last executing test programs:

7m31.147011606s ago: executing program 32 (id=115):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x81}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
write$P9_RSTATu(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f000000000bf00050000000000000000000000000000000000000000000000000000000000000000001f0004"], 0x232)

7m22.786711233s ago: executing program 33 (id=224):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140), 0x2, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000180)=0x4, 0x4)
mbind(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x384887fb90e1fbb6, &(0x7f00000001c0)=0x25a, 0xb, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x200010, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140), 0x2, 0x0) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000180)=0x4, 0x4) (async)
mbind(&(0x7f0000ffa000/0x6000)=nil, 0x6000, 0x384887fb90e1fbb6, &(0x7f00000001c0)=0x25a, 0xb, 0x4) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x200010, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) (async)

6m45.955844797s ago: executing program 0 (id=584):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f0000000000)={0x17, &(0x7f00000000c0)=[{0x24, '\x00', @st={0x4, [{0x2, @uvalue=0x3}, {0x1, @uvalue=0x8}, {0x1, @svalue=0x10001}, {0x0, @svalue=0x4}]}, 0x9}]})
setxattr$trusted_overlay_nlink(&(0x7f0000000040)='./cgroup.net/devices.allow/file0\x00', &(0x7f0000000000), 0x0, 0x0, 0x0)

6m45.955439767s ago: executing program 0 (id=587):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000300)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0xf, "292c82", "4adc06184992580b69cfef8ddc645051a3f84c29a26aa3c01e6cc637f6df4d31cf02db5e7f8e73c2350b25a4617d2fdd09f5bd0dbd8147ae90e97d9878ff299d9dcccd9229d29be664b778e68ddf989a4e4366f52ccb1e407d0e00000000000067a253f8d68cc44f93c039463d2a11a755ae7bc6a7bdfa06aae2c23b2a3e05ac2f1aa97c23a31b0e1231b3720eb34894d89993132e10e18f2af394a75fa6ef288e98d827541c7e6e4ccec0f1ee1652153972150f25f520bd1bb17727361097d94b8a56af0eceffc367c3a643280003ceb1927b145a189f115278dd78cfb68cbbf1d8685df2320623c6faa42fe947fbd696ee326d58cbdc808500000000e150e7"}}, 0x110)

6m45.932054461s ago: executing program 0 (id=588):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x48}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, {@in6=@dev={0xfe, 0x80, '\x00', 0x37}, 0x0, 0x3c}, @in=@loopback, {}, {}, {}, 0x1, 0x0, 0x2, 0x4, 0x0, 0x60}, [@coaddr={0x14, 0xe, @in6=@private2}]}, 0x104}}, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGETMODE(r3, 0x4b3b, &(0x7f0000005e40))
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000060a010400c80000000000000a0000050900010073797a31000000002400048020000180070001006374000014000280080002400000000708000140000000090900020073797a32"], 0x78}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) (async)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r1, 0xc008aec1, &(0x7f00000002c0)={0x900})

6m45.854675654s ago: executing program 0 (id=592):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) (async)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='rdma.current\x00', 0x26e1, 0x0)
close(r1) (async)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}, 0xfe}, 0x80, 0x0}, 0x20000000) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) (async)
r2 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r2, 0x0, 0x0, 'syz1\x00', 0x0}) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000c40)={{0x1, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x80000, 0xf, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x4, 0x7, 0x0, 0x7, 0x7ff, 0xfffffffe, 0x0, 0x40, 0x0, 0x0, 0x100000001, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x4, 0x0, 0x0, 0x40, 0xfffffffffffffffc, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x401, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x400000000000, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x80000000000000, 0xfffffffc, 0x1, 0x8, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xde4, 0x7, 0x0, 0x100000000]}) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112}) (async)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000140)=0x1) (async)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2181099, 0x0) (async)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newlink={0x40, 0x10, 0x1, 0x70bd25, 0x27dfdbf9, {0x0, 0x0, 0x0, r7, 0x280d3, 0x20000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bond_slave={{0xf}, {0xc, 0x5, 0x0, 0x1, @IFLA_BOND_SLAVE_QUEUE_ID={0x6, 0x5, 0x1}}}}]}, 0x40}}, 0x8080)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async)
r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') (async)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r9, 0x1, 0xc, &(0x7f00000004c0)=""/118, &(0x7f0000000280)=0x76)
read$FUSE(r8, &(0x7f0000003480)={0x2020}, 0x2020) (async)
getpeername(r8, &(0x7f0000000340)=@l2tp6={0xa, 0x0, 0x0, @private2}, &(0x7f00000001c0)=0x80)

6m45.766778581s ago: executing program 0 (id=594):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x81}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
write$P9_RSTATu(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f0000000000000050003000000000000000000000000000000000000000000000000000000000000001f0004"], 0x232)

6m45.397311604s ago: executing program 0 (id=601):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6000600000442f01fe800000000000000000000000000000fe8000000000000000000000000000aa042065580000000000000800000086dd890288be00000004100000000100000000000000080022eb000000002000000402000000000000060000000008006558002000031ffbe9a0d6c19a0debb502a64d421844fe13d357268958dfdac9e8f0523e137e6c"], 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e20, @remote}}, 0x200, 0x4}, &(0x7f0000000380)=0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003e00)={0x14, 0x0, 0x4, 0x5, 0x70bd2b, 0x25dfdbfd, {0x7, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x20040804)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})

6m45.337854463s ago: executing program 34 (id=601):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6000600000442f01fe800000000000000000000000000000fe8000000000000000000000000000aa042065580000000000000800000086dd890288be00000004100000000100000000000000080022eb000000002000000402000000000000060000000008006558002000031ffbe9a0d6c19a0debb502a64d421844fe13d357268958dfdac9e8f0523e137e6c"], 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e20, @remote}}, 0x200, 0x4}, &(0x7f0000000380)=0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003e00)={0x14, 0x0, 0x4, 0x5, 0x70bd2b, 0x25dfdbfd, {0x7, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x20040804)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})

6m9.935438631s ago: executing program 5 (id=1082):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r2 = dup3(r0, r1, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="20000000151401010010"], 0x20}}, 0x0)
ioctl$MON_IOCG_STATS(r2, 0xc0109207, &(0x7f00000001c0))
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2b00b8, &(0x7f00000002c0)={[{@huge_never}]})

6m9.791336327s ago: executing program 5 (id=1088):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2) (async)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1) (async)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) (async)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000180), 0x200, 0x0)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000000c0)={&(0x7f0000001140)=[{0x808, 0x203, 0x0, 0x0}], 0x1}) (async)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f000022b000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, r2, 0xaadd5000) (async)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000000)=0x9)
r3 = openat$cgroup(r0, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000c00000/0x400000)=nil)
r7 = syz_kvm_add_vcpu$x86(r6, &(0x7f0000000080)={0x0, &(0x7f0000000140)=[@code={0xa, 0x78, {"b805000000b9710000000f01c10f30450f072e470fc0f4c744240054000000c744240266557291ff2c24c744240069000000c744240274000000ff2c2448b8fd970000000000000f23d80f21f835800000800f23f8f23e450f219cf30fa7e86667660f38807d00"}}], 0x78})
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]}) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0) (async, rerun: 32)
openat$cgroup_ro(r3, &(0x7f0000000080)='cpuacct.stat\x00', 0x275a, 0x0) (async, rerun: 32)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e04080b20"], 0x7) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)

6m8.786890063s ago: executing program 5 (id=1093):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000000)={r3, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000001c0)={r3, @in6={{0xa, 0x4e20, 0x3, @private2, 0xffffffff}}}, 0x90)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000040)={r3, 0x21, "7da726036988cc77a06d5c72b88a2d6e7ec69ef8c50623525a9829f370c72e3eff"}, &(0x7f0000000080)=0x29)

6m8.664641891s ago: executing program 5 (id=1094):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x19)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007"], 0x38}}, 0x2000018c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f00000002c0)='./file1/file0\x00', &(0x7f0000000140), 0x1191820, &(0x7f0000000640)=ANY=[@ANYRESHEX=r0])
chdir(&(0x7f0000000100)='./file0\x00')
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x2000, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x100, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}, 0x1c)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_clone(0x1000, &(0x7f00000004c0)="8b82cedc015c63f7b92885f70fe9f2e24633072fbf66abc338136f977e25fb65392842a9d91de03c4fb52e6fa3d2f9b0ceb13450f26a317dae368255c7e673a3e4cf29ec12d7511653f04d4ee74a1ae7255d1e4e10b9b0a19166f1c0d1e1194ede11fb350949", 0x66, &(0x7f0000000300), &(0x7f00000003c0), &(0x7f0000000540)="c1fad1cf65a5d4553618ea0bd1a8ecdde7f29eecbaa64cc81da91fc4e2047747b71ce4bb7045e178f56985bdcec26fb057c34522a13bf7aadbc801d60a7d013927a80a4b2dda2d6f9f208b251e7a2e9f779990a65b2204726dd70854c25a7dc6375825d71597c61d43e67815c8c02018a3da530b0a5ca61455c57695e5483b65ad3fa5ac72eb156ac93a3827dbe81a6684d6ad717a634800d20e26555398a6d133d9d91210a893c7a874fa00a722bd75b35b96200c15a9e22c9df8264795e5d3711338b9bc5c1657695e2729b828856a79bbcce91f89166cc02c75fef6dd17c3cc909526c0bc7c98cd00f009eec95a9ad75368ee02e7e9")
ptrace(0x10, r4)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x201101, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000040)={0x1})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r7, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x6a, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x9, 0x0, 0x0, 0x2}, {0xeda7, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x3, 0x20000000, 0x3, 0x10, 0x0, 0x0, 0x2004cb, 0x3, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2ab, 0x2000000000403ff, 0x2], 0x0, 0x200306})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000edffff00008000"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r9}, 0x4)
ptrace$getregset(0x4205, r3, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0x20, &(0x7f0000000000)={@in6={{0xa, 0x4e22, 0xffffffb6, @ipv4={'\x00', '\xff\xff', @empty}, 0x7ffffffe}}, 0x0, 0x0, 0x13, 0x0, "c10b3b28af4d2f246a016542daa845f387713f4048ff2ece1e75f1fc0100f41e4d572900000100000000000000dd5ace525c277ad10000000033035551502f07e5a81a00"}, 0xffffffffffffffe0)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000400)=@l2tp6={0xa, 0x0, 0x7, @mcast1, 0x7}, 0x80, &(0x7f0000000480)=[{&(0x7f0000001540)="f4000900062b3b25fe80000000000000", 0x10}, {&(0x7f0000000240)="45f289a31a11d10c1101fb2cc62ff73459000ec82c600374", 0x18}], 0x2}, 0x20000884)

6m8.64236539s ago: executing program 5 (id=1095):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
accept4(r0, 0x0, 0x0, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
syz_emit_ethernet(0xe, &(0x7f00000000c0)={@multicast, @remote, @void, {@mpls_uc={0x8864}}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8}) (async)
ioctl$SNDRV_PCM_IOCTL_USER_PVERSION(r1, 0x40044104, &(0x7f0000000000))

6m8.565613404s ago: executing program 5 (id=1097):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="0000fc00", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x16, 0x7c, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}}}}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
listen(r0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES64=r4], 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x12)
connect$unix(r4, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000004780)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='A', 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r5], 0x18, 0x40001}}], 0x4000000000002b3, 0x0)
close(0x3)

5m53.46350271s ago: executing program 35 (id=1097):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="0000fc00", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x16, 0x7c, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}}}}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
listen(r0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES64=r4], 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x12)
connect$unix(r4, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000004780)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='A', 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r5], 0x18, 0x40001}}], 0x4000000000002b3, 0x0)
close(0x3)

5m1.073496238s ago: executing program 7 (id=2040):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000007000/0x18000)=nil, &(0x7f000001fac0)=[@text64={0x40, 0x0}], 0x1, 0x2, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x31)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x6, 0x1}]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000180)="0f46fe3ef3a564780f0f01d166b8008000000f23c80f21f86635040080000f23f8f30f1ec9ba4200ecf3ded5660f383f1a660f38065700", 0x37}], 0x1, 0x74, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @loopback}, 0x1c)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'pim6reg\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8603}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240008c4}, 0x20008004)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r5)
sendmsg$NFC_CMD_START_POLL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3b492abd7000fddbdf01000008000f0010000000080003004e0000000000000000000000ce00"], 0x2c}, 0x1, 0x0, 0x0, 0x20040800}, 0xc010)
pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000000200)="057a0d9b0d4f98b076af8bb828ca9bb87e6ec1c5ceee4ed041df629cf44998e78ad505deb8a7f411f05f0152d5da41e7d9125c57c400e0b0299a6196650ef8e6d349a38489d4d673007f7b216ad7eaf167807dced69b4d5bf7d6f76e20ea8297a737d1cedea6c235a6386ed57dc7a892055ac6a6cd4a3fba5e4fa5129374344532293f9081418ce08320892e4843a16d60ed2e8cdb06803591353b406c2dece0780c09479026de6ed44e7c93c4727a85e83b1ad23c1be9320840695514f649ed6811878342321932fb05277d035a7801eebd4a992e30dbb74651f1162ef7c521", 0xe0}, {&(0x7f0000000440)="63873089920c91ec135df2972df8b98545480795ef7071e47c3529d64272909fcf85b8edf1eb8dde93860db29a1c75f6973626a4c567b4f09c6b3e603a0b77dfbbd2155367f1bd34dffac6f110e091cf46ef5bd80faeedd0283d426b1827780cb858a0e74ab6d6f828812f005b45c66684cefbaeac5289de65a451b6c32458652fc3d56402cf08cba5cc72dab24d64112faf9cdbfc0cef98c77bce8b80e6764258374302a6085e7a87e6971564b7b72f09c2d452488d35f7f7c5228981464e887e18c2c16713035447dcb4f6cbba456d3cd3f911ad0ba4f59dba8412d7dc4738d42ff802b42a6b74e7b0b66cb46fd910b9e97feb84c6b6d657140556a9549d9500b2e7771b172ceb69261687b12c1830d49b6ce982a5e1becbe34740fe62697f15f966e5f4a6488bb2929ba7b43a72e957c24b47625ee847f770f4a8c12a8a9d10b60b684ae2367147c14ddab79fec44cf8c50e278007c97c342d86a9724937215a0ae9e121c878c7599eb51c3468e8e1a1c9015f0f495eb75fa421006d5536173d467ac255bde4107303f093431e61e331e11a5a5e232a4c0ee645a65885242cad7a4aecc5b0e426ea1bdb5649343cd075818f32c4069f4df95df7ee9ae5a3cb8de994752c8085661ceb014f002c31d5e1a661eb83d0a7175325f4c9e028b144be3962fb7e5797a726563161732a3ed051e6fb26104cf7e075be5fb9fdeaf6a92fb765f6ea44fe51e9ab673b69782297006331d0850536d579712f600be3660c1fb79dabdd02275823e5dcc293a7c3bbc30e398ee340f9da0a8db880fc5c2f52b8adc7d426886654b52e9f6967e7424cb4091c3ae9cd34da03f866f3d22ce50cbff15e2ef0aec90f5b6da056250a9d9bb1d369d0f840104c19e702ec454e65e13d20982017ed2287282addc2c7bcbea979a792d14da4c7bac45907a15ab11a1f1497278976317119f87df753af657993225b0b35db92c377fb10dd5dcdd9ffb26a83f62aa023891750f963ac3af14df0bb48d459adba66efbb38473384967f3e1337e69edc109af3de70c119a0214bbc3e8bf923ba77e40f541f0e3fd8e75fb25492115babf7e57649f704ab2560db92c664dbeeda39c46aa412438b9051f014233c89a300ba59a490c8dddb0452b7334ba0c26e662c6c030075035a97073516bb43397c259a9f64e561590f8e8d57cdfab766043f93edd7a50a8934b341475d7b3b8acdbda873c73b6c7389b5552a3eb38e89888d1c8b8733cf7d968ccd0bfd221032a445710b3975d452469363d3e215f1a6ce0e9c6ca99672b6e07b719dba0a302c30f4a4c943cf920471902f0e12d412bea7913fbdb5477f17799ce696d39e1c4c3d0e546a1d06b02d01c6b6bba17b6be2f573feeae8bb71f9d0f161187b37261b2a1791cad9e3bbdb9a51e689b11f2d9244c2065c99ea2427299ec45de9267978bee4aeaece2b2f65577405c7c533e3d4d5624b35eed431d59f80d92c697c5aea086f6f9fe145a56153a7d237d1ca95181d73a7d1acda8582be03c5a7757caeac40b5fdc3925931e67674c5e7970db67949b92d8b1513351b46ea7526777550ae40593de5d7830c35f2acd5e847b0ad0c1fd2e47dfd486adc7f6d2b6149e6413a669ab464bf6d0082014e4078df0b5b9f15e53f5b05c73e555ea2c2b69c9fddc5cd4664f111d835dc1ed7bdbe51c3267b160e297ecd3c3685d6ae852bce043241af566a3f0912f7d54c843a7248a707fd347d1e9083f419ac62402ca7f8c2138bfae2a68603138934b18db01a8222d9f758dedf4c9f22fb5d265b6c059e4836b7188633105507e177c69f0867803431bf4451a816a9def88d332163c822593a0e7508fb6286d837ee1090ced9d7b240a497b2d65f4b199ce8e5ea27105b19b123f42e1eaba02dabaf22ef4f71d5f175d256c8aa0d17a15771cf5dc4783c291f122531ae93d50c27e040b7c607fcec414f888a2d9899f9c687d6549cfa1b843a400cda2c991eb61645e0d2145eacfab8af9082f6b76534705b19187367341234d7c4b084943067103dd3ec0a80a143f5e1f561243c961c516a8f601f0b398d4df428ce81f0ba39bfc04b3bc8b3df4c9dbadebbe1e162c8808e52098027a458e9ac32b58858165856503fc6241ebdea78d19a974f502c75ca79a0232b7a24c25f1aec0d98131c21377ced55597ee9b106ee584833f867c42f5b04bd25ec059c706ebd98bbb52d5a0c0a43f9ed05438e3c3f8273f3d42df8d208df81a94a110ddd7abc298da04306f5273adc63d82f88bbf5e5fa8ab885c444c53df73d38a85f6a24b7056768384716aee5d52599bc1ffdf47460678d7806d1b76129e43f8447d649aee82a0eee4f5b1a2fa89c7eb4a09c57c3b4abd963a448d449b67989db5b96f9659e569910a71af6cfeef00a64fa9b7e90e23b99b775826728590281f601e2364b33570bcfa2425407655866cbe6996dc71d4c7f3925162f3d669d129a207704558320915e735a91cca2825f230fe7ff9162008e1f44bda503028cb0ae9bb03627ff8851285251e9416de17d3d4b4d6519158c555f52a70e1b627117831c02b644b2873d0b5fa97bdf3f3f6e830d89b4ebdc393fb936f66e5a7091e5d7571a271228fa06f7b73d83968f9c2b6ceb0536499b662cd33e542b7296e20220663fc47c290adfc0673c1b64466ebd7cda1ebe865f1c014730c449d0599d47e2e62e62fd7fc2ee65bff4e2483ff3cbe1d4fc6e0c854775288b28410446c8e79865d49075e2504bf71f437bb399285f8b412dfdb20f9b7e4a7828da5494673c23840cb0a03f860095df55d31efe610f6e47417ac068cbe0f5863a18a8a45f63eb06269637f3b65b355f6af6f151c54a0d52d017875c4a95d5cece73aa4009c67157e7bcb015f630f53f8281810d833df4947db5a75c3c2e6d79bce15950792b0a8b3f76239b16469f1f12f249e426506410d6d1722693fa059bedfb855f66e3b76ca9cc6a64244f881f8736347e8f5fd04038a4be5179168cb220edb6b209b0fdbbf5e133e1be824e0abb4170dc15cbc33754981cb02172a3ffb240d88a226459ed48cc473214395b433b1833cd6ee0d61f15b0e6e143e0e737c8c473e17a14c9bf4fb8979a358a7c2db2531d782ee860546bca8af09ad6104bd48172f0c1d0bef575e4f32977d3b551271eaf7a2e135c2178812107ccfe177786b6fd032de5474490f062ea77ba3040a059c145230414875dfa5ad3cd29ff8e23b4ad7aeba095944c45a5ede55b4ce0c59e52aa5a7eb11cd6789efbafada67796baea938f893fe6dac8e8fe57fbc0bfddc446a1b7450193f90683701a4f6ba53e4068e6f6b080eb152c54a2c7f26d603dba9e07be99e3af6c3b2e6ae2439435b48a38c12f2deb808660a446a29168de9b725ba83f46fc3b211f06c0470dd4f518c6a3e1f398e7c5ed994a93fd3cc24d6b818007e8b561e3a224987071cd6051b18588d5a34647e04637d9d0e83b9824cb5f54001cd6ffcef599440db718c8c04934fa0f7a5f5ea028d7f395d05b3d5c6738c7d1be3eaacda3fc341f2acf04899b07784cb211098a9465f0f3f632ae0c69dee6f0cf0fca43a29d75aa5fa0355881a4a08a2ccb79e917c3dcab2fc43932f9e74dd5ca66e1c3920e55415c2fd365cb1a22b9e68df2bdcd76b814fc358cfc5ab5a94b92fdc081519b21a4ef4d81fac88668a615a24b383a20fa39cb5f9ed6ac3f922e21040350f2ac889f389dc12bd3d7faa7de3fe1db5c2c51249be77316c74597cbff13c269362dbcd065101b25cfe4c2d4c339d23ba154ba1d06d62ce7e762aaca4257b9ce976fbfee8df2c8b048e0e0e6eba0221ba00c88bcc009dcf797e5f4082573968095048952f764fdc91282115db11a92f5b0297af28005237401ba010fdb3d86a33835881508744aff9d3fc2fa36182bf389fb3e585886023f91dec4d73d88302f3b7b5744d4ed7a66d0ddc0610598cf19fc3a37ab24cbcde7bbaf1cdf728d1fd5b3a2c4778130101dc46cd81fa6796c67a88527cd151170fa847a8450dd32af6b3efe8e851313bd03b357b8c730ea325171b475a96f1f9e325499cb9bba3a29a92284f4b763caddb28b59ba7ddec6a85f96a89a6dfa758e86ca368245168f4cb853fb17f0d2426f19d1a1e917453efa9d221f2c14dc35cff8ea16968a19d4cdcb3234c4c46c628b6b285049a18ac332defafc0287d0eb52f66ae6f8af70df5f9e56ce677b00543f9181c0b7233611042ce1394b2be45043893b7e3a40a4bd45b404c6e9b200550a3c3ab5abf4a8c303644c72d97541dab1b6812d47bbbfa7fbde18127ba015c8e7c3c52aa4682d75787657154c4f807d1235c634dded380557b4a34037eeb3ed9c071cb5ae972ec13d38bda73894d2be9c77568c4e965e51371063dca4528c29ab1bf1fcc74661e6bd33d13fe274c7c12016e2aa4887d6fb3dd4fef75ec54994781fd70513e8572423417d0f20248b9d0dc7a9d93f74e4b08a3a6dfbe9e69dcdeb5990fcf068d3094d1a3f0c1014365f4eb9df7afd7c0515c05c2853c40b626e20887f52bcac3c650cf7ec3c7e8013fb39279aca7e7aa59e24357b739b3b15921736de558ec6df62aabbbaa7f30362837b06d7199cb636f88a3a4aae19b04c0f86037e0e42fd8a76f8f708bed3f0982d4cf1aee58ffe4c5281aac3fc5167781a8b0aa76214235bd1c39bdaa0df3bb9f2b07fb9c932c9ebb3f60d7ad06833b47e3624c7e7929ef7dafb17ee2e32b7f3d751adc12db589d4a574657e45bc31192dbe39b7198674ae8a44c10b9224fce89e594ceac6d3f4ce9205f8af3874c7623237f0e4b30b5e10a6053a1f26a28391078c23cef3e496757709d6e43176a1649baac23471f8d5fe412822cf85b90f081ec86fd4254dcd9b72748c08bd912327e362f20198422e66476732009dfd231af09085223afe76d6661e2f7ce0f3d25ae1bdb48155384d415dfdbade15e185b0a418d16d50aaa5562c2afea6c2a8d555c19d4cb8c030d1e53185ac5966b2f5e60bf8602a04986cc258323b2bcd73305313887541e8971ab18f218c96d6742252db00e5e190119502bb702a6a421bdf9ff994424060ec68eaefd0d746c60c5c94080771a2f238374c4d8effded7e0431cfe139c637d125e4cd819b0e847cafe1bcad43f56fec5362c9a586ce387424ab5c0522e678f2ef16a47186d0dfb77f5347477fe35b2904353686ab87a471566613d1ea8d96d8b0367a2bfb77e1cd6496ff112f15e7318573735518c0f63e84528a32aba5c9b6bbfa458b645bbfb3258f457fa55ac5a101919a41c66396f6336c78310778a3613459af9a78b3ead057f7f58b9579db0ca1d0dcb885bb6c80c7f439bfdb9de5db98dbe93366a0ac6d6df24948b7cb7a63c45e7b59dbe001d721564168467c2d6a0c4d1df501e67aa5d973b9c4b233fb0634cb8d5c4acf0220199c46a01ef4b6066f107bd672ac25d558e530af07b6bdd172361652a2b856076586c2a1b757fe5ffb2ae454497beb2c8787059efb281e36b6ea0ce72edbd39bf330896d57ba16b221117f036330db2c2fc4d66401be79a591aa56054934d663f2c737aa93fe5c851881e5e8048d6bd0f094dc2daefc69ef76fb8dc082dfd2a5def671e2aca1ad4f7b6d18bf66d2e3450c0e381e0157120803a51ba41657e30b2949b2c48df08a7a820cf2ede3b9cdbf3044e53b6df7b6edc98cca4c09bcca54e6a0b1a1afdd98696c86e25fe47e16fd7049e0c0bc1df1c2b54f0231f4f17abfa0eb297968d0509c4a28d5ef", 0x1000}], 0x2, 0x83, 0x7)

5m0.886177474s ago: executing program 7 (id=2046):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x20, r1, 0x1, 0x70bd2e, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0x8, 0x15, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x104}, 0x0)

5m0.815475811s ago: executing program 7 (id=2048):
r0 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@loopback, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x2, 0x0, 0x8, 0x8, 0x4}, {0x4}}, {{@in=@local, 0x80, 0x32}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x8}}, 0xe8) (async)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r4, 0x11, 0x1, &(0x7f0000000040)=""/38, &(0x7f0000000080)=0x26) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)

5m0.81217622s ago: executing program 7 (id=2051):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x8)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x2b5b093, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r1)
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r2, 0x6a9354ab0d020bb7, 0x0, 0xffffffff, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020)

5m0.726653463s ago: executing program 7 (id=2052):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0xffffff73)
listen(r0, 0x8)
r1 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_GET_PROPERTY(r1, 0x80106f53, &(0x7f0000000000)={0x22, &(0x7f0000000140)=[{0x37, '\x00', @data=0x4, 0xbd}]})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000006a00831300000000000000ffa60000000000000008000e0000000000080005"], 0x28}, 0x1, 0x0, 0x0, 0x400d050}, 0x240c881c)
openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi1\x00', 0x1242, 0x0)
r3 = accept4(r0, 0x0, 0x0, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast2, 0x3}, 0x1c)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000c80)='./binderfs/binder0\x00', 0x6, 0x0)
ioctl$BINDER_FREEZE(r5, 0x400c620e, &(0x7f0000000cc0)={0x0, 0x1, 0x3})
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
syz_emit_ethernet(0x70, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "081f20", 0x3a, 0x3a, 0xff, @remote, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x4, {0x6, 0x6, "0e189a", 0x1, 0x3a, 0xff, @remote, @private0, [], "b3ee73f10f4f24e156fc"}}}}}}}, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000140)="82", 0x1}, {&(0x7f0000000500)="bd", 0x1}], 0x2}}], 0x1, 0x4400c800)
fchmod(r4, 0x8)
sendto$inet6(r4, &(0x7f0000000300), 0x20, 0x3b00, 0x0, 0xfffffffffffffdfd)
setsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={0x0, 0x9, 0x7, 0xfffff001}, 0x10)
landlock_create_ruleset(&(0x7f0000000000)={0x8000, 0x3, 0x1}, 0x18, 0x5dedd713c25fa7e7)

5m0.48662047s ago: executing program 7 (id=2056):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x5a, 0x2, 0x84d, 0x9, 0x1, 0x800}, {0x8c, 0x1, 0xfffc, 0x7fff, 0x2, 0xb}, 0x5, 0x34, 0x91f}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xc2240edb8ac75ac7}, @TCA_TBF_RATE64={0xc, 0x4, 0xdd31e353c9fd1eb}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40088c1}, 0x50)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b922, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0x9, 0xb}, {0xfff7, 0x4}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x83, 0x0, 0x5, 0x1, 0xc}, 0xb, 0x0, 0x5, 0x5, 0x9, 0x2, 0x9, 0x12, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0xfffffffe, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x8840}, 0x4008000)
sendmmsg$inet(r4, &(0x7f0000001700)=[{{&(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10, 0x0, 0x0, &(0x7f0000001900)=ANY=[@ANYBLOB="140000000000000000000000010000000e000000000000001400000000000000000000000100000007000000000000002400000000000000000000000700000094040000820d212aab96bad6cdf92da325000000000000001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ac1414366401010100000000600000000000000010000000070000000144207d40000000090000069f000000060001000000000a76000000090000000701862a00000002070e301517f337fc5724b0f4b19f0210c22ab262618268e7b39eceaeaa720106fe8b1561940400001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ffffffff00000000000000001100000000000000290000000100000000000200000000001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="0a010102ac1414aa000000001400000000000000010000000100000001000000000000001c000000000000000000000008000000", @ANYRES32=r7], 0x168}}], 0x1, 0x8000004)

