0_vlan: entered promiscuous mode
[  837.939180][ T5371] veth1_vlan: entered promiscuous mode
[  837.956460][ T5513] netlink: 60 bytes leftover after parsing attributes in process `syz.2.10274'.
[  837.962237][T18666] Bluetooth: hci1: command tx timeout
[  837.982088][ T5371] veth0_macvtap: entered promiscuous mode
[  837.993549][ T5371] veth1_macvtap: entered promiscuous mode
[  838.025000][ T5371] batman_adv: batadv0: Interface activated: batadv_slave_0
[  838.038255][ T5371] batman_adv: batadv0: Interface activated: batadv_slave_1
[  838.049292][T12881] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  838.061167][T12881] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  838.073012][T12881] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  838.097347][T12881] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  838.191185][T18685] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  838.196958][T18685] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  838.238728][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  838.242488][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  838.250257][   T87] bridge_slave_1: left allmulticast mode
[  838.252688][   T87] bridge_slave_1: left promiscuous mode
[  838.258569][   T87] bridge0: port 2(bridge_slave_1) entered disabled state
[  838.276987][   T87] bridge_slave_0: left allmulticast mode
[  838.279453][   T87] bridge_slave_0: left promiscuous mode
[  838.283593][   T87] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.286301][ T5541] netlink: 14 bytes leftover after parsing attributes in process `syz.2.10281'.
[  838.521326][   T87] gretap0 (unregistering): left promiscuous mode
[  838.545102][   T87] bond7 (unregistering): (slave geneve2): Releasing active interface
[  838.616935][   T40] audit: type=1400 audit(1783385032.110:35021): avc:  denied  { listen } for  pid=5545 comm="syz.9.10282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  838.648758][ T5548] fuse: Bad value for 'group_id'
[  838.650938][ T5548] fuse: Bad value for 'group_id'
[  838.812990][   T87] bond3 (unregistering): (slave bridge4): Releasing backup interface
[  838.816295][   T87] bridge4 (unregistering): left promiscuous mode
[  838.951027][   T87] team0: Port device bond0 removed
[  838.955499][   T87] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  838.962435][   T87] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  838.967451][   T87] bond0 (unregistering): Released all slaves
[  838.976437][   T87] bond1 (unregistering): (slave veth5): Releasing active interface
[  838.981628][   T87] bond1 (unregistering): Released all slaves
[  838.994418][   T87] bond2 (unregistering): Released all slaves
[  839.012431][   T87] bond3 (unregistering): Released all slaves
[  839.026031][   T87] bond4 (unregistering): Released all slaves
[  839.043754][   T87] bond5 (unregistering): Released all slaves
[  839.060402][   T87] bond6 (unregistering): Released all slaves
[  839.069309][   T87] bond7 (unregistering): Released all slaves
[  839.078724][   T87] bond8 (unregistering): (slave veth0_to_bond): Releasing backup interface
[  839.083989][   T87] bond8 (unregistering): Released all slaves
[  839.091499][   T87] bond9 (unregistering): Released all slaves
[  839.100693][   T87] bond10 (unregistering): (slave vlan1): Releasing active interface
[  839.103969][   T87] bond10 (unregistering): Released all slaves
[  839.111276][   T87] bond11 (unregistering): Released all slaves
[  839.397488][   T87] tipc: Disabling bearer <eth:team0>
[  839.410515][   T87] tipc: Left network mode
[  839.595985][ T5570] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  839.714772][ T1163] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  839.820566][ T5580] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  839.992887][ T5595] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  839.993377][ T5593] veth0_to_team: entered promiscuous mode
[  840.012105][ T5593] veth0_to_team: left promiscuous mode
[  840.159979][   T87] hsr_slave_0: left promiscuous mode
[  840.169836][   T87] hsr_slave_1: left promiscuous mode
[  840.192708][   T87] veth0_macvtap: left promiscuous mode
[  840.228052][T18666] Bluetooth: hci1: command tx timeout
[  840.248108][ T5605] netlink: 21 bytes leftover after parsing attributes in process `syz.9.10300'.
[  840.309851][   T87] pim6reg (unregistering): left allmulticast mode
[  840.316908][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  840.316923][   T40] audit: type=1400 audit(1783385033.679:35032): avc:  denied  { mounton } for  pid=5607 comm="syz.5.10302" path="/2/file0" dev="tmpfs" ino=28 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  840.440013][ T5615] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10304'.
[  840.443141][ T5615] netlink: 44 bytes leftover after parsing attributes in process `syz.8.10304'.
[  840.496422][   T87] team0 (unregistering): Port device team_slave_1 removed
[  840.503901][ T5617] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10305'.
[  840.508244][ T5617] overlayfs: missing 'lowerdir'
[  840.516902][   T40] audit: type=1400 audit(1783385033.863:35033): avc:  denied  { watch watch_reads } for  pid=5616 comm="syz.5.10305" path="/3/file0" dev="9p" ino=74472413 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  840.538300][   T87] team0 (unregistering): Port device team_slave_0 removed
[  840.718224][ T5627] veth0_to_team: entered promiscuous mode
[  840.721515][ T5627] veth0_to_team: left promiscuous mode
[  840.816032][ T5634] FAULT_INJECTION: forcing a failure.
[  840.816032][ T5634] name failslab, interval 1, probability 0, space 0, times 0
[  840.826949][ T5634] CPU: 0 UID: 0 PID: 5634 Comm: syz.9.10309 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  840.826981][ T5634] Tainted: [L]=SOFTLOCKUP
[  840.826988][ T5634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  840.826998][ T5634] Call Trace:
[  840.827005][ T5634]  <TASK>
[  840.827012][ T5634]  dump_stack_lvl+0x100/0x190
[  840.827041][ T5634]  should_fail_ex.cold+0x5/0xa
[  840.827068][ T5634]  should_failslab+0xc2/0x120
[  840.827091][ T5634]  __kvmalloc_node_noprof+0xfa/0xa00
[  840.827128][ T5634]  ? seq_read_iter+0x819/0x1270
[  840.827151][ T5634]  ? look_up_lock_class+0x64/0x120
[  840.827181][ T5634]  seq_read_iter+0x819/0x1270
[  840.827214][ T5634]  seq_read+0x33b/0x4c0
[  840.827236][ T5634]  ? __pfx_seq_read+0x10/0x10
[  840.827259][ T5634]  ? lock_acquire+0x1b1/0x370
[  840.827285][ T5634]  ? avc_policy_seqno+0x9/0x20
[  840.827304][ T5634]  ? selinux_file_permission+0x8f/0x6d0
[  840.827339][ T5634]  ? rw_verify_area+0xce/0x6d0
[  840.827354][ T5634]  ? __pfx_seq_read+0x10/0x10
[  840.827376][ T5634]  vfs_read+0x1e4/0xb30
[  840.827400][ T5634]  ? __pfx_vfs_read+0x10/0x10
[  840.827419][ T5634]  ? __fget_files+0x215/0x3d0
[  840.827448][ T5634]  ? __fget_files+0x21f/0x3d0
[  840.827481][ T5634]  ksys_read+0x12a/0x250
[  840.827502][ T5634]  ? __pfx_ksys_read+0x10/0x10
[  840.827525][ T5634]  ? rcu_is_watching+0x12/0xc0
[  840.827556][ T5634]  do_syscall_64+0x115/0x870
[  840.827580][ T5634]  ? clear_bhb_loop+0x40/0x90
[  840.827602][ T5634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.827621][ T5634] RIP: 0033:0x7f9a06b9ce59
[  840.827636][ T5634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  840.827653][ T5634] RSP: 002b:00007f9a04df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  840.827671][ T5634] RAX: ffffffffffffffda RBX: 00007f9a06e16090 RCX: 00007f9a06b9ce59
[  840.827684][ T5634] RDX: 0000000000002020 RSI: 0000200000000040 RDI: 0000000000000005
[  840.827694][ T5634] RBP: 00007f9a04df6090 R08: 0000000000000000 R09: 0000000000000000
[  840.827706][ T5634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  840.827718][ T5634] R13: 00007f9a06e16128 R14: 00007f9a06e16090 R15: 00007fff6148eb48
[  840.827745][ T5634]  </TASK>
[  841.002014][ T5643] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  841.069638][T31431] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  841.086267][T31431] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  841.102312][T31431] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  841.106331][T31431] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  841.109733][T31431] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  841.200847][ T5659] IPv6: NLM_F_CREATE should be specified when creating new route
[  841.229215][ T5659] zonefs (loop5) ERROR: Not a zoned block device
[  841.242765][ T5645] lo speed is unknown, defaulting to 1000
[  841.421572][ T5645] ��������3��k� speed is unknown, defaulting to 1000
[  841.608632][ T5645] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.610857][ T5645] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.612943][ T5645] bridge_slave_0: entered allmulticast mode
[  841.615647][ T5645] bridge_slave_0: entered promiscuous mode
[  841.618816][ T5645] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.620972][ T5645] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.623137][ T5645] bridge_slave_1: entered allmulticast mode
[  841.625894][ T5914] usb 7-1: new high-speed USB device number 74 using dummy_hcd
[  841.626147][ T5645] bridge_slave_1: entered promiscuous mode
[  841.648221][ T5645] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  841.654734][ T5645] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  841.671156][ T5645] team0: Port device team_slave_0 added
[  841.674844][ T5645] team0: Port device team_slave_1 added
[  841.747582][ T5674] veth0_to_team: entered promiscuous mode
[  841.751527][ T5674] veth0_to_team: left promiscuous mode
[  841.761367][ T5645] batman_adv: batadv0: Adding interface: batadv_slave_0
[  841.764425][ T5645] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  841.774776][ T5645] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  841.797499][ T5645] batman_adv: batadv0: Adding interface: batadv_slave_1
[  841.802837][ T5645] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  841.803494][ T5914] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  841.813427][ T5645] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  841.854833][ T5914] usb 7-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  841.865813][ T5914] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  841.873507][ T5914] usb 7-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  841.873687][ T5645] hsr_slave_0: entered promiscuous mode
[  841.881863][ T5645] hsr_slave_1: entered promiscuous mode
[  841.882989][ T5914] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  841.884794][ T5676] 9pnet_fd: p9_fd_create_tcp (5676): problem binding to privport
[  841.884803][ T5645] debugfs: 'hsr0' already exists in 'hsr'
[  841.884822][ T5645] Cannot create hsr debugfs directory
[  841.889087][ T5914] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  841.903284][ T5914] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  841.907238][ T5914] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  841.910560][ T5914] usb 7-1: Product: syz
[  841.912806][ T5914] usb 7-1: Manufacturer: syz
[  841.924172][ T5663] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  841.930456][ T5914] cdc_wdm 7-1:1.0: skipping garbage
[  841.932866][ T5914] cdc_wdm 7-1:1.0: skipping garbage
[  841.937253][ T5914] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  841.938026][ T5679] EXT4-fs error: 37 callbacks suppressed
[  841.938093][ T5679] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:63: iget: checksum invalid
[  841.939905][ T5914] cdc_wdm 7-1:1.0: Unknown control protocol
[  841.976083][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  841.987823][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  841.993304][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  842.043872][ T5683] ipt_REJECT: TCP_RESET invalid for non-tcp
[  842.154011][ T5663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  842.157994][ T5663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  842.162311][T28505] usb 7-1: USB disconnect, device number 74
[  842.187215][ T5686] tipc: MTU too low for tipc bearer
[  842.470425][T18666] Bluetooth: hci1: command tx timeout
[  842.606161][ T5645] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  842.612530][ T5645] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  842.616273][ T5645] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  842.621913][ T5645] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  842.626005][ T5645] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  842.631867][ T5645] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  842.635537][ T5645] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  842.640937][ T5645] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  842.711893][ T5645] 8021q: adding VLAN 0 to HW filter on device bond0
[  842.723139][ T5645] 8021q: adding VLAN 0 to HW filter on device team0
[  842.735130][   T87] bridge0: port 1(bridge_slave_0) entered blocking state
[  842.738212][   T87] bridge0: port 1(bridge_slave_0) entered forwarding state
[  842.745598][ T8598] bridge0: port 2(bridge_slave_1) entered blocking state
[  842.747918][ T8598] bridge0: port 2(bridge_slave_1) entered forwarding state
[  842.786556][ T5693] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:3: iget: checksum invalid
[  842.791709][ T5694] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:3: iget: checksum invalid
[  842.796969][ T5695] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:3: iget: checksum invalid
[  842.801829][ T5696] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:3: iget: checksum invalid
[  842.812118][ T5697] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:63: iget: checksum invalid
[  842.818118][ T5698] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:63: iget: checksum invalid
[  842.831563][ T5645] 8021q: adding VLAN 0 to HW filter on device batadv0
[  842.866777][ T5645] veth0_vlan: entered promiscuous mode
[  842.872975][ T5645] veth1_vlan: entered promiscuous mode
[  842.894431][ T5645] veth0_macvtap: entered promiscuous mode
[  842.899226][ T5645] veth1_macvtap: entered promiscuous mode
[  842.909938][ T5645] batman_adv: batadv0: Interface activated: batadv_slave_0
[  842.918004][ T5645] batman_adv: batadv0: Interface activated: batadv_slave_1
[  842.924913][   T87] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  842.928569][   T87] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  842.931780][   T87] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  842.934448][   T87] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  842.982644][   T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  842.985550][   T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  843.015965][T18685] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  843.018436][T18685] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  843.055228][ T5710] Cannot find add_set index 0 as target
[  843.059540][ T5710] nbd: socks must be embedded in a SOCK_ITEM attr
[  843.424655][T18666] Bluetooth: hci0: command tx timeout
[  844.735826][T18666] Bluetooth: hci1: command tx timeout
[  845.678415][T18666] Bluetooth: hci0: command tx timeout
[  847.933323][T18666] Bluetooth: hci0: command tx timeout
[  849.570316][ T5149] EXT4-fs error: 16 callbacks suppressed
[  849.570328][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  849.575808][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  849.579333][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  850.187139][T18666] Bluetooth: hci0: command tx timeout
[  851.196641][ T5719] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  851.198715][ T5719] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  851.201202][ T5719] vhci_hcd vhci_hcd.0: Device attached
[  851.205039][ T5722] vhci_hcd: cannot find the pending unlink 6
[  851.208616][ T5722] vhci_hcd: connection closed
[  851.210228][ T8598] vhci_hcd vhci_hcd.5: stop threads
[  851.214633][ T8598] vhci_hcd vhci_hcd.5: release socket
[  851.217067][ T8598] vhci_hcd vhci_hcd.5: disconnect device
[  851.242025][ T5723] Bluetooth: MGMT ver 1.23
[  851.243936][ T5723] Bluetooth: hci0: invalid len left 7, exp >= 67
[  851.255762][ T5727] FAULT_INJECTION: forcing a failure.
