last executing test programs:

1m43.457197145s ago: executing program 3 (id=212):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r1, 0x3b82, &(0x7f0000000180)={0x18, r2, 0x1, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}]})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000100)=ANY=[@ANYBLOB="5000010066a2f93616ce8c498ff0d9af6086de1d611f6616c0922cfdc66731e62da01109d6726f335872a9d548e1dd06d035260ef9a20d90a424efda925236dfbc4c97315bdcb6a38256611967148e04ada0055f439b49e03c293de2df", @ANYRES16=r3, @ANYRESHEX], 0x50}}, 0x48001)

1m43.455776595s ago: executing program 3 (id=213):
socket(0x10, 0x3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x0, 0x3472, 0x40000060, 0x100007f, 0x6, "9f940b3491d052d172e0e573229ac6de50806c"})
mount$9p_fd(0x0, &(0x7f0000000280)='./cgroup\x00', &(0x7f0000000340), 0x8401, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000080)=0xffffffff, 0x4)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="a443fcd7770245fc989b50ea09817223dd9fac342f8f7c3d2cdcae3b14f82c974dc1", 0x22}], 0x1}, 0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xaa02, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m43.186744317s ago: executing program 3 (id=216):
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x80b00, 0x0)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4e00, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0xf, &(0x7f00000027c0)=ANY=[@ANYBLOB="18000001000000000000feffffffffff17010000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bc0900000000000055090100000000009500000000000000bd90000000000000b7020000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000a80)='GPL\x00'}, 0x90)
pipe(&(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r5, 0xc0505405, &(0x7f0000000000)={{0x1, 0x0, 0x1}})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(0x3)
write$binfmt_misc(r6, &(0x7f0000000580)="8c0e2fb1cd", 0x5)
sendto$inet6(r4, 0x0, 0x0, 0x4084, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000080)="44f9", 0x2, 0x1, 0x0, 0x0)
splice(r4, 0x0, r3, 0x0, 0x406f413, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000b00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x10000100}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000980)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x9e}, @NFTA_RULE_POSITION_ID={0x8}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x11}]}]}, @NFT_MSG_DELCHAIN={0x28, 0x5, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x810)
r7 = fcntl$dupfd(r0, 0x406, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r7}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)
r8 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r8, 0x1e, 0x0, 0x1)
ioctl$CDROM_GET_CAPABILITY(r7, 0x5331)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000b40), r7)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r6, &(0x7f0000000c00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x1c, r9, 0x4, 0x70bd29, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x8010)
ioctl$DVD_WRITE_STRUCT(r0, 0x5390, &(0x7f0000000040))

1m43.077125624s ago: executing program 3 (id=217):
ioctl$DRM_IOCTL_PANTHOR_VM_CREATE(0xffffffffffffffff, 0xc0106441, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x3e, &(0x7f0000000000)=0x101, 0x4)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x20000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0\x00', 0x0, 0x98d046, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x5, 0x4, 0xffffffffffffffff, 0x0, 0x2}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x2, 0x1, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

1m42.975366914s ago: executing program 3 (id=218):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
r1 = syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r2 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r3, 0x4068aea3, &(0x7f0000000240)={0x74, 0x0, 0x7eacfa71abeb3756})
syz_kvm_setup_syzos_vm$x86(r3, &(0x7f0000c00000/0x400000)=nil)
r4 = syz_kvm_add_vcpu$x86(r1, &(0x7f0000000040)={0x0, 0x0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x14, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x42, 0x0, 0x0, 0x3c}}}}}}}, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1m42.62657087s ago: executing program 3 (id=219):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
io_setup(0x8f0, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x106, 0x1, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0xa000, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000002740)={0x53, 0xffffffffffffffff, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000140)="8555b60bfad6", 0x0, 0x9, 0x10000, 0x1, 0x0})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x800000000000000, 0x0, 0x0, 0x800, 0x0, 0x8100000}, 0x0, &(0x7f0000000080)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6a9, 0x3ac8}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x20}], 0x1, 0x81)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x1, 0x200)
ioctl$SG_GET_ACCESS_COUNT(r4, 0x2289, &(0x7f0000000100))

1m42.584463138s ago: executing program 32 (id=219):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
io_setup(0x8f0, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x106, 0x1, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0xa000, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000002740)={0x53, 0xffffffffffffffff, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000140)="8555b60bfad6", 0x0, 0x9, 0x10000, 0x1, 0x0})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x800000000000000, 0x0, 0x0, 0x800, 0x0, 0x8100000}, 0x0, &(0x7f0000000080)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6a9, 0x3ac8}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
poll(&(0x7f0000000040)=[{r0, 0x20}], 0x1, 0x81)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x1, 0x200)
ioctl$SG_GET_ACCESS_COUNT(r4, 0x2289, &(0x7f0000000100))

1m24.230535628s ago: executing program 0 (id=437):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x63)
write$9p(r0, &(0x7f0000000100)="d5c0", 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="a985ce97e98cb008f62bcce0f2cfed00730c595e725b971bd47978a0718b9bd066051db0337096c4d9019696f6658579a970ad0d09d7f3b5f722b1d0f03222fbbbc16a56d892618e0be91e30dd6859512b32d6614c68606240bc7c6fa72ef5853aacc8b885ebd9a0f7c358b428d2ae6f9f8f297fc08793e4b624d04893f851cabbc0d86aee6ddbfad380fed3f6761b2b0d2a3c4dc40d62fedd1ad6bf2fd58f3e53d5441bd7f54529450cb721fcccb19088ea4da886a3af8ac100acd4d21619a47a3220b5cfcb8a4daa844c3adf673b29afeb612dbfebf220cb25b996bca20892d0c7fe71089a48ecc0741f9febb50c", @ANYRESDEC=r0], &(0x7f0000000180)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="4f3c8f4dbab1"], 0x9)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x5], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f00000000c0)={"218ff100", 0x8, 0x6, 0x2, 0x0, 0x8, "f700", '\x00\x00G\x00', "030600", "fcffffff", ["50d59404000100", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", '5\x00']})
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000840)={{&(0x7f0000000400)=[{0x1d, 0xe6, 0x3, {0x1df, 0x1}, 0x2, 0x5, 0x2}, {0x3, 0x7, 0x9, {0x2}, 0x6, 0x8}, {0x7, 0x401, 0x7ff, {0x3, 0x6}, 0x8, 0x5, 0x3}, {0x7fffffff, 0x8, 0x6, {0x4}, 0x9, 0x1, 0x2}, {0x3ff, 0x1, 0x7, {0x2, 0x9}, 0x8000000000000001, 0x9, 0x3}], 0x5, 0x40, 0xb2, 0x6}, {&(0x7f0000000540)=[{0xfffffffffffffffe, 0x6}, {0x7, 0x1000}], 0x2, 0x10, 0x3fd5, 0x7ff}, {&(0x7f0000000580)=[0x3, 0xffffffffffffff3a, 0x2, 0x2, 0x35, 0x4], 0x6, 0x8, 0xfffa, 0x1}, {&(0x7f00000006c0)=[{0x7, 0xd03b, 0x7fffffffffffffff, 0x7, 0x8}, {0x401, 0x9, 0x5, 0x7, 0x7}, {0x5, 0xfffffffffffffbff, 0x5, 0x2, 0x46df}, {0xc82, 0x9, 0x6, 0x2, 0x946}, {0x40, 0x2, 0xd100000000000000, 0x8000000000000001, 0x7fffffff}, {0xe, 0x5, 0x10000, 0x800, 0x101}, {0x4, 0x0, 0x8000000000000000, 0x6, 0xae}], 0x7, 0x28, 0x8, 0x6}, {&(0x7f0000000800)=[0x8000, 0x8, 0x3, 0x237], 0x4, 0x8, 0x7fff, 0x8}})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r0, 0x0)

1m23.934170056s ago: executing program 0 (id=446):
syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) (async)
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0xfffffffe)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x318, 0xffffffff, 0xffffffff, 0x318, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x3, 0xf, 0x0, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0xd}, [0xff000000, 0x0, 0xffffff00, 0xff000000], [0xff000000, 0xffff00, 0xffffff00, 0xff], [0xffffffff, 0xffffffff, 0xff000000, 0xffffff00], 0x0, 0x25e8}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x17}, @local, [0xff], [], 'lo\x00', 'gre0\x00', {}, {}, 0x0, 0x5}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x8, 0xfb}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x378)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x4000}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0)
keyctl$dh_compute(0x17, &(0x7f00000006c0)={r1, r2, r2}, 0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={'wp384-generic\x00'}}) (async)
keyctl$dh_compute(0x17, &(0x7f00000006c0)={r1, r2, r2}, 0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={'wp384-generic\x00'}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM(r5, 0x4068aea3, &(0x7f0000000500)={0xce, 0x0, r5}) (async)
ioctl$KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM(r5, 0x4068aea3, &(0x7f0000000500)={0xce, 0x0, r5})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x20202, 0x0) (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x20202, 0x0)
socket$netlink(0x10, 0x3, 0x10) (async)
socket$netlink(0x10, 0x3, 0x10)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2, @thr={0x0, 0x0}})
ioctl$BTRFS_IOC_BALANCE_V2(r4, 0xc4009420, &(0x7f0000000580)={0x0, 0x5, {0x4, @usage=0x47cc, <r7=>0x0, 0x1a8, 0x66, 0x7, 0x517800000, 0x10, 0x1, @struct={0x218e, 0x3ff}, 0xfffffffd, 0x2, [0x3, 0xbad, 0x5, 0x7fff, 0x7, 0xfff]}, {0x2, @struct={0xffff, 0x38}, 0x0, 0x6, 0x77, 0x100000001, 0x5, 0x1ff, 0x28, @struct={0x4, 0x3}, 0xfffffffb, 0xf56f, [0x8000000000000001, 0x8, 0x6, 0x5, 0x3, 0x3f3]}, {0x4, @usage=0x1, 0x0, 0x2, 0x52d, 0x0, 0x10, 0x1, 0x10, @struct={0x7ff, 0x4}, 0x8001, 0xfff, [0x7, 0x8000000000000000, 0x3, 0x3, 0x2, 0x2]}, {0x3ff, 0x100, 0x7fffffff}})
ioctl$BTRFS_IOC_SCRUB(r4, 0xc400941b, &(0x7f0000000980)={r7, 0x10001, 0xffffffffffffffff, 0x1})
sendfile(r6, r6, 0x0, 0xc3)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r6, 0x6, 0x15, &(0x7f0000000400)=0x2, 0x4)

1m23.250299183s ago: executing program 0 (id=448):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000040)={'wpan1\x00', <r2=>0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), r0)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (async)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffd}]})
r8 = dup2(r6, r7)
close_range(r8, 0xffffffffffffffff, 0x0) (async)
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r4)
socket$inet(0x10, 0x3, 0x0) (async)
r10 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000300)={'bond0\x00', <r11=>0x0})
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0xb0, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r11, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xb, [0x5, 0xf, 0x10, 0x3, 0x2, 0x5, 0x0, 0x0, 0x4, 0xb, 0xe, 0xb, 0x4, 0xf, 0x5, 0xd], 0x1, [0x0, 0x1, 0x0, 0x3c3, 0x7f, 0x442, 0x2, 0x6, 0x9, 0x1000, 0x4, 0x3, 0xfff8, 0x5, 0xa, 0x3dd], [0x2, 0x7, 0x5, 0xfffa, 0xf, 0x1, 0x7, 0x40, 0x7, 0x4, 0x7, 0x7f, 0x5f94, 0x2, 0x9, 0xf46]}}]}}, @qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x100000000}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0xb0}}, 0x0)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r8, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x4c, r9, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xff}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r11}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x5}, 0xc040040) (async)
sendmsg$BATADV_CMD_TP_METER_CANCEL(r8, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x4c, r9, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xff}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r11}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x5}, 0xc040040)
close(r4)
r13 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x3, 0xfffffffd, 0x3, {0xa, 0x4e24, 0x3, @loopback, 0x3}}}, 0x3a) (async)
connect$pppl2tp(r4, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x3, 0xfffffffd, 0x3, {0xa, 0x4e24, 0x3, @loopback, 0x3}}}, 0x3a)
ioctl$PPPIOCGL2TPSTATS(r13, 0x40047452, 0x0) (async)
ioctl$PPPIOCGL2TPSTATS(r13, 0x40047452, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x1c, r1, 0xb1d, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x48850)

1m23.163005597s ago: executing program 0 (id=449):
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000780)='task\x00')
lseek(r1, 0x8, 0x4)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x1004004, 0x9e}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003640)=ANY=[@ANYBLOB="140000001200010a0000e1bf1830c83b01450000"], 0x14}, 0x1, 0x0, 0x0, 0x80000}, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000011400042dbd7000fcdbdf25080001000100000008001100000000000800010002000000080001000500000008000100020000000800010000000000"], 0x40}, 0x1, 0x0, 0x0, 0x45}, 0x4000)
r2 = socket$kcm(0x2b, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40040c4)
setsockopt$sock_attach_bpf(r2, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r2)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x328, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x258, 0xffffffff, 0xffffffff, 0x258, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@loopback, @private0, [0xff, 0x0, 0xff000000], [0x0, 0x0, 0x0, 0xff000000], 'wlan0\x00', 'veth0_to_team\x00', {0xff}, {}, 0x2c, 0xc7, 0x6, 0x61}, 0x0, 0x168, 0x190, 0x0, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d6], 0x8, 0xe, 0x2}}, @common=@srh1={{0x90}, {0x3a, 0x2, 0xf, 0x0, 0x9, @private1, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0xd}, [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], [0xff000000, 0xff, 0xffffff00, 0xff], [0xffffffff, 0xffffffff, 0x0, 0xffffff00], 0x13a8, 0x4000}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x2, 0x4, 0x6}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x36}}, [], [0x0, 0xff], 'erspan0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x388)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r4, &(0x7f0000000980)=[{&(0x7f0000000280)="be81fe7001ccee43577c0e916eb25b559948d3e2181f0d8ad190b8a243f61b77adf29492214672f97fad73fb41f50b84435717879a237dd1676c01b640e288842990bc58dd19d101ef7e341dbba2d79ce54942151b5e79bbf3a7175c000000779c9e450e9a72d188f1bb1543c0f6d804ba14db30fccc3fec448ec84625b5a0d78a40ad17f8bc4c38808343e77d6f9f88909f7352a7", 0x95}], 0x1, 0x5, 0xa, 0x14)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'veth1_virt_wifi\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x3c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0x8, 0xfff3}, {}, {0xf, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @rand_addr=0x64010102}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000002480)={0x9, <r9=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000002500)={0x18, 0x20, &(0x7f0000000880)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, {}, {}, [@cb_func={0x18, 0x7, 0x4, 0x0, 0xfffffffffffffffd}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @alu={0x4, 0x0, 0xc, 0x7, 0x8, 0x2, 0x8}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000009c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000001400)=""/4096, 0x41000, 0x4, '\x00', r8, @fallback=0x11, 0xffffffffffffffff, 0x8, &(0x7f0000002400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000002440)={0x1, 0xe, 0x4, 0x3}, 0x10, r9, r1, 0x4, 0x0, &(0x7f00000024c0)=[{0x1, 0x5, 0x0, 0xc}, {0x4, 0x5, 0x9, 0x1}, {0x4, 0x1, 0x9, 0x5}, {0x4, 0x3, 0xc, 0x2}], 0x10, 0x5}, 0x94)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001040), r6)
sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000001080)={0x34, r10, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20044000}, 0x20040000)
sendmsg$IEEE802154_ADD_IFACE(r5, &(0x7f0000000800)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000007c0)={&(0x7f0000000380)={0x20, r10, 0x0, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8080}, 0x20000000)
r11 = openat$selinux_status(0xffffff9c, &(0x7f0000000bc0), 0x0, 0x0)
read(r11, 0x0, 0x0)
r12 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/udp\x00')
pread64(r12, &(0x7f00000013c0)=""/15, 0xf, 0x404)
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f0000000000)={0x3, r12})

1m23.100242964s ago: executing program 0 (id=450):
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='numa_maps\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000001200)=""/4112, 0x1010}], 0x1, 0x800, 0x0)
r2 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0x1bf58, 0x10000, 0x2, 0x2d0}, &(0x7f0000000440), &(0x7f0000000400), &(0x7f0000000000))
io_uring_enter(r2, 0x7b1d, 0xe93c, 0xc, 0x0, 0x0)
io_uring_register$IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f00000000c0)={0x5, 0x6}, 0x1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
syz_emit_ethernet(0x26, &(0x7f0000000080)=ANY=[@ANYBLOB="000000000008aaaaaaaaaaaa81"], 0x0)
setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000040)=0xc65b, 0x4)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000001440), 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r6], 0x1c}}, 0x4008054)
write$nci(r3, &(0x7f0000000340)=@NCI_OP_RF_DISCOVER_RSP={0x1, 0x1, 0x2, 0x3, 0x51, 0x1}, 0x109)
readv(r0, &(0x7f0000000400)=[{&(0x7f0000000480)=""/73, 0x49}], 0x1)

1m23.01402674s ago: executing program 0 (id=453):
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0x8) (async)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0x8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'erspan0\x00'})
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
getpid()
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0), 0x0) (async)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) (async)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r3, @ANYRESHEX=r4], 0x15)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) (async)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'gretap0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

1m6.534419828s ago: executing program 33 (id=453):
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0x8) (async)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000000)=0x8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'erspan0\x00'})
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
getpid()
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0), 0x0) (async)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}}) (async)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r3, @ANYRESHEX=r4], 0x15)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) (async)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'gretap0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

49.180981497s ago: executing program 5 (id=878):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000000206010300000000000000000000000037077a325ce1a00900020073797a3000000000050005"], 0x44}}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@timestamping={{0x14, 0x1, 0x25, 0x101}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0xc}}], 0x48}}, {{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000bc0)="e7bc2f4799fe560c31cf5a20a1b22fb77ce7f19e605b6a8d2645af02e63f9a9d7ba31907ccc0f4aa71ec0762b3a8e3332fe3603b4624", 0x36}, {0x0}, {&(0x7f0000000d00)}, {&(0x7f0000000fc0)="c6eae69212ba50dd664af774c32d34273a3baad9692140de74d9294c555a8c2e0d53acea79b788b5eb1a12ada1", 0x2d}, {0x0}], 0x5, &(0x7f00000014c0)}}], 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (fail_nth: 81)

48.819826968s ago: executing program 5 (id=881):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="a443fcd7770245fc989b50ea09817223dd9fac342f8f7c3d2cdcae3b14f82c974d", 0x21}], 0x1}, 0x6)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0xaa02, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4cff00"], 0x4c}}, 0x20000000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

48.819514558s ago: executing program 5 (id=882):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000001440)={&(0x7f00000011c0)={0xa, 0x4e20, 0x7ff, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="2400000000000000290000003200000000000000000000000000ffffe00000017e4b6813b2"], 0x28}, 0x20004004)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000002300090025bd7000ffd3df250100000008000100ac1414bb08000b"], 0x24}, 0x1, 0x0, 0x0, 0x24040811}, 0x8410)

48.73902425s ago: executing program 5 (id=884):
userfaultfd(0x80801) (async)
r0 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x430})
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000000)=0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x310100d, 0x1)
write$binfmt_misc(r1, &(0x7f0000000c40)="cf", 0x1) (async)
write$binfmt_misc(r1, &(0x7f0000000c40)="cf", 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000800000/0x800000)=nil, &(0x7f000022a000/0x4000)=nil, 0x800000})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages(r3, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0) (async)
move_pages(r3, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
r4 = getpgid(0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000500)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x800, 0x0, <r5=>0xffffffffffffffff})
ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000540)={&(0x7f0000848000/0x1000)=nil, &(0x7f0000406000/0x2000)=nil, 0x1000})
r6 = gettid()
syz_clone3(&(0x7f0000000440)={0xc02a0000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000200), {0x9}, &(0x7f00000002c0)=""/104, 0x68, &(0x7f0000000340)=""/162, &(0x7f0000000400)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, r3, r4, r6], 0x6, {r2}}, 0x58) (async)
syz_clone3(&(0x7f0000000440)={0xc02a0000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000200), {0x9}, &(0x7f00000002c0)=""/104, 0x68, &(0x7f0000000340)=""/162, &(0x7f0000000400)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, r3, r4, r6], 0x6, {r2}}, 0x58)

