last executing test programs:

1m13.913402448s ago: executing program 3 (id=223):
r0 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000124d5240e316e9f958000000000109021b00010000000009047800018fa68d000905834b8a36c3"], 0x0)
syz_usb_ep_read(r0, 0x8, 0xf9, &(0x7f0000000240)=""/249)
openat$mice(0xffffff9c, &(0x7f0000000040), 0x167342)

1m12.663539474s ago: executing program 3 (id=233):
socket(0x10, 0x80002, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newnexthop={0x2c, 0x68, 0x1, 0x100003, 0x80000000, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x0, 0x0, 0x5e, 0x200000000000, 0x100000000000006})
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_SETFSUUID(0xffffffffffffffff, 0x4008662c, &(0x7f00000000c0)={0x0, 0x0, "7ec961d07e27160d452c844837fc3497"})
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000040))
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x1c0, 0x111, 0x4b4, 0x1c0, 0xd4feffff, 0x2d0, 0x20a, 0x278, 0x2d0, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [0x0, 0xffffff00], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6, 0xfe}, 0x0, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2, 0xe}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @mcast2, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r5 = syz_open_dev$radio(&(0x7f0000002b40), 0x3, 0x2)
ioctl$VIDIOC_QUERYMENU(r5, 0xc02c5625, &(0x7f0000000000)={0x98f907, 0x5, @name="03489dc364b8b035b088af7cd259cf32928518e18ff9ffffff08581448a7fc5e"})

1m12.543066927s ago: executing program 3 (id=234):
signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x80]}, 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000fffd29bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000223803001c0012800c0001006d6163766c616e000c000280080009000800ffef08000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x20040040)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vxcan0\x00', <r1=>0x0})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001ac0)={r2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f8002ed1f3c4da06963dd89d130e0f0374c32a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})
ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x10000)
sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=@ipv6_newaddrlabel={0x64, 0x48, 0x0, 0x70bd2d, 0x25dfdbfd, {0xa, 0x0, 0x8f, 0x0, r1, 0x7}, [@IFAL_ADDRESS={0x14, 0x1, @mcast1}, @IFAL_LABEL={0x8, 0x2, 0xb}, @IFAL_LABEL={0x8, 0x2, 0x7}, @IFAL_LABEL={0x8, 0x2, 0x4}, @IFAL_LABEL={0x8, 0x2, 0x4}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x64}, 0x1, 0x0, 0x0, 0x8008000}, 0x800)

1m12.4224507s ago: executing program 3 (id=235):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000080)='./file1\x00', 0x8)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f00000000c0)='./file1\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r1, 0xffffffff80000800, 0x0, &(0x7f0000000340)={0x0, 0x4, 0x100000001, 0x0, 0x6, 0x8, 0x6, 0xfffffffffffffffd, 0x100fff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, 0x0, 0x118)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000170900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x2000c450)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000bfd000/0x400000)=nil)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r6, &(0x7f0000000040)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r11=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="5e2e0900000000003800128009000100766c616e00000000280002800600010004000000100003800c000100070000800100000009000000000000000300000008000500", @ANYRES32=r11, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9], 0x68}, 0x1, 0x0, 0x0, 0x600}, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000180)={@mcast2, 0x44, r11})
r12 = syz_kvm_add_vcpu$x86(r5, &(0x7f0000000080)={0x0, &(0x7f0000000040)=[@rdmsr={0x66, 0x18, {0x40000105}}], 0x18})
ioctl$KVM_SET_CPUID2(r12, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x7, 0x83}]})
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r12, 0x4068aea3, &(0x7f00000000c0)={0xc7, 0x0, 0x1})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
unshare(0x60000600)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)

1m12.241636398s ago: executing program 3 (id=236):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x405, 0xfffffffd, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x10408, 0x22140}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x80000000}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000881}, 0x200400c0)

1m11.844761788s ago: executing program 3 (id=239):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000040)={0x2, 0x7f}, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010000003000000000000000000000010", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c0021"], 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x10, 0x4}, {0x0, 0x9}, {0xf, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8848}, @TCA_FLOWER_KEY_MPLS_OPTS={0x10, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0xfe}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x20040054)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a030200000000000000000200fffd0900020073797a32000000000900010073797a30000000001400038008000240000000000800014000000000140000001100010000000000000007"], 0x68}}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a00000208000c4004"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000180), 0x2, 0x40100)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = gettid()
r9 = syz_open_procfs(r8, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r9, &(0x7f0000000100)={0x30}, 0x30)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r6, 0xc2604111, &(0x7f0000000380)={0xf928, [[0x80000001, 0x6, 0x2, 0x80000000, 0x130b, 0x7ff, 0x5, 0x3], [0x8, 0x9, 0x3ff, 0x8, 0x80000001, 0x6, 0xa1c, 0x1016], [0x7e45, 0x101, 0x8, 0x4, 0x3, 0x3, 0x3, 0x9]], '\x00', [{0x2, 0x3, 0x0, 0x1}, {0x5, 0x8, 0x1, 0x1}, {0xe2b, 0x1, 0x0, 0x1, 0x1, 0x1}, {0xfffffff9, 0xffffffff, 0x1, 0x1, 0x1, 0x1}, {0x4, 0x8, 0x1, 0x1}, {0x135a, 0x8a94, 0x0, 0x0, 0x1}, {0xa7bc, 0x3, 0x0, 0x1}, {0x6, 0x8, 0x1, 0x0, 0x1}, {0x960, 0xfffffff7, 0x1, 0x1}, {0x2, 0x1ff, 0x1, 0x1, 0x1, 0x1}, {0xffff8001, 0x3, 0x1, 0x1, 0x1}, {0xff, 0x6, 0x1, 0x0, 0x1, 0x1}], '\x00', 0x5})

1m11.775322467s ago: executing program 32 (id=239):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000040)={0x2, 0x7f}, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010000003000000000000000000000010", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c0021"], 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x10, 0x4}, {0x0, 0x9}, {0xf, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8848}, @TCA_FLOWER_KEY_MPLS_OPTS={0x10, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0xfe}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x20040054)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a030200000000000000000200fffd0900020073797a32000000000900010073797a30000000001400038008000240000000000800014000000000140000001100010000000000000007"], 0x68}}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a00000208000c4004"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000180), 0x2, 0x40100)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = gettid()
r9 = syz_open_procfs(r8, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r9, &(0x7f0000000100)={0x30}, 0x30)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r6, 0xc2604111, &(0x7f0000000380)={0xf928, [[0x80000001, 0x6, 0x2, 0x80000000, 0x130b, 0x7ff, 0x5, 0x3], [0x8, 0x9, 0x3ff, 0x8, 0x80000001, 0x6, 0xa1c, 0x1016], [0x7e45, 0x101, 0x8, 0x4, 0x3, 0x3, 0x3, 0x9]], '\x00', [{0x2, 0x3, 0x0, 0x1}, {0x5, 0x8, 0x1, 0x1}, {0xe2b, 0x1, 0x0, 0x1, 0x1, 0x1}, {0xfffffff9, 0xffffffff, 0x1, 0x1, 0x1, 0x1}, {0x4, 0x8, 0x1, 0x1}, {0x135a, 0x8a94, 0x0, 0x0, 0x1}, {0xa7bc, 0x3, 0x0, 0x1}, {0x6, 0x8, 0x1, 0x0, 0x1}, {0x960, 0xfffffff7, 0x1, 0x1}, {0x2, 0x1ff, 0x1, 0x1, 0x1, 0x1}, {0xffff8001, 0x3, 0x1, 0x1, 0x1}, {0xff, 0x6, 0x1, 0x0, 0x1, 0x1}], '\x00', 0x5})

3.731030754s ago: executing program 1 (id=931):
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async)
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x7fff, 0x40024e}, &(0x7f0000000340), &(0x7f0000000040))
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0) (async)
exit(0x0) (async)
ppoll(&(0x7f0000000240)=[{0xffffffffffffffff, 0xc420}, {r0, 0x4084}, {r0, 0x14109}], 0x3, &(0x7f0000000200)={0x77359400}, &(0x7f00000002c0)={[0x3]}, 0x8) (async)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) (async)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10) (async)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x6, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@zcopy_cookie={0x18, 0x114, 0xc, 0x1}], 0x18}, 0x0) (async)
rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8) (async)
r2 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x12, 0x4, @tid=r2}, &(0x7f0000000380)=<r3=>0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
close(0xffffffffffffffff)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x100082, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vxcan1\x00'})
r4 = socket(0x1d, 0x2, 0x6)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r4, 0x0, 0x4004000) (async)
syz_emit_vhci(&(0x7f0000000140)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x6e}, "1db6d805839e9babf87bf4a7a1e7f79bbd211250622ce78feb3dd09883ef5d39c47ce7e1a564c62052f3acf00bc5b77f892c2fdf54579315e59f1261659ca534c8ae5308447cc3afc8989abf47ff706c327fa669db8e5b808bd026bbc0f9aa8e9f97e1f337c76d1a60169007c2de"}, 0x72) (async)
timer_settime(r3, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x989680}}, 0x0) (async)
timer_delete(r3)
r5 = io_uring_setup(0x67bb, &(0x7f0000000480)={0x0, 0x501, 0x80, 0x2, 0xc6})
io_uring_enter(r5, 0x0, 0xcbffffff, 0x7, &(0x7f0000000000), 0x8) (async)
mount(0x0, &(0x7f00000010c0)='.\x00', &(0x7f0000000000)='proc\x00', 0xd1, 0x0)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
setns(r7, 0x24020000) (async)
r8 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)

3.650951497s ago: executing program 1 (id=932):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r1=>0x0})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0xc}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x24010800}, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', <r4=>0x0})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4)
r5 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f000012b000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x9, 0x0, 0x0, 0xc2ff, 0x0, 0x0, 0x0, 0x76})
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000fbdbdf2510000000050035000900ed0008000300", @ANYRES32=r1, @ANYBLOB="08000600", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x40)
utimensat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}}, 0x20004000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x4, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x841}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x504, r7, 0x10, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @void}}, [@fils_params=[@NL80211_ATTR_FILS_ERP_RRK={0xfffffffffffffd33, 0xfc, "aa61d3704810e300a7b7e0954c2f703dc2b9444d6842c4098727f914e8c23b763c7fcf3ba7a19f8e9da14f3b106c599279c6eec1eb6cf1153e6ddf7a64504bddc7913e3ad4f21af0b8086e34890c26e9391a3aa76565521ff596ef369c843cb0a3de422a81402c3736761918c8d3b445751e69bcff744b55f86fce"}, @NL80211_ATTR_FILS_ERP_REALM={0xe1, 0xfa, "11ee66826b9dfa556385ed86498303372cf68a271bfb8b1571111428d1a24b24f063404c64520ad479322b1c9bb2313f035d565d526d2c0f5464e1e0bd69c4839f3477e5e35baa6aa84450ae02deb31321c0e0a0585c10ee932e96262e587e604d183ebe7f3139524d0cb6b716522523fb5ac2e44d5ae235819d4aaff2d7ce7fcf0a46254b19ba17af69ca1ba89080234ffe5e226b925f7d24bbf45053482ddb263e80afb885d15d026752f6bf4770310ba95c8372ad7da6d1739d1ca36f49c74246800fdd9a4209ef56ea39e0990e5b532c038a31c6126cf5e6bbb37b"}, @NL80211_ATTR_FILS_ERP_RRK={0x67, 0xfc, "1540eccd863cc99e7be17d58b854a584cb0b3ba4ae2f2e326ea7b026b98c6585ac2f104878195d0df346a8c9f07a03c062cd3309e783314a79ada91f36e283e62ee8fdda1fcc0d27a1e327fbdfc3ab0bc822b41d58c143810879fa81881563f8bc0cb1"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x1}, @NL80211_ATTR_FILS_ERP_USERNAME={0x8, 0xf9, "30dfad5d"}, @NL80211_ATTR_FILS_ERP_RRK={0x90, 0xfc, "c961abeb68f29161dd566432e73cf7f9f8c5b9bffeda2299ab6c952f469e8289241065cdd9a560cdf9e499af5dc0ab6370ad349b1dbab22603df268d65eaf751fd602a949fed07d811469597a29df74f3d0e97b7dab997599055ee8f57b8c964b67f17fc5ec0e51c30a30f77cc34895b3814eb51c2a6cf0c3da127520e095b43702fc375146e326dc94d8a33"}], @NL80211_ATTR_IE={0x43, 0x2a, [@channel_switch={0x25, 0x3, {0x1, 0x70, 0xc}}, @mesh_chsw={0x76, 0x6, {0x4, 0x7, 0xc, 0xb28}}, @channel_switch={0x25, 0x3, {0x0, 0x34, 0x6}}, @ibss={0x6, 0x2, 0x6}, @link_id={0x65, 0x12, {@from_mac=@broadcast, @device_a, @device_b}}, @mesh_config={0x71, 0x7, {0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x40}}, @mesh_config={0x71, 0x7, {0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1}}, @dsss={0x3, 0x1, 0x88}]}, @fils_params=[@NL80211_ATTR_FILS_ERP_USERNAME={0x4}, @NL80211_ATTR_FILS_ERP_USERNAME={0x4}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}, @NL80211_ATTR_FILS_ERP_USERNAME={0x5, 0xf9, "c6"}, @NL80211_ATTR_FILS_ERP_USERNAME={0x8, 0xf9, "370bf2e9"}, @NL80211_ATTR_FILS_ERP_REALM={0xad, 0xfa, "ddec5f1142fb49b8a21a9eceedbe6aa403082a425a109cdb60e6bca66b43fa9f897f926e8de5e1a6cdb0928542db87325194048249d42e2caaa7765bd24870a82889c481e314c0d3e940abb99a87e20e11006c33285d2d8ce04e3e0c41cea2f74d7fc387314009798f2ae1f8106b37712a1aba48d59f29384e8e2f3aad7e8a28364b1f7fa7b9388799081ac2a447b304e479fd05787e927e4fd9c38b2f9d9c5691ca19fe2ce8ac5d70"}], @NL80211_ATTR_IE={0x165, 0x2a, [@peer_mgmt={0x75, 0x6, {0x0, 0x6, @val=0xc, @void, @void}}, @preq={0x82, 0x3b, {{}, 0x46, 0x8, 0x7, @device_b, 0x3, @void, 0x8000, 0xc248, 0x3, [{{0x1}, @device_a, 0x2}, {{}, @broadcast}, {{0x1, 0x0, 0x1}, @device_b, 0x40}]}}, @prep={0x83, 0x25, {{0x0, 0x1}, 0x1, 0xa, @device_b, 0x2, @value=@device_b, 0xffffffff, 0xd, @device_b, 0xc}}, @sec_chan_ofs={0x3e, 0x1, 0x1}, @sec_chan_ofs={0x3e, 0x1, 0x2}, @mesh_id={0x72, 0x6}, @measure_req={0x26, 0xe5, {0x7f, 0x4, 0x3, "dfbf7b7872ac420e80ec0e36e2e20ed3afcdcd24d261df058502440fec2ed1204b556a1cd7cd0531574e8ddcc0c6ecf8ced7df65694982c1c231d4647e1ac8d3df25f29cc3f7b0ad7589c2e904f65f8acdc2b3c381c302b09062b35eeb361a4ca953e72a307a3346ffa6716dfeccab6fd43e8d5428349c46c5be188a283d892758f1b10d3c2431cab55e764e7fdade70225a3a9c164fb77cedee974b15eabf836387fe62741aa8f9c5b2eb1203440a18da795cf1316cd0acf6b8c315cbfc63442188ef28d1ddea1ed2e3e2df94d61ee4eff1712f80af2cd8090a90d3dd276cf04ad7"}}]}]}, 0x504}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
fcntl$setstatus(r6, 0x4, 0x4400)
mkdir(&(0x7f00000003c0)='./bus\x00', 0x2c)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000380)='./bus\x00', &(0x7f0000000000)='f2fs\x00', 0x800401, &(0x7f0000000040)='usrquota')
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000980), 0x201, 0x0)
write$tun(r10, &(0x7f00000009c0)={@val={0x0, 0x17}, @void, @arp=@generic={0x305, 0x201, 0x6, 0x0, 0xa, @broadcast, "", @empty, "331fc527e566"}}, 0x1e)
getsockopt$IPT_SO_GET_REVISION_TARGET(r6, 0x0, 0x43, &(0x7f0000000080)={'NETMAP\x00'}, &(0x7f0000000100)=0x1e)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000))

3.592865681s ago: executing program 1 (id=933):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000", @ANYRES32], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x40200)
ioctl$HIDIOCGUSAGE(r1, 0x501c4814, &(0x7f00000001c0)={0x2, 0xffffffff, 0x0, 0xf23, 0x7, 0x6})

1.562775014s ago: executing program 4 (id=968):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x77e24c893308aa0}, 0x9c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
request_key(&(0x7f0000005ac0)='pkcs7_test\x00', &(0x7f0000005b00)={'syz', 0x2}, &(0x7f0000005b40)='(\x94%)*^\x00', 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x9, 0x3, 0xc4f, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000740), &(0x7f0000000840), 0xffff, r8}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r8}, 0x38)
sendmsg$IPVS_CMD_NEW_DAEMON(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x44, r6, 0x1, 0x70bd26, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r10)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@delchain={0x40, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r11, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff3, 0x5}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000a1826c6c4bc9ab0aed9c73f59b00", @ANYRES32=0x0, @ANYBLOB="08000500e000000142fe0900000000000800020001000000"], 0x34}}, 0x0)

1.382804837s ago: executing program 4 (id=969):
munmap(&(0x7f0000000000/0x2000)=nil, 0x2000)
r0 = syz_io_uring_setup(0x9, &(0x7f00000002c0)={0x0, 0x200002f, 0x10000, 0x1, 0xbd}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000500)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000180), 0x1, 0x40})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0xd85fd000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2b)
personality(0xfe47fef9f5ff7379)
r7 = memfd_create(&(0x7f0000000080)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\x8aSpA\xd4\x98\x85D\x89>N\x8ar\x17O\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97\xe7\xe6\x97\xf9\xb3\xf6\xb9\v\xb5$\xee\x84\x1cn,B\xd5?\xe5E:+Pm\x1d\xb4\xb8', 0x0)
pipe2(&(0x7f0000000000)={<r8=>0xffffffffffffffff}, 0x0)
splice(r8, 0x0, r7, &(0x7f0000000140), 0x4, 0x0)
ioctl$KVM_GET_REGS(r8, 0x8090ae81, &(0x7f0000000080))
prctl$PR_SET_MM(0x23, 0x6, &(0x7f000005b000/0x2000)=nil)
brk(0x2000000db002)
r9 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r9, 0xc010640c, &(0x7f0000000100)={0x15})
brk(0x200000ffc000)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x1, 0x4, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, &(0x7f0000000240)={'L-', 0x1}, 0x16, 0x2)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

721.695009ms ago: executing program 0 (id=980):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0a00000016000000b40000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000004084dd56479dba1b20a520dd0df689024535a5c13667f368725661064f55bf33c7a889ef17d17218b5618abe50d80efa8a1bf6d562107a04"], 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000600)={0x0, 0x7f390004, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="60000000020605020000200000000000000000001400078008001340040000000800124000060000050001000700000013000300686173683a6e65742c6966616365000005000440000000000900020073797a3100000000050005000a"], 0x60}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x5, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x2, 0x1}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x13, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000003000000000000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000830000be1f66d17806f455d757709f2f6a9900bf09000000000000550901000000000095000000000000001811000053aa00537767f6387006ac6508874e68e89a7b6170ef470ef8071b12d8b07208c62760a4ff06455b92a1c608b72bf62b06b0f806251bfe6aac8c306630e1ef32d7034c9210c23305e6e690a7dd9e204fcd2de07db60e364f3763a66f44ca3e733e6c961668b6ff3de8173fbd16b9d1f0144c9e0a60831b2579b81e08309cd36f4e07000000cf1337be5c94e54360372460011b8e7aa782727a46b8149271acd08b1e8cec7234d5d12edb3349a5d95b1f536710cb974797ca7258c4697ca5b7c55900c6d18566bff9a19e20def0c5783092c4fa38a45a2b426e1927492d79f51aee069b1f91411d0ded7bfffb35313dcbede8cfcccc8cbfd1a8aad23a1280885631f19cda217ce0a5e403792e37ee3ff8a105b8c8f1c1da9221bdb71a450c271c764b339a3a9dfc037b9d10be2756f3b9ff51017c63d0d0b69cc9039dd7a8e21b1ce3f74de8729e850b2ec08eda379b2c36251391ed9b1dc190ee45121fae0eb7f6b3f2352aafdaea532d9eec0df21da2544c58eb7b4b5ba60de66bb2f2b386efe2393f92a7bc62", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f00000000c0)}, 0x20)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x40086602, &(0x7f0000000140)={0x17e})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r7, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x4000})
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x2}, 0x50)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000700)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x0, '\x00', 0x0, r1, 0x2, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x13, 0x11, &(0x7f0000000280)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xfffffffffffffffb}, @generic={0x5, 0x7, 0x5, 0x1, 0xf66}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], &(0x7f0000000340)='syzkaller\x00', 0x5f2, 0xe3, &(0x7f0000000500)=""/227, 0x40f00, 0x24, '\x00', 0x0, @fallback=0x12, r4, 0x8, &(0x7f0000000600)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0xc, 0xcb, 0x183}, 0x10, 0xffffffffffffffff, r5, 0x0, &(0x7f0000000780)=[r3, r0, r3, r4, r8, r0, r5, r5], 0x0, 0x10, 0x81}, 0x94)
clock_gettime(0x0, &(0x7f0000000140)={<r9=>0x0, <r10=>0x0})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00')
r11 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r12=>0xffffffffffffffff})
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r11, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x2, 0x0, 0xfffffffe}, 0x3, r13}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
prctl$PR_SET_IO_FLUSHER(0x41, 0x3)
prctl$PR_SET_IO_FLUSHER(0x41, 0x3)
epoll_pwait2(r5, &(0x7f0000000000)=[{}, {}, {}], 0x3, &(0x7f0000000180)={r9, r10+60000000}, &(0x7f0000000240)={[0xfffffffffffff001]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x9, &(0x7f00000001c0)=@framed={{0xffffffb4, 0x9, 0x0, 0x0, 0x0, 0x61, 0x11, 0x18}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @exit]}, &(0x7f0000000080)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe}, 0x94)