[  851.255762][ T5727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  851.262096][ T5727] CPU: 1 UID: 0 PID: 5727 Comm: syz.9.10329 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  851.262117][ T5727] Tainted: [L]=SOFTLOCKUP
[  851.262122][ T5727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  851.262129][ T5727] Call Trace:
[  851.262134][ T5727]  <TASK>
[  851.262139][ T5727]  dump_stack_lvl+0x100/0x190
[  851.262157][ T5727]  should_fail_ex.cold+0x5/0xa
[  851.262175][ T5727]  _copy_to_iter+0x5a4/0x1720
[  851.262193][ T5727]  ? __pfx__copy_to_iter+0x10/0x10
[  851.262208][ T5727]  ? userfaultfd_show_fdinfo+0x17d/0x1d0
[  851.262224][ T5727]  ? __pfx_userfaultfd_show_fdinfo+0x10/0x10
[  851.262240][ T5727]  ? fput+0x79/0x100
[  851.262256][ T5727]  ? __pfx_userfaultfd_show_fdinfo+0x10/0x10
[  851.262272][ T5727]  ? seq_show+0x590/0x870
[  851.262288][ T5727]  seq_read_iter+0xdab/0x1270
[  851.262309][ T5727]  seq_read+0x33b/0x4c0
[  851.262324][ T5727]  ? __pfx_seq_read+0x10/0x10
[  851.262338][ T5727]  ? lock_acquire+0x1b1/0x370
[  851.262355][ T5727]  ? avc_policy_seqno+0x9/0x20
[  851.262368][ T5727]  ? selinux_file_permission+0x8f/0x6d0
[  851.262390][ T5727]  ? rw_verify_area+0xce/0x6d0
[  851.262401][ T5727]  ? __pfx_seq_read+0x10/0x10
[  851.262416][ T5727]  vfs_read+0x1e4/0xb30
[  851.262431][ T5727]  ? __pfx_vfs_read+0x10/0x10
[  851.262444][ T5727]  ? __fget_files+0x215/0x3d0
[  851.262463][ T5727]  ? __fget_files+0x21f/0x3d0
[  851.262483][ T5727]  ksys_read+0x12a/0x250
[  851.262496][ T5727]  ? __pfx_ksys_read+0x10/0x10
[  851.262510][ T5727]  ? rcu_is_watching+0x12/0xc0
[  851.262531][ T5727]  do_syscall_64+0x115/0x870
[  851.262547][ T5727]  ? clear_bhb_loop+0x40/0x90
[  851.262562][ T5727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.262575][ T5727] RIP: 0033:0x7f9a06b9ce59
[  851.262590][ T5727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  851.262605][ T5727] RSP: 002b:00007f9a04df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  851.262620][ T5727] RAX: ffffffffffffffda RBX: 00007f9a06e16090 RCX: 00007f9a06b9ce59
[  851.262633][ T5727] RDX: 0000000000002020 RSI: 0000200000000040 RDI: 0000000000000005
[  851.262645][ T5727] RBP: 00007f9a04df6090 R08: 0000000000000000 R09: 0000000000000000
[  851.262656][ T5727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  851.262666][ T5727] R13: 00007f9a06e16128 R14: 00007f9a06e16090 R15: 00007fff6148eb48
[  851.262683][ T5727]  </TASK>
[  851.304471][ T5732] veth0_to_team: entered promiscuous mode
[  851.364090][ T5732] veth0_to_team: left promiscuous mode
[  851.531696][ T5745] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:4: iget: checksum invalid
[  851.536734][ T5746] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:4: iget: checksum invalid
[  851.889690][T18666] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  851.927464][ T5771] veth0_to_team: entered promiscuous mode
[  851.930392][ T5771] gretap0: entered promiscuous mode
[  851.933373][ T5771] debugfs: 'hsr1' already exists in 'hsr'
[  851.935221][ T5771] Cannot create hsr debugfs directory
[  851.962123][ T5773] ip6gre1: entered promiscuous mode
[  851.964670][ T5773] ip6gre1: entered allmulticast mode
[  851.964779][ T5775] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10345'.
[  851.973193][ T5779] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:21: iget: checksum invalid
[  851.982249][ T5773] xt_CT: No such helper "pptp"
[  851.989926][ T5773] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10344'.
[  852.065207][ T5783] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  852.067279][ T5783] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  852.069742][ T5783] vhci_hcd vhci_hcd.0: Device attached
[  852.072298][ T5784] vhci_hcd: cannot find the pending unlink 6
[  852.076759][ T5784] vhci_hcd: connection closed
[  852.076955][T10468] vhci_hcd vhci_hcd.5: stop threads
[  852.081225][T10468] vhci_hcd vhci_hcd.5: release socket
[  852.084445][T10468] vhci_hcd vhci_hcd.5: disconnect device
[  852.333910][ T5801] veth0_to_team: entered promiscuous mode
[  852.336659][ T5801] gretap0: entered promiscuous mode
[  852.339278][ T5801] debugfs: 'hsr1' already exists in 'hsr'
[  852.341192][ T5801] Cannot create hsr debugfs directory
[  852.346220][ T5803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5126 sclass=netlink_route_socket pid=5803 comm=syz.2.10351
[  852.391626][ T5808] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10354'.
[  852.431293][ T5808] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10354'.
[  852.576221][ T5824] FAULT_INJECTION: forcing a failure.
[  852.576221][ T5824] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  852.581694][ T5824] CPU: 0 UID: 0 PID: 5824 Comm: syz.9.10358 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  852.581723][ T5824] Tainted: [L]=SOFTLOCKUP
[  852.581730][ T5824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  852.581741][ T5824] Call Trace:
[  852.581749][ T5824]  <TASK>
[  852.581758][ T5824]  dump_stack_lvl+0x100/0x190
[  852.581785][ T5824]  should_fail_ex.cold+0x5/0xa
[  852.581812][ T5824]  _copy_to_user+0x32/0xd0
[  852.581837][ T5824]  simple_read_from_buffer+0xcb/0x170
[  852.581879][ T5824]  proc_fail_nth_read+0x1af/0x230
[  852.581903][ T5824]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  852.581925][ T5824]  ? rw_verify_area+0xce/0x6d0
[  852.581944][ T5824]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  852.581964][ T5824]  vfs_read+0x1e4/0xb30
[  852.581993][ T5824]  ? __pfx_vfs_read+0x10/0x10
[  852.582012][ T5824]  ? __fget_files+0x215/0x3d0
[  852.582041][ T5824]  ? __fget_files+0x21f/0x3d0
[  852.582071][ T5824]  ksys_read+0x12a/0x250
[  852.582091][ T5824]  ? __pfx_ksys_read+0x10/0x10
[  852.582112][ T5824]  ? rcu_is_watching+0x12/0xc0
[  852.582143][ T5824]  do_syscall_64+0x115/0x870
[  852.582167][ T5824]  ? clear_bhb_loop+0x40/0x90
[  852.582191][ T5824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.582210][ T5824] RIP: 0033:0x7f9a06b5d68e
[  852.582227][ T5824] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  852.582243][ T5824] RSP: 002b:00007f9a04df5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  852.582262][ T5824] RAX: ffffffffffffffda RBX: 00007f9a04df66c0 RCX: 00007f9a06b5d68e
[  852.582273][ T5824] RDX: 000000000000000f RSI: 00007f9a04df60a0 RDI: 0000000000000006
[  852.582285][ T5824] RBP: 00007f9a04df6090 R08: 0000000000000000 R09: 0000000000000000
[  852.582296][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.582307][ T5824] R13: 00007f9a06e16128 R14: 00007f9a06e16090 R15: 00007fff6148eb48
[  852.582333][ T5824]  </TASK>
[  852.668820][ T5826] binder: 5825:5826 ioctl c00c620f 200000000300 returned -22
[  852.719296][ T5832] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:37: iget: checksum invalid
[  852.726548][ T5833] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:37: iget: checksum invalid
[  852.775547][   T40] audit: type=1400 audit(1783385045.176:35034): avc:  denied  { map } for  pid=5827 comm="syz.8.10361" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  852.788338][ T5829] binder: binder_mmap: 5827 200000ffa000-200000ffd000 bad vm_flags failed -1
[  852.839728][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  852.851900][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  852.867063][ T5841] Bluetooth: MGMT ver 1.23
[  852.963840][ T5854] netlink: 'syz.2.10368': attribute type 8 has an invalid length.
[  852.966334][ T5854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10368'.
[  852.974017][ T5854] bond0: entered promiscuous mode
[  852.976915][ T5854] bond_slave_0: entered promiscuous mode
[  852.978832][ T5854] bond_slave_1: entered promiscuous mode
[  852.982041][ T5854] bond0: left promiscuous mode
[  852.986535][ T5854] bond_slave_0: left promiscuous mode
[  852.988941][ T5854] bond_slave_1: left promiscuous mode
[  852.999121][ T5856] xt_cluster: node mask cannot exceed total number of nodes
[  853.112664][   T40] audit: type=1400 audit(1783385045.480:35035): avc:  denied  { create } for  pid=5869 comm="syz.2.10373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  853.131222][   T40] audit: type=1400 audit(1783385045.480:35036): avc:  denied  { write } for  pid=5869 comm="syz.2.10373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  853.175621][ T5879] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10376'.
[  853.179597][ T5879] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10376'.
[  853.229202][ T5883] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  853.246318][ T5886] tipc: Enabled bearer <udp:syz0>, priority 10
[  853.337447][   T40] audit: type=1400 audit(1783385045.692:35037): avc:  denied  { setopt } for  pid=5887 comm="syz.2.10380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  853.360685][ T5901] netlink: 60 bytes leftover after parsing attributes in process `syz.9.10384'.
[  853.364658][ T5902] netlink: 60 bytes leftover after parsing attributes in process `syz.9.10384'.
[  853.378107][ T5899] netlink: 'syz.8.10383': attribute type 1 has an invalid length.
[  853.380777][ T5899] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  853.384154][ T5899] SELinux: security_context_str_to_sid (sysidm_u) failed with errno=-22
[  853.393819][   T40] audit: type=1400 audit(1783385045.738:35038): avc:  denied  { getattr } for  pid=5900 comm="syz.9.10384" name="/" dev="9p" ino=74472413 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  853.402277][ T5901] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  853.419367][   T40] audit: type=1400 audit(1783385045.775:35039): avc:  denied  { rename } for  pid=5900 comm="syz.9.10384" name="file0" dev="overlay" ino=74473633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  853.429006][   T40] audit: type=1400 audit(1783385045.775:35040): avc:  denied  { unlink } for  pid=5900 comm="syz.9.10384" name="file1" dev="overlay" ino=74472431 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  853.457262][   T40] audit: type=1400 audit(1783385045.803:35041): avc:  denied  { create } for  pid=5900 comm="syz.9.10384" name="#9b" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  853.465134][   T40] audit: type=1400 audit(1783385045.803:35042): avc:  denied  { associate } for  pid=5900 comm="syz.9.10384" name="#9b" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  853.488864][   T40] audit: type=1400 audit(1783385045.821:35043): avc:  denied  { setattr } for  pid=5900 comm="syz.9.10384" name="#9b" dev="tmpfs" ino=2844 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  853.646910][ T5924] netlink: 'syz.5.10392': attribute type 2 has an invalid length.