48.435296795s ago: executing program 5 (id=888):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001500), 0xc03, 0x0)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x50)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_debug_messages', 0x400180, 0x4e)
ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f0000000080))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
sendmsg$NL80211_CMD_DISASSOCIATE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00032abd7000fbdbdf25280000000c00990005000000330000000600360003000000060036009f00000006003600021900000600360042fa0000"], 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))

47.590619218s ago: executing program 5 (id=899):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940))
socket$nl_generic(0x10, 0x3, 0x10) (async)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff}) (async)
pipe(&(0x7f0000000000)) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r3) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
close(r3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4882}, 0x8000000)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000090a010400000000000000000a0000040900230073797a31002d840008000540000000020900020073797a310000000008000a40ffffd83f0c00098008000140000000010800084000000001140000001100010000000000000000000100000a"], 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000004500000a20000000120a010100000000000000000a0000020900010073797a3000000000140000001100010000000000000000000100000a"], 0x48}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYRES8=r2], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)
socket$can_raw(0x1d, 0x3, 0x1) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

47.463650183s ago: executing program 34 (id=899):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940))
socket$nl_generic(0x10, 0x3, 0x10) (async)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff}) (async)
pipe(&(0x7f0000000000)) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r3) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
close(r3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4882}, 0x8000000)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000090a010400000000000000000a0000040900230073797a31002d840008000540000000020900020073797a310000000008000a40ffffd83f0c00098008000140000000010800084000000001140000001100010000000000000000000100000a"], 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000004500000a20000000120a010100000000000000000a0000020900010073797a3000000000140000001100010000000000000000000100000a"], 0x48}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYRES8=r2], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)
socket$can_raw(0x1d, 0x3, 0x1) (async)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

1.455051428s ago: executing program 6 (id=1611):
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r1 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x20203843, 0x7, [0x2], [0x80ffff, 0x0, 0x2], [], [0x400000000000001]})
syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')

1.277403346s ago: executing program 6 (id=1613):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="34010000", @ANYRES16, @ANYBLOB="0100000000003fc14d"], 0x134}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xffbf}], 0x1)

1.169303848s ago: executing program 6 (id=1615):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="40010000", @ANYRES16=r3, @ANYBLOB="01000000000004000000010000002400030000000000000000000000000000000000000000000000000000000000000000001400020077673100000000000000000000000000f4000880"], 0x140}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
syz_clone3(&(0x7f00000006c0)={0x324100000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000030c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000fadbdf2501000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78"], 0x4c}, 0x1, 0x0, 0x0, 0x20d0}, 0x44000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket(0x10, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0xc)
socket(0x2, 0x80805, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.swap.current\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x3, 0x6)
socket$netlink(0x10, 0x3, 0xb)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x9d)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)

1.168505552s ago: executing program 4 (id=1617):
r0 = syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
ioctl$int_in(r0, 0x5452, &(0x7f0000001840)=0x5d4) (async)
write$FUSE_INTERRUPT(r0, &(0x7f00000000c0)={0x10}, 0x10) (async)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)

1.15675487s ago: executing program 4 (id=1619):
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
pwrite64(r0, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2) (async)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000100)={0xa00, 0xa0000}) (async)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x1000}, 0x4) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) (async)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}) (async)
r6 = io_uring_setup(0x6301, &(0x7f0000000140)={0x0, 0xa77b, 0x400, 0x2, 0x331})
io_uring_enter(r6, 0x77d8, 0xbd9c, 0x0, &(0x7f00000001c0)={[0x6]}, 0x8) (async, rerun: 64)
write$P9_RSTATu(r4, &(0x7f0000000580)={0x2a6, 0x7d, 0x2, {{0x500, 0x165, 0x3, 0x5000000, {0x64, 0x0, 0x8}, 0x41400000, 0x0, 0xe5e2, 0x5, 0x5a, '\x04nodev{evoo~\xa1f\x94KJ\t\xb9\xc4A\xd2\xcc\x85\xf4\xc7yZ\x8bb}k\x82\xda*5z\x00\x00\x00\xe3\xc9\x11^\x1d\x8e/\xbdP\x11\xc1q6e\xd4\xdb\x98\xffv\xc3VTbC\x88\xb7\xc9-\xddV\x9al\x9e(K\xd9\xe6\xfb\x8b\xbd\xd4\xd7\xe5\xa1\xca\x1f\xf4\xc1-\x8d', 0x3a, 'pJ\x86\xce\xc6\xe1\x8c\x84\x1f\x18\x198\x02\x00}\xf4g>\xff\xebvN\xf95\x1f\x01\xde\x05@E\x97\xe9\x9b\xa6=P\x964\x06\x9f\xd3\xcd\x00\x00+Y\x00'/58, 0x37, '\xcf\xc3m\a\xc5\x00\xf0L\xd8_*p\xf4\xe9\x93\x0e^\x98\x9c\xd5\xefMQ\xf6\r\xa7X,J\x05\xc8\xf8(\xf6\x8d\xc1wM]\xe2\xe8 \x86#\x81\xf6hm\xd1\xbb\x8f\xd7\x00\x00\x00', 0x67, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c<;{\xa4\xa4\x00\xb4\xb0w\xdct\x00\x00\x00\x06\x00\x00\x00@\a\xec!\xca\xbf\xf2\x0f\x9c\x00\x89\xf9\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12[\x93\xa5\xd4\xdb\x9a\xb2\xe0\x16He\x81\xea[\x9c\xf9\xc4\xa2\x86F\xbct@\x97\x11Y\xa7\x1b\xc0v\xb0lJ\xc4\x9e\xc7m^\x86\xea'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x13r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9a\x01\x80\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xcc.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6q\x00Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd9\x7f\xff\x00'/300, 0x0, r5}}, 0x2a6) (rerun: 64)

1.093398375s ago: executing program 6 (id=1620):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00002e4000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x3)
r2 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f0000000040)={0x10002, 0x2, 0xffff1000, 0x1000, &(0x7f0000fff000/0x1000)=nil, 0x6})
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
recvmmsg(r3, &(0x7f0000006b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x24048884}, 0xc005)
sendmsg$sock(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000140)="35c7b6b358750843519e26b8e3b9ed63fc86af04a5334b06157afddfac78f2052ff2d6a4cfc26b6a7ef8de7ba9a354eb1aaf120ca8f97f7225673e63bd79f78e61638e2641d01b1991001788801951cb680212e240dd2c3f8bbf5b6988fe683506f36559c5acb5bde94c5b083737a6845a2d2f6c3d1d47616815877fa14ddd2989d7348280de323846716d40bdeb281afc66a09675cd2f43db1f4fb1bcfdc364cc25e997b58fcf4acd1ab3030c14c94606992ce869ea5a9909968dc31a6969c482c0", 0xc2}, {&(0x7f0000000240)}, {&(0x7f0000000280)="25f774397047561ba15bc3ee39158425d832ee0ec38d7e86dd60f2147cf9737b671fc6b69ed4fe578001a10965745b2b445914d3bf32d8ff66e6ac405dff78d80b0e5e41eef3ccb467a8d8fc1c48cdb341f5850e5376dd85bc1bbedd27715db9f1d688f0d2e0ae1df2c37a6f6101da4e7c84afd7c44cb7e917e35b388c2d329ac826378785ddbb4560a0858ba5675f0c29777f426a3103acfc3ebf32a39a09e6dfc3950866df46590f1bcc4dc6282ed78b5d68ace39a74023ebf0eeeecee94b8f609a837c9dce52840d78655f4", 0xcd}, {&(0x7f0000000380)="fbe9549a9629a7bec8759ec37502431e9be1bb8b3b4145adb1d0ac7492f2d054174aea80b35a249d80ad7b58b941cfe205f1f18ed1ab3fbcb9e218961e0c492f8105e734687ca550e16ace3e7bfd86ad6dc78445d93184e960a4f678afcaa794f342c92ed6b95a0efcf95b992ac04f7c35a2d38315aef0a42150df7cffe5ef46dbf154d7976099287879b43199120750c4084558", 0x94}, {&(0x7f0000000440)="8bf6a8123fcf81a77edf39940bb617c97831ccd650715880a79357ebcb1f31d2388db7deaaaf59bd25fc831bb0b0bfa0f00d1754de01aeabb0ab4f3062fc57950033ac42", 0x44}], 0x5}, 0x4000)
r4 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r4, 0x110, 0x3)

1.092076478s ago: executing program 4 (id=1622):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) (async)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x4, 0xf}, {}, {0x7, 0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0xffff, 0xc}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004004)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x3}, 0x50) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x3}, 0x50)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x485, 0x0, 0x4}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3f, 0x38, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @loopback}, "001863718e9bf703"}}}}}, 0x0) (async)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3f, 0x38, 0x65, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @loopback}, "001863718e9bf703"}}}}}, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x543080, 0x0) (async)
r10 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x543080, 0x0)
ioctl$SG_EMULATED_HOST(r10, 0x2203, &(0x7f0000000140))

700.082274ms ago: executing program 4 (id=1625):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000480)="1c0000001a009b8a140000003b00"/28, 0x1c)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002abd7000fedbdf25030000000cb88cb7e3988c72480000000c0004000f000000000000000c0004f2feffff7f000000000c000800ef07000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x11}, 0x4c810)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000580)={<r1=>0xffffffffffffffff}, 0x0)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r2, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)

699.296655ms ago: executing program 1 (id=1627):
syz_open_dev$dvb_frontend(0x0, 0x0, 0x2)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e20, 0x3, @private2, 0xffffffff}}}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440080001000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a310000000008000340000000010900010073797a30"], 0x34}}, 0x0)
r4 = dup(r3)
r5 = socket(0x2b, 0x801, 0x1)
bind$unix(r5, &(0x7f0000000700)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'sit0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000004c0)={'syz_tun\x00', &(0x7f0000000280)=@ethtool_drvinfo={0x3, "80c1ea18c60ae80c9f47de6130590a2b5f45d3b8a34577ebce27ff60d0efa7f3", "9ab28f3b42b6ec142a85e1f2482d7fd59ba5c4d125d50e5aa635bdfbeb89b66c", "e90056816391adfc327222c3e8f8b9e7ce12b8a525e81ff65144daee5036eeaf", "fc089027e46663b854b4c592cbd43e537013872f9e1f945c9159338b1a47cf10", "38879d6c1675723af97bd0fcf2a34de372fdf5f42a4e716c5be23c246f007d01", "89e077cd410ed504dc7da9b6", 0x4, 0xffff, 0x18, 0x4, 0xffffff81}})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newqdisc={0x50, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{0x0, 0x5, 0x0, 0x386561e9, 0x4000000}, [@TCA_NETEM_DELAY_DIST={0x4, 0xd}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8080)
r10 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

580.886101ms ago: executing program 1 (id=1628):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
mkdir(&(0x7f0000000080)='./file1\x00', 0x8)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f00000000c0)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000340)={0x8000000000000000, 0x4, 0x100000001, 0x0, 0x6, 0x6, 0x6, 0xfffffffffffffffc, 0x100fff})
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$qrtrtun(r1, &(0x7f0000000400)='\v', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000030000000000000004000000186800000c00000000000000000000009c260000080000008145ff040e00000018110000", @ANYRES32=r1, @ANYBLOB="0000e24400007b8af8ff0000ffffffb703000008000000b70400000100000085000000820000009500"/62], &(0x7f0000000040)='GPL\x00', 0x44000, 0x0, 0x0, 0x40f00, 0x44}, 0x94)
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='gfs2\x00', 0x10, &(0x7f0000000100)='barrier')
setresgid(0xee00, 0xee01, 0x0)
r2 = syz_clone(0x6000, 0x0, 0xffffffffffffffa7, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = syz_open_procfs(r2, &(0x7f0000000040)='stat\x00')
pread64(r4, &(0x7f0000000140)=""/15, 0xf, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000004c0)=ANY=[@ANYBLOB="61125000000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07007706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdefeb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e762400"/300], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0xce22, 0x7f, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x1c)
listen(r5, 0x6)
listen(r6, 0x9)
read$FUSE(0xffffffffffffffff, &(0x7f0000012400)={0x2020}, 0x2020)
ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e21, @rand_addr=0x64010100}}, 0x0, 0x0, 0x4020, 0x0, "bb02a3c344ca41d6357e544508474004000b42a20000000000000010208a0e2f964e0000c534a632cd6193fcf19b2df3eea18afaa4ff1f56c54dc46d8b6d2ccd00a0cf0a007bbe00"}, 0xd8)
socket$kcm(0x23, 0x5, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})

475.615933ms ago: executing program 1 (id=1630):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="149c05000000000000000000000b2a009230e76f"], 0x14}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r7], 0x2c}}, 0x4000000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x4540}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x27b2}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000881}, 0x48004)
r8 = add_key$keyring(&(0x7f0000001580), &(0x7f00000015c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r9 = add_key$user(&(0x7f0000001440), &(0x7f0000001480)={'syz', 0x2}, &(0x7f00000014c0)="d5ed", 0x2, r8)
r10 = add_key$user(&(0x7f00000016c0), &(0x7f0000001700)={'syz', 0x2}, &(0x7f0000001740)="f3d52d44abfdbfb9c6517a0145d5fb67f51900a278e1f061ab826eae4babaa90cace8bd25b82f8b1ca88700deb1217ef817b9b1af860692dccb564ee2a35ead5e295dee56e4542e7392d78435fb5fd1dfcd03081659af395d9234a7991a502395ada22748a5c5e4e9cc70dbd7ebbbc045ca5cd9426f4714e7acb45313546af78fb9b1b45952a51b6482deafc4b120005a69aaa0bfb2cc6c564ef6e99e2bfa6155f92f23fc1750356ca18e02966441ec4c9a1c557b51f44e45425ff2f983e2992510fe6585872fd6fe9925bc7cd392df89a854884303aa54133fb4fb0b73ec258ca0df56006ddd2981908542d45a369f727be27984d8eaf8115fff63efa78498737087b23e0b6e5fe67ca3cb3adf55b4611b08f841640e6797b023c48888f448f2623f72791f04da21d21317bd0789db87a7a3a9460f0612dbf404c6fc056b64d68b04f7455b12c18637dec98f83014958cc5b3d96bfc8114df80cfeeea8c28644e1c6d4b3c19c0917244fb47200f6a8628c8daa44a77ebcff1ef6bc7193d772e9550786689893d90211ff6db3418f5451e65d3de37eefb8b26964ebac508ce6d3dbe972792a52af09a9f99eb40d1247ccff57b7552675907b748a1e60ff2380c2e25fb963ef118181377f9651aba4901fd43071d957059ce252f328fc147bb08e4c514614580241c074096807a55aec9df1582b4dc0eb04e68883bd4c80a94b3b1a2c6102819fa43274845f801cb2c3a20fece0f73e6a3bf7fe3b9293c675fd6b533255c04f3686045e17a32f289a486da6634c8a8c97f8457d5514c22fe5bddc81e773ef0c2fa9d3f3b16f625b01e163b59fb1f746889e85b8f71d4a60b4d086bba0a5ed72bb54866598215c3e5f41d7d4fbee62d2d7a6c14e0f347f2cba03554b39b36264228b55761fd57da302cf8a9316a71c6f3b70a46860d21111eeed7dafc4b42237ad634b89fdaae6fc325cb3e6e3ffdc1853a0313e4182a91430b7f57f26a05d2b1b5f6cec50620a2ccf695b1fcba218ab04092e458a92facca33459c18889c47e727a1fb0f2b7ea1c24d61a28ed10f8e0b45890b76da783f206b0e5bd2554429e0647b6649b1a218e7ce5d5477fa7b306dfe4f692678de362b5d7d4a0657278171558c52daaa87626a60fa5bfeb85596aa349c5c95923171b5e16e93cfc63ba57a62988cac0296ef8bf6829bf0b6c4cda043109d3679106f6f37551eb77ddbd55a66f1b398421ec901525eb9fb3f209fbea4314aa2a10aa407751b4075774fd77bcf988d455cc4bf90831bb08f48fc27886fe7f6a4d1bdad917d95a9f8a6c023f20b1a87331e065126b47b9d8ed6b73ea58fb5b5888dc43b982774e7abb97b168217ad480e2c383afbc933483296b47cbd80a6e63a8d1f5d19fa8ce52a6243abc74162b2db34de48a10f51aa70f7c08b42724d374ac9f18670308a1f3ab563b4b8fbdf28a5611a49649d3a03d647a7ab83e71cc30830c09451f3fc83500d396d488611c7628c92987f2d5ac05223ed97da3f7bbc846a6ccf1d7244bf7060fdd5bbc63cddf3150d87207ec1831684a34955c8cb20c880cba0843ea8256201dedec8e36b59e32e7bdc9ba95854edc6f1c2791ae6d46dc27f8629d80892de574414081fea12c5d59493488e4f81753d1f1956ff276ddf917ec31b6d4c3927ce38be2126af230c9af76ecba7b9efa4181b28addb67aaf808c5129e2e1f35a8ecade2f3edf50e379e51aa2fb5a4c4a592e7a991ee2c8d3c561f04da311ee7e368bcf6a573d708e391674f8912a4be4f9b293762d187e8c0fc45fd3679ea4df6b21a3a61772bec11f939b5ac3b6ef85e3777e8efbc0fc440cff25e54e4f42c6ddc1959617ab6e1c928d38d8be6a5f93d7198e9addb6a6a7192385cccc5ca7348ee6ad5bf7c3b8ae8030b2e1c7f15d29080ef081b44d2b2b76b552df22fd993d85aae83aed02f15d26a99b26ee2932020dd314cdc184d92d1c164a63918f45eac14486218056cc07ff424e9e62434064a34eeee48a47c7fa5f7474975b7221f48b1e29a7bef8cd36f75810aba9d093df0ec9cd80232c3e59c1d0966a621c6716c80ee758f9e8e00ed17d1c764fde71a74c98c6c87243898b04142591f4af61a3cf56a6378297c72ea0116af88f5e1ad2fdf8f45658d6a7bd9a13ef8cd1ebb9d6410bf1c427d59bb06c64d6bb1b1167823adf1bfc9172cb47ad634d1dc21231ab2da4df9009c051ef1790aee27882c27c32158d7d90760f16ee985ed8818cbcf5b811c602a0f8d459e4fdada6c1d703a6a097aad480cb38554da8a7b5ea69e4f88f335a804fa6d7713d2b5b9cb2c32b0db8005316bca94374592ffeaa66b66e32e594b79d2eedfaf1e635ae4d494d9468199ac22a193c2f12aecc3425b2be4a467470aa9b584816f95b27e68c7373a38a3ebfa3863461054533b16064963c36b3ecfca64bc6d8ba61317f9a510fe75b4385e4267907573fbc26c9dfb9f6c90c672b8dd948b7137fd6d44d58be76fcb6c575c0ec1639f975b0468c4311dd42f097b689eb16b15b07616d0100aa0860d60b580386cf7aa2852c3cbd8ec9ad1e7bf65d190e5adbf266452cb80648781e6c8ad9a83dfe82c2a4174107de420456f108f8018fe4bb0104482d5390eff2cd61b6b85b97f32b2f74d41e44d1153566b66ed8543dc2473f9c57f8d8f37b7cd9ffd87ffdc246413bfad470630099dc059a08cf5d966ab22ac5e5f18208ad04b64a455c642f8543c58504257c026a99e072235ec6e6b9edc1eaaf4361adfc271fd7525565025ee873739daebe07097a1ca1392526fa909925be2bfeced85e8dd83e3486f1ba77c09005c6878be33bd045c21c980c05a6dfc36f3efe7568420d373dafa60a7263907f1ddf4b58e4b420a8f13", 0x801, r8)
keyctl$dh_compute(0x17, &(0x7f0000002740)={r9, r10, r9}, 0x0, 0x0, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket(0x10, 0x803, 0x0)
bind$netlink(r12, &(0x7f0000000000)={0x10, 0x0, 0x25dfd3fd, 0x400}, 0xc)
getsockname$packet(r12, &(0x7f0000000600)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
add_key$fscrypt_provisioning(&(0x7f0000000040), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)={0x1, 0x0, @auto=[0x14]}, 0x9, r8)
sendmsg$nl_route(r12, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x40d, 0x70bd2f, 0x1ffffffc, {0x0, 0x0, 0x0, r13, 0x40046, 0x10821}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}, @IFLA_BOND_AD_LACP_RATE={0x5, 0x15, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40040}, 0x8000)
sendmsg$nl_route(r11, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="00000000e300020008000a00", @ANYRES32=r13, @ANYBLOB="14003500766c616e300000000000000000000000a3117c852af575fb0bab94bf59a9617858d634107e11b8167bc863704efe5bb8390c02270d1ba613416eaeaf92936534e873e6de8a4320faa3b0881efdaabafa2f07d473b1154158099d1bbf53325a"], 0x3c}}, 0x20040894)
r14 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r14, &(0x7f0000c00000/0x400000)=nil)
r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r15, 0x4090ae82, &(0x7f0000000100)={[0x8, 0x0, 0x34a30b42, 0x5, 0x1000, 0x8000, 0x1002, 0xfffffffffffffffb, 0x8, 0x6, 0x2, 0x2372, 0x1, 0xfffffffffffffefe, 0x401, 0x20], 0x26000, 0x201c00})