623.1084ms ago: executing program 4 (id=981):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e"], 0x118)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100)=0x387, 0x8)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x842, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000004000026d4efb3000000000085000000000000009500000000000000"], &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x1c, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r3, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
io_uring_setup(0x4797, &(0x7f0000000080)={0x0, 0x12c7, 0x100, 0x2, 0x1fd, 0x0, r5})
close_range(r0, 0xffffffffffffffff, 0x0)

622.734671ms ago: executing program 0 (id=982):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000004500000002"], 0x48)
capset(&(0x7f0000000180)={0x19980330}, &(0x7f00000001c0)={0x0, 0x4, 0x8d, 0xfffffffb, 0x9, 0x1})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x21, 0x301, 0x270bd27, 0x25dfdbfa, {0x1}}, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

572.951963ms ago: executing program 0 (id=983):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x6080, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000040))
io_setup(0x1, &(0x7f0000000040)=<r2=>0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1a29c}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1003d1, 0x3, 0x20000007, 0x6, 0x86}, 0x69}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000640)=@deltclass={0x5c, 0x29, 0x4, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xfff2, 0x7}, {0x5, 0x4}, {0x3, 0x1}}, [@tclass_kind_options=@c_htb={{0x8}, {0x4}}, @tclass_kind_options=@c_mqprio={0xb}, @tclass_kind_options=@c_prio={0x9}, @tclass_kind_options=@c_mqprio={0xb}, @TCA_RATE={0x6, 0x5, {0x5f, 0xb5}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000040}, 0x19aa4d4969b61203)
close(r4)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r7, &(0x7f0000000280)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r6, 0x42}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="27030200dc0f14000e00003c01ff00000000ff840000000200000003125ce882cbf490d908f1523f00000000", 0x2c}, {&(0x7f0000002680)="76e69c0141b4626c18e58316fb1785bc79a094726e33891c6d73f43317b7de3105b7a250790f8a23088b7292aad0049477fd7b736036a2ba810a11b6e5e83b06e0c428d362a29030f3fbb8f93a957f85472c59a37fbc2dc4abf47a23fe1bbab86b3666155606864b97f7615a55989cd2e143f1a9aca24050db9efff1f1639b55a2a771ec9e91f94fb670c3f35f31c40170189010e598500aa376763444ecaf5df2a31e04eda4201194c49c48d817c9d8d50d47c014b329be33b127527fe321b097a15f48ef82a32b10e24a1b56e981b91257aeddd7fee2fe035a1a164b3906ca184ad08f294cde3dfa48743847cac62a87c2d96176a9f6b4278dc95c6c637294986fa9e3e82b504341f82bf314389b0af7c8e07cb6f5ef9bcd83993c880ef2b2aa313a124bee3deb3133338c291d698f04b796be5514c81bad54c22190acda8145b1c14c4b916e2f5c2f10a8702b90d26e0332605edbc351edcd5621cf8c0f1585b1a53879f9ad931c18b15426856dc1c800e4cce36c6c1bf880c0c40a718810ff4793eba9e39d7cd9b351905a845dd3064613cd6f75802a6bc51c1524b412a2a68e6fa4886bd13b48aa9a12a7ace6fa08ccc86cda842d2f4b564a76a9e8adad2249e0dc200a2e647d34ef0dc23dd85674cce8f8e08a6c5ea76db48ac832f2a6e7514c9ab9f7e99fb3a7ec6cbc1ab45e12d151176cd6a044572928dfd2b72e3557d037b12328f7d4388a4ff8a8e890b2cdaa61fd525dfd3d0feda9c066feff70d89e8fbaaa4ac79e0b814c7b0cb9de9b5915ee30c12c55dc302fa36f96a6b4a437e2f7bac25fb284eec70388c1d4ee9fb51483c801007a74c1806141802eb107b80a047315c048db3671e35139544988b51a23136b02151a06114cc80c05b772786a505edc6d8f74a66b126a940f06000d7abbf3224b9e1f86eb693778968b3e982f197570ffa5732524be57aba33a59cf0032ef61b52f7c2fc2cd992d616452316ee21e7361cfc527acb09f0f46bb8ef013f28d7f615b09037d26e0715d927afee6b9878adad923ce6a6114bb8d3463be786232330a028c152adb31596c77a60231d53fbb8ce73509f37100f69c9004429e904b644de72b865fdccedbc99927542df25180f5880d20590900a9e8b711c8867b67b98d48caf8259797b41284f6e52aa5177ca06a4f25a568ea3a5dd13c6711436d63b814da12b72470eb3468860e5ef86bf381babc6cec73757a1c38a8cf9887bb69045b155ed0ae6c5f2c07f3b9f02c6f02a9ee474e3a9d75e67694bb2a0f28a672a5883dc9688ca2166f914bb1cfc70685907bfa4e9693d9620969fa41ca907751335193417b468de3bab8bf0b7438abe80f494c95e017f41e9a232c52153bc58adf7cc845e770ba119756bad683ff9c701cdd34bc540d8164cf3099c011b328fc0a0445e8eb8085c8cd2fdaf22e1dea9d04454b37af3c83dd3f667f73ca9eb0c3e9bc328b536a1ae9a449b24e227bb05692b16560756d9f0cb3200df43c26d3dbed542f7bd4e3d1329c8e9f631520355ea32dfc72e59254b1687197c8374111ee1de4c1784d843aa26992280c9ec267965b8d4d6461afcd597ce636316f5c4ac8f1bec9aa16acd974798c10475e53310630a36796ab4bba263ec76008a821ee9b58861e77f1aa341b9a1bcc9e21c9eb0625297604cdf14e77040e46603597f87d00053c7aafd8130813102105463ea538990f880525cd80e12c426eda2f87a4aefe29505de1a924fad50d9b97a37418331a542333585105ca18976435917721e80f3c631f268b8517f00dc9c8da872328a27e296aa7422b290327feda241d7ea0cd81750d044969e4429197ee55e8111193aee3df3bf37961a4323ac640b0fb11b19cb4e28756defd9f2e1ef3adc3b0aeb5102399dde99e5e67ff4d18c6475440612f42274d17ebc0280f73c89e77fd9dd652edb5ea4e7ad7326dd4c69cea26b47d8314ad412f8b96f2a33a6323c1dc4050ffde22b31656c22b8a5597c3c50cbf4efa9c8d2e4200ccab35ad8badc09d8e05a7abc3dfdce491ecd682dde18f2da41bff3c2e293ddc82df8a1ca558a08b7937bd7228ed25522f41bcdfba8c01a7aa93af6e58b3912dace81ffc5f079e8a4e9d45778afa57909a8e9138abbf4ae6bdbc571d8cc0fb68755b644934fc98fdb263098afab3ffed8e80ea4e935852d9577935c0a5b03425e5e1c3327213d0068dea19165602000000076fe3ad291b73f08e5bf3cb50f60510b85f09bec5dd2118eee65909ef08bbad2e38ef2fa7d6c0bbb2fbf90e1a63b26c8e41f17b35b1e55885ac66f263d0f42a27a7823d664e3ae65909dd411f05371f21e5bbf7424d41b966e2e8891ae13c3fb700987789f79cca95807ab3068549f250caee6ab7f924afec4b6c821f82f3683d42fde5ccbfafba73c720f8481a7e4d2315e2219f4925893268649dddf696586916bb8c02a3697c38016788d4c799cbbc52043d0ebd08d74efb4619a46db86c744928a580f53ae2d5bbbc69342f722ab65b305975ab500ce7335ceb7d0f726c83a2c47eccf416fdb79f8439d2c608019ea2ef94d1fe8a7367013ae57330165228509d62fab87f04b73a76f80049f23d11a3068721414f8e45b18f4c1d56c11da71c949b35e6c5305452057f947520abbaf701c9b7cbfe623adc65a050458cb5948d1c1699b452b3d9fbba6b3bcdb537bbbf95d8267760cd943de819349966dc515babfca73d5ff3551bc56fe0f9dedb6dd5f4463a3aa652dab81a589ca4e4b0f19ee3b4b20c3986df2f72ba990b421c77b00a9b5cca5d850d607d0a46c2f1b1bbf8dc7f0cc6fea3104615a6cd698d89fca37adf4edfe4ba7c16231a9f2a89c55612e9c7031b7d56d2eb88745ba43a63a122d4d6661e83408a807f9b4519c05f01383811e9a2506c0c23618528599152f7a0481d1e576e4eba29c7725f24f649be7e5d7b9678a91e22d559ee77a1ddfe7225afa40085061c492fc4714f90e481cf494ec6d108fe0be6633d4f4785cb1c82f15190333398283ade4cb97f8104a195098a5a1c90227797fa8216d4762b6e78c60030e69f413cccf052df64a3d1bda69f6dbff49a68ef298809390f39a91e3b5b1971dac8554ed9ae24b4789ba60c145c059b1cfbf6594ed3c734bb4e1172f2e31a18659764bf324621d68b8e356ac3faee71ea97b0b78eeaa29c0f7ee1129777ef1ecd4d7f6586f8d0308709a94489951a04d7eba9793af6c929a0e91cda90457ca1c128cb6aa23f6da8f64f0d78a59f07a19515d9f607aa79c7b6c466e474e45ad85b0f2b82d470c03f7bbfb2fa68b32d4ac188d4a64f22b29c3af9f0b39bc2bb6b399e50f71968effe5b2f0d51489aca30993a67dbd80698f9a0c2ba9addffa3c3712215e63f424ebb5ebaf24fbf476f1d85493050c8be181f7f8783a344849e5b58a7038979d2dff546eac853be1529fbe865a3f97643e8522956e0e361ac278e014328aea0b8d4268fd157513bd0f64f589ff8aaa0df2eb929984661031626bc661a5d3035b373177a4703a5000ef9b3ccb84b3dbaecb25ca341c5f12959d214e84b6545f47704d635765b336e4374975c2c40d5814b68b02965e517197edb553e7d3d8432544f66ce84990e7873fa2fadfaaeaa9915f907b3396b8529b03b646cf29be65784b5c08aa77521dd5064669f5ab33cc8ea168ea80949af9ee3937b2aa54250bd733c51c7c4be47c5848abf86b6f522e2a2dd4aa39693af731d70314e1d7af25c57a2dd126121bcd316118c66c18e2109a0c87714f00deaef07648e75f498eb7a8f30784376d14121a1ff34d402c5255fd2c0569624e93a796eb92980ee82ed283bb538e20dd8b02db072f897004f0e11de081cab5bedd9438c612982f1c73388ed98ae3b2d3adc6b8e70434c8992f52ab7c9488da5b67c6c003fdf530ef4172e0ccc16ff75fe6c919619c7ae513a8fcdfdb01410df94978f88b44e60b17a1984a600e04bd072fa731e19f75034d78b57f9890ab4dff68bf2928b5fc711bae0f1baeb8596e8a42f7f172125fb1da929d1f921c53f6cba0d98cd6e31b41ebf3935981b9e98524dd344b9e76b66d31f7d47869cdd3ae49e4e8c42264be751219861504ad49ab00e384e7bbf06472714829dd61e58a1784696a02eee6d9c92446392cadf4436c7eb769d1c5226164a9be70d2c2c6b71342a6d03dc0d39d224f9df8e4ed11c86a47531d5449e5364e8ca5af4c03455fa9da8b5b0d174e41bace68e515f9967d79eaaac20b2a9e773b3418ff1a10c1835bed07e6109eac8ea4f130bc70aad103356f9749195fc2745f7076b5b165ff56de0596018b8251a0bd700db48a2243fe56831cf6785d70ded595b1bf9b25f2979923176109adb8012ae650c3fcb110352b884f79aeb465817124f75cda3168ec65cdace89522c0a7061629ea0d5d0573b9aa029500d64cb5df4f440859e4944047e6967511f0f25e9a45751d296ed6b61d4f217c28672d34696fcbaad5a57fd0e063537e889df2bf9e20e6c075296a800179a23e605948dc74fcf0c4ea958884d", 0xc9a}, {&(0x7f0000000440)="c91d588b87bd12b736780a766e3ebca34836bf87f46f8027511d29f92e1a4e8bd5fb5367cef57a6d8db59a972c54efc7ece9c07cb4a0921d4a2320d73ff2d3c54d7af0deecef81ce277562dde92e480b2cf42e52cc039c43fea94e730feb6f5cad427446e7357d255248ab48a0b733cc2c7541488d63b8f6d2c4f0e03ac8faecc74486b2cfb59a28d701271dc07ef9d82e0ce78bca83048caf47fedf4f4df5863a2f849b5fc6ef0b49bf7a26954143da754b6b15", 0xb4}, {&(0x7f0000003340)="a5ca8683d601768d343ca112b53e7aa9b7692478467c2525cc9ceb426e1c40e3b29380122d838019715ede6740900e4a5b9097b6713ba207b45f64e07e8d44f24c842b84e2c5c3d4175f2c59ef949b2cfb2b1722cf08388fed3e7ff321bda9f2a0744407b6a38593ab8ff05b41a7bc10f7424c9da00d3b2dea193936dbae3b28e7f3ab2ec79d512847fce7d00e40c1e127d871123a121c8c684d714b81314f94d74e8dd61d5bff0f7a86dc7452ce6fcdb767dc9953058022e5f082d4024350a9e1d65f80844770359a06b0554bd065b79ede8b2138a0eda7a68ba7fd4240630196a25d1f5f1e15a09f55d4794bcc7f6157b9376d046f30af1ac7464b32a655976a27d8baebcb440d211d60baa353b30fc2a967c9827f4fe99c20abfdbff7b2c090ece74acb8e286dc583d0b86fe35e8871164b76e5f17461533959cb2e8516c119112bbf8e7262c0c832593c0f8b75d0bccf88b73429c4a3236455b3941e18378bc11a236b8f82a546e8eaaa6b9f9cbf743e11859eca79a9930c748551db30c8197ff8fdc17da89b97ef13d91daa0c4fb542341af6efb8ee4b44fb6d7601cbb5639b8954cabc5758973f5a66d5403d5944de6bca1498cf6f9ea1850d6423895684bb4a229b14e0801ac4d9fa018e9544c5003f066b4df45a7b01f00eaa6a1e77586209b0ccb9700c2a0eef8cca34f58808e58bc84bc2ed37f08ebb4488d93a53f16cddaa1f62a97a2418006c4350006e", 0x210}, {&(0x7f0000000e00)="f60f27117e4a8ca5f38ea69db4650925c916a998a49b34407bdc7eadc0dd9095173532452d876e9f077dddbfab219f37cc4d529aff0800000000000000a8bf82bd297ea1f71e3cd465dc08be6f3dc63cd26b87d4ad73dfaef225b24728b82fe7d0f3ecea39a69fc7f88f1c98a70abe63", 0x70}], 0x5}, 0x4005)
r8 = socket$igmp(0x2, 0x3, 0x2)
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10)
io_submit(r2, 0x2, &(0x7f00000001c0)=[&(0x7f0000000200)={0x0, 0x0, 0x2, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x104000}, 0x0, 0x0])

572.699812ms ago: executing program 1 (id=984):
ioctl$COMEDI_BUFINFO(0xffffffffffffffff, 0xc02c640e, &(0x7f0000000000)={0x2, 0x7f0, 0x4, 0xddee, 0x6, 0x1, 0x4}) (async)
ioctl$COMEDI_BUFINFO(0xffffffffffffffff, 0xc02c640e, &(0x7f0000000000)={0x2, 0x7f0, 0x4, 0xddee, 0x6, 0x1, 0x4})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000380)={[{@mpol={'mpol', 0x3d, {'interleave', '=static', @void}}}]})
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000000080)={0x2, <r1=>r0, 'id1\x00'})
ioctl$COMEDI_RANGEINFO(r1, 0x80106408, &(0x7f00000001c0)={0xc4d, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}]}) (async)
ioctl$COMEDI_RANGEINFO(r1, 0x80106408, &(0x7f00000001c0)={0xc4d, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}]})

483.318375ms ago: executing program 1 (id=985):
r0 = socket$nl_route(0x10, 0x3, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x2, 0x0, 0x6, 0x3, 0x37, 0x0, 0x70bd2d, 0x25dfdbfd, [@sadb_spirange={0x2, 0x10, 0x4d4, 0x4d4}, @sadb_x_nat_t_port={0x1, 0x16, 0x4e22}, @sadb_ident={0x2, 0xb, 0x8, 0x0, 0x7}, @sadb_spirange={0x2, 0x10, 0x4d2, 0x4d5}, @sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in6=@mcast2, 0x21}, @sadb_address={0x3, 0x6, 0x2b, 0x20, 0x0, @in={0x2, 0x4e24, @loopback}}, @sadb_lifetime={0x4, 0x0, 0x7, 0x9, 0x80000000}, @sadb_lifetime={0x4, 0x3, 0x9, 0x116, 0xca, 0x9}, @sadb_key={0x1e, 0x8, 0x738, 0x0, "826613233e5d6e6e6fa87584b38adde35980506fcdfdb750a5a7362f787f1f3a3e5159e0d9dfc96c14a1b1fe832a211799e29ae9d0acc0906369082cbbba840fd960ce107ff26930c137471ab1191cc410cd096ebb45a7fe00115affc071e5ac11ed1e0be80fdbb1ce7f3000f98d58664e2c6fcede1130a762e98f660c569dbc34699c5eb660c0b87e391ef48db99b220c47c3cf41cc15b16bba771051719102a5b2a6ee5da0d6d34eb4e4106bacaf005736579c11055253297de45a22c4e2409549cfa5f4395a9678ffb8f87bf5cc6d66fd73bd96cdc7bd1244f1b3b5cbac0acde74fafcee27d"}]}, 0x1b8}}, 0x40)
preadv2(r1, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@ipv4_newroute={0x3c, 0x18, 0x1, 0x70bd27, 0x25dfdbfb, {0x2, 0x0, 0x4, 0x4, 0xfd, 0x0, 0xfe, 0x6, 0x100}, [@RTA_NH_ID={0x8, 0x1e, 0x87b}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x0, {0x84, 0x0, 0x4, 0x0, 0xf8, 0x60, 0x2000}}}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004002}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x581, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4d014}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c00c6}, 0x4040800)

482.287679ms ago: executing program 2 (id=986):
socket(0x1d, 0x2, 0xc)

325.183201ms ago: executing program 2 (id=987):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000000))
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x15, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @empty=0xe0000001, {[@rr={0x7, 0x1b, 0xa4, [@multicast2, @rand_addr=0x64010100, @private=0xa010102, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101]}, @timestamp={0x44, 0x20, 0xb4, 0x0, 0x4, [0xf1, 0x5, 0x7, 0x81aa, 0xe, 0x8573, 0x6]}, @timestamp_addr={0x44, 0x4, 0x4e}]}}, {0x0, 0x17c1, 0x8}}}}}, 0x0)

324.311532ms ago: executing program 2 (id=988):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1a, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@newsa={0x158, 0x10, 0x1, 0x0, 0x25dfdbfc, {{@in6=@remote, @in6=@loopback}, {@in=@empty, 0x0, 0x32}, @in6=@loopback, {0x0, 0x0, 0x0, 0x0, 0x6, 0x9}, {0x0, 0x6}, {0x0, 0x0, 0x4}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xad}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x20, 0x17, {0x60, 0x0, 0x0, 0x0, 0x0, 0x2, [0x0]}}]}, 0x158}}, 0x0)
chdir(&(0x7f0000000140)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1c0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)={0x38, 0x2d, 0xc05, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0x8, 0x0, 0x0, 0x0, @uid=0xee00}, @nested={0x18, 0x0, 0x0, 0x1, [@typed={0x14, 0x1, 0x0, 0x0, @binary="37d7483164b967c6c6fbf4f74ab8a5aa"}]}]}, 0x38}], 0x1}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)