[  853.730886][ T5934] veth0_to_team: entered promiscuous mode
[  853.735814][ T5934] veth0_to_team: left promiscuous mode
[  853.754145][ T5937] FAULT_INJECTION: forcing a failure.
[  853.754145][ T5937] name failslab, interval 1, probability 0, space 0, times 0
[  853.758573][ T5937] CPU: 3 UID: 0 PID: 5937 Comm: syz.9.10388 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  853.758604][ T5937] Tainted: [L]=SOFTLOCKUP
[  853.758609][ T5937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  853.758616][ T5937] Call Trace:
[  853.758621][ T5937]  <TASK>
[  853.758626][ T5937]  dump_stack_lvl+0x100/0x190
[  853.758643][ T5937]  should_fail_ex.cold+0x5/0xa
[  853.758659][ T5937]  ? tomoyo_realpath_from_path+0xb6/0x690
[  853.758677][ T5937]  should_failslab+0xc2/0x120
[  853.758703][ T5937]  __kmalloc_noprof+0xe0/0x850
[  853.758720][ T5937]  ? kfree+0x1dd/0x6c0
[  853.758738][ T5937]  tomoyo_realpath_from_path+0xb6/0x690
[  853.758759][ T5937]  tomoyo_path_number_perm+0x23c/0x580
[  853.758775][ T5937]  ? tomoyo_path_number_perm+0x22e/0x580
[  853.758792][ T5937]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  853.758822][ T5937]  ? find_held_lock+0x2b/0x80
[  853.758832][ T5937]  ? __fget_files+0x215/0x3d0
[  853.758845][ T5937]  ? hook_file_ioctl_common+0x149/0x410
[  853.758857][ T5937]  ? __fget_files+0x215/0x3d0
[  853.758874][ T5937]  ? __fget_files+0x21f/0x3d0
[  853.758890][ T5937]  security_file_ioctl+0xd3/0x230
[  853.758908][ T5937]  __x64_sys_ioctl+0xb7/0x210
[  853.758921][ T5937]  do_syscall_64+0x115/0x870
[  853.758936][ T5937]  ? clear_bhb_loop+0x40/0x90
[  853.758954][ T5937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.758966][ T5937] RIP: 0033:0x7f9a06b9ce59
[  853.758976][ T5937] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  853.758987][ T5937] RSP: 002b:00007f9a04df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  853.758999][ T5937] RAX: ffffffffffffffda RBX: 00007f9a06e16090 RCX: 00007f9a06b9ce59
[  853.759006][ T5937] RDX: 0000200000000940 RSI: 00000000000089e0 RDI: 0000000000000003
[  853.759013][ T5937] RBP: 00007f9a04df6090 R08: 0000000000000000 R09: 0000000000000000
[  853.759019][ T5937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  853.759026][ T5937] R13: 00007f9a06e16128 R14: 00007f9a06e16090 R15: 00007fff6148eb48
[  853.759041][ T5937]  </TASK>
[  853.759547][ T5937] ERROR: Out of memory at tomoyo_realpath_from_path.
[  853.911418][ T5940] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10396'.
[  854.094004][ T5951] netlink: 'syz.5.10401': attribute type 14 has an invalid length.
[  854.739135][T30150] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  854.912994][T30150] usb 13-1: Using ep0 maxpacket: 32
[  854.920356][T30150] usb 13-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  854.925947][T30150] usb 13-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1536, setting to 1024
[  854.930911][T30150] usb 13-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  854.945060][T30150] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  854.951317][T30150] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.962833][T30150] usb 13-1: Product: 䠊
[  854.964228][T30150] usb 13-1: Manufacturer: 、
[  854.968244][T30150] usb 13-1: SerialNumber: 좗뾌缣넾鱮蔔Ơ⎌쎱ꀗ隴㓽䚕︬팰䟵킗䑇雏廹ᨭ㬙䫾뱹龣晶ᬤ੓恣
[  855.225735][ T5988] EXT4-fs error: 3 callbacks suppressed
[  855.225746][ T5988] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:7: iget: checksum invalid
[  855.245219][ T5990] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:7: iget: checksum invalid
[  855.269566][ T5956] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2561 sclass=netlink_route_socket pid=5956 comm=syz.8.10403
[  855.283235][T30150] cdc_ncm 13-1:1.0: bind() failure
[  855.287864][T30150] cdc_ncm 13-1:1.1: CDC Union missing and no IAD found
[  855.290321][T30150] cdc_ncm 13-1:1.1: bind() failure
[  855.301651][T30150] usb 13-1: USB disconnect, device number 6
[  855.321103][T19586] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  855.330848][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  855.334378][T19586] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  855.339145][T19586] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  855.349048][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  855.368247][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  855.398679][ T6002] nilfs2: Unknown parameter 'norecoveryard#'
[  855.415555][ T6004] veth0_to_team: entered promiscuous mode
[  855.427738][ T6004] veth0_to_team: left promiscuous mode
[  855.485574][ T6010] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(4)
[  855.487662][ T6010] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  855.498643][ T6010] vhci_hcd vhci_hcd.0: Device attached
[  855.503139][ T6011] vhci_hcd: connection closed
[  855.507491][ T8595] vhci_hcd vhci_hcd.9: stop threads
[  855.511625][ T8595] vhci_hcd vhci_hcd.9: release socket
[  855.513535][ T8595] vhci_hcd vhci_hcd.9: disconnect device
[  855.579630][ T6019] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  855.622586][ T6022] netlink: 'syz.2.10424': attribute type 19 has an invalid length.
[  855.622621][ T6024] netlink: 'syz.2.10424': attribute type 19 has an invalid length.
[  855.625530][ T6022] netlink: 'syz.2.10424': attribute type 19 has an invalid length.
[  855.628979][ T6024] netlink: 'syz.2.10424': attribute type 19 has an invalid length.
[  856.002767][ T6033] netlink: 'syz.8.10428': attribute type 39 has an invalid length.
[  856.149359][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  856.169038][ T6041] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[  856.169621][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  856.474130][ T6055] xt_hashlimit: size too large, truncated to 1048576
[  856.773841][ T6059] qnx4: no qnx4 filesystem (no root dir).
[  856.813122][ T6061] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4)
[  856.815628][ T6061] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  856.819401][ T6061] vhci_hcd vhci_hcd.0: Device attached
[  856.822625][ T6062] vhci_hcd: connection closed
[  856.830780][T10471] vhci_hcd vhci_hcd.8: stop threads
[  856.835062][T10471] vhci_hcd vhci_hcd.8: release socket
[  856.837435][T10471] vhci_hcd vhci_hcd.8: disconnect device
[  857.576372][ T6078] netlink: 'syz.2.10441': attribute type 30 has an invalid length.
[  857.595311][ T6078] bond5: option arp_missed_max: invalid value (0)
[  857.597337][ T6078] bond5: option arp_missed_max: allowed values 1 - 255
[  857.606064][ T6078] bond5 (unregistering): Released all slaves
[  857.651675][ T6083] __nla_validate_parse: 12 callbacks suppressed
[  857.651695][ T6083] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10442'.
[  857.665803][ T6083] block nbd6: Unsupported socket: should be TCP or UNIX.
[  857.738561][T31431] Bluetooth: hci4: command 0x1003 tx timeout
[  857.739337][ T6087] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10442'.
[  857.741464][T18666] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  857.751832][ T6087] nbd: must specify at least one socket
[  857.941179][ T6101] FAULT_INJECTION: forcing a failure.
[  857.941179][ T6101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  857.948506][ T6101] CPU: 2 UID: 0 PID: 6101 Comm: syz.8.10449 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  857.948536][ T6101] Tainted: [L]=SOFTLOCKUP
[  857.948543][ T6101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  857.948553][ T6101] Call Trace:
[  857.948560][ T6101]  <TASK>
[  857.948568][ T6101]  dump_stack_lvl+0x100/0x190
[  857.948593][ T6101]  should_fail_ex.cold+0x5/0xa
[  857.948638][ T6101]  _copy_from_iter+0x1f4/0x1690
[  857.948665][ T6101]  ? __asan_memset+0x23/0x50
[  857.948693][ T6101]  ? __pfx__copy_from_iter+0x10/0x10
[  857.948715][ T6101]  ? __pfx___alloc_skb+0x10/0x10
[  857.948753][ T6101]  netlink_sendmsg+0x808/0xda0
[  857.948781][ T6101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  857.948801][ T6101]  ? __might_fault+0xa0/0x140
[  857.948836][ T6101]  ____sys_sendmsg+0x9e1/0xb70
[  857.948856][ T6101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  857.948880][ T6101]  ? __pfx_____sys_sendmsg+0x10/0x10
[  857.948946][ T6101]  ___sys_sendmsg+0x190/0x1e0
[  857.948972][ T6101]  ? __pfx____sys_sendmsg+0x10/0x10
[  857.949023][ T6101]  __sys_sendmsg+0x170/0x220
[  857.949051][ T6101]  ? __pfx___sys_sendmsg+0x10/0x10
[  857.949089][ T6101]  ? rcu_is_watching+0x12/0xc0
[  857.949120][ T6101]  do_syscall_64+0x115/0x870
[  857.949144][ T6101]  ? clear_bhb_loop+0x40/0x90
[  857.949166][ T6101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.949185][ T6101] RIP: 0033:0x7ff301b9ce59
[  857.949201][ T6101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  857.949219][ T6101] RSP: 002b:00007ff302a77028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  857.949237][ T6101] RAX: ffffffffffffffda RBX: 00007ff301e15fa0 RCX: 00007ff301b9ce59
[  857.949250][ T6101] RDX: 0000000004040084 RSI: 0000200000000580 RDI: 0000000000000004
[  857.949261][ T6101] RBP: 00007ff302a77090 R08: 0000000000000000 R09: 0000000000000000
[  857.949272][ T6101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  857.949282][ T6101] R13: 00007ff301e16038 R14: 00007ff301e15fa0 R15: 00007ffd0d7a9058
[  857.949307][ T6101]  </TASK>
[  857.950417][ T6102] netlink: 212348 bytes leftover after parsing attributes in process `syz.5.10446'.
[  858.803357][ T6121] netlink: 60 bytes leftover after parsing attributes in process `syz.2.10456'.
[  858.819485][ T6121] kAFS: unable to lookup cell 'syz1'
[  858.919762][ T6126] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10458'.
[  858.932872][ T6126] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10458'.
[  858.938854][ T6126] veth1_to_batadv: mtu less than device minimum
[  858.944579][ T6126] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10458'.
[  860.051659][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  860.051670][   T40] audit: type=1400 audit(1783385051.893:35052): avc:  denied  { mounton } for  pid=6132 comm="syz.5.10460" path="/dev/net/tun" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[  860.361063][   T40] audit: type=1400 audit(1783385052.170:35053): avc:  denied  { read } for  pid=6139 comm="syz.2.10462" name="msr" dev="devtmpfs" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  860.371171][   T40] audit: type=1400 audit(1783385052.170:35054): avc:  denied  { open } for  pid=6139 comm="syz.2.10462" path="/dev/cpu/1/msr" dev="devtmpfs" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  860.415423][   T40] audit: type=1400 audit(1783385052.179:35055): avc:  denied  { ioctl } for  pid=6139 comm="syz.2.10462" path="/dev/cpu/1/msr" dev="devtmpfs" ino=89 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  860.606086][ T6146] FAULT_INJECTION: forcing a failure.
[  860.606086][ T6146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  860.614809][ T6146] CPU: 0 UID: 0 PID: 6146 Comm: syz.5.10464 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  860.614829][ T6146] Tainted: [L]=SOFTLOCKUP
[  860.614834][ T6146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  860.614841][ T6146] Call Trace:
[  860.614845][ T6146]  <TASK>
[  860.614850][ T6146]  dump_stack_lvl+0x100/0x190
[  860.614868][ T6146]  should_fail_ex.cold+0x5/0xa
[  860.614885][ T6146]  _copy_to_user+0x32/0xd0
[  860.614901][ T6146]  simple_read_from_buffer+0xcb/0x170
[  860.614918][ T6146]  proc_fail_nth_read+0x1af/0x230
[  860.614931][ T6146]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  860.614944][ T6146]  ? rw_verify_area+0xce/0x6d0
[  860.614955][ T6146]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  860.614968][ T6146]  vfs_read+0x1e4/0xb30
[  860.614982][ T6146]  ? __pfx_vfs_read+0x10/0x10
[  860.614994][ T6146]  ? __fget_files+0x215/0x3d0
[  860.615012][ T6146]  ? __fget_files+0x21f/0x3d0
[  860.615030][ T6146]  ksys_read+0x12a/0x250
[  860.615042][ T6146]  ? __pfx_ksys_read+0x10/0x10
[  860.615056][ T6146]  ? rcu_is_watching+0x12/0xc0
[  860.615075][ T6146]  do_syscall_64+0x115/0x870
[  860.615089][ T6146]  ? clear_bhb_loop+0x40/0x90
[  860.615103][ T6146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  860.615116][ T6146] RIP: 0033:0x7f4bf055d68e
[  860.615126][ T6146] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  860.615137][ T6146] RSP: 002b:00007f4bee7f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  860.615149][ T6146] RAX: ffffffffffffffda RBX: 00007f4bee7f66c0 RCX: 00007f4bf055d68e
[  860.615156][ T6146] RDX: 000000000000000f RSI: 00007f4bee7f60a0 RDI: 0000000000000005
[  860.615163][ T6146] RBP: 00007f4bee7f6090 R08: 0000000000000000 R09: 0000000000000000
[  860.615169][ T6146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  860.615176][ T6146] R13: 00007f4bf0816038 R14: 00007f4bf0815fa0 R15: 00007ffed0ab6978
[  860.615191][ T6146]  </TASK>
[  860.978105][ T6154] bpf: Bad value for 'gid'
[  860.982407][ T6154] input: syz1 as /devices/virtual/input/input95
[  861.039892][ T5958] EXT4-fs error: 8 callbacks suppressed
[  861.039903][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  861.046594][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  861.050050][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  861.093989][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10468'.