5m0.391481554s ago: executing program 36 (id=2056):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x5a, 0x2, 0x84d, 0x9, 0x1, 0x800}, {0x8c, 0x1, 0xfffc, 0x7fff, 0x2, 0xb}, 0x5, 0x34, 0x91f}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xc2240edb8ac75ac7}, @TCA_TBF_RATE64={0xc, 0x4, 0xdd31e353c9fd1eb}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40088c1}, 0x50)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b922, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0x9, 0xb}, {0xfff7, 0x4}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x83, 0x0, 0x5, 0x1, 0xc}, 0xb, 0x0, 0x5, 0x5, 0x9, 0x2, 0x9, 0x12, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0xfffffffe, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x8840}, 0x4008000)
sendmmsg$inet(r4, &(0x7f0000001700)=[{{&(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10, 0x0, 0x0, &(0x7f0000001900)=ANY=[@ANYBLOB="140000000000000000000000010000000e000000000000001400000000000000000000000100000007000000000000002400000000000000000000000700000094040000820d212aab96bad6cdf92da325000000000000001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ac1414366401010100000000600000000000000010000000070000000144207d40000000090000069f000000060001000000000a76000000090000000701862a00000002070e301517f337fc5724b0f4b19f0210c22ab262618268e7b39eceaeaa720106fe8b1561940400001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ffffffff00000000000000001100000000000000290000000100000000000200000000001c000000000000000000000008000000", @ANYRES32, @ANYBLOB="0a010102ac1414aa000000001400000000000000010000000100000001000000000000001c000000000000000000000008000000", @ANYRES32=r7], 0x168}}], 0x1, 0x8000004)

2m44.605760723s ago: executing program 4 (id=3733):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0}, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000240)={[0x2000000000, 0xb, 0x80006, 0x4000000000000e51, 0x101, 0x547a, 0x103d, 0x200000000006, 0x0, 0x3aa, 0x1, 0x1, 0x5, 0x40000000009, 0x40000000080a8c, 0x800000068], 0x6000, 0x4000}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0x4, &(0x7f0000000300)=ANY=[@ANYRES8=r2], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x5, '\x00', 0x0, @fallback=0x5}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x93d8a9c3ad10f93b, 0x0) (async)
setresgid(0x0, 0xffffffffffffffff, 0xee00) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
r4 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r4, 0x40305652, &(0x7f00000002c0)={0x0, 0x1, 0x0, 0x0, 0x0, 0x2080, 0x6ae0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x17)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) (async)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000180)={0x1})
ioctl$KVM_GET_PIT(r6, 0xc048ae65, &(0x7f0000000340))
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r7, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r7, 0x3)
accept4(r7, 0x0, 0x0, 0x0) (async)
shutdown(r7, 0x1) (async)
setsockopt$sock_int(r7, 0x1, 0x20, &(0x7f0000000280)=0xfffff908, 0x4) (async)
unlink(&(0x7f0000000040)='.\x00')
socket$kcm(0x2, 0xa, 0x2) (async)
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0xf6, 0x0, 0x1, 0x11, 0x6, @local}, 0x14)

2m44.475424284s ago: executing program 4 (id=3734):
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000240)=[@wr_crn={0x67, 0x20, {0x3, 0x5}}, @nested_create_vm={0x12d, 0x18, 0x1}, @nested_create_vm={0x12d, 0x18, 0x1}, @nested_amd_inject_event={0x180, 0x38, {0x2, 0xa4, 0x1, 0x4, 0x3}}, @nested_amd_clgi={0x17f, 0x10}, @nested_vmlaunch={0x12f, 0x18, 0x2}, @out_dx={0x6a, 0x28, {0xc6f7, 0x0, 0x69}}, @rdmsr={0x66, 0x18, {0x847}}, @wr_drn={0x68, 0x20, {0x6, 0x20000}}, @nested_amd_set_intercept={0x181, 0x30, {0x0, 0x1, 0x26}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x3, @save_area=0x58c, 0xd3, 0xd1a, 0x8c}}, @wrmsr={0x65, 0x20, {0x313, 0x7fffffffffffffff}}, @cpuid={0x64, 0x18, {0x2, 0x6}}, @wrmsr={0x65, 0x20, {0x1ad, 0xd}}, @nested_amd_invlpga={0x17d, 0x20, {0x30000, 0x5ba0}}, @wr_drn={0x68, 0x20, {0x3, 0x3}}], 0x210})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000000)={[0x4, 0x7, 0x3, 0x180, 0x2, 0x12, 0xf1, 0xff, 0xfffffffffffffffd, 0x400000000000005, 0x0, 0x29, 0x3ff, 0x8000000000000000, 0x0, 0xa], 0x54000, 0x200001}) (async)
r1 = mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0) (async)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x2fb}, &(0x7f0000000140)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
prctl$PR_GET_THP_DISABLE(0x2a) (async, rerun: 64)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x6, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000280)=""/194, 0xc2}], 0x2}) (async, rerun: 64)
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r6 = socket(0x200000000000011, 0x2, 0xd) (rerun: 64)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010029bd8c00fddbdf2500000000", @ANYRES32=r7, @ANYBLOB="331900000300000014001680100001800c0009000180000000000000050021"], 0x3c}}, 0x4000000)

2m44.415509266s ago: executing program 4 (id=3735):
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000280)={0x1, 0xff, {<r0=>0xffffffffffffffff}, {0xffffffffffffffff}, 0xffffffffffffc817, 0x7}) (async)
r1 = getpgid(0x0)
rt_tgsigqueueinfo(r0, r1, 0x3, &(0x7f00000002c0)={0x28, 0xffff, 0x6})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c4608800000000800000000000000000b1bf401b00"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x10122, 0x0) (async)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x0) (async)
r3 = creat(0x0, 0x0)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r2, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff}, 0x111, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(r4, &(0x7f0000000240)={0xa, 0x4, 0xfa00, {r5}}, 0xc) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0}) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002db57200fadbdf275400000008000300", @ANYRES32=r7], 0x28}}, 0x4004890)
r9 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x454}) (async)
ioctl$UFFDIO_REGISTER(r9, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1}) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000480), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) (async)
mmap$usbfs(&(0x7f000037a000/0x1000)=nil, 0x1000, 0x8, 0x100010, r3, 0x55b72a8)
setxattr(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)=@known='trusted.overlay.metacopy\x00', 0x0, 0x0, 0x0) (async)
llistxattr(&(0x7f0000002300)='./file0\x00', 0x0, 0xfffffdf3)

2m41.365744511s ago: executing program 4 (id=3764):
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={[{@metacopy_off}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r0, &(0x7f0000000400)=""/4096, 0x1000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000380)={0x20000000, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2m41.295942884s ago: executing program 4 (id=3765):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="d8000000180081064e81f782db4cb904021d0800fe067c05e8fe55a10a0005000140020003600e41b0000900ac0006fc117c000016000500014002000000035c3b61c1d67f6f94007174cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001b14d6d930dfe1d9d322fe7c4650b5b9bd6ee6f63f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b4ff010000000000000dd6e4edef3d93452a09004b43370e9703920723f97e46bb5c07540d3b", 0xd8}], 0x1}, 0x40851)

2m39.345598166s ago: executing program 4 (id=3776):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x8, 0x143882)
ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000021000100000000000000000002000000faff000000000000080018"], 0x34}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000080)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2000000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000180)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000340)=@mmap={0x0, 0x2, 0xfffffffffffffeba, 0x400, 0x0, {}, {0x0, 0x8, 0x0, 0x2}, 0x0, 0x1, {}, 0xd2})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x202)

2m39.261475048s ago: executing program 37 (id=3776):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x8, 0x143882)
ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000021000100000000000000000002000000faff000000000000080018"], 0x34}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000080)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2000000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000180)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000340)=@mmap={0x0, 0x2, 0xfffffffffffffeba, 0x400, 0x0, {}, {0x0, 0x8, 0x0, 0x2}, 0x0, 0x1, {}, 0xd2})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x202)

1m55.235316942s ago: executing program 6 (id=4400):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x4, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0x20}, 0xc)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000100)=0xfffffffb, 0x4)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1e)
sendto$inet6(r1, &(0x7f0000000200)="99a5fc0c71a48b48fe5916aa20fb6630516749078d9ce42e99f1af246bd98ae1a9cbc2a52ccf0a90bfc1bd6155b380dc706eb0babce6b710d326c766d3961eab2b3e09e87ad1ed8c9d5884f2e93339750f30ce6fa5cd53d9acdcbf1ca2e1e0caef52000b318921ba14386a0b85c2e2587b716677e7664331e017b4da12ea2c5fca24be7a0784751887f3a0039f9a6292c43fcb138dd4c194374b5c3a829f9daf8e48061faee90f909cdb0c8f91fddb2a3615dd28ed3a3699658330d27913798fd087ceb21908f809b12cff1ccf719d1028e13c77f6d85155ff487dbd3a9e43a1660fa3a1ebe165742aacc824110d27c309041bfca39a5aabd2a631c1a1a6e48987bafd41debd9247be2b2bb2fa5804b5d57ab0a09aaa97b52048de7eb97d2d49824efb43aa8edfff08d794c87691c99000000000000093d7aea4e696588a4c15029030de852f75b71a1f52b07f85390123ab9485c05db5a3a3ee72d9e03bfe3f9b457b17a4d7543d521ead6456618d20a270cd7548a882188ed58a90d37a078bf4619d9c082973efa897200fc1e1840d2e0efecebe37000569cb9d2c9c639aec0afc33792cf9ee7e606491c64295eb84a3dd48dbff8ba9e6df89816ed8a7a182d186028cc8b4bd9c7fd65a03208b950091af45fb00633c914a590614197163be548111b3d8", 0x1e5, 0xe5, &(0x7f000005ffe4)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="190000000400"], 0x50)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x3, 0x7fff, 0x16, "b0bf2ebb48c849ac0000000003000018bfff40"})
r3 = syz_open_pts(r2, 0x200)
r4 = dup3(r3, r2, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0xff)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket(0x27, 0xa, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0xa8681, 0x0)
signalfd4(r7, &(0x7f0000000180), 0x8, 0x80800)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
r8 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r8, &(0x7f0000009780)={0x2020, 0x0, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000600)=ANY=[@ANYBLOB="b0000000f5ffffff", @ANYRES64=0x3, @ANYBLOB="05000000000000000100000000000000ff07000000000000de060000000000000500000001010000060000000000000000000000000000000500000000000000f7ffffffffffffff0000000020200000810000000000000003000000050000003a77000000c0000005000000", @ANYRES32=r9, @ANYRES32=0x0, @ANYBLOB="0100000007000000000000000000000000000000254800000000000003000000ffff00002a2d2b0000000000"], 0xb0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x28, 0x140c, 0x1, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1m54.944246389s ago: executing program 6 (id=4403):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000000500))
r3 = memfd_secret(0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x40106614, &(0x7f0000000080))
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$EVIOCGREP(r3, 0x80084503, &(0x7f0000000200)=""/3)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r5, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeed, 0x30, 0xffffffffffffffff, 0x0)
symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
ioctl$FS_IOC_GETFSLABEL(r5, 0x81009431, &(0x7f0000000100))
close_range(r4, 0xffffffffffffffff, 0x0)

1m54.831678803s ago: executing program 6 (id=4406):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000004c0)={0x0, 0x11e000}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000004c0)={0x0, 0x11e000})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000000c0)={[{0x6, 0x8, 0x7f, 0xb, 0x4e, 0xa, 0x4, 0x0, 0x40, 0xc, 0x94, 0x2f, 0x9}, {0x7ff, 0x8, 0x8f, 0x4, 0x4, 0x1, 0x1, 0x3f, 0x6, 0x9, 0x7, 0x7, 0x2}, {0x8722, 0xfff, 0x7f, 0x9, 0xa, 0x6, 0x9, 0x2, 0xf7, 0x80, 0x7, 0x9, 0x5}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_dev$vim2m(&(0x7f0000000280), 0x4541b6bf, 0x2) (async)
r3 = syz_open_dev$vim2m(&(0x7f0000000280), 0x4541b6bf, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f002})
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
write$vga_arbiter(r4, &(0x7f00000005c0), 0xf)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000100)={0x3, @raw_data="c708189fdcbe38f109fd41eca1fab6cd0322a56c377827c1fce9457335c4cf47591deda9c33bc6cc5b7d3385a843760dd72871795d9eec0df1cf3d0589e7946a9bac962801127e85aca8abe490516e85fa1cca18da61bee3bfa7d0f5ed52f194b6024df56e43d16d7ffeeac46eb01cb5757d29bb22d8abce603d90a7001e3f9be35d285b71faf95797b771ab7048423887417857c97c7c08fc78c4a73b824df30347e9b3a7edbacbafa8e996d0705d042048e6bee4c2de8567b14ab3f6fef57955f02e224730470a"})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000240)={[{@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x1c, 0x70, 0x4e, 0x30, 0x39, 0x38, 0x39, 0x36, 0x36, 0x6d]}}]})
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x410400, 0x0)
ioctl$RTC_IRQP_READ(r5, 0x8008700b, &(0x7f0000000200)) (async)
ioctl$RTC_IRQP_READ(r5, 0x8008700b, &(0x7f0000000200))

1m53.94036729s ago: executing program 6 (id=4417):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0xa0, 0x4)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
symlinkat(&(0x7f0000000200)='./file0/file0\x00', r0, &(0x7f0000000240)='./file0\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x8, 0x5, 0x0, 0x3, 0x2, 0x0, 0xfffffffffffffffc], 0x10000, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
fadvise64(r4, 0x18, 0x0, 0x5)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m53.815216751s ago: executing program 6 (id=4421):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/vlan/vlan0\x00') (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xffffffffffffffff, 0x6, 0x4, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000000)="a11fa81b133d", 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
prctl$PR_GET_NO_NEW_PRIVS(0x27) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local}) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3}) (async)
openat$cgroup_ro(r2, &(0x7f00000000c0)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
unshare(0x6a040000)
r3 = socket$inet6(0xa, 0x2, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r4) (async)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32, @ANYBLOB="0b12050081010000240012800b0001006970366772650000", @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010) (async)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000100)='net/raw\x00')

1m53.35535465s ago: executing program 6 (id=4425):
r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0xe, 0x800)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000140)=0x7, 0x4)
ptrace(0x10, 0x1)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x110a, 0x2})
r2 = mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x3ff)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0xc, 0x0, &(0x7f0000000980)=[@free_buffer={0x40086303, r2}], 0x0, 0x0, 0x0})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000000)=0x10000)

1m53.283833829s ago: executing program 38 (id=4425):
r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0xe, 0x800)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000140)=0x7, 0x4)
ptrace(0x10, 0x1)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x110a, 0x2})
r2 = mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r1, 0x3ff)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0xc, 0x0, &(0x7f0000000980)=[@free_buffer={0x40086303, r2}], 0x0, 0x0, 0x0})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000000)=0x10000)

1m4.71518428s ago: executing program 1 (id=4805):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = syz_usb_connect$sierra_net(0x0, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x1199, 0x68a3, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x0, 0x80, 0xfa, "", {{0x9, 0x4, 0x7, 0x0, 0x3, 0xff, 0x0, 0x0, 0x0, "", {{0x9, 0x5, 0x43978451d8f6fedb, 0x2, 0x40, 0x2, 0x1b, 0xfe}, {0x9, 0x5, 0x7, 0x2, 0x200, 0xc, 0x77, 0x3}, {0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0xfd, 0x32}}}}}}]}}, 0x0)
syz_usb_ep_write(r3, 0x81, 0x41, &(0x7f0000000100)="03bd3b370c8f663aa08c22a8fe1aeb976b3d39979983cbce5666815368b4283b9f885ea5d25389e6caf8a260e26da6fa778cd5fa25adad64987dae8d64a30e92cd")
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)={0x28, r5, 0xb1d, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x48850)
syz_usb_control_io(r3, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010011a801000f4800400058008000900000000000800038030000180050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e83c000c8008002c"], 0x270}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

1m1.625012092s ago: executing program 1 (id=4843):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, r1, 0x701, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x20000)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000002060101000000000000000000000000010000000a000000090002008d001f106f194eb3050001"], 0x30}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000100)=[@code={0x1, 0x7d, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24668f38896810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f2135030009000f23f8"}}], 0x7d})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r4 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r5 = socket(0x10, 0x3, 0x0)
getsockname$packet(r5, 0x0, &(0x7f0000000100))
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0xe45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0xffffffffffffffff, 0x4002004c2, 0x7ff, 0x1, 0x0, 0x400, 0xe0000000000, 0x88, 0x0, 0x8, 0x8d], 0x41000, 0x240046})
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001d0001000000000004086aa42d"], 0x30}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000008c0)=@dellink={0x28, 0x11, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x2010, 0xcd02e5b54e96c93}, [@IFLA_NET_NS_PID={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x880)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r9, 0x3b82, &(0x7f0000000180)={0x18, 0x0, 0xa, 0x0, &(0x7f00000000c0)=[{0x80000001, 0xfffffffffffffffb}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0xffffffff}, {0x5, 0x8}, {0x1a, 0x8000}, {0x4, 0x1}, {0x0, 0x4}, {0x6, 0xa}, {0x41a, 0xffffffff}]})
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0)

1m1.434706745s ago: executing program 1 (id=4844):
r0 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000400)={'filter\x00', 0x4, "14655b50"}, &(0x7f0000000180)=0x2c) (async)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r2=>0x0], &(0x7f0000000180)=[<r3=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r2, r3], 0x2, 0x0, 0x0, <r4=>0xffffffffffffffff}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1}, 0x94) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000580)={&(0x7f0000000480)=[0x0, 0x0, <r5=>0x0], 0x0, 0x0, 0x0, 0x3})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f00000005c0)={0x0, 0x0, r2, r5, 0xf8, 0x8, 0x803, 0x6, {0x8, 0x8, 0x0, 0x5, 0x4, 0x2, 0x1, 0x1, 0x0, 0xffff, 0x8, 0x7c0, 0xffffffff, 0x77, "ba9a42184edc4097e01b52f22e2cbb318719fb31f6699332292cc81f89f07580"}})
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='iso9660\x00', 0x405, 0x0)

1m1.429188162s ago: executing program 1 (id=4845):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffb}}}, 0xb8}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[], 0xb8}, 0x1, 0x0, 0x0, 0xd0}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="480000001400010027bd7000fddbdf250278"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x4000010)
r2 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020"], 0x138)
write$UHID_DESTROY(r3, &(0x7f0000000340), 0x4)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@bridge_delneigh={0x1c, 0x1e, 0x1, 0x70bd29, 0x0, {0x1c}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xf}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0)

1m1.242564534s ago: executing program 1 (id=4847):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x10, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='nfsd\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x40049366, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848160000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x80054)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}], 0x1, &(0x7f0000000040)}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c00038018000380140001007465616d300000000000000000000000080007"], 0xd8}, 0x1, 0x0, 0x0, 0x4008005}, 0x8d4)
lsetxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=@v1={0x2, "c518ad0fa48e"}, 0x7, 0x3)

1m1.174143332s ago: executing program 1 (id=4848):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
setsockopt$MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x4e23, 0x400, @private1, 0xfffffffd}, {0xa, 0x4e20, 0xffffffff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0xffffffffffffffff, {[0xab86, 0x0, 0x2, 0x1, 0x12, 0x46, 0x6, 0x2]}}, 0x5c) (async)
socket$packet(0x11, 0x3, 0x300) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x24}}, 0x2000800)

46.174641949s ago: executing program 39 (id=4848):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
setsockopt$MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x4e23, 0x400, @private1, 0xfffffffd}, {0xa, 0x4e20, 0xffffffff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0xffffffffffffffff, {[0xab86, 0x0, 0x2, 0x1, 0x12, 0x46, 0x6, 0x2]}}, 0x5c) (async)
socket$packet(0x11, 0x3, 0x300) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x24}}, 0x2000800)

3.464855428s ago: executing program 8 (id=5568):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a702283d7000ffdbdf252500000005002b00010000000a0001007770616e3100000005002a"], 0x30}, 0x1, 0x0, 0x0, 0x24080845}, 0x60000000)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400f9e3bde20064ff00000000", @ANYRES32=0x0, @ANYBLOB="00000000c81400001c0012800b00010062726964676500000c000280080031"], 0x3c}, 0x1, 0xba01}, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f00000000c0)={0x0, 'netdevsim0\x00', {0x4}, 0xbfa})
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r5=>0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_PEC(r7, 0x708, 0x2)
ioctl$I2C_SMBUS(r7, 0x720, &(0x7f00000001c0)={0x0, 0x6, 0x0, 0x0})
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r6, 0x84, 0x15, &(0x7f00000000c0)={0x8}, 0x1)
sendto$inet6(r6, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r6, 0x1)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r0) (async)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a702283d7000ffdbdf252500000005002b00010000000a0001007770616e3100000005002a"], 0x30}, 0x1, 0x0, 0x0, 0x24080845}, 0x60000000) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400f9e3bde20064ff00000000", @ANYRES32=0x0, @ANYBLOB="00000000c81400001c0012800b00010062726964676500000c000280080031"], 0x3c}, 0x1, 0xba01}, 0x0) (async)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f00000000c0)={0x0, 'netdevsim0\x00', {0x4}, 0xbfa}) (async)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) (async)
io_setup(0x8f0, &(0x7f0000002400)) (async)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0) (async)
ioctl$I2C_PEC(r7, 0x708, 0x2) (async)
ioctl$I2C_SMBUS(r7, 0x720, &(0x7f00000001c0)={0x0, 0x6, 0x0, 0x0}) (async)
setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r6, 0x84, 0x15, &(0x7f00000000c0)={0x8}, 0x1) (async)
sendto$inet6(r6, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
shutdown(r6, 0x1) (async)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) (async)

3.384707081s ago: executing program 2 (id=5571):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x91, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000001c0)="82ab", 0x2}], 0x1}}], 0x1, 0x4404c880)
sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x32cc0000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x206, &(0x7f0000000200)=<r2=>0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001dc0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
syz_open_procfs(r3, &(0x7f0000000040)='net/l2cap\x00')
io_submit(r2, 0x1, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000001400)="95", 0x1}])
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x4000000)
r4 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r4, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0xd8d0481}], 0x1, 0x0)

3.213593492s ago: executing program 8 (id=5575):
r0 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, 0x10)
socket$kcm(0x2, 0x2, 0x73) (async)
r1 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x9c}]}, &(0x7f0000000080)='syzkaller\x00', 0x4}, 0x90)

3.212165638s ago: executing program 8 (id=5576):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x4000040)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000240)={[0x1fffffffff, 0xb, 0x80006, 0x4000000000000e51, 0x7, 0x547a, 0x103d, 0x200000000006, 0x0, 0x5861, 0x5, 0x1, 0x0, 0x40000000009, 0x40000000080a8d, 0x800000068], 0x30000, 0x4000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r5, 0xae80, 0x6200)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000240)="8f0978d21b640fc79ca50000c0fe470f06430f01c2440f20c0ac0a0000e39d9d0f22c066460f38809bf77f00000f214a0fc73d0d0000003e653666400fc7775f400f01c4", 0x44}], 0x1, 0x10, 0x0, 0x0)

2.987511932s ago: executing program 8 (id=5579):
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='&C'], 0x1c}, 0x1, 0x0, 0x0, 0x45a3c1901f775339}, 0x0)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_create_resource$binfmt(&(0x7f0000000800)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
openat$binfmt(0xffffffffffffff9c, r6, 0x41, 0x1ff)
ptrace(0x10, r5)
ptrace$setregs(0xd, r5, 0x20000000002, &(0x7f0000000040))
ptrace$cont(0x21, r5, 0x80000001, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x6000001d})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_pwait(r0, &(0x7f0000000780)=[{}], 0x1, 0x12, 0x0, 0x0)

2.937843983s ago: executing program 2 (id=5581):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x81}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
write$P9_RSTATu(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f00000000000000500000000000000fffffffffffffff70000000000000000000000000000000000001f0004"], 0x232)

2.879814209s ago: executing program 8 (id=5583):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(r1, 0xc008aec1, &(0x7f0000000540)={0x7, 0x0, [{0x80000007, 0x4, 0x0, 0x4, 0x8, 0x4, 0x2}, {0xc0000001, 0x4e3318c6, 0x1, 0x7, 0x9, 0x0, 0x1000}, {0xa, 0x10000, 0x0, 0x6, 0x2, 0x3, 0x2}, {0x1, 0x8000, 0x0, 0x8000, 0x5e31, 0x1d000000, 0x6}, {0x6, 0x2, 0x0, 0x1, 0x0, 0x6, 0x833}, {0x40000001, 0x0, 0x3, 0x2, 0x8000, 0x0, 0x8}, {0x40000001, 0x8e, 0x2, 0x8, 0x2, 0x0, 0x3}]}) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x39b3)
ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0xffffffffffff2836) (async)
r3 = epoll_create1(0x0) (async)
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000340)={0x82, 0x80000000}) (async)
epoll_wait(r3, &(0x7f0000000000)=[{}], 0x1, 0x7ff)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f00000000c0)={0x10000011})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r6, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r2}, 0x20) (async)
r7 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000040)='./file0\x00'}, 0x18) (async)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="090000000000000000000000000000000000000018b51a552b1f4cc121c53cffeafb45b92513078981f21ee2a83d5b19fd68d72c98330df92b82055b002b87f0b739e938e8b862f87aac8ac2bec50e8941d1c490eac2bc1b7febf5a5bb994a7fa56630f10543521663bee08673dede956b336b1504214d18d9dea9bc0d15ae22448c87187b587042d1ca", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000020000000400"/28], 0x50) (async)
r9 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000000280)={{}, {0x1, 0x5}, [], {0x4, 0x1}, [], {0x10, 0x1}, {0x20, 0x1}}, 0x24, 0x1) (async)
sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r9, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f40108807000008048000980280000f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a034e200000040100000000000000000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d4000980"], 0x21c}, 0x1, 0x0, 0x0, 0x20040010}, 0x4008804) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8}, &(0x7f0000000240), &(0x7f0000000100)=r7}, 0xa) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BATADV_ALGO_NAME={0xc, 0x1, 'BATMAN_V'}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

2.814478168s ago: executing program 2 (id=5584):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_ASSOCIATE(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x78, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1ff, 0x4a}}}}, [@NL80211_ATTR_FILS_NONCES={0x24, 0xf3, [0xfff, 0x8, 0x101, 0xb6, 0x8029, 0x9, 0x200, 0x0, 0x98, 0x9, 0xa1, 0xfff, 0x4, 0x8000, 0x4, 0xf]}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x3800000, {0x7f, 0x4, 0xc0, 0x5a6}}}, @crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x1c, 0x4c, [0xfac07, 0xfac04, 0xfac12, 0xfac0d, 0xfac0c, 0xfac0e]}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}], @NL80211_ATTR_FILS_KEK={0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x4800}, 0x24000004)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0xf, 0x0, 0x0, @uid}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r2, 0x89f9, &(0x7f00000008c0)={'sit0\x00', &(0x7f0000000880)={@empty, @broadcast, 0x1e, 0x12}})
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NL80211_CMD_ASSOCIATE(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x78, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1ff, 0x4a}}}}, [@NL80211_ATTR_FILS_NONCES={0x24, 0xf3, [0xfff, 0x8, 0x101, 0xb6, 0x8029, 0x9, 0x200, 0x0, 0x98, 0x9, 0xa1, 0xfff, 0x4, 0x8000, 0x4, 0xf]}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x3800000, {0x7f, 0x4, 0xc0, 0x5a6}}}, @crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x1c, 0x4c, [0xfac07, 0xfac04, 0xfac12, 0xfac0d, 0xfac0c, 0xfac0e]}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}], @NL80211_ATTR_FILS_KEK={0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x4800}, 0x24000004) (async)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0xf, 0x0, 0x0, @uid}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r2, 0x89f9, &(0x7f00000008c0)={'sit0\x00', &(0x7f0000000880)={@empty, @broadcast, 0x1e, 0x12}}) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0) (async)

