last executing test programs:

2m30.100351266s ago: executing program 2 (id=1595):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x181603, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x6, 0x2, 0xa4, 0x7fff0003}]})
r1 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x80001021, 0x80, 0x6, 0x110}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0xc49, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m27.031119748s ago: executing program 2 (id=1642):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000800)={'sit0\x00', &(0x7f0000003380)={'sit0\x00', <r1=>0x0, 0x20, 0x7800, 0x5, 0x2, {{0x23, 0x4, 0x0, 0x1f, 0x8c, 0x64, 0x0, 0x2, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, {[@noop, @timestamp_prespec={0x44, 0x1c, 0x62, 0x3, 0x7, [{@multicast1, 0x9}, {@multicast1, 0x1}, {@remote}]}, @timestamp_prespec={0x44, 0x2c, 0xec, 0x3, 0x6, [{@empty, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}, {@empty, 0x8}, {@private=0xa010102, 0x9}, {@empty}]}, @ssrr={0x89, 0xfffffffffffffe2a, 0x48, [@remote, @remote, @multicast1]}, @lsrr={0x83, 0xf, 0x95, [@remote, @multicast1, @rand_addr=0x64010100]}, @noop, @rr={0x7, 0xf, 0x5f}]}}}}}) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/hibernate_compression_threads', 0x48a82, 0x0)
read$FUSE(r2, &(0x7f0000001340)={0x2020}, 0x2020) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000480)={0x2020}, 0x2020) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000008c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000900)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000009c0)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000940), &(0x7f0000000980)='%+9llu \x00'}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x11, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xe6e5}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffa4f}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000680)='GPL\x00', 0xa3, 0x64, &(0x7f00000006c0)=""/100, 0x41000, 0x9a80a22e3f1adcee, '\x00', r1, 0x25, r2, 0x8, &(0x7f0000000840)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000880)={0x1, 0xe, 0x3ff, 0x80000000}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000a00)=[r3, 0xffffffffffffffff, r4, r5, r6, r7], &(0x7f0000000a40)=[{0x4, 0x1, 0xd, 0x5}], 0x10, 0x81}, 0x94) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={<r10=>0x0, @private, @loopback}, &(0x7f0000000440)=0xc)
sendmsg$nl_route(r9, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000005e00020028bd7000fedbdf2500000000c1e59a1dcfbb493562db884e60c50b09e216776b798f8d29d8", @ANYRES32=r10, @ANYBLOB="04000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x4000080) (async)
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r11, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0xd}, 'port1\x00', 0x72, 0x21cfa, 0x0, 0x8000007, 0x3, 0x4, 0x12, 0x0, 0x6})
close(r11) (async)
r12 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r12, 0xc0206416, &(0x7f0000000040)={0x62cc, 0x2, 0xffffffff, 0xfffffff0, 0x9, 0x8})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r13=>0x0})
ioctl$OCFS2_IOC_RESVSP64(r12, 0x4030582a, &(0x7f0000000480)={0x0, 0x2, 0x4, 0x3, 0x0, 0x2}) (async)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000080)=@ipv4_newaddr={0x34, 0x14, 0x509, 0x70bd27, 0x25dfdbfd, {0x2, 0x20, 0x0, 0xcb, r13}, [@IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_LABEL={0x14, 0x3, 'geneve1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044811}, 0x0) (async)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)={0x1a8, r14, 0x11, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0xdc, 0x2a, [@measure_req={0x26, 0xd6, {0xc, 0x3, 0x2, "5b4e4564b996c11df4c3463b9d6879067fd1b05a84b9fc8a0feb6ce6aa00e751e67b2e4a537b12f2c013eafa840048d5defd85da85ac70822f185504efe89bf2f8c3f3fc94199f216dae220db13d1776beab26c2c18de1cc999f06bd398adafe9d3faa469a1ec1fa0cc4b6ccec688a546e7e2233253087ef40689289386a2e1165b43bcafa41932e82986edb1b31126b0597b952481e444da2e80509f7c0e60da504602c73291b0bffce1296cd2cb8b0673faa0e383e3e15395e4982380447814de2f7e85ada99d7c03e762e230f6348d68e8b"}}]}, @NL80211_ATTR_IE={0x51, 0x2a, [@cf={0x4, 0x6, {0x4, 0x7, 0x3, 0x79}}, @cf={0x4, 0x6, {0xff, 0x9, 0xa8ab, 0xb}}, @preq={0x82, 0x2b, {{0x1, 0x0, 0x0, 0x0, 0x1}, 0x1, 0x8, 0xcc77, @device_a, 0x2, @value, 0xd, 0x1, 0x1, [{{0x0, 0x0, 0x1}, @device_a, 0x8}]}}, @gcr_ga={0xbd, 0x6}, @cf={0x4, 0x6, {0x5, 0xeb, 0x1, 0x309c}}]}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @random="d59ab14c32fe"}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x40}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_IE={0x3e, 0x2a, [@rann={0x7e, 0x15, {{0x0, 0x2}, 0xff, 0x0, @device_a, 0x8, 0x7, 0x1}}, @ext_channel_switch={0x3c, 0x4, {0x0, 0xa, 0x9d, 0x7f}}, @mic={0x8c, 0x18, {0x999, "a67b8d48ff37", @long="0a9b87258659263bf6d6f7cddbbb6dab"}}, @challenge={0x10, 0x1, 0xa4}]}]}, 0x1a8}}, 0x20000040)

2m26.981403787s ago: executing program 2 (id=1644):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}}, 0x4040000)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000000180)=0x8)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)

2m26.980956388s ago: executing program 2 (id=1645):
socket(0x2, 0xa, 0x300)
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}], 0x1c)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="e6", 0x1}], 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000008400000007000000ac1414aa000000002000000000000000840000000800000020010000000000970000000000000000200000000000000084000000080000000000000000000004"], 0x58, 0x4855}, 0x24000052)

2m26.899926049s ago: executing program 2 (id=1646):
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

2m26.899404339s ago: executing program 2 (id=1647):
r0 = userfaultfd(0x801)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x1c}, 'port1\x00', 0x0, 0x10004a, 0x10001, 0x8000008, 0x3, 0x20000004, 0x3ff, 0x0, 0x2, 0xfe})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d5, 0x1101, 0xff})
close(r1)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r3 = syz_clone(0x301b4a00, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$poke(0x4, r3, &(0x7f00000011c0), 0xfffffffffffffffe)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
pipe2(&(0x7f0000000bc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
keyctl$update(0x2, 0x0, 0x0, 0x0)
waitid$P_PIDFD(0x2, r5, 0x0, 0x4, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
iopl(0x3)
r6 = syz_io_uring_setup(0x35e7, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x2, 0x3c5}, 0xfffffffffffffffe, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYRESDEC=r1, @ANYRESDEC=r5, @ANYRES32=r6, @ANYRES16=r4, @ANYRES8=r6, @ANYRES32=0x0, @ANYRES32=r5, @ANYRESOCT=r0, @ANYRESDEC=r1], 0x6c}, 0x1, 0x0, 0x0, 0x18840}, 0x4000045)
r7 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r7, &(0x7f0000000140), 0x4924b68, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.parent_freezing\x00', 0x275a, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)

2m11.91567277s ago: executing program 32 (id=1647):
r0 = userfaultfd(0x801)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x1c}, 'port1\x00', 0x0, 0x10004a, 0x10001, 0x8000008, 0x3, 0x20000004, 0x3ff, 0x0, 0x2, 0xfe})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d5, 0x1101, 0xff})
close(r1)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r3 = syz_clone(0x301b4a00, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$poke(0x4, r3, &(0x7f00000011c0), 0xfffffffffffffffe)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
pipe2(&(0x7f0000000bc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
keyctl$update(0x2, 0x0, 0x0, 0x0)
waitid$P_PIDFD(0x2, r5, 0x0, 0x4, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
iopl(0x3)
r6 = syz_io_uring_setup(0x35e7, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x2, 0x3c5}, 0xfffffffffffffffe, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYRESDEC=r1, @ANYRESDEC=r5, @ANYRES32=r6, @ANYRES16=r4, @ANYRES8=r6, @ANYRES32=0x0, @ANYRES32=r5, @ANYRESOCT=r0, @ANYRESDEC=r1], 0x6c}, 0x1, 0x0, 0x0, 0x18840}, 0x4000045)
r7 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r7, &(0x7f0000000140), 0x4924b68, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.parent_freezing\x00', 0x275a, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)

26.49960586s ago: executing program 4 (id=3752):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x8001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x2c}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e7", 0x9b}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

26.446602375s ago: executing program 4 (id=3754):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdir(&(0x7f0000000040)='./file1\x00', 0x7)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
sendfile(r2, r2, 0x0, 0x7f03)
syz_emit_ethernet(0x6e, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6708100000003aff00034000000000000000ffffac1414aaff020000000000000000000000000001"], 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000140)={0x9, {{0x2, 0x4e23, @private=0xa010100}}}, 0x88)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000003480)={&(0x7f0000000b80)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100042002000500040001000000090001"], 0x5c}, 0x1, 0x40030000000000, 0x0, 0x4000005}, 0x0)

26.443896875s ago: executing program 4 (id=3756):
r0 = socket(0xa, 0x5, 0x0)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="e6", 0x1}], 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000008400000007000000ac1414aa0000000020000000000000008400000008000000e00100fffe000000000000000000000020"], 0x58, 0x4855}, 0x24000052)

26.379749506s ago: executing program 4 (id=3758):
io_uring_setup(0x650b, &(0x7f0000000180)={0x0, 0x2c3f, 0x0, 0x21, 0xab})
r0 = socket(0x28, 0x5, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x5000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200180100000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a3000000000ec000380e8000080d00001800c0002800800034000000002c00001000e80a01447354eade9fcdf54e99945b9a3f3c794c33b64481ae460b4f6a1f3f47fd758998e44e289e660caf11448beb9a1b0223267439fb295f7de371c718b20b37fb6f9b08ec9c3f8d9e1f88126c0c5187be18320bc17d5905212e23e70baafc77ed9ac47db01c34c9927fd4cb4bd9bb06c84fa5246e594ee48764c4f53dc42f0811a8b7bc8311bceacf982c449cb86b3ac46da849ef56d27cac1b59bf23320ff2d435e0a651ff2e842070000003d28a019f3d9b502c4cb050481dd140007800c000100636f756e746572"], 0x1ac}}, 0x0)
r2 = io_uring_setup(0x17, &(0x7f0000000040)={0x0, 0xc8a1, 0x1f400, 0x4, 0x212})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
r3 = syz_open_procfs(0x0, &(0x7f00000008c0)='uid_map\x00')
mkdir(&(0x7f00000001c0)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x400000, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x260)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0x80049370, 0x0)
preadv(r3, &(0x7f0000002d80)=[{&(0x7f0000000940)=""/178, 0xb2}], 0x1, 0x200, 0x3)
getsockopt$PNPIPE_IFINDEX(r4, 0x113, 0x2, &(0x7f0000000280)=<r5=>0x0, &(0x7f00000002c0)=0x4)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@dellinkprop={0x3c, 0x6d, 0xc00, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, 0x2000, 0xa00}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x1}, @IFLA_IFALIASn={0x4}, @IFLA_MTU={0x8, 0x4, 0xf688}, @IFLA_EVENT={0x8, 0x2c, 0x80000000}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0)
setresuid(0x0, 0xee00, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000100)={'macsec0\x00', @local})
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x28d41, 0x0)
write$dsp(r6, &(0x7f0000000680)="e9d4c3ac338b7268db4d61517c0f3ad14723877e0278fb7c968d81ce6080bc80a5c0ffcb94b2a8899f63d515204dcb1e78d11db4985450ba7eec5e505f617fec0322c1b952f66b101f6a5d79916983cfb81eb13bbc6aef71f62f8215e71bf11864f61811deefcdfdf7709572f12f6eef0c052c211d5652d5f1ba080993a61dd5a68959329ab135a5b7b45242d3593668e7db5dc886f9ef6c33b91cadfea45179042c3057d5e98b5d02321bc91db4061f466277ca6b16c51b12db02a0e99f3aa39ffac17dc7a8c409e65edd30175de2547586d3949ca8e29bf682d797a418d2bac8781e48a6d48b0c46ecff68d2819ae0917307e915333586aaf64653bb68f72460532290393c2fc9c3ce1b32920f0066232516120eb96f28568808d78eabb0d3127d3ed8a53820e81ec2c1f8a236fefc2e18459971e719f3f50a6ff7bb320046e7e6f1b973c1bd96002336d92a771c27d2dd32c013117da0929ebf488916fdbd65d3206359051d8b2b7ecc0951dbd64a0219734c4c0bed36bbce1c5826c8bad3b866ec40f19acf4d980afadbf9b17c45053b6cd676e0b95ddc13027e9bb3213a84cbfdcd11a95fbcceb77a4ac2b22184dd552aa49da0ba6f878aacbc99a20288239a0b8d6cf91c581dc5e151af5195bfdfda44dd78a0c0bd3ededfc01e5346428a63d815be2b81ffaa97d62a4e96a14974fecdaa6a5af03cc3ddc3ea1d3e9a36c12c0c3cb8c75cbceba1ac75a2d2c34af309cf01a79d9e5056adf4b8759200240b2b02c4a5fa11caeb4e7fcdda8390a8569b53ea98a34d4e70c4c02606bf111aac069cdc403ccba5b387366c05481f09ca7cdf22641d5481e06931ffeaefa306fc968a664c857958eef3ef3c58c4e845e0ec5123db5582b319ad4c2c890e5b7c0b01e507fef5948c9991e33ca6f1e632a5d61b849441544e39f75b5a3d789d7f67c7f5becde2f0d9c83a8d93e81f83da583606b937011b55eb51cc6265b4cb867bf56708946b9eb2e01dfd9deb07910e8e50bc29e3bfcf0e1326ce75f8cd273c49390dde8ead4678729021b31955bb2e1de82c5e0ead97b5b9c645d4cfa010a676a556a293f5b8f26fdfa6e19e235de19839f677537de36e98ed419615dd766244b58796aa6ba784ae33dd0c1658e775abdfbf9f6d8796084cc2e523e6ac3d582075e4f9be24af933a702d93a8a09fa38db3f0b21075c3759bfadbf1d4fc6c7f5ded0c195e93e61850fb9cc30eeb55c62b12a8981fbbadd0e1f6ca7de70897fac21ec4f65bfc3ea175daa5ef63870a8a95519b56ef17e88a9709889f6fa638cd1996908e4652d7557270d185d15a9f705d9a8708d04a828377878216aae6dce8ad799960bf558c46d3b75a1e3d3cffcd9fee42b31381a15980fc762365a5db4a757a90aec3b30c68190d02c82674132c78b50f83be480b238b750fbc673b8f40f91bb63d076d69666c34100887f125edfba049f3434e653f7c1b9b3f83a0ac817ca3c6637170d60034793ff1e7aa9d563d8993ff376a29e6638ef3fc5f5c9a71d883f47dcaef8740a022ed34b987f6b256ed1f4e54ae607270fe5a4bd142d661cf99f0a87a6c31ae1647707ec4984760892deeb4b7fce33cc544b412550e1061f22ed74e933185981e60c4a40177b1ee9516095c99a84aae653601acae74a1b691322ddb93babd9c11cd758ee78faf034af8b8f4ac9ad3b8bea36fbc7574609b06e701d38e4aa3707666c3dbda922cbdd4ff9c75b54208a6f320e4e32c99b90bcf84f641a8a80e3aeb64391c154bd8802090ff25f01802465f74674041c3f47bf36d74dd65af21d35d1809f8dcea16e87600d4ee3e23c355b7399676bc5277a0e262a9de5ee101455d79b8874715af3ad138cdaa22407ee92702ef38be0ee6e68f4a6722ad7de39b7784420d511a8bb85a04e1032b62a44107e5f7bcd4ca2e6c57ad8fb3440ca0cf5117dff96e2f246f9ac61143265ddbca9c57de855b3bfa8c1610c4991f5f81926fa251ca6b3c83bb40b2cd44d62939d25b0484aa513ecfd1637a10c780483c851e93c9a94d4d172f6a81e43e5056305896edbf4a8b540f0cf05611178792b223b45b667da7ca3b8caeaf80218f3b1a856741e4abe4728deedc98f6f871f3e37d80990f476a36234f5c6adbe6599132a5437304a9c24d19f217b01f4577c86d74b630fa389ae13352167b764427e832995be02fb3dfb9d2c46110609443cb69970c1157d3b3bc20168e2515bd5f003b8242d39d1e2d235f24b462e7915e2fa897f629ca15add23b5e9c9fce266ab8a06f108741a949e15b85d31042e97094c9107518ed7eadfab7290da1a1d201a94c1debed56639a1ab1a012612982b4fd5e0f43dc49c52ff8913715a90ffb044845e421639fb02705ae5c3f353098335e6ad9f548383e3248f126be82c86476e1bbac8379de9aec23afe7c85a2a5eaa820446a0076b84e2d2b5983adf0bc9146bce7868686ebc8cb72c2dba85fe135215d439e52ce6e52295602305e5f590a1bba149b48145bdbb0bedb4818a466ea0162d4473b901eb38725163ead0a5ccdf4a802c1726ec6facfb7d3a39174f048ecb59a9ff1fbb0a460b76a7c3fe8516d64b715db7f1f5836d6dc7ef9b8566be656d3a26e77bf0b26906a380b5b387d7a96075070c5d690bd9a14d2fcc107c33d58c8bfe8819801d935fc9d185a8fe810c33e980490b8faad1259a9a8bb67f00b403eeaa97a3749e78495583d9e00c4bc232e68512321408d416df20827ccbbc79e7e4bd686370f0cbb3be096121385bfad79f72bfec050c0860b548d34e360c7116b10dc363724cca10924aadda9e51bc864ca19e7e8cc7bfdc5ecba8fe782a2895fe3e1bb933d9f910736ddf88cad53d8ce72f3d6ad73824f266c49d15ac76d8de40c0dc7d2b930bd33b573666c897c4d06ec43232038c40487f41bafce72d5e926e34887ea4943ae7872beab938de40a850c1eae4caa07cd4fa523fb9f7f609bac9f2f7c7385fba90bc245a766bbf4f98127e99eb25b20083f8ba31d5f8ffa017d52c38069604ec0cf363ab4254a41c0825e7deb7cd5fd666232be2e53d424c76cbf692a1df4266f13c29bfa174de00ef85307d35c2a1c1d86e09e5c0716b7a6bcaddaedc48c1da10757bc050a336751a57f545aa0cb9d126389219a40aa9f0c3e8158aac6bb306bf8ac2e9752138b5bd349cfa1ac60c677bb1a5acd65d524e1a96907de744bcc051147375b8f97c736d7a1fa1ba6a5bdfa76cb2a30f20fd33a766dd7775a80a801518254765792258948ac439ba1817b6baba04b261c4731ac9170ecb9db7e55ff5e0b920c5c5fc982d0ad79df63b304b661442b0e8cd8bf414e136edd1caed35ddf7ff37354999b2ab037e733d85f46ba8453daea0e40cd57cdd86379bd75e2451e6e38bd6a1d84a2044ed53257542ff69472d7bfa47e26f76b125069ac1136b4d0de62967fb148dbed382e787254caf2ee1d7ae2660da4c3b156cac6ee72ba7655923bd6d981bccf073d63b18e821622740428b3c8478c30019df0ec5c7a0189af8bd3b182516ddda44322019563cd8a15a16796875d53ba468cb406eb93f56bcfe8a86b9222085359fa8c391ef19d39f7196f041757364582be38212aa350e9db1ced3dc6b1bd5d31925c97d82b06b355dec747d72ea3909a14e27ac07e328490568de51b280fa676ab58d576577c2bec189b799f0ee91966b2590d1cf3440bed4f4cb7abd0a18dc441fa0c509efdf9ca29414e4ac2277f26bdffb9fd090c7a6007ca47738a9dd44410fb93b2817a6a393a0df7204ff6ab855cc6bf7baaf2a879531e7b3d9878bbf379c09d13a3ee7659f4da0215e05ce57b0ca4920e7dfdd6c533c4e19e6b0725fb9af58d120e8ae9f208bf9b66c3833a11dacddd11cd52e568beb85dfe0a081e8e8f796dc259e063cc5daa3785a728ca8d0d7d3ff5cbd2e14ca1ab8ed4775c4c1d5e60002107b18c4c6e44bf7249d8b50124e850b52c929481a32e79377ea8ebb4d708d8ecb7b5c4630ca72de865bdfbee8a4d135308970f5f8476195b628a86da59b69eeb86e5ed9efb13f3ba3019b90f7e79dd11325c8d7323741b115635b0cb50ce0fb2caedcad717704eb78f1b17eb9bb9449cf8904f8c2e9fa8e0704b602b6a59a14b7864b82aab3dd68eb5272f4530cad7020870d865db365a56f9c2c7590f3c2a72705163fc94519b43fce9b6df6246dd4be6f1bdf64d783e9ba10b1d2d52407ce14528822aa02dd3226bc2d50e5f14a2f30453a9583ab629a8eb659778e70d252131c3f758306e6ccc24f16320dee9258f090eb1422ef429f8de830602bb85ef84c0cec0feb794018c893b0da2e8154e82eb8e172e88451e313f08efe274d676e2db5f16a8aa56e6b0c3beba79a5c36552ee41654046be398f4633523f008bd2872082acb0b71afd76af1cc1039e50a222e0f2b5d64756a615c29363b39bb788ceae6c43a6e2278b62479bb87ef381e8a303a4c8d7c45536f064ec4cba3833917f93abe62e536676d79410d5850de51a1f7dfd050ea890490e9e5b9ddaae06313e7e345cf0f144d56930133989b21c492db68c4ea3394c0d7be57aadf8c96e976c39e0cbd7479bc2f0c32031cb2d1c3d75fdcf9889f4e7915dc03006e609e2c7347d6e9cd35631e669af96fae43fa678c023ea3d5a76bbac0534e0f4dcf17bfcc96d7f58b62c311a0a55b40e12b75d945d829783f4b3a9326c93bf36a89865375d1dc5801fde13abe1b4692abaa041e83445b0b7d560f854f0b8d23d39e31385bf33520dc2ea7e43d0a810c06fac4081ae6a01cf5e5c45ff74c2fb3a1f639e81a9e47d3f241af6d8effe77a4889bec6cb56142fdf6c55b6f0a0b33409f87cc7ea068c807d58ef23d9cae50cac6f75b869a06a2fb7aa47cb1d9521aeb3f3b9cc0a1056b9c00229c5a8918475b1c447b27738afba780651c562b9ef0de9a47b1cf041b8163662388039c870d5649b21e0b900c896cea76f08c333c334bac24ce67a5eab5ea43b7db765674ff7547a0d0e4dfa545d46819b098d03c76fffa106a18f91197d6d1ac11ff98eefbb06723deb7e3cb2b75a62e5acccb1562e16063344ee98614c2242286db9e3f68bd95bd4b683bb0b72dbad607cc87574bd201c7c56329f83d18f843cdc489f22c031c1318a28ebdf4a43cc714771263be238be59bc5426d2b0086f26dd278bfd09e1234b2216d27fb9bc769393817f8de6a196f12df480487fba85dac0c32b8b5acf652ed1f6cf1de085e93b87183d0009fdb52d9e2a72cb363b295a1e360f6132e899fedcfa193cb41e366c8b21d1c8bfae6c3dd39d5efde9299a7e07eadc7577fc21c3064c2a8d45927bb6a787878d3b79e7d538daf3bf2b7b040fdc8104401b859813edde5a2ffc482d400da04a212ca135de20f63040236c5bcef19d8e365f0a2165987df85604b102db99de5138cf489d5cb4af1c48702bd41e14b9feb573e0e7ca0ba3ca91e9eb71bb3e49bce364eb778747fd5aa4d9a83eccc616c2e523011b83095971435879fa3efc2f96ae70904981fd2000e16aac06dd11eccd661d0dad989e957e9e12fc42034da6637e67936877c0f3f32b81b79db152aec7113991a5b574714f8bc5d5ca0a29cc514e5ff9009e89c52bf0f90f2ccd79929a4a0604c1bd4784cb8fc11bff89516a65c303292181187a41ed2ef6cea3fb8b094b11496d33082ab28ddc557e516ea89d107e6f79e8ae0cd9ab0a9d819e90726c9439abefa03ed9442276d5c3d02d71a3b3f40f3e651efe3414effe72f2", 0x1000)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000640)=0x10)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000040)=0x2563, 0x4)
sendto$inet(r4, &(0x7f0000000100)="1ce0", 0x2, 0x0, &(0x7f0000001100)={0x2, 0x0, @broadcast}, 0x10)
recvmmsg(r7, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x10140, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