[  861.097174][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10468'.
[  861.139123][ T6159] netlink: 'syz.5.10469': attribute type 12 has an invalid length.
[  861.280579][ T6161] Bluetooth: hci0: invalid len left 7, exp >= 67
[  861.467678][   T40] audit: type=1400 audit(1783385053.194:35056): avc:  denied  { mounton } for  pid=6166 comm="syz.5.10473" path="/proc/117/cgroup" dev="proc" ino=204045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  861.663043][ T6174] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:21: iget: checksum invalid
[  861.676542][ T6175] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:21: iget: checksum invalid
[  861.684161][ T6173] netlink: 212348 bytes leftover after parsing attributes in process `syz.8.10476'.
[  861.699252][   T40] audit: type=1326 audit(1783385053.415:35057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6172 comm="syz.8.10476" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff301b9ce59 code=0x7ffc0000
[  861.709210][   T40] audit: type=1326 audit(1783385053.415:35058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6172 comm="syz.8.10476" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff301b9ce59 code=0x7ffc0000
[  861.721623][   T40] audit: type=1326 audit(1783385053.415:35059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6172 comm="syz.8.10476" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff301b9ce59 code=0x7ffc0000
[  861.732150][   T40] audit: type=1326 audit(1783385053.415:35061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6172 comm="syz.8.10476" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff301b9ce59 code=0x7ffc0000
[  861.741798][   T40] audit: type=1326 audit(1783385053.415:35060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6172 comm="syz.8.10476" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff301b9ce59 code=0x7ffc0000
[  861.909972][ T6185] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:21: iget: checksum invalid
[  861.918439][ T6186] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:21: iget: checksum invalid
[  862.260579][ T6190] 9pnet_virtio: no channels available for device \���
[  862.543118][ T6195] erspan0: entered promiscuous mode
[  862.555841][ T6195] erspan0: left promiscuous mode
[  862.749053][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  862.758850][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  862.764813][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  862.883246][ T6199] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  862.885644][ T6199] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  862.889341][ T6199] vhci_hcd vhci_hcd.0: Device attached
[  862.892809][ T6200] vhci_hcd: cannot find the pending unlink 6
[  862.895429][ T6200] vhci_hcd: connection closed
[  862.895632][T18686] vhci_hcd vhci_hcd.5: stop threads
[  862.898989][T18686] vhci_hcd vhci_hcd.5: release socket
[  862.901589][T18686] vhci_hcd vhci_hcd.5: disconnect device
[  862.954856][   T53] usb 7-1: new high-speed USB device number 75 using dummy_hcd
[  863.133161][   T53] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  863.137767][   T53] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  863.141806][   T53] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  863.145484][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.151984][ T6197] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  863.163585][   T53] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  863.526163][ T6203] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  863.807537][ T6212] xt_hashlimit: size too large, truncated to 1048576
[  863.983909][ T5892] usb 10-1: ath9k_htc: Firmware htc_9271.fw requested
[  864.002367][T26419] usb 10-1: loading /lib/firmware/updates/syzkaller/htc_9271.fw failed with error -74
[  864.010358][T26419] usb 10-1: loading /lib/firmware/updates/htc_9271.fw failed with error -74
[  864.014454][T26419] usb 10-1: loading /lib/firmware/syzkaller/htc_9271.fw failed with error -74
[  864.019311][T26419] usb 10-1: loading /lib/firmware/htc_9271.fw failed with error -74
[  864.022673][T26419] usb 10-1: Direct firmware load for htc_9271.fw failed with error -74
[  864.026214][T26419] usb 10-1: Falling back to sysfs fallback for: htc_9271.fw
[  864.160848][ T6223] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  864.163582][ T6223] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  864.167970][ T6223] vhci_hcd vhci_hcd.0: Device attached
[  864.177588][ T6225] vhci_hcd: cannot find the pending unlink 6
[  864.179873][ T6225] vhci_hcd: connection closed
[  864.180552][T18686] vhci_hcd vhci_hcd.5: stop threads
[  864.189281][T18686] vhci_hcd vhci_hcd.5: release socket
[  864.190985][T18686] vhci_hcd vhci_hcd.5: disconnect device
[  864.701512][ T6231] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  864.845301][ T6243] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  864.851277][ T6242] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  864.851974][ T6243] __nla_validate_parse: 2 callbacks suppressed
[  864.851989][ T6243] netlink: 212408 bytes leftover after parsing attributes in process `syz.9.10499'.
[  864.921517][ T6246] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1
[  864.931239][ T6246] mac80211_hwsim hwsim71 syzkaller0: left promiscuous mode
[  864.934386][ T6246] mac80211_hwsim hwsim71 syzkaller0: left allmulticast mode
[  865.501896][   T40] kauditd_printk_skb: 58 callbacks suppressed
[  865.501914][   T40] audit: type=1400 audit(1783385056.922:35120): avc:  denied  { write } for  pid=6276 comm="syz.8.10511" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  865.629745][ T6278] binder: 6276:6278 ioctl c0306201 2000000001c0 returned -22
[  865.632873][ T6278] binder: 6276:6278 ioctl 40305828 200000000240 returned -22
[  865.636853][   T40] audit: type=1400 audit(1783385057.042:35121): avc:  denied  { connect } for  pid=6276 comm="syz.8.10511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  866.002104][ T5843] usb 7-1: USB disconnect, device number 75
[  866.037108][ T6281] veth0_to_team: entered promiscuous mode
[  866.041125][ T6281] veth0_to_team: left promiscuous mode
[  866.122426][   T40] audit: type=1400 audit(1783385057.494:35122): avc:  denied  { read } for  pid=6282 comm="syz.9.10513" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  866.131152][ T6283] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  866.137240][   T40] audit: type=1400 audit(1783385057.503:35123): avc:  denied  { read } for  pid=6282 comm="syz.9.10513" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  866.146791][   T40] audit: type=1400 audit(1783385057.503:35124): avc:  denied  { read } for  pid=6282 comm="syz.9.10513" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  866.161800][   T40] audit: type=1400 audit(1783385057.503:35125): avc:  denied  { read } for  pid=6282 comm="syz.9.10513" name="/" dev="overlay" ino=4611686018427387906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  866.170871][   T40] audit: type=1400 audit(1783385057.503:35126): avc:  denied  { open } for  pid=6282 comm="syz.9.10513" path="/568/file0" dev="overlay" ino=4611686018427387906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  866.177891][ T6283] audit: audit_backlog=65 > audit_backlog_limit=64
[  866.180492][   T40] audit: type=1400 audit(1783385057.503:35127): avc:  denied  { read } for  pid=6282 comm="syz.9.10513" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  866.182658][ T6283] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  866.400413][ T6295] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10516'.
[  866.412369][ T6295] : entered promiscuous mode
[  866.486135][ T6293] netlink: 68 bytes leftover after parsing attributes in process `syz.2.10515'.
[  866.838468][ T6321] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10526'.
[  866.842267][ T6321] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10526'.
[  866.851880][ T6321] erspan0: entered promiscuous mode
[  866.859403][ T6321] erspan0: left promiscuous mode
[  866.889604][ T6325] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  866.947812][ T6325] No source specified
[  867.046336][ T6328] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  867.050640][ T6328] netlink: 'syz.9.10528': attribute type 1 has an invalid length.
[  869.342015][ T5149] EXT4-fs error: 11 callbacks suppressed
[  869.342028][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  869.349067][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  869.352825][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  869.961493][ T6344] netlink: 276 bytes leftover after parsing attributes in process `syz.9.10534'.
[  869.991149][ T6348] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10536'.
[  869.994976][ T6348] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10536'.
[  870.006547][ T6348] erspan0: entered promiscuous mode
[  870.013696][ T6348] erspan0: left promiscuous mode
[  870.026127][ T6353] openvswitch: netlink: IPv6 tunnel dst address is zero
[  870.086809][ T6356] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10538'.
[  870.141850][ T6364] xt_connbytes: Forcing CT accounting to be enabled
[  870.151691][ T6367] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:12: iget: checksum invalid
[  870.246287][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10547'.
[  870.269911][ T6380] bond5: Invalid ad_actor_system MAC address.
[  870.272400][ T6380] bond5: option ad_actor_system: invalid value (27571)
[  870.283480][ T6380] bond5 (unregistering): Released all slaves
[  870.289185][ T6383] Bluetooth: hci0: invalid len left 7, exp >= 67
[  870.310827][ T6385] netlink: 'syz.5.10549': attribute type 21 has an invalid length.
[  870.314965][ T6385] netlink: 156 bytes leftover after parsing attributes in process `syz.5.10549'.
[  870.349841][ T6389] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10551'.
[  870.352888][ T6389] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10551'.
[  870.373492][ T6389] erspan0: entered promiscuous mode
[  870.376409][ T6389] erspan0: left promiscuous mode
[  870.459588][ T6393] [U] V�3��Fپ"S��/��4:�XTZ�W�T��LW��=
[  870.553701][ T6392] [U] J"�E:��"


[  870.672384][ T6405] Bluetooth: hci0: invalid len left 7, exp >= 67
[  870.705476][ T6406] netlink: 'syz.2.10557': attribute type 30 has an invalid length.
[  870.746778][ T6409] syzkaller0: entered promiscuous mode
[  870.751266][ T6409] syzkaller0: entered allmulticast mode
[  870.895973][ T6415] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10562'.
[  870.901468][ T6415] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10562'.
[  870.907792][ T6415] erspan0: entered promiscuous mode
[  870.917903][ T6415] erspan0: left promiscuous mode
[  870.943088][ T6417] fuse: Bad value for 'group_id'
[  870.944746][ T6417] fuse: Bad value for 'group_id'
[  870.998326][   T40] kauditd_printk_skb: 328 callbacks suppressed
[  870.998345][   T40] audit: type=1400 audit(1783385061.996:35392): avc:  denied  { setopt } for  pid=6418 comm="syz.2.10564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  871.058292][   T40] audit: type=1400 audit(1783385062.043:35393): avc:  denied  { setattr } for  pid=6424 comm="syz.9.10566" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  871.062293][ T6425] configfs: Unknown parameter '
'
[  871.149883][   T40] audit: type=1400 audit(1783385062.135:35394): avc:  denied  { write } for  pid=6424 comm="syz.9.10566" name="/" dev="9p" ino=74472413 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  871.162078][ T6427] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:12: iget: checksum invalid
[  871.169144][ T6428] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:12: iget: checksum invalid
[  871.183575][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10566'.
[  871.183886][ T6430] SELinux:  Context system_u:object_r:dlm_control_device_t:s0 is not valid (left unmapped).
[  871.192142][   T40] audit: type=1400 audit(1783385062.172:35395): avc:  denied  { relabelto } for  pid=6429 comm="syz.2.10565" name="440" dev="tmpfs" ino=2312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.204369][   T40] audit: type=1400 audit(1783385062.172:35396): avc:  denied  { associate } for  pid=6429 comm="syz.2.10565" name="440" dev="tmpfs" ino=2312 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.220739][   T40] audit: type=1400 audit(1783385062.190:35397): avc:  denied  { write } for  pid=1787 comm="syz-executor" name="440" dev="tmpfs" ino=2312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.233537][   T40] audit: type=1400 audit(1783385062.190:35398): avc:  denied  { remove_name } for  pid=1787 comm="syz-executor" name="binderfs" dev="tmpfs" ino=2316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.246821][   T40] audit: type=1400 audit(1783385062.190:35399): avc:  denied  { write } for  pid=1787 comm="syz-executor" name="440" dev="tmpfs" ino=2312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.257542][   T40] audit: type=1400 audit(1783385062.190:35400): avc:  denied  { write } for  pid=1787 comm="syz-executor" name="440" dev="tmpfs" ino=2312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.267195][   T40] audit: type=1400 audit(1783385062.190:35401): avc:  denied  { write } for  pid=1787 comm="syz-executor" name="440" dev="tmpfs" ino=2312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:dlm_control_device_t:s0"
[  871.278431][ T6433] Bluetooth: hci0: invalid len left 7, exp >= 67
[  871.317553][ T6440] netlink: 'syz.8.10571': attribute type 1 has an invalid length.