2.764668342s ago: executing program 2 (id=5585):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x4, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x3, 0xe}}}, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0xffffffffffffffb1, &(0x7f00000000c0)={&(0x7f0000000000)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xe, 0xfff1}, {0x0, 0x6}, {0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'vlan0\x00'}]}}, @TCA_RATE={0x6, 0x5, {0x7f, 0x92}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x801)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.704233366s ago: executing program 2 (id=5586):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f00000000c0)={0x4f8, r1, 0x400, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x3, 0x2d}}}}, [@NL80211_ATTR_TX_RATES={0xb0, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x60, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xff7f, 0xffff, 0x1, 0x3ff, 0x52, 0xd4a1, 0x101, 0x1]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x16, 0xc, 0x1, 0x48, 0x6, 0x2f, 0x16, 0x48, 0x6, 0x2, 0x0, 0x18, 0x9]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x24, 0x2, [{0x5, 0x4}, {0x5, 0x8}, {0x0, 0x6}, {0x0, 0x5}, {0x7, 0x2}, {0x5}, {0x6, 0x2}, {0x5, 0x8}, {0x3, 0x6}, {0x7}, {0x2, 0x9}, {0x6, 0x8}, {0x2, 0x4}, {0x1, 0x9}, {0x7, 0x4}, {0x3, 0xa}, {0x5, 0x9}, {0x7, 0x1}, {0x1, 0x9}, {0x1, 0x9}, {0x4, 0x2}, {0x4, 0x7}, {0x0, 0x4}, {0x2}, {0x6, 0x2}, {0x3, 0x7}, {0x4, 0x4}, {0x7}, {0x7, 0x7}, {0x1, 0x1}, {0x4}, {0x1}]}]}, @NL80211_BAND_5GHZ={0x4c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x6, 0x15, 0x12, 0xf, 0x6c, 0x2, 0x24]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0xfff8, 0x7fff, 0xa64, 0x1, 0x9, 0x0, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x32c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x9c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x8, 0x200, 0xffff, 0x0, 0x0, 0x0, 0x9]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x36]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x3, 0x5}, {0x1, 0x1}, {0x2, 0x6}, {0x1, 0xa}, {0x4, 0x4}, {0x6, 0x7}, {0x3, 0x9}, {0x0, 0x5}, {0x1, 0x9}, {0x1}, {0x0, 0x4}, {0x2, 0x2}, {0x1, 0x1}, {0x3}, {0x1, 0x2}, {0x1, 0x6}, {0x5, 0x3}, {0x5, 0x2}, {0x7, 0x7}, {0x2, 0x9}, {0x0, 0x6}, {0x6, 0xa}, {}, {0x1, 0x9}, {0x6, 0x3}, {0x2, 0x4}, {0x3, 0x7}, {0x2, 0x5}, {0x6, 0x6}, {0x4, 0x2}, {0x6, 0x2}, {0x6, 0x1}, {0x6}, {0x4, 0x2}, {0x1}, {0x6, 0x2}, {0x3, 0x2}, {0x1, 0x4}, {0x2, 0x9}, {0x2, 0x7}, {0x7, 0x6}, {0x6}, {0x0, 0x5}, {0x5}, {0x5, 0x4}, {0x2, 0x4}, {0x7, 0xa}, {0x6, 0x4}, {0x5}, {0x0, 0xa}, {0x6, 0x3}, {0x1, 0x1}, {0x4, 0x8}, {0x7, 0x1}, {0x4, 0x6}, {0x1, 0x8}, {0x7, 0x4}, {0x2, 0x5}, {0x4, 0x6}, {0x0, 0x2}, {0x3, 0x9}, {0x5, 0xa}, {0x2, 0x9}, {0x7, 0x6}, {0x1, 0x8}, {0x6, 0x6}, {0x4}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x9, 0x1, 0x9, 0x93f1, 0x3, 0x8, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x23, 0x7, 0x7, 0x3, 0x6, 0x684, 0x6]}}]}, @NL80211_BAND_60GHZ={0x84, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x19, 0x1, [0x48, 0x16, 0x1b, 0x36, 0xc, 0x0, 0x4, 0x4, 0x3, 0x1b, 0x12, 0x2, 0xb, 0x24, 0x48, 0x4, 0x1b, 0x6c, 0x9, 0x30, 0x6f]}, @NL80211_TXRATE_HT={0x7, 0x2, [{0x3, 0x7}, {0x3, 0x9}, {0x0, 0x4}]}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x30, 0xb, 0xc, 0x1b, 0x36, 0x1, 0x36, 0x4, 0x9, 0x18, 0xb, 0x3, 0x48, 0x5, 0x4, 0x20f1be0d583c31f8, 0x6c, 0xb, 0x1e, 0x2, 0x5, 0x51c30a7430fc725b, 0x36, 0x0, 0x36, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x1ff, 0xc0c, 0x2, 0x9, 0x2, 0x8000, 0x4]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x12, 0x16, 0xb, 0x12, 0x2, 0x3b, 0x24, 0x36, 0x4, 0x9, 0x36, 0x4, 0x5]}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x36, 0x9, 0x48, 0x4, 0x6, 0x12, 0x1b, 0x6c, 0x60, 0x16, 0x16, 0x60, 0x60, 0x48]}]}, @NL80211_BAND_60GHZ={0xac, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3f, 0x2, [{0x6, 0x2}, {0x4, 0x3}, {0x2, 0x5}, {0x3, 0x6}, {0x1, 0x9}, {0x5, 0x7}, {0x6, 0x8}, {0x0, 0x2}, {0x6, 0x4}, {0x7, 0x9}, {0x5, 0xa}, {0x6, 0x2}, {0x6, 0x5}, {0x1, 0x5}, {0x2, 0x8}, {0x1}, {0x0, 0x1}, {0x2, 0x7}, {0x4, 0x4}, {0x6, 0x8}, {0x2, 0x6}, {0x2}, {0x4}, {0x5, 0x7}, {0x0, 0x7}, {0x1}, {0x1, 0x4}, {0x6, 0x8}, {0x4, 0x6}, {0x1, 0x9}, {0x6, 0x7}, {0x4, 0x6}, {0x0, 0x4}, {0x5, 0x8}, {0x1, 0x4}, {0x4, 0x7}, {0x3, 0x7}, {0x7}, {0x0, 0x8}, {0x6}, {0x1}, {0x1}, {0x6, 0x1}, {0x4, 0x3}, {0x1, 0x3}, {0x2, 0x1}, {0x0, 0x1}, {0x4}, {0x4, 0x7}, {0x5, 0x8}, {0x1, 0x5}, {0x4, 0x5}, {0x2, 0x1}, {}, {0x5, 0x9}, {0x5, 0x9}, {0x6}, {0x2, 0xa}, {0x1, 0x2}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xd, 0x9, 0x4, 0xd6d, 0x6, 0x6, 0x7, 0x1]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x3, 0x30, 0x16, 0x12, 0x60, 0x24, 0x0, 0x1b, 0x9, 0x6c, 0x48, 0x1, 0x5, 0xc, 0x16, 0x1b, 0x21, 0x18, 0x52204c1090089c94, 0x36, 0x6, 0x48, 0x9, 0x9, 0xb, 0x48, 0x24, 0x6, 0x30]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x5, 0x3, 0x0, 0xcc0e, 0x1000, 0x3]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0xfff, 0xf, 0x9, 0x8, 0x6, 0x588d, 0x4]}}]}, @NL80211_BAND_60GHZ={0x3c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x6, 0x72de, 0x1, 0x9, 0xb57, 0x1, 0x4]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x3, 0x9, 0x0, 0x80, 0x8000, 0x208a, 0x3]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x60, 0x6c, 0x48, 0x1, 0x6c, 0x48, 0x6c, 0x6c, 0x6, 0x1b, 0x6c, 0x63, 0x30, 0x4, 0x1b, 0x12, 0x48, 0x48, 0x1, 0x16, 0xe, 0xb, 0x16, 0x1, 0x48, 0xc]}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x36, 0x2, 0x18, 0x9, 0x4, 0x5, 0x24, 0x64, 0x0, 0x12, 0x2, 0x2, 0x60, 0x18, 0x30, 0x36, 0x3, 0x24]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x43, 0x401, 0x1, 0x1, 0xa922, 0x5f, 0x542]}}]}, @NL80211_BAND_2GHZ={0xb8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1d, 0x2, [{0x3, 0x9}, {0x6, 0xa}, {0x5, 0x2}, {0x1, 0x5}, {0x1, 0x2}, {0x3}, {0x3, 0x7}, {0x0, 0x8}, {0x5, 0x3}, {0x0, 0x4}, {0x4, 0x6}, {0x2, 0x7}, {0x4}, {0x2, 0x1}, {0x0, 0xa}, {0x0, 0xa}, {0x7, 0x3}, {0x4, 0x4}, {0x4, 0x5}, {0x3, 0x1}, {0x3, 0x2}, {0x6, 0x2}, {0x6, 0xa}, {0x4, 0x6}, {0x7, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x2, 0x0, 0x0, 0x5, 0x9, 0xd4, 0x21]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x3, 0x4000, 0xb, 0x9, 0xd, 0xd1e1, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x1, 0x62e3, 0x0, 0x0, 0x0, 0x4, 0x8]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x18, 0x2, [{0x1, 0x5}, {0x7, 0x6}, {0x6, 0x8}, {0x6, 0x4}, {0x1, 0x4}, {0x1, 0x5}, {0x6, 0x4}, {0x2, 0x3}, {0x7, 0x5}, {0x7, 0x8}, {0x0, 0x6}, {0x5, 0x2}, {0x6, 0x3}, {0x1, 0x6}, {0x0, 0x2}, {0x0, 0x4}, {0x6, 0x3}, {0x2, 0x8}, {0x2, 0x9}, {0x0, 0x5}]}, @NL80211_TXRATE_HT={0x1f, 0x2, [{0x6, 0x1}, {0x0, 0x4}, {0x2, 0x5}, {0x7}, {0x1, 0x5}, {0x0, 0x1}, {0x5, 0x8}, {0x4, 0x8}, {0x5, 0xa}, {0x2, 0x9}, {0x7, 0x5}, {0x2, 0xa}, {0x3, 0x3}, {0x0, 0x8}, {0x1, 0xa}, {0x0, 0x3}, {0x0, 0x4}, {0x7, 0x2}, {0x5, 0x3}, {0x7, 0x5}, {0x1}, {0x1, 0x4}, {0x6, 0x2}, {0x4, 0x2}, {0x7, 0x1}, {0x1, 0x4}, {0x4, 0x6}]}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0xf4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xb0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa8, 0x38, 0x6, 0x2, 0x400, 0xa, 0x6, 0xbbaf]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0xac1a483974a213ab}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x4, 0xc, 0x2, 0x6, 0x100, 0x5, 0x1e6]}}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x7}, {0x4, 0x4}, {0x0, 0x6}, {}, {}, {0x3, 0x6}, {0x0, 0x5}, {0x6, 0x5}, {0x0, 0x8}, {0x3, 0x2}, {0x0, 0x5}, {0x5, 0x3}, {0x2, 0x6}, {0x7, 0xa}, {0x6, 0x2}, {0x4, 0x6}, {0x4, 0x8}, {0x7, 0xa}, {0x6, 0x5}, {0x3}, {0x1, 0x8}, {0x4, 0x4}, {0x1, 0xa}, {0x0, 0x6}, {0x2, 0x4}, {0x6, 0x3}, {0x6, 0xa}, {0x4, 0x8}, {0x7, 0x2}, {0x5}, {0x5, 0x8}, {0x3, 0x4}, {0x1, 0x8}, {0x3, 0x7}, {0x1, 0x3}, {0x1, 0x6}, {}, {0x6, 0x2}, {0x1, 0x6}, {0x0, 0x5}, {0x0, 0x3}, {0x4, 0x3}, {0x7, 0x6}, {0x5, 0x1}, {0x1, 0x6}, {0x0, 0x4}, {0x3, 0x7}, {0x7, 0x2}, {0x7, 0x5}, {0x0, 0x5}, {0x2, 0xa}, {0x2, 0x5}, {0x1, 0x6}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x85c, 0x3, 0x0, 0x376d, 0x200, 0xae6, 0x9, 0x1]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x549b, 0x4000, 0x8, 0x1000, 0x9, 0x0, 0x101, 0x5]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x18, 0x24, 0x1b, 0x4, 0x1, 0x5, 0xc, 0x9, 0x9, 0x18, 0x30, 0x55, 0x12, 0x3, 0x12, 0x24, 0x60, 0x48, 0x12, 0xc, 0x16, 0x30, 0x6c, 0x18, 0x1b]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x6, 0x5, 0xa, 0x7, 0x4, 0xd, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x4f8}, 0x1, 0x0, 0x0, 0x1080}, 0x1)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000640)={{0x1, 0x1, 0x18, <r3=>r0, {0x4}}, './file0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)=@ipv4_getrule={0x1c, 0x22, 0x400, 0x70bd26, 0x25dfdbfb, {0x2, 0x0, 0x20, 0x55, 0x0, 0x0, 0x0, 0x3, 0x10000}, ["", ""]}, 0x1c}}, 0x80)
sendmsg$NFT_MSG_GETSET(r3, &(0x7f0000000e40)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000e00)={&(0x7f00000007c0)={0x608, 0xa, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFTA_SET_DESC={0x3b8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x58, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf1ea}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb05}]}, {0x4}]}, @NFTA_SET_DESC_CONCAT={0x140, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x40}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfff}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xbb90}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x54, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8001}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3acf80}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa9b}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x400}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xba2}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb60}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xbad}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x745d8dbd}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x48bf}]}]}, @NFTA_SET_DESC_CONCAT={0x54, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffd}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8b9d}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}]}, @NFTA_SET_DESC_CONCAT={0x5c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0x4c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc37}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x769a}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2067bd8c}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xa2de}, @NFTA_SET_DESC_CONCAT={0xdc, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3e00}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1000}]}, {0x4}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8e}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff7}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x400}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x40}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1c199910}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff7}]}]}, @NFTA_SET_DESC_CONCAT={0x88, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x10}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1bee}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1ff}]}]}]}, @NFTA_SET_EXPRESSIONS={0x134, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x13}]}}}, {0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}, {0x50, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x37}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x101}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0xd}]}}}, {0x60, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0xcd}, @NFTA_BYTEORDER_OP={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_BYTEORDER_DREG={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_BYTEORDER_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0x4c}, @NFTA_BYTEORDER_DREG={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0x50}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0xbe}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0x84}]}}}, {0x10, 0x1, 0x0, 0x1, @range={{0xa}, @void}}]}, @NFTA_SET_EXPRESSIONS={0xfc, 0x12, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_LEVEL={0x8, 0x3, 0xdb}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x14}]}}}, {0x34, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_REJECT_TYPE={0x8}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}]}}}, {0x1c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}]}}}, {0x5c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x13}, @NFTA_QUEUE_SREG_QNUM={0x8}, @NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x6}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x12}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x4}, @NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0xd}, @NFTA_QUEUE_TOTAL={0x6, 0x2, 0x1, 0x0, 0x5}]}}}, {0x28, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x7}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}]}}}]}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}, 0x608}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ec0), r3)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r4, &(0x7f0000001000)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f00)={0xa8, r5, 0x800, 0x70bd2c, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2c80}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8}}]}, 0xa8}}, 0x28000040)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r6, &(0x7f0000001040)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001080)=0x14)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001100), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_REMOVE(r8, &(0x7f00000011c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001180)={&(0x7f0000001140)={0x3c, r9, 0x300, 0x70bd25, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2400c000}, 0x1000)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x34, r1, 0x10, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x2, 0x50}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x400, 0x4d}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000004}, 0x4)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000001300)={0xffff, 0x1, 0x1, 0xffff, 0x3})
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001380), r3)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000001440)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001400)={&(0x7f00000013c0)={0x3c, r10, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7fff}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048091}, 0x4000)
newfstatat(0xffffffffffffff9c, &(0x7f0000001480)='./file0\x00', &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, <r11=>0x0}, 0x2000)
quotactl_fd$Q_GETFMT(r6, 0xffffffff80000400, r11, &(0x7f0000001540))
r12 = memfd_secret(0x80000)
bind$802154_raw(r12, &(0x7f0000001580)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)
setsockopt$inet6_IPV6_IPSEC_POLICY(r12, 0x29, 0x22, &(0x7f00000015c0)={{{@in6=@rand_addr=' \x01\x00', @in=@private=0xa010100, 0x4e22, 0x5, 0x4e23, 0x5, 0x2, 0xc0, 0xcf67ef93ba8df3eb, 0x0, r7, r11}, {0x6, 0x4, 0x10000, 0x0, 0x1, 0x5, 0x2, 0x5}, {0x4, 0x7, 0x7, 0xb}, 0x2, 0x6e6bc0, 0x2, 0x1}, {{@in=@local, 0x4d2, 0x3c}, 0xa, @in=@local, 0x3501, 0x1, 0x1, 0x4, 0x6, 0x4, 0x3ff}}, 0xe8)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r8, &(0x7f0000001780)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001740)={&(0x7f0000001700)={0x30, 0x0, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0xf}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40040}, 0x80)
setreuid(r11, r11)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r12, &(0x7f0000001880)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)={0x30, 0x1406, 0x8, 0x70bd2d, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x45}, 0x0)
r13 = syz_genetlink_get_family_id$tipc(&(0x7f0000001900), r0)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000001a00)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000019c0)={&(0x7f0000001940)={0x68, r13, 0x10, 0x70bd2c, 0x9, {{}, {}, {0x4c, 0x18, {0x6, @link='syz0\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4000800}, 0x10)
ioctl$VIDIOC_G_EDID(r3, 0xc0285628, &(0x7f0000001a80)={0x0, 0x25e, 0x7, '\x00', &(0x7f0000001a40)=0x3e})

2.633663633s ago: executing program 2 (id=5588):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000000000040de28021100000000000109022400010000d00009040004010300000009210100f90122050009058103"], 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', 0x0, 0x0, 0x1)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd0600ffdbdb252100000020000300", @ANYRES32=r5, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}}, 0x28000)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x18, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

1.703196251s ago: executing program 8 (id=5601):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
execve(&(0x7f0000000100)='./file2\x00', 0x0, 0x0)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x80000006}, 0x1c, 0x0, 0x0, 0x0, 0x18}}], 0x1, 0x40000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000007d0a0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002e00090027bd7000fedbdf250400000008001a80040004"], 0x1c}, 0x1, 0x0, 0x0, 0x42804}, 0x84)

1.579850374s ago: executing program 40 (id=5601):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
execve(&(0x7f0000000100)='./file2\x00', 0x0, 0x0)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x80000006}, 0x1c, 0x0, 0x0, 0x0, 0x18}}], 0x1, 0x40000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000007d0a0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002e00090027bd7000fedbdf250400000008001a80040004"], 0x1c}, 0x1, 0x0, 0x0, 0x42804}, 0x84)

1.534408619s ago: executing program 3 (id=5603):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x300024)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x4000040)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000240)={[0x1fffffffff, 0xb, 0x80006, 0x4000000000000e51, 0x7, 0x547a, 0x103d, 0x200000000006, 0x0, 0x5861, 0x5, 0x1, 0x0, 0x40000000009, 0x40000000080a8d, 0x800000068], 0x30000, 0x4000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r8, 0x4048aec9, &(0x7f0000000380)={0x3, 0x0, @ioapic={0x1, 0x1, 0xf, 0x0, 0x0, [{0x2, 0x2, 0x0, '\x00', 0xd}, {0x4e, 0x7d, 0x7, '\x00', 0x9}, {0x0, 0x9, 0xa, '\x00', 0x7}, {0x2, 0x81, 0x1, '\x00', 0x3}, {0x81, 0xb, 0x0, '\x00', 0x6}, {0x7, 0xd, 0x7, '\x00', 0x1}, {0x4, 0x8, 0xf6, '\x00', 0x4}, {0x1, 0xff, 0xf5, '\x00', 0x2}, {0x4, 0x7, 0x8, '\x00', 0x5}, {0x3, 0x81, 0x9, '\x00', 0x4}, {0x6e, 0x1, 0x40, '\x00', 0x53}, {0x8, 0xf9, 0x5, '\x00', 0x7}, {0x7, 0x5, 0x0, '\x00', 0x80}, {0x5, 0x5, 0x0, '\x00', 0x1}, {0xff, 0x1, 0x2, '\x00', 0x80}, {0x1, 0xc, 0x67, '\x00', 0x3}, {0xfb, 0x4, 0x9, '\x00', 0x7}, {0x7, 0x5, 0xf, '\x00', 0x6}, {0x7, 0xfe, 0x46, '\x00', 0x7f}, {0x7f, 0x0, 0x8, '\x00', 0x7}, {0xf9, 0x5, 0xc, '\x00', 0x5}, {0x5, 0xdd, 0x8, '\x00', 0x5e}, {0x2, 0x9, 0xee, '\x00', 0x1}, {0xf, 0x4c, 0xf7, '\x00', 0x8}]}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000240)="8f0978d21b640fc79ca50000c0fe470f06430f01c2440f20c0ac0a0000e39d9d0f22c066460f38809bf77f00000f214a0fc73d0d0000003e653666400fc7775f400f01c4", 0x44}], 0x1, 0x10, 0x0, 0x0)

1.074960967s ago: executing program 3 (id=5608):
ioctl$XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000680)="76389e6a65585578f830e9000000", 0x0, 0x10001, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r4, &(0x7f0000000080)={0x2, 0xe26, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10)
connect$inet(r4, &(0x7f00000002c0)={0x2, 0x4620, @empty}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x71, 0x141301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x2fe, 0x3ff, 0x0, 0x0, 0x0})
setsockopt$IP_VS_SO_SET_TIMEOUT(r4, 0x0, 0x48a, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50226bd70000100000007000000", @ANYRES32, @ANYBLOB="1b0001"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x20000100)
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000180)={0x0, 0xbc})
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @none, 0x7ff, 0x1}, 0xe)
r7 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r7, 0x400442c8, &(0x7f0000000a00)=ANY=[@ANYRES64=r6, @ANYBLOB="a7d25f22842f5cc09943e22009e3"])
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000001640), r5)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000016c0)={&(0x7f0000001680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="200028bd7000fddbdf2510000000050030000100000008003c0007000000080034000300000005002e000100000005002a0000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x24000810}, 0x40040)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r9, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x9}, &(0x7f0000000040)=0x8)
ioctl$BTRFS_IOC_START_SYNC(r9, 0x80089418, &(0x7f0000000080)=<r10=>0x0)
timerfd_create(0x7, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r9, 0xc400941d, &(0x7f0000000200)={<r11=>0x0, 0x0, 0x1000})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000600)={{r0}, r10, 0x0, @inherit={0x70, &(0x7f0000000100)=ANY=[@ANYBLOB="16cc15498ab996510500000000000000010001000000000001000000000000000600000000000000420a000000000000ff7fffffffffffff00000000000000800000000000000000ffffffff000000000001000000000000060000000000000006000000119500000500000000000000"]}, @devid=r11})
r12 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_JOIN_FILTERS(r12, 0x65, 0x2, 0x0, &(0x7f0000000040))

1.074162624s ago: executing program 9 (id=5609):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00')
write$cgroup_int(r0, &(0x7f0000000440)=0xffffffff, 0x12)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x8)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000380)='./bus\x00', &(0x7f0000000000)='f2fs\x00', 0x800401, &(0x7f0000000040)='usrquota')

1.027098332s ago: executing program 9 (id=5610):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x4000040)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000240)={[0x1fffffffff, 0xb, 0x80006, 0x4000000000000e51, 0x7, 0x547a, 0x103d, 0x200000000006, 0x0, 0x5861, 0x5, 0x1, 0x0, 0x40000000009, 0x40000000080a8d, 0x800000068], 0x30000, 0x4000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r5, 0xae80, 0x8d03)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000240)="8f0978d21b640fc79ca50000c0fe470f06430f01c2440f20c0ac0a0000e39d9d0f22c066460f38809bf77f00000f214a0fc73d0d0000003e653666400fc7775f400f01c4", 0x44}], 0x1, 0x10, 0x0, 0x0)

934.056177ms ago: executing program 3 (id=5611):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_GET_PROPERTY(r0, 0x80106f53, &(0x7f0000000000)={0x22, &(0x7f0000000140)=[{0x13, '\x00', @data=0x3, 0x9}]})
r1 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
getgroups(0x2, &(0x7f0000000840)=[0xee01, <r2=>0xffffffffffffffff])
getgroups(0x2, &(0x7f00000000c0)=[r2, <r3=>r2])
setresgid(r2, r2, r3)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) (async)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000b00)={{{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x5, 0x0}, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x10, 0x1}, {0x7fe000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {0x0, 0x0, 0x3}, 0x0, 0x0, 0x1, 0x1}, {{@in=@rand_addr=0xffffffff, 0x4d6, 0x32}, 0x2, @in6=@remote, 0x0, 0x2, 0x0, 0xb7, 0xb, 0x81}}, 0xe8)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) (async)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x2, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x9, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xf, 0x1a, 0xf2, 0x10, 0x9, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0xaa80, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x1, 0x10000, 0x405, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xc0000000, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x9a7f, 0xe665, 0x3c6e, 0x3, 0x7, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x6, 0xa, 0x1b, 0x202, 0x2, 0x5, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0xa0, 0xf, 0x8, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0x9, 0x664, 0x4, 0x9, 0x9, 0x2, 0x8, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x6, 0xe6, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x201, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x8000103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x4, 0x5, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x7, 0xc4c, 0x45e3, 0x5, 0x1, 0x3, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0x200000ce, 0xf, 0x0, 0x5, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0xc, 0x3, 0x5, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x4, 0x10, 0x8, 0x9, 0x5, 0x3ff, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xfff7, 0x2, 0x89, 0x2, 0x6, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x2, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0x6, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x800001, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x5, 0x7fff, 0x103, 0x7, 0x6, 0x709, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x3, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0x3, 0xffffa9b4, 0x1, 0x4, 0x5, 0xd58, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x40000001, 0x80000000, 0xb, 0x0, 0xc8d, 0x1, 0x7, 0x8, 0x1, 0x89, 0x6, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x8000005, 0x4, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x20000005, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xfffffffc, 0x9, 0xffffa0a6, 0xc, 0x11, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x6, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0xb, 0x0, 0x7, 0x8000000, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x4, 0x4b14, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x2, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x9, 0xffffc487, 0x204, 0x10002, 0x1000, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x5, 0x3, 0xffffffff, 0x2, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0xfffc, 0x80000001, 0x5, 0x1, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0x0, 0x80, 0x3, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x193, 0x8, 0x0, 0x5, 0xf, 0x3, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x4007, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x1, 0x2, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x1, 0x3, 0x9, 0x1, 0x80000000, 0x9, 0x0, 0x5, 0x800081, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x4, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fef, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0x4, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0xffffffff, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0xfffffffc, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x1, 0x6, 0x14827783, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xa, 0x3, 0x9, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x80, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffe, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x9, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x6, 0x2, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x1, 0x5, 0xfffffff7, 0x7, 0x7, 0x4, 0x6330, 0x0, 0x6, 0xea, 0xbb2d, 0xfff, 0x7, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0x9, 0x6, 0x80, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0xf01, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x2000008, 0x2000a, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x9, 0xa3, 0xffff, 0xfffffff9, 0x9, 0x4, 0x62, 0x2, 0x1, 0xfffffffa, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x42, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x8, 0x7ff, 0x0, 0x40, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x0, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0x101, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x401, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x12d8) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0xa0200, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r5, 0xa4044d07, 0x0) (async)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) (async)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) (async)
sendmsg$rds(r8, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x6, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@zcopy_cookie={0x18, 0x114, 0xc, 0x1}], 0x18}, 0x0)
r9 = accept4(r7, 0x0, 0x0, 0x0)
sendmmsg$alg(r9, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
ioctl$int_in(r9, 0x5452, &(0x7f0000000500)=0xd0) (async)
recvmsg$can_raw(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000780)=""/4096, 0x1000}], 0x1}, 0x40000003) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=@ipv4_deladdr={0x17, 0x15, 0x1, 0x80}, 0x18}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

933.715311ms ago: executing program 3 (id=5612):
fchmodat(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0xe544f629dfdf0c67)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='gfs2\x00', 0x4090, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0xb, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x12, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="e5000000000041000000000000000000610408000000000095000000a938db871748cd512bd463c4645167d2d8b789ec28305ddd80c0bb86794d49bea6a0f2f727ce25d5d058985a2a46b72096169d6357453c0e8b6bfde01b4e849db827e85cea5ecced4a6f38d55ebbddbd24490f7fb712f4669ce55bfe5baf7d4d01901442cd8a94055a50dd187e6e783b80a8d208f1da3db459c467c51542a0945c86f9296a52a188f78ab1ff438e339f2b638463b231dbbe7422e2c9c10ef2c96e6a68ad5e92886c78dbb07ca37064ac6cb8595196050b650ab37beddf81c714204c27e1448f48ce296f9d5e3f72f655a1e5a52808a1142bbc46c2c6fb0684f994ddbdd1bb9d4adf4220fa7929c41ff871e5da631c9719a3ed1f9911ff03a034944aa8635b0cddc1a5a0707d40f2fd5d6e14"], &(0x7f0000003ff6)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000c40)={0x44, 0x0, &(0x7f0000000b00)=[@reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000440)={0x30, 0x30, 0x30}}}], 0x51, 0x0, &(0x7f00000009c0)="762368876b37ebedc36f8541ec40089d30e40c9e1aa259021fbb285688851adaf471e22d68d75736ae4b6c83315e69edc11f6f4f0992edca1539bd1568d836862dcd0ea6c1f9ae5f8cb3140ab0f8477015"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0xffffff16}}, './cgroup\x00'})
mkdirat(r4, &(0x7f0000000140)='./cgroup\x00', 0xf8)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4603240095028000000000000003003e0001010000940200000000000040000000000000004d02000000000000f6ffffff000038000100fdff81000808030000000400000000000000000000e70a00000000000000010100000000000006"], 0x78)
close(r5)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r7 = syz_open_dev$dri(&(0x7f00000002c0), 0x7, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r7, 0xc02064b9, &(0x7f0000000280)={&(0x7f0000000400)=[<r9=>0x0], &(0x7f0000000280), 0x1, r8})
ioctl$DRM_IOCTL_MODE_ATOMIC(r6, 0xc03864bc, &(0x7f0000000040)={0x0, 0x1, &(0x7f0000000380)=[r8], &(0x7f00000003c0)=[0xf], &(0x7f00000000c0)=[r9], &(0x7f0000000180), 0x0, 0xff})
read$FUSE(r5, &(0x7f0000001040)={0x2020}, 0x2020)
quotactl_fd$Q_SYNC(r4, 0xffffffff80000102, 0x0, 0x0)

664.930518ms ago: executing program 9 (id=5613):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x81}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
write$P9_RSTATu(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f0000000000000050000000000000081ffffffffffffff0000000000000000000000000000000000001f0004"], 0x232)

664.661173ms ago: executing program 9 (id=5614):
r0 = socket$inet6(0x10, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xffeffffc}, {0x16}]}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x9, 0x3, 0x0, 0x7}, {0x6, 0x40, 0x5, 0x8}]}) (async)
sendto$inet6(r0, &(0x7f00000002c0)="100000001200050f0c1000000049b23e", 0x10, 0x0, 0x0, 0x0)

664.343474ms ago: executing program 9 (id=5615):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) (async)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000240)=0x2, 0x12)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x14)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_ENABLE_HIGH_LNB_VOLTAGE(r2, 0x6f44, 0x7fffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0) (async)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x220c) (async)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x3) (async)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r8, 0x0) (async)
r9 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000012000301000000000000000000009db7000000000000010004000000000000000000000000000000000000000000000000000000691d0f76e77044d1eb94e56239e4"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) (async)
r10 = openat(r0, &(0x7f0000000080)='./file0\x00', 0x4080, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0xffffffffffffffc0) (async)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) (async)
r11 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="12e0"], 0x1000f)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