26.278559205s ago: executing program 4 (id=3761):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)

26.000708174s ago: executing program 4 (id=3767):
socket(0x2, 0xa, 0x300)
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}], 0x1c)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="e6", 0x1}], 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000008400000007000000ac1414aa00000000200000000000000084000000080000002001000000000000000000000000012c200000000000000084000000080000000000000000000004"], 0x58, 0x4855}, 0x24000052)

25.912844514s ago: executing program 33 (id=3767):
socket(0x2, 0xa, 0x300)
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}], 0x1c)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="e6", 0x1}], 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000008400000007000000ac1414aa00000000200000000000000084000000080000002001000000000000000000000000012c200000000000000084000000080000000000000000000004"], 0x58, 0x4855}, 0x24000052)

3.755741799s ago: executing program 1 (id=4094):
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) (fail_nth: 22)

3.69020561s ago: executing program 1 (id=4095):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x1000d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3c}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0xffff, 0x0, 0x5, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x4})
ioctl(r3, 0x8b1a, &(0x7f0000000040))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"})
ioctl$SIOCSIFHWADDR(r0, 0x8b15, &(0x7f0000000000)={'wlan1\x00', @remote})

2.850275396s ago: executing program 1 (id=4107):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="4c010000", @ANYRES16=r1, @ANYBLOB="01002abd7000fddbdf250500000008000680040005000c00038008000300090000007800058008000100756470000800010065746800080001006574680007000100696200000700010069620000080001007564700007000100696200000800010065746800340002800800030008000000080004000600000008000400000200000800b2000a000000080003000000000008000300d20000000c0006800800010004000000280007800c0004000f000000000000000800020008000000080002000600000008000100020000001800068008000600050000000400020008000100090000001c00038008000100ff7f000008000300f9b2ffff080002000600000044000380080002000500000008000100060000000800030006000000080002000200000008000100090000000800010090570000080020af83b625d7a7aa030005000000"], 0x14c}, 0x1, 0x0, 0x0, 0x4}, 0x1) (async)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="4c010000", @ANYRES16=r1, @ANYBLOB="01002abd7000fddbdf250500000008000680040005000c00038008000300090000007800058008000100756470000800010065746800080001006574680007000100696200000700010069620000080001007564700007000100696200000800010065746800340002800800030008000000080004000600000008000400000200000800b2000a000000080003000000000008000300d20000000c0006800800010004000000280007800c0004000f000000000000000800020008000000080002000600000008000100020000001800068008000600050000000400020008000100090000001c00038008000100ff7f000008000300f9b2ffff080002000600000044000380080002000500000008000100060000000800030006000000080002000200000008000100090000000800010090570000080020af83b625d7a7aa030005000000"], 0x14c}, 0x1, 0x0, 0x0, 0x4}, 0x1)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001840)={&(0x7f0000001900)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1db126bd7000fedbdf250b0000001000058004000280080001"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x48080)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect(0x1, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="9402000021000100fcffffff00000000ac1414aae5fffff8b49ed9825133a900fc0100000000000000000000000000000000add500200000000000801aeaaec1", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000070000400706362632874776f666973682900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040010000dc06216ef2c68e9f6da05d886dbc3273ef99796b36698e2bd5179c3eea5474fc78c9720bfc4f90a708001f0001000000cc0111"], 0x294}}, 0x0) (async)
sendmsg$nl_xfrm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="9402000021000100fcffffff00000000ac1414aae5fffff8b49ed9825133a900fc0100000000000000000000000000000000add500200000000000801aeaaec1", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000070000400706362632874776f666973682900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040010000dc06216ef2c68e9f6da05d886dbc3273ef99796b36698e2bd5179c3eea5474fc78c9720bfc4f90a708001f0001000000cc0111"], 0x294}}, 0x0)

2.126724443s ago: executing program 0 (id=4114):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x200080, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001480)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0x9, 0x2, [{0xb, 0x4}]}]}}, 0x0, 0x2e, 0x0, 0x1}, 0x28)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000240)={0xa0, 0x0, 0x0, 0x0, {}, {{}, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}]}})
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000f00)={'wlan0\x00', <r3=>0x0})
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/49, 0x31}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3400000044000701feffffff00000000037c0000040042800c00018006000600800a0000100002"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20040, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r9 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x211a, 0x0, 0x4, 0x306}, &(0x7f0000000340)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x1, r8, 0x0})
io_uring_enter(r9, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r1)
sendmsg$NL80211_CMD_FLUSH_PMKSA(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000001300)={0x1c, r12, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000804}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)

1.949066373s ago: executing program 3 (id=4117):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x800)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x18}}, 0x8001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x2c}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085", 0xcb}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

1.944682425s ago: executing program 3 (id=4118):
symlink(0x0, &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x8)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000340)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
unlink(&(0x7f00000006c0)='./file1\x00')
rename(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file1\x00')
socket$inet6(0xa, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="120000000d0000000400000003"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, 0x0, 0x0}, 0x20)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000000101010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x4000)

1.888396701s ago: executing program 3 (id=4119):
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) (fail_nth: 24)

1.739523812s ago: executing program 0 (id=4120):
r0 = socket$inet6(0xa, 0x80002, 0x88)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) (async)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
capset(&(0x7f00000001c0)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x5}) (async)
capset(&(0x7f00000001c0)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x5})
io_uring_setup(0x37cc, &(0x7f0000000040)={0x0, 0x2a11, 0x1c080, 0xa, 0x20002f7}) (async)
io_uring_setup(0x37cc, &(0x7f0000000040)={0x0, 0x2a11, 0x1c080, 0xa, 0x20002f7})
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400000008"], 0x50)
ioctl$mixer_OSS_GETVERSION(r1, 0x80044d76, &(0x7f0000000080))
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000440)=@bpf_lsm={0x1d, 0x16, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x5}}, @alu={0x4, 0x0, 0xb, 0x0, 0xa, 0x10, 0x4}, @call={0x85, 0x0, 0x0, 0x2b}]}, &(0x7f0000000180)='syzkaller\x00', 0x6, 0xf6, &(0x7f0000000200)=""/246, 0x41000, 0x13, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x5, 0x5}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000340)=[r2, r2, r2], &(0x7f0000000380)=[{0x5, 0x5, 0x10, 0x1}, {0x2, 0x5, 0x3, 0x3}, {0x2, 0x3, 0x9, 0x1}, {0x3, 0x1, 0x9, 0x7}, {0x4, 0x4, 0x6, 0x3}, {0x2, 0x5, 0x9}, {0x3, 0x4, 0xf, 0xc}, {0x1, 0x3, 0x1, 0xb}], 0x10, 0x7fff}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000500)={r3, r2}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
recvmmsg(r0, &(0x7f00000001c0), 0x0, 0x40000043, 0x0) (async)
recvmmsg(r0, &(0x7f00000001c0), 0x0, 0x40000043, 0x0)

1.739004207s ago: executing program 0 (id=4121):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x3, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000180)={0xb6, 0x0, 0x9}) (async)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f0000000180)={0xb6, 0x0, 0x9})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x4, 0xfffffffc, 0x0, 0xeffffdff, 0x0, [{0x6, 0x0, 0xfd, '\x00', 0xff}, {0x0, 0x8, 0x0, '\x00', 0x7c}, {0xec, 0x13, 0x4, '\x00', 0xbb}, {0x13, 0xb}, {0x0, 0xfd, 0x0, '\x00', 0xfd}, {0xfe, 0x0, 0x6, '\x00', 0x2}, {0xfd, 0x0, 0x6}, {0x6f, 0x0, 0x0, '\x00', 0x7}, {0x0, 0x8f, 0xf5, '\x00', 0xfc}, {0xb5, 0x6, 0x0, '\x00', 0x9}, {0xb, 0x0, 0x6, '\x00', 0xd}, {0x0, 0x99, 0x81, '\x00', 0x1}, {0x0, 0x49, 0x2, '\x00', 0x3}, {0x2, 0x0, 0x3}, {0xc3, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x6, 0x0, '\x00', 0xff}, {0x3, 0x0, 0xec}, {0x0, 0x2, 0x6, '\x00', 0x10}, {0xfe, 0x0, 0xd}, {0x0, 0x80, 0x0, '\x00', 0x1}, {0x4, 0x2, 0x0, '\x00', 0x37}, {0x0, 0x9, 0x0, '\x00', 0x5}, {0x0, 0x2, 0x9}, {0x4a, 0xff, 0x3}]}}) (async)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x4, 0xfffffffc, 0x0, 0xeffffdff, 0x0, [{0x6, 0x0, 0xfd, '\x00', 0xff}, {0x0, 0x8, 0x0, '\x00', 0x7c}, {0xec, 0x13, 0x4, '\x00', 0xbb}, {0x13, 0xb}, {0x0, 0xfd, 0x0, '\x00', 0xfd}, {0xfe, 0x0, 0x6, '\x00', 0x2}, {0xfd, 0x0, 0x6}, {0x6f, 0x0, 0x0, '\x00', 0x7}, {0x0, 0x8f, 0xf5, '\x00', 0xfc}, {0xb5, 0x6, 0x0, '\x00', 0x9}, {0xb, 0x0, 0x6, '\x00', 0xd}, {0x0, 0x99, 0x81, '\x00', 0x1}, {0x0, 0x49, 0x2, '\x00', 0x3}, {0x2, 0x0, 0x3}, {0xc3, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x6, 0x0, '\x00', 0xff}, {0x3, 0x0, 0xec}, {0x0, 0x2, 0x6, '\x00', 0x10}, {0xfe, 0x0, 0xd}, {0x0, 0x80, 0x0, '\x00', 0x1}, {0x4, 0x2, 0x0, '\x00', 0x37}, {0x0, 0x9, 0x0, '\x00', 0x5}, {0x0, 0x2, 0x9}, {0x4a, 0xff, 0x3}]}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
nanosleep(&(0x7f0000000000), 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), r6)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="ccb8d296981fa969c448f8f5252fff845482e4e4d843cdeb14cd7e2cd9a1f2634c65e5fe877f8187c112cace8c33c5968eb8cd343ffab22c04a493fdd586e6caf9292327e54eacae0e92c77b72791567a0574c03671005", @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf252600000018000180140002006c6f00"/38], 0x2c}, 0x1, 0x30000}, 0x0)
r8 = syz_open_dev$I2C(&(0x7f0000001000), 0x0, 0x0)
ioctl$I2C_TENBIT(r8, 0x704, 0x0) (async)
ioctl$I2C_TENBIT(r8, 0x704, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
mount$nfs(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f00000001c0), 0x1004000, &(0x7f0000000200)={[{'noac,'}]}) (async)
mount$nfs(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f00000001c0), 0x1004000, &(0x7f0000000200)={[{'noac,'}]})
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000040)=0x4)
r10 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r10, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x101}, 0x1c)
connect$inet6(r10, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
fcntl$dupfd(r10, 0x406, r10) (async)
r11 = fcntl$dupfd(r10, 0x406, r10)
write$cgroup_pid(r11, &(0x7f0000000240), 0xfdef)
ioctl$FIONREAD(r9, 0x541b, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000280), 0x800800, 0x0) (async)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000280), 0x800800, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r5, @ANYBLOB="08000500020002fe07b44d426afddf00"], 0x2c}}, 0x0)
clock_gettime(0x7, &(0x7f0000000080)) (async)
clock_gettime(0x7, &(0x7f0000000080))

1.606582061s ago: executing program 1 (id=4122):
socket(0x29, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="2400000068000100000000000000000002000000040000000400040008000600f2000000a6dd34879a85783c73510f42785c8a4128d2b18abae4ebb6f769508059da40c18986ee0e8ef9ead30182fe360ee7adca753e5883fa21986a41fd35e607142b23ed0768a25808277a"], 0x24}, 0x1, 0x0, 0x0, 0x4040001}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
getpeername$unix(r1, 0x0, &(0x7f0000000400))
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0xcb99cd6080c420f1, 0x0)
socket$inet6(0xa, 0x3, 0x2080007)
socket$netlink(0x10, 0x3, 0x8000000004)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder1\x00', 0x802, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010100}, {0x2, 0x4e23, @local}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x38}}, 0x1d7, 0x0, 0x0, 0x0, 0xfffe, 0x0, 0x6, 0x8, 0xfffc})
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80, 0x23456})
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x1, 0x0)
fchdir(r5)

1.39070213s ago: executing program 3 (id=4124):
r0 = openat$hpet(0xffffff9c, 0x0, 0x50680, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000200)={0x4, 0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)=""/48, 0x30}, {&(0x7f0000000380)=""/235, 0xeb}, {&(0x7f0000000500)=""/234, 0xea}, {&(0x7f0000000600)=""/179, 0xb3}], &(0x7f00000001c0)=[0x5, 0xfff, 0x1, 0x3ff]}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x181603, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x6, 0x2, 0xa4, 0x7fff0003}]})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_ADMIT_BYTES={0x8, 0x5, 0x80}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008800}, 0x0)
r4 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x80001021, 0x80, 0x6, 0x110}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000240)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000005001900010000000800160000000100080017"], 0x44}}, 0x0)
io_uring_enter(r4, 0x6e2, 0xc49, 0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1.300207379s ago: executing program 0 (id=4125):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0xc4}, 0x890)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x801, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0x5016, 0x0)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000280))
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="14000000100001e456b8aa00000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}}, 0x4000010)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x2, 0x80802, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r6)
ptrace$getsig(0x4202, r6, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_open_dev$hidraw(&(0x7f0000000400), 0x5, 0x10200)
ioctl$HIDIOCGRDESCSIZE(r8, 0x80044801, &(0x7f0000000440))
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000000))
sendmsg$inet(r5, &(0x7f0000000100)={&(0x7f00000001c0)={0x2, 0x4c23, @rand_addr=0x64010100}, 0x10, 0x0, 0x0, &(0x7f00000000c0)}, 0x40540c0)
sendmsg$inet(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000001d80)="900736ffd7fb87465963b0d3522d82eab665c2832180d084a2b466cc4ea717ab45c96aea10a8c013fdd2a867d155cff2cc400602ee3af3f80c92a078afe315445c352d1695da6c390258ae2e7efc2c02fc161e1b5e271d98a04e5d977b6ca58c3c61f2e559489bcad21796d816c99b330ad4f7f0ff31a95635d4e18731539a4485d53546337f6453f17004a64899aa1c42bceea63fb4bb4a43deb4de7ddf18f773c836c304b2f2edf9c37e2859da3e0f28a1db43866032877a5b3218da48534a923d2b864964cf53bc0156359c23b20c4b5ed905fb9b6dd9178e6110aa63b24a24c71ff171dbf7bb65c26a4f3e3b960e1fe4e5c38c458170e7e5d38a2fa77262a334b70da13159214b59e99043f2d45738cfe619d4e54d9d9d52faad4185dc1461e3de1d4a8e2bac117f496b9198352ed12b367de480013f50733fcce28686f100f105d037fe1d3c387164fd3bb6d9f758e8c35de274cc824e0ef8a4ec4d740cb37a646300158bd9f137d0712242f3ff01641eedbf6207cc3e7b9314e8cd44581f210ae9980710a38a426305d71a732645e48a5faf121177bb16c0253dbba4b6495b2fdf147bf3557edbf1134ad8135eddb75535613f0c13e995f458d7117b7b4484be02dda974d1f894074f5258bc3416e61b41949c2bca7746dd9edc6fc1d0b9305c7ee799be795a7df68f76872046beb4e1ff6d5a62a7177902fdb74cb5d1e104b8852fd4db5ced74b73b68eb138695110452ddf5def0a6961d7010d1b170391e5897f32102ebade663ec2804708f63becf2b7595461d10062df096794e1cb4232cda841f3a86a6d5e50fe8db194bfb3721c9bc3e29b176f3554f1010776afe8fe89b5869bb25e5ffe24ad26f382b7176fd85e3d19a2d8e58031e1939ed39c96c4f2f967f75049ee7e36469b8c010992623f8248cff1c362bbb12e8ed5fd05b72fb1f391b4c13d06a453f2169bea0cc67768e06311494a3dc736c80ef644fc0d09dae7dfc09de2b7f6d0b21734486503b74bd3387ffa9a5da1b39a2ec9c410a4b2d4ec1f8ef1d3a7ced2637878b038da8d69b32a3e402580e5b746f8e7f930ff478e6b15f475b6b96a25cd8f55bdd73bc483ee5625b56b81f8d9183bc36a5c4c0974db6ad499bf1fcccb994c3defccf1324543260fb1a790ef60d50da4f955783af41066d51abdf7a566c2b2c876e0199e7b920068f226c7a5f14b65b3dbd7fb244c3fb1660740b5f849942e468af39e5a9bc80a6075878dfac23d0ae839a0e509448130e7dabadd7c494b64e67be6400ea34b097bfc578deb3c5ebefa9c1019ef65bf641c9388d9b29f6c9c2e5b8b81fcfdd94059d9a21c80f318d9675721a31ca77a4920b06cb744e96ae74ef66b4dfbe5d1085c9485abf9356d966cb63a75a250dc4432b89ec09dff3531613e12694abdd61d270ab34fba12ae1db3ed45fbc87eb1725f962de4922a64c82ed5d4b652ad926be7330f15fee7a6d53719f6231be26e7593454eabf6fdfe940f04c8cdf022ce9e278c0e2ce9aa9285594972d2b910cedf1d956976f9e6d9571210e4939821c9b68146925e2780db8e1fe6872ba1e178dfb627d9623b5c700cae1d3ce830422b9d906060b28d0956af355a2ce927c9cde8391b43fdbccd428403ee758de7c09de5a2c8eb2dac85a0e056b1ce291da6e54ea1e669b5eee9ca1043aa4f92368b39920f23f2ce3ea3906412de447a0ba28474f2b839a0413e1a0c5c1e7e818b6ae483fbf9a5fcf9367cf9badb8d2040e54dd868a672f3d24fc0e9a77648acb524999c46061b5a71cc8e0b3e66e5421b4e4f8ade64015793ac3949f7c0a3bd64b8e1d2bb99d3e51b5a295b1d2ae2de914a8d6309d9faf5f6b10edb2d9c1dad7eef2ade703d92f06f811cc8682fb98ba2ec324d9ffb23ccff4d231b459214004c7c3afd1f43265f3e40dfc15053103c220347ce2c480ffc73e500314bf7125baf8047ae9521a9c23b53983366fa69466d0bbd00374f703d8e1645849f024b5f2e6affcd99d0ac335e91daf78d5966b081f82762f050b090847f48696736db6ca4afa74e40c8be0fa72a4f8", 0x5bd}], 0x1}, 0x84)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r9, &(0x7f0000000ac0)={0x2b1, 0x7d, 0x2, {{0x500, 0x170, 0x1, 0x400, {0x0, 0x0, 0x4}, 0x0, 0x0, 0x7, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x05\xb4\x94\xe1', 0x8f, '\x00\xf3\x13\xf6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x89\x127\x06\x01\x01\xa2\x01\xbe\xce\xe0\xb4H#\xa4}Q\x97u{\xecMEa\xf8\x98\r\xbb\xa0\x1f\xf8\xa6\x00\x00\x00\x00\x00\x00\x00\a\xdf\x16\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcb\xbf\xef\x13\xeb\b\x8d\x99\xe0*+f-8B})Q\xc0K\xf0KS\x0f\x9e\xf5?\x10>\xd9k\xfc\x9b\x8f/6R\xb6\xd9\xb8\xc0\xb6N\xfb-\x86\x85\xe8BkW\xa7R\xa6X\x95\xbf\xcf\x9cf\x14', 0x57, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbb\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00\x0eG'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f2\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x2b1)
r10 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0)
write$proc_mixer(r10, &(0x7f0000000080)=ANY=[@ANYRESHEX=r9], 0x2b)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000001000010400004000fedbdf2501f80000", @ANYRES32=0x0, @ANYBLOB="01020400000000002800128008000100736974001c00028008000200c6120001060008001900000005000a00fd000000080004000100010008"], 0x58}}, 0x0)
close(r10)

639.704622ms ago: executing program 1 (id=4128):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000e00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r2}, 0xc)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000800000000000000004000000180100002020702500000000002020207b1af8ff00000000bfa108000000000047010000f6ffffffb702000008001000b703000000000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0x1}, 0x94)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r0, 0x0)
ioctl$CDROMREADMODE2(r4, 0x530c, &(0x7f0000001080)={0x2, 0xc, 0x3, 0x6, 0x0, 0xf8})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x3)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000c00)={0x44, 0x0, &(0x7f0000000a80)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
set_mempolicy(0x2, &(0x7f0000000000)=0x2, 0x3)