323.818522ms ago: executing program 0 (id=989):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xc3, &(0x7f0000000580)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r5}, @IFLA_HSR_SLAVE2={0x8, 0x2, r6}]}}}]}, 0x40}, 0x1, 0xba01, 0x0, 0x4000044}, 0x10)
r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r7, &(0x7f0000000400)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1, 0x10}}, 0x12)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
preadv(r8, &(0x7f00000003c0)=[{&(0x7f0000001c00)=""/4096, 0x1000}], 0x1, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x17, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x25, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, &(0x7f0000000240)={'L-', 0x1}, 0x16, 0x2)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$SIOCX25SENDCALLACCPT(r4, 0x89e9)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

323.36539ms ago: executing program 2 (id=990):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x40841}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r3, &(0x7f0000000540)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000240)=""/17, 0x11, 0x6, 0x4, 0x9, 0x4, 0xc08}}, 0x120) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x35, 0x301, 0x70bd29, 0xfffffffc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x44893}, 0x0) (async, rerun: 64)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) (async, rerun: 64)
read$FUSE(r3, &(0x7f0000006b40)={0x2020}, 0x2020) (async)
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000040)=0x14)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSL2CALL(r5, 0x5411, &(0x7f0000000000)=@bcast) (async)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x34, 0x10, 0x439, 0x20, 0x0, {0x0, 0x0, 0x0, r2, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @lowpan={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000841}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0xfefffffe}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2c}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x10}, 0x0)

323.171533ms ago: executing program 4 (id=991):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, &(0x7f0000000240)={'L-', 0x1}, 0x16, 0x2)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 17)

238.305056ms ago: executing program 1 (id=992):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x190, 0x5230}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}]}}}]}, 0x3c}}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)
rt_sigsuspend(&(0x7f00000000c0)={[0x7e44]}, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x84000, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000141000001c00128009000100626f6e64000000000c00028005001f"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x22, &(0x7f0000000300)=0x7, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0xb8, r3, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_QOS_MAP={0x28, 0xc7, {[{0x4, 0x7}, {0x5, 0x2}, {0x9, 0x4}, {0x0, 0x5}, {0x4, 0x6}, {0x8, 0x3}, {0xf, 0x5}, {0x3}, {0x1, 0x5}, {0x3, 0x7}, {0x2, 0x2}, {0x6, 0x4}, {0xee, 0x5}, {0xc, 0x2}], "c7e10c0ca8f24390"}}, @NL80211_ATTR_QOS_MAP={0xc, 0xc7, {[], "9650c21494f90983"}}, @NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x1, 0x4}, {0x1, 0x3}, {0x8, 0x4}, {0x0, 0x6}, {0x2, 0x5}, {0xd9}, {0xdc, 0x5}, {0x3, 0x2}, {0x8, 0x4}, {0x4, 0x4}, {0x6, 0x6}, {0x3, 0x6}, {0x5, 0x5}, {0x92, 0x2}, {0xa, 0x1}, {0x4, 0x2}, {0x6, 0x5}, {0xaf, 0x4}], "f919fd7cc84b41e4"}}, @NL80211_ATTR_QOS_MAP={0x24, 0xc7, {[{0xd, 0x6}, {0xdb, 0x4}, {0xf6, 0x6}, {0xa7, 0x4}, {0x8, 0x5}, {0x5, 0x7}, {0x2, 0x2}, {0xd5, 0xa}, {0x8, 0x4}, {0x5d, 0x7}, {0x0, 0x2}, {0x4, 0x1}], "762acfd9aef781d6"}}, @NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x5, 0x7}, {0xb, 0x7}, {0x9, 0x7}, {0xd1, 0x3}], "846c7bca2d071aa7"}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x1004}, 0x1)

118.65548ms ago: executing program 2 (id=993):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
ioctl$KVM_CAP_XEN_HVM(r0, 0x4068aea3, &(0x7f00000003c0)) (async)
ioctl$KVM_CAP_XEN_HVM(r0, 0x4068aea3, &(0x7f00000003c0))
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000500)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, 0x1}, 0x90)
close(0xffffffffffffffff)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
socket$packet(0x11, 0x3, 0x300) (async)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r1, r3, 0x25, 0x4}, 0x14)
syz_emit_ethernet(0x7a, &(0x7f0000000e00)=ANY=[], 0x0)
socket$kcm(0x10, 0x2, 0x0) (async)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000018000000040000000000000007000000851000f768ffffff186400000300000000002d23733ea271c84ca52b052663bc1100000257ab4ac100000000000000f14cf868b3dd714a9924f00928c49f92890bf18697aeca09ed4f21ee4347915f8e079dbc56f3fe30c1a775f0eeb51a40fa4184290122d23500"/135], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000018000000040000000000000007000000851000f768ffffff186400000300000000002d23733ea271c84ca52b052663bc1100000257ab4ac100000000000000f14cf868b3dd714a9924f00928c49f92890bf18697aeca09ed4f21ee4347915f8e079dbc56f3fe30c1a775f0eeb51a40fa4184290122d23500"/135], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @address_reply={0x2a}}}}}, 0x0)
r5 = eventfd(0x0)
r6 = syz_io_uring_setup(0xbdc, &(0x7f0000000440)={0x0, 0x79a8, 0x8, 0x2, 0x29a}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r5, 0x0, &(0x7f0000000000)=[{&(0x7f0000001800)=""/203, 0xcb}], 0x1}) (async)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r5, 0x0, &(0x7f0000000000)=[{&(0x7f0000001800)=""/203, 0xcb}], 0x1})
io_uring_enter(r6, 0x847ba, 0x0, 0xe, 0x0, 0x0) (async)
io_uring_enter(r6, 0x847ba, 0x0, 0xe, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0) (async)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
memfd_create(0x0, 0x0)
r9 = syz_open_procfs(0x0, 0x0)
read(r9, &(0x7f0000001180)=""/4083, 0xff3)
pread64(r9, &(0x7f0000000380)=""/195, 0xc3, 0x400b)

117.703416ms ago: executing program 4 (id=994):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020642500000000002020207b1af8ff00000000bfa1010000000100070100e200ffffffb782000008000000b703000834120000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000000), 0x3, 0x20402)
r2 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000200)={0x80000000, 0x0, &(0x7f0000000100)=[{{}, {<r3=>0x80000000}}]})
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f0000000b80)={0x0, 0xa, 0x0, &(0x7f0000000740)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x5, 0x0, &(0x7f0000000dc0)=[{}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000540)=[{}, {}, {0x0, 0x80000000, 0x0, {<r4=>0x0}}], 0x2, 0x0, &(0x7f0000000b00)=[{}, {}]})
ioctl$MEDIA_IOC_SETUP_LINK(r1, 0xc0347c03, &(0x7f0000000d00)={{0x80000000, r4, 0x3, [0x6, 0x2]}, {r3, 0x0, 0x2bdb4a558bde8311, [0x6, 0x2]}, 0x2, [0x0, 0x10000009]})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="6000000010000108fdfffffffddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="000000042104020008001b000000000038001a8004002d"], 0x60}, 0x1, 0x0, 0x0, 0x4040080}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000006c0)={0x0, 0x2, 0x0, &(0x7f0000000240)=[{}, {}], 0x1, 0x0, &(0x7f0000000180)=[{}], 0xa, 0x0, &(0x7f0000000300)=[{}, {}, {}, {}, {0x0, <r5=>0x80000000}, {}, {}, {}, {}, {}], 0x6, 0x0, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000680)={r5, &(0x7f00000005c0), &(0x7f0000000600)})
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000d40)=@newqdisc={0x6c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x7, 0x9, 0x3, 0x2, 0x3, 0x4, 0x4ea, 0x7, 0xbd6, 0x58, 0x18, 0xb, 0xf, 0x2, 0x7, 0xfffff14e}}]}}]}, 0x6c}}, 0x0)
connect$vsock_stream(r6, &(0x7f0000000000), 0x10)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020642500000000002020207b1af8ff00000000bfa1010000000100070100e200ffffffb782000008000000b703000834120000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
syz_open_dev$media(&(0x7f0000000000), 0x3, 0x20402) (async)
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0) (async)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000200)={0x80000000, 0x0, &(0x7f0000000100)}) (async)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f0000000b80)={0x0, 0xa, 0x0, &(0x7f0000000740)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x5, 0x0, &(0x7f0000000dc0)=[{}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000540)=[{}, {}, {}], 0x2, 0x0, &(0x7f0000000b00)=[{}, {}]}) (async)
ioctl$MEDIA_IOC_SETUP_LINK(r1, 0xc0347c03, &(0x7f0000000d00)={{0x80000000, r4, 0x3, [0x6, 0x2]}, {r3, 0x0, 0x2bdb4a558bde8311, [0x6, 0x2]}, 0x2, [0x0, 0x10000009]}) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="6000000010000108fdfffffffddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="000000042104020008001b000000000038001a8004002d"], 0x60}, 0x1, 0x0, 0x0, 0x4040080}, 0x0) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000) (async)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000006c0)={0x0, 0x2, 0x0, &(0x7f0000000240)=[{}, {}], 0x1, 0x0, &(0x7f0000000180)=[{}], 0xa, 0x0, &(0x7f0000000300)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x6, 0x0, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}]}) (async)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000680)={r5, &(0x7f00000005c0), &(0x7f0000000600)}) (async)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) (async)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'}) (async)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000d40)=@newqdisc={0x6c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x7, 0x9, 0x3, 0x2, 0x3, 0x4, 0x4ea, 0x7, 0xbd6, 0x58, 0x18, 0xb, 0xf, 0x2, 0x7, 0xfffff14e}}]}}]}, 0x6c}}, 0x0) (async)
connect$vsock_stream(r6, &(0x7f0000000000), 0x10) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async)

52.482795ms ago: executing program 0 (id=995):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x74, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000300)="644ee8", 0x3}], 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000700)=[0x1], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000740)=[0x2], 0x0, 0x0, 0x1}}, 0x40)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0xfeffff, 0xa40, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'hsr0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r7, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES32=r7], 0x68}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7}, [@map_fd={0x18, 0x9, 0x1, 0x0, r0}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x6a7}, @map_idx_val={0x18, 0xd, 0x6, 0x0, 0x2}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @alu={0x4, 0x1, 0x2, 0x9, 0x3813d22dadc44b52, 0x10, 0xffffffffffffffff}]}, &(0x7f0000000380)='syzkaller\x00', 0x3, 0x1000, &(0x7f0000001b40)=""/4096, 0x40f00, 0x8, '\x00', r7, 0x0, r0, 0x8, &(0x7f00000003c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0xd, 0x7, 0x6}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000440)=[{0x3, 0x1, 0x1, 0x5}], 0x10, 0x1}, 0x94)

52.21206ms ago: executing program 4 (id=996):
syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x0, 0x5, 0x4, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x80)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc67", 0xc}], 0x1}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000003c0)="0f326635004000000f300f00d636808a0d0001ba4300b80b00eb66b88c5000000f23d02a3ff866352000000e0f23f80f01c30f789deb32660f3a21cf220f2bb00058660f1bde", 0x46}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
syz_io_uring_setup(0x56d6, &(0x7f0000000440)={0x0, 0xabf4, 0x8, 0x4, 0x24f}, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r6, 0x2)
r7 = socket$alg(0x26, 0x5, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
bind$alg(r7, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6000fcff00180601fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60c20000907800001e020000"], 0x0)

436.559µs ago: executing program 2 (id=997):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0xd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xff}, 0x1c)
ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x1000) (async)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1024040}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd70107c05219d040000e2040000000600010005000000080009"], 0x48}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

0s ago: executing program 0 (id=998):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000800)={0x1c, 0x76, 0x31f, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}, @nested={0x4, 0xd}]}, 0x1c}], 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER_INTVL={0xc, 0x20, 0x6dc8}]}}}]}, 0x40}}, 0x0)

kernel console output (not intermixed with test programs):