577.127081ms ago: executing program 9 (id=5616):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r4], 0x20}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x4000040)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000240)={[0x1fffffffff, 0xb, 0x80006, 0x4000000000000e51, 0x7, 0x547a, 0x103d, 0x200000000006, 0x0, 0x5861, 0x5, 0x1, 0x0, 0x40000000009, 0x40000000080a8d, 0x800000068], 0x30000, 0x4000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r8 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c000090400000207010100090501020002"], 0x0)
syz_usb_control_io$printer(r8, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r9, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x24, 0x4, 0x8, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x550}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}]}, 0x24}, 0x1, 0x0, 0x0, 0x28c16562e159cd74}, 0x4)
r10 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pwritev2(r10, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0)
syz_usb_control_io(r8, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x3f00000000000000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000240)="8f0978d21b640fc79ca50000c0fe470f06430f01c2440f20c0ac0a0000e39d9d0f22c066460f38809bf77f00000f214a0fc73d0d0000003e653666400fc7775f400f01c4", 0x44}], 0x1, 0x10, 0x0, 0x0)

4.406949ms ago: executing program 3 (id=5617):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_G_JPEGCOMP(r0, 0x808c563d, &(0x7f0000000040))
ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x0)
r1 = getuid()
getgroups(0x9, &(0x7f0000000140)=[<r2=>0x0, <r3=>0xffffffffffffffff, <r4=>0xee00, <r5=>0xffffffffffffffff, 0xffffffffffffffff, <r6=>0xee01, 0xee01, <r7=>0x0, <r8=>0xee01])
lchown(&(0x7f0000000100)='./file0\x00', r1, r8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r9, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x14}, 0x4000010)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(0xffffffffffffffff, 0xc0045540, &(0x7f0000000200)=0x1)
setgroups(0x9, &(0x7f0000000240)=[r7, r5, r7, r8, r8, r6, r3, r7, r2])
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000280)={0x7ff, [0x1, 0x1, 0x3, 0x6, 0xf285, 0x5, 0x9, 0x2, 0x9, 0x9, 0x85, 0x7, 0x7, 0x6, 0x6, 0x5, 0x5, 0x3, 0x9, 0x81, 0x973, 0xfff, 0x8, 0x3ff, 0x0, 0x0, 0x0, 0x1a52, 0x18e0, 0x3, 0x8, 0x0, 0x9, 0x3, 0xf6b5, 0x9, 0xb, 0x7, 0x2, 0x1, 0x98, 0xb, 0x6, 0xf3, 0x0, 0x7, 0xa, 0xef39], 0xe})
lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r10=>0x0, <r11=>0x0})
getgroups(0x2, &(0x7f00000003c0)=[r8, r11])
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r9)
sendmsg$NL80211_CMD_REQ_SET_REG(r9, &(0x7f0000000600)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000480)={0x128, r12, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x3}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_REG_RULES={0xfc, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x1}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2c}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x80}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8001}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x1}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x5}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x800}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x8}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xffffffff}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xd}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x6}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x1}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x8f}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xa}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1fa9}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x7}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xff}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x9}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7}]}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x9, 0x9, 0x4, 0x20100, r0, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x5}, 0x50)
r14 = socket$unix(0x1, 0x2, 0x0)
r15 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000880), 0x0, 0x0)
r16 = syz_open_dev$dvb_dvr(&(0x7f00000008c0), 0x3683f920, 0x10000)
r17 = landlock_create_ruleset(&(0x7f0000000900)={0x200}, 0x18, 0x0)
r18 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000940), &(0x7f0000000980)=0xe, 0x0)
r19 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0), 0x1090c0, 0x0)
r20 = openat$incfs(0xffffffffffffffff, &(0x7f0000000a00)='.pending_reads\x00', 0x20000, 0x1d2)
r21 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r22 = fcntl$getown(r9, 0x9)
r23 = fcntl$getown(r0, 0x9)
getresgid(&(0x7f0000000fc0), &(0x7f0000001000), &(0x7f0000001040)=<r24=>0x0)
r25 = socket$isdn(0x22, 0x3, 0x23)
r26 = accept4(r9, &(0x7f0000001080)=@generic, &(0x7f0000001100)=0x80, 0x800)
sendmmsg$unix(r14, &(0x7f0000002cc0)=[{{&(0x7f00000006c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000840)=[{&(0x7f0000000740)="f202b3f3bd86c483c4bf9630a090b9fefb438e2d828a329a3ddbb80f0d2867723c5ea85e1a9cd276808fa81abac807e87b6f139e1b406c7f89b9133054e04d517d2038d3dd7ff47d74c300ad0de82c34beb39cfb5c742ae8e18bce9d637c9847d66624b133dab8b447091b6b4f3c049ed296365b03e6409f2ede6936f23b0e185edf6fb20fd4d26519a7814c0d77663dbfe42e694b6897056aaee9890a6eda48528927d0229d39868522180463769a655ac9b64bad161ecf2e931e1926771cbf3f542cbc55a2a9974210dbbd86655cc0b9922048e2dbbd542a4515", 0xdb}], 0x1, &(0x7f0000000a40)=[@cred={{0x1c, 0x1, 0x2, {0x0, r1, r5}}}, @rights={{0x28, 0x1, 0x1, [r13, r9, r15, r9, r16, r13]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r10, r4}}}, @rights={{0x34, 0x1, 0x1, [r0, r0, r0, r17, r0, 0xffffffffffffffff, r13, 0xffffffffffffffff, r13]}}, @rights={{0x18, 0x1, 0x1, [r9, r13]}}, @rights={{0x30, 0x1, 0x1, [r18, r0, r0, r13, r19, r13, r20, r9]}}], 0xe8}}, {{&(0x7f0000000b40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000bc0)="c53790f00e229b3b754f2f50f5807b5da0e4b751940b60f9d65eb8fe1e9eb0113f45f9fc0d54cddbc765903e7fb90537b1c8c8e34bd9cef655de7f505ddce52e219d6204271b5f875c06366f81a97aac3095b36e947fa09495d3a201d402875d406fee47599d723067a81f22224c2ea96f8ff399aad99d0c87dee44dc1a1de88d6cab5683e25c84e90add9d3af92d0111616966d7e9fa481f73b1efc13", 0x9d}, {&(0x7f0000000c80)="d2e39a9f9ab462091d51897b193364dd806a318a4dfe20f1e9a9087a3e7302d963ffe0f4b9695fed85643bb5761122b05159337d3c959b01039036103a7e206f9fccdd94b30243512c46921b1e426a94d526fa3e69e76c620b8177ef2138842b1f18185718f75ede7638eff02e55c5d6d05718b3b32e7e97aa9fe97b8308a44c791f8c7973005aff2981feadad03e51b67b6691e0d996c4daccf95304623989b315bbf6cc174a34e0bb48f7125595d6eac3ae0748431bb3262f76d14b4370164effae19af1d300d9fa43b36291b0da740b6e632b5c6699e4238b96fd35574b02b4cc1549a3e2984beb4781c2", 0xec}, {&(0x7f0000000d80)="4e684fbf358aeacabf78d7c61011fc1a07a9e8d89f8e838c5d693008380901c0f4bfdad0b8881208dad55e27842ca26a20f39a20", 0x34}, {&(0x7f0000000dc0)="8550c94e3e749a14acd23257141cdc7c2b7063dc7c86af21038713e51f1edab4716bd0c49f2c60911aa8065826f3c8deb65ee96c51ad211c5321b68aa29345b24fca5c0d5aad32166e1ac0ab3a7c4d5793390fbdd4b9bf55804ee7af5927c992190a6b443f014128f1257cf7b4bf8e310e866ccd8381d7edac4fc00375b9495ec8303e36950dfbdf2267d1adb662a05ad58e655f564153", 0x97}, {&(0x7f0000000e80)="a53d2aee96206d3182924763952f94a149a74b75a551cdd738b241d20142c21aba05", 0x22}, {&(0x7f0000000ec0)="2941604ab4c916b63a8efcca7caf602371d9ed2a6a98df9f1cda56eccb54e751e97226c5ae4648b98ca84b9c5d576c1e2f1721310b31dd3a905e0063ae222a56fb426f83f58149d15a4cdaafe733cb6650a30d2eae9cff16799c829de7c05242a5cbbc1e3daf2c187f321a9eaa529ebd7f3669a6eec0b2c0847ded8ca0f7c1a7", 0x80}], 0x6, &(0x7f0000001140)=[@rights={{0x24, 0x1, 0x1, [r0, r13, r0, r9, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [r0, r9, r13, r9, r9, r13, r21]}}, @cred={{0x1c, 0x1, 0x2, {r22, r1, r5}}}, @cred={{0x1c, 0x1, 0x2, {r23, r1, r24}}}, @rights={{0x28, 0x1, 0x1, [r25, r13, r9, r13, r13, r26]}}], 0xc0, 0x4044041}}, {{&(0x7f0000001200)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002280)=[{&(0x7f0000001280)="b481783dc85d597fd3b005bd32d7f7150d4ca6ed6ead75c78718b66d87b1da22accd07222a2dbd7d70111da8f51ad0226cce6919b7c738074a2ed064e03aceb50a9b0a9de8184d544678306ca71eac09be1763380c174e8792ef801ee10c6358cdb49accedba665227ed3849099a0e0fd917679376d3e5ba713620235d0f6d4ff25d60f7047595aff18486bdc3dcb738dc83351e2d46dd6dd6d31db524c5ecdff05db6a86d0fec89caaa542543f8fc30922e1f30c4bbbbd6f9873d9d676596582a135c3a4092f39d9b0cf741c4a6b76f05512ec06fd9375aa8d24f2a1ac530a9f22e19277c5524544986ecc7f9ed8f10f085a1b4d026446e33b0332af2db2d074ed27f233a5ae26810386b0eabcb8d605a1282dbecea87af7b151f88b2b321c96f592655d4a278dc182b25e51b24b1f09c4950a50aea8000223cce3be5a546e9a19fe808c30a65f68780977752a1ed8f3a8889963ee0d9f57f2e4be1df90898e90b8ebf0202107e1ec3628f48369a4838ebd86b36d8eae4cff6c06d6937ce6d9f1dfe90faea369a2200552bbc5b188edb18aee525191dd578175c053bcab7f7b7a5e05abd96f257d2398a7cf6b4a7b325ffc9f369273df468804f61b7a937d93493ef499eeb59ad8ecb1a00e08752f0292a5211d0f6051699dec034f7724958d56637bfee4935141471fc07f09ffd56af8c8ee72b165c5f91a086a8f81d6aac70d7b0d338010ff5e7b4f85515db5d6acc23f6ac5a131a32187184acff31a8e1c74607cf1a2c668189e5b7c1ba2a56ac1e6cc59cd1a057925dbb4ba7a958cf85c3b644e22022835be0d877f62213366701d287ceb7e0dea8740641f3027796ba110b2c651f49760ada584ec7db8d6a596da37a65a9d95e88ff9a3a4b0a65d8c515196e0b1e12b0b1f5e1d15fcf1649e53a85bf8a0d7e7abb3d0f16933f694679389bb27d76a9fe524cfb2e1687169b53d93dd9611c327f6b76da3b688dbcfa248e7f9c98cf0f8c50633c14effb689a356abb1d16b6dd4700b0e0dd4fd1d75c52260f29d2693a51043ee23aac62c2f5c71108c82a944c100281565d5e444f6dfc6c8ae715c829eef90a46f2dae887d063df62cabd1ee3ce7f8e5b8ecedb6f40e00c01f79ab5794ce3e2e7f5a0e76aa89946ea320eccad92011eaee8596e0d24f5df000f3d6233f59c2acc87cb467259ce8e2dd191f494797686e40b2723d4e3bb5429c4bb6466075fbc0ab73cbfcb4d9c6b4928eb23b7c47dbc3c50c9f31d9a015f0008d7afc157101ba1f88bfd5574e299aa13beb9b612c2d5b2c59fba1384e3ff29163bcaa3cdd32336868bcd4e423a11b125265b7449465531b93c0f8faf746f67fceb732cb08e3ee95973af2805330066ead361b9e44c5733a97e27b9c63943595c0800ed676901161c89aafa66376ac4e44efb770fc91b8ae776772ababd6d015385b196a3f23c0bc34412ec0293ec267e403cf61e477959a8ba84205114f7bebc699878914d4aa85c7f562e5f7a0a6e13d890ba9fe6b2b31cfd1330b38e0f8eaa1047f1c1b6830ab6d8e95b63d4725df72a53ce93974cb1757fd8a12eca963ef109a3049a512b7f491102713fafef4ad62ede8e982fd130a7a67e58ad14e2631833078a494e6363fe0ae459c9b87e149cea780763b4db575991d4ccdb48a8de9c33d13d02039b5db8e7a2f08a86b686f7ce1ca95c31d975399903540863354e16346fd17f139e93f994c979e90d17d9dd96c4d1b5a028692463d987fd1a4c6e61f8e6226bda2e2883688461aef0bf02e369767b98947817a95bf2e1739ec31d325af8e9d95cc439a16e8d028e93eb46727fb820f22acc777441010d00910388bf4d4fb95671738e39a4132e55bbd004d56336df79523e17f83e46b270757934408d02f1cedec8fd5f8fb018f7d486c7a93e6c67f4430cd058fb284757c05f6973cf4432b7adde4f9c5df7b904fe3d60fc1ffd617418acba4e247043613bb1e6e58b982b628b17c6d19f0126f1e3ff1461d4e0a99b57fd4bbd5c08194f98b87d520f1e6d939e81531290143e9b59667a7090d84ab398e7a674dcbc86abdeb07b326c342409083c80a1e95450f063ac6e2939fc344f2b4fef6dfcb2638b381d20a18d681bf1c15210e511b95e6a86c4502d1bbf08f5418ce3b84d7c1955ae29c53ebe1d445ecbdb0ea376aa452b855ff8439dcf32202e9e8d75a0fe2c86fe0bd821e5ac78bf310425fb1379163010f7ee5c20f73405adb51d0c516de95799152c1cd650ae488a685aa19328bcf9eb4a5d733bf412bada59a063c6ba7ac664d5ea4d5ac5005a304ed0246bd72adb43f6cdb9a0c5527a30f776fa208e58de0cbce9da94989ebebec109299442dfcd6ba9c5bf86463802253e24b3f4dfc4a4f1729934b9c6a2601e62b414a6b77bedc1f6bfa7b5cdb1f4e05ff6c2fb413309319867841395629bdf1830b7775dec369b29869a10eadc53ea48e43710420165e2c6b4a130c44582b29f4dfa52468c1bf95caa1b2984cbd0cd28bbb2c9ee849703656093fe58b10c809f45cb5b3e06900c2511935b67798638310497a6caa2a850d3663cb36f4e55cec298124f2ad739aec7d97ee6b75228d79a2889c4ab66308c8f69e74253530e23d6388590c30cda069c08859351f932c0a211a694849c5bbcf88cb87c25cd6f8f13fb1ef0d9391eb1ab485a058bc72b26a7c3213578e7bbeeccb60b095a1bd3fdcf311b1d4ed404ae11824d017411e0fcd6b9377056c355369fea42b2780516cb229db4741dc7993bc91bd7a111caf57cfebbaf3cfe0f4c3d2b6a7eebe8855fc32fec54cab4463136a284778185198b4899565537cabf27e8721f12323c5d576bb12a83483743f55507388981da6f9d8ffe4c99f26b8624d466beb92987286a62104b4bd6f879ee0d8dd5f16c490c59f427142287e1d9e54087678dd78f6071c2c8d2fdfbf7cb0654cefca028e7be79a5be3084d4a2a61f46df7956d702a9237af88f4a432315ecf4ecac85964b48949b178e8601aa18ab03dbdac692d7a0b51dcf458840e9a021abb54c1a87ae55fbfe0c99ac0d2d60271a99dd3e067e3af83f4c92e69a4bb908b3dd28e6f23d5fc9991adb9278f6967d29da2e58adbfbc9c5957785c603d40ae9f94132646c532ef707b96546efed42c6f161666acb17bfb444d13278667c95332fae51b344e62b6574a2a1cd3138252ee107d19001033d84c51c2faa807882ad1be21a5587a3e829590752f531cdc3567fe3be250343a8df03402f3516e59581b940e6486eb8c08ba68e3368d09f1ab766511e996dee4eb6224ee8b707428751ed7217868a3e34acab6fff33ffd6daddd19603d646e6a6108e3a882cb50ce9f6bf0ea92dba2e3664c36ab4928c7ca29426570aade5747d933d0e2e9b4084a24c0157f362e0c6dd8e61256fc52f38200f511e1ff89c5f414be861ed8d6d4570efef408c3e55897129257d66781f07c35881db46b4a554b839fd1906c6585c0ad19226fb1ba96e27d3e6b0e0cd10c890da71c4c8f5c1434b2037b8a873d980d95d7b7701bf273ec92a3076e58907e23b81ff905ee65502260858865375ba7282064606d8e8d120130aef59933417b5ccecacc00e41d6d80f9a52344e93d2aa6180e73d5ed041b29a77cbbd34fe160aa86838602fa4d0c3b4f38a6bdadfad34b384dfaec936eb05a2d84c88a16563fac00e72de963a4b60b4f0bf53a483a83e2c2a515a2f207d40bfa5f557d9afe5175a2f61aba1429f40d558687827241a2a5c7a71866ece3eaa13c0047f36adb9ded8aac279346b58e8e2091c90042e41e09e6cff1b20ae7384f99c2ef0af38b7ce3adee784aefd69e7c120b11a2199a97ed711234935ab692f9d69b1e57a2067e20c478e3e8f2995b4c004c83f35ee6712e34b2f336c43da20032be9d1787a49dcf283fa4e5769a3d6c1bef35edf8944976d78548e0082bc519bb7b512aee3df214520a82c90b3e39be5a881741f9609219fc62edf247b9504cf1753b87a3d81157152e14ea729e80067df49fe369b7bab3ed8168914748bfc2829952b390c17d262958cb03fcb3a288a68f47b3221dee6a7dcf18c341ede33890ef71149d5516b94ab0e107f32642520c2e6248df0957a99137047f30ffa60cc7be69ce0f8c435e1c3cc901fdcbc8d60360eed373def402fc51dda00bea98d958d791cc404041cbd6f0203f267951a9487d6b71d6444a0c5faec90b2682ba04c848b66acae154b12fd692df71a1fe6c2db78e080baa40a2f0e9f81a170f07343212937046427882234694f2b09a31c6bec8dd65ee6c0bacbe1c3868dadf31400e73c5ad7ff9008f0ef549b42a5d6748b98d1bbd80640e9f2d846a4473a220b6ecc586242305f99fc108af7d4e6bfe02406cffb2c54be5b72eccae30dce68b22a97552e873d7db62d3e6974706976b10581afe9a1f47f9ad8a99b649811ec4d3379c187b04ad7aad2539c00ce0af6eecedc4246a51b80b2ec7be86ce0c0e5ff9cec801b23a4fb3de2d2739fecc4d2ae5357e6c17c8e2d78bac17296c70ae15f65acbeaf529b37b04fa2a4b3154c1e5e7d54e11e9f6c4230470fca31246fa754c08adfb067027c9ed026a68dd252a901f8b5fdb28ac7d972c68483d8fc36c533a6c75bae8d39997db5f288d3edf959d37c60b22e654644c6f422508afd9f8d9cb99add3c0f16b4fb98b3657283f695b435b1015ef3817d671a13398946acd473de3d7e4bdc40e94c318117d6ceddeee20f360b8d51a94242e52b43f73aaf06c20c0ed847767530b0de6d3b224cb1a529711ef635b7ccd4eb2f81cc69f72cbb1269ba935dcc8016c4ba81d62c177cacd1f6b4eee01eb96b76700033c17b630fc6052295bd842631f105ceca9096c9c14cdee6eab6b69e4f3a16f85c881378c1fbd8e98220ce93618f0d4671b26202336bc75928f1d13081df8c402fd8d1f37fa86c75662af3f1d8d6dc551f49648894c817a7af6da1fc7c15b2416e9a9dccb2757cdf52ddab4ffcbb359314a3b4b8c32569b5b493ec7c7ac943d2cc89929787ef61f67c77326a630236f72642f193b922249052faa154b779f6854318daaf97e239c017ae0c09cd9065834131a46692964f561dfe06814a185bd003b847bf503203396e10f2793165774e7a6f01ddcc72ae99e5372d3630fc91a1f4c8d040c5a511ad79ce3448d5c5da841d0f0ecda146ab3b766b640c69089d01261e6639881b9e4e1730107e536887fbf707a83a4433cdd41ec1114282a3decfb1d85efe7bece4341472f333557d787f6dccf28a2ac67c87d324144d2e3a39a9aa0ac34e4f66e589e1d83ba8db54332940fde2c8e14e85afbb0c4674a3c552c5c1000a498831b497c2d2119d3a5fe726e05a5e707b06cc63a0ce6cd8c7b67ca829dcae961829d22864062e242cc96ce785e1d5b1f6054442141ce4759baa1100294ab299e87aac0441b9fd1df287a09c13166a84b08f973673a275e67b9414e95c3d676999395eab05ab38a0ffff0ae4a4f1b2a192cd92b668d456363f2688c7d9780e8f7a860c8bd6f44de231c9aff71478be65f5fb56120b6d4fb2b0efd8140d64bce3418083298753ab4d599b8ab4d7f5fc551b9852a9dc68da53c03894cbf332b7aefd5042a61c943742f3601119f2fe890327ec0bdb69cc3ec81f85fe45e864f9ae9c938110e59fa42a12e8bb10d5c287701f451bd46aff92a71f4c5566ebbc61f18fe6701a6d3f337765a8931c5558c9cc9667179e4e787161d7515843aef4d3206b53f04f836e62cd68d4fcee5a", 0x1000}], 0x1, &(0x7f0000002780)=[@cred={{0x1c, 0x1, 0x2, {0x0, r10, r4}}}, @rights={{0x34, 0x1, 0x1, [r13, r9, r9, r9, r13, r0, r9, 0xffffffffffffffff, r0]}}, @rights={{0x34, 0x1, 0x1, [r9, r9, r13, r0, r0, r0, r0, r13, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r1}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r1, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r10, r3}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r10, r8}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r10, r2}}}], 0x148, 0x40000}}, {{&(0x7f0000002900)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000002bc0)=[{&(0x7f0000002980)="96b92b0a4f1b9068f8c16218c1cf79c3b25369808ffa7464bbd36366fdfe5f5a9dce06fb93af9d14fa7f75ea2be15a15bb9219fb216ec38fb4e45ca0e45742315e7a9d3cb58cb21416137e1b4f608e240cb4dde41ca8eed65d458a511d1a0e8671e9af8c9842e1ba80a3df39ce5c52637cc0d4cc03c6f364ba163ad0fdc8e0550bfa12ed986d0655c97b4f03a7a0a2d9818bdf4dd8ab6777ea7ace74139815c747084707594f3add2a03d4d3c93e9750f10b2b9310352a208dbe386430892480e38c05a5f67063066e0cbe681794db768053c94a605404f21a9ae31f1e", 0xdd}, {&(0x7f0000002a80)="4bd1df8b781a37799f203f7dec8877a6b3ac308faa", 0x15}, {&(0x7f0000002ac0)="8fe022ee7c01f917313f2d82cd60b7cb4900a50d6398c555f9ebb05da544635f60740c0f26f47f63a5e29065901bb80897c04ee04d0da5a7a60b61fda1b90b58a2d6fff79f4626d35ab0466f40dae95fbac4260967c2a713f76f1b1c399d758ed78aaa3bab56020ccb06d3b7126490583a319b69642251f1d00b8bcf433b22f4f037575beb50fa8f24ae14ab287bdc8a48e999bac1d7e3acfe7490334bbc34966582fc47bdcfbffc2a87c5865c2d0d93cc03e7e5c98f6e3f1fff4b3086992470b45614e5ad2d890d97eac890875393ce78a641cd9fbc86e8e2ec07787edc4fc937", 0xe1}], 0x3, &(0x7f0000002c40)=[@cred={{0x1c, 0x1, 0x2, {0x0, r10, r7}}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}, @rights={{0x1c, 0x1, 0x1, [r9, r9, r13]}}], 0x58}}], 0x4, 0x4008000)

0s ago: executing program 3 (id=5618):
r0 = syz_open_dev$evdev(&(0x7f0000000480), 0x3d, 0x8382)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/95)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0), 0x208e24b)
cachestat(r1, &(0x7f0000000040), &(0x7f000009de80), 0x0)

kernel console output (not intermixed with test programs):