470.709174ms ago: executing program 1 (id=4130):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000300000058000180440004001f0001000a000000000090040000000000000000000000000000000100000000100002000a00000000000000fe8000000000000000000000000000bb000000000d0001"], 0x6c}, 0x1, 0x0, 0x0, 0x851}, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d4"])
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd69010000001406fffe800000000000000000000039fe8000000000000000000000000000aa4e224e24000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2"], 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r3, 0x0)
write$UHID_INPUT(r3, &(0x7f0000000380)={0x8, {"054d1f614bb3fc44e365876b02c07f77b170b7841f1739172a7e1ad31788d084bc25f5ef6b09e625e900587ae93c32978efae34a84006435de1023fe4c5e34a201f9cd6d28c3bb8085b6932b2d4728a3ce6e75d60e7037ca6799b1ebabc58f51c94dec52b4b013ac8c88160d843586b5f69af4860ba89fe514e20e7c1862e113985179e0bb590522e6e708cf5b57bd226ad069ff404604738e59603553a7ecd3c437a34e6715889de569a83a9db38c0229a870cea42a9581e977f230f237c1368fc8cedea99b7283bc031cc6cedf653e7e9fc134d8bcbaddfa135f1a6311495fe66547830f77709031d97b72205ff43e4eb278b76c02c318d4c2cf17e1cfbba5fbb0f208fb298b615638e38a711db4a8619594b7ed25b3d91a324d67749aabe4268e42f18c628e85f7b101c9116b09b53ba1460c534f5bcd1f9d812af3d5a6e4ffd1a8bb7b1bf68ee8de8d28cd36b0afe1da212c238eb902c6706ad8b43be2609ad1bcd1ec5e03b980b67d2470e4bfb3f7e1d68cc5b57fbfbc9f35e33693b923d292a63e23e5f08fb52a1230aaa7022d801566c82bf578e7d83a826b8650f2bf061fdd7d50cc86f95e45af53685b72844f833cbefd68647dd1d09db7451822865c43d6ebd30b607e23d00759af42ca6f0e2c447c7139707a3c75e320d0b447b1fb1b14a2e98aab59225e085b0eb35baf042903c995d76522b08fbffff21fce798ded1d5240115851177c0f2591f5354671ebf686e0519d617cfcda97777c653e1686e2db8cb9a6ec2c9793533b6c3412874c7d11a989c378ee43c1c55ad21516171d7f7c68fbfc2af45336a1a146e9fd8b91fd9198a0c744d86b98f24a7dc9b5fd013b6cdf1fd39d674edc6d9933b393d15155dbe925752e379b8995ac41697cd8edd14196acdb69c014191e20682b481db5dd2b3e881acf9fd8295e8fde4904274d828f8ce776fd9e6b66afb2aff3c02e7bf6ebed8797ed920f315b18f8ad3cd23bd6f06e1115f005e8de21edcccd192151c9e19473f17561324c20bb915663c1880c00d6775c576145453f778dd7b181651b55e8eefd39b283935b03fb8720e7a8776bdf1d744b8b59c95cb37f21f821fdbbc17dd59241c909ad015c532cc50e40c99f2252d45a6598c3a976ddbbe3ded8bbba984696a0008bb2f76485cb1b77cfd08d881a19f45169b6e2254e1063c98fd4ec7e2b14d1ecc46b18715dece4ad7e9af9bb23011e7cbbf60910ff262b4a91b9299193f9eecfb4b651084417da221342e23d77aa6cdf39649b01b6f6a41d1ff92591f17afa06413e0df4c74c2a1ac6705846351603ad2d01f6953f8e2bde4879a61e46e93d6e09441aeb95108d92eb4ce249f04117a41034a13fd8aba51da8c79ba6eed0d18f3acc14b5a7ef9fabc890edc78502a69f7362f7c7bebed678285138f64f5e3492e4b0cc8f6a4dddd05fe26b226ee75b7f62d6fcb77680d6a4246775d4439a461b28100f74d5067e3bf8e98fcddd54b512d1625d4427c23bf153bd3bd993cd11cf48b9935dbd8eb6fff37aa445439fb9ff08e7c0aabf35d0447b996564ee3cca831069a801f3c89e51e6e214fdd67d2b4efce9fc0ea7a35ecfa4057a4a58847e1b57526d86763d3db12d6d45e2388025866307f1bd3c569f26a024ec6b00f099afa0ffbe6d16cd0ec29c9b61208e1b6e4d3de3e054ddc4d8bc175708f90e7aee6e461f4b735ff58b2d1ab459c6f2e3518b4b76dd4d9e29e1dee7c63508bf1e78b22da5e1e2a8548492eeea5d48815891e6a959ec7ce1f00d5588f3cf75e154a27fc8d2f1d511c2e524fab7de1f6d4cfda0f893637b822b7c58c74acff3b95c7a6bb0bdeef464b252117a15d686ea34a02ef94afedb42ef27cf05d97e03bf52b5e75ef11eee9b8a83c3fe5394b235ea2f5615873121346e101c1a486393427d513c9364ebbb31df1d79bce67982d939c7234d6c1c2823ebe99c0da85fea8f184635fcfe46503a6cb29e984328cd1fb2e917de01c94b41591b156de8058c79d980b1385a6b768857ce6ff62dad0685f441036582240d7e7a969d9688198d345f0832b856543e40c272575610132cfa2df6aa6450304b9a8b401ce64346edbfe1b305419c7f2265784cf521ca04adb32bfeb217c8a697d94d72a38c137b4ec27c5ed325b64eb4c90b0ad3c6e139048ce501cf80be6831633ca02d9da1d62409aabb06e4137ff88b0fbd67a5a994c034d1018a9f52fcc79f0acffad816bcc557bcc3dbfa0e00a5cbe29af060f2a0030566f1294a56b8dcad7102ac15374ae3106a7c1306e1169b6f123f6ffe856bd27a9efdb4128f1b613b078341e131bbbc1d1f55f0345ce1f22ea127e1859d763d3e452a179859436e12765e065cd41dbb9b308232d0725e86d9f8580e8f112d492b32d88899f9052bac599c49095c929c425078526c0e8317d51ccb7d7fab85f00a60ad051cb564fce29e91165cd15b6cb079484efcd2d6a688d73c6d8a2c257e6de568170d3259bb78059fec190d36059d4cdb9eb2d536bd65e80f0e3eed340a6a30c99cb6050a2b79a2c8212bcfda487e7b5347efcc32c727ef69bae2f767c9085a35067dc2601d226deea52edbb253dfad832e308035a51c239cbee5365e3e1de8a26c34e78be195d83723e32f688257a8e5bafb3c2bc99e9296fd63f356b7300e0b75a76a5c99c7ec6a06bacd79242ff50aad71018380138e19fe57b8b7a5f1be4e4f3b323823e256712cbb03a0358ff32d8908b648def8963a5d59f08653a6ca8698ba019393f5e9147357f3a470c67d6f6bed84b5360bc9d3593082df6bd60a74c5bf8936a603beb8d926df9515085095a90363069f68943d2a59859e7a1e9a90264fc51d1700a4edaa568fb89f57ed97a17179a9e2134774961ac713bcfadf4f4120d6e3b537fb85a697587b6969736382f20b434bedebf91e323ffbd5757525b8971f17cd52670c50fe28e426aabc6076a2fce4c6966e620f703288657fdd609af6d7180ff38ec728d2618521ba7cbbc723829c55eda0acfd051d33f56758776678636e8f063fc0339e3a186061eb15f0882663e8a884530fb04e8eaef53080aa006ec9238ae388f214137d0f61b599485e3bd803067c46d11f5c06a69b811c78dfc192f550fa424f94a4d397be23de8d79d19d03a6355812f9c2c51f0fc33182fa08e5f03e8f0ab48beb3ffd8b2bfaa922a07c65472aa03e779c1cd35a32682d0346d11815c79a99fe77413aaaa1cd6098ae4cf70f59b37dbb83d8e4d13076309a77a4553bb0917df2ac63560d7231bc50a4eeb8d2037905521c4985c917788038560725ea7f0156ef8dabac4ebdc4228b6dc5a0a58fd5967d24a7510c12d36ea9fbb85dcb355b7c1ca73726b15b7b12702d947df7039d0616076bf052841871cd2eae15f7b5c1d8cddf65b270bb9f6632ab2b957e70faa32b050320ba97f192b2e9448555962a81ea63a26d5b795eb12b3614e54726a26e2873519af70421ce30e91d6edb3da0290087de5d4e813c18b40a8a3088e6f8a643ea5b04a5c99885f8d66a64ef103c12e072e7f4151971a2837e88f97e588d616d439030bbd97b36db5ac45ebbb9565c4217d2acc788bc70e34b25caaf4f24f48984cae705313987622c4241e024cc0a7060f39f61419b63b54fadb01e0f09c100d2183a608138f046864af1778bdca0e4e83252d65fc17ce43ef570ba27aa5bdc8e07ca46dfe414e8a985c64492392b2535c3ff3fa3b345e752ddcca440cc754330633105019c9ce853e2cc797daa345e9170d563b5070a7d11799c00f1d3f317c8b4da27967337854a787dfd8ac1f8cb0f2caedc1b0d938f97b0dbf4b7a69ab473c8224abb145588434607740e4f74cfae940b17b3cc4550cc3e0a0e883ba547347d46b6c6e7b57c229a9170491a97e15b4abdefbab921ac5bbf13e84320ec616e20dc2495c472114da113dd074aa275ea52f2e55422d972b45dcadb028a76b848be6e2de4009b31764075c5f29fb8985d1b880ae3bfb358ff30e8763937c5cd3580036393c3966c9b40ec3f29c495ad3fcfa4655b2a5a91c3eb921b17c9533d01bc8d853e8dc5c3b5570b3855c0a8d21dc8b26b133f7dc234a0951ff70ff5affe19942fb6d44ebc8ca8197c36bebf22a78670a437beec40d60cb4cff383fc51a8173aecdb3640618537631b0248c381c2740398ecb8ffa44bea1d0dd2203e1c736139c1b089b78e48f57b104f34c241eb9a7a7dc6ce84821dc13d0b1114667b3a9ee78f2f259a73ffe136c0d0600985ace6ed01552c1a60a7b718026aec459ce57c0554e04d6c0bf1e114aa13c40b4f04dc7c568346efa82533e93a7f757216c68549f6072252c28f2239087c2b8bfe97a60df06afcb4a6bca7c95bbd98e2a3f461c151a369b789c26320f9b24c1737b42a951cd4364714f594bf44cc8b31d83e6f8a7de19106b55522a74b72740b6b0fad831541ae7110e880075b5c4a4a2d9d04cde4a59aa1aa057681b9eb027f56a29d7bd6ca1a899d693cc72886f7be913be1e7f2dc2705738bc8833fab9368e483faed99ae581a7e57f5f28bc65d2451888cbbe27c00a0a829112fb046fe4673df72a0dd74f5710a6c149abcddc477f3a51d9f7c1a63b6d864e93abbb54573f7ec0f019d973aa2aced9be22893c477d13a870e83758cb264d925b5a3c362b854c99359216273dc04bbccd5cc50ad787e182626386ad8cf32ee2da7f889f44520abd29cfcc34c731e019a31c1442273bf7bdd5cd4d71f78d7404e171275547a3deeb2517b0bc5161348d54c63199fad8658914f2be0474794b60871c78e6e011b2a3055de9fba03ba1320fda9d6e82c542a7edb6815dce0e7515d45f9fa15e3a849250fb1a358f3a1daeeecbaf0b0cfb5d6a5000e99608724de567bf1ec1ba4fe60df47431c37b9c85f1ee39b09ffd069a1107f2b27731bd0d6622e474b6e30421a3bf8cf22fac3d548bf3026bf3cad448d74a157b1c2b1feb28590d07a9ce71f7a15c2d73a07a48de419b82d3fb1961c0e26fcddd3d79c27e350b7e47156453a463d1ffb3c7431fe4ff73287c4017e2bb5035409ab190224f937dd240013ef641892a3ed06ef5becf32c38b90df0707fbf9262cc225dc073ff385a01224da71fa668dfb201f17f1f8f595081febbf15fbaf40631c978d007f45d7f5f2824efb162d4e7d371d0f06dc7a042f13c0184c7a174275c01f17d93dd4c297ad562e6c3fb376e4564ca829d8e1ab90392dcb9d70a0a77b31b5be2b504fae79f0608e884e06cc2d544e0757cb99d9b487c1df4e26eeb5c28d523ec0eeb076a560f156ae0162525c0da98840350ddbd8a91969ccd46e81f9d6ac4a4c84bc9781c293f924fe2084a6b723b601b3a79ad17c8392d220161079fff407a2f55685964c1a8961916fcc0ab35ed56f31dd6db7d4196a8cec601209cfbdd1d5b107ea779850a755e9d56e0c9fe1c246e3994f3bae978069482b80ebe51bdc7c0d62ee8edfe81e75c8fc02ff906c409ad0fe260eec5991fe1a6b5ec553fb356594444fc13e4b610bbf2131569a5a57c8cd3c92acf0ca1a307d8890c52ac4002de9a6f98cce581222f993d71eaa975107e2d0f0e6d9c482161a1580b4664dda1c2eba62d2f570c1aa78a5b868378316f2a8b505d013fb48e40163097a31d8c752b852b642ab77d391e13c3cafce3d9ddff2fe9b0403e3b69945ef28d3b9cbb7fd56195d6b8a0743fe5f25699c3f55d657eb7388469ccf8f568f5e217e3ccf9603f72b66b99336d378e0248a524d6b809da4d3903626391", 0x1000}}, 0x1006)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00db6072000001ea89de2b4410000e60080b8785d960000100000000000000000000000000000000000527000", "2809e8dbe108598948224ad44afac11d875397bdb22d0000b420a1a93c5240f45f819ef6167d3d458dd4992861ac00", "f4bd000000801900000000000000000000000000000000000000000100", [0x0, 0x2000000000001]}})
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
keyctl$clear(0x7, 0xfffffffffffffffb)
syz_emit_ethernet(0x6e, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6708100000003aff00034000000000000000ffffac1414aaff020000000000000000000000000001"], 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r6, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x60, 0x1410, 0x400, 0x70bd24, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1003}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x0, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x4c, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000010}, 0x2000c0c4)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x64)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r7, 0x3b82, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x0})
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x80018000, &(0x7f0000000640)="db762774", 0x4, &(0x7f0000000680), &(0x7f00000006c0), &(0x7f0000000700)="204fc3b2963817f6a17372fd98765112a19b4f7327c230716f2ef249b26ed73bd9ec99154c56c1ac175ffade183f1c8df64977b473c54f97")
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xe3]}}, 0x5c)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000013c0)={<r8=>0x0, 0x8}, &(0x7f0000001400)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000001440)={r8, 0x1}, 0x8)
syz_usb_connect$cdc_ecm(0x6, 0x68, &(0x7f0000000000)=ANY=[@ANYBLOB="12015002020000402505a1a440000102030109025600010107a0c00904009b0524060000052400ffff0d240f0110140000050002000306241a0500001524120e00a317a88b045e4f01a607c0ffcb7e392a090582022000030803090503020004000906"], &(0x7f0000000480)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x300, 0xc, 0xd0, 0x5, 0x38, 0x3}, 0x27, &(0x7f00000000c0)={0x5, 0xf, 0x27, 0x4, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x0, 0x4, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xd, 0x4, 0xb1, 0x41b}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x4, 0xf, 0x1f}, @ext_cap={0x7, 0x10, 0x2, 0xe, 0x2, 0x0, 0xfff9}]}, 0x7, [{0xf4, &(0x7f0000000100)=@string={0xf4, 0x3, "3c0fd913014fe00569552133715d29a9900c4ddf1eae1478f609e9c06339ccef8357d3b47d21e074c98177fd77fd9da60e062417d11ff0a4ea7375aab066755e391cb18ed1d1dd84833c484f6e2c68d325c25e5cddcfd4d8cef96e25d19e85b009511a9afce3657422fa9d35d19c2ab3bb33687fa507167c628d07183549ef8b32edadcd2399cb31715efef129c0686c4d3819025ba830028f5e049071ccd905ef9f8b3d59ba44e76e68b3ef8828c2f248368b942caa91f83af926de7e72cbcbeeadc73a8a958ee3dec70f3051c97a6967a322b15fc47ac77c22929a76d3adecfa63528e598896a13b1782c1d3a0ca6e6520"}}, {0xe1, &(0x7f0000000280)=@string={0xe1, 0x3, "e4388cb2c2e3d57398c2aca69c547c97032426e8b30740b5932d0d8b838c80f1021a559e309e357c6cb2a563e87112e7b53d938c58ca3801eb1ba0740e317ee926a58bf19e591f7d4a392d055897016bbd62822de0744a259295a9302ef41c1af84844a57c2b50e1efc58ee7a953d76cb43629d78a988cfd40f7f8b9ae3b4416a313e2c30826fcd56cdfb5120c849d670de9ded2e768758cac28d286931ac3573ee0764af4bbac97fa3a3168d0a86fa9e13fac49298eba0515e43087f0b3a0a1b1c9cdd948f012e0137fdb720d014ecef6212580a08fbe6074e05a65d03926"}}, {0x3b, &(0x7f0000000200)=@string={0x3b, 0x3, "e9c5d117b780f032cd463e4b485b31aab3c14d0776cea91ce0470c9b9a3339714d5930f8be05f8e92f80566215d2282b0a60c271cb6111f865"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x42f}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x411}}, {0x1a, &(0x7f0000000440)=@string={0x1a, 0x3, "73d2e09bf5bd461c021f7a1bdfb553f501ef6119967656fb"}}]})

410.364737ms ago: executing program 0 (id=4132):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000456000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x6f, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x927, 0xec000000, 0xcd}]})
syz_emit_ethernet(0xe9, &(0x7f0000000140)={@local, @broadcast, @val={@val={0x88a8, 0x0, 0x1, 0x2}, {0x8100, 0x7, 0x0, 0x2}}, {@mpls_uc={0x8847, {[{0x8001, 0x0, 0x1}, {0x40, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0xffffa}, {0x4}, {0x5}, {0x94, 0x0, 0x1}, {0xcdf, 0x0, 0x1}], @generic="28adb0af4e254c08cacd36c48b68d93770a79f9a941c8178d7364092b07a7e62fdb8d8367121e7178cf952a812a9589bf9de062d3a5d87a326196528ea6e5ccfcadf4bcb1575682620790cd897ed00df3b1e92eb068168105ad81a473c4f0a6ae34efc7b878113580d6671bf183d4d2282341f81ceff887acb14d2d163f56beaa38a715bd672967a850a8f7526bc0f303ba7bb74e159a0c5359a2b6ed5aae83219e3353b5439efc9189a6de82ccdb1a00f3d01"}}}}, &(0x7f0000000080)={0x0, 0x3, [0xe86, 0xd60, 0xa3f, 0x323]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000456000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x6f, 0x0, 0x0) (async)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x927, 0xec000000, 0xcd}]}) (async)
syz_emit_ethernet(0xe9, &(0x7f0000000140)={@local, @broadcast, @val={@val={0x88a8, 0x0, 0x1, 0x2}, {0x8100, 0x7, 0x0, 0x2}}, {@mpls_uc={0x8847, {[{0x8001, 0x0, 0x1}, {0x40, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0xffffa}, {0x4}, {0x5}, {0x94, 0x0, 0x1}, {0xcdf, 0x0, 0x1}], @generic="28adb0af4e254c08cacd36c48b68d93770a79f9a941c8178d7364092b07a7e62fdb8d8367121e7178cf952a812a9589bf9de062d3a5d87a326196528ea6e5ccfcadf4bcb1575682620790cd897ed00df3b1e92eb068168105ad81a473c4f0a6ae34efc7b878113580d6671bf183d4d2282341f81ceff887acb14d2d163f56beaa38a715bd672967a850a8f7526bc0f303ba7bb74e159a0c5359a2b6ed5aae83219e3353b5439efc9189a6de82ccdb1a00f3d01"}}}}, &(0x7f0000000080)={0x0, 0x3, [0xe86, 0xd60, 0xa3f, 0x323]}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23) (async)

249.536393ms ago: executing program 5 (id=4136):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, 0x0, 0x11203}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_IPTABLES={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44890}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipmr_delroute={0x24, 0x19, 0x1, 0x70bd2c, 0x800000, {0x80, 0x20, 0x0, 0x40, 0x0, 0x4, 0x0, 0x5, 0x2400}, [@RTA_DST={0x8, 0x1, @empty}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4008000)

249.164433ms ago: executing program 5 (id=4137):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x80)

160.4562ms ago: executing program 5 (id=4138):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x8001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x2c}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

159.442142ms ago: executing program 0 (id=4139):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x181603, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x6, 0x2, 0xa4, 0x7fff0003}]})
r1 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x80001021, 0x80, 0x6, 0x110}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0xc49, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0xfdff)

158.959963ms ago: executing program 5 (id=4140):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_timeval(r0, 0x1, 0x4c, 0x0, &(0x7f0000000300))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x0, 0x1000, 0x4, 0x1}, 0x20)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x3c, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x184}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x7}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x28040811}, 0x4000)

108.599724ms ago: executing program 5 (id=4141):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000640), 0x800, 0x0)
ioctl$CDROMREADAUDIO(r0, 0x5392, &(0x7f0000000000)={@msf={0x1, 0x1c, 0x80}, 0x0, 0x0, 0x0}) (fail_nth: 3)

99.355757ms ago: executing program 3 (id=4142):
r0 = socket(0xa, 0x5, 0x0)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)="e6", 0x1}], 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="18000000000000008400000007000000ac1414aa0000000020000000000000008400000008000000200100fffe200100fffe00000000000020"], 0x58, 0x4855}, 0x24000052)

243.985µs ago: executing program 3 (id=4143):
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000440)=[@nested_load_syzos={0x136, 0x20, {0x1, 0xb}}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0xe3, 0x1, 0xb, 0x3}}, @cpuid={0x64, 0x18, {0x2, 0xfffffd33}}, @nested_amd_clgi={0x17f, 0x10}], 0x80})
r1 = syz_io_uring_setup(0x4049a, &(0x7f0000000600)={0x0, 0x79af, 0x400, 0x103, 0x2ce}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x7, &(0x7f0000000100)={0x0, 0x989680}, 0x1, 0x8, 0x1})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)=[@code={0xa, 0x66, {"653e460f01b944080000b86d000000ba000000000f300f07f30fc732c7442400cb000000c74424027f5e2a22ff2c2466bad10466ed260f01f866f341c0990098000033f3420f09b9800000c00f3235000800000d30"}}], 0x66})
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
poll(&(0x7f00000001c0)=[{r7, 0x2}], 0x1, 0x9f)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x35, 0x7, 0x0, 0x180, 0x4, 0x10, 0xf1, 0x403, 0x80, 0x2, 0x6, 0x9, 0x0, 0x9, 0x0, 0xbdb], 0xfec00000, 0x3c4210})
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r8, 0x84, 0xa, &(0x7f00000005c0)={0x8, 0x1, 0x0, 0x3, 0xfffffffa, 0xc, 0x6b15, 0xfffff768, r10}, 0x20)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000004c0)={r10, @in6={{0xa, 0x4e20, 0x4, @mcast1, 0x78c0}}}, &(0x7f0000000000)=0x84)
r11 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r11, &(0x7f0000001700)=[{{&(0x7f0000000280)={0xa, 0x4e21, 0x40, @local, 0x1}, 0x1c, 0x0, 0x0, &(0x7f0000000140)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast2}}}], 0x28, 0x7ffffff7}}], 0x1, 0x4040)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r5, 0x4068aea3, &(0x7f00000001c0)={0xbc, 0x0, 0x7})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

0s ago: executing program 5 (id=4144):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x800)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x3a, &(0x7f0000000300)={&(0x7f00000007c0)=ANY=[@ANYBLOB="180000001400b59500000000000000000a1f000013fb30f696083a3563f6c455a630e341d973e034bd4aea6aa594cae719613bb5c2f900e64e5d9f99d833315903cc3cb82331508e2126f013bfae35e79041c9c84bbfd1e7c70b00000000000000c461e51b0d6afd3138a9e47bcd780d1fd1ad4847b54ea4cd5c4e949c91d35c597c0dbec310ce148929ab9e81fd87ca1cd635ebed7b2c21465435721d24f4ff9b8ffb5b9aac4f295ff20c59b04e882dbe4e2254db7bd6032326ffa0f0ccc2bace8f7e4d0270fe4a1eb0bb7702da7e90deaa82ce1452ae6bca2ee49d3329cdc2d4d2280c53477a42c436adf065bdcfd66ad6", @ANYRES32=r3], 0x18}}, 0x8001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x2c}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x14, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