[  871.350697][ T6440] 8021q: adding VLAN 0 to HW filter on device bond1
[  871.372644][ T6444] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:10: iget: checksum invalid
[  871.382428][ T6445] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:10: iget: checksum invalid
[  871.449020][ T6440] veth3: entered promiscuous mode
[  871.461397][ T6446] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6446 comm=syz.8.10571
[  871.466059][ T6440] bond1: (slave veth3): Enslaving as an active interface with a down link
[  871.484497][ T6446] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  871.586769][ T6450] ipvlan2: entered allmulticast mode
[  871.592283][ T6450] veth0_to_bridge: entered allmulticast mode
[  871.603867][ T6450] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  871.652904][ T6453] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10574'.
[  871.661753][ T6453] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10574'.
[  871.673017][ T6453] erspan0: entered promiscuous mode
[  871.680561][ T6453] erspan0: left promiscuous mode
[  871.691593][ T6443] syzkaller1: entered promiscuous mode
[  871.698917][ T6443] syzkaller1: entered allmulticast mode
[  871.912981][ T6465] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  871.943913][ T6468] binder: 6467:6468 ioctl c0306201 200000000240 returned -22
[  871.958877][ T6470] kernel read not supported for file /policy (pid: 6470 comm: syz.8.10580)
[  871.966951][ T6471] kernel read not supported for file /policy (pid: 6471 comm: syz.8.10580)
[  872.010829][ T6477] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:18: iget: checksum invalid
[  872.015386][ T6468] 0xfffffffffffffffd-0x000000020000 : ""
[  872.020550][ T6468] mtd: partition "" is out of reach -- disabled
[  872.024284][ T6476] SELinux: failed to load policy
[  872.057935][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  872.065673][ T6468] ftl_cs: FTL header not found.
[  872.075645][ T6480] netlink: 28 bytes leftover after parsing attributes in proceqemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xcd000)
ss `syz.8.10584'.
[  872.078844][ T6480] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10584'.
[  872.085580][ T6480] erspan0: entered promiscuous mode
[  872.088910][ T6480] erspan0: left promiscuous mode
[  872.125317][ T6483] veth0_to_team: entered promiscuous mode
[  872.134067][ T6483] veth0_to_team: left promiscuous mode
[  872.156166][ T1133] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  872.159236][ T1133] ata1: failed to read log page 10h (errno=-5)
[  872.161336][ T1133] ata1.00: exception Emask 0x1 SAct 0x40000000 SErr 0x0 action 0x0
[  872.164596][ T1133] ata1.00: irq_stat 0x41000000
[  872.167404][ T1133] ata1.00: failed command: READ FPDMA QUEUED
[  872.169407][ T1133] ata1.00: cmd 60/68:f0:36:24:08/06:00:00:00:00/40 tag 30 ncq dma 839680 in
[  872.169407][ T1133]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  872.174757][ T1133] ata1.00: status: { DRDY }
[  872.176326][ T1133] ata1.00: error: { ABRT }
[  872.179501][ T1133] ata1.00: configured for UDMA/100
[  872.181429][ T1133] sd 0:0:0:0: [sda] tag#30 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  872.184568][ T1133] sd 0:0:0:0: [sda] tag#30 Sense Key : Aborted Command [current] 
[  872.188077][ T1133] sd 0:0:0:0: [sda] tag#30 Add. Sense: No additional sense information
[  872.191541][ T1133] sd 0:0:0:0: [sda] tag#30 CDB: Read(10) 28 00 00 08 24 36 00 06 68 00
[  872.194908][ T1133] I/O error, dev sda, sector 533558 op 0x0:(READ) flags 0x80700 phys_seg 78 prio class 2
[  872.201005][ T1133] ata1: EH complete
[  872.212674][ T6481] udevd[6481]: failed to execute '/lib/udev/mtd_probe' 'mtd_probe /dev/mtd1ro': Bad message
[  872.905515][ T6534] netem: incorrect gi model size
[  872.914891][ T6534] netem: change failed
[  873.188033][ T6552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=6552 comm=syz.5.10603
[  873.192395][ T6551] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=6551 comm=syz.5.10603
[  873.390869][ T6570] ip6t_srh: unknown srh invflags 51E8
[  873.541897][ T6573] tipc: Started in network mode
[  873.544366][ T6573] tipc: Node identity ac14140f, cluster identity 4711
[  873.551843][ T6573] tipc: New replicast peer: 255.255.255.255
[  873.555433][ T6573] tipc: Enabled bearer <udp:syz2>, priority 10
[  873.788641][ T6584] nfs: Unknown parameter '
[  873.788641][ T6584] <ck'
[  873.797782][ T6584] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  874.123455][ T6620] netlink: 'syz.5.10628': attribute type 39 has an invalid length.
[  874.181113][ T6628] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  874.377957][ T8600] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  874.624546][ T6661] netlink: 'syz.2.10642': attribute type 2 has an invalid length.
[  874.628018][ T1348] usb 13-1: new high-speed USB device number 7 using dummy_hcd
[  874.652200][ T6663] blktrace: Concurrent blktraces are not allowed on sg0
[  874.788562][ T1348] usb 13-1: Using ep0 maxpacket: 16
[  874.792761][ T1348] usb 13-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  874.793306][ T6669] 8021q: adding VLAN 0 to HW filter on device bond1
[  874.796304][ T1348] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  874.802929][ T1348] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  874.809385][ T1348] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  874.813910][ T5914] tipc: Node number set to 2886997007
[  874.816690][ T1348] usb 13-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  874.823081][ T1348] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  874.829236][ T6677] veth0_to_team: entered promiscuous mode
[  874.829626][ T1348] usb 13-1: config 0 descriptor??
[  874.834651][ T6677] veth0_to_team: left promiscuous mode
[  874.851378][T11666] EXT4-fs error: 8 callbacks suppressed
[  874.851389][T11666] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  874.857468][T11666] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  874.862027][T11666] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.090057][ T6706] netlink: 'syz.9.10657': attribute type 32 has an invalid length.
[  875.131409][ T6712] netlink: 'syz.9.10658': attribute type 3 has an invalid length.
[  875.158921][ T6703] geneve1: entered allmulticast mode
[  875.277424][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.282662][ T1348] input: HID 0458:5013 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5013.0028/input/input96
[  875.287175][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.293720][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.315709][ T1348] input: HID 0458:5013 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5013.0028/input/input97
[  875.336309][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.342391][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.347145][T11666] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.355137][ T5958] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1135: comm udevd: iget: checksum invalid
[  875.463505][ T6704] cgroup: fork rejected by pids controller in /syz5
[  875.479795][ T1348] kye 0003:0458:5013.0028: input,hiddev0,hidraw1: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.8-1/input0
[  875.520944][ T6746] udevd[6746]: failed to execute '/lib/udev/fido_id' 'fido_id': Bad message
[  875.643064][T19383] usb 13-1: USB disconnect, device number 7
[  875.777833][T31431] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  875.794169][T31431] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  875.803590][T31431] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  875.806523][T31431] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  875.809258][T31431] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  875.887618][ T6759] lo speed is unknown, defaulting to 1000
[  876.408848][T32670] bridge0: port 3(syz_tun) entered disabled state
[  876.433257][T32670] syz_tun (unregistering): left allmulticast mode
[  876.436026][T32670] syz_tun (unregistering): left promiscuous mode
[  876.438731][T32670] bridge0: port 3(syz_tun) entered disabled state
[  876.485463][ T6795] __nla_validate_parse: 23 callbacks suppressed
[  876.485480][ T6795] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10666'.
[  876.499610][ T6795] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10666'.
[  876.547868][ T6759] ��������3��k� speed is unknown, defaulting to 1000
[  876.659449][ T6805] input: syz1 as /devices/virtual/input/input98
[  876.921273][ T6759] bridge0: port 1(bridge_slave_0) entered blocking state
[  876.924395][ T6759] bridge0: port 1(bridge_slave_0) entered disabled state
[  876.927680][ T6759] bridge_slave_0: entered allmulticast mode
[  876.931626][ T6759] bridge_slave_0: entered promiscuous mode
[  876.936816][ T6759] bridge0: port 2(bridge_slave_1) entered blocking state
[  876.939877][ T6759] bridge0: port 2(bridge_slave_1) entered disabled state
[  876.942721][ T6759] bridge_slave_1: entered allmulticast mode
[  876.945516][ T6759] bridge_slave_1: entered promiscuous mode
[  876.965503][ T6759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  876.970139][ T6759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  876.992607][ T6759] team0: Port device team_slave_0 added
[  876.996530][ T6759] team0: Port device team_slave_1 added
[  877.011655][ T6759] batman_adv: batadv0: Adding interface: batadv_slave_0
[  877.013775][ T6759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  877.021419][ T6759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  877.026080][ T6759] batman_adv: batadv0: Adding interface: batadv_slave_1
[  877.028236][ T6759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  877.036721][ T6759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  877.066791][ T6759] hsr_slave_0: entered promiscuous mode
[  877.069887][ T6759] hsr_slave_1: entered promiscuous mode
[  877.072162][ T6759] debugfs: 'hsr0' already exists in 'hsr'
[  877.074019][ T6759] Cannot create hsr debugfs directory
[  877.120225][ T6819] binder: binder_mmap: 6818 200000ffa000-200000ffd000 bad vm_flags failed -1
[  877.129882][ T6821] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10673'.
[  877.143803][ T6819] i2c i2c-1: dtv_property_process_set: SET cmd 0x813bd2ea undefined
[  877.326033][ T6836] netlink: 'syz.8.10678': attribute type 5 has an invalid length.
[  877.330293][ T6759] netdevsim netdevsim9 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  877.337277][ T6759] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.525164][ T6759] netdevsim netdevsim9 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  877.529300][ T6759] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.598333][ T6846] comedi comedi3: s526: a I/O base address must be specified
[  877.613551][ T6849] netlink: 24 bytes leftover after parsing attributes in process `syz.8.10681'.
[  877.631425][ T6849] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  877.655171][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  877.655190][   T40] audit: type=1400 audit(1783385068.132:35415): avc:  denied  { write } for  pid=6850 comm="syz.5.10684" name="/" dev="9p" ino=74472413 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  877.702985][ T6759] netdevsim netdevsim9 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  877.706133][ T6759] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.916409][ T6759] netdevsim netdevsim9 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  877.920429][ T6759] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  878.018486][T31431] Bluetooth: hci4: command tx timeout
[  878.111469][ T6872] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3992977407 (63887638512 ns) > initial count (32 ns). Using initial count to start timer.
[  878.274872][ T6759] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  878.281318][ T6759] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  878.285237][ T6759] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  878.291704][ T6759] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  878.295710][ T6759] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  878.302355][ T6759] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  878.306120][ T6759] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  878.311740][ T6759] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  878.370385][ T6886] overlayfs: missing 'lowerdir'
[  878.371152][ T6759] 8021q: adding VLAN 0 to HW filter on device bond0
[  878.386981][ T6759] 8021q: adding VLAN 0 to HW filter on device team0
[  878.394343][T18686] bridge0: port 1(bridge_slave_0) entered blocking state
[  878.397099][T18686] bridge0: port 1(bridge_slave_0) entered forwarding state
[  878.407287][ T8595] bridge0: port 2(bridge_slave_1) entered blocking state
[  878.410358][ T8595] bridge0: port 2(bridge_slave_1) entered forwarding state
[  878.495528][ T6759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  878.551297][ T6759] veth0_vlan: entered promiscuous mode
[  878.563661][ T6759] veth1_vlan: entered promiscuous mode
[  878.590188][ T6759] veth0_macvtap: entered promiscuous mode
[  878.596543][ T6759] veth1_macvtap: entered promiscuous mode
[  878.612448][ T6759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  878.626150][ T6759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  878.635190][T10471] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  878.639160][T10471] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  878.642045][T10471] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  878.645663][T10471] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  878.720604][ T8600] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  878.723999][ T8600] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  878.823481][T10471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  878.827109][T10471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  879.277888][   T40] audit: type=1400 audit(1783385069.636:35416): avc:  denied  { accept } for  pid=6922 comm="syz.9.10660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  879.287259][   T40] audit: type=1400 audit(1783385069.636:35417): avc:  denied  { nlmsg_read } for  pid=6922 comm="syz.9.10660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  879.487276][ T6925] netlink: 152868 bytes leftover after parsing attributes in process `syz.2.10698'.
[  879.491403][ T6925] netlink: Conntrack attr has 4 unknown bytes
[  879.496516][ T6942] SELinux: failed to load policy
[  879.867584][ T6952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  879.874886][ T6952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  879.879169][ T6952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  879.893760][ T6952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  879.965714][ T6964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10713'.
[  879.969049][ T6964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10713'.
[  880.024162][   T40] audit: type=1326 audit(1783385070.310:35418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6967 comm="syz.2.10715" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1cddd9ce59 code=0x0
[  880.174025][ T6977] netlink: 'syz.2.10718': attribute type 1 has an invalid length.
[  880.178182][ T6976] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10718'.
[  880.265473][ T6983] openvswitch: netlink: Flow key attribute not present in set flow.