ext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  102.343635][   T40] audit: type=1400 audit(1774556552.306:948): avc:  denied  { mounton } for  pid=7473 comm="syz.0.414" path="/bus" dev="ramfs" ino=19491 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  102.352294][ T7474] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  102.355332][ T7474] overlayfs: failed to set xattr on upper
[  102.357725][ T7474] overlayfs: ...falling back to redirect_dir=nofollow.
[  102.360442][ T7474] overlayfs: ...falling back to index=off.
[  102.363031][ T7474] overlayfs: ...falling back to uuid=null.
[  102.366225][ T7474] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  102.426634][   T63] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  102.510221][ T7490] bond0: (slave bond_slave_1): Releasing backup interface
[  102.701509][   T40] audit: type=1400 audit(1774556552.666:949): avc:  denied  { shutdown } for  pid=7496 comm="syz.4.419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  102.781883][ T7504] MTD: Attempt to mount non-MTD device "/dev/nbd4"
[  102.858129][ T7511] __nla_validate_parse: 5 callbacks suppressed
[  102.858143][ T7511] netlink: 32 bytes leftover after parsing attributes in process `syz.4.423'.
[  102.858396][ T7512] netlink: 32 bytes leftover after parsing attributes in process `syz.4.423'.
[  103.203360][ T7527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.427'.
[  103.394399][   T24] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  103.544415][   T24] usb 9-1: Using ep0 maxpacket: 32
[  103.547532][   T24] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  103.552997][   T24] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  103.556076][   T24] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  103.558684][   T24] usb 9-1: Product: syz
[  103.560123][   T24] usb 9-1: Manufacturer: syz
[  103.561684][   T24] usb 9-1: SerialNumber: syz
[  103.564883][   T24] usb 9-1: config 0 descriptor??
[  103.567596][ T7526] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  103.570710][   T24] hub 9-1:0.0: bad descriptor, ignoring hub
[  103.572776][   T24] hub 9-1:0.0: probe with driver hub failed with error -5
[  103.969700][   T40] audit: type=1400 audit(1774556553.936:950): avc:  denied  { create } for  pid=7532 comm="syz.1.430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  103.971271][ T7533] openvswitch: netlink: Flow actions attr not present in new flow.
[  103.978213][   T40] audit: type=1400 audit(1774556553.936:951): avc:  denied  { getopt } for  pid=7532 comm="syz.1.430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  104.193450][ T7546] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  105.339396][ T7476] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  105.493977][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.0.442'.
[  105.495008][   T40] audit: type=1400 audit(1774556555.466:952): avc:  denied  { append } for  pid=7580 comm="syz.2.441" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  105.531250][   T40] audit: type=1400 audit(1774556555.496:953): avc:  denied  { add_name } for  pid=7587 comm="syz.2.443" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  105.548456][ T7590] netlink: 16 bytes leftover after parsing attributes in process `syz.1.444'.
[  105.634555][ T7599] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  105.638324][ T7599] SELinux: failed to load policy
[  105.652397][ T7599] netlink: 52 bytes leftover after parsing attributes in process `syz.0.446'.
[  105.745991][ T7604] lo: entered promiscuous mode
[  105.748104][ T7604] lo: entered allmulticast mode
[  105.753651][ T7604] tunl0: entered promiscuous mode
[  105.756569][ T7604] tunl0: entered allmulticast mode
[  105.759457][ T7604] gre0: entered promiscuous mode
[  105.761064][ T7604] gre0: entered allmulticast mode
[  105.767284][ T7604] gretap0: entered promiscuous mode
[  105.769230][ T7604] gretap0: entered allmulticast mode
[  105.774088][ T7604] erspan0: entered promiscuous mode
[  105.776924][ T7604] erspan0: entered allmulticast mode
[  105.781402][ T7604] ip_vti0: entered promiscuous mode
[  105.783674][ T7604] ip_vti0: entered allmulticast mode
[  105.787625][ T7604] ip6_vti0: entered promiscuous mode
[  105.789839][ T7604] ip6_vti0: entered allmulticast mode
[  105.794199][ T7604] sit0: entered promiscuous mode
[  105.799215][ T7604] sit0: entered allmulticast mode
[  105.805226][ T7604] ip6tnl0: entered promiscuous mode
[  105.807159][ T7604] ip6tnl0: entered allmulticast mode
[  105.811231][ T7604] ip6gre0: entered promiscuous mode
[  105.813403][ T7604] ip6gre0: entered allmulticast mode
[  105.822115][ T7604] syz_tun: entered promiscuous mode
[  105.824203][ T7604] syz_tun: entered allmulticast mode
[  105.827963][ T7604] ip6gretap0: entered promiscuous mode
[  105.829683][ T7604] ip6gretap0: entered allmulticast mode
[  105.833232][ T7604] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.835753][ T7604] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.839334][ T7604] bridge0: entered promiscuous mode
[  105.841008][ T7604] bridge0: entered allmulticast mode
[  105.844555][ T7604] vcan0: entered promiscuous mode
[  105.846202][ T7604] vcan0: entered allmulticast mode
[  105.848624][ T7604] bond0: entered promiscuous mode
[  105.850242][ T7604] bond_slave_0: entered promiscuous mode
[  105.852310][ T7604] bond_slave_1: entered promiscuous mode
[  105.854128][ T7604] bond0: entered allmulticast mode
[  105.857584][ T7604] bond_slave_0: entered allmulticast mode
[  105.859361][ T7604] bond_slave_1: entered allmulticast mode
[  105.862685][ T7604] team0: entered promiscuous mode
[  105.865080][ T7604] team_slave_0: entered promiscuous mode
[  105.867044][ T7604] team_slave_1: entered promiscuous mode
[  105.868985][ T7604] team0: entered allmulticast mode
[  105.870677][ T7604] team_slave_0: entered allmulticast mode
[  105.872563][ T7604] team_slave_1: entered allmulticast mode
[  105.875911][ T7604] dummy0: entered promiscuous mode
[  105.877562][ T7604] dummy0: entered allmulticast mode
[  105.882578][ T7604] nlmon0: entered promiscuous mode
[  105.884771][ T7604] nlmon0: entered allmulticast mode
[  105.887438][ T7604] caif0: entered promiscuous mode
[  105.889426][ T7604] caif0: entered allmulticast mode
[  105.891240][ T7604] batadv0: entered promiscuous mode
[  105.892950][ T7604] batadv0: entered allmulticast mode
[  105.896975][ T7604] vxcan0: entered promiscuous mode
[  105.898598][ T7604] vxcan0: entered allmulticast mode
[  105.900716][ T7604] vxcan1: entered promiscuous mode
[  105.902383][ T7604] vxcan1: entered allmulticast mode
[  105.905291][ T7604] veth0: entered promiscuous mode
[  105.907131][ T7604] veth0: entered allmulticast mode
[  105.910119][ T7604] veth1: entered promiscuous mode
[  105.911744][ T7604] veth1: entered allmulticast mode
[  105.936036][ T7604] wg0: entered promiscuous mode
[  105.937650][ T7604] wg0: entered allmulticast mode
[  105.940744][ T7604] wg1: entered promiscuous mode
[  105.942324][ T7604] wg1: entered allmulticast mode
[  105.946717][ T7604] wg2: entered promiscuous mode
[  105.948767][ T7604] wg2: entered allmulticast mode
[  105.951817][ T7604] veth0_to_bridge: entered promiscuous mode
[  105.953753][ T7604] veth0_to_bridge: entered allmulticast mode
[  105.960095][ T7604] veth1_to_bridge: entered promiscuous mode
[  105.962360][ T7604] veth1_to_bridge: entered allmulticast mode
[  105.966420][ T7604] veth0_to_bond: entered promiscuous mode
[  105.968273][ T7604] veth0_to_bond: entered allmulticast mode
[  105.971632][ T7604] veth1_to_bond: entered promiscuous mode
[  105.973695][ T7604] veth1_to_bond: entered allmulticast mode
[  105.979668][ T7604] veth0_to_team: entered promiscuous mode
[  105.982140][ T7604] veth0_to_team: entered allmulticast mode
[  105.989853][ T7604] veth1_to_team: entered promiscuous mode
[  105.992154][ T7604] veth1_to_team: entered allmulticast mode
[  105.997800][ T7604] veth0_to_batadv: entered promiscuous mode
[  106.000393][ T7604] veth0_to_batadv: entered allmulticast mode
[  106.004814][ T7604] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.008110][ T7604] batadv_slave_0: entered promiscuous mode
[  106.010080][ T7604] batadv_slave_0: entered allmulticast mode
[  106.013341][ T7604] veth1_to_batadv: entered promiscuous mode
[  106.016363][ T7604] veth1_to_batadv: entered allmulticast mode
[  106.019482][ T7604] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.021891][ T7604] batadv_slave_1: entered promiscuous mode
[  106.023915][ T7604] batadv_slave_1: entered allmulticast mode
[  106.028052][ T7604] xfrm0: entered promiscuous mode
[  106.029677][ T7604] xfrm0: entered allmulticast mode
[  106.032337][ T7604] veth0_to_hsr: entered promiscuous mode
[  106.034701][ T7604] veth0_to_hsr: entered allmulticast mode
[  106.037686][ T7604] hsr_slave_0: entered allmulticast mode
[  106.040299][ T7604] veth1_to_hsr: entered promiscuous mode
[  106.042159][ T7604] veth1_to_hsr: entered allmulticast mode
[  106.046031][ T7604] hsr_slave_1: entered allmulticast mode
[  106.050204][ T7604] hsr0: entered promiscuous mode
[  106.052286][ T7604] hsr0: entered allmulticast mode
[  106.057477][ T7604] veth1_virt_wifi: entered promiscuous mode
[  106.059901][ T7604] veth1_virt_wifi: entered allmulticast mode
[  106.064660][ T7604] veth0_virt_wifi: entered promiscuous mode
[  106.067068][ T7604] veth0_virt_wifi: entered allmulticast mode
[  106.071021][ T7604] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  106.077816][ T7604] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  106.081252][ T7604] veth1_vlan: entered allmulticast mode
[  106.085779][ T7604] veth0_vlan: entered allmulticast mode
[  106.088391][ T7604] vlan0: entered promiscuous mode
[  106.090758][ T7604] vlan0: entered allmulticast mode
[  106.093165][ T7604] vlan1: entered promiscuous mode
[  106.096387][ T7604] vlan1: entered allmulticast mode
[  106.099212][ T7604] macvlan0: entered promiscuous mode
[  106.101481][ T7604] macvlan0: entered allmulticast mode
[  106.106685][ T7604] macvlan1: entered promiscuous mode
[  106.111092][ T7604] macvlan1: entered allmulticast mode
[  106.116135][ T7604] ipvlan0: entered promiscuous mode
[  106.117739][ T7604] ipvlan0: entered allmulticast mode
[  106.119591][ T7604] ipvlan1: entered promiscuous mode
[  106.121242][ T7604] ipvlan1: entered allmulticast mode
[  106.123267][ T7604] veth1_macvtap: entered allmulticast mode
[  106.128613][ T7604] veth0_macvtap: entered allmulticast mode
[  106.135331][ T7604] macvtap0: entered promiscuous mode
[  106.137625][ T7604] macvtap0: entered allmulticast mode
[  106.142125][ T7604] macsec0: entered promiscuous mode
[  106.144199][ T7604] macsec0: entered allmulticast mode
[  106.148247][ T7604] geneve0: entered promiscuous mode
[  106.150279][ T7604] geneve0: entered allmulticast mode
[  106.158818][ T7604] geneve1: entered promiscuous mode
[  106.160999][ T7604] geneve1: entered allmulticast mode
[  106.194765][ T7604] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  106.198106][ T7604] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  106.204443][ T7604] netdevsim netdevsim2 netdevsim1: entered promiscuous mode
[  106.207106][ T7604] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[  106.212827][ T7604] netdevsim netdevsim2 netdevsim2: entered promiscuous mode
[  106.219017][ T7604] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[  106.229968][ T7604] netdevsim netdevsim2 netdevsim3: entered promiscuous mode
[  106.233160][ T7604] netdevsim netdevsim2 netdevsim3: entered allmulticast mode
[  106.233435][ T7624] netlink: 68 bytes leftover after parsing attributes in process `syz.4.453'.
[  106.244869][ T1327] usb 9-1: USB disconnect, device number 5
[  106.246748][ T7604] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  106.249697][ T7604] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  106.260896][ T7604] mac80211_hwsim hwsim6 wlan1: entered promiscuous mode
[  106.263817][ T7604] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode
[  106.269170][ T7604] syztnl0: entered promiscuous mode
[  106.271341][ T7604] syztnl0: entered allmulticast mode
[  106.273632][ T7604] vxlan0: entered promiscuous mode
[  106.276885][ T7604] vxlan0: entered allmulticast mode
[  106.279179][ T7604] vxcan2: entered promiscuous mode
[  106.281295][ T7604] vxcan2: entered allmulticast mode
[  106.283483][ T7604] vxcan3: entered promiscuous mode
[  106.286207][ T7604] vxcan3: entered allmulticast mode
[  106.288491][ T7604] gretap1: entered allmulticast mode
[  106.291408][ T7604] bond1: entered allmulticast mode
[  106.294898][ T7604] : entered allmulticast mode
[  106.308354][  T101] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  106.311264][  T101] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  106.332282][  T101] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  106.335349][  T101] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  106.436740][ T7635] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2571 sclass=netlink_route_socket pid=7635 comm=syz.4.457
[  106.485869][ T7640] tmpfs: Unknown parameter 'm��Vinterleave'
[  106.487105][ T7638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.458'.
[  106.496587][ T7640] netlink: 92 bytes leftover after parsing attributes in process `syz.4.459'.
[  106.539439][ T7643] sctp: [Deprecated]: syz.2.460 (pid 7643) Use of int in max_burst socket option deprecated.
[  106.539439][ T7643] Use struct sctp_assoc_value instead
[  106.748629][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  106.748642][   T40] audit: type=1400 audit(1774556556.716:964): avc:  denied  { write } for  pid=7656 comm="syz.2.467" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  106.758871][ T7657] binder: BINDER_SET_CONTEXT_MGR already set
[  106.760939][ T7657] binder: 7656:7657 ioctl 4018620d 200000000200 returned -16
[  106.797224][   T40] audit: type=1400 audit(1774556556.766:965): avc:  denied  { write } for  pid=7661 comm="syz.2.468" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  106.995120][ T7670] syzkaller0: entered promiscuous mode
[  106.997931][ T7670] syzkaller0: entered allmulticast mode
[  107.047989][   T40] audit: type=1400 audit(1774556557.016:966): avc:  denied  { map } for  pid=7684 comm="syz.4.474" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  107.120814][   T40] audit: type=1326 audit(1774556557.086:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.130710][ T7689] program syz.4.475 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  107.131197][   T40] audit: type=1326 audit(1774556557.086:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.143759][   T40] audit: type=1326 audit(1774556557.086:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.152164][   T40] audit: type=1326 audit(1774556557.086:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.160319][   T40] audit: type=1326 audit(1774556557.086:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.169343][   T40] audit: type=1326 audit(1774556557.086:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.176571][   T40] audit: type=1326 audit(1774556557.086:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.4.475" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7ffc0000
[  107.235332][ T7692] netlink: 45 bytes leftover after parsing attributes in process `syz.0.476'.
[  107.240553][ T7694] netlink: 'syz.4.477': attribute type 1 has an invalid length.
[  107.311589][ T7692] netlink: 'syz.0.476': attribute type 21 has an invalid length.
[  107.317435][ T7692] IPv6: NLM_F_CREATE should be specified when creating new route
[  107.894872][ T7709] Bluetooth: MGMT ver 1.23
[  108.314541][   T34] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  108.433150][ T7763] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  108.444381][   T34] usb 6-1: device descriptor read/64, error -71
[  108.686122][ T7768] /dev/sr0: Can't open blockdev
[  108.694442][   T34] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  108.824436][   T34] usb 6-1: device descriptor read/64, error -71
[  108.934626][   T34] usb usb6-port1: attempt power cycle
[  109.096931][ T7795] syzkaller0: entered promiscuous mode
[  109.098986][ T7795] syzkaller0: entered allmulticast mode
[  109.105714][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.108375][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.110781][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.113011][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.115668][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.118289][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.120699][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.123001][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.125164][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.127355][ T7795] tc action pedit 'at' offset -2147483647 out of bounds
[  109.129645][ T7795] 0: reclassify loop, rule prio 0, protocol 800
[  109.160378][ T7801] netlink: 228 bytes leftover after parsing attributes in process `syz.0.508'.
[  109.277223][   T34] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  109.295392][   T34] usb 6-1: device descriptor read/8, error -71
[  109.544397][   T34] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  109.565638][   T34] usb 6-1: device descriptor read/8, error -71
[  109.621597][ T7826] Sensor A: =================  START STATUS  =================
[  109.625082][ T7826] Sensor A: Test Pattern: 75% Colorbar
[  109.627232][ T7826] Sensor A: Show Information: All
[  109.628945][ T7826] Sensor A: Vertical Flip: true
[  109.630692][ T7826] Sensor A: Horizontal Flip: false
[  109.632765][ T7826] Sensor A: Brightness: 128
[  109.635761][ T7826] Sensor A: Contrast: 128
[  109.637204][ T7826] Sensor A: Hue: 0
[  109.638442][ T7826] Sensor A: Saturation: 128
[  109.640079][ T7826] Sensor A: ==================  END STATUS  ==================
[  109.675216][   T34] usb usb6-port1: unable to enumerate USB device
[  110.037501][ T7850] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  110.042116][   T46] Bluetooth: hci4: Frame reassembly failed (-84)
[  110.261252][ T7852] CIFS mount error: No usable UNC path provided in device string!
[  110.261252][ T7852] 
[  110.265261][ T7852] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  110.269240][ T7852] binder: 7851:7852 ioctl 4018620d 0 returned -22
[  110.279892][ T7852] binder: 7851:7852 ioctl c0306201 2000000003c0 returned -14
[  110.473415][ T7854] overlay: ./bus is not a directory
[  110.877124][ T7866] netdevsim netdevsim4 ������: renamed from netdevsim0 (while UP)
[  110.926830][ T7868] netlink: 20 bytes leftover after parsing attributes in process `syz.4.527'.
[  110.930033][ T7868] bridge_slave_1: left allmulticast mode
[  110.932007][ T7868] bridge_slave_1: left promiscuous mode
[  110.934026][ T7868] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.940787][ T7868] bridge_slave_0: left allmulticast mode
[  110.942733][ T7868] bridge_slave_0: left promiscuous mode
[  110.946947][ T7868] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.314566][ T7922] netlink: 'syz.1.532': attribute type 11 has an invalid length.
[  111.320988][ T7922] netlink: 244 bytes leftover after parsing attributes in process `syz.1.532'.
[  111.465524][ T1327] IPVS: starting estimator thread 0...
[  111.555200][ T7944] IPVS: using max 25 ests per chain, 60000 per kthread
[  111.756891][   T40] kauditd_printk_skb: 109 callbacks suppressed
[  111.756907][   T40] audit: type=1326 audit(1774556561.726:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.4.527" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7fc00000
[  111.767107][   T40] audit: type=1326 audit(1774556561.726:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.4.527" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f272659c799 code=0x7fc00000
[  111.774559][   T40] audit: type=1326 audit(1774556561.726:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.4.527" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7fc00000
[  111.783417][   T40] audit: type=1326 audit(1774556561.726:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.4.527" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7fc00000
[  111.784577][   T10] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  111.791798][   T40] audit: type=1326 audit(1774556561.726:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.4.527" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272659c799 code=0x7fc00000
[  111.816826][ T7950] netlink: 20 bytes leftover after parsing attributes in process `syz.4.537'.
[  111.934506][   T10] usb 6-1: device descriptor read/64, error -71
[  112.044473][ T5940] Bluetooth: hci4: command 0x1003 tx timeout
[  112.045307][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  112.182391][ T7968] macvlan2: entered promiscuous mode
[  112.184448][   T10] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  112.218230][ T7975] dns_resolver: Unsupported server list version (0)
[  112.320826][   T40] audit: type=1400 audit(1774556562.286:1088): avc:  denied  { checkpoint_restore } for  pid=7981 comm="syz.2.548" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  112.324409][   T10] usb 6-1: device descriptor read/64, error -71
[  112.382274][ T7985] kvm: user requested TSC rate below hardware speed
[  112.435348][   T10] usb usb6-port1: attempt power cycle
[  112.654406][   T34] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  112.774470][   T10] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  112.794950][   T10] usb 6-1: device descriptor read/8, error -71
[  112.815093][   T34] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  112.819700][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.823978][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.828541][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.832532][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.837203][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.841414][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.848071][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.852413][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.857077][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.860270][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.864731][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.868874][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.872474][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.876617][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.880911][   T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.884447][   T34] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  112.889267][   T34] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  112.892398][   T34] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  112.895128][   T34] usb 7-1: Product: syz
[  112.896468][   T34] usb 7-1: Manufacturer: syz
[  112.897922][   T34] usb 7-1: SerialNumber: syz
[  112.900913][   T34] usb 7-1: config 0 descriptor??
[  112.944493][ T3243] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  113.044420][   T10] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  113.065252][   T10] usb 6-1: device descriptor read/8, error -71
[  113.104469][ T3243] usb 9-1: Using ep0 maxpacket: 32
[  113.107982][ T3243] usb 9-1: config 0 has no interfaces?
[  113.110109][ T3243] usb 9-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  113.111691][   T34] usb 7-1: USB disconnect, device number 8
[  113.113460][ T3243] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.124010][ T3243] usb 9-1: config 0 descriptor??
[  113.175513][   T10] usb usb6-port1: unable to enumerate USB device
[  113.341597][ T8005] mmap: syz.0.555 (8005): VmData 20946944 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[  113.344395][ T3243] usb 9-1: USB disconnect, device number 6
[  113.385106][ T8008] netlink: 488 bytes leftover after parsing attributes in process `syz.0.556'.
[  113.388304][ T8008] netlink: 1041 bytes leftover after parsing attributes in process `syz.0.556'.
[  113.394894][ T8008] binder_alloc: binder_alloc_mmap_handler: 8007 200000ffb000-200000fff000 already mapped failed -16
[  113.399580][ T8008] netlink: 'syz.0.556': attribute type 4 has an invalid length.