:6140): avc:  denied  { open } for  pid=16970 comm="syz.0.3703" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  315.463669][   T40] audit: type=1400 audit(571.324:6141): avc:  denied  { write } for  pid=16970 comm="syz.0.3703" name="unix" dev="proc" ino=4026534356 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  315.479429][   T40] audit: type=1400 audit(571.334:6142): avc:  denied  { read } for  pid=16971 comm="syz.3.3704" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  315.501397][   T40] audit: type=1400 audit(571.334:6143): avc:  denied  { open } for  pid=16971 comm="syz.3.3704" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  315.522298][   T40] audit: type=1400 audit(571.334:6144): avc:  denied  { bind } for  pid=16971 comm="syz.3.3704" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  315.532838][   T40] audit: type=1400 audit(571.334:6145): avc:  denied  { write } for  pid=16971 comm="syz.3.3704" path="socket:[78393]" dev="sockfs" ino=78393 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  315.549991][T16922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3683'.
[  315.601409][T16989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3683'.
[  315.644125][T16993] syz_tun: entered allmulticast mode
[  315.649098][T16992] syz_tun: left allmulticast mode
[  315.713944][ T6001] usb 6-1: USB disconnect, device number 42
[  315.848411][ T1463] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  315.933830][T17013] pim6reg1: entered allmulticast mode
[  315.974525][T17017] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  316.008408][ T1463] usb 5-1: Using ep0 maxpacket: 32
[  316.013974][ T1463] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  316.019152][ T1463] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  316.022098][ T1463] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  316.024614][ T1463] usb 5-1: Product: syz
[  316.025950][ T1463] usb 5-1: Manufacturer: syz
[  316.027492][ T1463] usb 5-1: SerialNumber: syz
[  316.043974][T17020] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  316.047053][ T1463] usb 5-1: config 0 descriptor??
[  316.050899][T16988] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  316.219027][T17028] loop2: detected capacity change from 0 to 7
[  316.224007][T17028] Dev loop2: unable to read RDB block 7
[  316.226480][T17028]  loop2: unable to read partition table
[  316.231799][T17028] loop2: partition table beyond EOD, truncated
[  316.234587][T17028] loop_reread_partitions: partition scan of loop2 (ţ被xü—źŃŕ– ) failed (rc=-5)
[  316.474278][T17039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3732'.
[  316.479751][T17039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3732'.
[  316.485967][T17039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3732'.
[  316.937937][T17082] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3748'.
[  317.108561][T17094] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3754'.
[  317.198393][ T1847] usb 8-1: new high-speed USB device number 43 using dummy_hcd
[  317.212814][T17102] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3758'.
[  317.324826][T17105] syz_tun (unregistering): left allmulticast mode
[  317.350258][ T1847] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  317.354355][ T1847] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  317.358522][ T1847] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  317.362019][ T1847] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.371187][T17084] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  317.380140][ T1847] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  317.685590][ T6001] usb 8-1: USB disconnect, device number 43
[  317.726071][T17130] bond3: entered promiscuous mode
[  317.728259][T17130] 8021q: adding VLAN 0 to HW filter on device bond3
[  317.758381][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  317.762809][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  317.768007][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  317.771904][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  317.775773][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  317.849145][T17129] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  317.869531][   T24] usb 5-1: USB disconnect, device number 39
[  317.941787][T17132] chnl_net:caif_netlink_parms(): no params data found
[  317.993123][T17132] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.996469][T17132] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.000102][T17132] bridge_slave_0: entered allmulticast mode
[  318.004358][T17132] bridge_slave_0: entered promiscuous mode
[  318.009301][T17132] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.012629][T17132] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.016075][T17132] bridge_slave_1: entered allmulticast mode
[  318.021267][T17132] bridge_slave_1: entered promiscuous mode
[  318.051680][T17132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.058880][T17132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  318.085112][T17146] netem: change failed
[  318.093041][T17132] team0: Port device team_slave_0 added
[  318.099414][T17132] team0: Port device team_slave_1 added
[  318.119771][T17132] batman_adv: batadv0: Adding interface: batadv_slave_0
[  318.122189][T17132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  318.130623][T17132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  318.135279][T17132] batman_adv: batadv0: Adding interface: batadv_slave_1
[  318.137544][T17132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  318.146785][T17132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  318.169493][T17132] hsr_slave_0: entered promiscuous mode
[  318.171764][T17132] hsr_slave_1: entered promiscuous mode
[  318.277182][T17132] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  318.284603][T17132] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  318.288713][T17132] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  318.293878][T17132] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  318.316712][T17132] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.319103][T17132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.321512][T17132] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.323749][T17132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.357184][T17132] 8021q: adding VLAN 0 to HW filter on device bond0
[  318.367066][  T182] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.375458][  T182] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.393691][T17132] 8021q: adding VLAN 0 to HW filter on device team0
[  318.403401][  T182] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.407178][  T182] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.419604][  T182] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.422698][  T182] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.426639][T17172] netlink: 'syz.0.3779': attribute type 1 has an invalid length.
[  318.429579][T17172] __nla_validate_parse: 6 callbacks suppressed
[  318.429589][T17172] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3779'.
[  318.498415][ T1847] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  318.612976][T17132] 8021q: adding VLAN 0 to HW filter on device batadv0
[  318.670772][ T1847] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  318.674475][ T1847] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  318.679440][ T1847] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  318.683329][ T1847] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  318.688158][ T1847] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  318.695084][ T1847] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  318.702936][ T1847] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  318.706730][ T1847] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  318.718471][ T1847] usb 6-1: Product: syz
[  318.720495][ T1847] usb 6-1: Manufacturer: syz
[  318.730962][T17156] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  318.740518][ T1847] cdc_wdm 6-1:1.0: skipping garbage
[  318.742852][ T1847] cdc_wdm 6-1:1.0: skipping garbage
[  318.753250][ T1847] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  318.755398][ T1847] cdc_wdm 6-1:1.0: Unknown control protocol
[  318.768556][ T5975] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  318.815017][T17132] veth0_vlan: entered promiscuous mode
[  318.821502][T17132] veth1_vlan: entered promiscuous mode
[  318.841904][T17132] veth0_macvtap: entered promiscuous mode
[  318.847256][T17132] veth1_macvtap: entered promiscuous mode
[  318.857848][T17132] batman_adv: batadv0: Interface activated: batadv_slave_0
[  318.875270][T17132] batman_adv: batadv0: Interface activated: batadv_slave_1
[  318.891228][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.895466][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.903007][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.907254][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.935099][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.937246][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.940044][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.942136][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.944227][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.946330][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.948472][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.950571][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.952659][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.954746][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.956846][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.958949][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.961851][T17208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1005 sclass=netlink_route_socket pid=17208 comm=syz.1.3775
[  318.961898][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.968725][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.969417][T17209] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.3775'.
[  318.971490][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.977282][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.979741][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.981942][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.984109][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  318.986214][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  318.996048][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  318.998915][ T5975] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  318.999801][   T54] usb 6-1: USB disconnect, device number 43
[  319.002322][ T5975] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  319.008519][ T5975] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  319.011367][ T5975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.016227][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.021875][T17186] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  319.023336][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.029075][ T5975] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  319.082531][  T182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.085795][  T182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.144671][T17214] sctp: [Deprecated]: syz.3.3788 (pid 17214) Use of int in max_burst socket option deprecated.
[  319.144671][T17214] Use struct sctp_assoc_value instead
[  319.323469][ T1463] usb 5-1: USB disconnect, device number 40
[  319.500460][T17235] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  319.808645][ T5942] Bluetooth: hci0: command tx timeout
[  319.943467][ T5975] IPVS: starting estimator thread 0...
[  319.961111][T17270] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3810'.
[  320.023076][T17275] af_packet: tpacket_rcv: packet too big, clamped from 39 to 4294967272. macoff=96
[  320.030533][T17275] program syz.0.3812 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  320.036816][T17275] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3812'.
[  320.039599][T17272] IPVS: using max 43 ests per chain, 103200 per kthread
[  320.040057][T17275] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3812'.
[  320.058461][ T1463] usb 8-1: new high-speed USB device number 44 using dummy_hcd
[  320.212928][ T1463] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  320.216590][ T1463] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  320.220663][ T1463] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  320.223609][ T1463] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.237555][T17259] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  320.243800][ T1463] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  320.320111][   T40] kauditd_printk_skb: 321 callbacks suppressed
[  320.320124][   T40] audit: type=1400 audit(576.224:6467): avc:  denied  { append } for  pid=17286 comm="syz.0.3815" name="dlm-control" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  320.321979][T17287] dlm: no local IP address has been set
[  320.322148][   T40] audit: type=1400 audit(576.224:6468): avc:  denied  { create } for  pid=17286 comm="syz.0.3815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  320.337801][T17287] dlm: cannot start dlm midcomms -107
[  320.342254][   T40] audit: type=1400 audit(576.224:6469): avc:  denied  { bind } for  pid=17286 comm="syz.0.3815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  320.348848][   T40] audit: type=1400 audit(576.224:6470): avc:  denied  { listen } for  pid=17286 comm="syz.0.3815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  320.356699][   T40] audit: type=1400 audit(576.254:6471): avc:  denied  { read write } for  pid=13112 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  320.365349][   T40] audit: type=1400 audit(576.254:6472): avc:  denied  { open } for  pid=13112 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  320.375955][   T40] audit: type=1400 audit(576.254:6473): avc:  denied  { ioctl } for  pid=13112 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  320.389388][T17291] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  320.420249][T17291] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3816'.
[  320.426227][   T40] audit: type=1400 audit(576.324:6474): avc:  denied  { module_request } for  pid=17290 comm="syz.0.3816" kmod=72746E6C2D6C696E6B2D698A6970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  320.448604][   T40] audit: type=1400 audit(576.344:6475): avc:  denied  { allowed } for  pid=17258 comm="syz.3.3805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  320.454644][   T40] audit: type=1400 audit(576.354:6476): avc:  denied  { read } for  pid=17295 comm="syz.5.3817" dev="nsfs" ino=4026533097 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  320.459686][T17296] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[  320.524819][T17299] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3818'.
[  320.531287][ T5988] usb 8-1: USB disconnect, device number 44
[  320.752517][T17319] netlink: 'syz.0.3827': attribute type 2 has an invalid length.
[  320.759539][T17319] !: entered promiscuous mode
[  320.762149][T17321] netlink: 'syz.0.3827': attribute type 2 has an invalid length.
[  320.764843][T17321] !: left promiscuous mode
[  320.922362][T17331] 9pnet_virtio: no channels available for device syz
[  321.157768][ T5942] Bluetooth: hci0: unexpected event 0x2c length: 10 < 17
[  321.234902][T17356] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17356 comm=syz.5.3841
[  321.439632][T17371] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  321.658421][ T5988] usb 8-1: new high-speed USB device number 45 using dummy_hcd
[  321.808480][ T5988] usb 8-1: Using ep0 maxpacket: 32
[  321.811615][ T5988] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  321.816337][ T5988] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  321.819241][ T5988] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  321.821830][ T5988] usb 8-1: Product: syz
[  321.823107][ T5988] usb 8-1: Manufacturer: syz
[  321.824537][ T5988] usb 8-1: SerialNumber: syz
[  321.827633][ T5988] usb 8-1: config 0 descriptor??
[  321.831187][T17375] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  321.888494][ T5942] Bluetooth: hci0: command tx timeout
[  321.979710][T17394] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  322.007587][T17404] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  322.190159][T17419] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3864'.
[  322.194560][T17419] sit0: entered promiscuous mode
[  322.198284][T17419] netlink: 'syz.5.3864': attribute type 1 has an invalid length.
[  322.200934][T17419] netlink: 1 bytes leftover after parsing attributes in process `syz.5.3864'.
[  322.291071][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  322.375642][ T6023] usb 8-1: USB disconnect, device number 45
[  322.519522][ T6002] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  322.669827][ T6002] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  322.674227][ T6002] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  322.678104][ T6002] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  322.681197][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.685856][T17429] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  322.695940][ T6002] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  323.000861][ T6002] usb 5-1: USB disconnect, device number 41
[  323.150116][T17468] overlayfs: failed lookup in lower (newroot/370, name='file1', err=-40): overlapping layers
[  323.156298][T17468] overlayfs: failed lookup in lower (newroot/370, name='file1', err=-40): overlapping layers
[  323.163601][T17468] overlayfs: failed lookup in lower (newroot/370, name='file1', err=-40): overlapping layers
[  323.165022][T17470] FAULT_INJECTION: forcing a failure.
[  323.165022][T17470] name failslab, interval 1, probability 0, space 0, times 0
[  323.174383][T17470] CPU: 1 UID: 0 PID: 17470 Comm: syz.1.3884 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  323.174413][T17470] Tainted: [L]=SOFTLOCKUP
[  323.174419][T17470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  323.174430][T17470] Call Trace:
[  323.174436][T17470]  <TASK>
[  323.174443][T17470]  dump_stack_lvl+0x100/0x190
[  323.174492][T17470]  should_fail_ex.cold+0x5/0xa
[  323.174517][T17470]  should_failslab+0xc2/0x120
[  323.174540][T17470]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  323.174566][T17470]  ? alloc_empty_file+0x55/0x1c0
[  323.174589][T17470]  ? __pfx_stack_trace_save+0x10/0x10
[  323.174618][T17470]  alloc_empty_file+0x55/0x1c0
[  323.174641][T17470]  path_openat+0xe8/0x31a0
[  323.174660][T17470]  ? kasan_save_stack+0x3f/0x50
[  323.174685][T17470]  ? kasan_save_stack+0x30/0x50
[  323.174709][T17470]  ? kasan_save_track+0x14/0x30
[  323.174733][T17470]  ? __kasan_slab_alloc+0x89/0x90
[  323.174749][T17470]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  323.174772][T17470]  ? do_getname+0x35/0x390
[  323.174794][T17470]  ? do_sys_openat2+0xc5/0x1e0
[  323.174817][T17470]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.174839][T17470]  ? __pfx_path_openat+0x10/0x10
[  323.174869][T17470]  do_file_open+0x20e/0x430
[  323.174891][T17470]  ? __pfx_do_file_open+0x10/0x10
[  323.174927][T17470]  ? alloc_fd+0x476/0x790
[  323.174952][T17470]  ? do_getname+0x191/0x390
[  323.174977][T17470]  do_sys_openat2+0x10d/0x1e0
[  323.174999][T17470]  ? __pfx_do_sys_openat2+0x10/0x10
[  323.175020][T17470]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  323.175059][T17470]  ? __fget_files+0x21f/0x3d0
[  323.175082][T17470]  __x64_sys_openat+0x12d/0x210
[  323.175106][T17470]  ? __pfx___x64_sys_openat+0x10/0x10
[  323.175128][T17470]  ? ksys_write+0x1ac/0x250
[  323.175153][T17470]  do_syscall_64+0x106/0xf80
[  323.175175][T17470]  ? clear_bhb_loop+0x40/0x90
[  323.175198][T17470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.175220][T17470] RIP: 0033:0x7f5c9119c799
[  323.175236][T17470] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  323.175251][T17470] RSP: 002b:00007f5c91faa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  323.175270][T17470] RAX: ffffffffffffffda RBX: 00007f5c91415fa0 RCX: 00007f5c9119c799
[  323.175281][T17470] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  323.175291][T17470] RBP: 00007f5c91faa090 R08: 0000000000000000 R09: 0000000000000000
[  323.175303][T17470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.175313][T17470] R13: 00007f5c91416038 R14: 00007f5c91415fa0 R15: 00007ffda79b58e8
[  323.175337][T17470]  </TASK>
[  323.337665][T17472] Bluetooth: MGMT ver 1.23
[  323.395495][T17479] FAULT_INJECTION: forcing a failure.
[  323.395495][T17479] name failslab, interval 1, probability 0, space 0, times 0
[  323.402320][T17479] CPU: 0 UID: 0 PID: 17479 Comm: syz.3.3887 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  323.402340][T17479] Tainted: [L]=SOFTLOCKUP
[  323.402344][T17479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  323.402351][T17479] Call Trace:
[  323.402355][T17479]  <TASK>
[  323.402360][T17479]  dump_stack_lvl+0x100/0x190
[  323.402383][T17479]  should_fail_ex.cold+0x5/0xa
[  323.402398][T17479]  should_failslab+0xc2/0x120
[  323.402411][T17479]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  323.402428][T17479]  ? __alloc_skb+0x140/0x710
[  323.402445][T17479]  __alloc_skb+0x140/0x710
[  323.402457][T17479]  ? __alloc_skb+0x5b7/0x710
[  323.402471][T17479]  ? __pfx___alloc_skb+0x10/0x10
[  323.402488][T17479]  alloc_skb_with_frags+0xe0/0x810
[  323.402506][T17479]  ? avc_has_perm_noaudit+0x145/0x3b0
[  323.402530][T17479]  sock_alloc_send_pskb+0x801/0x980
[  323.402547][T17479]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  323.402562][T17479]  ? sock_has_perm+0x258/0x2f0
[  323.402576][T17479]  ? __pfx_sock_has_perm+0x10/0x10
[  323.402591][T17479]  hci_sock_sendmsg+0x1c7/0x2620
[  323.402608][T17479]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  323.402626][T17479]  sock_write_iter+0x524/0x5a0
[  323.402644][T17479]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  323.402658][T17479]  ? __pfx_sock_write_iter+0x10/0x10
[  323.402681][T17479]  ? bpf_lsm_file_permission+0x9/0x10
[  323.402698][T17479]  ? security_file_permission+0x76/0x210
[  323.402716][T17479]  ? rw_verify_area+0xce/0x6d0
[  323.402733][T17479]  vfs_write+0x6ac/0x1070
[  323.402744][T17479]  ? __pfx_sock_write_iter+0x10/0x10
[  323.402763][T17479]  ? __pfx_vfs_write+0x10/0x10
[  323.402772][T17479]  ? find_held_lock+0x2b/0x80
[  323.402795][T17479]  ksys_write+0x1f8/0x250
[  323.402805][T17479]  ? __pfx_ksys_write+0x10/0x10
[  323.402820][T17479]  do_syscall_64+0x106/0xf80
[  323.402835][T17479]  ? clear_bhb_loop+0x40/0x90
[  323.402848][T17479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.402860][T17479] RIP: 0033:0x7ff5dd99c799
[  323.402871][T17479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  323.402882][T17479] RSP: 002b:00007ff5de7d2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  323.402894][T17479] RAX: ffffffffffffffda RBX: 00007ff5ddc15fa0 RCX: 00007ff5dd99c799
[  323.402901][T17479] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000016
[  323.402908][T17479] RBP: 00007ff5de7d2090 R08: 0000000000000000 R09: 0000000000000000
[  323.402914][T17479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.402921][T17479] R13: 00007ff5ddc16038 R14: 00007ff5ddc15fa0 R15: 00007fff94eb1e88
[  323.402935][T17479]  </TASK>
[  323.662507][T17490] overlayfs: failed lookup in lower (newroot/384, name='file1', err=-40): overlapping layers
[  323.666395][T17490] overlayfs: failed lookup in lower (newroot/384, name='file1', err=-40): overlapping layers
[  323.668561][ T6002] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  323.674643][T17490] overlayfs: failed lookup in lower (newroot/384, name='file1', err=-40): overlapping layers
[  323.698239][T17493] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3894'.
[  323.729822][T17493] kvm: kvm [17492]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000085) = 0x1
[  323.848449][ T6002] usb 6-1: Using ep0 maxpacket: 32
[  323.851427][ T6002] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  323.855966][ T6002] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  323.859459][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  323.861906][ T6002] usb 6-1: Product: syz
[  323.863176][ T6002] usb 6-1: Manufacturer: syz
[  323.864561][ T6002] usb 6-1: SerialNumber: syz