[  880.273689][T31431] Bluetooth: hci4: command tx timeout
[  880.305230][ T6990] netlink: 'syz.9.10720': attribute type 4 has an invalid length.
[  880.431580][ T6999] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10723'.
[  880.435413][ T6999] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10723'.
[  880.479440][ T6997] syzkaller0: entered promiscuous mode
[  880.481952][ T6997] syzkaller0: entered allmulticast mode
[  880.487709][ T7001] ceph: Path missing in source
[  880.838292][   T40] audit: type=1400 audit(1783385071.067:35419): avc:  denied  { call } for  pid=7004 comm="syz.2.10727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  880.878877][   T40] audit: type=1400 audit(1783385071.067:35420): avc:  denied  { transfer } for  pid=7004 comm="syz.2.10727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  880.887289][ T6962] orangefs_mount: mount request failed with -4
[  881.135105][ T7005] syzkaller0: entered promiscuous mode
[  881.137584][ T7005] syzkaller0: entered allmulticast mode
[  881.223168][   T13] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.369639][ T7017] i2c i2c-1: DVB: adapter 0 frontend 0 frequency 6 out of range (51000000..2150000000)
[  881.378443][ T7022] EXT4-fs error: 53 callbacks suppressed
[  881.378461][ T7022] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:41: iget: checksum invalid
[  881.383658][T18666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  881.396449][ T7023] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:41: iget: checksum invalid
[  881.405637][T18666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  881.412418][T18666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  881.415469][T18666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  881.424438][T18666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  881.476715][ T7026] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  881.502239][ T7027] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  882.526934][T31431] Bluetooth: hci4: command tx timeout
[  882.624985][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  882.628899][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  882.633736][ T5149] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1222: comm udevd: iget: checksum invalid
[  883.654820][T31431] Bluetooth: hci0: command tx timeout
[  884.579237][ T7031] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:39: iget: checksum invalid
[  884.587667][ T7032] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:39: iget: checksum invalid
[  884.611413][   T13] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.625057][ T7035] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:38: iget: checksum invalid
[  884.659305][ T7015] lo speed is unknown, defaulting to 1000
[  884.693168][   T40] audit: type=1400 audit(1783385074.619:35421): avc:  denied  { setopt } for  pid=7041 comm="syz.2.10736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  884.782378][T31431] Bluetooth: hci4: command tx timeout
[  884.811372][   T13] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.849736][ T7015] ��������3��k� speed is unknown, defaulting to 1000
[  884.937961][   T13] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.208113][ T7015] bridge0: port 1(bridge_slave_0) entered blocking state
[  885.211184][ T7015] bridge0: port 1(bridge_slave_0) entered disabled state
[  885.214216][ T7015] bridge_slave_0: entered allmulticast mode
[  885.217590][ T7015] bridge_slave_0: entered promiscuous mode
[  885.219995][   T40] audit: type=1400 audit(1783385075.108:35422): avc:  denied  { mount } for  pid=7076 comm="syz.9.10744" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  885.228160][ T7082] devtmpfs: Unknown parameter 'usrquota_block_hardli'
[  885.229216][   T40] audit: type=1400 audit(1783385075.126:35423): avc:  denied  { remount } for  pid=7076 comm="syz.9.10744" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  885.231754][ T7015] bridge0: port 2(bridge_slave_1) entered blocking state
[  885.240668][ T7015] bridge0: port 2(bridge_slave_1) entered disabled state
[  885.242972][ T7015] bridge_slave_1: entered allmulticast mode
[  885.245787][ T7015] bridge_slave_1: entered promiscuous mode
[  885.260490][   T40] audit: type=1400 audit(1783385075.154:35424): avc:  denied  { unmount } for  pid=6759 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  885.296396][ T7015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  885.306031][ T7015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  885.366277][ T7015] team0: Port device team_slave_0 added
[  885.376257][ T7015] team0: Port device team_slave_1 added
[  885.401057][   T13] bridge_slave_1: left allmulticast mode
[  885.403275][   T13] bridge_slave_1: left promiscuous mode
[  885.405346][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  885.439321][   T13] bridge_slave_0: left allmulticast mode
[  885.440103][ T7096] __nla_validate_parse: 2 callbacks suppressed
[  885.440117][ T7096] netlink: 36 bytes leftover after parsing attributes in process `syz.5.10749'.
[  885.442069][   T13] bridge_slave_0: left promiscuous mode
[  885.449296][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  885.509388][ T7099] Bluetooth: MGMT ver 1.23
[  885.598664][   T13] gretap0 (unregistering): left promiscuous mode
[  885.708269][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  885.713131][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  885.718100][   T13] bond0 (unregistering): Released all slaves
[  885.725209][   T13] bond1 (unregistering): (slave veth3): Releasing active interface
[  885.729375][   T13] bond1 (unregistering): Released all slaves
[  885.767186][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10749'.
[  885.770338][ T7101] netem: incorrect gi model size
[  885.771890][ T7101] netem: change failed
[  885.785528][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_0
[  885.788479][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  885.805421][ T7015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  885.849116][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_1
[  885.860907][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  885.881543][ T7015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  885.917150][T31431] Bluetooth: hci0: command tx timeout
[  885.949971][ T7109] netlink: 228 bytes leftover after parsing attributes in process `syz.5.10752'.
[  885.954057][ T7109] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  885.967581][ T7015] hsr_slave_0: entered promiscuous mode
[  885.971067][ T7015] hsr_slave_1: entered promiscuous mode
[  885.974617][ T7015] debugfs: 'hsr0' already exists in 'hsr'
[  885.976591][ T7015] Cannot create hsr debugfs directory
[  886.017923][ T7110] tmpfs: Bad value for 'mpol'
[  886.133966][ T7114] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  886.138857][ T7114] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  886.174926][ T7116] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=7116 comm=syz.2.10754
[  886.563281][ T7134] fuse: Unknown parameter '��U�k'
[  886.628456][ T7139] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10761'.
[  886.632058][ T7139] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10761'.
[  886.670777][ T7139] erspan0: entered promiscuous mode
[  886.676631][ T7139] erspan0: left promiscuous mode
[  886.708531][   T13] veth0_to_team: left promiscuous mode
[  886.722763][   T13] hsr_slave_0: left promiscuous mode
[  886.725408][   T13] hsr_slave_1: left promiscuous mode
[  886.727684][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  886.730161][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  886.742158][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  886.749440][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  886.761010][   T13] veth1_macvtap: left promiscuous mode
[  886.763453][   T13] veth0_macvtap: left promiscuous mode
[  886.766634][   T13] veth1_vlan: left promiscuous mode
[  886.768996][   T13] veth0_vlan: left promiscuous mode
[  886.914250][ T7146] x_tables: ip6_tables: tcp match: only valid for protocol 6
[  886.989933][   T13] team0 (unregistering): Port device team_slave_1 removed
[  887.006974][   T13] team0 (unregistering): Port device team_slave_0 removed
[  887.085543][ T7143] netdevsim netdevsim9 ������: renamed from netdevsim0 (while UP)
[  887.180224][ T7156] netlink: 172 bytes leftover after parsing attributes in process `syz.5.10767'.
[  887.185037][ T7156] i2c i2c-1: DVB: adapter 0 frontend 0 frequency 6 out of range (51000..2150000)
[  887.209419][ T7162] netlink: 64 bytes leftover after parsing attributes in process `syz.9.10768'.
[  887.247635][ T7153] tmpfs: Unknown parameter 'usrquota6'
[  887.247713][ T7152] tmpfs: Unknown parameter 'usrquota6'
[  887.281617][ T7165] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10769'.
[  887.346705][   T40] audit: type=1400 audit(1783385077.073:35425): avc:  denied  { ioctl } for  pid=7166 comm="syz.5.10770" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  887.823117][ T7200] fuse: fd is not a fuse device
[  887.885637][ T7015] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  887.891655][ T7015] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  887.895682][ T7015] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  887.901160][ T7015] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  887.904957][ T7015] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  887.910679][ T7015] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  887.916015][ T7015] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  887.924902][ T7015] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  888.004139][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10781'.
[  888.012509][ T7015] 8021q: adding VLAN 0 to HW filter on device bond0
[  888.029982][ T7015] 8021q: adding VLAN 0 to HW filter on device team0
[  888.044848][ T8596] bridge0: port 1(bridge_slave_0) entered blocking state
[  888.047937][ T8596] bridge0: port 1(bridge_slave_0) entered forwarding state
[  888.062071][ T8596] bridge0: port 2(bridge_slave_1) entered blocking state
[  888.064403][ T7216] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10783'.
[  888.065194][ T8596] bridge0: port 2(bridge_slave_1) entered forwarding state
[  888.071318][   T40] audit: type=1400 audit(1783385077.747:35426): avc:  denied  { map } for  pid=7215 comm="syz.5.10783" path="socket:[207799]" dev="sockfs" ino=207799 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  888.085483][   T40] audit: type=1400 audit(1783385077.747:35427): avc:  denied  { read accept } for  pid=7215 comm="syz.5.10783" path="socket:[207799]" dev="sockfs" ino=207799 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  888.153180][ T7221] EXT4-fs error: 11 callbacks suppressed
[  888.153195][ T7221] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:38: iget: checksum invalid
[  888.161365][ T7222] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:38: iget: checksum invalid
[  888.163721][T31431] Bluetooth: hci0: command tx timeout
[  888.173910][ T7223] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:38: iget: checksum invalid
[  888.181106][ T7224] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:38: iget: checksum invalid
[  888.196664][ T7226] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:64: iget: checksum invalid
[  888.203172][ T7228] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:64: iget: checksum invalid
[  888.210790][ T7229] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:64: iget: checksum invalid
[  888.215916][ T7230] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:64: iget: checksum invalid
[  888.222465][ T7231] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:64: iget: checksum invalid
[  888.228333][ T7232] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:64: iget: checksum invalid
[  888.237020][ T7015] 8021q: adding VLAN 0 to HW filter on device batadv0
[  888.280609][ T7015] veth0_vlan: entered promiscuous mode
[  888.291164][ T7015] veth1_vlan: entered promiscuous mode
[  888.318264][ T7015] veth0_macvtap: entered promiscuous mode
[  888.324522][ T7015] veth1_macvtap: entered promiscuous mode
[  888.340144][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_0
[  888.357040][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_1
[  888.366586][T18686] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  888.370686][T18686] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  888.375583][T18686] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  888.379682][T18686] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  888.501463][T12891] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  888.514969][T12891] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  888.554286][T10469] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  888.563300][T10469] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  888.575452][ T7243] new mount options do not match the existing superblock, will be ignored
[  888.581492][   T40] audit: type=1400 audit(1783385078.208:35428): avc:  denied  { remount } for  pid=7242 comm="syz.5.10789" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  888.581968][ T7243] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  888.671847][ T7246] binder: 7242:7246 ioctl c02064b6 200000000500 returned -22
[  888.675056][ T7246] binder: 7242:7246 ioctl c02464bb 200000000540 returned -22
[  888.679051][ T7246] overlay: Unknown parameter 'audit'
[  888.680675][   T40] audit: type=1400 audit(1783385078.301:35429): avc:  denied  { setattr } for  pid=7247 comm="syz.9.10790" path="socket:[208784]" dev="sockfs" ino=208784 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  888.696767][ T7246] overlayfs: workdir and upperdir must reside under the same mount
[  888.710173][ T7249] ceph: No source
[  888.746139][ T7251] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(3)
[  888.748883][ T7251] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  888.752542][ T7251] vhci_hcd vhci_hcd.0: Device attached
[  888.758032][ T7252] vhci_hcd: cannot find the pending unlink 6
[  888.761050][ T7252] vhci_hcd: connection closed
[  888.762053][T18686] vhci_hcd vhci_hcd.9: stop threads
[  888.766081][T18686] vhci_hcd vhci_hcd.9: release socket
[  888.768341][T18686] vhci_hcd vhci_hcd.9: disconnect device
[  888.851686][ T7257] erspan0: entered promiscuous mode
[  888.857270][ T7257] erspan0: left promiscuous mode
[  888.985209][ T7259] erspan2: entered promiscuous mode
[  889.162187][ T7263] tun0: tun_chr_ioctl cmd 1074025672
[  889.164388][ T7263] tun0: ignored: set checksum disabled
[  889.294283][ T7266] tmpfs: Bad value for 'nr_inodes'
[  889.532980][ T7282] erspan0: entered promiscuous mode
[  889.542065][ T7282] erspan0: left promiscuous mode
[  889.592319][   T40] audit: type=1400 audit(1783385079.140:35430): avc:  denied  { append } for  pid=7283 comm="syz.1.10803" name="pfkey" dev="proc" ino=4026536348 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  889.795966][ T7291] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  889.967251][ T7298] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  890.043175][ T7303] xfrm1: entered allmulticast mode
[  890.084957][ T7312] input: syz1 as /devices/virtual/input/input99
[  890.347126][ T7335] tun0: tun_chr_ioctl cmd 1074025675
[  890.348949][ T7335] tun0: persist disabled
[  890.428183][T31431] Bluetooth: hci0: command tx timeout
[  890.502399][ T7349] erspan0: entered promiscuous mode
[  890.506613][ T7349] gretap0: entered promiscuous mode
[  890.510109][ T7349] debugfs: 'hsr1' already exists in 'hsr'
[  890.512683][ T7349] Cannot create hsr debugfs directory
[  890.721861][ T7360] MINIX-fs: blocksize too small for device
[  890.810412][ T7363] ������: renamed from lo (while UP)
[  890.974482][ T7375] __nla_validate_parse: 9 callbacks suppressed
[  890.974502][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10832'.