345.228436ms ago: executing program 4 (id=1632):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="34010000", @ANYRES16, @ANYBLOB="0100000000003fc14d"], 0x134}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xffbf}], 0x1)

344.896973ms ago: executing program 2 (id=1633):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000480)={0x3f, 0x2, 0x2, 0x3}, 0x10)
write(r2, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000000000001000000080009001d000000", 0x24)
r3 = socket(0x10, 0x803, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r4, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000})
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@const={0x0, 0x0, 0x0, 0x9}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}}, 0x0, 0x4e}, 0x20)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r6, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r6], 0x5c}}, 0x40)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRESDEC=r5], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

283.415258ms ago: executing program 2 (id=1634):
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSGL2CALL(r0, 0x89e5, &(0x7f0000000000)=@netrom)

230.206818ms ago: executing program 2 (id=1635):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) (async)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d", 0x24}], 0x3}], 0x1, 0x40800) (async)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
r3 = fsmount(r0, 0x0, 0x0)
fchdir(r3)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x100) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a74000000060a010400000000000000000200000048000480440001800a0001006d61746368000000340002800900010074696d65000000001c00030007682c020b7b37f27f5101007f51010049f4e34e86f469eb08000240000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a3dc1f8b2de5814b2deae17a5ef9060c11af13564a9c42c1aa6d9af0c8042"], 0x9c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r5, 0x101, 0x1)

225.936476ms ago: executing program 2 (id=1636):
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='iso9660\x00', 0x204001, 0x0) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$inet(0xa, 0x801, 0x84)
mknod(&(0x7f0000000000)='./file0\x00', 0x6000, 0x77b) (async)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
listen(r2, 0x8) (async)
r3 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={0x0, 0x9, 0x7, 0xfffff001}, 0x10) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
fadvise64(r6, 0x7, 0x9, 0x0)
prctl$PR_MCE_KILL(0x21, 0x0, 0x0) (async)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) (async)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r0)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x1) (async)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r8, 0xae03, 0xc1)
ioctl$TIOCPKT(r7, 0x5420, &(0x7f0000003940)=0x10) (async)
ioctl$TIOCSSOFTCAR(r7, 0x541a, &(0x7f00000000c0)=0x4) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000dc0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000700)={0x66c, r4, 0x2, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_TX_RATES={0x128, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x54, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0xfffd, 0x800, 0x5, 0x7, 0x10, 0xfffb, 0x8000]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xc875, 0x40, 0x9, 0x1, 0x4efd, 0x0, 0x8, 0x9]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x200, 0x7, 0x8001, 0x5, 0x9, 0x5]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7cbb, 0x9, 0x1, 0x2c, 0xdf2a, 0x929, 0x0, 0x9]}}]}, @NL80211_BAND_2GHZ={0xd0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x40, 0x2, [{0x6, 0x7}, {0x4}, {0x1, 0x2}, {0x6, 0x5}, {0x5, 0x7}, {0x1, 0x1}, {0x4, 0x6}, {0x2, 0xa}, {0x1, 0x1}, {0x6, 0xa}, {0x1, 0x4}, {0x4}, {0x0, 0x2}, {0x3, 0x3}, {0x2, 0x8}, {0x1}, {0x1, 0x7}, {0x4, 0x4}, {0x3, 0x9}, {0x4, 0x4}, {0x0, 0x8}, {0x1, 0x6}, {0x2, 0x9}, {0x1, 0x2}, {0x1, 0x2}, {0x3, 0x5}, {0x3, 0x5}, {0x1, 0xa}, {0x3, 0xa}, {0x7, 0x1}, {0x5, 0x9}, {0x3, 0x9}, {0x0, 0x7}, {0x1, 0x9}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x3}, {0x0, 0x6}, {0x6, 0xa}, {0x4, 0x4}, {0x0, 0x4}, {0x4, 0x9}, {0x3, 0x7}, {0x7, 0x4}, {0x7, 0x1}, {0x0, 0x1}, {0x0, 0xa}, {0x3, 0x8}, {0x1, 0x9}, {0x5, 0xa}, {0x2, 0x9}, {0x3, 0x9}, {0x1, 0xa}, {0x2, 0x7}, {0x5, 0xa}, {0x1, 0x2}, {0x3, 0x1}, {0x2, 0x4}, {0x2, 0x1}, {0x5, 0x5}]}, @NL80211_TXRATE_HT={0x12, 0x2, [{0x5, 0x9}, {0x5, 0x2}, {0x1, 0x4}, {0x1, 0xa}, {0x6, 0xa}, {0x0, 0x9}, {0x5, 0x9}, {0x2, 0x7}, {0x0, 0x1}, {0x7, 0x1}, {0x2}, {0x2, 0xa}, {0x5, 0x2}, {0x7}]}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x30, 0x6c, 0x6, 0x6, 0x4, 0x9, 0x0, 0x30, 0x1b, 0x2, 0x1b, 0x9, 0x1, 0x4, 0x1b, 0x24]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x1, 0x8}, {0x6}, {0x6}, {0x7, 0x7}, {0x1, 0x7}, {0x0, 0x8}, {0x2, 0x7}, {0x5, 0x1}, {0x7, 0x2}, {0x3, 0x6}, {0x2, 0x5}, {0x7, 0x8}, {0x3}, {0x2, 0x3}, {0x3, 0xa}, {0x7, 0x5}, {0x0, 0x3}, {0x4, 0x6}, {0x7, 0x6}, {0x1, 0x2}, {0x0, 0x1}, {0x6, 0x8}, {0x5, 0x1}, {0x1, 0x4}, {0x1, 0x9}, {0x4, 0x7}, {0x3, 0x7}, {0x7, 0x1}, {0x2, 0x2}, {0x5, 0x1}, {0x4, 0x2}, {0x7, 0x6}, {0x5, 0x7}, {0x7, 0x1}, {0x7, 0x9}, {0x5, 0x8}, {0x5, 0x1}, {0x5, 0x4}, {0x3, 0x4}, {0x4, 0x3}, {0x0, 0x3}, {0x2, 0x9}, {}, {0x1, 0x8}, {0x1, 0x1}, {0x3, 0x8}, {0x5, 0x9}, {0x2}, {0x1, 0xa}, {0x0, 0x2}, {0x6, 0x8}, {0x4, 0x6}, {0x1, 0x9}, {0x6, 0x8}, {0x5, 0x7}, {0x7, 0x7}, {0x7, 0xa}, {0x3, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x5, 0x9, 0x4, 0xc3f, 0x1, 0xffff, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x4}, @NL80211_ATTR_TX_RATES={0x11c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x3c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x100, 0x6, 0x3, 0x7, 0x6, 0x3, 0x9, 0x20f]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x12, 0x48, 0x48, 0x0, 0x36, 0x11, 0x30, 0xc, 0x30, 0xb, 0x12, 0x6c, 0x1, 0x36, 0x5, 0x3, 0x16, 0x16, 0x60, 0x30, 0x1b, 0x12, 0x64, 0x30]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x4c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x4, 0x6, 0x12, 0x9, 0x5, 0x48, 0x3, 0x3]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffc, 0x0, 0x2, 0x8, 0x4, 0x3b6, 0x4, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0x3, 0xff, 0x9, 0x66f, 0xc30, 0x6]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x6, 0xa}, {0x6, 0x8}, {0x4, 0x6}, {0x0, 0x6}, {0x4, 0x4}, {0x2, 0x8}, {0x2}, {0x3, 0x9}, {0x4, 0x4}, {0x5, 0xa}, {0x6, 0x5}, {0x7, 0x6}, {0x6, 0x1}]}]}, @NL80211_BAND_2GHZ={0x44, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdc, 0x2, 0xc785, 0x908, 0x8, 0x6, 0x5, 0x637]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x4, 0x0, 0x1, 0x4, 0x40, 0x8, 0x2]}}]}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7, 0x1200, 0x2a, 0xfff, 0x9, 0x9, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x1, 0xbae, 0x31, 0x5, 0x9, 0x1ff, 0x9454]}}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0xfff8, 0xbe2, 0xa, 0x200, 0x80, 0x3, 0x1f]}}]}]}, @NL80211_ATTR_TX_RATES={0x1b4, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xc, 0x1, 0x8, 0x39a, 0x7fff, 0x4a, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x6c, 0x4, 0x24, 0x24, 0x16, 0xb, 0x48, 0x4, 0x24, 0x16, 0x60, 0x12, 0x3, 0xc, 0x6c, 0x60, 0x60, 0x16, 0x6, 0x48, 0x6c, 0x6, 0xb]}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x355, 0x8, 0xcf, 0x2, 0xf8ac, 0x1, 0x8, 0x8]}}]}, @NL80211_BAND_60GHZ={0x34, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x24, 0x9, 0x36, 0x6, 0x12, 0x36, 0xb, 0x36, 0x16, 0x2b, 0x60, 0x2, 0x12, 0x16, 0x1, 0x18, 0x18, 0x6, 0x5, 0x0, 0xb, 0xc, 0x6c, 0x1, 0x5, 0x9]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x44, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6262, 0x4, 0xc, 0x6, 0x101, 0x0, 0x2, 0x5821]}}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x48, 0x3, 0xb, 0x1, 0x60, 0x24, 0x4, 0x6c, 0x5, 0x24, 0x0, 0x16, 0x16, 0x4, 0x18, 0xb, 0x6c, 0x3, 0x30, 0x3, 0x18, 0x30, 0xc, 0x6c, 0x50, 0xc, 0x3, 0x5, 0xb, 0x18, 0x2]}]}, @NL80211_BAND_5GHZ={0x7c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x29, 0x2, [{0x0, 0x5}, {0x1, 0x3}, {0x3, 0x6}, {0x5, 0x9}, {0x5, 0x3}, {0x3, 0x7}, {0x1, 0x2}, {0x4, 0x6}, {0x5, 0x3}, {0x4}, {0x5, 0x8}, {0x0, 0x2}, {}, {0x7, 0xa}, {0x4, 0x2}, {0x7, 0xa}, {0x1, 0x4}, {0x6, 0x7}, {0x1, 0x8}, {0x4, 0x5}, {0x7, 0x8}, {0x3, 0x9}, {0x5, 0x8}, {0x2, 0x1}, {0x6, 0x2}, {0x1, 0x2}, {0x1, 0x5}, {0x6, 0xa}, {0x4, 0x2}, {0x3, 0x1}, {0x0, 0x4}, {0x7}, {0x7, 0x2}, {0x3, 0x6}, {0x2, 0x1}, {0x6, 0x2}, {0x5}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xe, 0xffff, 0x0, 0xffff, 0x0, 0xb, 0x7, 0xfffb]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x4565, 0xf000, 0xb6f0, 0x1, 0xfb7, 0x2, 0xfffe]}}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x5, 0x60, 0x24, 0x5, 0xb, 0x1b, 0x9, 0x6c, 0xc, 0x24, 0x1, 0x12, 0x24, 0x0, 0x16, 0x5, 0xc, 0x1b, 0x5, 0x60, 0x9, 0x1b, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, [0x48, 0x6c, 0x12, 0x2, 0x18, 0x1, 0x18, 0x48, 0x36, 0x6c, 0x16, 0x16, 0x6c, 0x5, 0x60, 0xb, 0xf8815416b6e6456d, 0x9, 0x2, 0x6c, 0x48, 0xc, 0x16, 0x6, 0x76, 0x3, 0x48, 0x3, 0xb, 0x2, 0x30]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x0, 0xd, 0xd, 0x1, 0x7, 0x6, 0x7]}}]}]}, @NL80211_ATTR_TX_RATES={0x148, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x3, 0x5, 0x1, 0x1004, 0x18, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x1, 0x8, 0xa28, 0x5, 0x7864, 0xff, 0x100]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x4c, 0x2, [{0x3, 0x4}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x4}, {0x0, 0x2}, {0x3}, {0x4}, {0x2, 0x3}, {0x7}, {0x5, 0x5}, {0x1, 0x2}, {0x4, 0x6}, {0x0, 0x3}, {0x3, 0x3}, {0x6, 0x7}, {0x3, 0x1}, {0x4, 0x1}, {0x7, 0x8}, {0x3, 0x3}, {0x5}, {0x0, 0x5}, {0x7, 0x7}, {0x7, 0x2}, {0x0, 0x3}, {0x0, 0x7}, {0x2, 0x1}, {0x2, 0x3}, {0x2, 0x3}, {0x0, 0x9}, {0x0, 0x6}, {0x1, 0x5}, {0x6, 0xa}, {0x2, 0x7}, {0x0, 0x7}, {0x7, 0x5}, {0x6, 0xa}, {0x2, 0x2}, {0x3, 0x6}, {0x0, 0x5}, {0x2, 0xa}, {0x1, 0x6}, {0x5, 0x2}, {0x1, 0x9}, {0x0, 0x6}, {0x2, 0x3}, {0x5}, {0x3, 0x7}, {0x5, 0x2}, {0x1, 0x2}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x0, 0x2}, {0x1, 0xa}, {0x3, 0x9}, {0x1}, {0x2}, {0x1, 0x7}, {0x3, 0x9}, {0x4, 0x1}, {0x6, 0x3}, {0x6, 0x2}, {0x7, 0x5}, {0x1, 0x9}, {0x0, 0x4}, {0x1, 0x9}, {0x2, 0x9}, {0x6, 0x8}, {0x4, 0x9}, {0x4, 0x2}, {0x6}, {0x7, 0xa}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x48, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x80, 0x3, 0x0, 0x10, 0x6, 0xc, 0x4, 0x5]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x80, 0x5, 0x75c, 0xe5, 0x0, 0x4, 0x1ff, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x6, 0x6fb5, 0x1ff, 0x8, 0x7, 0x1, 0xa58]}}]}]}, @NL80211_ATTR_TX_RATES={0x10c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x98, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2f, 0x2, [{0x4, 0x6}, {0x0, 0xa}, {0x3, 0x6}, {0x1, 0x8}, {0x5}, {0x7, 0x1}, {0x1}, {0x1, 0x4}, {0x4, 0x9}, {0x1, 0x1}, {0x3, 0x3}, {0x4, 0x7}, {0x5}, {0x3, 0xa}, {0x1, 0x7}, {0x0, 0x7}, {0x1, 0x5}, {0x4, 0xa}, {0x5, 0x1}, {0x0, 0x9}, {0x2, 0x8}, {0x0, 0x3}, {0x0, 0x9}, {0x4, 0x3}, {0x1, 0x7}, {0x6, 0x7}, {0x3, 0x8}, {0x2, 0xa}, {0x0, 0x6}, {0x6, 0x9}, {0x0, 0x5}, {0x2, 0x6}, {0x1, 0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x2, 0x2}, {0x0, 0x4}, {0x1, 0x4}, {0x7, 0x9}, {0x2, 0x3}, {0x5, 0x6}, {0x5, 0x8}, {0x3, 0x4}]}, @NL80211_TXRATE_HT={0x3e, 0x2, [{0x1, 0x9}, {0x2}, {0x6, 0x8}, {0x5, 0x7}, {0x1, 0xa}, {0x2, 0x2}, {0x5, 0x4}, {0x5, 0x9}, {0x4, 0x7}, {0x1, 0x4}, {0x3, 0x5}, {0x1, 0x1}, {0x0, 0x2}, {0x4, 0x5}, {0x1, 0x7}, {0x2, 0x5}, {0x5}, {0x1, 0x6}, {0x0, 0x8}, {0x7, 0x7}, {0x1, 0x3}, {0x5, 0x4}, {0x7, 0xa}, {0x3, 0x5}, {0x2, 0x9}, {0x2, 0x4}, {0x0, 0x8}, {0x1, 0x3}, {0x1, 0x9}, {0x0, 0x4}, {0x6, 0x2}, {0x4, 0x6}, {0x7, 0x9}, {0x7, 0x6}, {0x5, 0x3}, {0x2, 0x6}, {0x3, 0xa}, {0x4, 0x3}, {0x7, 0x6}, {0x6, 0x3}, {0x0, 0x9}, {0x4, 0x6}, {0x2, 0x8}, {0x7, 0x1}, {0x3, 0x9}, {0x1, 0x7}, {0x0, 0x9}, {0x1, 0xa}, {0x6, 0x6}, {0x6, 0x2}, {0x2, 0x5}, {0x5, 0x9}, {0x1, 0x5}, {0x0, 0x9}, {0x6, 0x3}, {0x7, 0x8}, {0x6, 0xa}, {0x2, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x9, 0x6, 0xf6de, 0x9, 0x8, 0xffff]}}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x78fc, 0x3, 0x9, 0x4, 0xfff7, 0x99, 0x5, 0x1]}}, @NL80211_TXRATE_HT={0x3b, 0x2, [{0x0, 0x6}, {0x1, 0x2}, {0x3, 0x1}, {0x0, 0x4}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x3}, {0x2, 0x1}, {0x1, 0x2}, {0x2, 0x5}, {0x2, 0x4}, {0x4, 0x4}, {0x0, 0x2}, {0x1, 0x9}, {0x0, 0x1}, {0x2, 0xa}, {0x6, 0x6}, {0x6, 0x4}, {0x5, 0x9}, {0x2, 0x6}, {0x7, 0x6}, {0x5, 0x4}, {0x3, 0x8}, {0x6, 0x6}, {0x5, 0x8}, {0x4, 0x1}, {0x1, 0x9}, {0x6, 0x6}, {0x4, 0x6}, {0x3, 0x4}, {0x0, 0x5}, {0x0, 0x1}, {0x2, 0x4}, {0x1, 0x4}, {0x7, 0x7}, {0x3, 0x4}, {0x0, 0x4}, {0x7, 0x1}, {0x6, 0x6}, {0x2, 0x9}, {0x0, 0x1}, {0x4}, {0x2, 0x2}, {0x5, 0x1}, {0x0, 0x6}, {0x1, 0x5}, {0x4, 0x6}, {0x2, 0x5}, {0x5, 0x6}, {0x1, 0x7}, {0x4, 0x5}, {0x2, 0x3}, {0x0, 0x4}, {0x4, 0x7}, {0x4, 0x8}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0x18, 0xc, 0x18, 0x16, 0x60, 0x6c, 0x16]}]}]}]}, 0x66c}, 0x1, 0x0, 0x0, 0x2002c804}, 0x0)