[  323.869475][ T6002] usb 6-1: config 0 descriptor??
[  323.872642][T17481] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  323.968775][ T5942] Bluetooth: hci0: command tx timeout
[  323.978618][ T6023] usb 8-1: new high-speed USB device number 46 using dummy_hcd
[  324.147027][ T6023] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  324.152504][ T6023] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  324.157101][ T6023] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  324.168892][ T6023] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.178042][T17499] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  324.192287][ T6023] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  324.333050][ T5975] usb 6-1: USB disconnect, device number 44
[  324.363948][T17520] tmpfs: Unknown parameter 'DUrqutg'
[  324.439318][ T6023] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  324.460891][ T6002] usb 8-1: USB disconnect, device number 46
[  324.589829][T17522] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  324.591361][ T6023] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  324.598254][ T6023] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  324.608794][ T6023] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  324.612750][ T6023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.627789][T17516] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  324.633689][ T6023] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  324.802673][T17531] FAULT_INJECTION: forcing a failure.
[  324.802673][T17531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.808135][T17531] CPU: 2 UID: 0 PID: 17531 Comm: syz.5.3908 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  324.808170][T17531] Tainted: [L]=SOFTLOCKUP
[  324.808176][T17531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  324.808188][T17531] Call Trace:
[  324.808196][T17531]  <TASK>
[  324.808204][T17531]  dump_stack_lvl+0x100/0x190
[  324.808242][T17531]  should_fail_ex.cold+0x5/0xa
[  324.808269][T17531]  _copy_from_iter+0x1f4/0x1690
[  324.808297][T17531]  ? __pfx__copy_from_iter+0x10/0x10
[  324.808336][T17531]  ? sock_has_perm+0x258/0x2f0
[  324.808360][T17531]  ? __pfx_sock_has_perm+0x10/0x10
[  324.808387][T17531]  hci_sock_sendmsg+0x4a1/0x2620
[  324.808417][T17531]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  324.808448][T17531]  sock_write_iter+0x524/0x5a0
[  324.808478][T17531]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  324.808502][T17531]  ? __pfx_sock_write_iter+0x10/0x10
[  324.808540][T17531]  ? bpf_lsm_file_permission+0x9/0x10
[  324.808570][T17531]  ? security_file_permission+0x76/0x210
[  324.808600][T17531]  ? rw_verify_area+0xce/0x6d0
[  324.808629][T17531]  vfs_write+0x6ac/0x1070
[  324.808649][T17531]  ? __pfx_sock_write_iter+0x10/0x10
[  324.808679][T17531]  ? __pfx_vfs_write+0x10/0x10
[  324.808696][T17531]  ? find_held_lock+0x2b/0x80
[  324.808737][T17531]  ksys_write+0x1f8/0x250
[  324.808755][T17531]  ? __pfx_ksys_write+0x10/0x10
[  324.808782][T17531]  do_syscall_64+0x106/0xf80
[  324.808808][T17531]  ? clear_bhb_loop+0x40/0x90
[  324.808833][T17531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.808854][T17531] RIP: 0033:0x7fe66eb9c799
[  324.808870][T17531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  324.808888][T17531] RSP: 002b:00007fe66faca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  324.808906][T17531] RAX: ffffffffffffffda RBX: 00007fe66ee15fa0 RCX: 00007fe66eb9c799
[  324.808920][T17531] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000016
[  324.808931][T17531] RBP: 00007fe66faca090 R08: 0000000000000000 R09: 0000000000000000
[  324.808943][T17531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.808953][T17531] R13: 00007fe66ee16038 R14: 00007fe66ee15fa0 R15: 00007ffd64964bd8
[  324.808979][T17531]  </TASK>
[  324.979488][T17536] FAULT_INJECTION: forcing a failure.
[  324.979488][T17536] name failslab, interval 1, probability 0, space 0, times 0
[  324.983829][T17536] CPU: 3 UID: 0 PID: 17536 Comm: syz.1.3911 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  324.983848][T17536] Tainted: [L]=SOFTLOCKUP
[  324.983852][T17536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  324.983859][T17536] Call Trace:
[  324.983864][T17536]  <TASK>
[  324.983869][T17536]  dump_stack_lvl+0x100/0x190
[  324.983891][T17536]  should_fail_ex.cold+0x5/0xa
[  324.983906][T17536]  ? tomoyo_realpath_from_path+0xb6/0x690
[  324.983927][T17536]  should_failslab+0xc2/0x120
[  324.983940][T17536]  __kmalloc_noprof+0xe0/0x850
[  324.983960][T17536]  tomoyo_realpath_from_path+0xb6/0x690
[  324.983980][T17536]  tomoyo_check_open_permission+0x2af/0x3c0
[  324.983996][T17536]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  324.984024][T17536]  ? do_raw_spin_lock+0x128/0x260
[  324.984039][T17536]  ? path_get+0x61/0x80
[  324.984054][T17536]  tomoyo_file_open+0x6b/0x90
[  324.984066][T17536]  security_file_open+0xb5/0x1e0
[  324.984083][T17536]  do_dentry_open+0x5aa/0x1660
[  324.984096][T17536]  ? security_inode_permission+0xbf/0x250
[  324.984114][T17536]  vfs_open+0x82/0x3f0
[  324.984130][T17536]  path_openat+0x208c/0x31a0
[  324.984147][T17536]  ? __pfx_path_openat+0x10/0x10
[  324.984165][T17536]  do_file_open+0x20e/0x430
[  324.984179][T17536]  ? __pfx_do_file_open+0x10/0x10
[  324.984201][T17536]  ? alloc_fd+0x476/0x790
[  324.984215][T17536]  ? do_getname+0x191/0x390
[  324.984232][T17536]  do_sys_openat2+0x10d/0x1e0
[  324.984246][T17536]  ? __pfx_do_sys_openat2+0x10/0x10
[  324.984260][T17536]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  324.984279][T17536]  ? __fget_files+0x21f/0x3d0
[  324.984294][T17536]  __x64_sys_openat+0x12d/0x210
[  324.984309][T17536]  ? __pfx___x64_sys_openat+0x10/0x10
[  324.984323][T17536]  ? ksys_write+0x1ac/0x250
[  324.984338][T17536]  do_syscall_64+0x106/0xf80
[  324.984354][T17536]  ? clear_bhb_loop+0x40/0x90
[  324.984367][T17536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.984379][T17536] RIP: 0033:0x7f5c9119c799
[  324.984389][T17536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  324.984400][T17536] RSP: 002b:00007f5c91faa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  324.984411][T17536] RAX: ffffffffffffffda RBX: 00007f5c91415fa0 RCX: 00007f5c9119c799
[  324.984419][T17536] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  324.984425][T17536] RBP: 00007f5c91faa090 R08: 0000000000000000 R09: 0000000000000000
[  324.984432][T17536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.984438][T17536] R13: 00007f5c91416038 R14: 00007f5c91415fa0 R15: 00007ffda79b58e8
[  324.984453][T17536]  </TASK>
[  324.984458][T17536] ERROR: Out of memory at tomoyo_realpath_from_path.
[  325.004201][ T5975] usb 5-1: USB disconnect, device number 42
[  325.190938][T17548] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3912'.
[  325.448479][   T54] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  325.551857][   T40] kauditd_printk_skb: 256 callbacks suppressed
[  325.551873][   T40] audit: type=1400 audit(581.454:6733): avc:  denied  { execmem } for  pid=17552 comm="syz.0.3918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  325.608453][   T54] usb 10-1: Using ep0 maxpacket: 32
[  325.614990][   T54] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  325.621443][   T54] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  325.625397][   T54] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  325.629159][   T54] usb 10-1: Product: syz
[  325.630968][   T54] usb 10-1: Manufacturer: syz
[  325.632968][   T54] usb 10-1: SerialNumber: syz
[  325.646119][   T54] usb 10-1: config 0 descriptor??
[  325.649117][T17551] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  325.802276][   T40] audit: type=1400 audit(581.704:6734): avc:  denied  { read } for  pid=17555 comm="syz.0.3919" dev="nsfs" ino=4026534324 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  325.815746][   T40] audit: type=1400 audit(581.704:6735): avc:  denied  { open } for  pid=17555 comm="syz.0.3919" path="net:[4026534324]" dev="nsfs" ino=4026534324 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  325.837881][T17560] FAULT_INJECTION: forcing a failure.
[  325.837881][T17560] name failslab, interval 1, probability 0, space 0, times 0
[  325.838469][   T40] audit: type=1400 audit(581.704:6736): avc:  denied  { create } for  pid=17555 comm="syz.0.3919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  325.842171][T17560] CPU: 1 UID: 0 PID: 17560 Comm: syz.0.3921 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  325.842190][T17560] Tainted: [L]=SOFTLOCKUP
[  325.842194][T17560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  325.842201][T17560] Call Trace:
[  325.842205][T17560]  <TASK>
[  325.842210][T17560]  dump_stack_lvl+0x100/0x190
[  325.842234][T17560]  should_fail_ex.cold+0x5/0xa
[  325.842250][T17560]  ? tomoyo_encode2+0xfb/0x3c0
[  325.842267][T17560]  should_failslab+0xc2/0x120
[  325.842279][T17560]  __kmalloc_noprof+0xe0/0x850
[  325.842295][T17560]  ? d_absolute_path+0x136/0x1b0
[  325.842315][T17560]  tomoyo_encode2+0xfb/0x3c0
[  325.842335][T17560]  tomoyo_encode+0x29/0x50
[  325.842351][T17560]  tomoyo_realpath_from_path+0x18c/0x690
[  325.842372][T17560]  tomoyo_check_open_permission+0x2af/0x3c0
[  325.842388][T17560]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  325.842418][T17560]  ? do_raw_spin_lock+0x128/0x260
[  325.842433][T17560]  ? path_get+0x61/0x80
[  325.842448][T17560]  tomoyo_file_open+0x6b/0x90
[  325.842461][T17560]  security_file_open+0xb5/0x1e0
[  325.842478][T17560]  do_dentry_open+0x5aa/0x1660
[  325.842491][T17560]  ? security_inode_permission+0xbf/0x250
[  325.842510][T17560]  vfs_open+0x82/0x3f0
[  325.842526][T17560]  path_openat+0x208c/0x31a0
[  325.842544][T17560]  ? __pfx_path_openat+0x10/0x10
[  325.842562][T17560]  do_file_open+0x20e/0x430
[  325.842576][T17560]  ? __pfx_do_file_open+0x10/0x10
[  325.842600][T17560]  ? alloc_fd+0x476/0x790
[  325.842614][T17560]  ? do_getname+0x191/0x390
[  325.842631][T17560]  do_sys_openat2+0x10d/0x1e0
[  325.842646][T17560]  ? __pfx_do_sys_openat2+0x10/0x10
[  325.842660][T17560]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  325.842680][T17560]  ? __fget_files+0x21f/0x3d0
[  325.842695][T17560]  __x64_sys_openat+0x12d/0x210
[  325.842710][T17560]  ? __pfx___x64_sys_openat+0x10/0x10
[  325.842725][T17560]  ? ksys_write+0x1ac/0x250
[  325.842740][T17560]  do_syscall_64+0x106/0xf80
[  325.842755][T17560]  ? clear_bhb_loop+0x40/0x90
[  325.842770][T17560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.842782][T17560] RIP: 0033:0x7ff41239c799
[  325.842792][T17560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  325.842803][T17560] RSP: 002b:00007ff4131c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  325.842815][T17560] RAX: ffffffffffffffda RBX: 00007ff412615fa0 RCX: 00007ff41239c799
[  325.842823][T17560] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  325.842830][T17560] RBP: 00007ff4131c2090 R08: 0000000000000000 R09: 0000000000000000
[  325.842837][T17560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.842843][T17560] R13: 00007ff412616038 R14: 00007ff412615fa0 R15: 00007ffe1d4aa808
[  325.842858][T17560]  </TASK>
[  325.842870][T17560] ERROR: Out of memory at tomoyo_realpath_from_path.
[  325.848787][   T40] audit: type=1400 audit(581.714:6737): avc:  denied  { bind } for  pid=17555 comm="syz.0.3919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  325.848822][T17558] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3920'.
[  325.953960][   T40] audit: type=1400 audit(581.714:6738): avc:  denied  { write } for  pid=17555 comm="syz.0.3919" path="<no_memory>" dev="sockfs" ino=82417 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  325.961269][   T40] audit: type=1400 audit(581.714:6739): avc:  denied  { create } for  pid=17557 comm="syz.1.3920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  325.967171][   T40] audit: type=1400 audit(581.734:6740): avc:  denied  { write } for  pid=17557 comm="syz.1.3920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  325.975059][   T40] audit: type=1400 audit(581.784:6741): avc:  denied  { read write } for  pid=17561 comm="syz.0.3922" name="vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  325.982659][   T40] audit: type=1400 audit(581.784:6742): avc:  denied  { open } for  pid=17561 comm="syz.0.3922" path="/dev/vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  326.023316][   T54] usb 10-1: USB disconnect, device number 2
[  326.048662][ T5942] Bluetooth: hci0: command tx timeout
[  326.272994][T17593] FAULT_INJECTION: forcing a failure.
[  326.272994][T17593] name failslab, interval 1, probability 0, space 0, times 0
[  326.280838][T17593] CPU: 1 UID: 0 PID: 17593 Comm: syz.0.3931 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  326.280870][T17593] Tainted: [L]=SOFTLOCKUP
[  326.280877][T17593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  326.280888][T17593] Call Trace:
[  326.280894][T17593]  <TASK>
[  326.280901][T17593]  dump_stack_lvl+0x100/0x190
[  326.280943][T17593]  should_fail_ex.cold+0x5/0xa
[  326.280967][T17593]  should_failslab+0xc2/0x120
[  326.280987][T17593]  __kmalloc_cache_noprof+0x7a/0x6f0
[  326.281011][T17593]  ? tty_alloc_file+0x3f/0xa0
[  326.281036][T17593]  ? kobject_get_unless_zero+0x156/0x200
[  326.281067][T17593]  ? __pfx_ptmx_open+0x10/0x10
[  326.281088][T17593]  tty_alloc_file+0x3f/0xa0
[  326.281112][T17593]  ptmx_open+0x61/0x3c0
[  326.281131][T17593]  ? __pfx_ptmx_open+0x10/0x10
[  326.281151][T17593]  chrdev_open+0x234/0x6a0
[  326.281173][T17593]  ? __pfx_chrdev_open+0x10/0x10
[  326.281197][T17593]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  326.281228][T17593]  do_dentry_open+0x6d8/0x1660
[  326.281248][T17593]  ? __pfx_chrdev_open+0x10/0x10
[  326.281277][T17593]  vfs_open+0x82/0x3f0
[  326.281305][T17593]  path_openat+0x208c/0x31a0
[  326.281339][T17593]  ? __pfx_path_openat+0x10/0x10
[  326.281372][T17593]  do_file_open+0x20e/0x430
[  326.281396][T17593]  ? __pfx_do_file_open+0x10/0x10
[  326.281437][T17593]  ? alloc_fd+0x476/0x790
[  326.281464][T17593]  ? do_getname+0x191/0x390
[  326.281492][T17593]  do_sys_openat2+0x10d/0x1e0
[  326.281517][T17593]  ? __pfx_do_sys_openat2+0x10/0x10
[  326.281539][T17593]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  326.281571][T17593]  ? __fget_files+0x21f/0x3d0
[  326.281594][T17593]  __x64_sys_openat+0x12d/0x210
[  326.281618][T17593]  ? __pfx___x64_sys_openat+0x10/0x10
[  326.281643][T17593]  ? ksys_write+0x1ac/0x250
[  326.281673][T17593]  do_syscall_64+0x106/0xf80
[  326.281736][T17593]  ? clear_bhb_loop+0x40/0x90
[  326.281763][T17593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.281785][T17593] RIP: 0033:0x7ff41239c799
[  326.281803][T17593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  326.281823][T17593] RSP: 002b:00007ff4131c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  326.281843][T17593] RAX: ffffffffffffffda RBX: 00007ff412615fa0 RCX: 00007ff41239c799
[  326.281857][T17593] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  326.281871][T17593] RBP: 00007ff4131c2090 R08: 0000000000000000 R09: 0000000000000000
[  326.281883][T17593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.281895][T17593] R13: 00007ff412616038 R14: 00007ff412615fa0 R15: 00007ffe1d4aa808
[  326.281935][T17593]  </TASK>
[  326.456792][T17602] Bluetooth: hci0: invalid len left 7, exp >= 121
[  326.458902][ T6023] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  326.546184][T17611] overlayfs: missing 'lowerdir'
[  326.552319][T17612] overlayfs: missing 'lowerdir'
[  326.624421][T17619] FAULT_INJECTION: forcing a failure.
[  326.624421][T17619] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.628692][T17619] CPU: 1 UID: 0 PID: 17619 Comm: syz.5.3942 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  326.628710][T17619] Tainted: [L]=SOFTLOCKUP
[  326.628715][T17619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  326.628722][T17619] Call Trace:
[  326.628726][T17619]  <TASK>
[  326.628730][T17619]  dump_stack_lvl+0x100/0x190
[  326.628753][T17619]  should_fail_ex.cold+0x5/0xa
[  326.628768][T17619]  _copy_to_user+0x32/0xd0
[  326.628785][T17619]  simple_read_from_buffer+0xcb/0x170
[  326.628798][T17619]  proc_fail_nth_read+0x1af/0x230
[  326.628815][T17619]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  326.628832][T17619]  ? rw_verify_area+0xce/0x6d0
[  326.628849][T17619]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  326.628865][T17619]  vfs_read+0x1e4/0xb30
[  326.628884][T17619]  ? __pfx_vfs_read+0x10/0x10
[  326.628901][T17619]  ? __fget_files+0x215/0x3d0
[  326.628917][T17619]  ? __fget_files+0x21f/0x3d0
[  326.628933][T17619]  ksys_read+0x12a/0x250
[  326.628943][T17619]  ? __pfx_ksys_read+0x10/0x10
[  326.628957][T17619]  do_syscall_64+0x106/0xf80
[  326.628973][T17619]  ? clear_bhb_loop+0x40/0x90
[  326.628986][T17619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.628998][T17619] RIP: 0033:0x7fe66eb5cfce
[  326.629007][T17619] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  326.629018][T17619] RSP: 002b:00007fe66fac9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  326.629030][T17619] RAX: ffffffffffffffda RBX: 00007fe66faca6c0 RCX: 00007fe66eb5cfce
[  326.629037][T17619] RDX: 000000000000000f RSI: 00007fe66faca0a0 RDI: 0000000000000015
[  326.629043][T17619] RBP: 00007fe66faca090 R08: 0000000000000000 R09: 0000000000000000
[  326.629050][T17619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.629057][T17619] R13: 00007fe66ee16038 R14: 00007fe66ee15fa0 R15: 00007ffd64964bd8
[  326.629071][T17619]  </TASK>
[  326.649059][ T6023] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  326.671191][T17625] FAULT_INJECTION: forcing a failure.
[  326.671191][T17625] name failslab, interval 1, probability 0, space 0, times 0
[  326.672243][ T6023] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  326.673236][T17625] CPU: 0 UID: 0 PID: 17625 Comm: syz.5.3945 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  326.673254][T17625] Tainted: [L]=SOFTLOCKUP
[  326.673258][T17625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  326.673266][T17625] Call Trace:
[  326.673270][T17625]  <TASK>
[  326.673275][T17625]  dump_stack_lvl+0x100/0x190
[  326.673297][T17625]  should_fail_ex.cold+0x5/0xa
[  326.673312][T17625]  should_failslab+0xc2/0x120
[  326.673324][T17625]  __kmalloc_cache_noprof+0x7a/0x6f0
[  326.673339][T17625]  ? alloc_tty_struct+0x96/0x8c0
[  326.673354][T17625]  ? ptmx_open+0x102/0x3c0
[  326.673368][T17625]  alloc_tty_struct+0x96/0x8c0
[  326.673383][T17625]  ? __mutex_unlock_slowpath+0x15c/0x790
[  326.673401][T17625]  ? __pfx_alloc_tty_struct+0x10/0x10
[  326.673417][T17625]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  326.673437][T17625]  tty_init_dev.part.0+0x20/0x470
[  326.673455][T17625]  tty_init_dev+0x60/0x80
[  326.673471][T17625]  ptmx_open+0x15e/0x3c0
[  326.673483][T17625]  ? __pfx_ptmx_open+0x10/0x10
[  326.673494][T17625]  chrdev_open+0x234/0x6a0
[  326.673507][T17625]  ? __pfx_chrdev_open+0x10/0x10
[  326.673520][T17625]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  326.673537][T17625]  do_dentry_open+0x6d8/0x1660
[  326.673548][T17625]  ? __pfx_chrdev_open+0x10/0x10
[  326.673563][T17625]  vfs_open+0x82/0x3f0
[  326.673579][T17625]  path_openat+0x208c/0x31a0
[  326.673597][T17625]  ? __pfx_path_openat+0x10/0x10
[  326.673615][T17625]  do_file_open+0x20e/0x430
[  326.673629][T17625]  ? __pfx_do_file_open+0x10/0x10
[  326.673651][T17625]  ? alloc_fd+0x476/0x790
[  326.673665][T17625]  ? do_getname+0x191/0x390
[  326.673681][T17625]  do_sys_openat2+0x10d/0x1e0
[  326.673715][T17625]  ? __pfx_do_sys_openat2+0x10/0x10
[  326.673729][T17625]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  326.673747][T17625]  ? __fget_files+0x21f/0x3d0
[  326.673761][T17625]  __x64_sys_openat+0x12d/0x210
[  326.673776][T17625]  ? __pfx___x64_sys_openat+0x10/0x10
[  326.673790][T17625]  ? ksys_write+0x1ac/0x250
[  326.673805][T17625]  do_syscall_64+0x106/0xf80
[  326.673820][T17625]  ? clear_bhb_loop+0x40/0x90
[  326.673834][T17625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.673846][T17625] RIP: 0033:0x7fe66eb9c799
[  326.673856][T17625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  326.673867][T17625] RSP: 002b:00007fe66faca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  326.673878][T17625] RAX: ffffffffffffffda RBX: 00007fe66ee15fa0 RCX: 00007fe66eb9c799
[  326.673885][T17625] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  326.673892][T17625] RBP: 00007fe66faca090 R08: 0000000000000000 R09: 0000000000000000
[  326.673899][T17625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.673905][T17625] R13: 00007fe66ee16038 R14: 00007fe66ee15fa0 R15: 00007ffd64964bd8
[  326.673919][T17625]  </TASK>
[  326.803274][ T6023] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  326.806087][ T6023] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.811273][T17582] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  326.819021][ T6023] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  326.998031][T17646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3955'.
[  327.002804][T17646] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3955'.
[  327.018442][ T1463] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  327.071709][ T1847] usb 6-1: USB disconnect, device number 45
[  327.198390][ T1463] usb 5-1: Using ep0 maxpacket: 32
[  327.201703][ T1463] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  327.206454][ T1463] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  327.210102][ T1463] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  327.212910][ T1463] usb 5-1: Product: syz
[  327.214315][ T1463] usb 5-1: Manufacturer: syz
[  327.215883][ T1463] usb 5-1: SerialNumber: syz
[  327.219658][ T1463] usb 5-1: config 0 descriptor??
[  327.222023][T17633] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  327.631291][T17654] FAULT_INJECTION: forcing a failure.
[  327.631291][T17654] name failslab, interval 1, probability 0, space 0, times 0
[  327.635799][T17654] CPU: 2 UID: 0 PID: 17654 Comm: syz.1.3957 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  327.635827][T17654] Tainted: [L]=SOFTLOCKUP
[  327.635835][T17654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  327.635845][T17654] Call Trace:
[  327.635852][T17654]  <TASK>
[  327.635858][T17654]  dump_stack_lvl+0x100/0x190
[  327.635894][T17654]  should_fail_ex.cold+0x5/0xa
[  327.635917][T17654]  should_failslab+0xc2/0x120
[  327.635955][T17654]  __kmalloc_cache_noprof+0x7a/0x6f0
[  327.635981][T17654]  ? alloc_tty_struct+0x96/0x8c0
[  327.636006][T17654]  ? ptmx_open+0x102/0x3c0
[  327.636029][T17654]  alloc_tty_struct+0x96/0x8c0
[  327.636051][T17654]  ? __mutex_unlock_slowpath+0x15c/0x790
[  327.636079][T17654]  ? __pfx_alloc_tty_struct+0x10/0x10
[  327.636105][T17654]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  327.636134][T17654]  tty_init_dev.part.0+0x20/0x470
[  327.636162][T17654]  tty_init_dev+0x60/0x80
[  327.636189][T17654]  ptmx_open+0x15e/0x3c0
[  327.636209][T17654]  ? __pfx_ptmx_open+0x10/0x10
[  327.636226][T17654]  chrdev_open+0x234/0x6a0
[  327.636248][T17654]  ? __pfx_chrdev_open+0x10/0x10
[  327.636268][T17654]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  327.636297][T17654]  do_dentry_open+0x6d8/0x1660
[  327.636315][T17654]  ? __pfx_chrdev_open+0x10/0x10
[  327.636340][T17654]  vfs_open+0x82/0x3f0
[  327.636367][T17654]  path_openat+0x208c/0x31a0
[  327.636397][T17654]  ? __pfx_path_openat+0x10/0x10
[  327.636426][T17654]  do_file_open+0x20e/0x430
[  327.636449][T17654]  ? __pfx_do_file_open+0x10/0x10
[  327.636488][T17654]  ? alloc_fd+0x476/0x790
[  327.636510][T17654]  ? do_getname+0x191/0x390
[  327.636535][T17654]  do_sys_openat2+0x10d/0x1e0
[  327.636559][T17654]  ? __pfx_do_sys_openat2+0x10/0x10
[  327.636581][T17654]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  327.636611][T17654]  ? __fget_files+0x21f/0x3d0
[  327.636634][T17654]  __x64_sys_openat+0x12d/0x210
[  327.636657][T17654]  ? __pfx___x64_sys_openat+0x10/0x10
[  327.636680][T17654]  ? ksys_write+0x1ac/0x250
[  327.636704][T17654]  do_syscall_64+0x106/0xf80
[  327.636728][T17654]  ? clear_bhb_loop+0x40/0x90
[  327.636750][T17654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.636770][T17654] RIP: 0033:0x7f5c9119c799
[  327.636800][T17654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  327.636818][T17654] RSP: 002b:00007f5c91faa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  327.636837][T17654] RAX: ffffffffffffffda RBX: 00007f5c91415fa0 RCX: 00007f5c9119c799