[  113.753493][   T40] audit: type=1400 audit(1774556563.716:1089): avc:  denied  { connect } for  pid=8016 comm="syz.2.559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  113.760563][   T40] audit: type=1400 audit(1774556563.716:1090): avc:  denied  { write } for  pid=8016 comm="syz.2.559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  113.853305][   T40] audit: type=1400 audit(1774556563.816:1091): avc:  denied  { map } for  pid=8024 comm="syz.2.562" path="socket:[21007]" dev="sockfs" ino=21007 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  113.863444][   T40] audit: type=1400 audit(1774556563.816:1092): avc:  denied  { read } for  pid=8024 comm="syz.2.562" path="socket:[21007]" dev="sockfs" ino=21007 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  113.920056][ T8025] input: syz1 as /devices/virtual/input/input14
[  113.922705][ T8030] IPVS: length: 120 != 24
[  113.963174][ T8030] syzkaller0: entered promiscuous mode
[  113.965952][ T8030] syzkaller0: entered allmulticast mode
[  114.202440][ T8044] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  114.221349][ T6411] IPVS: ip_vs_send_async error -101
[  114.382304][ T8055] netlink: 40 bytes leftover after parsing attributes in process `syz.2.570'.
[  114.486193][ T8060] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8060 comm=syz.2.570
[  115.309392][ T8085] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  115.352158][ T8090] binder: 8088:8090 ioctl 80247009 2000000001c0 returned -22
[  115.355777][ T8089] binder: 8088:8089 ioctl c0306201 200000000240 returned -14
[  115.360962][ T8081] 9p: Could not find request transport: v�-�&Cܹ��lh�fd�U���
[  115.404137][ T8096] atomic_op ffff888030a63198 conn xmit_atomic 0000000000000000
[  115.464360][ T8112] netlink: 20 bytes leftover after parsing attributes in process `syz.2.583'.
[  115.467548][ T8112] tipc: Started in network mode
[  115.469210][ T8112] tipc: Node identity , cluster identity 4711
[  115.471300][ T8112] tipc: Failed to obtain node identity
[  115.473243][ T8112] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[  115.549094][ T8136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7785 sclass=netlink_route_socket pid=8136 comm=syz.4.588
[  115.706145][ T8156] IPv6: NLM_F_CREATE should be specified when creating new route
[  115.716791][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.2.593'.
[  115.841060][ T8180] sctp: [Deprecated]: syz.0.598 (pid 8180) Use of int in max_burst socket option.
[  115.841060][ T8180] Use struct sctp_assoc_value instead
[  115.887998][ T8193] autofs: Bad value for 'fd'
[  115.896973][ T8184] syzkaller0: entered allmulticast mode
[  115.901279][ T8187] overlayfs: conflicting lowerdir path
[  116.098751][ T8214] xt_socket: unknown flags 0x48
[  116.272216][ T8234] syzkaller0: entered promiscuous mode
[  116.274369][ T8234] syzkaller0: entered allmulticast mode
[  117.249744][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  117.249755][   T40] audit: type=1400 audit(1774556567.216:1109): avc:  denied  { getopt } for  pid=8255 comm="syz.2.618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  117.408184][ T8275] netlink: 4 bytes leftover after parsing attributes in process `syz.4.623'.
[  117.501099][ T8294] netlink: 'syz.0.622': attribute type 1 has an invalid length.
[  117.532899][ T8294] 8021q: adding VLAN 0 to HW filter on device bond3
[  117.536714][ T8300] netlink: 'syz.1.629': attribute type 29 has an invalid length.
[  117.546061][ T8302] ocfs2: Unknown parameter 'grpquota'
[  117.550684][ T8294] bond3: (slave geneve2): making interface the new active one
[  117.565821][ T8294] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  117.569523][ T8300] netlink: 'syz.1.629': attribute type 29 has an invalid length.
[  117.617752][   T40] audit: type=1400 audit(1774556567.576:1110): avc:  denied  { mounton } for  pid=8312 comm="syz.0.634" path="/176/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  117.629935][   T40] audit: type=1400 audit(1774556567.586:1111): avc:  denied  { watch } for  pid=8312 comm="syz.0.634" path="/176/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  117.786978][ T8330] fuse: Bad value for 'user_id'
[  117.788579][ T8330] fuse: Bad value for 'user_id'
[  117.804371][ T8310] mmap: syz.4.632 (8310) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  118.004427][ T8348] IPVS: sync thread started: state = MASTER, mcast_ifn = batadv0, syncid = 0, id = 0
[  118.202279][ T8366] netlink: 28 bytes leftover after parsing attributes in process `syz.1.649'.
[  118.207723][ T8366] netlink: 44 bytes leftover after parsing attributes in process `syz.1.649'.
[  118.245036][   T40] audit: type=1400 audit(1774556568.216:1112): avc:  denied  { map } for  pid=8367 comm="syz.1.650" path="/proc/439/pagemap" dev="proc" ino=23592 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  118.321265][ T8378] netlink: 'syz.0.653': attribute type 1 has an invalid length.
[  118.323917][ T8378] netlink: 224 bytes leftover after parsing attributes in process `syz.0.653'.
[  118.405135][   T40] audit: type=1400 audit(1774556568.376:1113): avc:  denied  { create } for  pid=8385 comm="syz.0.656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  118.406613][ T8386] netlink: 512 bytes leftover after parsing attributes in process `syz.0.656'.
[  118.500193][ T8397] bond4: (slave vlan0): Enslaving as a backup interface with an up link
[  118.584588][ T6015] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  118.606124][ T8410] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  118.714424][ T6015] usb 9-1: device descriptor read/64, error -71
[  118.727164][ T8423] binder: 8421:8423 unknown command 0
[  118.729560][ T8423] binder: 8421:8423 ioctl c0306201 200000000080 returned -22
[  118.793213][ T8430] netlink: 'syz.1.670': attribute type 1 has an invalid length.
[  118.805689][ T8430] bond1: entered promiscuous mode
[  118.810285][ T8430] bond1: entered allmulticast mode
[  118.812309][ T8430] 8021q: adding VLAN 0 to HW filter on device bond1
[  118.820484][ T8430] erspan1: entered allmulticast mode
[  118.824207][ T8430] bond1: (slave erspan1): making interface the new active one
[  118.828835][ T8430] erspan1: entered promiscuous mode
[  118.833151][ T8430] bond1: (slave erspan1): Enslaving as an active interface with an up link
[  118.843576][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.846501][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.848830][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.852095][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.855142][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.857470][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.859772][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.862054][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.865468][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.867980][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.870457][   T40] audit: type=1400 audit(1774556568.836:1114): avc:  denied  { listen } for  pid=8436 comm="syz.1.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  118.875948][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.877964][   T40] audit: type=1400 audit(1774556568.846:1115): avc:  denied  { accept } for  pid=8436 comm="syz.1.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  118.880330][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.887864][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.890394][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.893414][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.896318][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.898665][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.900968][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.903403][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.906069][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.910293][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.912682][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.915053][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.917401][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.919911][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.922792][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.925576][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.927894][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.930256][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.932618][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.935034][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.937623][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.940051][ T8434] comedi comedi0: comedi_config --init_data is deprecated
[  118.954415][ T6015] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  119.084968][ T6015] usb 9-1: device descriptor read/64, error -71
[  119.194959][ T6015] usb usb9-port1: attempt power cycle
[  119.554918][ T6015] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  119.574453][ T3243] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  119.578126][ T6015] usb 9-1: device descriptor read/8, error -71
[  119.730394][ T3243] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  119.736483][ T3243] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.740935][ T3243] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.745947][ T3243] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  119.751050][ T3243] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  119.754064][ T3243] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  119.766744][ T3243] usb 5-1: Manufacturer: syz
[  119.774824][ T3243] usb 5-1: config 0 descriptor??
[  119.834352][ T6015] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  119.855072][ T6015] usb 9-1: device descriptor read/8, error -71
[  119.974948][ T6015] usb usb9-port1: unable to enumerate USB device
[  120.187623][ T3243] appleir 0003:05AC:8243.0008: unknown main item tag 0x0
[  120.195693][ T3243] appleir 0003:05AC:8243.0008: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  120.446429][ T8448] xt_TCPMSS: Only works on TCP SYN packets
[  120.449392][   T24] usb 5-1: USB disconnect, device number 3
[  120.756846][ T8470] kvm: pic: non byte write
[  120.816808][   T63] Bluetooth: hci2: link tx timeout
[  120.818790][   T63] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  120.969155][   T40] audit: type=1400 audit(1774556570.936:1116): avc:  denied  { shutdown } for  pid=8484 comm="syz.1.681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  120.969904][ T8485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket pid=8485 comm=syz.1.681
[  121.229875][   T63] Bluetooth: hci2: link tx timeout
[  121.231598][   T63] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  121.456029][   T40] audit: type=1400 audit(1774556571.426:1117): avc:  denied  { read write } for  pid=6822 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  121.466860][   T40] audit: type=1400 audit(1774556571.426:1118): avc:  denied  { open } for  pid=6822 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  122.249276][   T63] Bluetooth: hci2: link tx timeout
[  122.251110][   T63] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  122.453144][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  122.453552][   T40] audit: type=1400 audit(1774556572.416:1144): avc:  denied  { create } for  pid=8514 comm="syz.4.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  122.466159][   T40] audit: type=1400 audit(1774556572.426:1145): avc:  denied  { write } for  pid=8514 comm="syz.4.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  122.474026][   T40] audit: type=1400 audit(1774556572.426:1146): avc:  denied  { read write } for  pid=8514 comm="syz.4.691" name="video3" dev="devtmpfs" ino=959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  122.482919][   T40] audit: type=1400 audit(1774556572.426:1147): avc:  denied  { open } for  pid=8514 comm="syz.4.691" path="/dev/video3" dev="devtmpfs" ino=959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  122.491059][   T40] audit: type=1400 audit(1774556572.436:1148): avc:  denied  { ioctl } for  pid=8514 comm="syz.4.691" path="/dev/video3" dev="devtmpfs" ino=959 ioctlcmd=0x5608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  122.580095][ T8517] SELinux:  policydb version 257446714 does not match my version range 15-35
[  122.583360][   T40] audit: type=1400 audit(1774556572.546:1149): avc:  denied  { load_policy } for  pid=8516 comm="syz.4.692" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  122.584465][ T8517] SELinux: failed to load policy
[  122.599004][ T8454] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  122.650914][   T40] audit: type=1400 audit(1774556572.616:1150): avc:  denied  { create } for  pid=8521 comm="syz.1.694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  122.679794][   T40] audit: type=1400 audit(1774556572.646:1151): avc:  denied  { create } for  pid=8526 comm="syz.0.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  122.687326][   T40] audit: type=1400 audit(1774556572.646:1152): avc:  denied  { map_create } for  pid=8524 comm="syz.2.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  122.694960][   T40] audit: type=1400 audit(1774556572.646:1153): avc:  denied  { map_read map_write } for  pid=8524 comm="syz.2.697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  122.773179][ T8532] netlink: 20 bytes leftover after parsing attributes in process `syz.4.698'.
[  122.845784][   T63] Bluetooth: hci2: command 0x0406 tx timeout
[  122.946711][ T8548] netlink: 'syz.2.702': attribute type 1 has an invalid length.
[  123.021411][ T8555] netlink: 96 bytes leftover after parsing attributes in process `syz.4.704'.
[  123.021787][ T8556] netlink: 96 bytes leftover after parsing attributes in process `syz.4.704'.
[  123.065661][ T8558] netlink: 8 bytes leftover after parsing attributes in process `syz.4.705'.
[  123.109844][ T8560] netlink: zone id is out of range
[  123.111839][ T8560] netlink: zone id is out of range
[  123.113673][ T8560] netlink: zone id is out of range
[  123.115584][ T8560] netlink: get zone limit has 4 unknown bytes
[  123.263941][ T8566] ref_ctr_offset mismatch. inode: 0x401 offset: 0x0 ref_ctr_offset(old): 0x16 ref_ctr_offset(new): 0x0
[  123.320537][ T8571] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  123.325506][ T8571] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  123.467933][ T8584] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  123.517247][ T8593] SELinux:  Context system_u:object_r:dlm_control_device_t:s0 is not valid (left unmapped).
[  123.824580][ T6006] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  123.847530][ T8611] netlink: 'syz.1.721': attribute type 7 has an invalid length.
[  123.851049][ T8611] netlink: 'syz.1.721': attribute type 7 has an invalid length.
[  123.917637][ T8618] netlink: 'syz.1.723': attribute type 7 has an invalid length.
[  123.977990][ T6006] usb 5-1: not running at top speed; connect to a high speed hub
[  123.983115][ T6006] usb 5-1: config 3 has an invalid interface number: 187 but max is 2
[  123.986043][ T6006] usb 5-1: config 3 has an invalid interface number: 6 but max is 2
[  123.989175][ T6006] usb 5-1: config 3 contains an unexpected descriptor of type 0x2, skipping
[  123.992120][ T6006] usb 5-1: config 3 has an invalid interface number: 236 but max is 2
[  123.995097][ T6006] usb 5-1: config 3 has an invalid descriptor of length 1, skipping remainder of the config
[  123.998115][ T6006] usb 5-1: config 3 has no interface number 0
[  124.000102][ T6006] usb 5-1: config 3 has no interface number 1
[  124.002274][ T6006] usb 5-1: config 3 has no interface number 2
[  124.004499][ T6006] usb 5-1: config 3 interface 187 altsetting 0 endpoint 0xF has invalid maxpacket 1023, setting to 64
[  124.007908][ T6006] usb 5-1: config 3 interface 187 altsetting 0 has a duplicate endpoint with address 0xF, skipping
[  124.011227][ T6006] usb 5-1: config 3 interface 187 altsetting 0 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[  124.014826][ T6006] usb 5-1: config 3 interface 187 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  124.018150][ T6006] usb 5-1: config 3 interface 187 altsetting 0 has an endpoint descriptor with address 0x71, changing to 0x1
[  124.021692][ T6006] usb 5-1: config 3 interface 187 altsetting 0 endpoint 0x1 has an invalid bInterval 159, changing to 4
[  124.025399][ T6006] usb 5-1: config 3 interface 187 altsetting 0 endpoint 0x1 has invalid maxpacket 2681, setting to 1023
[  124.028814][ T6006] usb 5-1: config 3 interface 187 altsetting 0 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  124.032244][ T6006] usb 5-1: config 3 interface 187 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  124.035604][ T6006] usb 5-1: config 3 interface 187 altsetting 0 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[  124.039011][ T6006] usb 5-1: config 3 interface 187 altsetting 0 has 13 endpoint descriptors, different from the interface descriptor's value: 12
[  124.043134][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0x9, skipping
[  124.046767][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  124.050047][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  124.053352][ T6006] usb 5-1: config 3 interface 6 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  124.056772][ T6006] usb 5-1: config 3 interface 6 altsetting 0 endpoint 0xD has invalid maxpacket 512, setting to 64
[  124.060124][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0x3, skipping
[  124.063413][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  124.066940][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0x6, skipping
[  124.070421][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0x1, skipping
[  124.073700][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0x1, skipping
[  124.077021][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0x1, skipping
[  124.080286][ T6006] usb 5-1: config 3 interface 6 altsetting 0 has a duplicate endpoint with address 0xA, skipping
[  124.083635][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0xE, skipping
[  124.087355][ T6006] usb 5-1: config 3 interface 236 altsetting 7 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  124.091218][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0xD, skipping
[  124.094711][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  124.096749][ T8620] dvmrp6: entered allmulticast mode
[  124.098027][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0x2, skipping
[  124.098044][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[  124.098056][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0x6, skipping
[  124.098067][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[  124.098078][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has a duplicate endpoint with address 0x8, skipping
[  124.118660][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  124.122186][ T6006] usb 5-1: config 3 interface 236 altsetting 7 has 10 endpoint descriptors, different from the interface descriptor's value: 16
[  124.126494][ T6006] usb 5-1: config 3 interface 236 has no altsetting 0
[  124.130136][ T6006] usb 5-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=59.7e
[  124.132986][ T6006] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.135526][ T6006] usb 5-1: Product: syz
[  124.136825][ T6006] usb 5-1: Manufacturer: syz
[  124.138274][ T6006] usb 5-1: SerialNumber: syz
[  124.456043][ T6006] msi2500 5-1:3.187: Registered as swradio24
[  124.459552][ T6006] msi2500 5-1:3.187: SDR API is still slightly experimental and functionality changes may follow
[  124.507404][ T6006] videodev: could not get a free minor
[  124.509746][ T6006] msi2500 5-1:3.6: Failed to register as video device (-23)
[  124.514185][ T6006] msi2500 5-1:3.6: probe with driver msi2500 failed with error -23
[  124.554801][ T6006] videodev: could not get a free minor
[  124.557328][ T6006] msi2500 5-1:3.236: Failed to register as video device (-23)
[  124.563795][ T6006] msi2500 5-1:3.236: probe with driver msi2500 failed with error -23
[  124.576590][ T6006] usb 5-1: USB disconnect, device number 4
[  124.773376][ T8657] netlink: 'syz.1.734': attribute type 10 has an invalid length.
[  124.776143][ T8657] macvlan0: entered allmulticast mode
[  124.788865][ T8660] Bluetooth: hci4: Frame reassembly failed (-84)
[  124.793966][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  124.832536][ T8662] binder: 8661:8662 unknown command 5001287
[  124.834785][ T8662] binder: 8661:8662 ioctl c0306201 2000000004c0 returned -22
[  124.863105][ T8666] binder: 8665:8666 ioctl c0306201 200000000040 returned -22
[  125.012654][ T6006] IPVS: starting estimator thread 0...
[  125.032431][ T8673] mkiss: ax0: crc mode is auto.
[  125.114586][ T8680] IPVS: using max 44 ests per chain, 105600 per kthread
[  125.226698][ T8698] vim2m vim2m.0: vidioc_s_fmt queue busy
[  125.514412][ T1465] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  125.664392][ T1465] usb 6-1: Using ep0 maxpacket: 32
[  125.669249][ T1465] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  125.672892][ T1465] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  125.677003][ T1465] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  125.681625][ T1465] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  125.688911][ T1465] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  125.691975][ T1465] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.694734][ T1465] usb 6-1: Product: syz
[  125.696164][ T1465] usb 6-1: Manufacturer: syz
[  125.697792][ T1465] usb 6-1: SerialNumber: syz
[  125.705475][    C3] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  125.711040][ T1465] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/input/input16
[  125.911150][ T8711] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  125.913292][ T8711] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  125.916729][ T8711] vhci_hcd vhci_hcd.0: Device attached
[  125.924407][ T1465] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  125.927511][ T1465]  (id 0x00)
[  125.974475][ T1465] rc_core: IR keymap rc-imon-pad not found
[  125.976674][ T1465] Registered IR keymap rc-empty
[  125.978472][ T1465] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  125.983852][ T1465] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  126.126132][ T1465] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/rc/rc0
[  126.132198][ T1465] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/rc/rc0/input17
[  126.138239][ T1465] imon 6-1:155.0: iMON device (15c2:ffdc, intf0) on usb<6:16> initialized
[  126.154440][ T8465] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  126.168101][   T24] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  126.264445][ T5970] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  126.334448][   T24] usb 5-1: device descriptor read/64, error -71
[  126.360910][ T8701] imon:send_packet: packet tx failed (-71)
[  126.361316][ T6015] usb 6-1: USB disconnect, device number 16
[  126.374661][ T8701] imon:vfd_write: send packet #0 failed
[  126.436025][ T5970] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  126.439449][ T5970] usb 7-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  126.444110][ T5970] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  126.449309][ T5970] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  126.452851][ T5970] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.458306][ T5970] usb 7-1: rejected 1 configuration due to insufficient available bus power
[  126.461059][ T5970] usb 7-1: no configuration chosen from 1 choice
[  126.574460][   T24] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  126.704434][   T24] usb 5-1: device descriptor read/64, error -71
[  126.815724][   T24] usb usb5-port1: attempt power cycle
[  126.844533][ T5940] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  126.844547][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  127.154468][   T24] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  127.185146][   T24] usb 5-1: device descriptor read/8, error -71
[  127.261321][ T8727] netlink: 'syz.1.753': attribute type 12 has an invalid length.
[  127.265635][ T8727] netlink: 'syz.1.753': attribute type 29 has an invalid length.
[  127.268261][ T8727] netlink: 148 bytes leftover after parsing attributes in process `syz.1.753'.
[  127.271344][ T8727] netlink: 59 bytes leftover after parsing attributes in process `syz.1.753'.
[  127.435333][   T24] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  127.465993][   T24] usb 5-1: device descriptor read/8, error -71