.
[  446.939564][ T7048] 8021q: adding VLAN 0 to HW filter on device bond2
[  446.952061][ T7048] bond2: (slave geneve2): making interface the new active one
[  446.955683][ T7048] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  447.108038][ T7092] fuse: Unknown parameter 'ctl��\w���D����[�a0��Ͳ���;�2'
[  447.931313][ T7103] ip6t_srh: unknown srh invflags 4000
[  448.001288][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  448.001300][   T40] audit: type=1400 audit(1773752299.856:63672): avc:  denied  { read } for  pid=7104 comm="syz.8.4789" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  448.011580][   T40] audit: type=1400 audit(1773752299.856:63673): avc:  denied  { open } for  pid=7104 comm="syz.8.4789" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  448.021009][   T40] audit: type=1400 audit(1773752299.866:63674): avc:  denied  { ioctl } for  pid=7104 comm="syz.8.4789" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  448.198934][ T6546] usb 6-1: USB disconnect, device number 52
[  448.319529][ T7128] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  448.361244][ T7131] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4792'.
[  448.375878][ T7131] bond2: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  448.384093][ T7131] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4792'.
[  448.387094][ T7131] bond2: peer notification delay (2365) is not a multiple of miimon (4), value rounded to 2364 ms
[  448.423437][ T7131] kvm: user requested TSC rate below hardware speed
[  448.585295][ T7177] FAULT_INJECTION: forcing a failure.
[  448.585295][ T7177] name failslab, interval 1, probability 0, space 0, times 0
[  448.591688][ T7177] CPU: 3 UID: 0 PID: 7177 Comm: syz.1.4796 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  448.591707][ T7177] Tainted: [L]=SOFTLOCKUP
[  448.591711][ T7177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  448.591718][ T7177] Call Trace:
[  448.591723][ T7177]  <TASK>
[  448.591727][ T7177]  dump_stack_lvl+0x100/0x190
[  448.591751][ T7177]  should_fail_ex.cold+0x5/0xa
[  448.591767][ T7177]  should_failslab+0xc2/0x120
[  448.591779][ T7177]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  448.591795][ T7177]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  448.591816][ T7177]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  448.591837][ T7177]  mmu_topup_memory_caches+0x25/0x170
[  448.591851][ T7177]  kvm_mmu_load+0xd6/0x23e0
[  448.591862][ T7177]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  448.591877][ T7177]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  448.591895][ T7177]  ? __pfx_kvm_mmu_load+0x10/0x10
[  448.591906][ T7177]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  448.591923][ T7177]  ? kvm_check_and_inject_events+0x961/0x10c0
[  448.591936][ T7177]  ? record_steal_time+0x370/0xbe0
[  448.591953][ T7177]  vcpu_run+0x39f4/0x5ca0
[  448.591972][ T7177]  ? __pfx_vcpu_run+0x10/0x10
[  448.591989][ T7177]  ? rcu_is_watching+0x12/0xc0
[  448.592005][ T7177]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  448.592018][ T7177]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  448.592034][ T7177]  kvm_vcpu_ioctl+0x730/0x1730
[  448.592052][ T7177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  448.592069][ T7177]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  448.592085][ T7177]  ? do_vfs_ioctl+0x226/0x13e0
[  448.592102][ T7177]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  448.592119][ T7177]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  448.592140][ T7177]  ? __fget_files+0x215/0x3d0
[  448.592158][ T7177]  ? hook_file_ioctl_common+0x146/0x410
[  448.592181][ T7177]  ? selinux_file_ioctl+0x139/0x290
[  448.592195][ T7177]  ? selinux_file_ioctl+0xb4/0x290
[  448.592211][ T7177]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  448.592228][ T7177]  __x64_sys_ioctl+0x18e/0x210
[  448.592246][ T7177]  do_syscall_64+0x106/0xf80
[  448.592260][ T7177]  ? clear_bhb_loop+0x40/0x90
[  448.592274][ T7177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.592286][ T7177] RIP: 0033:0x7ffa0739c799
[  448.592296][ T7177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.592307][ T7177] RSP: 002b:00007ffa0819c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.592318][ T7177] RAX: ffffffffffffffda RBX: 00007ffa07615fa0 RCX: 00007ffa0739c799
[  448.592325][ T7177] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  448.592332][ T7177] RBP: 00007ffa0819c090 R08: 0000000000000000 R09: 0000000000000000
[  448.592338][ T7177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  448.592344][ T7177] R13: 00007ffa07616038 R14: 00007ffa07615fa0 R15: 00007ffd421dd7b8
[  448.592359][ T7177]  </TASK>
[  448.735647][ T7186] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4797'.
[  448.739867][ T7186] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4797'.
[  448.767840][ T5941] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  448.771542][ T5929] Bluetooth: hci3: command 0x1003 tx timeout
[  448.857242][ T7200] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4799'.
[  448.863892][ T7200] Bluetooth: MGMT ver 1.23
[  448.865913][ T7200] Bluetooth: hci0: too big key_count value 32768
[  448.925471][ T7209] geneve2: entered promiscuous mode
[  448.927290][ T7209] geneve2: entered allmulticast mode
[  448.932182][T24044] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  448.935344][T24044] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  448.939699][T24044] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  448.943909][T24044] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  449.055870][ T7252] netlink: 'syz.8.4804': attribute type 13 has an invalid length.
[  449.227816][  T830] usb 14-1: new high-speed USB device number 19 using dummy_hcd
[  449.267785][   T39] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  449.377757][  T830] usb 14-1: Using ep0 maxpacket: 16
[  449.383178][  T830] usb 14-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  449.386430][  T830] usb 14-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  449.389470][  T830] usb 14-1: Product: syz
[  449.391042][  T830] usb 14-1: Manufacturer: syz
[  449.392765][  T830] usb 14-1: SerialNumber: syz
[  449.395953][  T830] usb 14-1: config 0 descriptor??
[  449.415475][ T7271] FAULT_INJECTION: forcing a failure.
[  449.415475][ T7271] name failslab, interval 1, probability 0, space 0, times 0
[  449.420567][ T7271] CPU: 1 UID: 0 PID: 7271 Comm: syz.8.4808 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  449.420586][ T7271] Tainted: [L]=SOFTLOCKUP
[  449.420590][ T7271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  449.420597][ T7271] Call Trace:
[  449.420601][ T7271]  <TASK>
[  449.420606][ T7271]  dump_stack_lvl+0x100/0x190
[  449.420627][ T7271]  should_fail_ex.cold+0x5/0xa
[  449.420642][ T7271]  should_failslab+0xc2/0x120
[  449.420653][ T7271]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  449.420669][ T7271]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  449.420690][ T7271]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  449.420712][ T7271]  mmu_topup_memory_caches+0x25/0x170
[  449.420726][ T7271]  kvm_mmu_load+0xd6/0x23e0
[  449.420738][ T7271]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  449.420753][ T7271]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  449.420771][ T7271]  ? __pfx_kvm_mmu_load+0x10/0x10
[  449.420782][ T7271]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  449.420799][ T7271]  ? kvm_check_and_inject_events+0x961/0x10c0
[  449.420812][ T7271]  ? record_steal_time+0x370/0xbe0
[  449.420830][ T7271]  vcpu_run+0x39f4/0x5ca0
[  449.420851][ T7271]  ? __pfx_vcpu_run+0x10/0x10
[  449.420868][ T7271]  ? rcu_is_watching+0x12/0xc0
[  449.420884][ T7271]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  449.420897][ T7271]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  449.420914][ T7271]  kvm_vcpu_ioctl+0x730/0x1730
[  449.420931][ T7271]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  449.420948][ T7271]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  449.420965][ T7271]  ? do_vfs_ioctl+0x226/0x13e0
[  449.420981][ T7271]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  449.420998][ T7271]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  449.421019][ T7271]  ? __fget_files+0x215/0x3d0
[  449.421030][ T7271]  ? hook_file_ioctl_common+0x146/0x410
[  449.421051][ T7271]  ? selinux_file_ioctl+0x139/0x290
[  449.421066][ T7271]  ? selinux_file_ioctl+0xb4/0x290
[  449.421082][ T7271]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  449.421099][ T7271]  __x64_sys_ioctl+0x18e/0x210
[  449.421117][ T7271]  do_syscall_64+0x106/0xf80
[  449.421131][ T7271]  ? clear_bhb_loop+0x40/0x90
[  449.421145][ T7271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.421156][ T7271] RIP: 0033:0x7f49f6f9c799
[  449.421166][ T7271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  449.421177][ T7271] RSP: 002b:00007f49f7ed6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  449.421188][ T7271] RAX: ffffffffffffffda RBX: 00007f49f7215fa0 RCX: 00007f49f6f9c799
[  449.421195][ T7271] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  449.421202][ T7271] RBP: 00007f49f7ed6090 R08: 0000000000000000 R09: 0000000000000000
[  449.421208][ T7271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  449.421215][ T7271] R13: 00007f49f7216038 R14: 00007f49f7215fa0 R15: 00007ffc463fe488
[  449.421229][ T7271]  </TASK>
[  449.429986][   T39] usb 6-1: config 1 has an invalid interface number: 7 but max is 0
[  449.543022][   T39] usb 6-1: config 1 has no interface number 0
[  449.545075][   T39] usb 6-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  449.548987][   T39] usb 6-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  449.552879][   T39] usb 6-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  449.558265][   T39] usb 6-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  449.561239][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.563918][   T39] usb 6-1: Product: syz
[  449.565339][   T39] usb 6-1: Manufacturer: syz
[  449.566911][   T39] usb 6-1: SerialNumber: syz
[  449.572289][ T7228] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  449.602008][  T830] IPVS: starting estimator thread 0...
[  449.605689][T14141] usb 14-1: USB disconnect, device number 19
[  449.717926][ T7289] IPVS: using max 29 ests per chain, 69600 per kthread
[  449.792401][   T40] audit: type=1400 audit(1773752301.646:63675): avc:  denied  { map } for  pid=7303 comm="syz.8.4809" path="/dev/full" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
[  449.802489][   T40] audit: type=1400 audit(1773752301.646:63676): avc:  denied  { execute } for  pid=7303 comm="syz.8.4809" path="/dev/full" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
[  449.812791][   T40] audit: type=1400 audit(1773752301.656:63677): avc:  denied  { associate } for  pid=7303 comm="syz.8.4809" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  449.821630][   T40] audit: type=1400 audit(1773752301.656:63678): avc:  denied  { append } for  pid=7303 comm="syz.8.4809" name="pfkey" dev="proc" ino=4026533836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  449.829220][   T40] audit: type=1400 audit(1773752301.676:63679): avc:  denied  { recv } for  pid=23 comm="ksoftirqd/2" saddr=127.0.0.1 src=49006 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  449.865376][ T7306] ref_ctr_offset mismatch. inode: 0x15e offset: 0x0 ref_ctr_offset(old): 0x16 ref_ctr_offset(new): 0x0
[  450.029045][   T40] audit: type=1400 audit(1773752301.886:63680): avc:  denied  { connect } for  pid=7311 comm="syz.8.4812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  450.115077][   T40] audit: type=1400 audit(1773752301.966:63681): avc:  denied  { watch } for  pid=7321 comm="syz.2.4814" path="/61/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  450.132195][ T7323] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  450.184736][ T7331] fuse: Unknown parameter '0000000000000000000701777777777777777777777'
[  450.331798][ T7355] smb3: Unknown parameter 'rdma'
[  450.338648][ T7323] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4805'.
[  450.353742][ T7345] Bluetooth: hci0: too big key_count value 32768
[  450.513207][ T7365] program syz.9.4824 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  450.518136][ T7367] program syz.9.4824 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  451.037340][ T7372] hugetlbfs: Bad value 'p9g57-t' for mount option 'size'
[  451.037340][ T7372] 
[  451.038579][ T7374] SELinux:  Context system_u:object_r:textrel_shlib_t:s0 is not valid (left unmapped).
[  451.447255][ T7389] binder: BINDER_SET_CONTEXT_MGR already set
[  451.453107][ T7389] binder: 7386:7389 ioctl 4018620d 200000000040 returned -16
[  451.711269][ T7424] tipc: MTU too low for tipc bearer
[  451.713208][ T7425] tipc: MTU too low for tipc bearer
[  451.786452][ T7433] input: syz0 as /devices/virtual/input/input57
[  452.024864][ T7449] FAULT_INJECTION: forcing a failure.
[  452.024864][ T7449] name failslab, interval 1, probability 0, space 0, times 0
[  452.030408][ T7449] CPU: 3 UID: 0 PID: 7449 Comm: syz.8.4841 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  452.030450][ T7449] Tainted: [L]=SOFTLOCKUP
[  452.030458][ T7449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  452.030468][ T7449] Call Trace:
[  452.030474][ T7449]  <TASK>
[  452.030480][ T7449]  dump_stack_lvl+0x100/0x190
[  452.030512][ T7449]  should_fail_ex.cold+0x5/0xa
[  452.030534][ T7449]  should_failslab+0xc2/0x120
[  452.030552][ T7449]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  452.030575][ T7449]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  452.030614][ T7449]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  452.030648][ T7449]  mmu_topup_memory_caches+0x25/0x170
[  452.030669][ T7449]  kvm_mmu_load+0xd6/0x23e0
[  452.030686][ T7449]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  452.030709][ T7449]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  452.030737][ T7449]  ? __pfx_kvm_mmu_load+0x10/0x10
[  452.030754][ T7449]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  452.030780][ T7449]  ? kvm_check_and_inject_events+0x961/0x10c0
[  452.030800][ T7449]  ? record_steal_time+0x370/0xbe0
[  452.030827][ T7449]  vcpu_run+0x39f4/0x5ca0
[  452.030857][ T7449]  ? __pfx_vcpu_run+0x10/0x10
[  452.030883][ T7449]  ? rcu_is_watching+0x12/0xc0
[  452.030906][ T7449]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  452.030925][ T7449]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  452.030953][ T7449]  kvm_vcpu_ioctl+0x730/0x1730
[  452.030981][ T7449]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  452.031005][ T7449]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  452.031030][ T7449]  ? do_vfs_ioctl+0x226/0x13e0
[  452.031058][ T7449]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  452.031084][ T7449]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  452.031116][ T7449]  ? __fget_files+0x215/0x3d0
[  452.031132][ T7449]  ? hook_file_ioctl_common+0x146/0x410
[  452.031166][ T7449]  ? selinux_file_ioctl+0x139/0x290
[  452.031188][ T7449]  ? selinux_file_ioctl+0xb4/0x290
[  452.031212][ T7449]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  452.031238][ T7449]  __x64_sys_ioctl+0x18e/0x210
[  452.031264][ T7449]  do_syscall_64+0x106/0xf80
[  452.031284][ T7449]  ? clear_bhb_loop+0x40/0x90
[  452.031306][ T7449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.031324][ T7449] RIP: 0033:0x7f49f6f9c799
[  452.031340][ T7449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  452.031356][ T7449] RSP: 002b:00007f49f7ed6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  452.031373][ T7449] RAX: ffffffffffffffda RBX: 00007f49f7215fa0 RCX: 00007f49f6f9c799
[  452.031384][ T7449] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  452.031394][ T7449] RBP: 00007f49f7ed6090 R08: 0000000000000000 R09: 0000000000000000
[  452.031404][ T7449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  452.031414][ T7449] R13: 00007f49f7216038 R14: 00007f49f7215fa0 R15: 00007ffc463fe488
[  452.031436][ T7449]  </TASK>
[  452.033648][   T39] usb 6-1: Incompatible driver and firmware versions
[  452.131585][   T39] usb 6-1: USB disconnect, device number 53
[  452.133218][ T7466] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4843'.
[  452.257995][  T830] usb 14-1: new high-speed USB device number 20 using dummy_hcd
[  452.305675][ T7478] ISOFS: Unable to identify CD-ROM format.
[  452.354610][ T7485] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4845'.
[  452.362537][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.365027][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.367451][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.370100][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.373765][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.376333][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.378944][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.381386][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.384039][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.386845][   T10] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  452.391660][   T10] hid-generic 0000:0000:0000.0022: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  452.418791][  T830] usb 14-1: Using ep0 maxpacket: 8
[  452.428117][  T830] usb 14-1: config 0 has an invalid interface number: 186 but max is 0
[  452.430966][  T830] usb 14-1: config 0 has no interface number 0
[  452.433059][  T830] usb 14-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  452.436811][  T830] usb 14-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 18, changing to 8
[  452.441316][  T830] usb 14-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  452.445302][  T830] usb 14-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  452.447407][ T7490] fido_id[7490]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  452.450426][  T830] usb 14-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  452.463533][  T830] usb 14-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  452.467100][  T830] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.470415][  T830] usb 14-1: Product: syz
[  452.471962][  T830] usb 14-1: Manufacturer: syz
[  452.473621][  T830] usb 14-1: SerialNumber: syz
[  452.489495][  T830] usb 14-1: config 0 descriptor??
[  452.509727][ T7499] netlink: 'syz.1.4847': attribute type 10 has an invalid length.
[  452.515066][ T7499] team0: Device vxcan1 is of different type
[  452.523555][ T7499] nfs4: Unknown parameter '
/file1'
[  452.696609][  T830] iowarrior 14-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0
[  452.896211][ T6645] usb 14-1: USB disconnect, device number 20
[  452.901108][   T39] usb 13-1: new high-speed USB device number 44 using dummy_hcd
[  453.057776][   T39] usb 13-1: Using ep0 maxpacket: 8
[  453.062515][   T39] usb 13-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.067252][   T39] usb 13-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.071906][   T39] usb 13-1: config 0 interface 0 has no altsetting 0
[  453.074890][   T39] usb 13-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  453.078981][   T39] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.085403][   T39] usb 13-1: config 0 descriptor??
[  453.400666][ T7533] netlink: 'syz.2.4850': attribute type 11 has an invalid length.
[  453.410943][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  453.410953][   T40] audit: type=1400 audit(1773752305.266:63696): avc:  denied  { read } for  pid=7532 comm="syz.2.4850" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  453.422434][   T40] audit: type=1400 audit(1773752305.266:63697): avc:  denied  { open } for  pid=7532 comm="syz.2.4850" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  453.433205][   T40] audit: type=1400 audit(1773752305.266:63698): avc:  denied  { ioctl } for  pid=7532 comm="syz.2.4850" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  453.486906][ T7541] random: crng reseeded on system resumption
[  453.511684][   T39] mcp2221 0003:04D8:00DD.0023: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[  453.640293][ T1125] sr 2:0:0:0: [sr0] tag#25 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  453.642380][   T40] audit: type=1400 audit(1773752305.496:63699): avc:  denied  { net_admin } for  pid=6740 comm="getty" capability=12  scontext=system_u:system_r:getty_t tcontext=system_u:system_r:getty_t tclass=capability permissive=1
[  453.643872][ T1125] sr 2:0:0:0: [sr0] tag#25 Sense Key : Illegal Request [current] 
[  453.654147][ T1125] sr 2:0:0:0: [sr0] tag#25 Add. Sense: Invalid command operation code
[  453.657983][ T1125] sr 2:0:0:0: [sr0] tag#25 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  453.661830][ T1125] blk_print_req_error: 138 callbacks suppressed
[  453.661845][ T1125] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2
[  453.662824][ T6740] mkiss: ax0: crc mode is auto.
[  453.664298][ T1125] buffer_io_error: 138 callbacks suppressed
[  453.664307][ T1125] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  453.701321][ T6404] usb 13-1: USB disconnect, device number 44
[  453.750888][   T40] audit: type=1400 audit(1773752305.606:63700): avc:  denied  { write } for  pid=7567 comm="syz.9.4854" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  453.904586][ T5929] Bluetooth: hci1: unexpected cc 0x2010 length: 9 > 1
[  453.906715][ T5929] Bluetooth: hci1: unexpected event for opcode 0x2010
[  453.908926][   T40] audit: type=1400 audit(1773752305.756:63701): avc:  denied  { read } for  pid=7584 comm="syz.9.4856" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  454.012378][   T40] audit: type=1400 audit(1773752305.866:63702): avc:  denied  { write } for  pid=7584 comm="syz.9.4856" name="001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  454.019675][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4856'.
[  454.022198][   T40] audit: type=1400 audit(1773752305.876:63703): avc:  denied  { map } for  pid=7584 comm="syz.9.4856" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  454.036129][   T40] audit: type=1400 audit(1773752305.876:63704): avc:  denied  { execute } for  pid=7584 comm="syz.9.4856" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  454.425826][ T7662] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  454.462269][ T7668] syzkaller0: entered promiscuous mode
[  454.464318][ T7668] syzkaller0: entered allmulticast mode
[  454.840098][ T7719] syzkaller0: entered promiscuous mode
[  454.842583][ T7719] syzkaller0: entered allmulticast mode
[  455.069130][ T7750] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  455.074007][ T7750] overlayfs: overlapping lowerdir path
[  455.263845][ T7759] ubi: mtd0 is already attached to ubi0
[  455.306096][ T7762] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4885'.
[  455.310722][ T7762] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4885'.
[  455.313618][ T7762] netlink: 'syz.2.4885': attribute type 7 has an invalid length.
[  455.405143][ T7770] IPVS: set_ctl: invalid protocol: 0 172.20.20.33:20004
[  455.408565][ T7770] [U] v�3��f��"S��/��4:�XTz�W�t��lW��=
[  455.411390][ T7770] [U] J"�e:��"