[  327.636850][T17654] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  327.636862][T17654] RBP: 00007f5c91faa090 R08: 0000000000000000 R09: 0000000000000000
[  327.636873][T17654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.636884][T17654] R13: 00007f5c91416038 R14: 00007f5c91415fa0 R15: 00007ffda79b58e8
[  327.636909][T17654]  </TASK>
[  327.866565][T17667] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3963'.
[  327.891471][T17669] Bluetooth: MGMT ver 1.23
[  328.004080][T17675] bridge0: port 3(syz_tun) entered blocking state
[  328.006963][T17675] bridge0: port 3(syz_tun) entered disabled state
[  328.011614][T17675] syz_tun: entered allmulticast mode
[  328.018010][T17675] syz_tun: entered promiscuous mode
[  328.022574][T17675] bridge0: port 3(syz_tun) entered blocking state
[  328.025374][T17675] bridge0: port 3(syz_tun) entered forwarding state
[  328.071340][T17682] FAULT_INJECTION: forcing a failure.
[  328.071340][T17682] name failslab, interval 1, probability 0, space 0, times 0
[  328.077181][T17682] CPU: 0 UID: 0 PID: 17682 Comm: syz.5.3970 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  328.077209][T17682] Tainted: [L]=SOFTLOCKUP
[  328.077217][T17682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  328.077228][T17682] Call Trace:
[  328.077235][T17682]  <TASK>
[  328.077243][T17682]  dump_stack_lvl+0x100/0x190
[  328.077277][T17682]  should_fail_ex.cold+0x5/0xa
[  328.077302][T17682]  should_failslab+0xc2/0x120
[  328.077322][T17682]  __kmalloc_cache_noprof+0x7a/0x6f0
[  328.077345][T17682]  ? pty_common_install+0x10e/0xb30
[  328.077372][T17682]  pty_common_install+0x10e/0xb30
[  328.077396][T17682]  ? __pfx_pty_unix98_install+0x10/0x10
[  328.077418][T17682]  tty_init_dev.part.0+0x9e/0x470
[  328.077446][T17682]  tty_init_dev+0x60/0x80
[  328.077473][T17682]  ptmx_open+0x15e/0x3c0
[  328.077493][T17682]  ? __pfx_ptmx_open+0x10/0x10
[  328.077512][T17682]  chrdev_open+0x234/0x6a0
[  328.077533][T17682]  ? __pfx_chrdev_open+0x10/0x10
[  328.077554][T17682]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  328.077583][T17682]  do_dentry_open+0x6d8/0x1660
[  328.077600][T17682]  ? __pfx_chrdev_open+0x10/0x10
[  328.077626][T17682]  vfs_open+0x82/0x3f0
[  328.077652][T17682]  path_openat+0x208c/0x31a0
[  328.077702][T17682]  ? __pfx_path_openat+0x10/0x10
[  328.077734][T17682]  do_file_open+0x20e/0x430
[  328.077757][T17682]  ? __pfx_do_file_open+0x10/0x10
[  328.077795][T17682]  ? alloc_fd+0x476/0x790
[  328.077820][T17682]  ? do_getname+0x191/0x390
[  328.077847][T17682]  do_sys_openat2+0x10d/0x1e0
[  328.077871][T17682]  ? __pfx_do_sys_openat2+0x10/0x10
[  328.077891][T17682]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  328.077921][T17682]  ? __fget_files+0x21f/0x3d0
[  328.077946][T17682]  __x64_sys_openat+0x12d/0x210
[  328.077970][T17682]  ? __pfx___x64_sys_openat+0x10/0x10
[  328.077992][T17682]  ? ksys_write+0x1ac/0x250
[  328.078018][T17682]  do_syscall_64+0x106/0xf80
[  328.078043][T17682]  ? clear_bhb_loop+0x40/0x90
[  328.078066][T17682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.078084][T17682] RIP: 0033:0x7fe66eb9c799
[  328.078101][T17682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.078118][T17682] RSP: 002b:00007fe66faca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  328.078141][T17682] RAX: ffffffffffffffda RBX: 00007fe66ee15fa0 RCX: 00007fe66eb9c799
[  328.078153][T17682] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  328.078165][T17682] RBP: 00007fe66faca090 R08: 0000000000000000 R09: 0000000000000000
[  328.078176][T17682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.078186][T17682] R13: 00007fe66ee16038 R14: 00007fe66ee15fa0 R15: 00007ffd64964bd8
[  328.078212][T17682]  </TASK>
[  328.248652][ T5975] usb 8-1: new high-speed USB device number 47 using dummy_hcd
[  328.317390][T17691] syzkaller1: entered promiscuous mode
[  328.319358][T17691] syzkaller1: entered allmulticast mode
[  328.410153][ T5975] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  328.414680][ T5975] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  328.418177][ T5975] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  328.423760][ T5975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.430057][T17678] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  328.441245][ T5975] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  328.633172][ T6023] usb 5-1: USB disconnect, device number 43
[  328.708961][ T6002] usb 8-1: USB disconnect, device number 47
[  329.478534][T17706] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  329.481971][T17706] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  329.492126][T17706] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  329.758745][ T6002] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  329.778716][ T1463] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  329.908564][ T6002] usb 5-1: Using ep0 maxpacket: 32
[  329.918184][ T6002] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  329.926182][ T6002] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  329.933268][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  329.936778][ T6002] usb 5-1: Product: syz
[  329.939379][ T1463] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  329.944526][ T1463] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  329.948929][ T6002] usb 5-1: Manufacturer: syz
[  329.950908][ T6002] usb 5-1: SerialNumber: syz
[  329.954669][ T1463] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  329.961841][ T6002] usb 5-1: config 0 descriptor??
[  329.971756][T17723] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  329.972710][ T1463] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.992360][T17725] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  329.999647][ T1463] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  330.286598][ T1463] usb 10-1: USB disconnect, device number 3
[  330.347553][T17749] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3994'.
[  330.532208][T17753] FAULT_INJECTION: forcing a failure.
[  330.532208][T17753] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  330.538086][T17753] CPU: 2 UID: 0 PID: 17753 Comm: syz.1.3996 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  330.538120][T17753] Tainted: [L]=SOFTLOCKUP
[  330.538126][T17753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  330.538136][T17753] Call Trace:
[  330.538154][T17753]  <TASK>
[  330.538162][T17753]  dump_stack_lvl+0x100/0x190
[  330.538200][T17753]  should_fail_ex.cold+0x5/0xa
[  330.538219][T17753]  ? prepare_alloc_pages+0x16d/0x5f0
[  330.538240][T17753]  should_fail_alloc_page+0xeb/0x140
[  330.538260][T17753]  prepare_alloc_pages+0x1f0/0x5f0
[  330.538283][T17753]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  330.538311][T17753]  ? __lock_acquire+0x4a5/0x2630
[  330.538346][T17753]  ? __lock_acquire+0x4a5/0x2630
[  330.538364][T17753]  ? find_held_lock+0x2b/0x80
[  330.538386][T17753]  ? is_bpf_text_address+0x8a/0x1a0
[  330.538412][T17753]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  330.538437][T17753]  ? find_held_lock+0x2b/0x80
[  330.538458][T17753]  ? get_il_weight+0xea/0x290
[  330.538473][T17753]  ? get_il_weight+0xea/0x290
[  330.538492][T17753]  ? get_il_weight+0xf4/0x290
[  330.538509][T17753]  ? weighted_interleave_nodes+0x274/0x560
[  330.538532][T17753]  ? policy_nodemask+0xed/0x4f0
[  330.538552][T17753]  alloc_pages_mpol+0x1fb/0x550
[  330.538570][T17753]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  330.538587][T17753]  ? kasan_save_stack+0x30/0x50
[  330.538610][T17753]  ? kasan_save_track+0x14/0x30
[  330.538632][T17753]  ? __kasan_kmalloc+0xaa/0xb0
[  330.538653][T17753]  ? __get_vm_area_node+0x101/0x330
[  330.538670][T17753]  ? __vmalloc_node_range_noprof+0x213/0x1530
[  330.538693][T17753]  alloc_pages_noprof+0x131/0x390
[  330.538712][T17753]  get_free_pages_noprof+0x10/0xb0
[  330.538727][T17753]  __kasan_populate_vmalloc+0xa0/0x210
[  330.538757][T17753]  alloc_vmap_area+0x95d/0x2bd0
[  330.538784][T17753]  ? __pfx_alloc_vmap_area+0x10/0x10
[  330.538808][T17753]  __get_vm_area_node+0x1ca/0x330
[  330.538832][T17753]  __vmalloc_node_range_noprof+0x213/0x1530
[  330.538852][T17753]  ? n_tty_open+0x1a/0x170
[  330.538884][T17753]  ? do_raw_spin_lock+0x128/0x260
[  330.538903][T17753]  ? look_up_lock_class+0x64/0x120
[  330.538937][T17753]  ? n_tty_open+0x1a/0x170
[  330.538967][T17753]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  330.538987][T17753]  ? __ldsem_down_write_nested+0xfd/0x830
[  330.539012][T17753]  ? __ldsem_down_write_nested+0x10e/0x830
[  330.539035][T17753]  ? look_up_lock_class+0x64/0x120
[  330.539062][T17753]  ? __pfx___ldsem_down_write_nested+0x10/0x10
[  330.539090][T17753]  ? n_tty_open+0x1a/0x170
[  330.539117][T17753]  __vmalloc_node_noprof+0xad/0xf0
[  330.539137][T17753]  ? n_tty_open+0x1a/0x170
[  330.539161][T17753]  ? __pfx_n_tty_open+0x10/0x10
[  330.539184][T17753]  n_tty_open+0x1a/0x170
[  330.539208][T17753]  tty_ldisc_open+0xa2/0x120
[  330.539227][T17753]  tty_ldisc_setup+0x40/0xf0
[  330.539247][T17753]  tty_init_dev.part.0+0x1b5/0x470
[  330.539273][T17753]  tty_init_dev+0x60/0x80
[  330.539296][T17753]  ptmx_open+0x15e/0x3c0
[  330.539314][T17753]  ? __pfx_ptmx_open+0x10/0x10
[  330.539331][T17753]  chrdev_open+0x234/0x6a0
[  330.539351][T17753]  ? __pfx_chrdev_open+0x10/0x10
[  330.539369][T17753]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  330.539395][T17753]  do_dentry_open+0x6d8/0x1660
[  330.539411][T17753]  ? __pfx_chrdev_open+0x10/0x10
[  330.539434][T17753]  vfs_open+0x82/0x3f0
[  330.539457][T17753]  path_openat+0x208c/0x31a0
[  330.539484][T17753]  ? __pfx_path_openat+0x10/0x10
[  330.539513][T17753]  do_file_open+0x20e/0x430
[  330.539533][T17753]  ? __pfx_do_file_open+0x10/0x10
[  330.539584][T17753]  ? alloc_fd+0x476/0x790
[  330.539607][T17753]  ? do_getname+0x191/0x390
[  330.539630][T17753]  do_sys_openat2+0x10d/0x1e0
[  330.539652][T17753]  ? __pfx_do_sys_openat2+0x10/0x10
[  330.539671][T17753]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  330.539698][T17753]  ? __fget_files+0x21f/0x3d0
[  330.539720][T17753]  __x64_sys_openat+0x12d/0x210
[  330.539741][T17753]  ? __pfx___x64_sys_openat+0x10/0x10
[  330.539761][T17753]  ? ksys_write+0x1ac/0x250
[  330.539784][T17753]  do_syscall_64+0x106/0xf80
[  330.539806][T17753]  ? clear_bhb_loop+0x40/0x90
[  330.539826][T17753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.539843][T17753] RIP: 0033:0x7f5c9119c799
[  330.539857][T17753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.539871][T17753] RSP: 002b:00007f5c91faa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  330.539888][T17753] RAX: ffffffffffffffda RBX: 00007f5c91415fa0 RCX: 00007f5c9119c799
[  330.539898][T17753] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  330.539909][T17753] RBP: 00007f5c91faa090 R08: 0000000000000000 R09: 0000000000000000
[  330.539918][T17753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  330.539928][T17753] R13: 00007f5c91416038 R14: 00007f5c91415fa0 R15: 00007ffda79b58e8
[  330.539951][T17753]  </TASK>
[  330.748289][   T40] kauditd_printk_skb: 150 callbacks suppressed
[  330.748307][   T40] audit: type=1400 audit(2000000002.410:6893): avc:  denied  { create } for  pid=17756 comm="syz.3.3998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  330.748488][T17753] warn_alloc: 1 callbacks suppressed
[  330.748504][T17753] syz.1.3996: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  330.767462][T17753] CPU: 2 UID: 0 PID: 17753 Comm: syz.1.3996 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  330.767487][T17753] Tainted: [L]=SOFTLOCKUP
[  330.767493][T17753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  330.767503][T17753] Call Trace:
[  330.767510][T17753]  <TASK>
[  330.767516][T17753]  dump_stack_lvl+0x100/0x190
[  330.767548][T17753]  warn_alloc.cold+0x95/0x1c1
[  330.767576][T17753]  ? __pfx_warn_alloc+0x10/0x10
[  330.767598][T17753]  ? lockdep_hardirqs_on+0x78/0x100
[  330.767624][T17753]  ? __get_vm_area_node+0x2c5/0x330
[  330.767648][T17753]  ? __get_vm_area_node+0x208/0x330
[  330.767671][T17753]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  330.767692][T17753]  ? do_raw_spin_lock+0x128/0x260
[  330.767712][T17753]  ? look_up_lock_class+0x64/0x120
[  330.767738][T17753]  ? n_tty_open+0x1a/0x170
[  330.767769][T17753]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  330.767789][T17753]  ? __ldsem_down_write_nested+0xfd/0x830
[  330.767813][T17753]  ? __ldsem_down_write_nested+0x10e/0x830
[  330.767836][T17753]  ? look_up_lock_class+0x64/0x120
[  330.767861][T17753]  ? __pfx___ldsem_down_write_nested+0x10/0x10
[  330.767890][T17753]  ? n_tty_open+0x1a/0x170
[  330.767912][T17753]  __vmalloc_node_noprof+0xad/0xf0
[  330.767931][T17753]  ? n_tty_open+0x1a/0x170
[  330.767955][T17753]  ? __pfx_n_tty_open+0x10/0x10
[  330.767978][T17753]  n_tty_open+0x1a/0x170
[  330.768001][T17753]  tty_ldisc_open+0xa2/0x120
[  330.768017][T17753]  tty_ldisc_setup+0x40/0xf0
[  330.768031][T17753]  tty_init_dev.part.0+0x1b5/0x470
[  330.768048][T17753]  tty_init_dev+0x60/0x80
[  330.768065][T17753]  ptmx_open+0x15e/0x3c0
[  330.768077][T17753]  ? __pfx_ptmx_open+0x10/0x10
[  330.768088][T17753]  chrdev_open+0x234/0x6a0
[  330.768101][T17753]  ? __pfx_chrdev_open+0x10/0x10
[  330.768114][T17753]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  330.768132][T17753]  do_dentry_open+0x6d8/0x1660
[  330.768147][T17753]  ? __pfx_chrdev_open+0x10/0x10
[  330.768163][T17753]  vfs_open+0x82/0x3f0
[  330.768179][T17753]  path_openat+0x208c/0x31a0
[  330.768196][T17753]  ? __pfx_path_openat+0x10/0x10
[  330.768214][T17753]  do_file_open+0x20e/0x430
[  330.768228][T17753]  ? __pfx_do_file_open+0x10/0x10
[  330.768251][T17753]  ? alloc_fd+0x476/0x790
[  330.768265][T17753]  ? do_getname+0x191/0x390
[  330.768281][T17753]  do_sys_openat2+0x10d/0x1e0
[  330.768296][T17753]  ? __pfx_do_sys_openat2+0x10/0x10
[  330.768309][T17753]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  330.768342][T17753]  ? __fget_files+0x21f/0x3d0
[  330.768357][T17753]  __x64_sys_openat+0x12d/0x210
[  330.768373][T17753]  ? __pfx___x64_sys_openat+0x10/0x10
[  330.768387][T17753]  ? ksys_write+0x1ac/0x250
[  330.768402][T17753]  do_syscall_64+0x106/0xf80
[  330.768418][T17753]  ? clear_bhb_loop+0x40/0x90
[  330.768432][T17753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.768444][T17753] RIP: 0033:0x7f5c9119c799
[  330.768454][T17753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.768465][T17753] RSP: 002b:00007f5c91faa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  330.768477][T17753] RAX: ffffffffffffffda RBX: 00007f5c91415fa0 RCX: 00007f5c9119c799
[  330.768484][T17753] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  330.768491][T17753] RBP: 00007f5c91faa090 R08: 0000000000000000 R09: 0000000000000000
[  330.768498][T17753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  330.768504][T17753] R13: 00007f5c91416038 R14: 00007f5c91415fa0 R15: 00007ffda79b58e8
[  330.768519][T17753]  </TASK>
[  330.774632][T17757] can: request_module (can-proto-0) failed.
[  330.778939][T17753] Mem-Info:
[  330.785532][   T40] audit: type=1400 audit(2000000002.450:6894): avc:  denied  { create } for  pid=17756 comm="syz.3.3998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  330.787010][T17753] active_anon:6764 inactive_anon:2999 isolated_anon:0
[  330.787010][T17753]  active_file:14013 inactive_file:15752 isolated_file:0
[  330.787010][T17753]  unevictable:1768 dirty:347 writeback:0
[  330.787010][T17753]  slab_reclaimable:8603 slab_unreclaimable:80570
[  330.787010][T17753]  mapped:29095 shmem:2155 pagetables:8371
[  330.787010][T17753]  sec_pagetables:308 bounce:0
[  330.787010][T17753]  kernel_misc_reclaimable:0
[  330.787010][T17753]  free:451958 free_pcp:7893 free_cma:0
[  330.789403][   T40] audit: type=1400 audit(2000000002.450:6895): avc:  denied  { write } for  pid=17756 comm="syz.3.3998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  330.896488][   T40] audit: type=1400 audit(2000000002.560:6896): avc:  denied  { prog_run } for  pid=17761 comm="syz.3.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  330.899827][T17753] Node 0 active_anon:26732kB inactive_anon:11996kB active_file:35000kB inactive_file:34744kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:57980kB dirty:876kB writeback:0kB shmem:5100kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14272kB pagetables:8108kB sec_pagetables:1232kB all_unreclaimable? no Balloon:0kB
[  330.903243][   T40] audit: type=1400 audit(2000000002.570:6897): avc:  denied  { read write } for  pid=17761 comm="syz.3.4000" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  330.906679][T17753] Node 1 active_anon:148kB inactive_anon:0kB active_file:21048kB inactive_file:28268kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:58280kB dirty:432kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:288kB pagetables:25388kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  330.906724][T17753] Node 0 DMA free:11116kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  330.910949][   T40] audit: type=1400 audit(2000000002.570:6898): avc:  denied  { open } for  pid=17761 comm="syz.3.4000" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  330.913723][T17753] lowmem_reserve[]: 0 1231 1231 1231 1231
[  330.913767][T17753] Node 0 DMA32 free:363484kB boost:0kB min:27476kB low:34344kB high:41212kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26732kB inactive_anon:11996kB active_file:35000kB inactive_file:34744kB unevictable:3536kB writepending:840kB zspages:0kB present:2080628kB managed:1260856kB mlocked:0kB bounce:0kB free_pcp:31376kB local_pcp:5528kB free_cma:0kB
[  330.913819][T17753] lowmem_reserve[]:
[  330.915294][   T40] audit: type=1400 audit(2000000002.570:6899): avc:  denied  { create } for  pid=17761 comm="syz.3.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  330.917798][T17753]  0 0
[  330.961002][   T40] audit: type=1400 audit(2000000002.620:6900): avc:  denied  { mounton } for  pid=17761 comm="syz.3.4000" path="/408/file0" dev="tmpfs" ino=2213 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  330.973963][T17753]  0 0 0
[  330.973991][T17753] Node 1 Normal free:1433156kB boost:0kB min:39760kB low:49700kB high:59640kB reserved_highatomic:0KB free_highatomic:0KB active_anon:148kB inactive_anon:0kB active_file:21048kB inactive_file:28268kB unevictable:3536kB writepending:404kB zspages:5580kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:0kB free_cma:0kB
[  330.987883][   T40] audit: type=1400 audit(2000000002.630:6901): avc:  denied  { sys_module } for  pid=17761 comm="syz.3.4000" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  330.995991][T17753] lowmem_reserve[]: 0 0 0 0 0
[  330.996033][T17753] Node 0 DMA: 9*4kB 
[  331.013036][T17766] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4000'.
[  331.018471][T17753] (U) 
[  331.022264][T17764] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  331.035221][T17753] 9*8kB 
[  331.096436][   T40] audit: type=1400 audit(2000000002.760:6902): avc:  denied  { read } for  pid=17761 comm="syz.3.4000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  331.097281][T17762] bad cache= option: nonw
[  331.097281][T17762] 
[  331.109758][T17762] CIFS: VFS: bad cache= option: nonw
[  331.118724][T17753] (U) 10*16kB (U) 11*32kB (U) 10*64kB (U) 9*128kB (U) 10*256kB (U) 6*512kB (U) 1*1024kB (U) 1*2048kB (M) 0*4096kB = 11116kB
[  331.124324][T17753] Node 0 DMA32: 1572*4kB (UME) 2766*8kB (UME) 1806*16kB (UME) 148*32kB (UME) 674*64kB (UME) 471*128kB (UME) 284*256kB (UME) 166*512kB (UM) 33*1024kB (UM) 3*2048kB (M) 0*4096kB = 363104kB
[  331.134202][T17753] Node 1 Normal: 891*4kB (UME) 747*8kB (UME) 714*16kB (UME) 709*32kB (UME) 663*64kB (UME) 552*128kB (UME) 480*256kB (UME) 381*512kB (UME) 266*1024kB (UM) 17*2048kB (UME) 159*4096kB (UM) = 1433156kB
[  331.143069][T17753] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  331.146969][T17753] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  331.152452][T17753] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  331.156876][T17753] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  331.161571][T17753] 33508 total pagecache pages
[  331.163694][T17753] 1590 pages in swap cache
[  331.165721][T17753] Free swap  = 103328kB
[  331.167923][T17753] Total swap = 124996kB
[  331.171512][T17753] 1048443 pages RAM
[  331.173281][T17753] 0 pages HighMem/MovableOnly
[  331.175389][T17753] 283918 pages reserved
[  331.177285][T17753] 0 pages cma reserved
[  331.180433][T17753] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  331.229095][T17772] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4003'.
[  331.349411][   T34] usb 5-1: USB disconnect, device number 44
[  331.408600][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  331.609594][T17791] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4010'.
[  331.718609][ T1463] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  331.870140][ T1463] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  331.874874][ T1463] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  331.879567][ T1463] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  331.883443][ T1463] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.899223][T17789] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  331.905146][ T1463] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  331.928475][   T34] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  332.089808][   T34] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  332.093449][   T34] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  332.096552][   T34] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  332.100170][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.104698][T17800] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  332.113131][   T34] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  332.203175][T17820] program syz.3.4018 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  332.236215][ T1463] usb 10-1: USB disconnect, device number 4
[  332.252084][T17826] FAULT_INJECTION: forcing a failure.
[  332.252084][T17826] name failslab, interval 1, probability 0, space 0, times 0
[  332.256760][T17826] CPU: 2 UID: 0 PID: 17826 Comm: syz.0.4022 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  332.256780][T17826] Tainted: [L]=SOFTLOCKUP
[  332.256784][T17826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  332.256791][T17826] Call Trace:
[  332.256795][T17826]  <TASK>
[  332.256800][T17826]  dump_stack_lvl+0x100/0x190
[  332.256823][T17826]  should_fail_ex.cold+0x5/0xa
[  332.256839][T17826]  should_failslab+0xc2/0x120
[  332.256852][T17826]  __kmalloc_node_noprof+0xe6/0x850
[  332.256868][T17826]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  332.256894][T17826]  __vmalloc_node_range_noprof+0x3dc/0x1530
[  332.256912][T17826]  ? n_tty_open+0x1a/0x170
[  332.256934][T17826]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  332.256948][T17826]  ? __ldsem_down_write_nested+0xfd/0x830
[  332.256965][T17826]  ? __ldsem_down_write_nested+0x10e/0x830
[  332.256981][T17826]  ? look_up_lock_class+0x64/0x120
[  332.257000][T17826]  ? __pfx___ldsem_down_write_nested+0x10/0x10
[  332.257019][T17826]  ? n_tty_open+0x1a/0x170
[  332.257036][T17826]  __vmalloc_node_noprof+0xad/0xf0
[  332.257049][T17826]  ? n_tty_open+0x1a/0x170
[  332.257066][T17826]  ? __pfx_n_tty_open+0x10/0x10
[  332.257083][T17826]  n_tty_open+0x1a/0x170
[  332.257100][T17826]  tty_ldisc_open+0xa2/0x120
[  332.257113][T17826]  tty_ldisc_setup+0x40/0xf0
[  332.257128][T17826]  tty_init_dev.part.0+0x1b5/0x470
[  332.257146][T17826]  tty_init_dev+0x60/0x80
[  332.257162][T17826]  ptmx_open+0x15e/0x3c0
[  332.257174][T17826]  ? __pfx_ptmx_open+0x10/0x10
[  332.257188][T17826]  chrdev_open+0x234/0x6a0
[  332.257205][T17826]  ? __pfx_chrdev_open+0x10/0x10
[  332.257223][T17826]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  332.257247][T17826]  do_dentry_open+0x6d8/0x1660
[  332.257258][T17826]  ? __pfx_chrdev_open+0x10/0x10
[  332.257274][T17826]  vfs_open+0x82/0x3f0
[  332.257289][T17826]  path_openat+0x208c/0x31a0
[  332.257307][T17826]  ? __pfx_path_openat+0x10/0x10
[  332.257325][T17826]  do_file_open+0x20e/0x430
[  332.257339][T17826]  ? __pfx_do_file_open+0x10/0x10
[  332.257362][T17826]  ? alloc_fd+0x476/0x790
[  332.257377][T17826]  ? do_getname+0x191/0x390