[  127.584512][   T24] usb usb5-port1: unable to enumerate USB device
[  127.698666][   T40] kauditd_printk_skb: 137 callbacks suppressed
[  127.698677][   T40] audit: type=1400 audit(1774556577.666:1291): avc:  denied  { ioctl } for  pid=8752 comm="syz.1.758" path="socket:[25268]" dev="sockfs" ino=25268 ioctlcmd=0x9434 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  127.714830][   T40] audit: type=1400 audit(1774556577.676:1292): avc:  denied  { read } for  pid=8752 comm="syz.1.758" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  127.730276][   T40] audit: type=1400 audit(1774556577.696:1293): avc:  denied  { append } for  pid=8756 comm="syz.4.760" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  127.744675][   T40] audit: type=1400 audit(1774556577.696:1294): avc:  denied  { mount } for  pid=8756 comm="syz.4.760" name="/" dev="autofs" ino=25275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  127.785233][ T8763] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  127.795748][ T8763] netlink: 788 bytes leftover after parsing attributes in process `syz.1.761'.
[  127.799987][ T8763] bond0: entered allmulticast mode
[  127.802442][ T8763] bond_slave_0: entered allmulticast mode
[  127.805577][ T8763] bond_slave_1: entered allmulticast mode
[  127.915564][   T40] audit: type=1400 audit(1774556577.886:1295): avc:  denied  { append } for  pid=8775 comm="syz.4.765" name="v4l-subdev0" dev="devtmpfs" ino=965 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  128.048187][ T8782] netlink: 12 bytes leftover after parsing attributes in process `syz.4.768'.
[  128.113132][   T40] audit: type=1400 audit(1774556578.076:1296): avc:  denied  { write } for  pid=8783 comm="syz.4.769" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  128.121238][   T40] audit: type=1400 audit(1774556578.076:1297): avc:  denied  { append } for  pid=8783 comm="syz.4.769" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  128.158009][   T40] audit: type=1400 audit(1774556578.126:1298): avc:  denied  { create } for  pid=8785 comm="syz.4.770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  128.186348][   T40] audit: type=1400 audit(1774556578.156:1299): avc:  denied  { create } for  pid=8789 comm="syz.4.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.192475][   T40] audit: type=1400 audit(1774556578.156:1300): avc:  denied  { write } for  pid=8789 comm="syz.4.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.567761][ T8809] netlink: 'syz.4.777': attribute type 1 has an invalid length.
[  128.855089][ T8818] netlink: 'syz.4.779': attribute type 1 has an invalid length.
[  128.875374][ T8818] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.925193][ T8712] vhci_hcd: connection reset by peer
[  128.930559][ T7920] vhci_hcd vhci_hcd.0: stop threads
[  128.932841][ T7920] vhci_hcd vhci_hcd.0: release socket
[  128.937132][ T7920] vhci_hcd vhci_hcd.0: disconnect device
[  128.944072][ T8824] netlink: 'syz.0.780': attribute type 1 has an invalid length.
[  129.039898][ T5970] usb 7-1: USB disconnect, device number 9
[  129.079604][ T8832] netlink: 'syz.2.784': attribute type 11 has an invalid length.
[  129.082213][ T8832] netlink: 132 bytes leftover after parsing attributes in process `syz.2.784'.
[  129.123195][ T8840] loop5: detected capacity change from 0 to 7
[  129.136676][ T7813] Dev loop5: unable to read RDB block 7
[  129.139267][ T7813]  loop5: AHDI p4
[  129.140882][ T7813] loop5: partition table partially beyond EOD, truncated
[  129.141942][ T8844] efs: cannot read volume header
[  129.150197][ T8840] Dev loop5: unable to read RDB block 7
[  129.152159][ T8840]  loop5: AHDI p4
[  129.153476][ T8840] loop5: partition table partially beyond EOD, truncated
[  129.423065][ T8874] ip6t_srh: unknown srh match flags  4015
[  129.494596][   T24] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  129.503193][ T8880] netlink: 8 bytes leftover after parsing attributes in process `syz.0.799'.
[  129.645999][   T24] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  129.649754][   T24] usb 7-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  129.653193][   T24] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  129.657472][   T24] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  129.661120][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.672589][   T24] usb 7-1: rejected 1 configuration due to insufficient available bus power
[  129.677272][   T24] usb 7-1: no configuration chosen from 1 choice
[  130.437964][ T8921] netlink: 'syz.4.805': attribute type 1 has an invalid length.
[  130.459514][ T8921] bond2: (slave geneve3): making interface the new active one
[  130.462153][ T8921] bond2: (slave geneve3): Enslaving as an active interface with an up link
[  130.468962][   T12] netdevsim netdevsim4 ������: set [1, 1] type 2 family 0 port 20004 - 0
[  130.472011][   T12] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  130.476355][ T7937] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  130.480229][ T7937] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  131.244790][ T8465] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  132.265416][   T10] usb 7-1: USB disconnect, device number 10
[  132.426441][ T8961] bond4: option primary: mode dependency failed, not supported in mode broadcast(3)
[  132.430588][ T8961] bond4 (unregistering): Released all slaves
[  132.450846][ T8962] bond4: option primary: mode dependency failed, not supported in mode broadcast(3)
[  132.455473][ T8962] bond4 (unregistering): Released all slaves
[  132.725170][ T8895] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  132.776073][ T8970] hfs: can't find a HFS filesystem on dev sr0
[  132.789033][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  132.789044][   T40] audit: type=1400 audit(1774556582.756:1327): avc:  denied  { unmount } for  pid=5926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  132.947460][   T40] audit: type=1400 audit(1774556582.916:1328): avc:  denied  { ioctl } for  pid=8982 comm="syz.4.815" path="/dev/rtc0" dev="devtmpfs" ino=944 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  133.044375][ T1327] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[  133.114381][ T5970] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  133.117379][   T40] audit: type=1400 audit(1774556583.086:1329): avc:  denied  { listen } for  pid=8986 comm="syz.4.817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  133.125556][   T40] audit: type=1400 audit(1774556583.086:1330): avc:  denied  { accept } for  pid=8986 comm="syz.4.817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  133.170760][   T40] audit: type=1400 audit(1774556583.136:1331): avc:  denied  { sqpoll } for  pid=8986 comm="syz.4.817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  133.173758][ T8988] 8021q: VLANs not supported on ip6_vti0
[  133.206436][ T1327] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  133.211493][ T1327] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.215988][ T1327] usb 6-1: config 0 interface 0 has no altsetting 0
[  133.219503][ T1327] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  133.223832][ T1327] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.229919][ T1327] usb 6-1: config 0 descriptor??
[  133.306805][ T5970] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  133.310260][ T5970] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  133.314620][ T5970] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  133.318441][ T5970] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  133.322397][ T5970] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.328417][ T5970] usb 5-1: rejected 1 configuration due to insufficient available bus power
[  133.332052][ T5970] usb 5-1: no configuration chosen from 1 choice
[  133.551335][ T8998] syzkaller0: entered promiscuous mode
[  133.553178][ T8998] syzkaller0: entered allmulticast mode
[  133.646781][ T1327] mcp2221 0003:04D8:00DD.0009: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  133.857547][ T1327] usb 6-1: USB disconnect, device number 17
[  134.028569][ T9001] FAULT_INJECTION: forcing a failure.
[  134.028569][ T9001] name failslab, interval 1, probability 0, space 0, times 1
[  134.036689][ T9001] CPU: 2 UID: 0 PID: 9001 Comm: syz.4.821 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  134.036713][ T9001] Tainted: [L]=SOFTLOCKUP
[  134.036717][ T9001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  134.036724][ T9001] Call Trace:
[  134.036729][ T9001]  <TASK>
[  134.036735][ T9001]  dump_stack_lvl+0x100/0x190
[  134.036770][ T9001]  should_fail_ex.cold+0x5/0xa
[  134.036785][ T9001]  should_failslab+0xc2/0x120
[  134.036797][ T9001]  __kmalloc_cache_node_noprof+0x7d/0x770
[  134.036814][ T9001]  ? __get_vm_area_node+0x101/0x330
[  134.036826][ T9001]  ? __pfx_css_rstat_updated+0x10/0x10
[  134.036846][ T9001]  __get_vm_area_node+0x101/0x330
[  134.036860][ T9001]  __vmalloc_node_range_noprof+0x213/0x1530
[  134.036874][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.036886][ T9001]  ? find_held_lock+0x2b/0x80
[  134.036900][ T9001]  ? local_lock_release+0x99/0x130
[  134.036912][ T9001]  ? local_lock_release+0x99/0x130
[  134.036926][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.036938][ T9001]  ? find_held_lock+0x2b/0x80
[  134.036953][ T9001]  ? rcu_read_unlock+0x17/0x60
[  134.036964][ T9001]  ? rcu_read_unlock+0x17/0x60
[  134.036975][ T9001]  ? obj_cgroup_charge_account+0x46d/0x640
[  134.036987][ T9001]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.037001][ T9001]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  134.037015][ T9001]  ? rcu_is_watching+0x12/0xc0
[  134.037029][ T9001]  ? trace_kmem_cache_alloc+0xf3/0x120
[  134.037041][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.037052][ T9001]  __vmalloc_node_noprof+0xad/0xf0
[  134.037065][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.037078][ T9001]  copy_process+0x5ec/0x7a40
[  134.037100][ T9001]  ? __pfx_copy_process+0x10/0x10
[  134.037117][ T9001]  ? lockdep_init_map_type+0x5c/0x250
[  134.037135][ T9001]  ? lockdep_init_map_type+0x5c/0x250
[  134.037151][ T9001]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  134.037178][ T9001]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  134.037204][ T9001]  vhost_task_create+0x1db/0x370
[  134.037225][ T9001]  ? __pfx_vhost_task_create+0x10/0x10
[  134.037242][ T9001]  ? trace_contention_end+0x140/0x180
[  134.037258][ T9001]  ? __pfx_vhost_task_fn+0x10/0x10
[  134.037271][ T9001]  ? __pfx___mutex_lock+0x10/0x10
[  134.037297][ T9001]  ? kasan_quarantine_put+0x104/0x240
[  134.037312][ T9001]  ? lockdep_hardirqs_on+0x78/0x100
[  134.037330][ T9001]  kvm_mmu_post_init_vm+0x1b3/0x370
[  134.037344][ T9001]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  134.037357][ T9001]  ? kvm_vcpu_ioctl+0x155c/0x1730
[  134.037376][ T9001]  kvm_vcpu_ioctl+0x730/0x1730
[  134.037393][ T9001]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  134.037409][ T9001]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  134.037425][ T9001]  ? do_vfs_ioctl+0x226/0x13e0
[  134.037442][ T9001]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  134.037458][ T9001]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  134.037485][ T9001]  ? __fget_files+0x215/0x3d0
[  134.037496][ T9001]  ? hook_file_ioctl_common+0x146/0x410
[  134.037510][ T9001]  ? selinux_file_ioctl+0x139/0x290
[  134.037525][ T9001]  ? selinux_file_ioctl+0xb4/0x290
[  134.037540][ T9001]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  134.037557][ T9001]  __x64_sys_ioctl+0x18e/0x210
[  134.037574][ T9001]  do_syscall_64+0x106/0xf80
[  134.037589][ T9001]  ? clear_bhb_loop+0x40/0x90
[  134.037602][ T9001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.037616][ T9001] RIP: 0033:0x7f272659c799
[  134.037630][ T9001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  134.037645][ T9001] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  134.037665][ T9001] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  134.037675][ T9001] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  134.037685][ T9001] RBP: 00007f272739f090 R08: 0000000000000000 R09: 0000000000000000
[  134.037696][ T9001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.037713][ T9001] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  134.037735][ T9001]  </TASK>
[  134.042235][ T9001] syz.4.821: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  134.188561][ T9001] CPU: 3 UID: 0 PID: 9001 Comm: syz.4.821 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  134.188579][ T9001] Tainted: [L]=SOFTLOCKUP
[  134.188583][ T9001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  134.188590][ T9001] Call Trace:
[  134.188594][ T9001]  <TASK>
[  134.188599][ T9001]  dump_stack_lvl+0x100/0x190
[  134.188621][ T9001]  warn_alloc.cold+0x95/0x1c1
[  134.188639][ T9001]  ? __pfx_warn_alloc+0x10/0x10
[  134.188654][ T9001]  ? trace_kmalloc+0x101/0x130
[  134.188667][ T9001]  ? __kmalloc_cache_node_noprof+0x2d9/0x770
[  134.188693][ T9001]  ? __kasan_kmalloc+0x8a/0xb0
[  134.188710][ T9001]  ? __get_vm_area_node+0x208/0x330
[  134.188725][ T9001]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  134.188737][ T9001]  ? find_held_lock+0x2b/0x80
[  134.188752][ T9001]  ? local_lock_release+0x99/0x130
[  134.188764][ T9001]  ? local_lock_release+0x99/0x130
[  134.188777][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.188791][ T9001]  ? find_held_lock+0x2b/0x80
[  134.188804][ T9001]  ? rcu_read_unlock+0x17/0x60
[  134.188815][ T9001]  ? rcu_read_unlock+0x17/0x60
[  134.188825][ T9001]  ? obj_cgroup_charge_account+0x46d/0x640
[  134.188837][ T9001]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.188851][ T9001]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  134.188865][ T9001]  ? rcu_is_watching+0x12/0xc0
[  134.188878][ T9001]  ? trace_kmem_cache_alloc+0xf3/0x120
[  134.188890][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.188901][ T9001]  __vmalloc_node_noprof+0xad/0xf0
[  134.188914][ T9001]  ? vhost_task_create+0x1db/0x370
[  134.188927][ T9001]  copy_process+0x5ec/0x7a40
[  134.188949][ T9001]  ? __pfx_copy_process+0x10/0x10
[  134.188966][ T9001]  ? lockdep_init_map_type+0x5c/0x250
[  134.188978][ T9001]  ? lockdep_init_map_type+0x5c/0x250
[  134.188989][ T9001]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  134.189007][ T9001]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  134.189022][ T9001]  vhost_task_create+0x1db/0x370
[  134.189035][ T9001]  ? __pfx_vhost_task_create+0x10/0x10
[  134.189046][ T9001]  ? trace_contention_end+0x140/0x180
[  134.189061][ T9001]  ? __pfx_vhost_task_fn+0x10/0x10
[  134.189075][ T9001]  ? __pfx___mutex_lock+0x10/0x10
[  134.189090][ T9001]  ? kasan_quarantine_put+0x104/0x240
[  134.189105][ T9001]  ? lockdep_hardirqs_on+0x78/0x100
[  134.189123][ T9001]  kvm_mmu_post_init_vm+0x1b3/0x370
[  134.189136][ T9001]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  134.189149][ T9001]  ? kvm_vcpu_ioctl+0x155c/0x1730
[  134.189168][ T9001]  kvm_vcpu_ioctl+0x730/0x1730
[  134.189185][ T9001]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  134.189201][ T9001]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  134.189217][ T9001]  ? do_vfs_ioctl+0x226/0x13e0
[  134.189234][ T9001]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  134.189250][ T9001]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  134.189271][ T9001]  ? __fget_files+0x215/0x3d0
[  134.189282][ T9001]  ? hook_file_ioctl_common+0x146/0x410
[  134.189296][ T9001]  ? selinux_file_ioctl+0x139/0x290
[  134.189310][ T9001]  ? selinux_file_ioctl+0xb4/0x290
[  134.189326][ T9001]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  134.189343][ T9001]  __x64_sys_ioctl+0x18e/0x210
[  134.189360][ T9001]  do_syscall_64+0x106/0xf80
[  134.189374][ T9001]  ? clear_bhb_loop+0x40/0x90
[  134.189387][ T9001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.189397][ T9001] RIP: 0033:0x7f272659c799
[  134.189407][ T9001] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  134.189417][ T9001] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  134.189427][ T9001] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  134.189434][ T9001] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  134.189440][ T9001] RBP: 00007f272739f090 R08: 0000000000000000 R09: 0000000000000000
[  134.189446][ T9001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.189452][ T9001] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  134.189466][ T9001]  </TASK>
[  134.189470][ T9001] Mem-Info:
[  134.325420][ T9001] active_anon:14030 inactive_anon:31881 isolated_anon:0
[  134.325420][ T9001]  active_file:2050 inactive_file:26232 isolated_file:0
[  134.325420][ T9001]  unevictable:1780 dirty:980 writeback:4
[  134.325420][ T9001]  slab_reclaimable:8545 slab_unreclaimable:72709
[  134.325420][ T9001]  mapped:26010 shmem:34902 pagetables:3879
[  134.325420][ T9001]  sec_pagetables:296 bounce:0
[  134.325420][ T9001]  kernel_misc_reclaimable:0
[  134.325420][ T9001]  free:441263 free_pcp:12696 free_cma:0
[  134.340129][ T9001] Node 0 active_anon:24276kB inactive_anon:127524kB active_file:7948kB inactive_file:104624kB unevictable:3584kB isolated(anon):0kB isolated(file):0kB mapped:103952kB dirty:3920kB writeback:16kB shmem:106820kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:14560kB pagetables:5904kB sec_pagetables:1184kB all_unreclaimable? no Balloon:0kB
[  134.351953][ T9001] Node 1 active_anon:31844kB inactive_anon:0kB active_file:252kB inactive_file:304kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:88kB dirty:0kB writeback:0kB shmem:32788kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:192kB pagetables:9612kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  134.361363][ T9001] Node 0 DMA free:12516kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:132kB inactive_anon:2464kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:148kB local_pcp:32kB free_cma:0kB
[  134.371787][ T9001] lowmem_reserve[]: 0 1231 1231 1231 1231
[  134.373793][ T9001] Node 0 DMA32 free:153908kB boost:0kB min:27476kB low:34344kB high:41212kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24020kB inactive_anon:125060kB active_file:7948kB inactive_file:104624kB unevictable:3584kB writepending:3936kB zspages:0kB present:2080628kB managed:1260848kB mlocked:48kB bounce:0kB free_pcp:44512kB local_pcp:21896kB free_cma:0kB
[  134.387912][ T9001] lowmem_reserve[]: 0 0 0 0 0
[  134.390069][ T9001] Node 1 Normal free:1598628kB boost:0kB min:39760kB low:49700kB high:59640kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31844kB inactive_anon:0kB active_file:252kB inactive_file:304kB unevictable:3536kB writepending:0kB zspages:3500kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:5820kB local_pcp:1404kB free_cma:0kB
[  134.405243][ T9001] lowmem_reserve[]: 0 0 0 0 0
[  134.407380][ T9001] Node 0 DMA: 7*4kB (UM) 9*8kB (U) 10*16kB (UM) 15*32kB (UM) 8*64kB (UM) 8*128kB (UM) 10*256kB (UM) 7*512kB (UM) 4*1024kB (U) 0*2048kB 0*4096kB = 12516kB
[  134.417136][ T9001] Node 0 DMA32: 1569*4kB (UME) 1143*8kB (UME) 793*16kB (UME) 248*32kB (UME) 131*64kB (UME) 63*128kB (UME) 79*256kB (UME) 63*512kB (UME) 31*1024kB (UM) 8*2048kB (UM) 0*4096kB = 153100kB
[  134.425129][ T9001] Node 1 Normal: 508*4kB (UME) 441*8kB (UME) 407*16kB (UME) 416*32kB (UME) 378*64kB (UME) 348*128kB (UME) 315*256kB (UME) 257*512kB (UM) 204*1024kB (UM) 11*2048kB (UME) 259*4096kB (UM) = 1598632kB
[  134.433710][ T9001] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.438159][ T9001] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  134.442637][ T9001] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.447146][ T9001] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  134.451011][ T9001] 63539 total pagecache pages
[  134.453095][ T9001] 359 pages in swap cache
[  134.456191][ T9001] Free swap  = 114356kB
[  134.458424][ T9001] Total swap = 124996kB
[  134.460452][ T9001] 1048443 pages RAM
[  134.462676][ T9001] 0 pages HighMem/MovableOnly
[  134.465979][ T9001] 283920 pages reserved
[  134.468033][ T9001] 0 pages cma reserved
[  134.560244][ T9005] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  134.600007][ T9009] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.825'.
[  134.603626][ T9009] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  134.656974][   T40] audit: type=1400 audit(1774556584.626:1332): avc:  denied  { bind } for  pid=9011 comm="syz.4.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  134.658007][ T9012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.826'.
[  134.739314][   T40] audit: type=1400 audit(1774556584.706:1333): avc:  denied  { append } for  pid=9011 comm="syz.4.826" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  135.233800][   T40] audit: type=1400 audit(1774556585.196:1334): avc:  denied  { setopt } for  pid=9020 comm="syz.4.829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  135.308412][   T40] audit: type=1400 audit(1774556585.276:1335): avc:  granted  { setsecparam } for  pid=9024 comm="syz.2.831" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  135.363938][ T9028] FAULT_INJECTION: forcing a failure.
[  135.363938][ T9028] name failslab, interval 1, probability 0, space 0, times 0
[  135.368641][ T9028] CPU: 2 UID: 0 PID: 9028 Comm: syz.1.832 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  135.368660][ T9028] Tainted: [L]=SOFTLOCKUP
[  135.368663][ T9028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  135.368670][ T9028] Call Trace:
[  135.368673][ T9028]  <TASK>
[  135.368683][ T9028]  dump_stack_lvl+0x100/0x190
[  135.368707][ T9028]  should_fail_ex.cold+0x5/0xa
[  135.368721][ T9028]  should_failslab+0xc2/0x120
[  135.368732][ T9028]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  135.368749][ T9028]  ? alloc_pid+0x1bd/0x1890
[  135.368758][ T9028]  ? copy_process+0x258f/0x7a40
[  135.368772][ T9028]  ? kvm_mmu_post_init_vm+0x1b3/0x370
[  135.368787][ T9028]  alloc_pid+0x1bd/0x1890
[  135.368801][ T9028]  ? __pfx_alloc_pid+0x10/0x10
[  135.368816][ T9028]  ? __lock_acquire+0x4a5/0x2630
[  135.368828][ T9028]  ? avc_has_perm_noaudit+0x145/0x3b0
[  135.368844][ T9028]  ? fpu_clone+0x226/0x7c0
[  135.368859][ T9028]  ? copy_thread+0x6ce/0xb60
[  135.368871][ T9028]  copy_process+0x40e7/0x7a40
[  135.368893][ T9028]  ? __pfx_copy_process+0x10/0x10
[  135.368910][ T9028]  ? lockdep_init_map_type+0x5c/0x250
[  135.368921][ T9028]  ? lockdep_init_map_type+0x5c/0x250
[  135.368932][ T9028]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  135.368952][ T9028]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  135.368973][ T9028]  vhost_task_create+0x1db/0x370
[  135.368991][ T9028]  ? __pfx_vhost_task_create+0x10/0x10
[  135.369008][ T9028]  ? trace_contention_end+0x140/0x180
[  135.369034][ T9028]  ? __pfx_vhost_task_fn+0x10/0x10
[  135.369054][ T9028]  ? __pfx___mutex_lock+0x10/0x10
[  135.369077][ T9028]  ? kasan_quarantine_put+0x104/0x240
[  135.369101][ T9028]  ? lockdep_hardirqs_on+0x78/0x100
[  135.369123][ T9028]  kvm_mmu_post_init_vm+0x1b3/0x370
[  135.369137][ T9028]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  135.369149][ T9028]  ? kvm_vcpu_ioctl+0x155c/0x1730
[  135.369168][ T9028]  kvm_vcpu_ioctl+0x730/0x1730
[  135.369185][ T9028]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  135.369201][ T9028]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  135.369218][ T9028]  ? do_vfs_ioctl+0x226/0x13e0
[  135.369234][ T9028]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  135.369251][ T9028]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  135.369271][ T9028]  ? __fget_files+0x215/0x3d0
[  135.369282][ T9028]  ? hook_file_ioctl_common+0x146/0x410
[  135.369296][ T9028]  ? selinux_file_ioctl+0x139/0x290
[  135.369310][ T9028]  ? selinux_file_ioctl+0xb4/0x290
[  135.369325][ T9028]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  135.369342][ T9028]  __x64_sys_ioctl+0x18e/0x210
[  135.369359][ T9028]  do_syscall_64+0x106/0xf80
[  135.369373][ T9028]  ? clear_bhb_loop+0x40/0x90
[  135.369386][ T9028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.369397][ T9028] RIP: 0033:0x7ff91299c799
[  135.369407][ T9028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  135.369417][ T9028] RSP: 002b:00007ff9138c9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  135.369428][ T9028] RAX: ffffffffffffffda RBX: 00007ff912c15fa0 RCX: 00007ff91299c799