[  455.487941][ T5941] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  455.487990][ T5929] Bluetooth: hci0: command 0x0c1a tx timeout
[  455.585591][ T7778] syzkaller0: entered promiscuous mode
[  455.587546][ T7778] syzkaller0: entered allmulticast mode
[  455.868228][ T7788] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  455.935142][ T7794] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.012733][ T7794] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.087507][ T7794] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.164289][ T7794] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.268116][T24044] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  456.276438][T24044] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  456.291142][T24044] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  456.294326][ T6685] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  456.329667][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4892'.
[  456.621807][   T40] audit: type=1400 audit(1773752308.476:63705): avc:  denied  { mount } for  pid=7837 comm="syz.2.4896" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  456.763447][ T7852] syzkaller0: entered promiscuous mode
[  456.765371][ T7852] syzkaller0: entered allmulticast mode
[  456.807612][ T7858] bridge0: port 3(syz_tun) entered blocking state
[  456.811266][ T7858] bridge0: port 3(syz_tun) entered disabled state
[  456.813579][ T7858] syz_tun: entered allmulticast mode
[  456.816295][ T7858] syz_tun: entered promiscuous mode
[  456.819218][ T7858] bridge0: port 3(syz_tun) entered blocking state
[  456.822398][ T7858] bridge0: port 3(syz_tun) entered forwarding state
[  457.591282][ T7875] bridge_slave_0: left allmulticast mode
[  457.593478][ T7875] bridge_slave_0: left promiscuous mode
[  457.596830][ T7875] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.603123][ T7875] bridge_slave_1: left allmulticast mode
[  457.605639][ T7875] bridge_slave_1: left promiscuous mode
[  457.608513][ T7875] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.615205][ T7875] bond0: (slave bond_slave_0): Releasing backup interface
[  457.621799][ T7875] bond0: (slave bond_slave_1): Releasing backup interface
[  457.630975][ T7875] team0: Port device team_slave_0 removed
[  457.639810][ T7875] team0: Port device team_slave_1 removed
[  457.643165][ T7875] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  457.646344][ T7875] batman_adv: batadv0: Removing interface: batadv_slave_0
[  457.653099][ T7875] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  457.656336][ T7875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  457.662415][ T7875] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  457.770020][ T7878] xt_CT: No such helper "pptp"
[  457.836934][ T7885] netlink: 'syz.2.4905': attribute type 21 has an invalid length.
[  459.742560][ T7846] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  459.858626][ T7904] xt_hashlimit: size too large, truncated to 1048576
[  459.979408][ T7898] tun0: tun_chr_ioctl cmd 1074025675
[  459.981770][ T7898] tun0: persist enabled
[  459.984296][ T7898] tun0: tun_chr_ioctl cmd 1074025675
[  459.986585][ T7898] tun0: persist disabled
[  460.089410][ T7918] kvm: kvm [7917]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0xc1) = 0x87
[  460.093038][ T7918] kvm: kvm [7917]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0xc2) = 0x87
[  460.095668][ T7922] ip6t_REJECT: ECHOREPLY is not supported
[  460.102540][ T7922] netlink: 32 bytes leftover after parsing attributes in process `syz.9.4912'.
[  460.112644][ T7918] kvm: kvm [7917]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x11e) = 0x87
[  460.155848][ T7918] kvm: kvm [7917]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x186) = 0x87
[  460.160220][ T7918] kvm: kvm [7917]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x187) = 0x87
[  460.185330][ T7918] kvm_intel: kvm [7917]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x1d9) = 0x87
[  460.236324][ T7928] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4913'.
[  460.386515][ T7940] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4917'.
[  460.540158][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  460.540175][   T40] audit: type=1400 audit(1773752312.396:63707): avc:  denied  { watch } for  pid=7948 comm="syz.9.4916" path="/98" dev="tmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  460.579760][ T7957] bond3: (slave bond_slave_1): Device is not bonding slave
[  460.582888][ T7957] bond3: option active_slave: invalid value (bond_slave_1)
[  460.587626][ T7957] bond3 (unregistering): Released all slaves
[  460.769344][ T8032] syzkaller0: entered promiscuous mode
[  460.771397][ T8032] syzkaller0: entered allmulticast mode
[  460.863190][   T40] audit: type=1400 audit(1773752312.716:63708): avc:  denied  { getopt } for  pid=8049 comm="syz.8.4925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  461.253057][   T40] audit: type=1400 audit(1773752313.106:63709): avc:  denied  { append } for  pid=8102 comm="syz.2.4936" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  461.268175][ T8103] nfs: Unknown parameter ''
[  461.325544][   T40] audit: type=1400 audit(1773752313.176:63710): avc:  denied  { read write } for  pid=8111 comm="syz.2.4938" name="nvme-fabrics" dev="devtmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  461.333858][   T40] audit: type=1400 audit(1773752313.176:63711): avc:  denied  { open } for  pid=8111 comm="syz.2.4938" path="/dev/nvme-fabrics" dev="devtmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  461.341975][ T8112] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[  461.349561][ T8114] netlink: 6824 bytes leftover after parsing attributes in process `syz.2.4938'.
[  461.441032][ T8121] tipc: Started in network mode
[  461.442749][ T8121] tipc: Node identity 3, cluster identity 4711
[  461.444816][ T8121] tipc: Node number set to 3
[  461.541240][ T8136] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4942'.
[  461.639379][ T8155] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4945'.
[  461.687579][ T8158] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  461.706105][   T40] audit: type=1400 audit(1773752313.556:63712): avc:  denied  { ioctl } for  pid=8159 comm="syz.2.4947" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  461.736907][   T40] audit: type=1400 audit(1773752313.586:63713): avc:  denied  { read } for  pid=8166 comm="syz.9.4948" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  461.746884][   T40] audit: type=1400 audit(1773752313.586:63714): avc:  denied  { open } for  pid=8166 comm="syz.9.4948" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  461.757319][   T40] audit: type=1400 audit(1773752313.596:63715): avc:  denied  { ioctl } for  pid=8166 comm="syz.9.4948" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  461.800265][ T8169] syzkaller1: entered promiscuous mode
[  461.802327][ T8169] syzkaller1: entered allmulticast mode
[  461.994318][ T8175] syzkaller0: entered promiscuous mode
[  461.996775][ T8175] syzkaller0: entered allmulticast mode
[  462.316063][ T8190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  462.320820][ T8190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  462.321584][ T8191] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  462.328477][ T8190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  462.333627][ T8191] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  462.337466][   T40] audit: type=1400 audit(1773752314.186:63716): avc:  denied  { create } for  pid=8189 comm="syz.8.4953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  462.467167][ T8195] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  462.471483][ T8195] netlink: 'syz.9.4954': attribute type 10 has an invalid length.
[  462.474083][ T8195] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4954'.
[  462.822272][ T8216] kvm: user requested TSC rate below hardware speed
[  462.938419][ T8228] syzkaller0: entered promiscuous mode
[  462.940735][ T8228] syzkaller0: entered allmulticast mode
[  463.507851][ T1466] usb 13-1: new high-speed USB device number 45 using dummy_hcd
[  463.687838][ T1466] usb 13-1: Using ep0 maxpacket: 16
[  463.692175][ T1466] usb 13-1: config index 0 descriptor too short (expected 65, got 36)
[  463.695808][ T1466] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  463.701182][ T1466] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  463.706284][ T1466] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  463.712412][ T1466] usb 13-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  463.716871][ T1466] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.723010][ T1466] usb 13-1: config 0 descriptor??
[  463.732647][ T1466] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/input/input58
[  463.938287][ T6226] usb 13-1: USB disconnect, device number 45
[  464.555691][ T8300] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  464.691909][ T8305] SELinux: ebitmap start bit (4278255616) is beyond the end of the bitmap (320)
[  464.694999][ T8305] SELinux: failed to load policy
[  464.795221][ T7694] mkiss: ax0: crc mode is auto.
[  464.855810][ T8341] tmpfs: Unknown parameter 'obj_role'
[  465.102989][ T8370] netlink: 10 bytes leftover after parsing attributes in process `syz.8.4984'.
[  465.139173][ T8372] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4985'.
[  465.174324][ T8380] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  465.192809][ T8383] binder: 8382:8383 ioctl c0306201 200000001040 returned -14
[  465.246358][ T8389] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  465.306194][ T8396] overlay: ./file0 is not a directory
[  465.381401][ T8406] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4996'.
[  465.715975][ T8426] ������: renamed from vlan0 (while UP)
[  465.723736][ T8426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5001'.
[  465.880133][ T8429] input: syz0 as /devices/virtual/input/input59
[  465.898593][ T8429] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5002'.
[  465.906749][ T8429] syzkaller1: entered promiscuous mode
[  465.909790][ T8429] syzkaller1: entered allmulticast mode
[  466.107929][ T8441] nbd1: detected capacity change from 0 to 63
[  466.113483][ T5941] block nbd1: Receive control failed (result -104)
[  466.324878][ T8453] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5005'.
[  466.454416][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  466.454428][   T40] audit: type=1400 audit(1773752318.306:63727): avc:  denied  { append } for  pid=8462 comm="syz.8.5008" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  466.830237][ T8482] netlink: 'syz.2.5013': attribute type 13 has an invalid length.
[  467.325729][ T8500] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5016'.
[  467.350092][ T8502] cgroup: noprefix used incorrectly
[  467.359859][ T8502] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  467.422066][ T8510] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5017'.
[  467.503267][   T40] audit: type=1400 audit(1773752319.356:63728): avc:  denied  { ioctl } for  pid=8573 comm="syz.8.5020" path="socket:[137799]" dev="sockfs" ino=137799 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  467.531278][ T8579] (syz.8.5021,8579,2):ocfs2_get_sector:1714 ERROR: status = -5
[  467.533790][ T8579] (syz.8.5021,8579,2):ocfs2_sb_probe:753 ERROR: status = -5
[  467.536129][ T8579] (syz.8.5021,8579,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  467.539121][ T8579] (syz.8.5021,8579,2):ocfs2_fill_super:1177 ERROR: status = -5
[  467.616112][ T8583] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5023'.
[  467.650988][ T8583] 8021q: adding VLAN 0 to HW filter on device bond1
[  467.654405][ T8583] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  467.658207][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  467.691200][ T5929] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  467.697384][ T5929] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  467.702495][ T5929] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  467.709526][ T5929] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  467.714672][ T5929] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  467.745721][   T40] audit: type=1400 audit(1773752319.596:63729): avc:  denied  { mounton } for  pid=8617 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  467.921097][ T8617] chnl_net:caif_netlink_parms(): no params data found
[  467.962208][ T8688] netlink: 'syz.8.5025': attribute type 1 has an invalid length.
[  468.123937][T24043] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.129385][T24043] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  468.142217][ T8617] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.145335][ T8617] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.150745][ T8617] bridge_slave_0: entered allmulticast mode
[  468.156526][ T8617] bridge_slave_0: entered promiscuous mode
[  468.166499][ T8617] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.177824][ T8617] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.182160][ T8617] bridge_slave_1: entered allmulticast mode
[  468.194710][ T8617] bridge_slave_1: entered promiscuous mode
[  468.269575][T24043] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.273986][T24043] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  468.319947][ T8617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  468.326882][ T8617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  468.365069][ T8617] team0: Port device team_slave_0 added
[  468.373061][ T8617] team0: Port device team_slave_1 added
[  468.393505][T24043] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.397345][T24043] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  468.429577][ T8617] batman_adv: batadv0: Adding interface: batadv_slave_0
[  468.432766][ T8617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  468.443815][ T8617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  468.452098][ T8849] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.478515][ T8617] batman_adv: batadv0: Adding interface: batadv_slave_1
[  468.481547][ T8617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  468.492417][ T8617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  468.512397][T24043] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.515983][T24043] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  468.536818][ T8865] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5028'.
[  468.539731][ T8849] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.610253][ T8617] hsr_slave_0: entered promiscuous mode
[  468.613365][ T8617] hsr_slave_1: entered promiscuous mode
[  468.615984][ T8617] debugfs: 'hsr0' already exists in 'hsr'
[  468.618611][ T8617] Cannot create hsr debugfs directory
[  468.633646][ T8865] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5028'.
[  468.641410][ T8849] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.669932][ T8865] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  468.679837][ T8865] batman_adv: batadv0: Removing interface: batadv_slave_1
[  468.718930][ T8849] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.813290][T24043] bridge_slave_1: left allmulticast mode
[  468.815975][T24043] bridge_slave_1: left promiscuous mode
[  468.818764][T24043] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.827841][T24043] bridge_slave_0: left allmulticast mode
[  468.830385][T24043] bridge_slave_0: left promiscuous mode
[  468.832992][T24043] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.071321][T24043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  469.075577][T24043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  469.079798][T24043] bond0 (unregistering): Released all slaves
[  469.084493][T24043] bond1 (unregistering): Released all slaves
[  469.091403][T24043] bond2 (unregistering): Released all slaves
[  469.217393][ T8141] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  469.260784][ T9447] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  469.263807][ T9447] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  469.266536][T24043] tipc: Left network mode
[  469.286612][ T6688] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  469.555361][T24043] hsr_slave_0: left promiscuous mode
[  469.557627][T24043] hsr_slave_1: left promiscuous mode
[  469.559884][T24043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  469.562320][T24043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  469.569559][T24043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  469.571987][T24043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  469.578211][T24043] veth1_macvtap: left allmulticast mode
[  469.580105][T24043] veth1_macvtap: left promiscuous mode
[  469.582154][T24043] veth0_macvtap: left promiscuous mode
[  469.584004][T24043] veth1_vlan: left promiscuous mode
[  469.585780][T24043] veth0_vlan: left promiscuous mode
[  469.786277][T24043] team0 (unregistering): Port device team_slave_1 removed
[  469.798498][T24043] team0 (unregistering): Port device team_slave_0 removed
[  469.808014][ T5941] Bluetooth: hci3: command tx timeout
[  469.888736][ T9153] openvswitch: netlink: Geneve option length err (len 740, max 255).
[  469.930062][ T9157] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  469.934682][ T9157] hsr_slave_0: left promiscuous mode
[  469.937046][ T9157] hsr_slave_1: left promiscuous mode
[  470.087218][ T9176] binder: Bad value for 'max'
[  470.427785][T14141] usb 13-1: new high-speed USB device number 46 using dummy_hcd
[  470.579197][T14141] usb 13-1: config index 0 descriptor too short (expected 39, got 27)
[  470.581876][T14141] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  470.585009][T14141] usb 13-1: config 0 interface 0 has no altsetting 0
[  470.597146][T14141] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  470.603198][T14141] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  470.606563][T14141] usb 13-1: Product: syz
[  470.612056][T14141] usb 13-1: Manufacturer: syz
[  470.614148][T14141] usb 13-1: SerialNumber: syz
[  470.623496][T14141] usb 13-1: config 0 descriptor??
[  470.627575][T14141] hub 13-1:0.0: bad descriptor, ignoring hub
[  470.634208][T14141] hub 13-1:0.0: probe with driver hub failed with error -5
[  470.638010][T14141] usb 13-1: selecting invalid altsetting 0
[  471.124285][ T9269] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9269 comm=syz.9.5050
[  471.132706][ T9269] __nla_validate_parse: 4 callbacks suppressed
[  471.132721][ T9269] netlink: 36 bytes leftover after parsing attributes in process `syz.9.5050'.
[  471.164802][ T9269] IPv6: Can't replace route, no match found
[  471.202940][ T8617] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  471.209893][ T8617] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  471.214509][ T8617] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  471.223043][ T8617] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  471.282286][ T8617] 8021q: adding VLAN 0 to HW filter on device bond0
[  471.291288][ T8617] 8021q: adding VLAN 0 to HW filter on device team0
[  471.298487][T24043] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.301623][T24043] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.317085][T24043] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.319910][T24043] bridge0: port 2(bridge_slave_1) entered forwarding state
[  471.326898][ T9302] netlink: 'syz.9.5053': attribute type 1 has an invalid length.
[  471.442154][ T8617] 8021q: adding VLAN 0 to HW filter on device batadv0
[  471.469206][ T8617] veth0_vlan: entered promiscuous mode
[  471.474174][ T8617] veth1_vlan: entered promiscuous mode
[  471.491084][ T8617] veth0_macvtap: entered promiscuous mode
[  471.495424][ T8617] veth1_macvtap: entered promiscuous mode
[  471.504139][ T8617] batman_adv: batadv0: Interface activated: batadv_slave_0
[  471.510471][ T8617] batman_adv: batadv0: Interface activated: batadv_slave_1
[  471.516883][T24043] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  471.523660][T24043] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  471.526795][T24043] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  471.532184][   T10] usb 13-1: USB disconnect, device number 46
[  471.539748][T24043] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  471.587785][   T39] usb 14-1: new high-speed USB device number 21 using dummy_hcd
[  471.618864][T24196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  471.621909][T24196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  471.644626][ T6688] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  471.647588][ T6688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  471.662463][   T40] audit: type=1400 audit(1773752579.511:63730): avc:  denied  { mounton } for  pid=8617 comm="syz-executor" path="/syzkaller.jJGMbm/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  471.673850][   T40] audit: type=1400 audit(1773752579.511:63731): avc:  denied  { unmount } for  pid=8617 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  471.682766][   T40] audit: type=1400 audit(1773752579.521:63732): avc:  denied  { mount } for  pid=8617 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  471.730734][ T9381] netlink: 45 bytes leftover after parsing attributes in process `syz.3.5022'.
[  471.738102][   T39] usb 14-1: Using ep0 maxpacket: 8
[  471.738323][   T10] usb 13-1: new full-speed USB device number 47 using dummy_hcd
[  471.745895][   T39] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  471.750287][ T9381] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5022'.
[  471.753587][   T39] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  471.757099][   T39] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  471.760710][   T39] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  471.764925][   T39] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  471.768468][   T39] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.891433][ T5941] Bluetooth: hci3: command tx timeout
[  471.895864][   T10] usb 13-1: config index 0 descriptor too short (expected 39, got 27)
[  471.899748][   T10] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  471.904103][   T10] usb 13-1: config 0 interface 0 has no altsetting 0
[  471.909840][   T10] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  471.913584][   T10] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  471.916985][   T10] usb 13-1: Product: syz
[  471.919136][   T10] usb 13-1: Manufacturer: syz
[  471.921189][   T10] usb 13-1: SerialNumber: syz
[  471.926848][   T10] usb 13-1: config 0 descriptor??
[  471.932603][   T10] hub 13-1:0.0: bad descriptor, ignoring hub
[  471.935030][   T10] hub 13-1:0.0: probe with driver hub failed with error -5
[  471.940395][   T10] usb 13-1: selecting invalid altsetting 0
[  471.978551][   T39] usb 14-1: GET_CAPABILITIES returned 0
[  471.980885][   T39] usbtmc 14-1:16.0: can't read capabilities
[  472.136109][ T9188] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  472.181639][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.184374][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.187045][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.189735][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.192440][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.195118][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.197768][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.200384][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.203021][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.205912][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.208554][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.211275][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.213946][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.216614][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.219284][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.221983][    C2] usbtmc 14-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.229400][T31079] usb 14-1: USB disconnect, device number 21
[  472.248022][   T39] usb 13-1: USB disconnect, device number 47
[  472.549219][ T9447] bridge0: port 3(syz_tun) entered disabled state
[  472.603013][   T40] audit: type=1400 audit(1773752580.451:63733): avc:  denied  { ioctl } for  pid=9469 comm="syz.2.5057" path="socket:[139585]" dev="sockfs" ino=139585 ioctlcmd=0x9362 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  472.687975][   T40] audit: type=1400 audit(1773752580.541:63734): avc:  denied  { create } for  pid=9478 comm="syz.8.5059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  472.772757][ T9490] syzkaller0: entered promiscuous mode
[  472.774662][ T9490] syzkaller0: entered allmulticast mode
[  472.782520][ T9494] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  473.329880][ T9504] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5067'.
[  473.336881][   T40] audit: type=1400 audit(1773752581.181:63735): avc:  denied  { getopt } for  pid=9503 comm="syz.8.5067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  473.475584][   T40] audit: type=1400 audit(1773752581.321:63736): avc:  denied  { ioctl } for  pid=9528 comm="syz.8.5072" path="socket:[139616]" dev="sockfs" ino=139616 ioctlcmd=0x8921 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  473.530265][   T40] audit: type=1400 audit(1773752581.381:63737): avc:  denied  { watch watch_reads } for  pid=9528 comm="syz.8.5072" path=2F6D656D66643A2D42D54E34A64579DBD1A7B153F13A29202864656C6574656429 dev="tmpfs" ino=2160 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  473.590345][   T40] audit: type=1400 audit(1773752581.441:63738): avc:  denied  { getopt } for  pid=9540 comm="syz.3.5075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  473.802238][ T9551] syzkaller0: entered promiscuous mode
[  473.804796][ T9551] syzkaller0: entered allmulticast mode
[  473.900774][ T9563] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5079'.
[  473.905947][ T9563] netlink: 'syz.2.5079': attribute type 7 has an invalid length.
[  473.971061][ T5941] Bluetooth: hci3: command tx timeout
[  474.041228][ T9581] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5085'.
[  474.048864][ T9581] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5085'.
[  474.091664][ T9584] netlink: 'syz.2.5086': attribute type 4 has an invalid length.
[  474.102950][ T9578] /dev/sr0: Can't open blockdev
[  474.188531][ T9623] input: syz0 as /devices/virtual/input/input60
[  474.200224][ T3808] usb 8-1: new low-speed USB device number 5 using dummy_hcd
[  474.264203][ T9633] syzkaller0: entered promiscuous mode
[  474.266455][ T9633] syzkaller0: entered allmulticast mode
[  474.330661][ T9640] IPVS: length: 120 != 24
[  474.333568][ T9640] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5091'.
[  474.339676][ T9640] bond0: entered promiscuous mode
[  474.342761][ T9640] gretap0: entered promiscuous mode
[  474.345526][ T9640] debugfs: 'hsr1' already exists in 'hsr'
[  474.347418][ T9640] Cannot create hsr debugfs directory
[  474.349384][ T9640] hsr1: entered promiscuous mode
[  474.370004][ T3808] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  474.374987][ T3808] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  474.387959][ T3808] usb 8-1: config 0 interface 0 has no altsetting 0
[  474.390548][ T3808] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  474.393518][ T3808] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.409068][ T3808] usb 8-1: config 0 descriptor??
[  474.415372][ T9649] tmpfs: Bad value for 'mpol'
[  474.422663][ T9649] loop2: detected capacity change from 0 to 7
[  474.426012][ T9649] Dev loop2: unable to read RDB block 7
[  474.429571][ T9649]  loop2: unable to read partition table
[  474.431721][ T9649] loop2: partition table beyond EOD, truncated
[  474.434304][ T9649] loop_reread_partitions: partition scan of loop2 (�被x����� ) failed (rc=-5)
[  474.436929][ T9652] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5093'.
[  474.470596][ T9656] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5095'.
[  474.474308][   T40] audit: type=1400 audit(1773752582.321:63739): avc:  denied  { read } for  pid=9655 comm="syz.9.5095" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  474.571895][ T9687] netlink: 'syz.9.5097': attribute type 11 has an invalid length.
[  474.579129][ T9687] netlink: 'syz.9.5097': attribute type 4 has an invalid length.
[  474.586963][ T9687] netlink: 'syz.9.5097': attribute type 4 has an invalid length.
[  475.022006][ T9566] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13141 sclass=netlink_route_socket pid=9566 comm=syz.3.5080
[  475.034262][ T3808] usbhid 8-1:0.0: can't add hid device: -71
[  475.038851][ T3808] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  475.044419][ T3808] usb 8-1: USB disconnect, device number 5
[  475.772660][ T9748] kvm: kvm [9747]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0xc1) = 0x87
[  475.775769][ T9748] kvm: kvm [9747]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0xc2) = 0x87
[  475.796834][ T9748] kvm: kvm [9747]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x11e) = 0x87
[  475.816743][ T9748] kvm: kvm [9747]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x186) = 0x87
[  475.820633][ T9748] kvm: kvm [9747]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x187) = 0x87
[  475.834996][ T9765] ./file0: Can't lookup blockdev
[  475.839046][ T9748] kvm_intel: kvm [9747]: vcpu2, guest rIP: 0x9130 Unhandled WRMSR(0x1d9) = 0x87
[  475.842388][ T9765] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  475.883750][ T9771] netlink: 'syz.3.5110': attribute type 1 has an invalid length.
[  475.886918][ T8427] mkiss: ax0: crc mode is auto.
[  475.892816][ T9771] erspan1: entered allmulticast mode
[  476.057877][ T5941] Bluetooth: hci3: command tx timeout
[  476.597749][T31079] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  476.757762][T31079] usb 8-1: Using ep0 maxpacket: 8
[  476.761874][T31079] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  476.765578][T31079] usb 8-1: config 0 has no interface number 0
[  476.771577][T31079] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  476.776355][T31079] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  476.781827][T31079] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  476.786653][T31079] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  476.792583][T31079] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  476.796513][T31079] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.803291][T31079] usb 8-1: config 0 descriptor??
[  476.813087][T31079] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  477.015550][   T39] usb 8-1: USB disconnect, device number 6
[  477.015608][    C3] ldusb 8-1:0.55: usb_submit_urb failed (-19)
[  477.024811][   T39] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  477.165266][ T9834] syzkaller0: entered promiscuous mode
[  477.167163][ T9834] syzkaller0: entered allmulticast mode
[  477.219553][ T9808] ldusb: No device or device unplugged -19
[  477.272155][ T9808] xt_policy: too many policy elements
[  477.298149][  T830] libceph: connect (1)[c::]:6789 error -101
[  477.300218][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  477.304919][  T830] libceph: connect (1)[c::]:6789 error -101
[  477.306987][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  477.336791][ T9844] ceph: No mds server is up or the cluster is laggy
[  477.409500][ T9856] input: syz1 as /devices/virtual/input/input61
[  477.412570][ T9856] input: failed to attach handler leds to device input61, error: -6
[  477.452281][ T9860] __nla_validate_parse: 3 callbacks suppressed
[  477.452293][ T9860] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5119'.
[  478.253011][ T9871] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5122'.
[  478.282877][ T9876] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  478.292235][ T9876] macsec1: entered promiscuous mode
[  478.294009][ T9876] macsec1: entered allmulticast mode
[  478.395345][ T9897] netlink: 'syz.8.5128': attribute type 14 has an invalid length.
[  478.402240][ T9899] netlink: 'syz.8.5128': attribute type 14 has an invalid length.
[  478.543369][ T9911] netlink: 'syz.8.5129': attribute type 21 has an invalid length.
[  478.604010][ T9926] sch_tbf: peakrate 11 is lower than or equals to rate 2048 !
[  478.698093][ T9933] IPVS: Scheduler module ip_vs_sip not found
[  478.702337][ T9933] fuse: Bad value for 'group_id'
[  478.704644][ T9933] fuse: Bad value for 'group_id'
[  478.799851][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  478.799863][   T40] audit: type=1400 audit(1773752586.651:63746): avc:  denied  { create } for  pid=9937 comm="syz.9.5139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  478.809907][   T40] audit: type=1400 audit(1773752586.661:63747): avc:  denied  { setopt } for  pid=9937 comm="syz.9.5139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  478.820424][ T9938] netlink: 'syz.9.5139': attribute type 1 has an invalid length.
[  478.823796][ T9938] netlink: 'syz.9.5139': attribute type 2 has an invalid length.
[  478.873207][ T9946] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.5140'.
[  478.877014][ T9946] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.5140'.
[  479.041949][ T9952] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5142'.
[  479.306795][ T9954] 9pnet_fd: p9_fd_create_tcp (9954): problem binding to privport
[  479.557903][ T9965] XFS (nullb0): Invalid superblock magic number
[  479.691979][ T9980] syzkaller0: entered promiscuous mode
[  479.694502][ T9980] syzkaller0: entered allmulticast mode
[  479.877311][ T9994] nvme_fabrics: unknown parameter or missing value 'full 00000000000000000005 00000000000000000002' in ctrl creation request
[  480.097853][T10030] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5155'.
[  480.104632][T10030] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5155'.
[  480.118038][T10030] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10030 comm=syz.9.5155
[  480.135998][T10033] netlink: 'syz.8.5156': attribute type 10 has an invalid length.
[  480.139121][T10033] veth0_vlan: entered allmulticast mode
[  480.143879][T10033] veth0_vlan: left promiscuous mode
[  480.146494][T10033] veth0_vlan: entered promiscuous mode
[  480.149489][T10033] team0: Device veth0_vlan failed to register rx_handler
[  480.188278][   T40] audit: type=1804 audit(1773752588.021:63748): pid=10035 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.9.5158" name="/newroot/168/file0" dev="tmpfs" ino=910 res=1 errno=0
[  480.218470][T10040] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  480.226091][   T40] audit: type=1400 audit(1773752588.071:63749): avc:  denied  { mount } for  pid=10039 comm="syz.2.5157" name="/" dev="overlay" ino=924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  480.227743][T10043] syzkaller0: entered promiscuous mode
[  480.235781][T10043] syzkaller0: entered allmulticast mode
[  480.336509][T10063] Context (ID=0x0) not attached to queue pair (handle=0xffffffff:0x0)
[  480.547354][T10110] syzkaller0: entered promiscuous mode
[  480.552477][T10110] syzkaller0: entered allmulticast mode
[  480.584676][   T40] audit: type=1400 audit(1773752588.431:63750): avc:  denied  { remount } for  pid=10101 comm="syz.9.5175" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  480.628886][T10122] gfs2: error -5 reading superblock
[  480.737955][   T40] audit: type=1400 audit(1773752588.581:63751): avc:  denied  { read } for  pid=10123 comm="syz.9.5178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  480.823618][T10157] syz.2.5181 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  480.840669][T10157] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[  480.906619][T10166] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  480.908901][T10166] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  480.930439][T10166] vhci_hcd vhci_hcd.0: Device attached
[  481.168036][ T3808] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  481.171164][  T830] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  481.319480][  T830] usb 8-1: config index 0 descriptor too short (expected 8192, got 18)
[  481.322730][  T830] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  481.326674][  T830] usb 8-1: config 0 has no interfaces?
[  481.330737][  T830] usb 8-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  481.334239][  T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.352041][  T830] usb 8-1: config 0 descriptor??
[  481.556808][T10169] usbip_core: unknown command
[  481.559455][T10169] vhci_hcd: unknown pdu 196608
[  481.562828][T10169] usbip_core: unknown command
[  481.565199][ T9447] vhci_hcd vhci_hcd.3: stop threads
[  481.567339][ T9447] vhci_hcd vhci_hcd.3: release socket
[  481.573923][ T9447] vhci_hcd vhci_hcd.3: disconnect device
[  481.607394][   T40] audit: type=1400 audit(1773752589.451:63752): avc:  denied  { append } for  pid=10217 comm="syz.9.5191" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  481.685777][   T40] audit: type=1400 audit(1773752589.531:63753): avc:  denied  { unmount } for  pid=4856 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  481.730582][  T830] usb 8-1: string descriptor 0 read error: -71
[  481.736526][  T830] usb 8-1: USB disconnect, device number 7