[  332.257393][T17826]  do_sys_openat2+0x10d/0x1e0
[  332.257408][T17826]  ? __pfx_do_sys_openat2+0x10/0x10
[  332.257421][T17826]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  332.257440][T17826]  ? __fget_files+0x21f/0x3d0
[  332.257455][T17826]  __x64_sys_openat+0x12d/0x210
[  332.257470][T17826]  ? __pfx___x64_sys_openat+0x10/0x10
[  332.257484][T17826]  ? ksys_write+0x1ac/0x250
[  332.257499][T17826]  do_syscall_64+0x106/0xf80
[  332.257514][T17826]  ? clear_bhb_loop+0x40/0x90
[  332.257528][T17826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.257540][T17826] RIP: 0033:0x7ff41239c799
[  332.257549][T17826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  332.257560][T17826] RSP: 002b:00007ff4131c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  332.257572][T17826] RAX: ffffffffffffffda RBX: 00007ff412615fa0 RCX: 00007ff41239c799
[  332.257579][T17826] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  332.257586][T17826] RBP: 00007ff4131c2090 R08: 0000000000000000 R09: 0000000000000000
[  332.257592][T17826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  332.257599][T17826] R13: 00007ff412616038 R14: 00007ff412615fa0 R15: 00007ffe1d4aa808
[  332.257614][T17826]  </TASK>
[  332.369027][T17826] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  332.446106][T17834] Mount JFS Failure: -5
[  332.447616][T17834] jfs_mount failed w/return code = -5
[  332.449443][ T5975] usb 6-1: USB disconnect, device number 46
[  332.452976][T17834] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  332.631067][T17847] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4030'.
[  332.911541][T17861] syzkaller0: entered promiscuous mode
[  332.913767][T17861] syzkaller0: entered allmulticast mode
[  332.964121][T17874] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  333.490101][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  333.791043][T17873] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  334.469614][T17881] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.473531][T17881] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.687832][T17887] syz.5.4046 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  334.948393][   T34] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  335.099564][   T34] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  335.102971][   T34] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  335.105896][   T34] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  335.115873][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.118446][ T5988] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  335.126587][T17895] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  335.131475][   T34] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  335.269622][ T5988] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  335.273463][ T5988] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  335.277331][ T5988] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  335.280718][ T5988] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.285368][T17901] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  335.289771][ T5988] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  335.547489][   T34] usb 10-1: USB disconnect, device number 5
[  335.568508][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  335.688425][ T1463] usb 8-1: new high-speed USB device number 48 using dummy_hcd
[  335.703988][T17911] dlm: no local IP address has been set
[  335.706471][T17911] dlm: cannot start dlm midcomms -107
[  335.838410][ T1463] usb 8-1: Using ep0 maxpacket: 32
[  335.841341][   T40] kauditd_printk_skb: 111 callbacks suppressed
[  335.841352][   T40] audit: type=1400 audit(2000000007.510:7014): avc:  denied  { mounton } for  pid=17912 comm="syz.1.4056" path="/376/bus" dev="tmpfs" ino=2085 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  335.841428][ T1463] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  335.841622][T17913] overlayfs: failed to resolve './file1': -2
[  335.860743][ T1463] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  335.861803][   T40] audit: type=1400 audit(2000000007.530:7015): avc:  denied  { map_read map_write } for  pid=17912 comm="syz.1.4056" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  335.863859][ T1463] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  335.863875][ T1463] usb 8-1: Product: syz
[  335.863884][ T1463] usb 8-1: Manufacturer: syz
[  335.877537][ T1463] usb 8-1: SerialNumber: syz
[  335.880809][ T1463] usb 8-1: config 0 descriptor??
[  335.882991][T17905] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  335.934002][T17915] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[  336.037503][   T34] usb 5-1: USB disconnect, device number 45
[  336.109717][   T40] audit: type=1400 audit(2000000007.780:7016): avc:  denied  { read } for  pid=17919 comm="syz.5.4060" dev="nsfs" ino=4026533097 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  336.117494][   T40] audit: type=1400 audit(2000000007.780:7017): avc:  denied  { open } for  pid=17919 comm="syz.5.4060" path="net:[4026533097]" dev="nsfs" ino=4026533097 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  336.125603][   T40] audit: type=1400 audit(2000000007.780:7018): avc:  denied  { prog_load } for  pid=17919 comm="syz.5.4060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  336.133076][   T40] audit: type=1400 audit(2000000007.780:7019): avc:  denied  { perfmon } for  pid=17919 comm="syz.5.4060" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  336.140100][   T40] audit: type=1400 audit(2000000007.780:7020): avc:  denied  { prog_run } for  pid=17919 comm="syz.5.4060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  336.152459][T17924] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4061'.
[  336.158855][   T40] audit: type=1400 audit(2000000007.800:7021): avc:  denied  { name_bind } for  pid=17920 comm="syz.0.4059" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  336.167967][   T40] audit: type=1400 audit(2000000007.800:7022): avc:  denied  { create } for  pid=17920 comm="syz.0.4059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  336.175037][   T40] audit: type=1400 audit(2000000007.800:7023): avc:  denied  { bind } for  pid=17920 comm="syz.0.4059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  336.205124][T17930] netlink: 'syz.0.4063': attribute type 1 has an invalid length.
[  336.217090][T17930] bond6: entered promiscuous mode
[  336.219016][T17930] 8021q: adding VLAN 0 to HW filter on device bond6
[  336.230452][T17929] 8021q: adding VLAN 0 to HW filter on device bond6
[  336.234400][T17929] bond6: (slave xfrm1): The slave device specified does not support setting the MAC address
[  336.237986][T17929] bond6: (slave xfrm1): Setting fail_over_mac to active for active-backup mode
[  336.246938][T17929] bond6: (slave xfrm1): making interface the new active one
[  336.249469][T17929] xfrm1: entered promiscuous mode
[  336.253266][T17929] bond6: (slave xfrm1): Enslaving as an active interface with an up link
[  336.335260][T17938] netlink: 'syz.5.4066': attribute type 1 has an invalid length.
[  336.348086][T17938] 8021q: adding VLAN 0 to HW filter on device bond1
[  336.354367][T17938] vlan2: entered promiscuous mode
[  336.356373][T17938] bond1: entered promiscuous mode
[  336.359848][T17938] vlan2: entered allmulticast mode
[  336.361895][T17938] bond1: entered allmulticast mode
[  336.374789][T17938] bond1: (slave bridge3): making interface the new active one
[  336.377350][T17938] bridge3: entered promiscuous mode
[  336.380792][T17938] bridge3: entered allmulticast mode
[  336.383488][T17938] bond1: (slave bridge3): Enslaving as an active interface with an up link
[  336.390043][T17938] xt_l2tp: unknown flags: 51
[  336.501451][T17951] /dev/sg0: Can't lookup blockdev
[  336.549210][T17951] kvm: MWAIT instruction emulated as NOP!
[  336.588486][ T6001] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  336.751400][ T6001] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  336.756258][ T6001] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  336.761002][ T6001] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  336.764866][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.773615][T17942] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  336.778449][ T6001] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  336.888449][   T34] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  337.041190][   T34] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  337.046442][   T34] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  337.048471][ T6001] usb 5-1: USB disconnect, device number 46
[  337.051801][   T34] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  337.057450][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.066401][T17955] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  337.085353][   T34] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  337.337352][ T6001] usb 10-1: USB disconnect, device number 6
[  337.648175][T17966] overlayfs: missing 'lowerdir'
[  337.958517][T15762] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  338.122546][T15762] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  338.126568][T15762] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  338.131991][T15762] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  338.135622][T15762] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.142860][T17969] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  338.150924][T15762] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  338.308630][   T24] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  338.428608][T15762] usb 5-1: USB disconnect, device number 47
[  338.459928][ T5988] usb 8-1: USB disconnect, device number 48
[  338.470531][   T24] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  338.474241][   T24] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  338.477498][   T24] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  338.487697][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.495718][T17986] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  338.501067][   T24] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  338.549558][T17988] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  338.577363][T17991] FAULT_INJECTION: forcing a failure.
[  338.577363][T17991] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  338.582553][T17991] CPU: 1 UID: 0 PID: 17991 Comm: syz.3.4084 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  338.582580][T17991] Tainted: [L]=SOFTLOCKUP
[  338.582586][T17991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  338.582596][T17991] Call Trace:
[  338.582602][T17991]  <TASK>
[  338.582609][T17991]  dump_stack_lvl+0x100/0x190
[  338.582650][T17991]  should_fail_ex.cold+0x5/0xa
[  338.582668][T17991]  ? prepare_alloc_pages+0x16d/0x5f0
[  338.582689][T17991]  should_fail_alloc_page+0xeb/0x140
[  338.582708][T17991]  prepare_alloc_pages+0x1f0/0x5f0
[  338.582731][T17991]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  338.582758][T17991]  ? rcu_is_watching+0x12/0xc0
[  338.582778][T17991]  ? trace_mm_page_alloc+0x17a/0x1d0
[  338.582796][T17991]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  338.582829][T17991]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  338.582858][T17991]  ? find_held_lock+0x2b/0x80
[  338.582878][T17991]  ? is_bpf_text_address+0x8a/0x1a0
[  338.582901][T17991]  ? is_bpf_text_address+0x8a/0x1a0
[  338.582937][T17991]  ? weighted_interleave_nodes+0x458/0x560
[  338.582958][T17991]  alloc_pages_bulk_noprof+0x782/0x1490
[  338.582988][T17991]  ? preempt_count_add+0x76/0x150
[  338.583009][T17991]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  338.583034][T17991]  ? kasan_save_stack+0x30/0x50
[  338.583063][T17991]  ? alloc_pages_noprof+0x233/0x390
[  338.583083][T17991]  __kasan_populate_vmalloc+0xf0/0x210
[  338.583111][T17991]  alloc_vmap_area+0x95d/0x2bd0
[  338.583139][T17991]  ? __pfx_alloc_vmap_area+0x10/0x10
[  338.583162][T17991]  __get_vm_area_node+0x1ca/0x330
[  338.583185][T17991]  __vmalloc_node_range_noprof+0x213/0x1530
[  338.583205][T17991]  ? n_tty_open+0x1a/0x170
[  338.583242][T17991]  ? n_tty_open+0x1a/0x170
[  338.583272][T17991]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  338.583292][T17991]  ? __pfx___might_resched+0x10/0x10
[  338.583311][T17991]  ? do_raw_spin_lock+0x128/0x260
[  338.583331][T17991]  ? find_held_lock+0x2b/0x80
[  338.583351][T17991]  ? n_tty_open+0x12b/0x170
[  338.583373][T17991]  ? n_tty_open+0x12b/0x170
[  338.583398][T17991]  ? n_tty_open+0x1a/0x170
[  338.583420][T17991]  __vmalloc_node_noprof+0xad/0xf0
[  338.583439][T17991]  ? n_tty_open+0x1a/0x170
[  338.583462][T17991]  ? __pfx_n_tty_open+0x10/0x10
[  338.583485][T17991]  n_tty_open+0x1a/0x170
[  338.583508][T17991]  tty_ldisc_open+0xa2/0x120
[  338.583543][T17991]  tty_ldisc_setup+0x87/0xf0
[  338.583563][T17991]  tty_init_dev.part.0+0x1b5/0x470
[  338.583588][T17991]  tty_init_dev+0x60/0x80
[  338.583612][T17991]  ptmx_open+0x15e/0x3c0
[  338.583629][T17991]  ? __pfx_ptmx_open+0x10/0x10
[  338.583645][T17991]  chrdev_open+0x234/0x6a0
[  338.583664][T17991]  ? __pfx_chrdev_open+0x10/0x10
[  338.583682][T17991]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  338.583707][T17991]  do_dentry_open+0x6d8/0x1660
[  338.583723][T17991]  ? __pfx_chrdev_open+0x10/0x10
[  338.583746][T17991]  vfs_open+0x82/0x3f0
[  338.583768][T17991]  path_openat+0x208c/0x31a0
[  338.583795][T17991]  ? __pfx_path_openat+0x10/0x10
[  338.583826][T17991]  do_file_open+0x20e/0x430
[  338.583846][T17991]  ? __pfx_do_file_open+0x10/0x10
[  338.583882][T17991]  ? alloc_fd+0x476/0x790
[  338.583902][T17991]  ? do_getname+0x191/0x390
[  338.583926][T17991]  do_sys_openat2+0x10d/0x1e0
[  338.583946][T17991]  ? __pfx_do_sys_openat2+0x10/0x10
[  338.583965][T17991]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  338.583999][T17991]  ? __fget_files+0x21f/0x3d0
[  338.584021][T17991]  __x64_sys_openat+0x12d/0x210
[  338.584042][T17991]  ? __pfx___x64_sys_openat+0x10/0x10
[  338.584062][T17991]  ? ksys_write+0x1ac/0x250
[  338.584086][T17991]  do_syscall_64+0x106/0xf80
[  338.584106][T17991]  ? clear_bhb_loop+0x40/0x90
[  338.584126][T17991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.584142][T17991] RIP: 0033:0x7ff5dd99c799
[  338.584158][T17991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  338.584173][T17991] RSP: 002b:00007ff5de7d2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  338.584190][T17991] RAX: ffffffffffffffda RBX: 00007ff5ddc15fa0 RCX: 00007ff5dd99c799
[  338.584201][T17991] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  338.584211][T17991] RBP: 00007ff5de7d2090 R08: 0000000000000000 R09: 0000000000000000
[  338.584220][T17991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  338.584229][T17991] R13: 00007ff5ddc16038 R14: 00007ff5ddc15fa0 R15: 00007fff94eb1e88
[  338.584252][T17991]  </TASK>
[  338.584481][T17991] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  338.852764][T17994] netlink: 'syz.3.4085': attribute type 10 has an invalid length.
[  338.855355][T17994] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4085'.
[  338.896502][   T24] usb 6-1: USB disconnect, device number 47
[  339.268471][ T5988] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  339.358539][ T1463] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  339.427470][ T5988] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  339.432115][ T5988] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  339.435565][ T5988] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  339.438607][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.444048][T18004] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  339.449160][ T5988] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  339.508486][ T1463] usb 10-1: Using ep0 maxpacket: 32
[  339.513486][ T1463] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  339.520333][ T1463] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  339.523690][ T1463] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  339.526551][ T1463] usb 10-1: Product: syz
[  339.528023][ T1463] usb 10-1: Manufacturer: syz
[  339.530923][ T1463] usb 10-1: SerialNumber: syz
[  339.535057][ T1463] usb 10-1: config 0 descriptor??
[  339.538703][T18009] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  339.713127][   T34] usb 5-1: USB disconnect, device number 48
[  339.783272][T18016] FAULT_INJECTION: forcing a failure.
[  339.783272][T18016] name failslab, interval 1, probability 0, space 0, times 0
[  339.788744][T18016] CPU: 1 UID: 0 PID: 18016 Comm: syz.1.4094 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  339.788773][T18016] Tainted: [L]=SOFTLOCKUP
[  339.788780][T18016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  339.788790][T18016] Call Trace:
[  339.788798][T18016]  <TASK>
[  339.788806][T18016]  dump_stack_lvl+0x100/0x190
[  339.788840][T18016]  should_fail_ex.cold+0x5/0xa
[  339.788864][T18016]  should_failslab+0xc2/0x120
[  339.788883][T18016]  __kmalloc_node_noprof+0xe6/0x850
[  339.788908][T18016]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  339.788935][T18016]  __vmalloc_node_range_noprof+0x3dc/0x1530
[  339.788963][T18016]  ? n_tty_open+0x1a/0x170
[  339.788993][T18016]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  339.789012][T18016]  ? __pfx___might_resched+0x10/0x10
[  339.789031][T18016]  ? do_raw_spin_lock+0x128/0x260
[  339.789050][T18016]  ? find_held_lock+0x2b/0x80
[  339.789069][T18016]  ? n_tty_open+0x12b/0x170
[  339.789092][T18016]  ? n_tty_open+0x12b/0x170
[  339.789116][T18016]  ? n_tty_open+0x1a/0x170
[  339.789143][T18016]  __vmalloc_node_noprof+0xad/0xf0
[  339.789161][T18016]  ? n_tty_open+0x1a/0x170
[  339.789185][T18016]  ? __pfx_n_tty_open+0x10/0x10
[  339.789207][T18016]  n_tty_open+0x1a/0x170
[  339.789229][T18016]  tty_ldisc_open+0xa2/0x120
[  339.789247][T18016]  tty_ldisc_setup+0x87/0xf0
[  339.789270][T18016]  tty_init_dev.part.0+0x1b5/0x470
[  339.789315][T18016]  tty_init_dev+0x60/0x80
[  339.789340][T18016]  ptmx_open+0x15e/0x3c0
[  339.789359][T18016]  ? __pfx_ptmx_open+0x10/0x10
[  339.789377][T18016]  chrdev_open+0x234/0x6a0
[  339.789397][T18016]  ? __pfx_chrdev_open+0x10/0x10
[  339.789417][T18016]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  339.789444][T18016]  do_dentry_open+0x6d8/0x1660
[  339.789462][T18016]  ? __pfx_chrdev_open+0x10/0x10
[  339.789486][T18016]  vfs_open+0x82/0x3f0
[  339.789510][T18016]  path_openat+0x208c/0x31a0
[  339.789540][T18016]  ? __pfx_path_openat+0x10/0x10
[  339.789566][T18016]  do_file_open+0x20e/0x430
[  339.789587][T18016]  ? __pfx_do_file_open+0x10/0x10
[  339.789639][T18016]  ? alloc_fd+0x476/0x790
[  339.789660][T18016]  ? do_getname+0x191/0x390
[  339.789683][T18016]  do_sys_openat2+0x10d/0x1e0
[  339.789706][T18016]  ? __pfx_do_sys_openat2+0x10/0x10
[  339.789726][T18016]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  339.789756][T18016]  ? __fget_files+0x21f/0x3d0
[  339.789779][T18016]  __x64_sys_openat+0x12d/0x210
[  339.789804][T18016]  ? __pfx___x64_sys_openat+0x10/0x10
[  339.789825][T18016]  ? ksys_write+0x1ac/0x250
[  339.789852][T18016]  do_syscall_64+0x106/0xf80
[  339.789876][T18016]  ? clear_bhb_loop+0x40/0x90
[  339.789897][T18016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.789916][T18016] RIP: 0033:0x7f5c9119c799
[  339.789933][T18016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  339.789950][T18016] RSP: 002b:00007f5c91faa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  339.789968][T18016] RAX: ffffffffffffffda RBX: 00007f5c91415fa0 RCX: 00007f5c9119c799
[  339.789978][T18016] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  339.789989][T18016] RBP: 00007f5c91faa090 R08: 0000000000000000 R09: 0000000000000000
[  339.789998][T18016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  339.790008][T18016] R13: 00007f5c91416038 R14: 00007f5c91415fa0 R15: 00007ffda79b58e8
[  339.790032][T18016]  </TASK>
[  339.790263][T18016] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  339.809726][T18017] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  339.936722][T18021] pim6reg: entered allmulticast mode
[  340.294459][T18031] overlayfs: failed to resolve './file0': -2
[  340.439247][ T5988] usb 8-1: new high-speed USB device number 49 using dummy_hcd
[  340.573965][T18044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.577684][T18044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  340.600298][ T5988] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  340.605041][ T5988] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  340.609799][ T5988] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  340.613554][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.620752][T18029] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  340.626676][ T5988] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  340.746978][T18051] Can't find a SQUASHFS superblock on nullb0
[  340.903146][ T1847] usb 8-1: USB disconnect, device number 49
[  340.942345][T18056] overlayfs: failed to resolve './file0': -2
[  340.970649][ T1463] usb 6-1: new low-speed USB device number 48 using dummy_hcd
[  341.093093][   T40] kauditd_printk_skb: 102 callbacks suppressed
[  341.093163][   T40] audit: type=1400 audit(2000000012.760:7126): avc:  denied  { create } for  pid=18059 comm="syz.0.4111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  341.106003][   T40] audit: type=1400 audit(2000000012.770:7127): avc:  denied  { connect } for  pid=18059 comm="syz.0.4111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  341.127285][ T1463] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  341.130940][ T1463] usb 6-1: config 0 has no interface number 0
[  341.133237][ T1463] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  341.137553][ T1463] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  341.141551][ T1463] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  341.145408][ T1463] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  341.149388][ T1463] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  341.152747][ T1463] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  341.157328][ T1463] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  341.160376][ T1463] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.165693][ T1463] usb 6-1: config 0 descriptor??
[  341.168881][T18049] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  341.171601][   T40] audit: type=1400 audit(2000000012.840:7128): avc:  denied  { perfmon } for  pid=18059 comm="syz.0.4111" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  341.181928][ T1463] ldusb 6-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[  341.210071][   T40] audit: type=1400 audit(2000000012.880:7129): avc:  denied  { create } for  pid=18059 comm="syz.0.4111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  341.216899][   T40] audit: type=1400 audit(2000000012.880:7130): avc:  denied  { setopt } for  pid=18059 comm="syz.0.4111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  341.225727][   T40] audit: type=1400 audit(2000000012.880:7131): avc:  denied  { write } for  pid=18059 comm="syz.0.4111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  341.383380][ T1463] usb 6-1: USB disconnect, device number 48
[  341.389721][ T1463] ldusb 6-1:0.55: LD USB Device #1 now disconnected
[  341.461282][T18067] netlink: 'syz.0.4114': attribute type 2 has an invalid length.
[  341.478931][   T40] audit: type=1400 audit(2000000013.140:7132): avc:  denied  { create } for  pid=18068 comm="syz.3.4115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  341.534958][   T40] audit: type=1400 audit(2000000013.200:7133): avc:  denied  { create } for  pid=18070 comm="syz.3.4116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  341.544368][   T40] audit: type=1400 audit(2000000013.210:7134): avc:  denied  { write } for  pid=18070 comm="syz.3.4116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  341.551874][   T40] audit: type=1400 audit(2000000013.210:7135): avc:  denied  { read } for  pid=18070 comm="syz.3.4116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  341.621502][T18076] overlayfs: failed to resolve './file0': -2
[  341.692592][T18078] FAULT_INJECTION: forcing a failure.
[  341.692592][T18078] name failslab, interval 1, probability 0, space 0, times 0
[  341.697515][T18078] CPU: 1 UID: 0 PID: 18078 Comm: syz.3.4119 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  341.697543][T18078] Tainted: [L]=SOFTLOCKUP