[  135.369435][ T9028] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  135.369441][ T9028] RBP: 00007ff9138c9090 R08: 0000000000000000 R09: 0000000000000000
[  135.369447][ T9028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.369453][ T9028] R13: 00007ff912c16038 R14: 00007ff912c15fa0 R15: 00007ffca258b778
[  135.369467][ T9028]  </TASK>
[  135.544200][   T40] audit: type=1400 audit(1774556585.506:1336): avc:  denied  { getopt } for  pid=9032 comm="syz.2.834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  135.880785][ T6006] usb 5-1: USB disconnect, device number 9
[  136.008740][ T9069] netlink: 12 bytes leftover after parsing attributes in process `syz.0.846'.
[  136.246624][ T9087] FAULT_INJECTION: forcing a failure.
[  136.246624][ T9087] name failslab, interval 1, probability 0, space 0, times 0
[  136.250659][ T9087] CPU: 3 UID: 0 PID: 9087 Comm: syz.4.852 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  136.250677][ T9087] Tainted: [L]=SOFTLOCKUP
[  136.250681][ T9087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  136.250688][ T9087] Call Trace:
[  136.250700][ T9087]  <TASK>
[  136.250705][ T9087]  dump_stack_lvl+0x100/0x190
[  136.250737][ T9087]  should_fail_ex.cold+0x5/0xa
[  136.250752][ T9087]  should_failslab+0xc2/0x120
[  136.250764][ T9087]  __kvmalloc_node_noprof+0xfa/0xa00
[  136.250780][ T9087]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  136.250801][ T9087]  __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  136.250819][ T9087]  ? find_held_lock+0x2b/0x80
[  136.250836][ T9087]  mmu_topup_memory_caches+0x25/0x170
[  136.250849][ T9087]  kvm_mmu_load+0xd6/0x23e0
[  136.250861][ T9087]  ? vmx_flush_tlb_guest+0x113/0x560
[  136.250877][ T9087]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  136.250892][ T9087]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  136.250909][ T9087]  ? __pfx_kvm_mmu_load+0x10/0x10
[  136.250920][ T9087]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  136.250937][ T9087]  ? kvm_check_and_inject_events+0x961/0x10c0
[  136.250949][ T9087]  ? record_steal_time+0x3f0/0xbe0
[  136.250966][ T9087]  vcpu_run+0x39f4/0x5ca0
[  136.250985][ T9087]  ? __pfx_vcpu_run+0x10/0x10
[  136.251002][ T9087]  ? rcu_is_watching+0x12/0xc0
[  136.251017][ T9087]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  136.251030][ T9087]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  136.251046][ T9087]  kvm_vcpu_ioctl+0x730/0x1730
[  136.251063][ T9087]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  136.251079][ T9087]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  136.251096][ T9087]  ? do_vfs_ioctl+0x226/0x13e0
[  136.251112][ T9087]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  136.251129][ T9087]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  136.251155][ T9087]  ? __fget_files+0x215/0x3d0
[  136.251166][ T9087]  ? hook_file_ioctl_common+0x146/0x410
[  136.251180][ T9087]  ? selinux_file_ioctl+0x139/0x290
[  136.251195][ T9087]  ? selinux_file_ioctl+0xb4/0x290
[  136.251210][ T9087]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  136.251226][ T9087]  __x64_sys_ioctl+0x18e/0x210
[  136.251244][ T9087]  do_syscall_64+0x106/0xf80
[  136.251265][ T9087]  ? clear_bhb_loop+0x40/0x90
[  136.251278][ T9087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.251289][ T9087] RIP: 0033:0x7f272659c799
[  136.251299][ T9087] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  136.251309][ T9087] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  136.251320][ T9087] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  136.251327][ T9087] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  136.251333][ T9087] RBP: 00007f272739f090 R08: 0000000000000000 R09: 0000000000000000
[  136.251339][ T9087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.251345][ T9087] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  136.251359][ T9087]  </TASK>
[  136.459103][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  136.607417][   T10] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  136.610836][   T10] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  136.615674][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  136.621193][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  136.624934][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.630940][   T10] usb 5-1: config 0 descriptor??
[  136.641674][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  136.642417][ T9099] IPVS: length: 120 != 24
[  136.683631][ T9102] netlink: 96 bytes leftover after parsing attributes in process `syz.1.857'.
[  136.690547][ T9102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.857'.
[  136.859544][ T9115] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  136.862833][ T9115] IPv6: NLM_F_CREATE should be set when creating new route
[  136.865985][ T9115] IPv6: NLM_F_CREATE should be set when creating new route
[  136.869084][ T9115] IPv6: NLM_F_CREATE should be set when creating new route
[  136.875561][ T9115] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  137.020580][ T9117] FAULT_INJECTION: forcing a failure.
[  137.020580][ T9117] name failslab, interval 1, probability 0, space 0, times 0
[  137.026373][ T9117] CPU: 3 UID: 0 PID: 9117 Comm: syz.1.862 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  137.026394][ T9117] Tainted: [L]=SOFTLOCKUP
[  137.026398][ T9117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  137.026406][ T9117] Call Trace:
[  137.026410][ T9117]  <TASK>
[  137.026414][ T9117]  dump_stack_lvl+0x100/0x190
[  137.026450][ T9117]  should_fail_ex.cold+0x5/0xa
[  137.026512][ T9117]  should_failslab+0xc2/0x120
[  137.026535][ T9117]  __kvmalloc_node_noprof+0xfa/0xa00
[  137.026553][ T9117]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  137.026581][ T9117]  __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  137.026602][ T9117]  ? find_held_lock+0x2b/0x80
[  137.026619][ T9117]  mmu_topup_memory_caches+0x25/0x170
[  137.026635][ T9117]  kvm_mmu_load+0xd6/0x23e0
[  137.026648][ T9117]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  137.026665][ T9117]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  137.026688][ T9117]  ? __pfx_kvm_mmu_load+0x10/0x10
[  137.026701][ T9117]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  137.026720][ T9117]  ? kvm_check_and_inject_events+0x961/0x10c0
[  137.026734][ T9117]  ? record_steal_time+0x3f0/0xbe0
[  137.026753][ T9117]  vcpu_run+0x39f4/0x5ca0
[  137.026774][ T9117]  ? __pfx_vcpu_run+0x10/0x10
[  137.026793][ T9117]  ? rcu_is_watching+0x12/0xc0
[  137.026810][ T9117]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  137.026824][ T9117]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  137.026843][ T9117]  kvm_vcpu_ioctl+0x730/0x1730
[  137.026863][ T9117]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  137.026881][ T9117]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  137.026899][ T9117]  ? do_vfs_ioctl+0x226/0x13e0
[  137.026918][ T9117]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  137.026938][ T9117]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  137.026970][ T9117]  ? __fget_files+0x215/0x3d0
[  137.026982][ T9117]  ? hook_file_ioctl_common+0x146/0x410
[  137.026998][ T9117]  ? selinux_file_ioctl+0x139/0x290
[  137.027015][ T9117]  ? selinux_file_ioctl+0xb4/0x290
[  137.027032][ T9117]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  137.027051][ T9117]  __x64_sys_ioctl+0x18e/0x210
[  137.027070][ T9117]  do_syscall_64+0x106/0xf80
[  137.027096][ T9117]  ? clear_bhb_loop+0x40/0x90
[  137.027111][ T9117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.027123][ T9117] RIP: 0033:0x7ff91299c799
[  137.027135][ T9117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  137.027147][ T9117] RSP: 002b:00007ff9138c9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.027159][ T9117] RAX: ffffffffffffffda RBX: 00007ff912c15fa0 RCX: 00007ff91299c799
[  137.027166][ T9117] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  137.027173][ T9117] RBP: 00007ff9138c9090 R08: 0000000000000000 R09: 0000000000000000
[  137.027180][ T9117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.027187][ T9117] R13: 00007ff912c16038 R14: 00007ff912c15fa0 R15: 00007ffca258b778
[  137.027203][ T9117]  </TASK>
[  137.172476][ T9127] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1543 sclass=netlink_route_socket pid=9127 comm=syz.4.864
[  137.291159][ T9133] Unsupported ieee802154 address type: 0
[  137.739596][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  137.741708][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  137.754622][ T1465] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  137.794337][   T40] kauditd_printk_skb: 13226 callbacks suppressed
[  137.794349][   T40] audit: type=1326 audit(1774556588.758:14560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.803368][   T40] audit: type=1326 audit(1774556588.768:14562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.811128][   T40] audit: type=1326 audit(1774556588.768:14563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.818923][   T40] audit: type=1326 audit(1774556588.768:14564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.826981][   T40] audit: type=1326 audit(1774556588.768:14565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.834703][   T40] audit: type=1326 audit(1774556588.768:14566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.842645][   T40] audit: type=1326 audit(1774556588.768:14567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.850764][   T40] audit: type=1326 audit(1774556588.768:14568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.859260][   T40] audit: type=1326 audit(1774556588.768:14569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.867758][   T40] audit: type=1326 audit(1774556588.768:14570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9124 comm="syz.4.864" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f272655cfce code=0x50000
[  137.884650][   T10] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  137.909071][ T1465] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  137.911718][ T1465] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  137.926818][ T1465] usb 6-1: config 0 interface 0 has no altsetting 0
[  137.930816][ T1465] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  137.933991][ T1465] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  137.936783][ T1465] usb 6-1: Product: syz
[  137.938068][ T1465] usb 6-1: Manufacturer: syz
[  137.939585][ T1465] usb 6-1: SerialNumber: syz
[  137.945471][ T1465] usb 6-1: config 0 descriptor??
[  137.950925][ T1465] hub 6-1:0.0: bad descriptor, ignoring hub
[  137.953119][ T1465] hub 6-1:0.0: probe with driver hub failed with error -5
[  137.965923][ T1465] usb 6-1: selecting invalid altsetting 0
[  138.054409][   T10] usb 7-1: Using ep0 maxpacket: 8
[  138.057659][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  138.061124][   T10] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  138.064222][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.069106][   T10] usb 7-1: config 0 descriptor??
[  138.275730][   T10] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  138.305053][   T10] usb 7-1: USB disconnect, device number 11
[  138.414885][ T9160] Cannot find add_set index 128 as target
[  138.417755][ T9167] FAULT_INJECTION: forcing a failure.
[  138.417755][ T9167] name failslab, interval 1, probability 0, space 0, times 0
[  138.424359][ T9167] CPU: 2 UID: 0 PID: 9167 Comm: syz.2.873 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  138.424378][ T9167] Tainted: [L]=SOFTLOCKUP
[  138.424383][ T9167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  138.424390][ T9167] Call Trace:
[  138.424394][ T9167]  <TASK>
[  138.424399][ T9167]  dump_stack_lvl+0x100/0x190
[  138.424423][ T9167]  should_fail_ex.cold+0x5/0xa
[  138.424438][ T9167]  should_failslab+0xc2/0x120
[  138.424451][ T9167]  __kmalloc_node_noprof+0xe6/0x850
[  138.424467][ T9167]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[  138.424485][ T9167]  __vmalloc_node_range_noprof+0x3dc/0x1530
[  138.424498][ T9167]  ? find_held_lock+0x2b/0x80
[  138.424513][ T9167]  ? local_lock_release+0x99/0x130
[  138.424529][ T9167]  ? vhost_task_create+0x1db/0x370
[  138.424543][ T9167]  ? find_held_lock+0x2b/0x80
[  138.424558][ T9167]  ? rcu_read_unlock+0x17/0x60
[  138.424570][ T9167]  ? obj_cgroup_charge_account+0x46d/0x640
[  138.424583][ T9167]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  138.424598][ T9167]  ? __memcg_slab_post_alloc_hook+0x51b/0x990
[  138.424612][ T9167]  ? rcu_is_watching+0x12/0xc0
[  138.424626][ T9167]  ? trace_kmem_cache_alloc+0xf3/0x120
[  138.424639][ T9167]  ? vhost_task_create+0x1db/0x370
[  138.424652][ T9167]  __vmalloc_node_noprof+0xad/0xf0
[  138.424665][ T9167]  ? vhost_task_create+0x1db/0x370
[  138.424679][ T9167]  copy_process+0x5ec/0x7a40
[  138.424703][ T9167]  ? __pfx_copy_process+0x10/0x10
[  138.424727][ T9167]  ? lockdep_init_map_type+0x5c/0x250
[  138.424740][ T9167]  ? lockdep_init_map_type+0x5c/0x250
[  138.424752][ T9167]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  138.424770][ T9167]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  138.424786][ T9167]  vhost_task_create+0x1db/0x370
[  138.424799][ T9167]  ? __pfx_vhost_task_create+0x10/0x10
[  138.424813][ T9167]  ? trace_contention_end+0x140/0x180
[  138.424829][ T9167]  ? __pfx_vhost_task_fn+0x10/0x10
[  138.424843][ T9167]  ? __pfx___mutex_lock+0x10/0x10
[  138.424859][ T9167]  ? kasan_quarantine_put+0x104/0x240
[  138.424875][ T9167]  ? lockdep_hardirqs_on+0x78/0x100
[  138.424894][ T9167]  kvm_mmu_post_init_vm+0x1b3/0x370
[  138.424908][ T9167]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  138.424923][ T9167]  ? kvm_vcpu_ioctl+0x155c/0x1730
[  138.424942][ T9167]  kvm_vcpu_ioctl+0x730/0x1730
[  138.424961][ T9167]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  138.424978][ T9167]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  138.424995][ T9167]  ? do_vfs_ioctl+0x226/0x13e0
[  138.425013][ T9167]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  138.425031][ T9167]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  138.425053][ T9167]  ? __fget_files+0x215/0x3d0
[  138.425064][ T9167]  ? hook_file_ioctl_common+0x146/0x410
[  138.425079][ T9167]  ? selinux_file_ioctl+0x139/0x290
[  138.425094][ T9167]  ? selinux_file_ioctl+0xb4/0x290
[  138.425110][ T9167]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  138.425128][ T9167]  __x64_sys_ioctl+0x18e/0x210
[  138.425146][ T9167]  do_syscall_64+0x106/0xf80
[  138.425161][ T9167]  ? clear_bhb_loop+0x40/0x90
[  138.425175][ T9167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.425187][ T9167] RIP: 0033:0x7fd5e419c799
[  138.425197][ T9167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  138.425208][ T9167] RSP: 002b:00007fd5e4fdf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  138.425219][ T9167] RAX: ffffffffffffffda RBX: 00007fd5e4415fa0 RCX: 00007fd5e419c799
[  138.425226][ T9167] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  138.425233][ T9167] RBP: 00007fd5e4fdf090 R08: 0000000000000000 R09: 0000000000000000
[  138.425239][ T9167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.425245][ T9167] R13: 00007fd5e4416038 R14: 00007fd5e4415fa0 R15: 00007ffe302722c8
[  138.425260][ T9167]  </TASK>
[  138.576201][ T9143] usb 6-1: reset high-speed USB device number 18 using dummy_hcd
[  138.714437][ T9143] usb 6-1: device descriptor read/64, error -71
[  138.954443][ T9143] usb 6-1: reset high-speed USB device number 18 using dummy_hcd
[  139.085700][ T9143] usb 6-1: device descriptor read/64, error -71
[  139.228124][   T10] usb 5-1: USB disconnect, device number 10
[  139.335345][ T9143] usb 6-1: reset high-speed USB device number 18 using dummy_hcd
[  139.355848][ T9143] usb 6-1: device descriptor read/8, error -71
[  139.604402][ T9143] usb 6-1: reset high-speed USB device number 18 using dummy_hcd
[  139.624940][ T9143] usb 6-1: device descriptor read/8, error -71
[  139.736873][ T6006] usb 6-1: USB disconnect, device number 18
[  139.894726][ T3243] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  139.904439][ T6006] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  140.020209][ T9189] netlink: 20 bytes leftover after parsing attributes in process `syz.2.880'.
[  140.034514][ T6006] usb 6-1: device descriptor read/64, error -71
[  140.034516][ T3243] usb 5-1: device descriptor read/64, error -71
[  140.185231][ T9194] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9194 comm=syz.4.881
[  140.274563][ T3243] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  140.284443][ T6006] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  140.410579][ T9199] netlink: 108 bytes leftover after parsing attributes in process `syz.4.883'.
[  140.415484][ T9199] netlink: 108 bytes leftover after parsing attributes in process `syz.4.883'.
[  140.418331][ T9199] netlink: 84 bytes leftover after parsing attributes in process `syz.4.883'.
[  140.424497][ T6006] usb 6-1: device descriptor read/64, error -71
[  140.426518][ T3243] usb 5-1: device descriptor read/64, error -71
[  140.436196][ T9204] netlink: 200 bytes leftover after parsing attributes in process `syz.2.885'.
[  140.544857][ T6006] usb usb6-port1: attempt power cycle
[  140.545878][ T3243] usb usb5-port1: attempt power cycle
[  140.620658][ T9221] FAULT_INJECTION: forcing a failure.
[  140.620658][ T9221] name failslab, interval 1, probability 0, space 0, times 0
[  140.626257][ T9221] CPU: 0 UID: 0 PID: 9221 Comm: syz.4.892 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  140.626277][ T9221] Tainted: [L]=SOFTLOCKUP
[  140.626281][ T9221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  140.626288][ T9221] Call Trace:
[  140.626292][ T9221]  <TASK>
[  140.626297][ T9221]  dump_stack_lvl+0x100/0x190
[  140.626331][ T9221]  should_fail_ex.cold+0x5/0xa
[  140.626347][ T9221]  should_failslab+0xc2/0x120
[  140.626359][ T9221]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  140.626376][ T9221]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  140.626398][ T9221]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  140.626420][ T9221]  mmu_topup_memory_caches+0x25/0x170
[  140.626434][ T9221]  kvm_mmu_load+0xd6/0x23e0
[  140.626470][ T9221]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  140.626487][ T9221]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  140.626505][ T9221]  ? __pfx_kvm_mmu_load+0x10/0x10
[  140.626516][ T9221]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  140.626535][ T9221]  ? kvm_check_and_inject_events+0x961/0x10c0
[  140.626547][ T9221]  ? record_steal_time+0x3f0/0xbe0
[  140.626566][ T9221]  vcpu_run+0x39f4/0x5ca0
[  140.626584][ T9221]  ? __pfx_vcpu_run+0x10/0x10
[  140.626603][ T9221]  ? rcu_is_watching+0x12/0xc0
[  140.626619][ T9221]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  140.626632][ T9221]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  140.626656][ T9221]  kvm_vcpu_ioctl+0x730/0x1730
[  140.626674][ T9221]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  140.626692][ T9221]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  140.626709][ T9221]  ? do_vfs_ioctl+0x226/0x13e0
[  140.626726][ T9221]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  140.626743][ T9221]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  140.626772][ T9221]  ? __fget_files+0x215/0x3d0
[  140.626783][ T9221]  ? hook_file_ioctl_common+0x146/0x410
[  140.626798][ T9221]  ? selinux_file_ioctl+0x139/0x290
[  140.626813][ T9221]  ? selinux_file_ioctl+0xb4/0x290
[  140.626830][ T9221]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  140.626847][ T9221]  __x64_sys_ioctl+0x18e/0x210
[  140.626866][ T9221]  do_syscall_64+0x106/0xf80
[  140.626889][ T9221]  ? clear_bhb_loop+0x40/0x90
[  140.626903][ T9221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.626915][ T9221] RIP: 0033:0x7f272659c799
[  140.626926][ T9221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  140.626937][ T9221] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  140.626949][ T9221] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  140.626956][ T9221] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  140.626962][ T9221] RBP: 00007f272739f090 R08: 0000000000000000 R09: 0000000000000000
[  140.626969][ T9221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.626975][ T9221] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  140.626990][ T9221]  </TASK>
[  140.884381][ T3243] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  140.895452][ T9237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.896'.
[  140.905149][ T3243] usb 5-1: device descriptor read/8, error -71
[  140.908506][ T9242] atomic_op ffff888057aa8998 conn xmit_atomic 0000000000000000
[  140.924352][ T9242] blktrace: Concurrent blktraces are not allowed on sg0
[  140.947619][ T9244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.898'.
[  140.970767][ T9244] 8021q: adding VLAN 0 to HW filter on device bond5
[  141.144558][ T3243] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  141.168083][ T3243] usb 5-1: device descriptor read/8, error -71
[  141.227490][ T9256] Failed to get privilege flags for destination (handle=0x2:0x0)
[  141.233118][ T9256] Failed to get privilege flags for destination (handle=0x2:0x0)
[  141.276923][ T3243] usb usb5-port1: unable to enumerate USB device
[  141.639687][ T5940] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[  141.705095][ T9278] IPv4: Oversized IP packet from 127.202.26.0
[  141.816410][ T5940] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  141.820738][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: kworker/u33:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  141.820771][ T5940] Tainted: [L]=SOFTLOCKUP
[  141.820779][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  141.820792][ T5940] Workqueue: hci3 hci_rx_work
[  141.820819][ T5940] Call Trace:
[  141.820827][ T5940]  <TASK>
[  141.820835][ T5940]  dump_stack_lvl+0x100/0x190
[  141.820871][ T5940]  sysfs_warn_dup.cold+0x1c/0x28
[  141.820900][ T5940]  sysfs_create_dir_ns+0x24b/0x2b0
[  141.820936][ T5940]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  141.820965][ T5940]  ? find_held_lock+0x2b/0x80
[  141.820991][ T5940]  ? kobject_add_internal+0x25f/0x930
[  141.821022][ T5940]  ? kobject_add_internal+0x25f/0x930
[  141.821053][ T5940]  ? do_raw_spin_unlock+0x145/0x1e0
[  141.821077][ T5940]  kobject_add_internal+0x2c8/0x930
[  141.821110][ T5940]  kobject_add+0x16a/0x1e0
[  141.821127][ T5940]  ? __pfx_kobject_add+0x10/0x10
[  141.821143][ T5940]  ? class_to_subsys+0x10f/0x150
[  141.821169][ T5940]  ? kobject_put+0xb9/0x640
[  141.821195][ T5940]  ? _raw_spin_unlock+0x28/0x50
[  141.821224][ T5940]  device_add+0x294/0x1950
[  141.821245][ T5940]  ? __pfx_dev_set_name+0x10/0x10
[  141.821268][ T5940]  ? __pfx_device_add+0x10/0x10
[  141.821288][ T5940]  ? mgmt_send_event_skb+0x2fb/0x460
[  141.821318][ T5940]  hci_conn_add_sysfs+0x1a3/0x260
[  141.821345][ T5940]  le_conn_complete_evt+0x11cb/0x1f40
[  141.821374][ T5940]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  141.821403][ T5940]  hci_le_conn_complete_evt+0x23c/0x3a0
[  141.821427][ T5940]  ? skb_pull_data+0x15f/0x1e0
[  141.821449][ T5940]  hci_le_meta_evt+0x34a/0x5f0
[  141.821472][ T5940]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  141.821497][ T5940]  hci_event_packet+0x682/0x11c0
[  141.821520][ T5940]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  141.821544][ T5940]  ? __pfx_hci_event_packet+0x10/0x10
[  141.821569][ T5940]  ? kcov_remote_start+0x374/0x660
[  141.821594][ T5940]  ? lockdep_hardirqs_on+0x78/0x100
[  141.821640][ T5940]  hci_rx_work+0x451/0xfc0
[  141.821671][ T5940]  process_one_work+0xa23/0x19a0
[  141.821704][ T5940]  ? __pfx_process_one_work+0x10/0x10
[  141.821734][ T5940]  ? __pfx_hci_rx_work+0x10/0x10
[  141.821759][ T5940]  worker_thread+0x5ef/0xe50
[  141.821788][ T5940]  ? __pfx_worker_thread+0x10/0x10
[  141.821811][ T5940]  ? kthread+0x13a/0x450
[  141.821828][ T5940]  ? __pfx_worker_thread+0x10/0x10
[  141.821848][ T5940]  kthread+0x370/0x450
[  141.821866][ T5940]  ? __pfx_kthread+0x10/0x10
[  141.821887][ T5940]  ret_from_fork+0x754/0xd80
[  141.821909][ T5940]  ? __pfx_ret_from_fork+0x10/0x10