143.808715ms ago: executing program 1 (id=1637):
r0 = socket(0x15, 0xa, 0x2)
bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) (async)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) (async, rerun: 64)
r2 = socket(0x15, 0x5, 0x0) (rerun: 64)
getsockopt(r2, 0x200000000114, 0x2717, 0x0, &(0x7f0000000040)) (async)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fbdbdf25450000000e0001006e657464657673696d0000000f0002006e97d964657673696d30000008008e0002000000080001007063690011000200303030303a30303a31302e300000000008008e0002000000"], 0x60}, 0x1, 0x0, 0x0, 0x24040000}, 0x20004010) (async, rerun: 32)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r2, @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_debug_messages', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000001700)={0x2020}, 0x2020) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) (async)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r4, 0x7b0, &(0x7f0000000180)={@any, 0x5})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d80)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYRES16=r3], 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r6, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) (async, rerun: 64)
getsockopt(r0, 0x200000000114, 0x8, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) (rerun: 64)

142.991975ms ago: executing program 4 (id=1638):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x4, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp\x00')
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000003c0)="0f326635004000000f300f00d636808a0d0001ba4300b80b00eb66b88c5000000f23d02a3ff866352000000e0f23f80f01c30f789deb32660f3a21cf220f2bb00058660f1bde", 0x46}], 0x1, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
syz_io_uring_setup(0xa9d, &(0x7f00000005c0)={0x0, 0xfd7b, 0x8, 0x1, 0x24f}, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
preadv(r1, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/100, 0x64}], 0x1, 0x2b36, 0x7)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000080)=0x100000c, 0x4)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r8, 0xc0709411, &(0x7f00000002c0)={{0x0, 0x5, 0x6, 0xfffffffffffffff8, 0x7, 0x7ff, 0x7b68, 0x1, 0xfff, 0xf0e, 0x5, 0x100000001, 0x7f0, 0x8000, 0x10000000}, 0x40, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
writev(r8, &(0x7f0000000000)=[{&(0x7f0000000280)="390000001300090468fe0700000000001000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1)
writev(r8, &(0x7f0000000040)=[{&(0x7f0000000380)="39000000130003186809070700fd000f0000ff3f04000000170a001700000000040037000f00030001332564aaee7b1d58b9a64411f6bbf44d", 0x39}], 0x1)

141.840927ms ago: executing program 6 (id=1639):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1d0, r0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x8}, {0x6, 0x16, 0x8}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x81}, {0x6, 0x16, 0x3ff}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xffff}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0x4}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x502}, {0x6, 0x16, 0x8}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x80000001}, {0x6, 0x16, 0x4}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x401}, {0x6, 0x16, 0x94}, {0x5, 0x12, 0x1}}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x8}, 0x4000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xf8, 0x0, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x10000}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_BEARER={0xb4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xa4}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @private2, 0x4}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xaa0}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7d3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xff6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffff47}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}]}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4000040}, 0x40)
r2 = openat$panthor(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000500)={<r3=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r2, 0xc01864c1, &(0x7f0000000540)={r3, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PANTHOR_DEV_QUERY_TIMESTAMP_INFO(r2, 0xc0106440, &(0x7f00000005c0)={0x2, 0x6, &(0x7f0000000580)})
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000600)=""/251)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r2, 0xc01864c1, &(0x7f0000000700)={r3, 0x0, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r2, 0xc01864c2, &(0x7f0000000740)={0x0, 0x0, r5})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000780), r6)
r8 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000007c0), 0x282000, 0x0)
ioctl$SG_GET_TIMEOUT(r8, 0x2202, 0x0)
r9 = socket$qrtr(0x2a, 0x2, 0x0)
getsockopt$IP_SET_OP_GET_BYNAME(r9, 0x1, 0x53, &(0x7f0000000800)={0x6, 0x7, 'syz1\x00'}, &(0x7f0000000840)=0x28)
mkdir(&(0x7f0000000880)='./file0\x00', 0x9)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000940)=[@text16={0x10, &(0x7f00000008c0)="0f01df26660fd8b0700a66b80500000066b9e73c00000f01c10fd59a613ff00159006766c74424009b94eb666766c74424020e0000006766c744240600000000670f011c24f26dbaf80c66b8b6cc0b8166efbafc0cb8a88defea00000e010f01c8", 0x61}], 0x1, 0x40, &(0x7f0000000980)=[@dstype3={0x7, 0x1}, @cr0={0x0, 0xc0000030}], 0x2)
fallocate(r5, 0x1, 0x10, 0xe)
r10 = openat$nmem0(0xffffffffffffff9c, &(0x7f00000009c0), 0x10800, 0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a40), r8)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r10, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14, r11, 0x8, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x51}, 0x4000000)
close(r4)
ioctl$DRM_IOCTL_AGP_ALLOC(r10, 0xc0206434, &(0x7f0000000b40)={0x3, <r12=>0x0, 0x10000})
ioctl$DRM_IOCTL_AGP_UNBIND(r8, 0x40106437, &(0x7f0000000b80)={r12, 0x3})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r10, 0xc00c642e, &(0x7f0000000bc0)={<r13=>0x0, 0x0, r8})
ioctl$DRM_IOCTL_GEM_CLOSE(r10, 0x40086409, &(0x7f0000000c00)={r13})
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x80, r7, 0x200, 0x70bd25, 0x25dfdbff, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x7, 0xa, '+-^'}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x127}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x80}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x108}, @NBD_ATTR_BACKEND_IDENTIFIER={0x4}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r1, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x38, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x83}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xb}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x24008801)

78.006349ms ago: executing program 2 (id=1640):
r0 = socket$inet6(0xa, 0x80803, 0x84)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000180)='asymmetric\x00', &(0x7f00000000c0)=@secondary) (async)
getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f00000003c0)=0x27)

76.603399ms ago: executing program 1 (id=1641):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r2, 0x7, 0x70bd25}, 0x14}, 0x1, 0x0, 0x0, 0x8081}, 0x24000800)
r3 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x4, &(0x7f0000000200)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',dfltuid=', @ANYRESHEX=r4])

2.159511ms ago: executing program 1 (id=1642):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3400000044000701feffffff00000000037c0000040042800c00018006000600800a0000100002800a"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r1 = memfd_create(&(0x7f00000001c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5\"\xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0\xbc]\x12\xc0D\x9f\x80\x8f\xfe\xf2\xc2)\xccm\xacz\xc1\xad\xe4\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x5)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

264.451µs ago: executing program 6 (id=1643):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000100))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
recvmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)=""/181, 0xb5}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
shutdown(r0, 0x0)
socket(0x26, 0x2, 0x5)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = io_uring_setup(0x89a, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000946000/0x4000)=nil, 0x4000, 0x8, 0x40010, r3, 0x8000000)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000188000/0x2000)=nil, &(0x7f0000115000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x100c8a2, 0xc000, 0x2, 0x17})
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x4000, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'pcl816\x00', [0x4f27, 0x0, 0x10000, 0x10100004, 0xb, 0xfffffbf9, 0x7, 0x40080000, 0x800000, 0x100100, 0x5, 0x1, 0x9, 0xfffffffe, 0x403, 0xf, 0xfffffffc, 0x0, 0x3, 0x40000003, 0x89, 0xfffffffd, 0xffffffff, 0x20001e52, 0x400000b, 0xfff, 0x3a, 0x7fffffff, 0x7, 0x8000000, 0xc6b]})
ioctl$COMEDI_SETRSUBD(r4, 0x6410)
socket(0x0, 0x1, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x21cd, 0x0, &(0x7f0000000680)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x76, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000280)}, 0x10)
timerfd_create(0x7, 0x80000)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, 0x0, 0x20000011)
sendmsg$kcm(r5, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0xfffe, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x2, 0x200000000000001, 0x106)

0s ago: executing program 2 (id=1644):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000540)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac14142e08000700e000030a08000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x24040000}, 0x2000800) (async)
r3 = socket(0x10, 0x3, 0x0) (async)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r4, 0x0, 0x3, 0x0, 0x0) (async)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003640)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x7c}, [@nested={0xc, 0x13d, 0x0, 0x1, [@nested={0x5, 0x12c, 0x0, 0x1, [@generic="93"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x80000}, 0x0) (async)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x1, 0x470bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r5, 0x40820, 0x6200}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_LEARNING={0x5, 0x8, 0x1}]}}}]}, 0x44}}, 0x8000)

kernel console output (not intermixed with test programs):