[  341.697550][T18078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  341.697560][T18078] Call Trace:
[  341.697567][T18078]  <TASK>
[  341.697574][T18078]  dump_stack_lvl+0x100/0x190
[  341.697626][T18078]  should_fail_ex.cold+0x5/0xa
[  341.697650][T18078]  should_failslab+0xc2/0x120
[  341.697670][T18078]  __kmalloc_node_noprof+0xe6/0x850
[  341.697696][T18078]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  341.697723][T18078]  __vmalloc_node_range_noprof+0x3dc/0x1530
[  341.697751][T18078]  ? n_tty_open+0x1a/0x170
[  341.697784][T18078]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  341.697805][T18078]  ? __pfx___might_resched+0x10/0x10
[  341.697827][T18078]  ? do_raw_spin_lock+0x128/0x260
[  341.697854][T18078]  ? find_held_lock+0x2b/0x80
[  341.697876][T18078]  ? n_tty_open+0x12b/0x170
[  341.697898][T18078]  ? n_tty_open+0x12b/0x170
[  341.697925][T18078]  ? n_tty_open+0x1a/0x170
[  341.697949][T18078]  __vmalloc_node_noprof+0xad/0xf0
[  341.697971][T18078]  ? n_tty_open+0x1a/0x170
[  341.697996][T18078]  ? __pfx_n_tty_open+0x10/0x10
[  341.698022][T18078]  n_tty_open+0x1a/0x170
[  341.698047][T18078]  tty_ldisc_open+0xa2/0x120
[  341.698068][T18078]  tty_ldisc_setup+0x87/0xf0
[  341.698090][T18078]  tty_init_dev.part.0+0x1b5/0x470
[  341.698117][T18078]  tty_init_dev+0x60/0x80
[  341.698142][T18078]  ptmx_open+0x15e/0x3c0
[  341.698160][T18078]  ? __pfx_ptmx_open+0x10/0x10
[  341.698179][T18078]  chrdev_open+0x234/0x6a0
[  341.698197][T18078]  ? __pfx_chrdev_open+0x10/0x10
[  341.698216][T18078]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  341.698243][T18078]  do_dentry_open+0x6d8/0x1660
[  341.698260][T18078]  ? __pfx_chrdev_open+0x10/0x10
[  341.698284][T18078]  vfs_open+0x82/0x3f0
[  341.698309][T18078]  path_openat+0x208c/0x31a0
[  341.698351][T18078]  ? __pfx_path_openat+0x10/0x10
[  341.698379][T18078]  do_file_open+0x20e/0x430
[  341.698400][T18078]  ? __pfx_do_file_open+0x10/0x10
[  341.698437][T18078]  ? alloc_fd+0x476/0x790
[  341.698460][T18078]  ? do_getname+0x191/0x390
[  341.698485][T18078]  do_sys_openat2+0x10d/0x1e0
[  341.698508][T18078]  ? __pfx_do_sys_openat2+0x10/0x10
[  341.698527][T18078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  341.698557][T18078]  ? __fget_files+0x21f/0x3d0
[  341.698581][T18078]  __x64_sys_openat+0x12d/0x210
[  341.698604][T18078]  ? __pfx___x64_sys_openat+0x10/0x10
[  341.698624][T18078]  ? ksys_write+0x1ac/0x250
[  341.698650][T18078]  do_syscall_64+0x106/0xf80
[  341.698673][T18078]  ? clear_bhb_loop+0x40/0x90
[  341.698695][T18078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.698711][T18078] RIP: 0033:0x7ff5dd99c799
[  341.698725][T18078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  341.698742][T18078] RSP: 002b:00007ff5de7d2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  341.698758][T18078] RAX: ffffffffffffffda RBX: 00007ff5ddc15fa0 RCX: 00007ff5dd99c799
[  341.698771][T18078] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  341.698780][T18078] RBP: 00007ff5de7d2090 R08: 0000000000000000 R09: 0000000000000000
[  341.698790][T18078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  341.698801][T18078] R13: 00007ff5ddc16038 R14: 00007ff5ddc15fa0 R15: 00007fff94eb1e88
[  341.698824][T18078]  </TASK>
[  341.832404][T18078] warn_alloc: 3 callbacks suppressed
[  341.832416][T18078] syz.3.4119: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  341.840014][T18078] CPU: 1 UID: 0 PID: 18078 Comm: syz.3.4119 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  341.840042][T18078] Tainted: [L]=SOFTLOCKUP
[  341.840049][T18078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  341.840063][T18078] Call Trace:
[  341.840071][T18078]  <TASK>
[  341.840078][T18078]  dump_stack_lvl+0x100/0x190
[  341.840112][T18078]  warn_alloc.cold+0x95/0x1c1
[  341.840144][T18078]  ? __pfx_warn_alloc+0x10/0x10
[  341.840170][T18078]  ? dump_stack_lvl+0x17c/0x190
[  341.840200][T18078]  ? trace_kmalloc+0x101/0x130
[  341.840218][T18078]  ? __kasan_kmalloc+0x8a/0xb0
[  341.840246][T18078]  ? __kmalloc_node_noprof+0x324/0x850
[  341.840271][T18078]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  341.840299][T18078]  __vmalloc_node_range_noprof+0x1275/0x1530
[  341.840329][T18078]  ? n_tty_open+0x1a/0x170
[  341.840365][T18078]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  341.840388][T18078]  ? __pfx___might_resched+0x10/0x10
[  341.840409][T18078]  ? do_raw_spin_lock+0x128/0x260
[  341.840432][T18078]  ? find_held_lock+0x2b/0x80
[  341.840455][T18078]  ? n_tty_open+0x12b/0x170
[  341.840480][T18078]  ? n_tty_open+0x12b/0x170
[  341.840509][T18078]  ? n_tty_open+0x1a/0x170
[  341.840533][T18078]  __vmalloc_node_noprof+0xad/0xf0
[  341.840555][T18078]  ? n_tty_open+0x1a/0x170
[  341.840582][T18078]  ? __pfx_n_tty_open+0x10/0x10
[  341.840608][T18078]  n_tty_open+0x1a/0x170
[  341.840634][T18078]  tty_ldisc_open+0xa2/0x120
[  341.840656][T18078]  tty_ldisc_setup+0x87/0xf0
[  341.840678][T18078]  tty_init_dev.part.0+0x1b5/0x470
[  341.840707][T18078]  tty_init_dev+0x60/0x80
[  341.840733][T18078]  ptmx_open+0x15e/0x3c0
[  341.840752][T18078]  ? __pfx_ptmx_open+0x10/0x10
[  341.840771][T18078]  chrdev_open+0x234/0x6a0
[  341.840792][T18078]  ? __pfx_chrdev_open+0x10/0x10
[  341.840813][T18078]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  341.840847][T18078]  do_dentry_open+0x6d8/0x1660
[  341.840865][T18078]  ? __pfx_chrdev_open+0x10/0x10
[  341.840891][T18078]  vfs_open+0x82/0x3f0
[  341.840918][T18078]  path_openat+0x208c/0x31a0
[  341.840948][T18078]  ? __pfx_path_openat+0x10/0x10
[  341.840978][T18078]  do_file_open+0x20e/0x430
[  341.841001][T18078]  ? __pfx_do_file_open+0x10/0x10
[  341.841041][T18078]  ? alloc_fd+0x476/0x790
[  341.841065][T18078]  ? do_getname+0x191/0x390
[  341.841091][T18078]  do_sys_openat2+0x10d/0x1e0
[  341.841114][T18078]  ? __pfx_do_sys_openat2+0x10/0x10
[  341.841136][T18078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  341.841167][T18078]  ? __fget_files+0x21f/0x3d0
[  341.841192][T18078]  __x64_sys_openat+0x12d/0x210
[  341.841216][T18078]  ? __pfx___x64_sys_openat+0x10/0x10
[  341.841238][T18078]  ? ksys_write+0x1ac/0x250
[  341.841264][T18078]  do_syscall_64+0x106/0xf80
[  341.841288][T18078]  ? clear_bhb_loop+0x40/0x90
[  341.841312][T18078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.841331][T18078] RIP: 0033:0x7ff5dd99c799
[  341.841348][T18078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  341.841364][T18078] RSP: 002b:00007ff5de7d2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  341.841381][T18078] RAX: ffffffffffffffda RBX: 00007ff5ddc15fa0 RCX: 00007ff5dd99c799
[  341.841392][T18078] RDX: 0000000000060081 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  341.841401][T18078] RBP: 00007ff5de7d2090 R08: 0000000000000000 R09: 0000000000000000
[  341.841411][T18078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  341.841421][T18078] R13: 00007ff5ddc16038 R14: 00007ff5ddc15fa0 R15: 00007fff94eb1e88
[  341.841446][T18078]  </TASK>
[  341.841453][T18078] Mem-Info:
[  341.985852][T18078] active_anon:6710 inactive_anon:2999 isolated_anon:0
[  341.985852][T18078]  active_file:14012 inactive_file:15757 isolated_file:0
[  341.985852][T18078]  unevictable:1768 dirty:382 writeback:0
[  341.985852][T18078]  slab_reclaimable:8561 slab_unreclaimable:82035
[  341.985852][T18078]  mapped:29050 shmem:2157 pagetables:8325
[  341.985852][T18078]  sec_pagetables:308 bounce:0
[  341.985852][T18078]  kernel_misc_reclaimable:0
[  341.985852][T18078]  free:445462 free_pcp:12636 free_cma:0
[  342.005468][T18078] Node 0 active_anon:26692kB inactive_anon:11996kB active_file:35000kB inactive_file:34760kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:57932kB dirty:1120kB writeback:0kB shmem:5084kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14464kB pagetables:7912kB sec_pagetables:1232kB all_unreclaimable? no Balloon:0kB
[  342.024212][T18078] Node 1 active_anon:148kB inactive_anon:0kB active_file:21048kB inactive_file:28268kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:58268kB dirty:408kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:288kB pagetables:25388kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  342.037762][T18078] Node 0 DMA free:11124kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  342.052088][T18078] lowmem_reserve[]: 0 1231 1231 1231 1231
[  342.054532][T18078] Node 0 DMA32 free:359316kB boost:0kB min:27476kB low:34344kB high:41212kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26816kB inactive_anon:11996kB active_file:35000kB inactive_file:34760kB unevictable:3536kB writepending:1120kB zspages:0kB present:2080628kB managed:1260856kB mlocked:0kB bounce:0kB free_pcp:26852kB local_pcp:3996kB free_cma:0kB
[  342.068483][T18078] lowmem_reserve[]: 0 0 0 0 0
[  342.070507][T18078] Node 1 Normal free:1411660kB boost:0kB min:39760kB low:49700kB high:59640kB reserved_highatomic:0KB free_highatomic:0KB active_anon:148kB inactive_anon:0kB active_file:21048kB inactive_file:28268kB unevictable:3536kB writepending:408kB zspages:5580kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:23632kB local_pcp:9492kB free_cma:0kB
[  342.083309][T18078] lowmem_reserve[]: 0 0 0 0 0
[  342.085475][T18078] Node 0 DMA: 9*4kB (U) 8*8kB (U) 11*16kB (U) 11*32kB (U) 10*64kB (U) 9*128kB (U) 10*256kB (U) 6*512kB (U) 1*1024kB (U) 1*2048kB (U) 0*4096kB = 11124kB
[  342.092345][T18078] Node 0 DMA32: 1661*4kB (UME) 2090*8kB (UME) 1566*16kB (UME) 221*32kB (UME) 648*64kB (UME) 478*128kB (UME) 296*256kB (UME) 171*512kB (UM) 33*1024kB (UM) 2*2048kB (UM) 0*4096kB = 359364kB
[  342.099950][T18078] Node 1 Normal: 891*4kB (UME) 750*8kB (UME) 717*16kB (UME) 711*32kB (UME) 665*64kB (UME) 554*128kB (UME) 482*256kB (UME) 381*512kB (UME) 266*1024kB (UM) 14*2048kB (UME) 155*4096kB (M) = 1411660kB
[  342.108689][T18078] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  342.112937][T18078] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  342.116622][T18078] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  342.120466][T18078] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  342.124169][T18078] 33514 total pagecache pages
[  342.126085][T18078] 1590 pages in swap cache
[  342.127896][T18078] Free swap  = 103328kB
[  342.130001][T18078] Total swap = 124996kB
[  342.131991][ T6001] usb 10-1: USB disconnect, device number 7
[  342.132315][T18078] 1048443 pages RAM
[  342.136547][T18078] 0 pages HighMem/MovableOnly
[  342.139624][T18078] 283918 pages reserved
[  342.143764][T18078] 0 pages cma reserved
[  342.147551][T18078] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  342.237469][T18091] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  342.354883][T18098] IPv6: sit2: Disabled Multicast RS
[  342.357422][T18098] sit2: entered allmulticast mode
[  342.361422][T18098] ALSA: mixer_oss: invalid OSS volume '0x000000000000000c'
[  342.488623][ T5988] usb 8-1: new high-speed USB device number 50 using dummy_hcd
[  342.640082][ T5988] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  342.644547][ T5988] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  342.648895][ T5988] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  342.653550][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.660845][T18093] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  342.666891][ T5988] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  342.822432][T18102] overlayfs: failed to resolve './file0': -2
[  342.915820][T18105] FAULT_INJECTION: forcing a failure.
[  342.915820][T18105] name failslab, interval 1, probability 0, space 0, times 0
[  342.921685][T15762] usb 8-1: USB disconnect, device number 50
[  342.931226][T18105] CPU: 3 UID: 0 PID: 18105 Comm: syz.5.4129 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  342.931247][T18105] Tainted: [L]=SOFTLOCKUP
[  342.931251][T18105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  342.931258][T18105] Call Trace:
[  342.931263][T18105]  <TASK>
[  342.931268][T18105]  dump_stack_lvl+0x100/0x190
[  342.931290][T18105]  should_fail_ex.cold+0x5/0xa
[  342.931305][T18105]  ? tomoyo_encode2+0xfb/0x3c0
[  342.931321][T18105]  should_failslab+0xc2/0x120
[  342.931333][T18105]  __kmalloc_noprof+0xe0/0x850
[  342.931349][T18105]  ? d_absolute_path+0x136/0x1b0
[  342.931368][T18105]  tomoyo_encode2+0xfb/0x3c0
[  342.931387][T18105]  tomoyo_encode+0x29/0x50
[  342.931403][T18105]  tomoyo_realpath_from_path+0x18c/0x690
[  342.931423][T18105]  tomoyo_path_number_perm+0x23c/0x580
[  342.931437][T18105]  ? tomoyo_path_number_perm+0x22e/0x580
[  342.931453][T18105]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  342.931481][T18105]  ? find_held_lock+0x2b/0x80
[  342.931499][T18105]  ? __fget_files+0x215/0x3d0
[  342.931511][T18105]  ? hook_file_ioctl_common+0x146/0x410
[  342.931525][T18105]  ? __fget_files+0x21f/0x3d0
[  342.931539][T18105]  security_file_ioctl+0xd3/0x230
[  342.931556][T18105]  __x64_sys_ioctl+0xb7/0x210
[  342.931574][T18105]  do_syscall_64+0x106/0xf80
[  342.931589][T18105]  ? clear_bhb_loop+0x40/0x90
[  342.931604][T18105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.931615][T18105] RIP: 0033:0x7fe66eb9c799
[  342.931626][T18105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  342.931637][T18105] RSP: 002b:00007fe66faca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  342.931648][T18105] RAX: ffffffffffffffda RBX: 00007fe66ee15fa0 RCX: 00007fe66eb9c799
[  342.931655][T18105] RDX: 0000200000000000 RSI: 0000000000005392 RDI: 0000000000000003
[  342.931662][T18105] RBP: 00007fe66faca090 R08: 0000000000000000 R09: 0000000000000000
[  342.931669][T18105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.931675][T18105] R13: 00007fe66ee16038 R14: 00007fe66ee15fa0 R15: 00007ffd64964bd8
[  342.931689][T18105]  </TASK>
[  342.931702][T18105] ERROR: Out of memory at tomoyo_realpath_from_path.
[  342.932437][T18107] binder: 18106:18107 ioctl 530c 200000001080 returned -22
[  342.985881][T18108] binder_alloc: 18106: binder_alloc_buf, no vma
[  343.031909][T18107] binder_alloc: 18106: binder_alloc_buf, no vma
[  343.224928][T18126] bond0: (slave caif0): Error: Device type is different from other slaves
[  343.246841][T18126] overlayfs: workdir and upperdir must reside under the same mount
[  343.257538][T18126] netlink: 'syz.5.4135': attribute type 3 has an invalid length.
[  343.488771][T18139] FAULT_INJECTION: forcing a failure.
[  343.488771][T18139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.493215][T18139] CPU: 3 UID: 0 PID: 18139 Comm: syz.5.4141 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  343.493233][T18139] Tainted: [L]=SOFTLOCKUP
[  343.493238][T18139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  343.493245][T18139] Call Trace:
[  343.493250][T18139]  <TASK>
[  343.493255][T18139]  dump_stack_lvl+0x100/0x190
[  343.493279][T18139]  should_fail_ex.cold+0x5/0xa
[  343.493295][T18139]  _copy_from_user+0x2e/0xd0
[  343.493308][T18139]  mmc_ioctl_dvd_auth+0x12d/0x250
[  343.493321][T18139]  ? __pfx_mmc_ioctl_dvd_auth+0x10/0x10
[  343.493335][T18139]  ? lock_acquire+0x1cf/0x380
[  343.493348][T18139]  cdrom_ioctl+0x3200/0x3880
[  343.493363][T18139]  ? __pfx_cdrom_ioctl+0x10/0x10
[  343.493375][T18139]  ? rcu_is_watching+0x12/0xc0
[  343.493390][T18139]  ? trace_rpm_return_int+0x78/0x250
[  343.493407][T18139]  ? rpm_resume+0x7eb/0x1350
[  343.493423][T18139]  ? sr_block_ioctl+0x118/0x250
[  343.493435][T18139]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  343.493453][T18139]  ? __pfx_rpm_resume+0x10/0x10
[  343.493469][T18139]  ? do_raw_spin_lock+0x128/0x260
[  343.493483][T18139]  ? find_held_lock+0x2b/0x80
[  343.493501][T18139]  ? lockdep_hardirqs_on+0x78/0x100
[  343.493517][T18139]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  343.493531][T18139]  ? __pm_runtime_resume+0xc3/0x170
[  343.493550][T18139]  sr_block_ioctl+0x1ae/0x250
[  343.493564][T18139]  ? __pfx_sr_block_ioctl+0x10/0x10
[  343.493578][T18139]  blkdev_ioctl+0x5ad/0x6f0
[  343.493619][T18139]  ? __pfx_blkdev_ioctl+0x10/0x10
[  343.493639][T18139]  ? selinux_file_ioctl+0x139/0x290
[  343.493657][T18139]  ? selinux_file_ioctl+0xb4/0x290
[  343.493674][T18139]  ? __pfx_blkdev_ioctl+0x10/0x10
[  343.493688][T18139]  __x64_sys_ioctl+0x18e/0x210
[  343.493707][T18139]  do_syscall_64+0x106/0xf80
[  343.493722][T18139]  ? clear_bhb_loop+0x40/0x90
[  343.493736][T18139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.493748][T18139] RIP: 0033:0x7fe66eb9c799
[  343.493758][T18139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  343.493769][T18139] RSP: 002b:00007fe66faca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  343.493780][T18139] RAX: ffffffffffffffda RBX: 00007fe66ee15fa0 RCX: 00007fe66eb9c799
[  343.493787][T18139] RDX: 0000200000000000 RSI: 0000000000005392 RDI: 0000000000000003
[  343.493794][T18139] RBP: 00007fe66faca090 R08: 0000000000000000 R09: 0000000000000000
[  343.493801][T18139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.493807][T18139] R13: 00007fe66ee16038 R14: 00007fe66ee15fa0 R15: 00007ffd64964bd8
[  343.493826][T18139]  </TASK>
[  343.548669][  T103] ------------[ cut here ]------------
[  343.592430][  T103] conntrack cleanup blocked for 60s
[  343.592447][  T103] WARNING: net/netfilter/nf_conntrack_core.c:2511 at nf_conntrack_cleanup_net_list+0x4f7/0x690, CPU#2: kworker/u32:5/103
[  343.599375][  T103] Modules linked in:
[  343.601813][  T103] CPU: 2 UID: 0 PID: 103 Comm: kworker/u32:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  343.605753][  T103] Tainted: [L]=SOFTLOCKUP
[  343.607109][  T103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  343.610407][  T103] Workqueue: netns cleanup_net
[  343.611945][  T103] RIP: 0010:nf_conntrack_cleanup_net_list+0x4f7/0x690
[  343.614247][  T103] Code: 29 c3 48 89 de e8 69 13 5a f8 48 85 db 78 0f e8 7f 18 5a f8 e8 1a f8 e2 01 e9 0e fc ff ff e8 70 18 5a f8 48 8d 3d 69 75 39 07 <67> 48 0f b9 3a eb de 4c 8b 6c 24 40 e8 58 18 5a f8 48 b8 00 00 00
[  343.621173][  T103] RSP: 0018:ffffc9000171f970 EFLAGS: 00010293
[  343.623126][  T103] RAX: 0000000000000000 RBX: ffffffffffffffff RCX: ffffffff89aec8b7
[  343.625760][  T103] RDX: ffff888022750000 RSI: ffffffff89aec8d0 RDI: ffffffff90e83e40
[  343.628640][  T103] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[  343.628806][ T6002] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  343.634128][  T103] R10: ffffffffffffffff R11: 0000000000000000 R12: 0000000000000001
[  343.634157][  T103] R13: 0000000000000001 R14: ffffc9000171fb28 R15: dffffc0000000000
[  343.642546][  T103] FS:  0000000000000000(0000) GS:ffff8880d653f000(0000) knlGS:0000000000000000
[  343.645320][  T103] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  343.647488][  T103] CR2: 0000200000001080 CR3: 000000002c20c000 CR4: 0000000000352ef0
[  343.650380][  T103] Call Trace:
[  343.651575][  T103]  <TASK>
SYZFAIL: failed to recv rpc
[  343.652767][  T103]  ? nf_conntrack_cleanup_net_list+0x158/0x690
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  343.655506][  T103]  ? __pfx_nf_conntrack_cleanup_net_list+0x10/0x10
[  343.658163][  T103]  ? nf_conntrack_pernet_exit+0xaa/0x150
[  343.660426][  T103]  ? kfree+0x1f6/0x6b0
[  343.662060][  T103]  ? __pfx_nf_conntrack_pernet_exit+0x10/0x10
[  343.664400][  T103]  ops_undo_list+0x363/0xab0
[  343.666272][  T103]  ? __pfx_ops_undo_list+0x10/0x10
[  343.668468][  T103]  ? cleanup_net+0x332/0x920
[  343.670423][  T103]  ? idr_destroy+0x62/0x2e0
[  343.672302][  T103]  cleanup_net+0x499/0x920
[  343.674069][  T103]  ? __pfx_cleanup_net+0x10/0x10
[  343.676016][  T103]  ? rcu_is_watching+0x12/0xc0
[  343.677967][  T103]  process_one_work+0xa23/0x19a0
[  343.680247][  T103]  ? __pfx_process_one_work+0x10/0x10
[  343.682629][  T103]  ? __pfx_cleanup_net+0x10/0x10
[  343.684733][  T103]  worker_thread+0x5ef/0xe50
[  343.686594][  T103]  ? __pfx_worker_thread+0x10/0x10
[  343.688687][  T103]  ? kthread+0x13a/0x450
[  343.690393][  T103]  ? __pfx_worker_thread+0x10/0x10
[  343.692416][  T103]  kthread+0x370/0x450
[  343.694039][  T103]  ? __pfx_kthread+0x10/0x10
[  343.695880][  T103]  ret_from_fork+0x754/0xd80
[  343.697712][  T103]  ? __pfx_ret_from_fork+0x10/0x10
[  343.699899][  T103]  ? __switch_to+0x7b4/0x1120
[  343.701975][  T103]  ? __pfx_kthread+0x10/0x10
[  343.705266][  T103]  ret_from_fork_asm+0x1a/0x30
[  343.708866][  T103]  </TASK>
[  343.709914][  T103] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  343.713005][  T103] CPU: 2 UID: 0 PID: 103 Comm: kworker/u32:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  343.717532][  T103] Tainted: [L]=SOFTLOCKUP
[  343.719226][  T103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  343.722889][  T103] Workqueue: netns cleanup_net
[  343.724481][  T103] Call Trace:
[  343.725662][  T103]  <TASK>
[  343.726998][  T103]  dump_stack_lvl+0x100/0x190
[  343.729014][  T103]  vpanic+0x552/0x970
[  343.730705][  T103]  ? __pfx_vpanic+0x10/0x10
[  343.732642][  T103]  panic+0xd1/0xe0
[  343.734357][  T103]  ? __pfx_panic+0x10/0x10
[  343.736286][  T103]  ? check_panic_on_warn+0x1f/0x90
[  343.738485][  T103]  check_panic_on_warn.cold+0x19/0x34
[  343.740603][  T103]  ? nf_conntrack_cleanup_net_list+0x4f7/0x690
[  343.743023][  T103]  __warn.cold+0x191/0x348
[  343.744795][  T103]  __report_bug+0x296/0x3d0
[  343.746958][  T103]  ? nf_conntrack_cleanup_net_list+0x4f7/0x690
[  343.749620][  T103]  ? __pfx___report_bug+0x10/0x10
[  343.751784][  T103]  ? __lock_acquire+0x4a5/0x2630
[  343.753916][  T103]  ? nf_conntrack_cleanup_net_list+0x4f0/0x690
[  343.756377][  T103]  ? nf_conntrack_cleanup_net_list+0x4d7/0x690
[  343.758722][  T103]  ? nf_ct_iterate_cleanup_net+0xd9/0x110
[  343.760493][  T103]  ? nf_ct_iterate_cleanup_net+0xd9/0x110
[  343.762530][  T103]  ? irqentry_exit+0x180/0x670
[  343.764431][  T103]  report_bug_entry+0xe1/0x290
[  343.766517][  T103]  ? nf_conntrack_cleanup_net_list+0x4f7/0x690
[  343.769321][  T103]  handle_bug+0x1cd/0x2a0
[  343.771407][  T103]  exc_invalid_op+0x17/0x50
[  343.773489][  T103]  asm_exc_invalid_op+0x1a/0x20
[  343.775410][  T103] RIP: 0010:nf_conntrack_cleanup_net_list+0x4f7/0x690
[  343.778614][  T103] Code: 29 c3 48 89 de e8 69 13 5a f8 48 85 db 78 0f e8 7f 18 5a f8 e8 1a f8 e2 01 e9 0e fc ff ff e8 70 18 5a f8 48 8d 3d 69 75 39 07 <67> 48 0f b9 3a eb de 4c 8b 6c 24 40 e8 58 18 5a f8 48 b8 00 00 00
[  343.784629][  T103] RSP: 0018:ffffc9000171f970 EFLAGS: 00010293
[  343.786589][  T103] RAX: 0000000000000000 RBX: ffffffffffffffff RCX: ffffffff89aec8b7
[  343.789017][  T103] RDX: ffff888022750000 RSI: ffffffff89aec8d0 RDI: ffffffff90e83e40
[  343.791717][  T103] RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000
[  343.795047][  T103] R10: ffffffffffffffff R11: 0000000000000000 R12: 0000000000000001
[  343.798682][  T103] R13: 0000000000000001 R14: ffffc9000171fb28 R15: dffffc0000000000
[  343.802449][  T103]  ? nf_conntrack_cleanup_net_list+0x4d7/0x690
[  343.805104][  T103]  ? nf_conntrack_cleanup_net_list+0x4f0/0x690
[  343.807712][  T103]  ? nf_conntrack_cleanup_net_list+0x158/0x690
[  343.809750][  T103]  ? __pfx_nf_conntrack_cleanup_net_list+0x10/0x10
[  343.811810][  T103]  ? nf_conntrack_pernet_exit+0xaa/0x150
[  343.813608][  T103]  ? kfree+0x1f6/0x6b0
[  343.814915][  T103]  ? __pfx_nf_conntrack_pernet_exit+0x10/0x10
[  343.816814][  T103]  ops_undo_list+0x363/0xab0
[  343.818361][  T103]  ? __pfx_ops_undo_list+0x10/0x10
[  343.820021][  T103]  ? cleanup_net+0x332/0x920
[  343.821687][  T103]  ? idr_destroy+0x62/0x2e0
[  343.823531][  T103]  cleanup_net+0x499/0x920
[  343.825441][  T103]  ? __pfx_cleanup_net+0x10/0x10
[  343.827298][  T103]  ? rcu_is_watching+0x12/0xc0
[  343.829078][  T103]  process_one_work+0xa23/0x19a0
[  343.831041][  T103]  ? __pfx_process_one_work+0x10/0x10
[  343.833039][  T103]  ? __pfx_cleanup_net+0x10/0x10
[  343.834678][  T103]  worker_thread+0x5ef/0xe50
[  343.836294][  T103]  ? __pfx_worker_thread+0x10/0x10
[  343.838188][  T103]  ? kthread+0x13a/0x450
[  343.839711][  T103]  ? __pfx_worker_thread+0x10/0x10
[  343.841385][  T103]  kthread+0x370/0x450
[  343.842686][  T103]  ? __pfx_kthread+0x10/0x10
[  343.844155][  T103]  ret_from_fork+0x754/0xd80
[  343.845654][  T103]  ? __pfx_ret_from_fork+0x10/0x10
[  343.847304][  T103]  ? __switch_to+0x7b4/0x1120
[  343.848933][  T103]  ? __pfx_kthread+0x10/0x10
[  343.850567][  T103]  ret_from_fork_asm+0x1a/0x30
[  343.852623][  T103]  </TASK>
[  343.855157][  T103] Kernel Offset: disabled
[  343.856556][  T103] Rebooting in 86400 seconds..