[  890.982307][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10832'.
[  890.991059][ T7375] erspan0: entered promiscuous mode
[  890.994894][ T7375] gretap0: entered promiscuous mode
[  890.997848][ T7375] debugfs: 'hsr1' already exists in 'hsr'
[  891.000214][ T7375] Cannot create hsr debugfs directory
[  891.166578][ T7390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10835'.
[  891.184247][ T7390] hsr_slave_1 (unregistering): left promiscuous mode
[  891.550726][ T7393] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10836'.
[  891.673445][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  891.673458][   T40] audit: type=1804 audit(1783385081.059:35432): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.9.10837" name="/newroot/33/file1" dev="fuse" ino=1 res=1 errno=0
[  891.683798][   T40] audit: type=1800 audit(1783385081.069:35433): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.9.10837" name="/" dev="fuse" ino=1 res=0 errno=0
[  891.692286][ T7395] lo speed is unknown, defaulting to 1000
[  891.694883][   T40] audit: type=1800 audit(1783385081.069:35434): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.9.10837" name="/" dev="fuse" ino=1 res=0 errno=0
[  891.773618][ T7395] ��������3��k� speed is unknown, defaulting to 1000
[  891.904415][ T7403] xt_hashlimit: size too large, truncated to 1048576
[  892.125255][ T7418] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10842'.
[  892.170252][ T7420] openvswitch: netlink: Invalid VLAN frame
[  892.233592][ T7424] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(139)
[  892.235786][ T7424] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  892.239966][ T7424] vhci_hcd vhci_hcd.0: Device attached
[  892.417382][ T7439] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10849'.
[  892.425151][ T7439] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10849'.
[  892.509798][T30150] usb 41-1: new low-speed USB device number 3 using vhci_hcd
[  892.542570][   T40] audit: type=1400 audit(1783385081.871:35435): avc:  denied  { setattr } for  pid=7443 comm="syz.1.10851" name="file0" dev="tmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  893.226904][ T7465] netlink: 14 bytes leftover after parsing attributes in process `syz.5.10857'.
[  893.283806][ T7466] netlink: 144 bytes leftover after parsing attributes in process `syz.5.10857'.
[  893.286695][ T7466] openvswitch: netlink: Flow key attr not present in new flow.
[  893.320530][ T7468] loop5: detected capacity change from 0 to 7
[  893.329872][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.334059][    C0] buffer_io_error: 10 callbacks suppressed
[  893.334072][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.344088][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.346952][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.349588][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.352448][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.355135][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.358965][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.362477][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.366248][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.370581][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.374359][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.384302][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.388127][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.391432][ T7468] ldm_validate_partition_table(): Disk read failed.
[  893.394457][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.398302][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.403417][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.407366][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.411334][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  893.415157][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  893.418874][ T7468] Dev loop5: unable to read RDB block 0
[  893.421500][ T7468]  loop5: unable to read partition table
[  893.423505][ T7468] loop5: partition table beyond EOD, truncated
[  893.425588][ T7468] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  893.637981][ T7473] netlink: 'syz.1.10860': attribute type 1 has an invalid length.
[  893.640498][ T7473] netlink: 16150 bytes leftover after parsing attributes in process `syz.1.10860'.
[  893.672915][   T40] audit: type=1400 audit(1783385082.914:35436): avc:  denied  { bind } for  pid=7476 comm="syz.9.10862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  893.677749][ T7475] tun0: tun_chr_ioctl cmd 1074025672
[  893.683618][ T7475] tun0: ignored: set checksum disabled
[  893.796491][ T7479] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  893.817813][ T7483] EXT4-fs error: 26 callbacks suppressed
[  893.817825][ T7483] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:1: iget: checksum invalid
[  893.827290][ T7484] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:1: iget: checksum invalid
[  893.838020][ T7482] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  894.190882][ T7498] FAULT_INJECTION: forcing a failure.
[  894.190882][ T7498] name failslab, interval 1, probability 0, space 0, times 0
[  894.195212][ T7498] CPU: 1 UID: 0 PID: 7498 Comm: syz.1.10868 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  894.195237][ T7498] Tainted: [L]=SOFTLOCKUP
[  894.195242][ T7498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  894.195251][ T7498] Call Trace:
[  894.195257][ T7498]  <TASK>
[  894.195264][ T7498]  dump_stack_lvl+0x100/0x190
[  894.195286][ T7498]  should_fail_ex.cold+0x5/0xa
[  894.195308][ T7498]  should_failslab+0xc2/0x120
[  894.195325][ T7498]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  894.195349][ T7498]  ? __alloc_skb+0x140/0x710
[  894.195370][ T7498]  ? __alloc_skb+0x5b7/0x710
[  894.195394][ T7498]  __alloc_skb+0x140/0x710
[  894.195413][ T7498]  ? __alloc_skb+0x5b7/0x710
[  894.195434][ T7498]  ? __pfx___alloc_skb+0x10/0x10
[  894.195462][ T7498]  alloc_skb_with_frags+0xdd/0x760
[  894.195480][ T7498]  ? avc_has_perm_noaudit+0x145/0x3b0
[  894.195499][ T7498]  sock_alloc_send_pskb+0x801/0x980
[  894.195526][ T7498]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  894.195551][ T7498]  ? sock_has_perm+0x25a/0x2f0
[  894.195569][ T7498]  ? __pfx_sock_has_perm+0x10/0x10
[  894.195591][ T7498]  hci_sock_sendmsg+0x1c7/0x2620
[  894.195615][ T7498]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  894.195638][ T7498]  sock_write_iter+0x524/0x5a0
[  894.195655][ T7498]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  894.195673][ T7498]  ? __pfx_sock_write_iter+0x10/0x10
[  894.195696][ T7498]  ? bpf_lsm_file_permission+0x9/0x10
[  894.195717][ T7498]  ? security_file_permission+0x76/0x210
[  894.195741][ T7498]  ? rw_verify_area+0xce/0x6d0
[  894.195758][ T7498]  vfs_write+0x6ac/0x1070
[  894.195774][ T7498]  ? __pfx_sock_write_iter+0x10/0x10
[  894.195792][ T7498]  ? __pfx_vfs_write+0x10/0x10
[  894.195806][ T7498]  ? find_held_lock+0x2b/0x80
[  894.195831][ T7498]  ksys_write+0x1f8/0x250
[  894.195847][ T7498]  ? __pfx_ksys_write+0x10/0x10
[  894.195867][ T7498]  ? rcu_is_watching+0x12/0xc0
[  894.195891][ T7498]  do_syscall_64+0x115/0x870
[  894.195910][ T7498]  ? clear_bhb_loop+0x40/0x90
[  894.195927][ T7498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.195943][ T7498] RIP: 0033:0x7f90b179ce59
[  894.195957][ T7498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  894.195971][ T7498] RSP: 002b:00007f90b26d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  894.195986][ T7498] RAX: ffffffffffffffda RBX: 00007f90b1a15fa0 RCX: 00007f90b179ce59
[  894.195997][ T7498] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  894.196007][ T7498] RBP: 00007f90b26d1090 R08: 0000000000000000 R09: 0000000000000000
[  894.196017][ T7498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  894.196035][ T7498] R13: 00007f90b1a16038 R14: 00007f90b1a15fa0 R15: 00007fffa2a0db08
[  894.196058][ T7498]  </TASK>
[  894.310036][ T7500] "syz.1.10869" (7500) uses obsolete ecb(arc4) skcipher
[  894.508701][ T7511] __vm_enough_memory: pid: 7511, comm: syz.1.10873, bytes: 4503599627366400 not enough memory for the allocation
[  894.519977][   T40] audit: type=1400 audit(1783385339.700:35437): avc:  denied  { map } for  pid=7510 comm="syz.1.10873" path="/dev/iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  894.532371][ T7512] __vm_enough_memory: pid: 7512, comm: syz.1.10873, bytes: 4503599627366400 not enough memory for the allocation
[  894.945360][ T7543] Bluetooth: hci0: invalid len left 7, exp >= 67
[  895.138758][ T7553] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.143665][ T7554] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.150500][ T7555] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.156620][ T7556] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.166832][ T7558] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.172452][ T7559] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.178965][ T7560] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.189443][ T7561] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1259: comm kworker/u32:48: iget: checksum invalid
[  895.493042][   T40] audit: type=1400 audit(1783385340.595:35438): avc:  denied  { read } for  pid=7579 comm="syz.5.10889" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  895.500968][   T40] audit: type=1400 audit(1783385340.595:35439): avc:  denied  { open } for  pid=7579 comm="syz.5.10889" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  895.508413][   T40] audit: type=1400 audit(1783385340.595:35440): avc:  denied  { ioctl } for  pid=7579 comm="syz.5.10889" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x9373 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  895.831687][ T7598] Bluetooth: hci0: invalid len left 7, exp >= 67
[  895.926287][ T7604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  895.929879][ T7604] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  896.182319][T28505] usb 14-1: new high-speed USB device number 12 using dummy_hcd
[  896.345504][T28505] usb 14-1: Using ep0 maxpacket: 32
[  896.351152][T28505] usb 14-1: config 0 has an invalid interface number: 119 but max is 0
[  896.354665][T28505] usb 14-1: config 0 has no interface number 0
[  896.357092][T28505] usb 14-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  896.361393][T28505] usb 14-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  896.366164][T28505] usb 14-1: config 0 interface 119 altsetting 0 endpoint 0x83 has an invalid bInterval 115, changing to 7
[  896.371016][T28505] usb 14-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid maxpacket 25972, setting to 1024
[  896.375718][T28505] usb 14-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  896.384038][T28505] usb 14-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  896.387862][T28505] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  896.390969][T28505] usb 14-1: Product: syz
[  896.392849][T28505] usb 14-1: Manufacturer: syz
[  896.394929][T28505] usb 14-1: SerialNumber: syz
[  896.399506][T28505] usb 14-1: config 0 descriptor??
[  896.407018][T28505] input: bcm5974 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.119/input/input100
[  896.621633][   T40] audit: type=1400 audit(1783385341.628:35441): avc:  denied  { append } for  pid=7603 comm="syz.9.10897" name="event4" dev="devtmpfs" ino=5385 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  896.673261][ T7621] __nla_validate_parse: 6 callbacks suppressed
[  896.673282][ T7621] netlink: 48 bytes leftover after parsing attributes in process `syz.5.10902'.
[  896.686675][ T7617] xt_TCPMSS: Only works on TCP SYN packets
[  896.839252][ T6400] usb 14-1: USB disconnect, device number 12
[  896.841671][ T7625] FAULT_INJECTION: forcing a failure.
[  896.841671][ T7625] name failslab, interval 1, probability 0, space 0, times 0
[  896.846891][ T7625] CPU: 0 UID: 0 PID: 7625 Comm: syz.5.10904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  896.846916][ T7625] Tainted: [L]=SOFTLOCKUP
[  896.846923][ T7625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  896.846933][ T7625] Call Trace:
[  896.846940][ T7625]  <TASK>
[  896.846946][ T7625]  dump_stack_lvl+0x100/0x190
[  896.846978][ T7625]  should_fail_ex.cold+0x5/0xa
[  896.847003][ T7625]  should_failslab+0xc2/0x120
[  896.847022][ T7625]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  896.847048][ T7625]  ? __alloc_skb+0x140/0x710
[  896.847076][ T7625]  __alloc_skb+0x140/0x710
[  896.847098][ T7625]  ? __alloc_skb+0x5b7/0x710
[  896.847120][ T7625]  ? __pfx___alloc_skb+0x10/0x10
[  896.847150][ T7625]  hci_sock_sendmsg+0x1b01/0x2620
[  896.847177][ T7625]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  896.847205][ T7625]  sock_write_iter+0x524/0x5a0
[  896.847224][ T7625]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  896.847245][ T7625]  ? __pfx_sock_write_iter+0x10/0x10
[  896.847273][ T7625]  ? bpf_lsm_file_permission+0x9/0x10
[  896.847298][ T7625]  ? security_file_permission+0x76/0x210
[  896.847323][ T7625]  ? rw_verify_area+0xce/0x6d0
[  896.847342][ T7625]  vfs_write+0x6ac/0x1070
[  896.847362][ T7625]  ? __pfx_sock_write_iter+0x10/0x10
[  896.847383][ T7625]  ? __pfx_vfs_write+0x10/0x10
[  896.847399][ T7625]  ? find_held_lock+0x2b/0x80
[  896.847430][ T7625]  ksys_write+0x1f8/0x250
[  896.847448][ T7625]  ? __pfx_ksys_write+0x10/0x10
[  896.847468][ T7625]  ? rcu_is_watching+0x12/0xc0
[  896.847497][ T7625]  do_syscall_64+0x115/0x870
[  896.847518][ T7625]  ? clear_bhb_loop+0x40/0x90
[  896.847540][ T7625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  896.847576][ T7625] RIP: 0033:0x7f4bf059ce59
[  896.847591][ T7625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  896.847607][ T7625] RSP: 002b:00007f4bee7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  896.847625][ T7625] RAX: ffffffffffffffda RBX: 00007f4bf0815fa0 RCX: 00007f4bf059ce59
[  896.847636][ T7625] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  896.847646][ T7625] RBP: 00007f4bee7f6090 R08: 0000000000000000 R09: 0000000000000000
[  896.847656][ T7625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  896.847666][ T7625] R13: 00007f4bf0816038 R14: 00007f4bf0815fa0 R15: 00007ffed0ab6978
[  896.847690][ T7625]  </TASK>
[  896.847741][ T7625] Bluetooth: hci0: invalid len left 7, exp >= 67
[  897.072714][ T7632] netlink: 56 bytes leftover after parsing attributes in process `syz.1.10907'.