  alloc_pages_mpol+0x1fb/0x540
[  135.909076][ T9079]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  135.909093][ T9079]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  135.909107][ T9079]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  135.909121][ T9079]  alloc_pages_noprof+0x1a/0x160
[  135.909132][ T9079]  get_free_pages_noprof+0x10/0xb0
[  135.909148][ T9079]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  135.909164][ T9079]  mmu_topup_memory_caches+0xbc/0x170
[  135.909180][ T9079]  kvm_mmu_load+0xd6/0x23e0
[  135.909193][ T9079]  ? vmx_flush_tlb_guest+0x113/0x560
[  135.909204][ T9079]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  135.909221][ T9079]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  135.909257][ T9079]  ? __pfx_kvm_mmu_load+0x10/0x10
[  135.909273][ T9079]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  135.909285][ T9079]  ? kvm_check_and_inject_events+0x961/0x10c0
[  135.909300][ T9079]  ? record_steal_time+0x380/0xbc0
[  135.909319][ T9079]  vcpu_run+0x39f4/0x5ca0
[  135.909340][ T9079]  ? __pfx_vcpu_run+0x10/0x10
[  135.909359][ T9079]  ? rcu_is_watching+0x12/0xc0
[  135.909377][ T9079]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  135.909392][ T9079]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  135.909412][ T9079]  kvm_vcpu_ioctl+0x730/0x1720
[  135.909424][ T9079]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  135.909436][ T9079]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  135.909448][ T9079]  ? do_vfs_ioctl+0x226/0x13e0
[  135.909462][ T9079]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  135.909477][ T9079]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  135.909499][ T9079]  ? __fget_files+0x215/0x3d0
[  135.909516][ T9079]  ? hook_file_ioctl_common+0x149/0x410
[  135.909531][ T9079]  ? selinux_file_ioctl+0x13b/0x290
[  135.909547][ T9079]  ? selinux_file_ioctl+0xb6/0x290
[  135.909564][ T9079]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  135.909580][ T9079]  __x64_sys_ioctl+0x18e/0x210
[  135.909596][ T9079]  do_syscall_64+0x10b/0xf80
[  135.909608][ T9079]  ? clear_bhb_loop+0x40/0x90
[  135.909622][ T9079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.909634][ T9079] RIP: 0033:0x7f525c79c819
[  135.909645][ T9079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  135.909656][ T9079] RSP: 002b:00007f525d5e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  135.909668][ T9079] RAX: ffffffffffffffda RBX: 00007f525ca15fa0 RCX: 00007f525c79c819
[  135.909675][ T9079] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  135.909681][ T9079] RBP: 00007f525d5e6090 R08: 0000000000000000 R09: 0000000000000000
[  135.909687][ T9079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.909693][ T9079] R13: 00007f525ca16038 R14: 00007f525ca15fa0 R15: 00007ffc6c3e72e8
[  135.909707][ T9079]  </TASK>
[  136.291033][ T9088] __nla_validate_parse: 12 callbacks suppressed
[  136.291046][ T9088] netlink: 100 bytes leftover after parsing attributes in process `syz.5.873'.
[  136.495681][   T40] kauditd_printk_skb: 67 callbacks suppressed
[  136.495694][   T40] audit: type=1400 audit(1776318854.857:808): avc:  denied  { mount } for  pid=9097 comm="syz.1.877" name="/" dev="autofs" ino=31565 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  136.567358][ T9100] FAULT_INJECTION: forcing a failure.
[  136.567358][ T9100] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.571615][ T9100] CPU: 3 UID: 0 PID: 9100 Comm: syz.5.878 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  136.571633][ T9100] Tainted: [L]=SOFTLOCKUP
[  136.571637][ T9100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  136.571645][ T9100] Call Trace:
[  136.571649][ T9100]  <TASK>
[  136.571654][ T9100]  dump_stack_lvl+0x100/0x190
[  136.571672][ T9100]  should_fail_ex.cold+0x5/0xa
[  136.571686][ T9100]  ? prepare_alloc_pages+0x16d/0x5f0
[  136.571706][ T9100]  should_fail_alloc_page+0xeb/0x140
[  136.571724][ T9100]  prepare_alloc_pages+0x1f0/0x5f0
[  136.571745][ T9100]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  136.571760][ T9100]  ? stack_depot_save_flags+0x27/0x9d0
[  136.571775][ T9100]  ? stack_depot_save_flags+0x27/0x9d0
[  136.571791][ T9100]  ? kasan_save_stack+0x3f/0x50
[  136.571805][ T9100]  ? kasan_save_stack+0x30/0x50
[  136.571818][ T9100]  ? kasan_save_track+0x14/0x30
[  136.571832][ T9100]  ? __kasan_kmalloc+0xaa/0xb0
[  136.571845][ T9100]  ? __kvmalloc_node_noprof+0x360/0xa00
[  136.571859][ T9100]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  136.571872][ T9100]  ? mmu_topup_memory_caches+0xbc/0x170
[  136.571887][ T9100]  ? kvm_mmu_load+0xd6/0x23e0
[  136.571900][ T9100]  ? vcpu_run+0x39f4/0x5ca0
[  136.571915][ T9100]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  136.571930][ T9100]  ? kvm_vcpu_ioctl+0x730/0x1720
[  136.571940][ T9100]  ? __x64_sys_ioctl+0x18e/0x210
[  136.571955][ T9100]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  136.571980][ T9100]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  136.571994][ T9100]  ? policy_nodemask+0xed/0x4f0
[  136.572062][ T9100]  alloc_pages_mpol+0x1fb/0x540
[  136.572080][ T9100]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  136.572097][ T9100]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  136.572111][ T9100]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  136.572126][ T9100]  alloc_pages_noprof+0x1a/0x160
[  136.572137][ T9100]  get_free_pages_noprof+0x10/0xb0
[  136.572154][ T9100]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  136.572170][ T9100]  mmu_topup_memory_caches+0xbc/0x170
[  136.572186][ T9100]  kvm_mmu_load+0xd6/0x23e0
[  136.572200][ T9100]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  136.572219][ T9100]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  136.572239][ T9100]  ? __pfx_kvm_mmu_load+0x10/0x10
[  136.572253][ T9100]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  136.572266][ T9100]  ? kvm_check_and_inject_events+0x961/0x10c0
[  136.572281][ T9100]  ? record_steal_time+0x380/0xbc0
[  136.572302][ T9100]  vcpu_run+0x39f4/0x5ca0
[  136.572323][ T9100]  ? __pfx_vcpu_run+0x10/0x10
[  136.572344][ T9100]  ? rcu_is_watching+0x12/0xc0
[  136.572363][ T9100]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  136.572379][ T9100]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  136.572400][ T9100]  kvm_vcpu_ioctl+0x730/0x1720
[  136.572413][ T9100]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  136.572425][ T9100]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  136.572438][ T9100]  ? do_vfs_ioctl+0x226/0x13e0
[  136.572453][ T9100]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  136.572469][ T9100]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  136.572493][ T9100]  ? __fget_files+0x215/0x3d0
[  136.572511][ T9100]  ? hook_file_ioctl_common+0x149/0x410
[  136.572527][ T9100]  ? selinux_file_ioctl+0x13b/0x290
[  136.572544][ T9100]  ? selinux_file_ioctl+0xb6/0x290
[  136.572562][ T9100]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  136.572574][ T9100]  __x64_sys_ioctl+0x18e/0x210
[  136.572594][ T9100]  do_syscall_64+0x10b/0xf80
[  136.572606][ T9100]  ? clear_bhb_loop+0x40/0x90
[  136.572621][ T9100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.572632][ T9100] RIP: 0033:0x7fbf3f79c819
[  136.572644][ T9100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  136.572656][ T9100] RSP: 002b:00007fbf406fb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  136.572667][ T9100] RAX: ffffffffffffffda RBX: 00007fbf3fa15fa0 RCX: 00007fbf3f79c819
[  136.572675][ T9100] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  136.572681][ T9100] RBP: 00007fbf406fb090 R08: 0000000000000000 R09: 0000000000000000
[  136.572688][ T9100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.572695][ T9100] R13: 00007fbf3fa16038 R14: 00007fbf3fa15fa0 R15: 00007ffe13a19c58
[  136.572709][ T9100]  </TASK>
[  136.931744][ T9114] netlink: 71 bytes leftover after parsing attributes in process `syz.2.883'.
[  136.976001][   T40] audit: type=1400 audit(1776318855.306:809): avc:  denied  { mount } for  pid=9117 comm="syz.5.884" name="/" dev="9p" ino=81264695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  136.984593][   T40] audit: type=1400 audit(1776318855.316:810): avc:  denied  { write } for  pid=9117 comm="syz.5.884" name="file0" dev="9p" ino=81264775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  136.992076][   T40] audit: type=1400 audit(1776318855.316:811): avc:  denied  { open } for  pid=9117 comm="syz.5.884" path="/52/file0/file0" dev="9p" ino=81264775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  136.999927][   T40] audit: type=1400 audit(1776318855.316:812): avc:  denied  { read } for  pid=9117 comm="syz.5.884" name="file0" dev="9p" ino=81264775 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  137.007695][   T40] audit: type=1400 audit(1776318855.325:813): avc:  denied  { bind } for  pid=9121 comm="syz.2.885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  137.008893][ T9122] tmpfs: Bad value for 'mpol'
[  137.017593][   T40] audit: type=1400 audit(1776318855.334:814): avc:  denied  { map } for  pid=9121 comm="syz.2.885" path="socket:[31592]" dev="sockfs" ino=31592 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  137.037124][   T40] audit: type=1400 audit(1776318855.362:815): avc:  denied  { ioctl } for  pid=9117 comm="syz.5.884" path="/52/file0/file0" dev="9p" ino=81264775 ioctlcmd=0x64c6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  137.199172][   T40] audit: type=1400 audit(1776318855.512:816): avc:  denied  { unmount } for  pid=8211 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  137.259029][   T40] audit: type=1400 audit(1776318855.578:817): avc:  denied  { read } for  pid=9134 comm="syz.2.890" name="vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  137.266748][ T9138] netlink: 'syz.2.890': attribute type 4 has an invalid length.
[  137.322601][ T9141] netlink: 12 bytes leftover after parsing attributes in process `syz.2.891'.
[  137.340287][ T9133] FAULT_INJECTION: forcing a failure.
[  137.340287][ T9133] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  137.345879][ T9133] CPU: 2 UID: 0 PID: 9133 Comm: syz.4.889 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  137.345899][ T9133] Tainted: [L]=SOFTLOCKUP
[  137.345903][ T9133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  137.345911][ T9133] Call Trace:
[  137.345917][ T9133]  <TASK>
[  137.345922][ T9133]  dump_stack_lvl+0x100/0x190
[  137.345942][ T9133]  should_fail_ex.cold+0x5/0xa
[  137.345957][ T9133]  ? prepare_alloc_pages+0x16d/0x5f0
[  137.345978][ T9133]  should_fail_alloc_page+0xeb/0x140
[  137.345997][ T9133]  prepare_alloc_pages+0x1f0/0x5f0
[  137.346018][ T9133]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  137.346034][ T9133]  ? stack_depot_save_flags+0x27/0x9d0
[  137.346050][ T9133]  ? stack_depot_save_flags+0x27/0x9d0
[  137.346066][ T9133]  ? kasan_save_stack+0x3f/0x50
[  137.346080][ T9133]  ? kasan_save_stack+0x30/0x50
[  137.346094][ T9133]  ? kasan_save_track+0x14/0x30
[  137.346108][ T9133]  ? __kasan_kmalloc+0xaa/0xb0
[  137.346122][ T9133]  ? __kvmalloc_node_noprof+0x360/0xa00
[  137.346136][ T9133]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  137.346149][ T9133]  ? mmu_topup_memory_caches+0xbc/0x170
[  137.346164][ T9133]  ? kvm_mmu_load+0xd6/0x23e0
[  137.346177][ T9133]  ? vcpu_run+0x39f4/0x5ca0
[  137.346192][ T9133]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  137.346209][ T9133]  ? kvm_vcpu_ioctl+0x730/0x1720
[  137.346219][ T9133]  ? __x64_sys_ioctl+0x18e/0x210
[  137.346235][ T9133]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  137.346262][ T9133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  137.346277][ T9133]  ? policy_nodemask+0xed/0x4f0
[  137.346295][ T9133]  alloc_pages_mpol+0x1fb/0x540
[  137.346314][ T9133]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  137.346333][ T9133]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  137.346348][ T9133]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  137.346363][ T9133]  alloc_pages_noprof+0x1a/0x160
[  137.346375][ T9133]  get_free_pages_noprof+0x10/0xb0
[  137.346393][ T9133]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  137.346411][ T9133]  mmu_topup_memory_caches+0xbc/0x170
[  137.346429][ T9133]  kvm_mmu_load+0xd6/0x23e0
[  137.346444][ T9133]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  137.346463][ T9133]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  137.346485][ T9133]  ? __pfx_kvm_mmu_load+0x10/0x10
[  137.346499][ T9133]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  137.346513][ T9133]  ? kvm_check_and_inject_events+0x961/0x10c0
[  137.346529][ T9133]  ? record_steal_time+0x380/0xbc0
[  137.346555][ T9133]  vcpu_run+0x39f4/0x5ca0
[  137.346578][ T9133]  ? __pfx_vcpu_run+0x10/0x10
[  137.346599][ T9133]  ? rcu_is_watching+0x12/0xc0
[  137.346618][ T9133]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  137.346635][ T9133]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  137.346656][ T9133]  kvm_vcpu_ioctl+0x730/0x1720
[  137.346670][ T9133]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  137.346683][ T9133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  137.346696][ T9133]  ? do_vfs_ioctl+0x226/0x13e0
[  137.346712][ T9133]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  137.346728][ T9133]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  137.346752][ T9133]  ? __fget_files+0x215/0x3d0
[  137.346770][ T9133]  ? hook_file_ioctl_common+0x149/0x410
[  137.346787][ T9133]  ? selinux_file_ioctl+0x13b/0x290
[  137.346804][ T9133]  ? selinux_file_ioctl+0xb6/0x290
[  137.346823][ T9133]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  137.346835][ T9133]  __x64_sys_ioctl+0x18e/0x210
[  137.346853][ T9133]  do_syscall_64+0x10b/0xf80
[  137.346866][ T9133]  ? clear_bhb_loop+0x40/0x90
[  137.346881][ T9133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.346893][ T9133] RIP: 0033:0x7f46a7f9c819
[  137.346905][ T9133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  137.346917][ T9133] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.346929][ T9133] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  137.346936][ T9133] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  137.346943][ T9133] RBP: 00007f46a8dd9090 R08: 0000000000000000 R09: 0000000000000000
[  137.346950][ T9133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.346956][ T9133] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  137.346972][ T9133]  </TASK>
[  137.377024][ T9147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.893'.
[  137.568389][ T9152] netlink: 'syz.2.894': attribute type 1 has an invalid length.
[  137.571882][ T9152] netlink: 96 bytes leftover after parsing attributes in process `syz.2.894'.
[  137.576169][ T9152] netlink: 658 bytes leftover after parsing attributes in process `syz.2.894'.
[  137.580291][ T9152] netlink: 1 bytes leftover after parsing attributes in process `syz.2.894'.
[  137.586041][ T9150] netlink: 'syz.1.892': attribute type 1 has an invalid length.
[  137.589359][ T9150] netlink: 16 bytes leftover after parsing attributes in process `syz.1.892'.
[  137.675733][ T9156] CUSE: unknown device info ""
[  137.678273][ T9156] CUSE: zero length info key specified
[  138.373642][ T5943] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  138.387350][ T5943] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  138.391474][ T5943] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  138.400137][ T5943] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  138.403869][ T5943] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  138.599076][ T9203] kvm: pic: non byte write
[  138.606983][ T9197] chnl_net:caif_netlink_parms(): no params data found
[  138.741610][ T1145] bridge_slave_1: left allmulticast mode
[  138.745294][ T1145] bridge_slave_1: left promiscuous mode
[  138.750179][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.761332][ T1145] bridge_slave_0: left promiscuous mode
[  138.764039][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.972804][ T9220] FAULT_INJECTION: forcing a failure.
[  138.972804][ T9220] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  138.977322][ T9220] CPU: 0 UID: 0 PID: 9220 Comm: syz.4.904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  138.977341][ T9220] Tainted: [L]=SOFTLOCKUP
[  138.977345][ T9220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  138.977351][ T9220] Call Trace:
[  138.977355][ T9220]  <TASK>
[  138.977360][ T9220]  dump_stack_lvl+0x100/0x190
[  138.977378][ T9220]  should_fail_ex.cold+0x5/0xa
[  138.977392][ T9220]  ? prepare_alloc_pages+0x16d/0x5f0
[  138.977411][ T9220]  should_fail_alloc_page+0xeb/0x140
[  138.977429][ T9220]  prepare_alloc_pages+0x1f0/0x5f0
[  138.977449][ T9220]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  138.977464][ T9220]  ? stack_depot_save_flags+0x27/0x9d0
[  138.977478][ T9220]  ? stack_depot_save_flags+0x27/0x9d0
[  138.977493][ T9220]  ? kasan_save_stack+0x3f/0x50
[  138.977507][ T9220]  ? kasan_save_stack+0x30/0x50
[  138.977520][ T9220]  ? kasan_save_track+0x14/0x30
[  138.977533][ T9220]  ? __kasan_kmalloc+0xaa/0xb0
[  138.977546][ T9220]  ? __kvmalloc_node_noprof+0x360/0xa00
[  138.977560][ T9220]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  138.977577][ T9220]  ? mmu_topup_memory_caches+0xbc/0x170
[  138.977591][ T9220]  ? kvm_mmu_load+0xd6/0x23e0
[  138.977604][ T9220]  ? vcpu_run+0x39f4/0x5ca0
[  138.977618][ T9220]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  138.977633][ T9220]  ? kvm_vcpu_ioctl+0x730/0x1720
[  138.977643][ T9220]  ? __x64_sys_ioctl+0x18e/0x210
[  138.977658][ T9220]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  138.977682][ T9220]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  138.977696][ T9220]  ? policy_nodemask+0xed/0x4f0
[  138.977713][ T9220]  alloc_pages_mpol+0x1fb/0x540
[  138.977730][ T9220]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  138.977747][ T9220]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  138.977761][ T9220]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  138.977775][ T9220]  alloc_pages_noprof+0x1a/0x160
[  138.977785][ T9220]  get_free_pages_noprof+0x10/0xb0
[  138.977808][ T9220]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  138.977833][ T9220]  mmu_topup_memory_caches+0xbc/0x170
[  138.977858][ T9220]  kvm_mmu_load+0xd6/0x23e0
[  138.977874][ T9220]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  138.977892][ T9220]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  138.977912][ T9220]  ? __pfx_kvm_mmu_load+0x10/0x10
[  138.977925][ T9220]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  138.977938][ T9220]  ? kvm_check_and_inject_events+0x961/0x10c0
[  138.977952][ T9220]  ? record_steal_time+0x380/0xbc0
[  138.977972][ T9220]  vcpu_run+0x39f4/0x5ca0
[  138.977993][ T9220]  ? __pfx_vcpu_run+0x10/0x10
[  138.978013][ T9220]  ? rcu_is_watching+0x12/0xc0
[  138.978031][ T9220]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  138.978046][ T9220]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  138.978066][ T9220]  kvm_vcpu_ioctl+0x730/0x1720
[  138.978078][ T9220]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  138.978090][ T9220]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  138.978102][ T9220]  ? do_vfs_ioctl+0x226/0x13e0
[  138.978117][ T9220]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  138.978131][ T9220]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  138.978154][ T9220]  ? __fget_files+0x215/0x3d0
[  138.978171][ T9220]  ? hook_file_ioctl_common+0x149/0x410
[  138.978186][ T9220]  ? selinux_file_ioctl+0x13b/0x290
[  138.978202][ T9220]  ? selinux_file_ioctl+0xb6/0x290
[  138.978218][ T9220]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  138.978230][ T9220]  __x64_sys_ioctl+0x18e/0x210
[  138.978246][ T9220]  do_syscall_64+0x10b/0xf80
[  138.978258][ T9220]  ? clear_bhb_loop+0x40/0x90
[  138.978272][ T9220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.978284][ T9220] RIP: 0033:0x7f46a7f9c819
[  138.978294][ T9220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  138.978305][ T9220] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  138.978316][ T9220] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  138.978323][ T9220] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  138.978329][ T9220] RBP: 00007f46a8dd9090 R08: 0000000000000000 R09: 0000000000000000
[  138.978335][ T9220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.978341][ T9220] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  138.978355][ T9220]  </TASK>
[  139.213170][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.217765][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  139.222807][ T1145] bond0 (unregistering): Released all slaves
[  139.261075][ T9197] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.263591][ T9197] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.268660][ T9197] bridge_slave_0: entered allmulticast mode
[  139.272895][ T9197] bridge_slave_0: entered promiscuous mode
[  139.276321][ T9197] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.278863][ T9197] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.281725][ T9197] bridge_slave_1: entered allmulticast mode
[  139.284687][ T9197] bridge_slave_1: entered promiscuous mode
[  139.305938][ T9197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  139.310850][ T9197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  139.346609][ T9197] team0: Port device team_slave_0 added
[  139.357469][ T9197] team0: Port device team_slave_1 added
[  139.408298][ T9197] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.411708][ T9197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  139.423703][ T9197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.438067][ T9233] ip6erspan0: entered promiscuous mode
[  139.446552][ T9197] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.451022][ T9236] netlink: 'syz.4.910': attribute type 2 has an invalid length.
[  139.451457][ T9197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  139.459114][ T9236] trusted_key: syz.4.910 sent an empty control message without MSG_MORE.
[  139.466636][ T9197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.555260][ T9197] hsr_slave_0: entered promiscuous mode
[  139.563186][ T9197] hsr_slave_1: entered promiscuous mode
[  139.566949][ T9197] debugfs: 'hsr0' already exists in 'hsr'
[  139.569073][ T9197] Cannot create hsr debugfs directory
[  139.659957][ T9254] netlink: 56 bytes leftover after parsing attributes in process `syz.4.915'.
[  139.745009][ T5639] 8021q: adding VLAN 0 to HW filter on device eth2
[  139.769678][ T1145] hsr_slave_0: left promiscuous mode
[  139.771993][ T1145] hsr_slave_1: left promiscuous mode
[  139.774381][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.778808][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.882530][ T9266] IPVS: set_ctl: invalid protocol: 44 172.20.20.63:20000
[  139.929510][ T1145] team0 (unregistering): Port device team_slave_1 removed
[  139.944973][ T1145] team0 (unregistering): Port device team_slave_0 removed
[  140.037126][ T9272] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  140.123084][ T9197] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  140.141654][ T9197] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  140.145333][ T9197] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  140.152797][ T9197] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  140.156691][ T9197] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  140.180121][ T9197] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  140.183413][ T9197] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  140.201953][ T9197] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  140.218894][ T9282] netlink: 'syz.4.920': attribute type 1 has an invalid length.
[  140.253950][ T9282] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  140.285149][ T5639] 8021q: adding VLAN 0 to HW filter on device eth3
[  140.296361][ T9197] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.342818][ T9197] 8021q: adding VLAN 0 to HW filter on device team0
[  140.348887][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.351251][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.359203][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.361538][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.366812][ T9294] netlink: 80 bytes leftover after parsing attributes in process `syz.4.922'.