[  481.924027][   T40] audit: type=1400 audit(1773752589.771:63754): avc:  denied  { execute } for  pid=10241 comm="syz.8.5194" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=143294 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  481.932974][   T40] audit: type=1800 audit(1773752589.771:63755): pid=10242 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.8.5194" name="[kvm-gmem]" dev="guest_memfd" ino=143294 res=0 errno=0
[  481.939538][T10246] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5192'.
[  481.943981][T10246] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5192'.
[  481.951425][T10246] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5192'.
[  482.206724][T10276] netlink: 'syz.8.5198': attribute type 11 has an invalid length.
[  482.406862][T10282] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  482.460777][T10286] __nla_validate_parse: 65 callbacks suppressed
[  482.460791][T10286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5201'.
[  482.496812][T10289] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5202'.
[  483.139600][T10304] veth1_macvtap: entered promiscuous mode
[  483.142331][T10304] macsec0: entered promiscuous mode
[  483.144280][T10304] macsec0: entered allmulticast mode
[  483.146663][T10304] veth1_macvtap: entered allmulticast mode
[  483.185307][T10310] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5208'.
[  483.190055][T10310] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5208'.
[  483.229261][T10314] netlink: 68 bytes leftover after parsing attributes in process `syz.8.5209'.
[  483.232707][T10313] comedi comedi0: bad chanlist[0]=0x0000001f chan=31 range length=1
[  483.269355][T10320] loop4: detected capacity change from 0 to 65536
[  483.333959][T10320] loop4: detected capacity change from 65536 to 524287995
[  483.429357][T10336] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.5213'.
[  483.429417][T10338] netlink: 132 bytes leftover after parsing attributes in process `syz.8.5212'.
[  483.481516][T10344] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10344 comm=syz.8.5214
[  483.744576][T10377] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5223'.
[  483.746236][T10378] program syz.8.5218 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  483.824202][T10380] kvm: kvm [10379]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  483.825447][T10386] netlink: 'syz.3.5226': attribute type 1 has an invalid length.
[  483.828533][T10380] kvm: kvm [10379]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  483.847494][T10386] 8021q: adding VLAN 0 to HW filter on device bond1
[  483.887106][T10424] openvswitch: netlink: Duplicate or invalid key (type 0).
[  483.891210][T10424] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  483.961541][T10424] netlink: 112 bytes leftover after parsing attributes in process `syz.3.5227'.
[  483.966915][T10425] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  484.073663][T10439] xt_CT: You must specify a L4 protocol and not use inversions on it
[  484.174867][T10438] block nbd9: shutting down sockets
[  484.284623][T10460] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5236'.
[  484.473403][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  484.473415][   T40] audit: type=1400 audit(1773752592.321:63758): avc:  denied  { accept } for  pid=10475 comm="syz.3.5243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  484.798546][T10514] netlink: 'syz.9.5253': attribute type 2 has an invalid length.
[  484.854622][T10518] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  484.860863][   T40] audit: type=1400 audit(1773752592.711:63759): avc:  denied  { watch_sb } for  pid=10517 comm="syz.9.5255" path="/207/file1" dev="tmpfs" ino=1124 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  485.019986][T10535] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  485.049452][T10529] sch_tbf: burst 19920 is lower than device lo mtu (11337746) !
[  485.066753][T10529] ALSA: mixer_oss: invalid OSS volume 'PHl�6��q
ӆ���ONEOUT'
[  485.069945][T10529] ALSA: mixer_oss: invalid index 1374389
[  485.127174][T10553] overlay: ./file0 is not a directory
[  485.138513][   T40] audit: type=1400 audit(1773752592.991:63760): avc:  denied  { setattr } for  pid=10550 comm="syz.9.5263" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  485.201063][   T40] audit: type=1326 audit(1773752593.051:63761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10560 comm="syz.2.5265" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fedc639c799 code=0x0
[  485.326991][T10580] dvmrp0: entered allmulticast mode
[  485.415556][   T40] audit: type=1400 audit(1773752593.261:63762): avc:  denied  { ioctl } for  pid=10585 comm="syz.9.5271" path="socket:[144666]" dev="sockfs" ino=144666 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  485.472788][T10592] hfsplus: unable to find HFS+ superblock
[  485.527856][ T1024] usb 13-1: new full-speed USB device number 48 using dummy_hcd
[  485.559006][   T40] audit: type=1400 audit(1773752593.411:63763): avc:  denied  { watch } for  pid=10600 comm="syz.9.5275" path="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  485.620172][T10611] ip6t_srh: unknown srh invflags 4000
[  485.693350][ T1024] usb 13-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  485.702536][ T1024] usb 13-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  485.707837][ T1024] usb 13-1: config 0 interface 0 has no altsetting 0
[  485.710679][ T1024] usb 13-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  485.713696][ T1024] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.729424][ T1024] usb 13-1: config 0 descriptor??
[  485.818008][T10647] netlink: 'syz.3.5279': attribute type 12 has an invalid length.
[  486.036283][T10625] kvm_intel: kvm [10617]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0x4905
[  486.051207][T10625] kvm: kvm [10617]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x1b00
[  486.147270][ T1024] hid_parser_main: 27 callbacks suppressed
[  486.147284][ T1024] hid-steam 0003:28DE:1102.0024: unknown main item tag 0x0
[  486.152483][ T1024] hid-steam 0003:28DE:1102.0024: unknown main item tag 0x0
[  486.155296][ T1024] hid-steam 0003:28DE:1102.0024: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.8-1/input0
[  486.217042][   T40] audit: type=1800 audit(1773752594.061:63764): pid=10707 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.2.5281" name="/newroot/188/file0" dev="tmpfs" ino=1017 res=0 errno=0
[  486.217768][ T1024] hid-steam 0003:28DE:1102.0024: Steam Controller 'XXXXXXXXXX' connected
[  486.235278][ T1024] input: Steam Controller as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:28DE:1102.0024/input/input62
[  486.253359][ T1024] hid-steam 0003:28DE:1102.0025: unknown main item tag 0x0
[  486.256018][ T1024] hid-steam 0003:28DE:1102.0025: unknown main item tag 0x0
[  486.260495][ T1024] hid-steam 0003:28DE:1102.0025: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.8-1/input0
[  486.261268][T10707] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  486.277956][ T3808] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  486.281399][   T40] audit: type=1400 audit(1773752594.131:63765): avc:  denied  { nlmsg_write } for  pid=10706 comm="syz.2.5281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  486.344768][ T1466] usb 13-1: USB disconnect, device number 48
[  486.383676][ T1466] hid-steam 0003:28DE:1102.0024: Steam Controller 'XXXXXXXXXX' disconnected
[  486.901267][T10780] syzkaller0: entered promiscuous mode
[  486.903753][T10780] syzkaller0: entered allmulticast mode
[  487.026991][T10806] netlink: 'syz.3.5291': attribute type 1 has an invalid length.
[  487.035678][ T9822] mkiss: ax0: crc mode is auto.
[  487.130268][ T8141] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  487.134079][ T8141] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  487.138222][ T8141] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  487.141873][ T8141] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  487.401823][   T40] audit: type=1400 audit(1773752595.251:63766): avc:  denied  { append } for  pid=10877 comm="syz.3.5297" name="001" dev="devtmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  487.468205][T10886] __nla_validate_parse: 21 callbacks suppressed
[  487.468223][T10886] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5299'.
[  487.489199][T10889] vcan0: tx address claim with dlc 0
[  487.528146][T10889] loop5: detected capacity change from 0 to 524287995
[  487.591486][T10895] syzkaller0: entered promiscuous mode
[  487.594060][T10895] syzkaller0: entered allmulticast mode
[  487.698502][   T40] audit: type=1400 audit(1773752595.551:63767): avc:  denied  { setopt } for  pid=10901 comm="syz.8.5302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  487.747145][T10914] netlink: 'syz.8.5304': attribute type 5 has an invalid length.
[  487.758152][T10914] ip6erspan0: entered promiscuous mode
[  487.860822][T10931] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  487.867081][T24043] bridge0: port 3(syz_tun) entered blocking state
[  487.869302][T24043] bridge0: port 3(syz_tun) entered forwarding state
[  487.886946][T10920] bond0: (slave rose0): Enslaving as an active interface with an up link
[  488.029408][T10946] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  488.052824][T10953] binder: 10951:10953 ioctl 4018620d 0 returned -22
[  488.216336][T10967] SELinux: ebitmap start bit (4278255616) is beyond the end of the bitmap (320)
[  488.223891][T10967] SELinux: failed to load policy
[  488.381128][ T5941] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  488.385515][ T5941] Bluetooth: hci3: Injecting HCI hardware error event
[  488.390530][ T5941] Bluetooth: hci3: hardware error 0x00
[  488.578865][ T5929] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1
[  489.450896][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5325'.
[  489.643032][T11031] netlink: 168 bytes leftover after parsing attributes in process `syz.8.5326'.
[  489.945715][T11064] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5329'.
[  490.013888][ T5929] block nbd2: Receive control failed (result -107)
[  490.447742][ T5941] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  492.607948][ T5941] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  492.614134][ T5941] Bluetooth: hci4: Injecting HCI hardware error event
[  492.618986][ T5941] Bluetooth: hci4: hardware error 0x00
[  492.805724][T10956] kexec: Could not allocate control_code_buffer
[  492.872062][T11118] bridge6: the hash_elasticity option has been deprecated and is always 16
[  492.896445][T11064] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  492.914460][T11124] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5337'.
[  492.954039][T11124] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  492.976062][T11127] openvswitch: netlink: IP tunnel dst address not specified
[  493.094860][T11146] program syz.2.5343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  493.124837][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  493.124848][   T40] audit: type=1400 audit(1773752600.971:63769): avc:  denied  { watch } for  pid=11148 comm="syz.3.5344" path="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  493.252755][T11160] 9p: Bad value for 'wfdno'
[  493.274712][T11158] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  493.517248][T11177] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5347'.
[  493.696404][   T40] audit: type=1400 audit(1773752601.541:63770): avc:  denied  { append } for  pid=11213 comm="syz.3.5358" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  493.705757][T11215] netlink: 'syz.2.5357': attribute type 4 has an invalid length.
[  493.750096][T11220] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5358'.
[  493.758559][T11220] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5358'.
[  493.773497][T11223] netlink: 'syz.2.5360': attribute type 10 has an invalid length.
[  493.778057][T11223] syz_tun: entered promiscuous mode
[  493.788603][T11223] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  493.831175][T11230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5361'.
[  493.834174][T11230] netlink: 'syz.2.5361': attribute type 21 has an invalid length.
[  493.886295][ T6404] libceph: connect (1)[c::]:6789 error -101
[  493.888913][ T6404] libceph: mon0 (1)[c::]:6789 connect error
[  493.933078][T11242] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5362'.
[  493.939594][T11242] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5362'.
[  494.030852][T24043] bond0: (slave syz_tun): interface is now down
[  494.042790][T24043] bond0: now running without any active interface!
[  494.148940][ T6404] libceph: connect (1)[c::]:6789 error -101
[  494.151131][ T6404] libceph: mon0 (1)[c::]:6789 connect error
[  494.257279][T11258] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5366'.
[  494.313200][T11263] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5366'.
[  494.408228][T11270] tipc: MTU too low for tipc bearer
[  494.495019][T11279] netlink: 'syz.2.5370': attribute type 2 has an invalid length.
[  494.503696][T11279] bridge7: the hash_elasticity option has been deprecated and is always 16
[  494.660895][   T59] libceph: connect (1)[c::]:6789 error -101
[  494.663581][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  494.687848][ T5941] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  494.709558][T11237] ceph: No mds server is up or the cluster is laggy
[  494.840667][T11315] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5378'.
[  494.878078][   T39] usb 13-1: new full-speed USB device number 49 using dummy_hcd
[  495.050203][   T39] usb 13-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  495.053962][   T39] usb 13-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  495.057088][   T39] usb 13-1: config 0 interface 0 has no altsetting 0
[  495.064848][   T39] usb 13-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  495.068849][   T39] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.074211][   T39] usb 13-1: config 0 descriptor??
[  495.482811][   T39] hid-steam 0003:28DE:1102.0026: unknown main item tag 0x0
[  495.485201][   T39] hid-steam 0003:28DE:1102.0026: unknown main item tag 0x0
[  495.489482][   T39] hid-steam 0003:28DE:1102.0026: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.8-1/input0
[  495.547812][   T39] hid-steam 0003:28DE:1102.0026: Steam Controller 'XXXXXXXXXX' connected
[  495.559613][   T39] input: Steam Controller as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:28DE:1102.0026/input/input63
[  495.589597][   T39] hid-steam 0003:28DE:1102.0027: unknown main item tag 0x0
[  495.592875][   T39] hid-steam 0003:28DE:1102.0027: unknown main item tag 0x0
[  495.600617][   T39] hid-steam 0003:28DE:1102.0027: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.8-1/input0
[  495.693920][   T59] usb 13-1: USB disconnect, device number 49
[  495.715089][   T59] hid-steam 0003:28DE:1102.0026: Steam Controller 'XXXXXXXXXX' disconnected
[  495.716353][T11367] fido_id[11367]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb13/13-1/report_descriptor': No such file or directory
[  495.781352][T11393] MINIX-fs: unable to read superblock
[  496.128316][ T2146] block nbd1: Possible stuck request ffff88803d8c0000: control (read@0,1024B). Runtime 30 seconds
[  496.134351][ T2146] block nbd1: Possible stuck request ffff88803d8c0200: control (read@1024,1024B). Runtime 30 seconds
[  496.139350][ T2146] block nbd1: Possible stuck request ffff88803d8c0400: control (read@2048,1024B). Runtime 30 seconds
[  496.144044][ T2146] block nbd1: Possible stuck request ffff88803d8c0600: control (read@3072,1024B). Runtime 30 seconds
[  496.301224][   T40] audit: type=1400 audit(1773752604.151:63771): avc:  denied  { connect } for  pid=11444 comm="syz.3.5399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  496.303103][  T830] IPVS: starting estimator thread 0...
[  496.383937][T11459] netlink: 'syz.9.5403': attribute type 7 has an invalid length.
[  496.386767][T11459] netlink: 'syz.9.5403': attribute type 8 has an invalid length.
[  496.392855][   T40] audit: type=1400 audit(1773752604.241:63772): avc:  denied  { getopt } for  pid=11456 comm="syz.9.5403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  496.397838][T11448] IPVS: using max 43 ests per chain, 103200 per kthread
[  496.404092][T11459] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=11459 comm=syz.9.5403
[  496.411435][T11459] netlink: 'syz.9.5403': attribute type 12 has an invalid length.
[  496.420907][T11459] netlink: 'syz.9.5403': attribute type 12 has an invalid length.
[  496.420919][ T8141] netdevsim netdevsim9 netdevsim0: set [0, 1] type 1 family 0 port 8472 - 0
[  496.427321][ T8141] netdevsim netdevsim9 netdevsim1: set [0, 1] type 1 family 0 port 8472 - 0
[  496.433096][ T8141] netdevsim netdevsim9 netdevsim2: set [0, 1] type 1 family 0 port 8472 - 0
[  496.438107][ T8141] netdevsim netdevsim9 netdevsim3: set [0, 1] type 1 family 0 port 8472 - 0
[  496.493714][T11461] openvswitch: netlink: Message has 4 unknown bytes.
[  496.495990][T11461] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  496.657920][ T6645] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  496.810292][ T6645] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  496.814280][ T6645] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  496.817591][ T6645] usb 8-1: config 0 interface 0 has no altsetting 0
[  496.820101][ T6645] usb 8-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  496.823105][ T6645] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.827620][ T6645] usb 8-1: config 0 descriptor??
[  497.237465][ T6645] hid-steam 0003:28DE:1102.0028: unknown main item tag 0x0
[  497.241216][ T6645] hid-steam 0003:28DE:1102.0028: unknown main item tag 0x0
[  497.244315][ T6645] hid-steam 0003:28DE:1102.0028: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  497.317813][ T6645] hid-steam 0003:28DE:1102.0028: Steam Controller 'XXXXXXXXXX' connected
[  497.327051][ T6645] input: Steam Controller as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:28DE:1102.0028/input/input64
[  497.344872][ T6645] hid-steam 0003:28DE:1102.0029: unknown main item tag 0x0
[  497.350238][ T6645] hid-steam 0003:28DE:1102.0029: unknown main item tag 0x0
[  497.364116][ T6645] hid-steam 0003:28DE:1102.0029: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  497.503448][ T6645] usb 8-1: USB disconnect, device number 8
[  497.535667][ T6645] hid-steam 0003:28DE:1102.0028: Steam Controller 'XXXXXXXXXX' disconnected
[  497.712326][T11530] loop1: detected capacity change from 0 to 7
[  497.715473][    C2] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.719055][    C2] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.723257][    C2] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.726455][    C2] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.730652][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.734145][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.737555][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.741764][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.745284][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.748598][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.751518][    C1] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.754793][    C1] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.758358][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.762623][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.766058][ T6461] ldm_validate_partition_table(): Disk read failed.
[  497.772133][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.776306][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.779699][T11535] FAULT_INJECTION: forcing a failure.
[  497.779699][T11535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  497.780754][    C2] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.784018][T11535] CPU: 1 UID: 0 PID: 11535 Comm: syz.8.5411 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  497.784036][T11535] Tainted: [L]=SOFTLOCKUP
[  497.784040][T11535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  497.784047][T11535] Call Trace:
[  497.784051][T11535]  <TASK>
[  497.784056][T11535]  dump_stack_lvl+0x100/0x190
[  497.784085][T11535]  should_fail_ex.cold+0x5/0xa
[  497.784101][T11535]  _copy_from_iter+0x1f4/0x1690
[  497.784119][T11535]  ? __asan_memset+0x23/0x50
[  497.784135][T11535]  ? __pfx__copy_from_iter+0x10/0x10
[  497.784146][T11535]  ? __pfx___alloc_skb+0x10/0x10
[  497.784168][T11535]  netlink_sendmsg+0x808/0xda0
[  497.784188][T11535]  ? __pfx_netlink_sendmsg+0x10/0x10
[  497.784203][T11535]  ? PageHuge+0x170/0x180
[  497.784222][T11535]  ____sys_sendmsg+0x9e1/0xb70
[  497.784239][T11535]  ? __pfx_netlink_sendmsg+0x10/0x10
[  497.784256][T11535]  ? __pfx_____sys_sendmsg+0x10/0x10
[  497.784279][T11535]  ___sys_sendmsg+0x190/0x1e0
[  497.784298][T11535]  ? __pfx____sys_sendmsg+0x10/0x10
[  497.784333][T11535]  __sys_sendmsg+0x170/0x220
[  497.784347][T11535]  ? __pfx___sys_sendmsg+0x10/0x10
[  497.784370][T11535]  do_syscall_64+0x106/0xf80
[  497.784384][T11535]  ? clear_bhb_loop+0x40/0x90
[  497.784398][T11535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.784409][T11535] RIP: 0033:0x7f49f6f9c799
[  497.784419][T11535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  497.784430][T11535] RSP: 002b:00007f49f7eb5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  497.784441][T11535] RAX: ffffffffffffffda RBX: 00007f49f7216090 RCX: 00007f49f6f9c799
[  497.784448][T11535] RDX: 00000000200040b4 RSI: 0000200000000040 RDI: 0000000000000003
[  497.784455][T11535] RBP: 00007f49f7eb5090 R08: 0000000000000000 R09: 0000000000000000
[  497.784461][T11535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.784468][T11535] R13: 00007f49f7216128 R14: 00007f49f7216090 R15: 00007ffc463fe488
[  497.784482][T11535]  </TASK>
[  497.857323][    C2] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.860088][    C0] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  497.864072][    C0] Buffer I/O error on dev loop1, logical block 0, async page read
[  497.868356][ T6461] Dev loop1: unable to read RDB block 0
[  497.870922][ T6461]  loop1: unable to read partition table
[  497.872867][ T6461] loop1: partition table beyond EOD, truncated
[  497.881628][T11530] ldm_validate_partition_table(): Disk read failed.
[  497.885016][T11530] Dev loop1: unable to read RDB block 0
[  497.888317][T11530]  loop1: unable to read partition table
[  497.890993][T11530] loop1: partition table beyond EOD, truncated
[  497.893692][T11530] loop_reread_partitions: partition scan of loop1 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  498.206993][T10950] mkiss: ax0: crc mode is auto.
[  499.672878][T11481] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  499.752552][T11576] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  499.758162][ T1466] IPVS: starting estimator thread 0...
[  499.783476][T11581] bond5: invalid ARP target 0.0.0.0 specified for addition
[  499.786702][T11581] bond5: option arp_ip_target: invalid value (0)
[  499.792194][T11581] bond5 (unregistering): Released all slaves
[  499.846447][T11583] bond5: invalid ARP target 0.0.0.0 specified for addition
[  499.853603][T11583] bond5: option arp_ip_target: invalid value (0)
[  499.858602][T11583] bond5 (unregistering): Released all slaves
[  499.871395][T11582] IPVS: using max 30 ests per chain, 72000 per kthread
[  500.036364][T11744] /dev/nullb0: Can't open blockdev
[  500.092284][T11748] __nla_validate_parse: 92 callbacks suppressed
[  500.092298][T11748] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.5424'.
[  500.192208][ T5996] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  500.355790][ T5996] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  500.367483][ T5996] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  500.371925][ T5996] usb 8-1: config 0 interface 0 has no altsetting 0
[  500.374905][ T5996] usb 8-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  500.378833][ T5996] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.388358][ T5996] usb 8-1: config 0 descriptor??
[  500.801368][ T5996] hid-steam 0003:28DE:1102.002A: unknown main item tag 0x0
[  500.809791][ T5996] hid-steam 0003:28DE:1102.002A: unknown main item tag 0x0
[  500.815930][ T5996] hid-steam 0003:28DE:1102.002A: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  500.883527][ T5996] hid-steam 0003:28DE:1102.002A: Steam Controller 'XXXXXXXXXX' connected
[  500.895055][ T5996] input: Steam Controller as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:28DE:1102.002A/input/input65
[  500.919088][ T5996] hid-steam 0003:28DE:1102.002B: unknown main item tag 0x0
[  500.921525][ T5996] hid-steam 0003:28DE:1102.002B: unknown main item tag 0x0
[  500.931501][ T5996] hid-steam 0003:28DE:1102.002B: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  501.056297][ T6404] usb 8-1: USB disconnect, device number 9
[  501.092123][ T6404] hid-steam 0003:28DE:1102.002A: Steam Controller 'XXXXXXXXXX' disconnected
[  501.770431][T11790] netlink: 'syz.8.5426': attribute type 10 has an invalid length.
[  501.773928][T11790] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5426'.
[  501.779334][T11790] batadv0: entered promiscuous mode
[  501.780767][T11794] FAULT_INJECTION: forcing a failure.
[  501.780767][T11794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.781682][T11790] batadv0: entered allmulticast mode
[  501.787484][T11794] CPU: 0 UID: 0 PID: 11794 Comm: syz.2.5427 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  501.787510][T11794] Tainted: [L]=SOFTLOCKUP
[  501.787517][T11794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  501.787527][T11794] Call Trace:
[  501.787534][T11794]  <TASK>
[  501.787541][T11794]  dump_stack_lvl+0x100/0x190
[  501.787581][T11794]  should_fail_ex.cold+0x5/0xa
[  501.787604][T11794]  _copy_from_iter+0x1f4/0x1690
[  501.787633][T11794]  ? __asan_memset+0x23/0x50
[  501.787675][T11794]  ? __pfx__copy_from_iter+0x10/0x10
[  501.787692][T11794]  ? __pfx___alloc_skb+0x10/0x10
[  501.787729][T11794]  netlink_sendmsg+0x808/0xda0
[  501.787757][T11794]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.787781][T11794]  ? PageHuge+0x170/0x180
[  501.787812][T11794]  ____sys_sendmsg+0x9e1/0xb70
[  501.787837][T11794]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.787864][T11794]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.787902][T11794]  ___sys_sendmsg+0x190/0x1e0
[  501.787931][T11794]  ? __pfx____sys_sendmsg+0x10/0x10
[  501.787988][T11794]  __sys_sendmsg+0x170/0x220
[  501.788016][T11794]  ? __pfx___sys_sendmsg+0x10/0x10
[  501.788054][T11794]  do_syscall_64+0x106/0xf80
[  501.788080][T11794]  ? clear_bhb_loop+0x40/0x90
[  501.788102][T11794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.788120][T11794] RIP: 0033:0x7fedc639c799
[  501.788136][T11794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  501.788152][T11794] RSP: 002b:00007fedc721b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.788170][T11794] RAX: ffffffffffffffda RBX: 00007fedc6615fa0 RCX: 00007fedc639c799
[  501.788181][T11794] RDX: 00000000200040b4 RSI: 0000200000000040 RDI: 0000000000000003
[  501.788192][T11794] RBP: 00007fedc721b090 R08: 0000000000000000 R09: 0000000000000000
[  501.788203][T11794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.788213][T11794] R13: 00007fedc6616038 R14: 00007fedc6615fa0 R15: 00007fffdb49c188
[  501.788239][T11794]  </TASK>
[  501.878154][T11790] bridge0: port 4(batadv0) entered blocking state
[  501.880441][T11790] bridge0: port 4(batadv0) entered disabled state
[  501.883998][T11790] bridge0: port 4(batadv0) entered blocking state
[  501.886114][T11790] bridge0: port 4(batadv0) entered forwarding state
[  501.928538][T24043] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  501.934230][T24043] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  501.959385][T11819] syzkaller0: entered promiscuous mode
[  501.961715][T11819] syzkaller0: entered allmulticast mode
[  502.177825][ T1466] usb 13-1: new high-speed USB device number 50 using dummy_hcd
[  502.311671][T11851] Option '     ' to dns_resolver key: bad/missing value
[  502.317476][T11854] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5440'.
[  502.323683][T11854] netlink: 'syz.9.5440': attribute type 6 has an invalid length.
[  502.327025][T11854] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5440'.
[  502.331814][T11854] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5440'.
[  502.335711][T11854] netlink: 'syz.9.5440': attribute type 6 has an invalid length.
[  502.339755][ T1466] usb 13-1: Using ep0 maxpacket: 32
[  502.345201][T11854] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5440'.
[  502.346777][ T1466] usb 13-1: config 0 has an invalid interface number: 119 but max is 0
[  502.352151][ T1466] usb 13-1: config 0 has no interface number 0
[  502.354199][ T1466] usb 13-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  502.358065][ T1466] usb 13-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  502.361954][ T1466] usb 13-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  502.365188][ T1466] usb 13-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  502.371422][ T1466] usb 13-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  502.374364][ T1466] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  502.376996][ T1466] usb 13-1: Product: syz
[  502.378998][ T1466] usb 13-1: Manufacturer: syz
[  502.380842][ T1466] usb 13-1: SerialNumber: syz
[  502.383964][ T1466] usb 13-1: config 0 descriptor??
[  502.386068][T11811] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  502.393474][ T1466] input: bcm5974 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.119/input/input66
[  502.396518][   T40] audit: type=1400 audit(1773752610.241:63773): avc:  denied  { connect } for  pid=11862 comm="syz.2.5442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  502.412030][ T5322] usb 13-1: BOGUS urb xfer, pipe 1 != type 3
[  502.427787][    C2] bcm5974 13-1:0.119: trackpad urb failed: -1
[  502.548930][T11894] exFAT-fs (nbd9): unable to read boot sector
[  502.551957][T11894] exFAT-fs (nbd9): failed to read boot sector
[  502.554449][T11894] exFAT-fs (nbd9): failed to recognize exfat type
[  502.596677][ T6404] usb 13-1: USB disconnect, device number 50
usb_generic_handle_packet: ctrl buffer too small (16384 > 4096)
[  502.763770][T11923] bond3: Removing last arp target with arp_interval on
[  502.813810][T11961] SELinux:  Context system_u:object_r:clock_device_t:s0 is not valid (left unmapped).
[  502.818533][   T40] audit: type=1400 audit(1773752610.671:63774): avc:  denied  { relabelto } for  pid=11960 comm="syz.3.5453" name="113" dev="tmpfs" ino=598 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:clock_device_t:s0"
[  502.837066][   T40] audit: type=1400 audit(1773752610.671:63775): avc:  denied  { associate } for  pid=11960 comm="syz.3.5453" name="113" dev="tmpfs" ino=598 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:clock_device_t:s0"
[  502.870362][T11963] syzkaller0: entered promiscuous mode
[  502.872216][T11963] syzkaller0: entered allmulticast mode
[  503.106588][T11991] overlay: Unknown parameter 'uid<00000000000000000000'
[  503.119126][T11991] kAFS: unable to lookup cell 'syz9'
[  503.147315][   T40] audit: type=1400 audit(1773752610.991:63776): avc:  denied  { read } for  pid=11994 comm="syz.9.5461" path="socket:[152325]" dev="sockfs" ino=152325 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  503.203882][T12004] IPv6: NLM_F_CREATE should be specified when creating new route
[  503.218371][T12003] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5463'.
[  503.306851][T12020] fuse: Bad value for 'group_id'
[  503.308708][T12020] fuse: Bad value for 'group_id'
[  503.344494][T12031] lo: entered allmulticast mode
[  503.362199][T12031] lo: left allmulticast mode
[  503.372335][T12038] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5471'.
[  503.375287][T12038] netem: invalid attributes len -22
[  503.376953][T12038] netem: change failed
[  503.413782][ T5941] Bluetooth: hci1: unexpected Set CIG Parameters response data
[  503.416526][ T5941] Bluetooth: hci1: unexpected event for opcode 0x2062
[  503.424628][T12041] : entered promiscuous mode
[  503.521841][   T40] audit: type=1400 audit(1773752611.371:63777): avc:  denied  { read } for  pid=12056 comm="syz.8.5474" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.529510][   T40] audit: type=1400 audit(1773752611.371:63778): avc:  denied  { open } for  pid=12056 comm="syz.8.5474" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.535434][T12057] binder: 12056:12057 ioctl 80044d16 200000000100 returned -22
[  503.539457][   T40] audit: type=1400 audit(1773752611.371:63779): avc:  denied  { ioctl } for  pid=12056 comm="syz.8.5474" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.541933][T12057] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:27 to non-existent VLAN 3328
[  503.613255][T12061] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  503.647834][ T3808] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  503.799609][ T3808] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  503.803563][ T3808] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  503.806983][ T3808] usb 8-1: config 0 interface 0 has no altsetting 0
[  503.809447][ T3808] usb 8-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  503.812450][ T3808] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.816914][ T3808] usb 8-1: config 0 descriptor??
[  503.857823][   T50] usb 13-1: new high-speed USB device number 51 using dummy_hcd
[  504.007766][   T50] usb 13-1: Using ep0 maxpacket: 8
[  504.012082][   T50] usb 13-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  504.016734][   T50] usb 13-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.021116][   T50] usb 13-1: config 0 interface 0 has no altsetting 0
[  504.023878][   T50] usb 13-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  504.027949][   T50] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.033839][   T50] usb 13-1: config 0 descriptor??
[  504.230856][ T3808] hid-steam 0003:28DE:1102.002C: unknown main item tag 0x0
[  504.233841][ T3808] hid-steam 0003:28DE:1102.002C: unknown main item tag 0x0
[  504.237102][ T3808] hid-steam 0003:28DE:1102.002C: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  504.297891][ T3808] hid-steam 0003:28DE:1102.002C: Steam Controller 'XXXXXXXXXX' connected
[  504.304187][ T3808] input: Steam Controller as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:28DE:1102.002C/input/input67
[  504.335159][ T3808] hid-steam 0003:28DE:1102.002D: unknown main item tag 0x0
[  504.343309][ T3808] hid-steam 0003:28DE:1102.002D: unknown main item tag 0x0
[  504.354007][ T3808] hid-steam 0003:28DE:1102.002D: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.3-1/input0
[  504.442781][   T50] mcp2221 0003:04D8:00DD.002E: unknown main item tag 0x0
[  504.445548][   T50] mcp2221 0003:04D8:00DD.002E: unknown main item tag 0x0
[  504.449550][ T3808] usb 8-1: USB disconnect, device number 10
[  504.453389][   T50] mcp2221 0003:04D8:00DD.002E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[  504.477198][ T3808] hid-steam 0003:28DE:1102.002C: Steam Controller 'XXXXXXXXXX' disconnected
[  504.718949][ T3808] usb 13-1: USB disconnect, device number 51
[  504.999722][T12164] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5483'.
[  505.064604][T12171] ceph: No source
[  505.106161][T12174] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5486'.
[  505.195242][T12182] FAULT_INJECTION: forcing a failure.
[  505.195242][T12182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  505.202817][T12182] CPU: 0 UID: 0 PID: 12182 Comm: syz.9.5490 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  505.202845][T12182] Tainted: [L]=SOFTLOCKUP
[  505.202852][T12182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  505.202863][T12182] Call Trace:
[  505.202869][T12182]  <TASK>
[  505.202877][T12182]  dump_stack_lvl+0x100/0x190
[  505.202910][T12182]  should_fail_ex.cold+0x5/0xa
[  505.202934][T12182]  _copy_to_user+0x32/0xd0
[  505.202954][T12182]  simple_read_from_buffer+0xcb/0x170
[  505.202985][T12182]  proc_fail_nth_read+0x1af/0x230
[  505.203011][T12182]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  505.203037][T12182]  ? rw_verify_area+0xce/0x6d0
[  505.203062][T12182]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  505.203086][T12182]  vfs_read+0x1e4/0xb30
[  505.203115][T12182]  ? __pfx_vfs_read+0x10/0x10
[  505.203141][T12182]  ? __fget_files+0x215/0x3d0
[  505.203166][T12182]  ? __fget_files+0x21f/0x3d0
[  505.203191][T12182]  ksys_read+0x12a/0x250
[  505.203217][T12182]  ? __pfx_ksys_read+0x10/0x10
[  505.203250][T12182]  do_syscall_64+0x106/0xf80
[  505.203274][T12182]  ? clear_bhb_loop+0x40/0x90
[  505.203295][T12182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.203314][T12182] RIP: 0033:0x7ff05c35cfce
[  505.203335][T12182] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  505.203351][T12182] RSP: 002b:00007ff05d2cefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  505.203368][T12182] RAX: ffffffffffffffda RBX: 00007ff05d2cf6c0 RCX: 00007ff05c35cfce
[  505.203380][T12182] RDX: 000000000000000f RSI: 00007ff05d2cf0a0 RDI: 0000000000000004
[  505.203390][T12182] RBP: 00007ff05d2cf090 R08: 0000000000000000 R09: 0000000000000000
[  505.203400][T12182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  505.203410][T12182] R13: 00007ff05c616038 R14: 00007ff05c615fa0 R15: 00007ffe9c015828