[  897.086209][ T7632] syzkaller1: entered promiscuous mode
[  897.088433][ T7632] syzkaller1: entered allmulticast mode
[  897.285597][ T1441] ieee802154 phy1 wpan1: encryption failed: -22
[  897.299132][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  897.299148][   T40] audit: type=1400 audit(1783385342.265:35443): avc:  denied  { accept } for  pid=7635 comm="syz.9.10909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  897.359166][   T40] audit: type=1400 audit(1783385342.311:35444): avc:  denied  { shutdown } for  pid=7641 comm="syz.1.10911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  897.423270][ T7643] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10911'.
[  897.499793][ T7645] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10912'.
[  897.502592][ T7645] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10912'.
[  897.504279][ T7647] netlink: 232 bytes leftover after parsing attributes in process `syz.1.10913'.
[  897.509370][ T7648] binder: BINDER_SET_CONTEXT_MGR already set
[  897.516233][ T7648] binder: 7646:7648 ioctl 4018620d 200000004a80 returned -16
[  897.557343][ T7650] genirq: Flags mismatch irq 31. 00200000 (pcmmio) vs. 00200000 (virtio0-cursor)
[  897.739786][ T7658] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048)
[  897.768123][ T7660] /dev/nullb0: Can't open blockdev
[  897.964241][ T7670] Bluetooth: hci0: invalid len left 7, exp >= 67
[  897.966994][ T7670] FAULT_INJECTION: forcing a failure.
[  897.966994][ T7670] name failslab, interval 1, probability 0, space 0, times 0
[  897.973645][ T7670] CPU: 2 UID: 0 PID: 7670 Comm: syz.9.10922 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  897.973673][ T7670] Tainted: [L]=SOFTLOCKUP
[  897.973680][ T7670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  897.973691][ T7670] Call Trace:
[  897.973696][ T7670]  <TASK>
[  897.973702][ T7670]  dump_stack_lvl+0x100/0x190
[  897.973727][ T7670]  should_fail_ex.cold+0x5/0xa
[  897.973752][ T7670]  should_failslab+0xc2/0x120
[  897.973773][ T7670]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  897.973800][ T7670]  ? __alloc_skb+0x140/0x710
[  897.973827][ T7670]  __alloc_skb+0x140/0x710
[  897.973848][ T7670]  ? __alloc_skb+0x5b7/0x710
[  897.973872][ T7670]  ? __pfx___alloc_skb+0x10/0x10
[  897.973904][ T7670]  mgmt_cmd_status+0x43/0x570
[  897.973928][ T7670]  set_def_system_config+0x61e/0x15b0
[  897.973952][ T7670]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  897.973976][ T7670]  hci_sock_sendmsg+0x154e/0x2620
[  897.974004][ T7670]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  897.974033][ T7670]  sock_write_iter+0x524/0x5a0
[  897.974053][ T7670]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  897.974072][ T7670]  ? __pfx_sock_write_iter+0x10/0x10
[  897.974101][ T7670]  ? bpf_lsm_file_permission+0x9/0x10
[  897.974126][ T7670]  ? security_file_permission+0x76/0x210
[  897.974153][ T7670]  ? rw_verify_area+0xce/0x6d0
[  897.974173][ T7670]  vfs_write+0x6ac/0x1070
[  897.974190][ T7670]  ? __pfx_sock_write_iter+0x10/0x10
[  897.974212][ T7670]  ? __pfx_vfs_write+0x10/0x10
[  897.974229][ T7670]  ? find_held_lock+0x2b/0x80
[  897.974263][ T7670]  ksys_write+0x1f8/0x250
[  897.974288][ T7670]  ? __pfx_ksys_write+0x10/0x10
[  897.974307][ T7670]  ? rcu_is_watching+0x12/0xc0
[  897.974336][ T7670]  do_syscall_64+0x115/0x870
[  897.974358][ T7670]  ? clear_bhb_loop+0x40/0x90
[  897.974380][ T7670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.974398][ T7670] RIP: 0033:0x7fa918d9ce59
[  897.974414][ T7670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  897.974428][ T7670] RSP: 002b:00007fa919d07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  897.974472][ T7670] RAX: ffffffffffffffda RBX: 00007fa919015fa0 RCX: 00007fa918d9ce59
[  897.974484][ T7670] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  897.974495][ T7670] RBP: 00007fa919d07090 R08: 0000000000000000 R09: 0000000000000000
[  897.974505][ T7670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  897.974516][ T7670] R13: 00007fa919016038 R14: 00007fa919015fa0 R15: 00007ffdc4f81498
[  897.974540][ T7670]  </TASK>
[  898.195091][ T7674] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10924'.
[  898.198862][ T7674] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10924'.
[  898.240410][   T40] audit: type=1400 audit(1783385343.123:35445): avc:  denied  { read } for  pid=7676 comm="syz.1.10925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  898.273714][ T7678] debugfs: '1��^!��' already exists in 'ieee80211'
[  898.282151][ T7681] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  898.284880][ T7681] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  898.291966][ T7681] vhci_hcd vhci_hcd.0: Device attached
[  898.297657][ T7682] vhci_hcd: cannot find the pending unlink 6
[  898.300734][ T7682] vhci_hcd: connection closed
[  898.301017][T10469] vhci_hcd vhci_hcd.1: stop threads
[  898.305071][T10469] vhci_hcd vhci_hcd.1: release socket
[  898.308459][T10469] vhci_hcd vhci_hcd.1: disconnect device
[  899.075480][ T7700] Bluetooth: hci0: invalid len left 7, exp >= 67
[  899.144978][ T7705] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10934'.
[  899.148699][ T7705] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10934'.
[  899.288804][   T40] audit: type=1400 audit(1783385344.092:35446): avc:  denied  { accept } for  pid=7708 comm="syz.9.10936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  899.534738][   T40] audit: type=1400 audit(1783385344.323:35447): avc:  denied  { write } for  pid=7715 comm="syz.1.10939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  899.666514][ T7720] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  899.668851][ T7720] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  899.671149][ T7720] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  899.678094][ T7720] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  899.685497][ T7720] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  899.687505][ T7720] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  899.774039][ T6870] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN NOPTI
[  899.778358][ T6870] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[  899.781158][ T7720] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  899.781557][ T6870] CPU: 2 UID: 0 PID: 6870 Comm: kbnepd bnep0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  899.787038][ T6870] Tainted: [L]=SOFTLOCKUP
[  899.788683][ T6870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  899.791813][ T6870] RIP: 0010:klist_put+0x4d/0x1d0
[  899.793382][ T6870] Code: c1 ea 03 80 3c 02 00 0f 85 74 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 43 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 cc 0a 0d
[  899.799634][ T6870] RSP: 0018:ffffc90006727970 EFLAGS: 00010202
[  899.801514][ T6870] RAX: dffffc0000000000 RBX: ffff888021ce6060 RCX: ffffffff82b98deb
[  899.803936][ T6870] RDX: 000000000000000b RSI: ffffffff8b7f72d5 RDI: 0000000000000058
[  899.804923][   T40] audit: type=1400 audit(1783385344.572:35448): avc:  denied  { write } for  pid=5731 comm="syz-executor" path="pipe:[5649]" dev="pipefs" ino=5649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  899.806358][ T6870] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  899.806369][ T6870] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  899.820531][ T6870] R13: 0000000000000001 R14: ffff8880439f6cb0 R15: 0000000000000000
[  899.822997][ T6870] FS:  0000000000000000(0000) GS:ffff8880d6587000(0000) knlGS:0000000000000000
[  899.825769][ T6870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  899.827796][ T6870] CR2: 00007f90b184f156 CR3: 000000003ac29000 CR4: 0000000000352ef0
[  899.830241][ T6870] Call Trace:
[  899.831472][ T6870]  <TASK>
[  899.832665][ T6870]  device_del+0x1b8/0x9b0
[  899.834348][ T6870]  ? __pfx_device_del+0x10/0x10
[  899.835997][ T6870]  ? netdev_unregister_kobject+0x2da/0x540
[  899.837819][ T6870]  unregister_netdevice_many_notify+0x179e/0x24f0
[  899.839783][ T6870]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  899.841890][ T6870]  ? __pfx___mutex_lock+0x10/0x10
[  899.843455][ T6870]  unregister_netdevice_queue+0x30b/0x3c0
[  899.845197][ T6870]  ? rtnl_net_dev_lock+0x137/0x360
[  899.846742][ T6870]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  899.848672][ T6870]  ? rtnl_net_dev_lock+0x28/0x360
[  899.850243][ T6870]  ? rtnl_net_dev_lock+0x146/0x360
[  899.851825][ T6870]  ? rtnl_lock+0x9/0x20
[  899.853139][ T6870]  ? rtnl_net_dev_lock+0x1fe/0x360
[  899.854748][ T6870]  unregister_netdev+0x1f/0x60
[  899.856342][ T6870]  bnep_session+0x22e6/0x2f40
[  899.858063][ T6870]  ? kthread_affine_node+0x1ac/0x240
[  899.859808][ T6870]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  899.861673][ T6870]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  899.863494][ T6870]  ? __pfx_bnep_session+0x10/0x10
[  899.865025][ T6870]  ? do_raw_spin_lock+0x128/0x260
[  899.866578][ T6870]  ? __pfx_woken_wake_function+0x10/0x10
[  899.868300][ T6870]  ? rcu_is_watching+0x12/0xc0
[  899.869791][ T6870]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  899.871579][ T6870]  ? lockdep_hardirqs_on+0x78/0x100
[  899.873190][ T6870]  ? __kthread_parkme+0x18c/0x230
[  899.874751][ T6870]  ? kthread+0x13a/0x450
[  899.876058][ T6870]  ? __pfx_bnep_session+0x10/0x10
[  899.877620][ T6870]  kthread+0x370/0x450
[  899.878890][ T6870]  ? __pfx_kthread+0x10/0x10
[  899.880323][ T6870]  ret_from_fork+0x72b/0xd50
[  899.881727][ T6870]  ? __pfx_ret_from_fork+0x10/0x10
[  899.883323][ T6870]  ? __switch_to+0x800/0x1100
[  899.884769][ T6870]  ? __pfx_kthread+0x10/0x10
[  899.886195][ T6870]  ret_from_fork_asm+0x1a/0x30
[  899.887678][ T6870]  </TASK>
[  899.888658][ T6870] Modules linked in:
[  899.891189][ T6870] ---[ end trace 0000000000000000 ]---
[  899.892870][    T1] EXT4-fs error: 24 callbacks suppressed
[  899.892881][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.892980][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.893050][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.893111][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.893171][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.893224][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.893351][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.895451][ T6870] RIP: 0010:klist_put+0x4d/0x1d0
[  899.907566][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.908158][ T6870] Code: c1 ea 03 80 3c 02 00 0f 85 74 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 43 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 cc 0a 0d
[  899.922615][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.922722][    T1] EXT4-fs error (device sda1): ext4_lookup:1785: inode #2001: comm init: iget: checksum invalid
[  899.936026][ T6870] RSP: 0018:ffffc90006727970 EFLAGS: 00010202
[  899.937972][ T6870] RAX: dffffc0000000000 RBX: ffff888021ce6060 RCX: ffffffff82b98deb
[  899.940506][ T6870] RDX: 000000000000000b RSI: ffffffff8b7f72d5 RDI: 0000000000000058
[  899.942960][ T6870] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  899.943828][ T7720] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  899.945497][ T6870] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  899.950415][ T6870] R13: 0000000000000001 R14: ffff8880439f6cb0 R15: 0000000000000000
[  899.952899][ T6870] FS:  0000000000000000(0000) GS:ffff8880d6587000(0000) knlGS:0000000000000000
[  899.953443][ T7720] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  899.957206][ T6870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  899.960980][ T6870] CR2: 00007f90b184f156 CR3: 0000000053414000 CR4: 0000000000352ef0
[  899.963400][ T6870] Kernel panic - not syncing: Fatal exception
[  899.966088][ T6870] Kernel Offset: disabled
[  899.967427][ T6870] Rebooting in 86400 seconds..