[  140.389669][ T9197] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  140.393197][ T9197] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  140.496783][ T9197] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.591670][ T5639] 8021q: adding VLAN 0 to HW filter on device eth4
[  140.643404][ T5943] Bluetooth: hci4: command tx timeout
[  140.746366][ T9197] veth0_vlan: entered promiscuous mode
[  140.759596][ T9197] veth1_vlan: entered promiscuous mode
[  140.782663][ T9197] veth0_macvtap: entered promiscuous mode
[  140.786971][ T9197] veth1_macvtap: entered promiscuous mode
[  140.798122][ T9197] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.805943][ T9197] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.813022][ T1227] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.817122][ T1227] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.821540][ T1227] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.838832][ T1227] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.846724][ T5639] 8021q: adding VLAN 0 to HW filter on device eth5
[  140.957998][   T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.961128][   T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.994592][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.998891][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.126734][ T9357] netlink: 'syz.4.931': attribute type 10 has an invalid length.
[  141.133288][ T9357] team0: Device vxcan1 is of different type
[  141.204947][ T9360] netlink: 'syz.6.932': attribute type 11 has an invalid length.
[  141.207773][ T9361] netlink: 'syz.6.932': attribute type 11 has an invalid length.
[  141.221592][ T9360] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=36880 sclass=netlink_route_socket pid=9360 comm=À°ý£
[  141.221592][ T9360] ú� Ý!Ù
[  141.307218][ T9359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.318314][ T9367] binder: Bad value for 'max'
[  141.409766][ T9373] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9373 comm=syz.4.936
[  141.469548][ T9375] random: crng reseeded on system resumption
[  141.892712][   T40] kauditd_printk_skb: 226 callbacks suppressed
[  141.892726][   T40] audit: type=1400 audit(1776318859.910:1044): avc:  denied  { prog_run } for  pid=9396 comm="syz.4.943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  141.914106][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  141.927901][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  141.929980][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  141.936829][   T40] audit: type=1400 audit(1776318859.957:1045): avc:  denied  { create } for  pid=9399 comm="syz.4.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  141.945892][   T40] audit: type=1400 audit(1776318859.957:1046): avc:  denied  { setopt } for  pid=9399 comm="syz.4.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  142.012101][   T40] audit: type=1400 audit(1776318860.013:1047): avc:  denied  { read write } for  pid=9403 comm="syz.4.945" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  142.026186][   T40] audit: type=1400 audit(1776318860.013:1048): avc:  denied  { open } for  pid=9403 comm="syz.4.945" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  142.039954][   T40] audit: type=1400 audit(1776318860.013:1049): avc:  denied  { ioctl } for  pid=9403 comm="syz.4.945" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  142.051728][   T40] audit: type=1400 audit(1776318860.051:1050): avc:  denied  { create } for  pid=9404 comm="syz.1.946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  142.061372][ T9406] __nla_validate_parse: 5 callbacks suppressed
[  142.061384][ T9406] netlink: 40 bytes leftover after parsing attributes in process `syz.1.946'.
[  142.061774][   T40] audit: type=1400 audit(1776318860.060:1051): avc:  denied  { write } for  pid=9404 comm="syz.1.946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  142.077939][   T40] audit: type=1400 audit(1776318860.060:1052): avc:  denied  { nlmsg_write } for  pid=9404 comm="syz.1.946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  142.214057][   T40] audit: type=1400 audit(1776318860.219:1053): avc:  denied  { create } for  pid=9415 comm="syz.4.949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  142.466642][ T9427] random: crng reseeded on system resumption
[  142.506509][ T9433] loop1: detected capacity change from 0 to 8
[  142.509626][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.513033][ T9433] buffer_io_error: 11 callbacks suppressed
[  142.513044][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.519821][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.524528][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.528330][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.531346][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.535201][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.538328][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.541479][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.545076][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.548133][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.551119][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.553751][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.557089][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.559734][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.562825][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.566120][ T9433] ldm_validate_partition_table(): Disk read failed.
[  142.569177][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.572221][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.574781][ T9433] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  142.577934][ T9433] Buffer I/O error on dev loop1, logical block 0, async page read
[  142.580550][ T9433] Dev loop1: unable to read RDB block 0
[  142.582542][ T9433]  loop1: unable to read partition table
[  142.584441][ T9433] loop1: partition table beyond EOD, truncated
[  142.586660][ T9433] loop_reread_partitions: partition scan of loop1 (úùƒWå¡™‰ü�¾Ã½¸*‹ºÐ	œëÜ%õ«µ4FLQkÝŠ5) failed (rc=-5)
[  142.703392][ T9447] netlink: 28 bytes leftover after parsing attributes in process `syz.2.958'.
[  142.711131][ T9447] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8221 sclass=netlink_xfrm_socket pid=9447 comm=syz.2.958
[  142.865649][ T5943] Bluetooth: hci4: command tx timeout
[  143.324146][ T9463] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  143.328571][ T9463] overlayfs: failed to set xattr on upper
[  143.332621][ T9463] overlayfs: ...falling back to redirect_dir=nofollow.
[  143.336836][ T9463] overlayfs: ...falling back to index=off.
[  143.339606][ T9463] overlayfs: ...falling back to uuid=null.
[  143.342376][ T9463] overlayfs: maximum fs stacking depth exceeded
[  143.448949][ T9474] bridge_slave_1: left allmulticast mode
[  143.453760][ T9474] bridge_slave_1: left promiscuous mode
[  143.460969][ T9474] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.660317][ T9492] netlink: 24 bytes leftover after parsing attributes in process `syz.6.974'.
[  143.679984][ T9492] netlink: 24 bytes leftover after parsing attributes in process `syz.6.974'.
[  143.724038][ T5943] Bluetooth: hci1: unexpected event for opcode 0x1004
[  143.790435][ T9505] delete_channel: no stack
[  143.860691][ T9519] xt_recent: hitcount (134217728) is larger than allowed maximum (65535)
[  143.867094][ T9518] xt_recent: hitcount (134217728) is larger than allowed maximum (65535)
[  144.083040][ T9534] binder: 9532:9534 ioctl c0306201 200000000080 returned -14
[  144.090992][ T9534] binder: 9532:9534 ioctl c0306201 2000000003c0 returned -14
[  144.092381][ T9535] can0: slcan on ttyS3.
[  144.152704][ T9538] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.991'.
[  144.172143][ T9533] can0 (unregistered): slcan off ttyS3.
[  144.329695][ T9546] netlink: 24 bytes leftover after parsing attributes in process `syz.2.994'.
[  144.333491][ T9546] netlink: 228 bytes leftover after parsing attributes in process `syz.2.994'.
[  144.406219][ T9548] netlink: 4 bytes leftover after parsing attributes in process `syz.4.995'.
[  144.562559][ T9559] netlink: 4 bytes leftover after parsing attributes in process `syz.2.999'.
[  144.602194][ T9563] loop2: detected capacity change from 0 to 7
[  144.623761][ T9563] Dev loop2: unable to read RDB block 7
[  144.628513][ T9563]  loop2: AHDI p1 p3 p4
[  144.630354][ T9563] loop2: partition table partially beyond EOD, truncated
[  144.633712][ T9563] loop2: p1 start 1818582900 is beyond EOD, truncated
[  144.636390][ T9563] loop2: p3 size 4261412863 extends beyond EOD, truncated
[  144.697905][ T9563] overlayfs: failed to resolve './file0/file1': -2
[  144.703936][ T9570] FAULT_INJECTION: forcing a failure.
[  144.703936][ T9570] name failslab, interval 1, probability 0, space 0, times 0
[  144.708595][ T9570] CPU: 2 UID: 0 PID: 9570 Comm: syz.4.1002 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  144.708614][ T9570] Tainted: [L]=SOFTLOCKUP
[  144.708619][ T9570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  144.708626][ T9570] Call Trace:
[  144.708630][ T9570]  <TASK>
[  144.708636][ T9570]  dump_stack_lvl+0x100/0x190
[  144.708654][ T9570]  should_fail_ex.cold+0x5/0xa
[  144.708671][ T9570]  ? tomoyo_realpath_from_path+0xb6/0x690
[  144.708690][ T9570]  should_failslab+0xc2/0x120
[  144.708708][ T9570]  __kmalloc_noprof+0xe0/0x850
[  144.708722][ T9570]  ? kfree+0x1dd/0x6c0
[  144.708736][ T9570]  tomoyo_realpath_from_path+0xb6/0x690
[  144.708758][ T9570]  tomoyo_path_number_perm+0x23c/0x580
[  144.708774][ T9570]  ? tomoyo_path_number_perm+0x22e/0x580
[  144.708790][ T9570]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  144.708820][ T9570]  ? find_held_lock+0x2b/0x80
[  144.708837][ T9570]  ? __fget_files+0x215/0x3d0
[  144.708860][ T9570]  ? hook_file_ioctl_common+0x149/0x410
[  144.708871][ T9570]  ? __fget_files+0x215/0x3d0
[  144.708892][ T9570]  ? __fget_files+0x21f/0x3d0
[  144.708912][ T9570]  security_file_ioctl+0xd3/0x230
[  144.709000][ T9570]  __x64_sys_ioctl+0xb7/0x210
[  144.709017][ T9570]  do_syscall_64+0x10b/0xf80
[  144.709030][ T9570]  ? clear_bhb_loop+0x40/0x90
[  144.709045][ T9570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.709057][ T9570] RIP: 0033:0x7f46a7f9c819
[  144.709068][ T9570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  144.709079][ T9570] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  144.709091][ T9570] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  144.709098][ T9570] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  144.709105][ T9570] RBP: 00007f46a8dd9090 R08: 0000000000000000 R09: 0000000000000000
[  144.709111][ T9570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.709118][ T9570] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  144.709133][ T9570]  </TASK>
[  144.709138][ T9570] ERROR: Out of memory at tomoyo_realpath_from_path.
[  144.741462][ T9562] block device autoloading is deprecated and will be removed.
[  144.993936][ T9577] netlink: 'syz.4.1005': attribute type 1 has an invalid length.
[  145.018473][ T9577] 8021q: adding VLAN 0 to HW filter on device bond3
[  145.036731][ T9577] bond3: (slave geneve3): making interface the new active one
[  145.038035][ T9577] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  145.067470][ T9581] netlink: 'syz.2.1004': attribute type 4 has an invalid length.
[  145.099024][ T5943] Bluetooth: hci4: command tx timeout
[  145.595749][ T9601] FAULT_INJECTION: forcing a failure.
[  145.595749][ T9601] name failslab, interval 1, probability 0, space 0, times 0
[  145.602294][ T9601] CPU: 3 UID: 0 PID: 9601 Comm: syz.4.1012 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  145.602395][ T9601] Tainted: [L]=SOFTLOCKUP
[  145.602400][ T9601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  145.602410][ T9601] Call Trace:
[  145.602494][ T9601]  <TASK>
[  145.602500][ T9601]  dump_stack_lvl+0x100/0x190
[  145.602633][ T9601]  should_fail_ex.cold+0x5/0xa
[  145.602655][ T9601]  ? tomoyo_encode2+0xfb/0x3c0
[  145.602741][ T9601]  should_failslab+0xc2/0x120
[  145.602762][ T9601]  __kmalloc_noprof+0xe0/0x850
[  145.602785][ T9601]  tomoyo_encode2+0xfb/0x3c0
[  145.602809][ T9601]  tomoyo_encode+0x29/0x50
[  145.602829][ T9601]  tomoyo_realpath_from_path+0x18c/0x690
[  145.602862][ T9601]  tomoyo_path_number_perm+0x23c/0x580
[  145.602880][ T9601]  ? tomoyo_path_number_perm+0x22e/0x580
[  145.602900][ T9601]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  145.602942][ T9601]  ? find_held_lock+0x2b/0x80
[  145.602963][ T9601]  ? __fget_files+0x215/0x3d0
[  145.602984][ T9601]  ? hook_file_ioctl_common+0x149/0x410
[  145.602999][ T9601]  ? __fget_files+0x215/0x3d0
[  145.603024][ T9601]  ? __fget_files+0x21f/0x3d0
[  145.603049][ T9601]  security_file_ioctl+0xd3/0x230
[  145.603132][ T9601]  __x64_sys_ioctl+0xb7/0x210
[  145.603151][ T9601]  do_syscall_64+0x10b/0xf80
[  145.603174][ T9601]  ? clear_bhb_loop+0x40/0x90
[  145.603192][ T9601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.603205][ T9601] RIP: 0033:0x7f46a7f9c819
[  145.603219][ T9601] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  145.603233][ T9601] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  145.603298][ T9601] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  145.603307][ T9601] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  145.603315][ T9601] RBP: 00007f46a8dd9090 R08: 0000000000000000 R09: 0000000000000000
[  145.603323][ T9601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.603331][ T9601] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  145.603350][ T9601]  </TASK>
[  145.603367][ T9601] ERROR: Out of memory at tomoyo_realpath_from_path.
[  145.718500][ T9605] SELinux:  policydb magic number 0x80 does not match expected magic number 0xf97cff8c
[  145.739953][ T9605] SELinux: failed to load policy
[  145.958693][ T9608] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  145.961985][ T9608] SELinux: failed to load policy
[  147.083953][ T9634] FAULT_INJECTION: forcing a failure.
[  147.083953][ T9634] name failslab, interval 1, probability 0, space 0, times 0
[  147.088863][ T9634] CPU: 0 UID: 0 PID: 9634 Comm: syz.1.1023 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.088882][ T9634] Tainted: [L]=SOFTLOCKUP
[  147.088886][ T9634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.088893][ T9634] Call Trace:
[  147.088898][ T9634]  <TASK>
[  147.088902][ T9634]  dump_stack_lvl+0x100/0x190
[  147.088920][ T9634]  should_fail_ex.cold+0x5/0xa
[  147.088937][ T9634]  should_failslab+0xc2/0x120
[  147.088953][ T9634]  __kmalloc_cache_noprof+0x7a/0x6f0
[  147.088965][ T9634]  ? vhost_task_create+0xee/0x370
[  147.088980][ T9634]  ? trace_contention_end+0x122/0x170
[  147.088994][ T9634]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  147.089014][ T9634]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  147.089027][ T9634]  vhost_task_create+0xee/0x370
[  147.089041][ T9634]  ? __pfx_vhost_task_create+0x10/0x10
[  147.089055][ T9634]  ? register_lock_class+0x40/0x560
[  147.089072][ T9634]  ? __pfx_vhost_task_fn+0x10/0x10
[  147.089088][ T9634]  ? __pfx___mutex_lock+0x10/0x10
[  147.089101][ T9634]  ? kasan_quarantine_put+0x104/0x240
[  147.089118][ T9634]  kvm_mmu_post_init_vm+0x1b3/0x370
[  147.089135][ T9634]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  147.089151][ T9634]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  147.089165][ T9634]  kvm_vcpu_ioctl+0x730/0x1720
[  147.089178][ T9634]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.089213][ T9634]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  147.089232][ T9634]  ? do_vfs_ioctl+0x226/0x13e0
[  147.089248][ T9634]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  147.089263][ T9634]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  147.089286][ T9634]  ? __fget_files+0x215/0x3d0
[  147.089303][ T9634]  ? hook_file_ioctl_common+0x149/0x410
[  147.089318][ T9634]  ? selinux_file_ioctl+0x13b/0x290
[  147.089334][ T9634]  ? selinux_file_ioctl+0xb6/0x290
[  147.089351][ T9634]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.089363][ T9634]  __x64_sys_ioctl+0x18e/0x210
[  147.089379][ T9634]  do_syscall_64+0x10b/0xf80
[  147.089390][ T9634]  ? clear_bhb_loop+0x40/0x90
[  147.089403][ T9634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.089414][ T9634] RIP: 0033:0x7fb6c279c819
[  147.089425][ T9634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.089435][ T9634] RSP: 002b:00007fb6c35ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  147.089446][ T9634] RAX: ffffffffffffffda RBX: 00007fb6c2a15fa0 RCX: 00007fb6c279c819
[  147.089453][ T9634] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  147.089459][ T9634] RBP: 00007fb6c35ae090 R08: 0000000000000000 R09: 0000000000000000
[  147.089465][ T9634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.089471][ T9634] R13: 00007fb6c2a16038 R14: 00007fb6c2a15fa0 R15: 00007ffc6d83c188
[  147.089485][ T9634]  </TASK>
[  147.253672][   T40] kauditd_printk_skb: 270 callbacks suppressed
[  147.253690][   T40] audit: type=1400 audit(1776318864.926:1324): avc:  denied  { allowed } for  pid=9645 comm="syz.4.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  147.267202][   T40] audit: type=1400 audit(1776318864.945:1325): avc:  denied  { create } for  pid=9645 comm="syz.4.1025" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  147.278022][   T40] audit: type=1400 audit(1776318864.954:1326): avc:  denied  { read write } for  pid=9645 comm="syz.4.1025" dev="anon_inodefs" ino=36828 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  147.301890][ T5943] Bluetooth: hci4: command tx timeout
[  147.306569][   T40] audit: type=1400 audit(1776318864.954:1327): avc:  denied  { open } for  pid=9645 comm="syz.4.1025" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=36828 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  147.318415][ T9649] GUP no longer grows the stack in syz.1.1026 (9649): 200000007000-20000000a000 (200000004000)
[  147.323040][ T9649] CPU: 2 UID: 0 PID: 9649 Comm: syz.1.1026 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.323062][ T9649] Tainted: [L]=SOFTLOCKUP
[  147.323066][ T9649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.323074][ T9649] Call Trace:
[  147.323078][ T9649]  <TASK>
[  147.323084][ T9649]  dump_stack_lvl+0x100/0x190
[  147.323103][ T9649]  gup_vma_lookup.cold+0x83/0x96
[  147.323122][ T9649]  __get_user_pages+0x241/0x32a0
[  147.323147][ T9649]  ? xdp_umem_create+0x65e/0x11f0
[  147.323166][ T9649]  ? xsk_setsockopt+0x7d8/0xab0
[  147.323182][ T9649]  ? do_sock_setsockopt+0xf3/0x1d0
[  147.323199][ T9649]  ? __pfx___get_user_pages+0x10/0x10
[  147.323217][ T9649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.323234][ T9649]  __gup_longterm_locked+0x279/0x16f0
[  147.323253][ T9649]  ? __lock_acquire+0x3c0/0x2630
[  147.323270][ T9649]  ? __pfx___gup_longterm_locked+0x10/0x10
[  147.323296][ T9649]  pin_user_pages+0x13c/0x160
[  147.323316][ T9649]  ? __pfx_pin_user_pages+0x10/0x10
[  147.323336][ T9649]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  147.323352][ T9649]  ? security_capable+0x70/0x260
[  147.323368][ T9649]  xdp_umem_create+0x739/0x11f0
[  147.323406][ T9649]  xsk_setsockopt+0x7d8/0xab0
[  147.323427][ T9649]  ? __pfx_xsk_setsockopt+0x10/0x10
[  147.323445][ T9649]  ? find_held_lock+0x2b/0x80
[  147.323462][ T9649]  ? __fget_files+0x215/0x3d0
[  147.323483][ T9649]  ? selinux_socket_setsockopt+0x6a/0x80
[  147.323502][ T9649]  ? __pfx_xsk_setsockopt+0x10/0x10
[  147.323520][ T9649]  do_sock_setsockopt+0xf3/0x1d0
[  147.323539][ T9649]  __sys_setsockopt+0x195/0x220
[  147.323558][ T9649]  __x64_sys_setsockopt+0xbd/0x160
[  147.323572][ T9649]  ? do_syscall_64+0x90/0xf80
[  147.323585][ T9649]  ? lockdep_hardirqs_on+0x78/0x100
[  147.323604][ T9649]  do_syscall_64+0x10b/0xf80
[  147.323616][ T9649]  ? clear_bhb_loop+0x40/0x90
[  147.323631][ T9649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.323644][ T9649] RIP: 0033:0x7fb6c279c819
[  147.323654][ T9649] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.323667][ T9649] RSP: 002b:00007fb6c35ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  147.323680][ T9649] RAX: ffffffffffffffda RBX: 00007fb6c2a15fa0 RCX: 00007fb6c279c819
[  147.323689][ T9649] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000005
[  147.323696][ T9649] RBP: 00007fb6c2832c91 R08: 0000000000000020 R09: 0000000000000000
[  147.323703][ T9649] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000
[  147.323710][ T9649] R13: 00007fb6c2a16038 R14: 00007fb6c2a15fa0 R15: 00007ffc6d83c188
[  147.323724][ T9649]  </TASK>
[  147.334400][   T40] audit: type=1400 audit(1776318864.964:1328): avc:  denied  { write } for  pid=9648 comm="syz.1.1026" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  147.390933][ T9655] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1029'.
[  147.399047][   T40] audit: type=1400 audit(1776318864.973:1329): avc:  denied  { read write } for  pid=9648 comm="syz.1.1026" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  147.467505][   T40] audit: type=1400 audit(1776318864.973:1330): avc:  denied  { open } for  pid=9648 comm="syz.1.1026" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  147.477352][   T40] audit: type=1400 audit(1776318864.973:1331): avc:  denied  { ioctl } for  pid=9648 comm="syz.1.1026" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x5385 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  147.486419][   T40] audit: type=1400 audit(1776318864.992:1332): avc:  denied  { setopt } for  pid=9648 comm="syz.1.1026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  147.493058][   T40] audit: type=1400 audit(1776318865.048:1333): avc:  denied  { read write } for  pid=9653 comm="syz.1.1028" name="video37" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  147.500902][ T9654] IPv6: syztnl0: Disabled Multicast RS
[  147.509034][   T12] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  147.512790][   T12] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  147.516348][   T12] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  147.519121][   T12] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  147.561666][ T9666] macvtap1: entered promiscuous mode
[  147.563672][ T9666] macvtap1: entered allmulticast mode
[  147.565403][ T9666] veth1_vlan: entered allmulticast mode
[  147.812461][ T9678] netlink: 'syz.1.1036': attribute type 3 has an invalid length.
[  147.814186][ T9676] FAULT_INJECTION: forcing a failure.
[  147.814186][ T9676] name failslab, interval 1, probability 0, space 0, times 0
[  147.815811][ T9678] netlink: 'syz.1.1036': attribute type 1 has an invalid length.
[  147.821530][ T9676] CPU: 0 UID: 0 PID: 9676 Comm: syz.2.1035 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.821560][ T9676] Tainted: [L]=SOFTLOCKUP
[  147.821566][ T9676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  147.821576][ T9676] Call Trace:
[  147.821764][ T9676]  <TASK>
[  147.821773][ T9676]  dump_stack_lvl+0x100/0x190
[  147.821899][ T9676]  should_fail_ex.cold+0x5/0xa
[  147.821923][ T9676]  should_failslab+0xc2/0x120
[  147.821948][ T9676]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  147.821971][ T9676]  ? copy_process+0x69a/0x7f50
[  147.821994][ T9676]  ? mark_held_locks+0x40/0x70
[  147.822018][ T9676]  copy_process+0x69a/0x7f50
[  147.822055][ T9676]  ? __pfx_copy_process+0x10/0x10
[  147.822084][ T9676]  ? lockdep_init_map_type+0x5c/0x250
[  147.822105][ T9676]  ? lockdep_init_map_type+0x5c/0x250
[  147.822125][ T9676]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  147.822146][ T9676]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  147.822172][ T9676]  vhost_task_create+0x1db/0x370
[  147.822195][ T9676]  ? __pfx_vhost_task_create+0x10/0x10
[  147.822215][ T9676]  ? register_lock_class+0x40/0x560
[  147.822242][ T9676]  ? __pfx_vhost_task_fn+0x10/0x10
[  147.822266][ T9676]  ? __pfx___mutex_lock+0x10/0x10
[  147.822329][ T9676]  ? kasan_quarantine_put+0x104/0x240
[  147.822356][ T9676]  kvm_mmu_post_init_vm+0x1b3/0x370
[  147.822386][ T9676]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  147.822409][ T9676]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  147.822431][ T9676]  kvm_vcpu_ioctl+0x730/0x1720