[  505.203436][T12182]  </TASK>
[  505.367089][T12200] binder: 12199:12200 ioctl c00c620f 0 returned -14
[  505.517984][ T1466] usb 14-1: new full-speed USB device number 22 using dummy_hcd
[  505.568507][T12223] xt_limit: Overflow, try lower: 271964/0
[  505.571370][T12224] xt_limit: Overflow, try lower: 271964/0
[  505.624925][T12229] x_tables: duplicate underflow at hook 3
[  505.679210][ T1466] usb 14-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  505.683203][ T1466] usb 14-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  505.687866][ T1466] usb 14-1: config 0 interface 0 has no altsetting 0
[  505.690460][ T1466] usb 14-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  505.694224][T12237] raw_sendmsg: syz.8.5502 forgot to set AF_INET. Fix it!
[  505.696787][ T1466] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.701603][ T1466] usb 14-1: config 0 descriptor??
[  505.710451][T12237] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5502'.
[  506.114964][ T1466] hid_parser_main: 3 callbacks suppressed
[  506.114982][ T1466] hid-steam 0003:28DE:1102.002F: unknown main item tag 0x0
[  506.123369][ T1466] hid-steam 0003:28DE:1102.002F: unknown main item tag 0x0
[  506.127075][ T1466] hid-steam 0003:28DE:1102.002F: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.9-1/input0
[  506.197878][ T1466] hid-steam 0003:28DE:1102.002F: Steam Controller 'XXXXXXXXXX' connected
[  506.226265][ T1466] input: Steam Controller as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/0003:28DE:1102.002F/input/input68
[  506.240272][ T1466] hid-steam 0003:28DE:1102.0030: unknown main item tag 0x0
[  506.248269][ T1466] hid-steam 0003:28DE:1102.0030: unknown main item tag 0x0
[  506.258142][ T1466] hid-steam 0003:28DE:1102.0030: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.9-1/input0
[  506.265186][T12282] netlink: 'syz.3.5510': attribute type 9 has an invalid length.
[  506.329897][ T1466] usb 14-1: USB disconnect, device number 22
[  506.377114][ T1466] hid-steam 0003:28DE:1102.002F: Steam Controller 'XXXXXXXXXX' disconnected
[  506.394613][   T40] audit: type=1400 audit(1773752614.241:63780): avc:  denied  { mount } for  pid=12306 comm="syz.2.5513" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  506.503350][T12309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5513'.
[  506.506150][T12321] syzkaller0: entered promiscuous mode
[  506.506340][T12309] openvswitch: netlink: Unknown nsh attribute 0
[  506.508366][T12321] syzkaller0: entered allmulticast mode
[  506.523046][   T40] audit: type=1400 audit(1773752614.371:63781): avc:  denied  { unmount } for  pid=3109 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  506.623316][T12329] ubi: mtd0 is already attached to ubi0
[  506.747029][T12345] netlink: 'syz.3.5518': attribute type 39 has an invalid length.
[  506.845345][T12360] netlink: 'syz.8.5521': attribute type 21 has an invalid length.
[  506.848783][T12360] netlink: 152 bytes leftover after parsing attributes in process `syz.8.5521'.
[  506.857113][   T40] audit: type=1400 audit(1773752614.701:63782): avc:  denied  { sendto } for  pid=12359 comm="syz.8.5521" saddr=fe80::aa daddr=ff02::1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  506.872972][T12360] dummy0: entered allmulticast mode
[  506.906125][T12360] dlm: non-version read from control device 8224
[  506.918973][T12359] dummy0: left allmulticast mode
[  507.020957][T12375] syzkaller0: entered promiscuous mode
[  507.022927][T12375] syzkaller0: entered allmulticast mode
[  507.031710][T12375] geneve2: entered promiscuous mode
[  507.033485][T12375] geneve2: entered allmulticast mode
[  507.035131][T12379] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  507.036381][ T6688] netdevsim netdevsim8 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  507.038011][T12379] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  507.038732][T12379] vhci_hcd vhci_hcd.0: Device attached
[  507.041012][ T6688] netdevsim netdevsim8 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  507.050667][ T6688] netdevsim netdevsim8 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  507.057324][T12379] 9pnet_fd: Insufficient options for proto=fd
[  507.068627][T12382] vhci_hcd: connection closed
[  507.068867][ T6685] vhci_hcd vhci_hcd.3: stop threads
[  507.073145][ T6685] vhci_hcd vhci_hcd.3: release socket
[  507.075518][ T6685] vhci_hcd vhci_hcd.3: disconnect device
[  507.078671][ T6688] netdevsim netdevsim8 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  507.172767][T12393] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  507.175303][T12393] batadv_slave_0: entered promiscuous mode
[  507.177210][T12393] batadv_slave_0: entered allmulticast mode
[  507.340594][T12419] openvswitch: netlink: Tunnel attr 140 out of range max 16
[  507.557752][ T6546] usb 14-1: new high-speed USB device number 23 using dummy_hcd
[  507.708123][ T6546] usb 14-1: Using ep0 maxpacket: 32
[  507.715465][ T6546] usb 14-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.720338][ T6546] usb 14-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  507.727286][ T6546] usb 14-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=1b.23
[  507.731651][ T6546] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.735299][ T6546] usb 14-1: Product: syz
[  507.737198][ T6546] usb 14-1: Manufacturer: syz
[  507.739494][ T6546] usb 14-1: SerialNumber: syz
[  507.744146][ T6546] usb 14-1: config 0 descriptor??
[  508.553657][T12454] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12454 comm=syz.3.5535
[  508.554271][T12455] netlink: 'syz.3.5535': attribute type 17 has an invalid length.
[  508.562368][T12455] netlink: 5 bytes leftover after parsing attributes in process `syz.3.5535'.
[  508.977944][T12455] macvtap0: entered allmulticast mode
[  508.980393][T12455] veth0_macvtap: entered allmulticast mode
[  508.983734][T12455] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check.
[  508.988765][ T6546] usb 14-1: USB disconnect, device number 23
[  509.010737][T12466] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5536'.
[  509.093421][T12472] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5536'.
[  509.111577][T12472] bond0 (unregistering): left promiscuous mode
[  509.116212][T12472] bond0 (unregistering): (slave syz_tun): Releasing backup interface
[  509.123435][T12472] bond0 (unregistering): Released all slaves
[  509.152522][T12466] infiniband syz0: set down
[  509.154256][T12466] infiniband syz0: added bond_slave_0
[  509.171937][T12466] RDS/IB: syz0: added
[  509.173392][T12466] smc: adding ib device syz0 with port count 1
[  509.176429][T12466] smc:    ib device syz0 port 1 has no pnetid
[  509.305646][T11568] mkiss: ax0: crc mode is auto.
[  509.392129][T12504] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  509.395410][T12504] IPv6: NLM_F_CREATE should be set when creating new route
[  509.397770][T12506] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  509.401920][T12506] IPv6: NLM_F_CREATE should be set when creating new route
[  509.402489][T12504] input: syz0 as /devices/virtual/input/input69
[  509.478696][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  509.494451][T12516] openvswitch: netlink: Missing key (keys=40, expected=100)
[  509.572305][T12520] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5547'.
[  509.576104][T12520] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5547'.
[  509.624997][T12529] netlink: 'syz.3.5549': attribute type 19 has an invalid length.
[  509.627613][T12529] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5549'.
[  509.640302][T12529] netlink: 'syz.3.5549': attribute type 19 has an invalid length.
[  509.784280][T12546] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  509.892501][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  509.892516][   T40] audit: type=1400 audit(1773752617.741:63784): avc:  denied  { write } for  pid=12562 comm="syz.8.5557" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  509.969526][T12575] ALSA: mixer_oss: invalid OSS volume 'PHl�6��q
ӆ���ONEOUT'
[  509.971950][T12575] ALSA: mixer_oss: invalid index 1374389
[  509.974439][T12575] program syz.9.5559 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  510.005466][T12577] dummy0: entered promiscuous mode
[  510.015002][T12577] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  510.018896][ T1115] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[  510.020511][T12577] debugfs: 'hsr1' already exists in 'hsr'
[  510.023324][ T1115] ata1.00: irq_stat 0x40000000
[  510.023786][T12577] Cannot create hsr debugfs directory
[  510.026346][ T1115] ata1.00: failed command: ZAC MANAGEMENT OUT
[  510.027963][T12577] hsr1: entered allmulticast mode
[  510.030657][ T1115] ata1.00: cmd 9f/01:00:00:00:00/00:00:00:00:00/40 tag 19
[  510.030657][ T1115]          res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error)
[  510.032093][T12577] dummy0: entered allmulticast mode
[  510.039485][ T1115] ata1.00: status: { DRDY ERR }
[  510.040707][T12577] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  510.042863][ T1115] ata1.00: error: { ABRT }
[  510.049992][ T1115] ata1.00: device reported invalid CHS sector 0
[  510.112882][T12596] sock: sock_timestamping_bind_phc: sock not bind to device
[  510.164442][T12596] sock: sock_timestamping_bind_phc: sock not bind to device
[  510.224619][T12612] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  510.225436][T12611] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  510.327303][T12625] ip6tnl2: entered promiscuous mode
[  510.338215][T12625] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12625 comm=syz.9.5570
[  510.720955][T12668] comedi comedi3: comedi_config --init_data is deprecated
[  510.980548][T12697] netlink: 'syz.2.5585': attribute type 21 has an invalid length.
[  511.382611][ T8457] bridge0: port 3(syz_tun) entered disabled state
[  511.397391][ T8457] syz_tun (unregistering): left allmulticast mode
[  511.401094][ T8457] syz_tun (unregistering): left promiscuous mode
[  511.404628][ T8457] bridge0: port 3(syz_tun) entered disabled state
[  511.405282][   T40] audit: type=1400 audit(1773752619.251:63785): avc:  denied  { setopt } for  pid=12729 comm="syz.3.5590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  511.554751][T12747] team0: No ports can be present during mode change
[  511.558361][T12747] netlink: 'syz.9.5593': attribute type 8 has an invalid length.
[  512.185822][    C2] ata1: illegal qc_active transition (00000000->00000800)
[  512.255992][T12791] __nla_validate_parse: 3 callbacks suppressed
[  512.256010][T12791] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5605'.
[  512.313841][T12791] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  512.515852][ T1115] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  512.520287][ T1115] ata1.00: configured for UDMA/100
[  512.669391][ T5929] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  512.673676][ T5929] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  512.678822][ T5929] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  512.682094][ T5929] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  512.684895][ T5929] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  512.688885][T12819] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  512.692351][T12819] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  512.700281][T12819] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  512.703769][T12819] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  512.747512][T12815] sctp: [Deprecated]: syz.3.5608 (pid 12815) Use of struct sctp_assoc_value in delayed_ack socket option.
[  512.747512][T12815] Use struct sctp_sack_info instead
[  512.756947][   T40] audit: type=1400 audit(1773752620.601:63786): avc:  denied  { getopt } for  pid=12814 comm="syz.3.5608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  512.835453][T12836] gfs2: not a GFS2 filesystem
[  512.840270][   T40] audit: type=1400 audit(1773752620.691:63787): avc:  denied  { map } for  pid=12835 comm="syz.3.5612" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  512.971995][T12817] chnl_net:caif_netlink_parms(): no params data found
[  513.046989][T12817] bridge0: port 1(bridge_slave_0) entered blocking state
[  513.049505][T12817] bridge0: port 1(bridge_slave_0) entered disabled state
[  513.052036][T12817] bridge_slave_0: entered allmulticast mode
[  513.054822][T12817] bridge_slave_0: entered promiscuous mode
[  513.058370][T12817] bridge0: port 2(bridge_slave_1) entered blocking state
[  513.063035][T12817] bridge0: port 2(bridge_slave_1) entered disabled state
[  513.065697][T12817] bridge_slave_1: entered allmulticast mode
[  513.069886][T12817] bridge_slave_1: entered promiscuous mode
[  513.100545][T12817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  513.107476][T12817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  513.131352][T12817] team0: Port device team_slave_0 added
[  513.135807][T12817] team0: Port device team_slave_1 added
[  513.174892][T12817] batman_adv: batadv0: Adding interface: batadv_slave_0
[  513.177157][T12817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  513.187036][T12817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  513.192023][T12817] batman_adv: batadv0: Adding interface: batadv_slave_1
[  513.194426][T12817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  513.202935][T12817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  513.231212][T12817] hsr_slave_0: entered promiscuous mode
[  513.233829][T12817] hsr_slave_1: entered promiscuous mode
[  513.477829][   T59] usb 14-1: new high-speed USB device number 24 using dummy_hcd
[  513.642185][   T59] usb 14-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  513.649847][   T59] usb 14-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  513.653847][   T59] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  513.657401][   T59] usb 14-1: Product: syz
[  513.659919][   T59] usb 14-1: Manufacturer: syz
[  513.662043][   T59] usb 14-1: SerialNumber: syz
[  513.876989][   T59] usblp 14-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  513.881462][T12817] 
[  513.882886][T12817] ======================================================
[  513.886175][T12817] WARNING: possible circular locking dependency detected
[  513.889323][T12817] syzkaller #0 Tainted: G             L     
[  513.892271][T12817] ------------------------------------------------------
[  513.895412][T12817] syz-executor/12817 is trying to acquire lock:
[  513.898258][T12817] ffffffff8e9ab0c0 (fs_reclaim){+.+.}-{0:0}, at: __kmalloc_cache_noprof+0x4b/0x6f0
[  513.902555][T12817] 
[  513.902555][T12817] but task is already holding lock:
[  513.906009][T12817] ffff8880136d5538 (&idev->mc_lock){+.+.}-{4:4}, at: __ipv6_dev_mc_inc+0x53/0xbc0
[  513.910280][T12817] 
[  513.910280][T12817] which lock already depends on the new lock.
[  513.910280][T12817] 
[  513.915035][T12817] 
[  513.915035][T12817] the existing dependency chain (in reverse order) is:
[  513.919167][T12817] 
[  513.919167][T12817] -> #7 (&idev->mc_lock){+.+.}-{4:4}:
[  513.922707][T12817]        __mutex_lock+0x1a2/0x1b90
[  513.925144][T12817]        __ipv6_dev_mc_inc+0x53/0xbc0
[  513.927563][T12817]        __ipv6_sock_mc_join+0x5b8/0x8e0
[  513.930191][T12817]        ipv6_mcast_join_leave+0x1f9/0x220
[  513.932929][T12817]        do_ipv6_setsockopt+0x2739/0x4510
[  513.935589][T12817]        ipv6_setsockopt+0xcb/0x170
[  513.935885][   T40] audit: type=1400 audit(1773752621.781:63788): avc:  denied  { write } for  pid=5885 comm="syz-executor" path="pipe:[7339]" dev="pipefs" ino=7339 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  513.938091][T12817]        udpv6_setsockopt+0x7d/0xd0
[  513.938112][T12817]        do_sock_setsockopt+0xf3/0x1d0
[  513.938136][T12817]        __sys_setsockopt+0x195/0x220
[  513.938153][T12817]        __x64_sys_setsockopt+0xbd/0x160
[  513.938173][T12817]        do_syscall_64+0x106/0xf80
[  513.957983][T12817]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.960930][T12817] 
[  513.960930][T12817] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}:
[  513.964026][T12817]        lock_sock_nested+0x41/0xf0
[  513.965737][T12817]        inet_shutdown+0x67/0x410
[  513.967467][T12817]        nbd_mark_nsock_dead+0xae/0x5c0
[  513.969927][T12817]        recv_work+0x5fb/0x8c0
[  513.971883][T12817]        process_one_work+0xa23/0x19a0
[  513.974181][T12817]        worker_thread+0x5ef/0xe50
[  513.976470][T12817]        kthread+0x370/0x450
[  513.978383][T12817]        ret_from_fork+0x754/0xd80
[  513.980097][T12817]        ret_from_fork_asm+0x1a/0x30
[  513.981882][T12817] 
[  513.981882][T12817] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[  513.984281][T12817]        __mutex_lock+0x1a2/0x1b90
[  513.985948][T12817]        nbd_queue_rq+0x428/0x1080
[  513.987812][T12817]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  513.990420][T12817]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  513.993333][T12817]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  513.996033][T12817]        blk_mq_run_hw_queue+0x23c/0x670
[  513.998450][T12817]        blk_mq_dispatch_list+0x51d/0x1360
[  514.000416][T12817]        blk_mq_flush_plug_list+0x130/0x600
[  514.002427][T12817]        __blk_flush_plug+0x2c4/0x4b0
[  514.004197][T12817]        __submit_bio+0x584/0x6c0
[  514.005821][T12817]        submit_bio_noacct_nocheck+0x562/0xc10
[  514.007778][T12817]        submit_bio_noacct+0xd17/0x2010
[  514.009715][T12817]        submit_bh_wbc+0x59c/0x770
[  514.011500][T12817]        block_read_full_folio+0x264/0x8e0
[  514.013621][T12817]        filemap_read_folio+0xfc/0x3b0
[  514.015472][T12817]        do_read_cache_folio+0x2d7/0x6b0
[  514.017310][T12817]        read_part_sector+0xd1/0x370
[  514.019091][T12817]        adfspart_check_ICS+0x93/0x910
[  514.021026][T12817]        bdev_disk_changed+0x7f8/0xc80
[  514.022880][T12817]        blkdev_get_whole+0x187/0x290
[  514.024857][T12817]        bdev_open+0x2c7/0xe40
[  514.026514][T12817]        blkdev_open+0x34e/0x4f0
[  514.028156][T12817]        do_dentry_open+0x6d8/0x1660
[  514.029957][T12817]        vfs_open+0x82/0x3f0
[  514.031550][T12817]        path_openat+0x208c/0x31a0
[  514.033273][T12817]        do_file_open+0x20e/0x430
[  514.035143][T12817]        do_sys_openat2+0x10d/0x1e0
[  514.036865][T12817]        __x64_sys_openat+0x12d/0x210
[  514.038668][T12817]        do_syscall_64+0x106/0xf80
[  514.040384][T12817]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.042547][T12817] 
[  514.042547][T12817] -> #4 (&cmd->lock){+.+.}-{4:4}:
[  514.045155][T12817]        __mutex_lock+0x1a2/0x1b90
[  514.047136][T12817]        nbd_queue_rq+0xba/0x1080
[  514.048813][T12817]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  514.050895][T12817]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  514.053147][T12817]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  514.055365][T12817]        blk_mq_run_hw_queue+0x23c/0x670
[  514.057196][T12817]        blk_mq_dispatch_list+0x51d/0x1360
[  514.059112][T12817]        blk_mq_flush_plug_list+0x130/0x600
[  514.061190][T12817]        __blk_flush_plug+0x2c4/0x4b0
[  514.063015][T12817]        __submit_bio+0x584/0x6c0
[  514.064681][T12817]        submit_bio_noacct_nocheck+0x562/0xc10
[  514.066801][T12817]        submit_bio_noacct+0xd17/0x2010
[  514.068664][T12817]        submit_bh_wbc+0x59c/0x770
[  514.070450][T12817]        block_read_full_folio+0x264/0x8e0
[  514.072393][T12817]        filemap_read_folio+0xfc/0x3b0
[  514.074245][T12817]        do_read_cache_folio+0x2d7/0x6b0
[  514.076022][T12817]        read_part_sector+0xd1/0x370
[  514.078120][T12817]        adfspart_check_ICS+0x93/0x910
[  514.079871][T12817]        bdev_disk_changed+0x7f8/0xc80
[  514.081703][T12817]        blkdev_get_whole+0x187/0x290
[  514.083610][T12817]        bdev_open+0x2c7/0xe40
[  514.085329][T12817]        blkdev_open+0x34e/0x4f0
[  514.087168][T12817]        do_dentry_open+0x6d8/0x1660
[  514.089134][T12817]        vfs_open+0x82/0x3f0
[  514.090895][T12817]        path_openat+0x208c/0x31a0
[  514.092775][T12817]        do_file_open+0x20e/0x430
[  514.094736][T12817]        do_sys_openat2+0x10d/0x1e0
[  514.096550][T12817]        __x64_sys_openat+0x12d/0x210
[  514.098690][T12817]        do_syscall_64+0x106/0xf80
[  514.100376][T12817]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.102791][T12817] 
[  514.102791][T12817] -> #3 (set->srcu){.+.+}-{0:0}:
[  514.105444][T12817]        __synchronize_srcu+0xa1/0x2a0
[  514.107254][T12817]        blk_mq_quiesce_queue+0x149/0x1c0
[  514.109255][T12817]        elevator_switch+0x17b/0x7e0
[  514.111056][T12817]        elevator_change+0x352/0x530
[  514.112892][T12817]        elevator_set_default+0x29e/0x360
[  514.115030][T12817]        blk_register_queue+0x412/0x590
[  514.117359][T12817]        __add_disk+0x73f/0xe40
[  514.118954][T12817]        add_disk_fwnode+0x118/0x5c0
[  514.120717][T12817]        nbd_dev_add+0x77a/0xb10
[  514.122453][T12817]        nbd_init+0x291/0x2b0
[  514.124379][T12817]        do_one_initcall+0x11d/0x760
[  514.126126][T12817]        kernel_init_freeable+0x6e5/0x7a0
[  514.127933][T12817]        kernel_init+0x1f/0x1e0
[  514.129654][T12817]        ret_from_fork+0x754/0xd80
[  514.131429][T12817]        ret_from_fork_asm+0x1a/0x30
[  514.132954][T12817] 
[  514.132954][T12817] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  514.135372][T12817]        __mutex_lock+0x1a2/0x1b90
[  514.136858][T12817]        elevator_change+0x1bc/0x530
[  514.138434][T12817]        elevator_set_none+0x92/0xf0
[  514.140210][T12817]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  514.142287][T12817]        nbd_start_device+0x1a6/0xbd0
[  514.144098][T12817]        nbd_genl_connect+0xff2/0x1a40
[  514.146436][T12817]        genl_family_rcv_msg_doit+0x214/0x300
[  514.148477][T12817]        genl_rcv_msg+0x560/0x800
[  514.150112][T12817]        netlink_rcv_skb+0x159/0x420
[  514.151798][T12817]        genl_rcv+0x28/0x40
[  514.153264][T12817]        netlink_unicast+0x5aa/0x870
[  514.154998][T12817]        netlink_sendmsg+0x8b0/0xda0
[  514.157173][T12817]        ____sys_sendmsg+0x9e1/0xb70
[  514.159426][T12817]        ___sys_sendmsg+0x190/0x1e0
[  514.161711][T12817]        __sys_sendmsg+0x170/0x220
[  514.163929][T12817]        do_syscall_64+0x106/0xf80
[  514.166193][T12817]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.168905][T12817] 
[  514.168905][T12817] -> #1 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  514.172469][T12817]        blk_alloc_queue+0x610/0x790
[  514.174265][T12817]        blk_mq_alloc_queue+0x174/0x290
[  514.176115][T12817]        __blk_mq_alloc_disk+0x29/0x120
[  514.178432][T12817]        nbd_dev_add+0x492/0xb10
[  514.180384][T12817]        nbd_init+0x291/0x2b0
[  514.182452][T12817]        do_one_initcall+0x11d/0x760
[  514.184528][T12817]        kernel_init_freeable+0x6e5/0x7a0
[  514.186670][T12817]        kernel_init+0x1f/0x1e0
[  514.188498][T12817]        ret_from_fork+0x754/0xd80
[  514.190392][T12817]        ret_from_fork_asm+0x1a/0x30
[  514.192102][T12817] 
[  514.192102][T12817] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  514.194676][T12817]        __lock_acquire+0x14b8/0x2630
[  514.196785][T12817]        lock_acquire+0x1cf/0x380
[  514.198988][T12817]        fs_reclaim_acquire+0xc4/0x100
[  514.201365][T12817]        __kmalloc_cache_noprof+0x4b/0x6f0
[  514.203929][T12817]        __ipv6_dev_mc_inc+0x2f1/0xbc0
[  514.206319][T12817]        ipv6_add_dev+0xb78/0x1520
[  514.208559][T12817]        addrconf_notify+0x563/0x19c0
[  514.210929][T12817]        notifier_call_chain+0x99/0x420
[  514.213336][T12817]        call_netdevice_notifiers_info+0xbe/0x110
[  514.216023][T12817]        register_netdevice+0x16e6/0x2210
[  514.218327][T12817]        nsim_create+0xc27/0x1370
[  514.220476][T12817]        __nsim_dev_port_add+0x2f4/0x790
[  514.222897][T12817]        nsim_drv_probe+0xeb7/0x14b0
[  514.225131][T12817]        really_probe+0x241/0xa60
[  514.227248][T12817]        __driver_probe_device+0x1de/0x400
[  514.229759][T12817]        driver_probe_device+0x4c/0x1b0
[  514.232137][T12817]        __device_attach_driver+0x1df/0x340
[  514.234710][T12817]        bus_for_each_drv+0x159/0x1e0
[  514.237046][T12817]        __device_attach+0x1e4/0x4d0
[  514.239267][T12817]        device_initial_probe+0xaf/0xd0
[  514.241582][T12817]        bus_probe_device+0x64/0x160
[  514.243792][T12817]        device_add+0x11d9/0x1950
[  514.245952][T12817]        new_device_store+0x40b/0x700
[  514.248222][T12817]        bus_attr_store+0x74/0xb0
[  514.250412][T12817]        sysfs_kf_write+0xf2/0x150
[  514.252623][T12817]        kernfs_fop_write_iter+0x3e0/0x5f0
[  514.254940][T12817]        vfs_write+0x6ac/0x1070
[  514.256980][T12817]        ksys_write+0x12a/0x250
[  514.259061][T12817]        do_syscall_64+0x106/0xf80
[  514.261267][T12817]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.263725][T12817] 
[  514.263725][T12817] other info that might help us debug this:
[  514.263725][T12817] 
[  514.267507][T12817] Chain exists of:
[  514.267507][T12817]   fs_reclaim --> sk_lock-AF_INET6 --> &idev->mc_lock
[  514.267507][T12817] 
[  514.271821][T12817]  Possible unsafe locking scenario:
[  514.271821][T12817] 
[  514.274202][T12817]        CPU0                    CPU1
[  514.275933][T12817]        ----                    ----
[  514.277729][T12817]   lock(&idev->mc_lock);
[  514.279337][T12817]                                lock(sk_lock-AF_INET6);
[  514.281568][T12817]                                lock(&idev->mc_lock);
[  514.283779][T12817]   lock(fs_reclaim);
[  514.285096][T12817] 
[  514.285096][T12817]  *** DEADLOCK ***
[  514.285096][T12817] 
[  514.287675][T12817] 9 locks held by syz-executor/12817:
[  514.289431][T12817]  #0: ffff88802dd3c420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  514.292315][T12817]  #1: ffff888111a3a088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  514.295410][T12817]  #2: ffff88802b62ae18 (kn->active#58){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  514.298339][T12817]  #3: ffffffff8fb69d68 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: new_device_store+0xfe/0x700
[  514.301651][T12817]  #4: ffff88802dc540e8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4d0
[  514.304594][T12817]  #5: ffff88802dc55250 (&devlink->lock_key#19){+.+.}-{4:4}, at: nsim_drv_probe+0xd4/0x14b0
[  514.307800][T12817]  #6: ffffffff906114a8 (rtnl_mutex){+.+.}-{4:4}, at: nsim_create+0x936/0x1370
[  514.310690][T12817]  #7: ffff88803bac8d40 (&dev_instance_lock_key#24){+.+.}-{4:4}, at: register_netdevice+0x16c6/0x2210
[  514.314173][T12817]  #8: ffff8880136d5538 (&idev->mc_lock){+.+.}-{4:4}, at: __ipv6_dev_mc_inc+0x53/0xbc0
[  514.317263][T12817] 
[  514.317263][T12817] stack backtrace:
[  514.319168][T12817] CPU: 0 UID: 0 PID: 12817 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.319184][T12817] Tainted: [L]=SOFTLOCKUP
[  514.319188][T12817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  514.319195][T12817] Call Trace:
[  514.319200][T12817]  <TASK>
[  514.319205][T12817]  dump_stack_lvl+0x100/0x190
[  514.319223][T12817]  print_circular_bug.cold+0x178/0x1c7
[  514.319241][T12817]  check_noncircular+0x146/0x160
[  514.319260][T12817]  __lock_acquire+0x14b8/0x2630
[  514.319271][T12817]  ? __ipv6_dev_mc_inc+0x53/0xbc0
[  514.319284][T12817]  lock_acquire+0x1cf/0x380
[  514.319293][T12817]  ? __kmalloc_cache_noprof+0x4b/0x6f0
[  514.319310][T12817]  fs_reclaim_acquire+0xc4/0x100
[  514.319321][T12817]  ? __kmalloc_cache_noprof+0x4b/0x6f0
[  514.319334][T12817]  __kmalloc_cache_noprof+0x4b/0x6f0
[  514.319347][T12817]  ? __ipv6_dev_mc_inc+0x2f1/0xbc0
[  514.319360][T12817]  __ipv6_dev_mc_inc+0x2f1/0xbc0
[  514.319374][T12817]  ipv6_add_dev+0xb78/0x1520
[  514.319388][T12817]  addrconf_notify+0x563/0x19c0
[  514.319410][T12817]  ? ip6mr_device_event+0x1bc/0x230
[  514.319422][T12817]  notifier_call_chain+0x99/0x420
[  514.319434][T12817]  call_netdevice_notifiers_info+0xbe/0x110
[  514.319451][T12817]  register_netdevice+0x16e6/0x2210
[  514.319466][T12817]  ? __pfx_register_netdevice+0x10/0x10
[  514.319481][T12817]  ? debugfs_create_file_full+0x41/0x60
[  514.319496][T12817]  nsim_create+0xc27/0x1370
[  514.319508][T12817]  __nsim_dev_port_add+0x2f4/0x790
[  514.319521][T12817]  ? __pfx___nsim_dev_port_add+0x10/0x10
[  514.319536][T12817]  ? nsim_dev_hwstats_init+0xf5/0x4f0
[  514.319547][T12817]  nsim_drv_probe+0xeb7/0x14b0
[  514.319562][T12817]  ? __pfx_nsim_drv_probe+0x10/0x10
[  514.319577][T12817]  ? kernfs_put+0x3f/0x60
[  514.319588][T12817]  ? sysfs_create_link+0x68/0xc0
[  514.319604][T12817]  ? __pfx_nsim_bus_probe+0x10/0x10
[  514.319621][T12817]  really_probe+0x241/0xa60
[  514.319637][T12817]  __driver_probe_device+0x1de/0x400
[  514.319652][T12817]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  514.319666][T12817]  driver_probe_device+0x4c/0x1b0
[  514.319682][T12817]  __device_attach_driver+0x1df/0x340
[  514.319699][T12817]  ? __pfx___device_attach_driver+0x10/0x10
[  514.319714][T12817]  bus_for_each_drv+0x159/0x1e0
[  514.319727][T12817]  ? __pfx_bus_for_each_drv+0x10/0x10
[  514.319742][T12817]  __device_attach+0x1e4/0x4d0
[  514.319757][T12817]  ? __pfx___device_attach+0x10/0x10
[  514.319773][T12817]  ? do_raw_spin_unlock+0x145/0x1e0
[  514.319786][T12817]  device_initial_probe+0xaf/0xd0
[  514.319803][T12817]  bus_probe_device+0x64/0x160
[  514.319817][T12817]  device_add+0x11d9/0x1950
[  514.319828][T12817]  ? __pfx_device_add+0x10/0x10
[  514.319837][T12817]  ? lockdep_init_map_type+0x5c/0x250
[  514.319848][T12817]  ? __init_waitqueue_head+0xca/0x150
[  514.319863][T12817]  new_device_store+0x40b/0x700
[  514.319880][T12817]  ? __pfx_new_device_store+0x10/0x10
[  514.319897][T12817]  ? find_held_lock+0x2b/0x80
[  514.319910][T12817]  ? sysfs_file_kobj+0xe4/0x290
[  514.319924][T12817]  ? sysfs_file_kobj+0xe4/0x290
[  514.319938][T12817]  ? __pfx_new_device_store+0x10/0x10
[  514.319955][T12817]  bus_attr_store+0x74/0xb0
[  514.319966][T12817]  ? __pfx_bus_attr_store+0x10/0x10
[  514.319977][T12817]  sysfs_kf_write+0xf2/0x150
[  514.319993][T12817]  kernfs_fop_write_iter+0x3e0/0x5f0
[  514.320006][T12817]  ? __pfx_sysfs_kf_write+0x10/0x10
[  514.320021][T12817]  vfs_write+0x6ac/0x1070
[  514.320038][T12817]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  514.320052][T12817]  ? __pfx_vfs_write+0x10/0x10
[  514.320068][T12817]  ? __pfx_do_sys_openat2+0x10/0x10
[  514.320085][T12817]  ksys_write+0x12a/0x250
[  514.320101][T12817]  ? __pfx_ksys_write+0x10/0x10
[  514.320119][T12817]  do_syscall_64+0x106/0xf80
[  514.320133][T12817]  ? clear_bhb_loop+0x40/0x90
[  514.320145][T12817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.320156][T12817] RIP: 0033:0x7fe6e395cfce
[  514.320166][T12817] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  514.320177][T12817] RSP: 002b:00007ffd7f578818 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  514.320188][T12817] RAX: ffffffffffffffda RBX: 0000555585d47500 RCX: 00007fe6e395cfce
[  514.320195][T12817] RDX: 0000000000000003 RSI: 00007ffd7f5788a0 RDI: 0000000000000005
[  514.320201][T12817] RBP: 00007fe6e3a33540 R08: 0000000000000000 R09: 0000000000000000
[  514.320208][T12817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  514.320214][T12817] R13: 00007ffd7f5788a0 R14: 00007fe6e4744620 R15: 0000000000000003
[  514.320224][T12817]  </TASK>
[  514.939895][ T1466] usb 14-1: USB disconnect, device number 24
[  514.943648][ T1466] usblp0: removed
[  515.292887][T24043] bridge_slave_1: left allmulticast mode
[  515.295360][T24043] bridge_slave_1: left promiscuous mode
[  515.297932][T24043] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.301719][T24043] bridge_slave_0: left allmulticast mode
[  515.303899][T24043] bridge_slave_0: left promiscuous mode
[  515.306142][T24043] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.380501][T24043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  515.385380][T24043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  515.389915][T24043] bond0 (unregistering): Released all slaves
[  515.500325][T24043] hsr_slave_0: left promiscuous mode
[  515.502717][T24043] hsr_slave_1: left promiscuous mode
[  515.505356][T24043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  515.508950][T24043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  515.542413][T24043] team0 (unregistering): Port device team_slave_1 removed
[  515.547144][T24043] team0 (unregistering): Port device team_slave_0 removed
[  515.992404][T24043] netdevsim netdevsim9 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  515.995989][T24043] netdevsim netdevsim9 netdevsim3 (unregistering): unset [0, 1] type 1 family 0 port 8472 - 0
[  516.001541][T24043] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.070853][T24043] netdevsim netdevsim9 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  516.074165][T24043] netdevsim netdevsim9 netdevsim2 (unregistering): unset [0, 1] type 1 family 0 port 8472 - 0
[  516.078167][T24043] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.142417][T24043] netdevsim netdevsim9 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  516.146706][T24043] netdevsim netdevsim9 netdevsim1 (unregistering): unset [0, 1] type 1 family 0 port 8472 - 0
[  516.151348][T24043] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.225436][T24043] netdevsim netdevsim9 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  516.229881][T24043] netdevsim netdevsim9 netdevsim0 (unregistering): unset [0, 1] type 1 family 0 port 8472 - 0
[  516.234149][T24043] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.311923][T24043] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.353249][T24043] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.433087][T24043] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.495939][T24043] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[  516.499294][T24043] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.600343][T24043] bridge_slave_1: left allmulticast mode
[  516.602725][T24043] bridge_slave_1: left promiscuous mode
[  516.605233][T24043] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.610911][T24043] bridge_slave_0: left allmulticast mode
[  516.613271][T24043] bridge_slave_0: left promiscuous mode
[  516.615685][T24043] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.624233][T24043] bridge_slave_1: left allmulticast mode
[  516.626487][T24043] bridge_slave_1: left promiscuous mode
[  516.628970][T24043] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.633364][T24043] bridge_slave_0: left allmulticast mode
[  516.635595][T24043] bridge_slave_0: left promiscuous mode
[  516.641234][T24043] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.708949][T24043] erspan0 (unregistering): left promiscuous mode
[  517.156397][T24043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  517.161829][T24043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  517.166457][T24043] bond0 (unregistering): Released all slaves
[  517.171257][T24043] bond1 (unregistering): Released all slaves
[  517.178511][T24043] bond2 (unregistering): Released all slaves
[  517.184789][T24043] bond3 (unregistering): Released all slaves
[  517.216351][T24043] dvmrp0 (unregistering): left allmulticast mode
[  517.420182][T24043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  517.423954][T24043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  517.427209][T24043] bond0 (unregistering): Released all slaves
[  517.430475][T24043] bond1 (unregistering): Released all slaves
[  517.518978][T24043] : left promiscuous mode
[  517.563553][T24043] tipc: Left network mode
[  517.948466][T24043] veth0_to_team: left promiscuous mode
[  517.952391][T24043] hsr_slave_0: left promiscuous mode
[  517.954481][T24043] hsr_slave_1: left promiscuous mode
[  517.956380][T24043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  517.959442][T24043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.962142][T24043] dummy0: left promiscuous mode
[  517.965798][T24043] hsr_slave_0: left promiscuous mode
[  517.969053][T24043] hsr_slave_1: left promiscuous mode
[  517.971689][T24043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  517.974749][T24043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.979528][T24043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  517.982633][T24043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  517.991465][T24043] veth1_macvtap: left promiscuous mode
[  517.993814][T24043] veth0_macvtap: left promiscuous mode
[  517.996089][T24043] veth1_vlan: left promiscuous mode
[  517.998454][T24043] veth0_vlan: left promiscuous mode
[  518.001866][T24043] veth1_macvtap: left promiscuous mode
[  518.004234][T24043] veth0_macvtap: left allmulticast mode
[  518.006502][T24043] veth0_macvtap: left promiscuous mode
[  518.009110][T24043] veth1_vlan: left promiscuous mode
[  518.011338][T24043] veth0_vlan: left promiscuous mode
[  518.151485][T24043] team0 (unregistering): Port device team_slave_1 removed
[  518.155955][T24043] team0 (unregistering): Port device team_slave_0 removed
[  518.291550][T24043] team0 (unregistering): Port device team_slave_1 removed
[  518.298672][T24043] team0 (unregistering): Port device team_slave_0 removed
[  518.852931][T24043] IPVS: stop unused estimator thread 0...
[  518.855278][T24043] IPVS: stop unused estimator thread 0...
[  520.430901][T12627] mkiss: ax0: crc mode is auto.