[  141.821937][ T5940]  ? __switch_to+0x7b4/0x1120
[  141.821961][ T5940]  ? __pfx_kthread+0x10/0x10
[  141.821983][ T5940]  ret_from_fork_asm+0x1a/0x30
[  141.822025][ T5940]  </TASK>
[  141.822055][ T5940] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  141.883079][ T9284] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  141.884147][ T5940] Bluetooth: hci3: failed to register connection device
[  141.992324][ T9287] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  141.996883][ T9289] iommufd_mock iommufd_mock1: Adding to iommu group 10
[  142.432241][ T9303] netlink: 172 bytes leftover after parsing attributes in process `syz.0.915'.
[  142.442066][ T9305] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3 sclass=netlink_route_socket pid=9305 comm=syz.1.916
[  142.728405][   T24] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  142.836497][   T40] kauditd_printk_skb: 36915 callbacks suppressed
[  142.836509][   T40] audit: type=1400 audit(1774556593.808:51485): avc:  denied  { read } for  pid=9333 comm="syz.4.923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  142.847614][   T40] audit: type=1400 audit(1774556593.808:51486): avc:  denied  { create } for  pid=9333 comm="syz.4.923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.869048][   T40] audit: type=1400 audit(1774556593.808:51487): avc:  denied  { connect } for  pid=9333 comm="syz.4.923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.878506][   T40] audit: type=1400 audit(1774556593.808:51488): avc:  denied  { ioctl } for  pid=9333 comm="syz.4.923" path="socket:[30169]" dev="sockfs" ino=30169 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.890879][ T9339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.924'.
[  142.908274][   T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  142.912130][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.915338][   T24] usb 5-1: Product: syz
[  142.917338][   T24] usb 5-1: Manufacturer: syz
[  142.919124][   T24] usb 5-1: SerialNumber: syz
[  142.930421][   T24] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  142.937974][   T40] audit: type=1800 audit(1774556593.908:51489): pid=9341 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.925" name="bus" dev="tmpfs" ino=976 res=0 errno=0
[  142.948869][   T40] audit: type=1400 audit(1774556593.918:51490): avc:  denied  { create } for  pid=9340 comm="syz.4.925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  142.960687][   T40] audit: type=1400 audit(1774556593.928:51491): avc:  denied  { firmware_load } for  pid=50 comm="kworker/2:1" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  142.971004][   T50] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  142.987539][   T40] audit: type=1400 audit(1774556593.958:51492): avc:  denied  { read write } for  pid=6822 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  142.997679][   T40] audit: type=1400 audit(1774556593.958:51493): avc:  denied  { open } for  pid=6822 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  143.007515][   T40] audit: type=1400 audit(1774556593.958:51494): avc:  denied  { ioctl } for  pid=6822 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  143.068970][ T9343] FAULT_INJECTION: forcing a failure.
[  143.068970][ T9343] name failslab, interval 1, probability 0, space 0, times 0
[  143.074601][ T9343] CPU: 0 UID: 0 PID: 9343 Comm: syz.4.926 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  143.074630][ T9343] Tainted: [L]=SOFTLOCKUP
[  143.074638][ T9343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  143.074649][ T9343] Call Trace:
[  143.074655][ T9343]  <TASK>
[  143.074664][ T9343]  dump_stack_lvl+0x100/0x190
[  143.074701][ T9343]  should_fail_ex.cold+0x5/0xa
[  143.074726][ T9343]  should_failslab+0xc2/0x120
[  143.074749][ T9343]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  143.074776][ T9343]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  143.074813][ T9343]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  143.074850][ T9343]  mmu_topup_memory_caches+0x25/0x170
[  143.074876][ T9343]  kvm_mmu_load+0xd6/0x23e0
[  143.074898][ T9343]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  143.074925][ T9343]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  143.074962][ T9343]  ? __pfx_kvm_mmu_load+0x10/0x10
[  143.074984][ T9343]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  143.075015][ T9343]  ? kvm_check_and_inject_events+0x961/0x10c0
[  143.075037][ T9343]  ? record_steal_time+0x3f0/0xbe0
[  143.075069][ T9343]  vcpu_run+0x39f4/0x5ca0
[  143.075104][ T9343]  ? __pfx_vcpu_run+0x10/0x10
[  143.075137][ T9343]  ? rcu_is_watching+0x12/0xc0
[  143.075166][ T9343]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  143.075190][ T9343]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  143.075221][ T9343]  kvm_vcpu_ioctl+0x730/0x1730
[  143.075253][ T9343]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  143.075282][ T9343]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  143.075312][ T9343]  ? do_vfs_ioctl+0x226/0x13e0
[  143.075342][ T9343]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  143.075372][ T9343]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  143.075409][ T9343]  ? __fget_files+0x215/0x3d0
[  143.075431][ T9343]  ? hook_file_ioctl_common+0x146/0x410
[  143.075458][ T9343]  ? selinux_file_ioctl+0x139/0x290
[  143.075484][ T9343]  ? selinux_file_ioctl+0xb4/0x290
[  143.075513][ T9343]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  143.075543][ T9343]  __x64_sys_ioctl+0x18e/0x210
[  143.075574][ T9343]  do_syscall_64+0x106/0xf80
[  143.075600][ T9343]  ? clear_bhb_loop+0x40/0x90
[  143.075625][ T9343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.075646][ T9343] RIP: 0033:0x7f272659c799
[  143.075662][ T9343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  143.075681][ T9343] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  143.075698][ T9343] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  143.075711][ T9343] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  143.075722][ T9343] RBP: 00007f272739f090 R08: 0000000000000000 R09: 0000000000000000
[  143.075735][ T9343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  143.075746][ T9343] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  143.075788][ T9343]  </TASK>
[  143.083250][ T9351] fuse: Unknown parameter '000000000000000000030x0000000000000003'
[  143.136175][ T9352] netlink: zone id is out of range
[  143.196207][ T9351] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.928'.
[  143.199516][ T9352] netlink: zone id is out of range
[  143.212532][ T9352] netlink: zone id is out of range
[  143.214856][ T9352] netlink: zone id is out of range
[  143.216999][ T9352] netlink: zone id is out of range
[  143.219147][ T9352] netlink: zone id is out of range
[  143.221352][ T9352] netlink: zone id is out of range
[  143.223514][ T9352] netlink: zone id is out of range
[  143.226077][ T9352] netlink: zone id is out of range
[  143.387129][   T24] usb 5-1: USB disconnect, device number 15
[  143.388717][ T9367] netlink: 'syz.1.932': attribute type 7 has an invalid length.
[  143.393540][ T9367] netlink: 'syz.1.932': attribute type 7 has an invalid length.
[  143.402899][ T9367] f2fs: Unknown parameter 'usrquotaP'
[  143.410364][ T9367] nfs: Unknown parameter 'f2fs'
[  143.561218][ T9375] tipc: MTU too low for tipc bearer
[  143.684457][   T34] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  143.730059][ T9378] kAFS: Can only specify source 'none' with -o dyn
[  143.768822][ T9381] netlink: 'syz.2.938': attribute type 7 has an invalid length.
[  143.772505][ T9381] netlink: 'syz.2.938': attribute type 7 has an invalid length.
[  143.794480][ T1327] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  143.837790][   T34] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[  143.842153][   T34] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  143.847391][   T34] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  143.853083][   T34] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  143.857380][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.868344][ T9383] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  143.873683][   T34] usb 6-1: config 0 descriptor??
[  143.880739][   T34] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  143.970903][ T1327] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  143.975136][ T1327] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.979260][ T1327] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  143.983523][ T1327] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.988675][ T1327] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.995531][ T1327] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  143.999486][ T1327] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  144.002681][ T1327] usb 9-1: Product: syz
[  144.004521][ T1327] usb 9-1: Manufacturer: syz
[  144.013125][ T1327] cdc_wdm 9-1:1.0: skipping garbage
[  144.015529][ T1327] cdc_wdm 9-1:1.0: skipping garbage
[  144.019419][ T1327] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  144.021740][ T1327] cdc_wdm 9-1:1.0: Unknown control protocol
[  144.044979][   T50] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  144.047983][   T50] ath9k_htc: Failed to initialize the device
[  144.052322][   T24] usb 5-1: ath9k_htc: USB layer deinitialized
[  144.152730][ T9388] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  144.161232][ T9388] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  144.201428][ T9388] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.207972][ T9388] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.212412][ T9388] bond0 (unregistering): Released all slaves
[  144.219225][ T9373] cdc_wdm 9-1:1.0: Error submitting int urb - -90
[  144.224089][   T34] usb 9-1: USB disconnect, device number 11
[  144.567824][ T9410] netlink: 'syz.2.948': attribute type 5 has an invalid length.
[  144.578853][ T9410] ip6erspan0: entered promiscuous mode
[  145.136210][ T9451] : entered promiscuous mode
[  145.324152][ T9458] bridge2: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  145.331799][ T9458] __nla_validate_parse: 5 callbacks suppressed
[  145.331815][ T9458] netlink: 36 bytes leftover after parsing attributes in process `syz.4.965'.
[  145.378401][ T9460] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  145.383166][ T9460] Error validating options; rc = [-22]
[  145.419728][ T9462] netlink: 24 bytes leftover after parsing attributes in process `syz.4.967'.
[  145.551917][ T9467] netlink: 24 bytes leftover after parsing attributes in process `syz.4.968'.
[  145.597469][ T9467] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9467 comm=syz.4.968
[  145.879847][ T9471] gfs2: Unknown parameter 'dEbug���X/sW��xi��R�zF��Ib��ix�����j��vہi'�bq�^h�TO!�tǦ���[5��Xx{9}}%z��\'
[  146.000726][ T9478] netlink: 'syz.0.972': attribute type 3 has an invalid length.
[  146.247299][ T9490] hfsplus: unable to find HFS+ superblock
[  146.251926][ T9490] binder: 9489:9490 ioctl c0306201 200000000540 returned -14
[  146.336860][ T9500] kvm: user requested TSC rate below hardware speed
[  146.462436][   T24] usb 6-1: USB disconnect, device number 22
[  146.491253][ T9507] syzkaller0: entered promiscuous mode
[  146.493719][ T9507] syzkaller0: entered allmulticast mode
[  146.527297][   T63] Bluetooth: hci3: command 0x0406 tx timeout
[  146.638261][ T9518] No control pipe specified
[  146.712920][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.718004][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.720608][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.723328][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.743112][ T9531] FAULT_INJECTION: forcing a failure.
[  146.743112][ T9531] name failslab, interval 1, probability 0, space 0, times 0
[  146.747390][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.749852][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.752250][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.755066][ T9531] CPU: 0 UID: 0 PID: 9531 Comm: syz.4.991 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  146.755082][ T9531] Tainted: [L]=SOFTLOCKUP
[  146.755086][ T9531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  146.755092][ T9531] Call Trace:
[  146.755096][ T9531]  <TASK>
[  146.755100][ T9531]  dump_stack_lvl+0x100/0x190
[  146.755132][ T9531]  should_fail_ex.cold+0x5/0xa
[  146.755147][ T9531]  should_failslab+0xc2/0x120
[  146.755158][ T9531]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  146.755174][ T9531]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  146.755194][ T9531]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  146.755215][ T9531]  mmu_topup_memory_caches+0x25/0x170
[  146.755228][ T9531]  kvm_mmu_load+0xd6/0x23e0
[  146.755243][ T9531]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  146.755258][ T9531]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  146.755275][ T9531]  ? __pfx_kvm_mmu_load+0x10/0x10
[  146.755286][ T9531]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  146.755303][ T9531]  ? kvm_check_and_inject_events+0x961/0x10c0
[  146.755315][ T9531]  ? record_steal_time+0x3f0/0xbe0
[  146.755333][ T9531]  vcpu_run+0x39f4/0x5ca0
[  146.755350][ T9531]  ? __pfx_vcpu_run+0x10/0x10
[  146.755368][ T9531]  ? rcu_is_watching+0x12/0xc0
[  146.755383][ T9531]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  146.755396][ T9531]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  146.755413][ T9531]  kvm_vcpu_ioctl+0x730/0x1730
[  146.755430][ T9531]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  146.755446][ T9531]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  146.755463][ T9531]  ? do_vfs_ioctl+0x226/0x13e0
[  146.755480][ T9531]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  146.755496][ T9531]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  146.755523][ T9531]  ? __fget_files+0x215/0x3d0
[  146.755533][ T9531]  ? hook_file_ioctl_common+0x146/0x410
[  146.755548][ T9531]  ? selinux_file_ioctl+0x139/0x290
[  146.755562][ T9531]  ? selinux_file_ioctl+0xb4/0x290
[  146.755578][ T9531]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  146.755594][ T9531]  __x64_sys_ioctl+0x18e/0x210
[  146.755611][ T9531]  do_syscall_64+0x106/0xf80
[  146.755634][ T9531]  ? clear_bhb_loop+0x40/0x90
[  146.755647][ T9531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.755663][ T9531] RIP: 0033:0x7f272659c799
[  146.755674][ T9531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  146.755684][ T9531] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.755695][ T9531] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  146.755701][ T9531] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  146.755708][ T9531] RBP: 00007f272739f090 R08: 0000000000000000 R09: 0000000000000000
[  146.755714][ T9531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  146.755720][ T9531] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  146.755734][ T9531]  </TASK>
[  146.758176][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.836115][ T9537] netlink: 'syz.1.992': attribute type 4 has an invalid length.
[  146.840184][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.841462][ T9537] netlink: 152 bytes leftover after parsing attributes in process `syz.1.992'.
[  146.842886][ T9537] .`: renamed from bond0
[  146.844073][ T5977] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0
[  146.875289][ T5977] hid-generic 0006:0004:0009.000A: hidraw1: VIRTUAL HID v0.04 Device [syz1] on syz0
[  146.910672][ T9538] fido_id[9538]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  146.917194][ T9540] netlink: 'syz.2.993': attribute type 39 has an invalid length.
[  146.937639][ T9542] netlink: 8 bytes leftover after parsing attributes in process `syz.1.992'.
[  146.940955][ T9542] netlink: 12 bytes leftover after parsing attributes in process `syz.1.992'.
[  146.953253][ T9544] net_ratelimit: 151 callbacks suppressed
[  146.953266][ T9544] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  146.978716][ T9550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.995'.
[  147.062932][ T9557] netlink: 32 bytes leftover after parsing attributes in process `syz.2.997'.
[  147.115152][ T9563] sctp: [Deprecated]: syz.2.999 (pid 9563) Use of int in max_burst socket option.
[  147.115152][ T9563] Use struct sctp_assoc_value instead
[  147.119150][ T9552] ------------[ cut here ]------------
[  147.122210][ T9552] enable_ept && !allow_smaller_maxphyaddr
[  147.122220][ T9552] WARNING: arch/x86/kvm/vmx/vmx.c:5444 at handle_exception_nmi+0xa6e/0x1bb0, CPU#1: syz.4.996/9552
[  147.126490][ T9565] binder_alloc: 9564: binder_alloc_buf, no vma
[  147.128521][ T9552] Modules linked in:
[  147.128568][ T9552] CPU: 1 UID: 0 PID: 9552 Comm: syz.4.996 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.128586][ T9552] Tainted: [L]=SOFTLOCKUP
[  147.128592][ T9552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.134688][ T9565] xt_NFQUEUE: number of total queues is 0
[  147.137000][ T9552] RIP: 0010:handle_exception_nmi+0xa6e/0x1bb0
[  147.146168][ T9552] Code: 08 84 d2 0f 85 fd 10 00 00 44 0f b6 2d 96 e5 39 0f 31 ff 44 89 ee e8 41 40 69 00 45 84 ed 0f 85 b5 0e 00 00 e8 e3 45 69 00 90 <0f> 0b 90 31 ff 44 89 e6 e8 85 40 69 00 45 85 e4 0f 85 7f 0b 00 00
[  147.154705][ T9552] RSP: 0018:ffffc900061df9d8 EFLAGS: 00010287
[  147.157487][ T9552] RAX: 00000000000207b8 RBX: ffff88805a7e8000 RCX: ffffc90004081000
[  147.160520][ T9552] RDX: 0000000000080000 RSI: ffffffff819faffd RDI: ffff88805a54a4c0
[  147.163926][ T9552] RBP: 000000000f6632eb R08: 0000000000000001 R09: 0000000000000000
[  147.167283][ T9552] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  147.170029][ T9552] R13: 0000000000000000 R14: ffff88805b2ed000 R15: ffff88805a7e80d8
[  147.173637][ T9552] FS:  00007f272739f6c0(0000) GS:ffff8880d643f000(0000) knlGS:0000000000000000
[  147.176801][ T9552] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  147.179154][ T9552] CR2: 0000000000000000 CR3: 0000000043e58000 CR4: 0000000000352ef0
[  147.182071][ T9552] Call Trace:
[  147.183391][ T9552]  <TASK>
[  147.184659][ T9552]  ? __pfx_handle_exception_nmi+0x10/0x10
[  147.186830][ T9552]  vmx_handle_exit+0x84d/0x1f40
[  147.188602][ T9552]  vcpu_run+0x34cf/0x5ca0
[  147.190153][ T9552]  ? __pfx_vcpu_run+0x10/0x10
[  147.191824][ T9552]  ? rcu_is_watching+0x12/0xc0
[  147.193453][ T9552]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  147.195524][ T9552]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  147.197477][ T9552]  kvm_vcpu_ioctl+0x730/0x1730
[  147.199171][ T9552]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.200952][ T9552]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  147.203069][ T9552]  ? do_vfs_ioctl+0x226/0x13e0
[  147.204827][ T9552]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  147.206616][ T9552]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  147.209085][ T9552]  ? __fget_files+0x215/0x3d0
[  147.210840][ T9552]  ? hook_file_ioctl_common+0x146/0x410
[  147.212945][ T9552]  ? selinux_file_ioctl+0x139/0x290
[  147.214857][ T9552]  ? selinux_file_ioctl+0xb4/0x290
[  147.216652][ T9552]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.218536][ T9552]  __x64_sys_ioctl+0x18e/0x210
[  147.220260][ T9552]  do_syscall_64+0x106/0xf80
[  147.221905][ T9552]  ? clear_bhb_loop+0x40/0x90
[  147.223568][ T9552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.225743][ T9552] RIP: 0033:0x7f272659c799
[  147.227367][ T9552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.234211][ T9552] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  147.237490][ T9552] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  147.240278][ T9552] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  147.243062][ T9552] RBP: 00007f2726632c99 R08: 0000000000000000 R09: 0000000000000000
[  147.245884][ T9552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.248892][ T9552] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  147.251927][ T9552]  </TASK>
[  147.253096][ T9552] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  147.255847][ T9552] CPU: 1 UID: 0 PID: 9552 Comm: syz.4.996 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.259740][ T9552] Tainted: [L]=SOFTLOCKUP
[  147.261352][ T9552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.264896][ T9552] Call Trace:
[  147.266235][ T9552]  <TASK>
[  147.267442][ T9552]  dump_stack_lvl+0x100/0x190
[  147.269336][ T9552]  vpanic+0x552/0x970
[  147.270849][ T9552]  ? __pfx_vpanic+0x10/0x10
[  147.272698][ T9552]  panic+0xd1/0xe0
[  147.274097][ T9552]  ? __pfx_panic+0x10/0x10
[  147.275799][ T9552]  check_panic_on_warn.cold+0x19/0x34
[  147.277836][ T9552]  ? handle_exception_nmi+0xa6e/0x1bb0
[  147.279782][ T9552]  __warn.cold+0x191/0x348
[  147.281372][ T9552]  __report_bug+0x296/0x3d0
[  147.282998][ T9552]  ? handle_exception_nmi+0xa6e/0x1bb0
[  147.284837][ T9552]  ? __pfx___report_bug+0x10/0x10
[  147.286493][ T9552]  ? __pfx_skip_emulated_instruction+0x10/0x10
[  147.288558][ T9552]  ? kvm_pmu_trigger_event.isra.0+0x789/0xc00
[  147.290915][ T9552]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  147.293294][ T9552]  ? handle_exception_nmi+0xa6e/0x1bb0
[  147.295197][ T9552]  report_bug+0xb2/0x220
[  147.296796][ T9552]  ? handle_exception_nmi+0xa6e/0x1bb0
[  147.298655][ T9552]  handle_bug+0x16a/0x2a0
[  147.300278][ T9552]  exc_invalid_op+0x17/0x50
[  147.301939][ T9552]  asm_exc_invalid_op+0x1a/0x20
[  147.303873][ T9552] RIP: 0010:handle_exception_nmi+0xa6e/0x1bb0
[  147.306184][ T9552] Code: 08 84 d2 0f 85 fd 10 00 00 44 0f b6 2d 96 e5 39 0f 31 ff 44 89 ee e8 41 40 69 00 45 84 ed 0f 85 b5 0e 00 00 e8 e3 45 69 00 90 <0f> 0b 90 31 ff 44 89 e6 e8 85 40 69 00 45 85 e4 0f 85 7f 0b 00 00
[  147.312697][ T9552] RSP: 0018:ffffc900061df9d8 EFLAGS: 00010287
[  147.314860][ T9552] RAX: 00000000000207b8 RBX: ffff88805a7e8000 RCX: ffffc90004081000
[  147.317607][ T9552] RDX: 0000000000080000 RSI: ffffffff819faffd RDI: ffff88805a54a4c0
[  147.320543][ T9552] RBP: 000000000f6632eb R08: 0000000000000001 R09: 0000000000000000
[  147.323698][ T9552] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  147.327117][ T9552] R13: 0000000000000000 R14: ffff88805b2ed000 R15: ffff88805a7e80d8
[  147.330170][ T9552]  ? handle_exception_nmi+0xa6d/0x1bb0
[  147.332162][ T9552]  ? handle_exception_nmi+0xa6d/0x1bb0
[  147.334078][ T9552]  ? __pfx_handle_exception_nmi+0x10/0x10
[  147.336081][ T9552]  vmx_handle_exit+0x84d/0x1f40
[  147.337797][ T9552]  vcpu_run+0x34cf/0x5ca0
[  147.339469][ T9552]  ? __pfx_vcpu_run+0x10/0x10
[  147.341552][ T9552]  ? rcu_is_watching+0x12/0xc0
[  147.344227][ T9552]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  147.346458][ T9552]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  147.348415][ T9552]  kvm_vcpu_ioctl+0x730/0x1730
[  147.350096][ T9552]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.351953][ T9552]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  147.354013][ T9552]  ? do_vfs_ioctl+0x226/0x13e0
[  147.355731][ T9552]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  147.357495][ T9552]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  147.359803][ T9552]  ? __fget_files+0x215/0x3d0
[  147.361648][ T9552]  ? hook_file_ioctl_common+0x146/0x410
[  147.364052][ T9552]  ? selinux_file_ioctl+0x139/0x290
[  147.366003][ T9552]  ? selinux_file_ioctl+0xb4/0x290
[  147.368008][ T9552]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.369887][ T9552]  __x64_sys_ioctl+0x18e/0x210
[  147.371548][ T9552]  do_syscall_64+0x106/0xf80
[  147.373307][ T9552]  ? clear_bhb_loop+0x40/0x90
[  147.374937][ T9552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.377052][ T9552] RIP: 0033:0x7f272659c799
[  147.378620][ T9552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.385152][ T9552] RSP: 002b:00007f272739f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  147.388285][ T9552] RAX: ffffffffffffffda RBX: 00007f2726815fa0 RCX: 00007f272659c799
[  147.391054][ T9552] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  147.393948][ T9552] RBP: 00007f2726632c99 R08: 0000000000000000 R09: 0000000000000000
[  147.396730][ T9552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.399611][ T9552] R13: 00007f2726816038 R14: 00007f2726815fa0 R15: 00007fff1274ac48
[  147.402840][ T9552]  </TASK>
[  147.404883][ T9552] Kernel Offset: disabled
[  147.406435][ T9552] Rebooting in 86400 seconds..