[  147.822450][ T9676]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.822468][ T9676]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  147.822488][ T9676]  ? do_vfs_ioctl+0x226/0x13e0
[  147.822510][ T9676]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  147.822532][ T9676]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  147.822650][ T9676]  ? __fget_files+0x215/0x3d0
[  147.822674][ T9676]  ? hook_file_ioctl_common+0x149/0x410
[  147.822701][ T9676]  ? selinux_file_ioctl+0x13b/0x290
[  147.822724][ T9676]  ? selinux_file_ioctl+0xb6/0x290
[  147.822754][ T9676]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  147.822773][ T9676]  __x64_sys_ioctl+0x18e/0x210
[  147.822796][ T9676]  do_syscall_64+0x10b/0xf80
[  147.822814][ T9676]  ? clear_bhb_loop+0x40/0x90
[  147.822835][ T9676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.822852][ T9676] RIP: 0033:0x7f525c79c819
[  147.822868][ T9676] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.822885][ T9676] RSP: 002b:00007f525d5e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  147.822966][ T9676] RAX: ffffffffffffffda RBX: 00007f525ca15fa0 RCX: 00007f525c79c819
[  147.822977][ T9676] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  147.822987][ T9676] RBP: 00007f525d5e6090 R08: 0000000000000000 R09: 0000000000000000
[  147.822997][ T9676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.823006][ T9676] R13: 00007f525ca16038 R14: 00007f525ca15fa0 R15: 00007ffc6c3e72e8
[  147.823030][ T9676]  </TASK>
[  147.864027][ T9683] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  147.865649][ T9678] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1036'.
[  147.865797][ T9678] NCSI netlink: No device for ifindex 0
[  147.941955][ T9679] netlink: 'syz.1.1036': attribute type 3 has an invalid length.
[  147.951815][ T9679] netlink: 'syz.1.1036': attribute type 1 has an invalid length.
[  147.958500][ T9679] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1036'.
[  147.963477][ T9679] NCSI netlink: No device for ifindex 0
[  148.056504][ T9699] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1042'.
[  148.064505][ T9701] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9701 comm=syz.6.1040
[  148.064537][ T9702] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9702 comm=syz.6.1040
[  148.089402][ T5943] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  148.096194][ T5943] Bluetooth: hci1: Injecting HCI hardware error event
[  148.096959][ T9699] 8021q: adding VLAN 0 to HW filter on device bond5
[  148.102293][ T5943] Bluetooth: hci1: hardware error 0x00
[  148.134645][ T9699] ipvlan3: entered allmulticast mode
[  148.136415][ T9699] bond5: entered allmulticast mode
[  148.708552][ T9721] overlayfs: failed to resolve './file0': -2
[  148.767215][ T9729] netlink: 'syz.6.1047': attribute type 10 has an invalid length.
[  148.779905][ T9731] xt_CT: You must specify a L4 protocol and not use inversions on it
[  148.780752][ T9729] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1047'.
[  148.812656][ T9717] program syz.2.1045 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  148.895065][ T9739] 8021q: adding VLAN 0 to HW filter on device bond1
[  149.292523][ T9763] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  149.804501][ T9775] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  149.946609][ T9802] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  150.012389][ T9814] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1061'.
[  150.075272][    T9] IPVS: starting estimator thread 0...
[  150.192767][ T9819] IPVS: using max 45 ests per chain, 108000 per kthread
[  150.211896][ T9805] infiniband sy‡1: set down
[  150.215562][ T9805] infiniband sy‡1: added bond0
[  150.375702][ T9805] RDS/IB: sy‡1: added
[  150.380007][ T9805] smc: adding ib device sy‡1 with port count 1
[  150.383874][ T9805] smc:    ib device sy‡1 port 1 has no pnetid
[  150.474887][ T9838] netlink: 'syz.6.1064': attribute type 11 has an invalid length.
[  150.507043][ T9838] bond2 (unregistering): Released all slaves
[  150.613000][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1065'.
[  150.616967][ T9847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1065'.
[  150.636047][ T5943] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  150.889610][ T9873] xt_hashlimit: size too large, truncated to 1048576
[  151.035091][ T9878] netlink: 'syz.2.1074': attribute type 1 has an invalid length.
[  151.051328][ T9880] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1075'.
[  151.068015][ T9878] bond6: entered promiscuous mode
[  151.070043][ T9878] 8021q: adding VLAN 0 to HW filter on device bond6
[  151.084029][ T9878] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9878 comm=syz.2.1074
[  151.144029][ T9886] binder: 9885:9886 ioctl c0306201 200000000640 returned -14
[  151.255307][ T9890] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  151.354344][ T9898] evm: overlay not supported
[  151.430700][    T9] kernel read not supported for file /swradio3 (pid: 9 comm: kworker/0:0)
[  151.466720][ T9914] overlayfs: overlapping lowerdir path
[  151.880300][ T9936] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1089'.
[  152.063683][ T9950] CIFS mount error: No usable UNC path provided in device string!
[  152.063683][ T9950] 
[  152.067251][ T9950] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  152.176855][ T9962] netlink: 'syz.6.1098': attribute type 23 has an invalid length.
[  152.189581][ T9963] loop6: detected capacity change from 0 to 7
[  152.202573][ T9963] Dev loop6: unable to read RDB block 7
[  152.205090][ T9963]  loop6: AHDI p1 p2 p3
[  152.206837][ T9963] loop6: partition table partially beyond EOD, truncated
[  152.211615][ T9963] loop6: p1 start 1601398130 is beyond EOD, truncated
[  152.214875][ T9963] loop6: p2 start 1702059890 is beyond EOD, truncated
[  152.285443][ T9972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9972 comm=syz.1.1101
[  152.292883][ T5337] Dev loop6: unable to read RDB block 7
[  152.297313][ T5337]  loop6: AHDI p1 p2 p3
[  152.298818][ T5337] loop6: partition table partially beyond EOD, truncated
[  152.305806][ T5337] loop6: p1 start 1601398130 is beyond EOD, truncated
[  152.308420][ T5337] loop6: p2 start 1702059890 is beyond EOD, truncated
[  152.450348][ T9985] sysfs: cannot create duplicate filename '/class/ieee80211/1ùà^!'
[  152.455856][ T9985] CPU: 3 UID: 0 PID: 9985 Comm: syz.2.1107 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  152.455893][ T9985] Tainted: [L]=SOFTLOCKUP
[  152.455901][ T9985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  152.455914][ T9985] Call Trace:
[  152.455981][ T9985]  <TASK>
[  152.455990][ T9985]  dump_stack_lvl+0x100/0x190
[  152.456039][ T9985]  sysfs_warn_dup.cold+0x1c/0x28
[  152.456068][ T9985]  sysfs_do_create_link_sd+0x113/0x140
[  152.456100][ T9985]  sysfs_create_link+0x61/0xc0
[  152.456127][ T9985]  device_add+0x675/0x1920
[  152.456219][ T9985]  ? __pfx_device_add+0x10/0x10
[  152.456241][ T9985]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  152.456261][ T9985]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  152.456303][ T9985]  wiphy_register+0x1edd/0x2d90
[  152.456332][ T9985]  ? __rtnl_unlock+0xb9/0xf0
[  152.456367][ T9985]  ? __pfx_wiphy_register+0x10/0x10
[  152.456398][ T9985]  ? __asan_memset+0x23/0x50
[  152.456419][ T9985]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  152.456449][ T9985]  ieee80211_register_hw+0x3055/0x4570
[  152.456481][ T9985]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  152.456500][ T9985]  ? __pfx___debug_object_init+0x10/0x10
[  152.456636][ T9985]  ? find_held_lock+0x2b/0x80
[  152.456664][ T9985]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  152.456684][ T9985]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  152.456771][ T9985]  ? __hrtimer_setup+0x208/0x330
[  152.456795][ T9985]  mac80211_hwsim_new_radio+0x2a01/0x5ae0
[  152.456845][ T9985]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  152.456928][ T9985]  ? __asan_memcpy+0x3c/0x60
[  152.456952][ T9985]  hwsim_new_radio_nl+0xc5f/0x1370
[  152.456972][ T9985]  ? rcu_is_watching+0x12/0xc0
[  152.456996][ T9985]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  152.457020][ T9985]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0
[  152.457040][ T9985]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[  152.457061][ T9985]  genl_family_rcv_msg_doit+0x214/0x300
[  152.457080][ T9985]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  152.457108][ T9985]  ? bpf_lsm_capable+0x9/0x10
[  152.457133][ T9985]  ? security_capable+0x80/0x260
[  152.457261][ T9985]  ? ns_capable+0xd2/0xf0
[  152.457291][ T9985]  genl_rcv_msg+0x560/0x800
[  152.457311][ T9985]  ? __pfx_genl_rcv_msg+0x10/0x10
[  152.457330][ T9985]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  152.457357][ T9985]  ? __lock_acquire+0x4a5/0x2630
[  152.457381][ T9985]  netlink_rcv_skb+0x159/0x420
[  152.457407][ T9985]  ? __pfx_genl_rcv_msg+0x10/0x10
[  152.457426][ T9985]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  152.457463][ T9985]  ? netlink_deliver_tap+0x1ae/0xcc0
[  152.457490][ T9985]  genl_rcv+0x28/0x40
[  152.457506][ T9985]  netlink_unicast+0x585/0x850
[  152.457536][ T9985]  ? __pfx_netlink_unicast+0x10/0x10
[  152.457570][ T9985]  netlink_sendmsg+0x8b0/0xda0
[  152.457600][ T9985]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.457623][ T9985]  ? __might_fault+0x20/0x140
[  152.457651][ T9985]  ____sys_sendmsg+0x9e1/0xb70
[  152.457676][ T9985]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.457705][ T9985]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.457735][ T9985]  ? __pfx_futex_wake_mark+0x10/0x10
[  152.457768][ T9985]  ___sys_sendmsg+0x190/0x1e0
[  152.457799][ T9985]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.457874][ T9985]  __sys_sendmsg+0x170/0x220
[  152.457902][ T9985]  ? __pfx___sys_sendmsg+0x10/0x10
[  152.457927][ T9985]  ? __x64_sys_futex+0x34f/0x4d0
[  152.457961][ T9985]  ? rcu_is_watching+0x12/0xc0
[  152.457990][ T9985]  do_syscall_64+0x10b/0xf80
[  152.458010][ T9985]  ? clear_bhb_loop+0x40/0x90
[  152.458033][ T9985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.458054][ T9985] RIP: 0033:0x7f525c79c819
[  152.458071][ T9985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  152.458093][ T9985] RSP: 002b:00007f525d5e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.458177][ T9985] RAX: ffffffffffffffda RBX: 00007f525ca15fa0 RCX: 00007f525c79c819
[  152.458201][ T9985] RDX: 0000000004000010 RSI: 0000200000000100 RDI: 0000000000000004
[  152.458214][ T9985] RBP: 00007f525c832c91 R08: 0000000000000000 R09: 0000000000000000
[  152.458227][ T9985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.458240][ T9985] R13: 00007f525ca16038 R14: 00007f525ca15fa0 R15: 00007ffc6c3e72e8
[  152.458271][ T9985]  </TASK>
[  152.460823][ T9993] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1108'.
[  152.465555][ T9994] binder: 9991:9994 ioctl c018620c 200000000240 returned -22
[  152.560281][T10003] fuse: Unknown parameter 'rPotmode'
[  152.568262][ T9993] bond0: entered promiscuous mode
[  152.605762][   T40] kauditd_printk_skb: 323 callbacks suppressed
[  152.605778][   T40] audit: type=1400 audit(1776318869.933:1657): avc:  denied  { ioctl } for  pid=10011 comm="syz.2.1114" path="socket:[42072]" dev="sockfs" ino=42072 ioctlcmd=0x5873 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  152.607054][ T9993] bond_slave_0: entered promiscuous mode
[  152.663277][ T9993] bond_slave_1: entered promiscuous mode
[  152.668255][ T9993] gretap0: entered promiscuous mode
[  152.668508][   T40] audit: type=1400 audit(1776318869.998:1658): avc:  denied  { read write } for  pid=10019 comm="syz.2.1117" name="qrtr-tun" dev="devtmpfs" ino=1340 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  152.672767][ T9993] hsr1: entered promiscuous mode
[  152.679671][   T40] audit: type=1400 audit(1776318869.998:1659): avc:  denied  { open } for  pid=10019 comm="syz.2.1117" path="/dev/qrtr-tun" dev="devtmpfs" ino=1340 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  152.708664][   T12] smc: removing ib device sy‡1
[  152.716216][T10020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.724130][   T40] audit: type=1400 audit(1776318870.045:1660): avc:  denied  { audit_read } for  pid=10018 comm="syz.1.1116" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  152.725197][T10020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.731984][   T40] audit: type=1400 audit(1776318870.045:1661): avc:  denied  { create } for  pid=10024 comm="syz.4.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  152.732013][   T40] audit: type=1400 audit(1776318870.045:1662): avc:  denied  { accept } for  pid=10024 comm="syz.4.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  152.734116][   T40] audit: type=1400 audit(1776318870.064:1663): avc:  denied  { read } for  pid=10024 comm="syz.4.1119" name="usbmon7" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  152.757214][   T40] audit: type=1400 audit(1776318870.064:1664): avc:  denied  { open } for  pid=10024 comm="syz.4.1119" path="/dev/usbmon7" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  152.767468][   T40] audit: type=1400 audit(1776318870.092:1665): avc:  denied  { read write } for  pid=6831 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  152.776484][   T40] audit: type=1400 audit(1776318870.092:1666): avc:  denied  { open } for  pid=6831 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  152.785613][T10020] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  152.793797][T10020] bond0 (unregistering): Released all slaves
[  153.093836][T10058] 9p: Bad value for 'rfdno'
[  153.499231][T10069] syz.6.1127(10069): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  153.545134][T10069] kvm: pic: non byte write
[  153.577014][T10086] (syz.4.1131,10086,1):ocfs2_get_sector:1714 ERROR: status = -5
[  153.579984][T10086] (syz.4.1131,10086,1):ocfs2_sb_probe:753 ERROR: status = -5
[  153.586480][T10086] (syz.4.1131,10086,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  153.590602][T10086] (syz.4.1131,10086,1):ocfs2_fill_super:1177 ERROR: status = -5
[  153.738041][T10092] __nla_validate_parse: 1 callbacks suppressed
[  153.738060][T10092] netlink: 64 bytes leftover after parsing attributes in process `syz.6.1133'.
[  153.895310][T10103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.901584][T10103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.922121][T10105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.936298][T10105] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.049098][T10116] ip6gre1: entered promiscuous mode
[  154.051360][T10116] ip6gre1: entered allmulticast mode
[  154.056539][T10118] loop5: detected capacity change from 0 to 7
[  154.267407][T10118] Dev loop5: unable to read RDB block 7
[  154.269296][T10118]  loop5: unable to read partition table
[  154.271335][T10118] loop5: partition table beyond EOD, truncated
[  154.274372][T10118] loop_reread_partitions: partition scan of loop5 (úùƒWå¡™‰ü�¾Ã½¸*‹ºÐ	œëÜ%õ«µ4FLQkÝŠ5) failed (rc=-5)
[  154.379145][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1143'.
[  154.385953][   T29] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  154.569389][   T29] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  154.575581][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.586723][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.594640][   T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  154.604271][   T29] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  154.607446][   T29] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  154.613284][   T29] usb 6-1: Manufacturer: syz
[  154.631615][   T29] usb 6-1: config 0 descriptor??
[  154.899052][T10159] fuse: Bad value for 'fd'
[  155.003957][T10163] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1155'.
[  155.078433][   T29] appleir 0003:05AC:8243.0002: unknown main item tag 0x0
[  155.116625][T10163] kvm: kvm [10162]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  155.123051][T10163] kvm: kvm [10162]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  155.124410][   T29] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  155.599424][T10168] netlink: 'syz.6.1156': attribute type 1 has an invalid length.
[  156.115113][T10182] f2fs: Unknown parameter 'grpquota¬C‚@‹'
[  156.711810][T10200] binder: 10197:10200 ioctl c0306201 2000000004c0 returned -22
[  156.728589][T10200] binder: 10197:10200 ioctl c08c5332 200000000200 returned -22
[  156.791130][T10207] mkiss: ax0: crc mode is auto.
[  156.835043][T10211] netlink: 'syz.4.1169': attribute type 1 has an invalid length.
[  156.848758][T10211] bond4: entered promiscuous mode
[  156.850722][T10211] 8021q: adding VLAN 0 to HW filter on device bond4
[  156.863385][T10211] 8021q: adding VLAN 0 to HW filter on device bond4
[  156.866793][T10211] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  156.870602][T10211] bond4: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  156.880795][T10211] bond4: (slave vxcan3): making interface the new active one
[  156.883333][T10211] vxcan3: entered promiscuous mode
[  156.891095][T10211] bond4: (slave vxcan3): Enslaving as an active interface with an up link
[  157.099230][T10234] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1173'.
[  157.108597][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1173'.
[  157.113865][T10234] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1173'.
[  157.179231][T10241] netlink: 'syz.6.1175': attribute type 6 has an invalid length.
[  157.274031][T10246] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1177'.
[  157.283714][T10244] geneve2: entered promiscuous mode
[  157.303802][T10246] hsr_slave_1 (unregistering): left promiscuous mode
[  157.317312][   T71] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.321535][   T71] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.333763][   T71] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.338814][   T71] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.357985][T10251] Attempt to restore checkpoint with obsolete wellknown handles
[  157.362301][T10251] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1178'.
[  157.374338][T10251] netlink: 75 bytes leftover after parsing attributes in process `syz.2.1178'.
[  157.486796][T10259] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  157.708331][    T9] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  157.889758][    T9] usb 7-1: Using ep0 maxpacket: 32
[  157.894042][    T9] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  157.901001][    T9] usb 7-1: string descriptor 0 read error: -22
[  157.903250][    T9] usb 7-1: New USB device found, idVendor=086a, idProduct=0002, bcdDevice= 0.40
[  157.906371][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.998516][   T40] kauditd_printk_skb: 390 callbacks suppressed
[  157.998600][   T40] audit: type=1400 audit(1776318874.986:2057): avc:  denied  { mount } for  pid=10274 comm="syz.1.1185" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  158.018233][   T40] audit: type=1400 audit(1776318875.005:2058): avc:  denied  { unmount } for  pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  158.065511][   T40] audit: type=1400 audit(1776318875.042:2059): avc:  denied  { create } for  pid=10280 comm="syz.4.1187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  158.077219][   T40] audit: type=1400 audit(1776318875.042:2060): avc:  denied  { connect } for  pid=10280 comm="syz.4.1187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  158.084035][   T40] audit: type=1400 audit(1776318875.042:2061): avc:  denied  { write } for  pid=10280 comm="syz.4.1187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  158.095027][T10285] program syz.1.1188 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  158.098029][   T40] audit: type=1400 audit(1776318875.042:2062): avc:  denied  { mounton } for  pid=10280 comm="syz.4.1187" path="/273/file0" dev="tmpfs" ino=1457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  158.108382][   T40] audit: type=1400 audit(1776318875.080:2063): avc:  denied  { read } for  pid=10284 comm="syz.1.1188" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  158.119534][   T29] usb 6-1: USB disconnect, device number 10
[  158.119851][T10287] gfs2: error -5 reading superblock
[  158.123106][   T40] audit: type=1400 audit(1776318875.080:2064): avc:  denied  { open } for  pid=10284 comm="syz.1.1188" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  158.138203][   T40] audit: type=1400 audit(1776318875.098:2065): avc:  denied  { create } for  pid=10286 comm="syz.4.1189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  158.148893][   T68] usb 7-1: USB disconnect, device number 10
[  158.155427][   T40] audit: type=1400 audit(1776318875.127:2066): avc:  denied  { read } for  pid=10289 comm="syz.1.1190" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  158.182635][T10288] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.185346][T10288] bridge0: port 1() entered disabled state
[  158.304424][T10288] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.316943][T10288] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.388196][T10298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1192'.
[  158.447587][T10299] netlink: 'syz.1.1192': attribute type 3 has an invalid length.
[  158.464389][   T58] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.471806][   T58] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.477659][   T58] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.481048][   T58] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.484241][   T58] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.486989][   T58] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.490474][   T58] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.493517][   T58] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.577914][T10303] pim6reg9: entered allmulticast mode
[  158.636898][T10307] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  158.663010][T10317] SELinux: failed to load policy
[  159.022690][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  159.310276][T10390] __nla_validate_parse: 2 callbacks suppressed
[  159.310288][T10390] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1208'.
[  159.315808][T10390] openvswitch: netlink: Flow key attr not present in new flow.
[  159.881658][T10409] netlink: 'syz.2.1215': attribute type 3 has an invalid length.
[  159.885070][T10409] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1215'.
[  159.920977][T10415] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1216'.
[  160.086244][T10424] netlink: 'syz.2.1219': attribute type 1 has an invalid length.
[  160.086255][T10425] netlink: 'syz.2.1219': attribute type 1 has an invalid length.
[  160.107998][T10424] 8021q: adding VLAN 0 to HW filter on device bond7
[  160.110806][T10424] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1219'.
[  160.119271][T10425] bond7: (slave batadv1): Opening slave failed
[  160.150683][T10424] bond7: (slave batadv1): Opening slave failed
[  160.190667][T10437] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1220'.
[  160.314432][T10431] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  160.344180][T10445] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1222'.
[  160.408601][T10446] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1222'.
[  160.415661][ T5943] Bluetooth: hci0: unexpected event for opcode 0x0c03
[  160.429582][T10446] netlink: 4456 bytes leftover after parsing attributes in process `syz.6.1222'.
[  160.434022][T10445] netlink: 4456 bytes leftover after parsing attributes in process `syz.6.1222'.
[  160.463358][T10451] kvm: user requested TSC rate below hardware speed
[  160.491465][T10451] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3482940618 (6965881236 ns) > initial count (504378442 ns). Using initial count to start timer.
[  160.820805][T10463] loop6: detected capacity change from 0 to 8
[  160.872783][T10463] loop6: detected capacity change from 8 to 7
[  160.944195][T10472] overlay: Bad value for 'xino'
[  160.966579][    C1] blk_print_req_error: 6 callbacks suppressed
[  160.966743][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  160.972979][    C1] buffer_io_error: 6 callbacks suppressed
[  160.972989][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  160.978690][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  160.979789][T10466] loop6: detected capacity change from 7 to 0
[  160.981973][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  160.984056][T10475] TCP: TCP_TX_DELAY enabled
[  160.987053][T10463] ldm_validate_partition_table(): Disk read failed.
[  161.006777][T10463] Dev loop6: unable to read RDB block 0
[  161.010024][T10463]  loop6: unable to read partition table
[  161.012033][T10463] loop6: partition table beyond EOD, truncated
[  161.014168][T10463] loop_reread_partitions: partition scan of loop6 (ÛuêƒGŸ­Ü±.:ˆÊåë0„Çñ™Àü¿Ð
[  161.014168][T10463] å’�<l·k¨3"	[8­S~) failed (rc=-5)
[  161.288856][T10498] omfs: Invalid superblock (0)
[  161.404833][T10505] ip6gre2: entered promiscuous mode
[  161.406929][T10505] ip6gre2: entered allmulticast mode
[  161.412989][T10505] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  161.554265][T10521] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  162.054359][T10548] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10548 comm=syz.2.1246
[  162.110877][T10541] nbd0: detected capacity change from 0 to 63
[  162.117687][ T5943] block nbd0: Receive control failed (result -32)
[  162.122198][T10113] block nbd0: Send control failed (result -32)
[  162.125046][T10113] block nbd0: Request send failed, requeueing
[  162.143015][ T5335] block nbd0: Dead connection, failed to find a fallback
[  162.147160][ T5335] block nbd0: shutting down sockets
[  162.149838][ T5335] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.154066][ T5335] Buffer I/O error on dev nbd0, logical block 0, async page read
[  162.157538][T10113] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.162117][T10113] Buffer I/O error on dev nbd0, logical block 1, async page read
[  162.167466][T10113] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.171107][T10113] Buffer I/O error on dev nbd0, logical block 2, async page read
[  162.174322][T10113] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.178451][T10113] Buffer I/O error on dev nbd0, logical block 3, async page read
[  162.182304][T10113] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.186241][T10113] Buffer I/O error on dev nbd0, logical block 0, async page read
[  162.189379][T10113] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.192230][T10113] Buffer I/O error on dev nbd0, logical block 1, async page read
[  162.195592][T10113] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.201857][T10113] Buffer I/O error on dev nbd0, logical block 2, async page read
[  162.205376][T10113] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  162.209332][T10113] Buffer I/O error on dev nbd0, logical block 3, async page read
[  162.220240][T10113] ldm_validate_partition_table(): Disk read failed.
[  162.225245][T10113] Dev nbd0: unable to read RDB block 0
[  162.226311][T10550] md: superblock version 12389 not known
[  162.229017][T10113]  nbd0: unable to read partition table
[  162.236770][T10550] md: couldn't set array info. -22
[  162.238283][T10113] ldm_validate_partition_table(): Disk read failed.
[  162.242836][T10113] Dev nbd0: unable to read RDB block 0
[  162.245632][T10113]  nbd0: unable to read partition table
[  162.358720][T10345] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  162.373568][T10345] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  162.374660][T10561] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1252'.
[  162.388743][ T5998] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  162.427142][T10567] IPv6: NLM_F_CREATE should be specified when creating new route
[  162.453506][ T5998] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  162.517025][ T5998] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  162.581910][T10585] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10585 comm=syz.2.1261
[  163.205828][T10633] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  163.209843][T10633] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  163.235009][T10633] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  163.242589][T10633] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  163.246806][T10633] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  163.252327][T10633] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  163.256529][T10633] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  163.260574][T10633] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  163.264617][T10633] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  163.283616][   T29] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  163.292936][T10633] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  163.335008][T10653] ALSA: mixer_oss: invalid OSS volume 'PHlâ6žžq
Ó†ØÈÌONEOUT'
[  163.336245][ T5938] Bluetooth: hci4: unexpected event 0x01 length: 4 > 1
[  163.337596][ T5938] Bluetooth: hci4: ACL packet for unknown connection handle 2851
[  163.337662][T10653] ALSA: mixer_oss: invalid index 1374389
[  163.366830][   T40] kauditd_printk_skb: 356 callbacks suppressed
[  163.366848][   T40] audit: type=1400 audit(1776318881.009:2423): avc:  denied  { setopt } for  pid=10655 comm="syz.4.1283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  163.380568][   T40] audit: type=1400 audit(1776318881.018:2424): avc:  denied  { read write } for  pid=10655 comm="syz.4.1283" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  163.388470][   T40] audit: type=1400 audit(1776318881.018:2425): avc:  denied  { open } for  pid=10655 comm="syz.4.1283" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  163.389718][T10654] fuse: Bad value for 'user_id'
[  163.396405][   T40] audit: type=1400 audit(1776318881.027:2426): avc:  denied  { create } for  pid=10660 comm="syz.1.1284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  163.396436][   T40] audit: type=1400 audit(1776318881.027:2427): avc:  denied  { ioctl } for  pid=10655 comm="syz.4.1283" path="socket:[41946]" dev="sockfs" ino=41946 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  163.399246][   T40] audit: type=1400 audit(1776318881.037:2428): avc:  denied  { setopt } for  pid=10660 comm="syz.1.1284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  163.419175][T10654] fuse: Bad value for 'user_id'
[  163.421341][   T40] audit: type=1400 audit(1776318881.037:2429): avc:  denied  { module_request } for  pid=10655 comm="syz.4.1283" kmod="fs-<NULL>" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  163.536568][   T29] usb 7-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  163.541342][   T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.545582][   T29] usb 7-1: Product: syz
[  163.547417][   T29] usb 7-1: Manufacturer: syz
[  163.549456][   T29] usb 7-1: SerialNumber: syz
[  163.589161][   T40] audit: type=1400 audit(1776318881.215:2430): avc:  denied  { bpf } for  pid=10666 comm="syz.4.1285" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  163.596129][   T40] audit: type=1400 audit(1776318881.215:2431): avc:  denied  { perfmon } for  pid=10666 comm="syz.4.1285" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  163.620180][   T40] audit: type=1400 audit(1776318881.243:2432): avc:  denied  { watch } for  pid=10668 comm="syz.6.1286" path="pipe:[44146]" dev="pipefs" ino=44146 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  163.708847][T10667] program syz.4.1285 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  163.826250][T10632] tun0: tun_chr_ioctl cmd 1074025675
[  163.828224][T10632] tun0: persist enabled
[  163.830027][T10632] tun0: tun_chr_ioctl cmd 1074025675
[  163.832419][T10632] tun0: persist enabled
[  164.083061][   T29] rtl8150 7-1:1.0: couldn't reset the device
[  164.088197][   T29] rtl8150 7-1:1.0: probe with driver rtl8150 failed with error -5
[  164.099868][   T29] usb 7-1: USB disconnect, device number 11
[  164.709937][T10701] Failed to get privilege flags for destination (handle=0x2:0x80)
[  164.834732][T10708] xt_hashlimit: overflow, rate too high: 0
[  164.879257][T10710] kvm: emulating exchange as write
[  164.882036][T10710] __nla_validate_parse: 9 callbacks suppressed
[  164.882046][T10710] netlink: 45 bytes leftover after parsing attributes in process `syz.6.1299'.
[  164.886441][T10713] fuse: Unknown parameter '000000000000000000040x0000000000000004'
[  164.923535][T10713] netlink: 'syz.1.1300': attribute type 64 has an invalid length.
[  164.926939][T10713] netlink: 'syz.1.1300': attribute type 4 has an invalid length.
[  164.930218][T10713] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1300'.
[  164.950010][T10713] fuse: Invalid rootmode
[  164.986389][T10714] ipvlan2: entered allmulticast mode
[  164.990150][T10714] batadv_slave_1: entered allmulticast mode
[  165.423561][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout
[  165.423778][ T5943] Bluetooth: hci2: command 0x0406 tx timeout
[  165.423856][ T5946] Bluetooth: hci3: command 0x0406 tx timeout
[  165.423897][ T5946] Bluetooth: hci0: command 0x080f tx timeout
[  165.737873][T10737] fuse: Unknown parameter 'gro|Ag$u00000000000000000000'
[  165.816701][T10741] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1310'.
[  165.871273][T10746] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1312'.
[  165.896076][ T5943] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  165.910402][T10746] : entered promiscuous mode
[  165.950905][T10751] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1314'.
[  165.960519][T10751] overlayfs: workdir and upperdir must reside under the same mount
[  166.041867][T10759] netlink: zone id is out of range
[  166.125420][T10768] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10768 comm=syz.2.1321
[  166.259485][T10779] tmpfs: Unknown parameter 'nrÝinods2'
[  166.326266][T10783] netlink: 'syz.4.1324': attribute type 1 has an invalid length.
[  166.329794][T10783] netlink: 'syz.4.1324': attribute type 2 has an invalid length.
[  166.334539][T10783] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1324'.
[  166.364397][T10787] netlink: 'syz.6.1326': attribute type 1 has an invalid length.
[  166.373076][T10787] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1326'.
[  166.535396][    C3] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  166.705342][T10811] netlink: 'syz.4.1335': attribute type 10 has an invalid length.
[  166.710387][T10811] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1335'.
[  167.107135][T10828] MPI: mpi too large (16392 bits)
[  167.350455][T10841] IPVS: length: 18 != 8
[  167.510184][T10861] syz.1.1343 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  167.623198][T10869] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  167.626242][T10869] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  167.629766][T10869] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  167.648108][ T5943] Bluetooth: hci2: command 0x0406 tx timeout
[  167.657454][ T5943] Bluetooth: hci3: command 0x0406 tx timeout
[  167.659431][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout
[  167.659507][ T5940] Bluetooth: hci0: command 0x080f tx timeout
[  167.736097][T10877] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1350'.
[  167.741801][T10877] chnl_net:caif_netlink_parms(): no params data found
[  167.768879][T10880] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1349'.
[  167.786994][T10880] vlan1: entered allmulticast mode
[  167.788975][T10880] bridge4: entered allmulticast mode
[  167.866246][T10886] program syz.4.1352 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  168.172444][T10900] hsr_slave_1 (unregistering): left promiscuous mode
[  168.358699][T10903] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  168.474188][T10909] netlink: 'syz.6.1359': attribute type 10 has an invalid length.
[  168.483984][T10909] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.494315][T10909] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  168.621752][T10902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  168.725914][   T40] kauditd_printk_skb: 278 callbacks suppressed
[  168.725932][   T40] audit: type=1400 audit(1776318886.015:2711): avc:  denied  { ioctl } for  pid=10932 comm="syz.6.1366" path="socket:[44680]" dev="sockfs" ino=44680 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  168.739214][   T40] audit: type=1400 audit(1776318886.025:2712): avc:  denied  { mounton } for  pid=10932 comm="syz.6.1366" path="/117/file0" dev="tmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  168.748428][   T40] audit: type=1400 audit(1776318886.043:2713): avc:  denied  { write } for  pid=10926 comm="syz.1.1364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  168.855421][ T5998] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  168.949363][   T40] audit: type=1400 audit(1776318886.230:2714): avc:  denied  { create } for  pid=10941 comm="syz.6.1368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  168.958373][   T40] audit: type=1400 audit(1776318886.240:2715): avc:  denied  { write } for  pid=10941 comm="syz.6.1368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  169.020963][   T40] audit: type=1400 audit(1776318886.296:2716): avc:  denied  { listen } for  pid=10946 comm="syz.1.1370" lport=60294 faddr=::ffff:172.30.0.2 fport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.026466][ T5998] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  169.032383][   T40] audit: type=1400 audit(1776318886.296:2717): avc:  denied  { accept } for  pid=10946 comm="syz.1.1370" lport=60294 faddr=::ffff:172.30.0.2 fport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.044918][   T40] audit: type=1400 audit(1776318886.296:2718): avc:  denied  { setopt } for  pid=10946 comm="syz.1.1370" lport=60294 faddr=::ffff:172.30.0.2 fport=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  169.045478][ T5998] usb 7-1: config 0 has no interface number 0
[  169.055225][   T40] audit: type=1400 audit(1776318886.296:2719): avc:  denied  { execmem } for  pid=10946 comm="syz.1.1370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  169.057411][ T5998] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  169.065446][T10950] netem: incorrect ge model size
[  169.065542][T10950] netem: change failed
[  169.071229][   T40] audit: type=1400 audit(1776318886.296:2720): avc:  denied  { execute } for  pid=10946 comm="syz.1.1370" path="/356/file0" dev="tmpfs" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  169.073310][ T5998] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  169.085863][ T5998] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  169.089308][ T5998] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.098182][ T5998] usb 7-1: config 0 descriptor??
[  169.102533][T10919] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  169.111518][ T5998] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  169.143870][T10957] netlink: 'syz.1.1374': attribute type 12 has an invalid length.
[  169.340870][T10919] overlay: ./file0 is not a directory
[  169.353209][    C2] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[  169.364289][ T5334] usb 7-1: USB disconnect, device number 12
[  169.631039][T11011] syz.4.1390: vmalloc error: size 3509858304, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  169.639027][T11011] CPU: 3 UID: 0 PID: 11011 Comm: syz.4.1390 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  169.639050][T11011] Tainted: [L]=SOFTLOCKUP
[  169.639054][T11011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  169.639063][T11011] Call Trace:
[  169.639137][T11011]  <TASK>
[  169.639143][T11011]  dump_stack_lvl+0x100/0x190
[  169.639180][T11011]  warn_alloc.cold+0x95/0x1c1
[  169.639193][T11011]  ? __pfx_warn_alloc+0x10/0x10
[  169.639207][T11011]  ? mark_held_locks+0x40/0x70
[  169.639221][T11011]  ? lockdep_hardirqs_on+0x78/0x100
[  169.639243][T11011]  ? stack_depot_save_flags+0x479/0x9d0
[  169.639322][T11011]  ? vb2_vmalloc_alloc+0x135/0x410
[  169.639340][T11011]  __vmalloc_node_range_noprof+0x136c/0x1630
[  169.639353][T11011]  ? v4l2_ioctl+0x1bd/0x250
[  169.639366][T11011]  ? __x64_sys_ioctl+0x18e/0x210
[  169.639380][T11011]  ? do_syscall_64+0x10b/0xf80
[  169.639391][T11011]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.639406][T11011]  ? vb2_vmalloc_alloc+0x135/0x410
[  169.639427][T11011]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  169.639446][T11011]  ? vb2_vmalloc_alloc+0x135/0x410
[  169.639461][T11011]  vmalloc_user_noprof+0x9e/0xe0
[  169.639472][T11011]  ? vb2_vmalloc_alloc+0x135/0x410
[  169.639491][T11011]  vb2_vmalloc_alloc+0x135/0x410
[  169.639507][T11011]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  169.639523][T11011]  __vb2_queue_alloc+0x8d5/0x1160
[  169.639545][T11011]  vb2_core_create_bufs+0x5fa/0xa30
[  169.639563][T11011]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  169.639578][T11011]  ? rcu_is_watching+0x12/0xc0
[  169.639596][T11011]  ? __mutex_lock+0x26d/0x1b10
[  169.639610][T11011]  vb2_create_bufs+0x40c/0x830
[  169.639626][T11011]  ? __pfx_vb2_create_bufs+0x10/0x10
[  169.639640][T11011]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  169.639652][T11011]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  169.639665][T11011]  v4l_create_bufs+0x17d/0x270
[  169.639684][T11011]  __video_do_ioctl+0xb2a/0xdf0
[  169.639697][T11011]  ? __might_fault+0xc5/0x140
[  169.639710][T11011]  ? __pfx___video_do_ioctl+0x10/0x10
[  169.639727][T11011]  video_usercopy+0x47d/0x1700
[  169.639746][T11011]  ? __pfx___video_do_ioctl+0x10/0x10
[  169.639758][T11011]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  169.639834][T11011]  ? __pfx_video_usercopy+0x10/0x10
[  169.639857][T11011]  v4l2_ioctl+0x1bd/0x250
[  169.639870][T11011]  ? __pfx_v4l2_ioctl+0x10/0x10
[  169.639885][T11011]  __x64_sys_ioctl+0x18e/0x210
[  169.639901][T11011]  do_syscall_64+0x10b/0xf80
[  169.639914][T11011]  ? clear_bhb_loop+0x40/0x90
[  169.639928][T11011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.639940][T11011] RIP: 0033:0x7f46a7f9c819
[  169.639951][T11011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  169.639962][T11011] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  169.640053][T11011] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  169.640060][T11011] RDX: 0000200000001580 RSI: 00000000c100565c RDI: 0000000000000004
[  169.640067][T11011] RBP: 00007f46a8032c91 R08: 0000000000000000 R09: 0000000000000000
[  169.640073][T11011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.640080][T11011] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  169.640096][T11011]  </TASK>
[  169.640101][T11011] Mem-Info:
[  169.764627][T11013] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  169.767078][T11011] active_anon:7113 inactive_anon:20710 isolated_anon:0
[  169.767078][T11011]  active_file:2738 inactive_file:28278 isolated_file:0
[  169.767078][T11011]  unevictable:1768 dirty:156 writeback:0
[  169.767078][T11011]  slab_reclaimable:9947 slab_unreclaimable:83511
[  169.767078][T11011]  mapped:30595 shmem:18845 pagetables:6283
[  169.767078][T11011]  sec_pagetables:301 bounce:0
[  169.767078][T11011]  kernel_misc_reclaimable:0
[  169.767078][T11011]  free:435038 free_pcp:5336 free_cma:0
[  169.771685][T11013] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  169.772434][T11011] Node 0 active_anon:21560kB inactive_anon:82840kB active_file:9968kB inactive_file:112792kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:89604kB dirty:624kB writeback:0kB shmem:70212kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:17088kB pagetables:15348kB sec_pagetables:1204kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  169.775452][T11011] Node 1 active_anon:6892kB inactive_anon:0kB active_file:984kB inactive_file:320kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:32776kB dirty:0kB writeback:0kB shmem:5168kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:96kB pagetables:9784kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  169.775521][T11011] Node 0 DMA free:13240kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  169.775646][T11011] lowmem_reserve[]: 0 1230 1230 1230 1230
[  169.775691][T11011] Node 0 DMA32 free:195564kB boost:0kB min:27472kB low:34340kB high:41208kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21560kB inactive_anon:82836kB active_file:9968kB inactive_file:112792kB unevictable:3536kB writepending:624kB zspages:0kB present:2080628kB managed:1259596kB mlocked:0kB bounce:0kB free_pcp:12944kB local_pcp:1488kB free_cma:0kB
[  169.775759][T11011] lowmem_reserve[]: 0 0 0 0 0
[  169.775802][T11011] Node 1 Normal free:1531348kB boost:0kB min:39764kB low:49704kB high:59644kB reserved_highatomic:0KB free_highatomic:0KB active_anon:6892kB inactive_anon:0kB active_file:984kB inactive_file:320kB unevictable:3536kB writepending:0kB zspages:3568kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:8384kB local_pcp:144kB free_cma:0kB
[  169.775868][T11011] lowmem_reserve[]: 0 0 0 0 0
[  169.775908][T11011] Node 0 DMA: 10*4kB 
[  169.779748][T11013] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  169.806778][T11011] (U) 
[  169.814538][T11013] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  169.826289][T11011] 8*8kB 
[  169.871407][ T5938] Bluetooth: hci0: command 0x080f tx timeout
[  169.872133][T11011] (U) 
[  169.879560][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout
[  169.880161][T11011] 11*16kB (U) 11*32kB (U) 11*64kB (U) 9*128kB (U) 6*256kB (U) 4*512kB (U) 3*1024kB (U) 2*2048kB (M) 0*4096kB = 13240kB
[  169.889115][T11011] Node 0 DMA32: 2137*4kB (UME) 1721*8kB (UME) 1268*16kB (UME) 210*32kB (UME) 173*64kB (UME) 246*128kB (UME) 159*256kB (UME) 63*512kB (UM) 30*1024kB (UM) 0*2048kB 0*4096kB = 195564kB
[  169.895162][T11011] Node 1 Normal: 291*4kB (UM) 515*8kB (UM) 485*16kB (UME) 467*32kB (UME) 410*64kB (UME) 348*128kB (UME) 296*256kB (UME) 206*512kB (UME) 82*1024kB (UM) 10*2048kB (UME) 280*4096kB (UM) = 1531348kB
[  169.901668][T11011] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  169.904742][T11011] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  169.907638][T11011] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  169.910789][T11011] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  169.914446][T11011] 51319 total pagecache pages
[  169.916085][T11011] 1462 pages in swap cache
[  169.917569][T11011] Free swap  = 113952kB
[  169.918958][T11011] Total swap = 124996kB
[  169.920302][T11011] 1048443 pages RAM
[  169.921554][T11011] 0 pages HighMem/MovableOnly
[  169.923457][T11011] 284233 pages reserved
[  169.925024][T11011] 0 pages cma reserved
[  170.067198][T11022] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  170.197631][T11033] 9pnet_virtio: no channels available for device syz
[  170.612693][T11020] syz.2.1392 (11020): drop_caches: 1
[  170.667193][T11020] syz.2.1392 (11020): drop_caches: 1
[  170.677561][T11041] __nla_validate_parse: 4 callbacks suppressed
[  170.677575][T11041] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1400'.
[  170.848523][T11038] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  170.859868][T11038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.866308][T11038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.093035][T11056] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1405'.
[  171.101473][T11065] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1405'.
[  171.215610][T11070] netlink: 'syz.6.1408': attribute type 1 has an invalid length.
[  171.231653][T11070] 8021q: adding VLAN 0 to HW filter on device bond2
[  171.285238][T11070] 8021q: adding VLAN 0 to HW filter on device bond2
[  171.288224][T11070] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  171.292982][T11070] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  171.351040][T11078] gretap1: entered promiscuous mode
[  171.359995][T11078] bond2: (slave gretap1): making interface the new active one
[  171.364234][T11078] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  171.504492][T11088] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode
[  171.510530][T11088] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode
[  171.743312][T11103] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  171.746870][T11103] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.852180][T11103] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  171.856817][T11103] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.895848][T11120] syzkaller0: entered promiscuous mode
[  171.897975][T11120] syzkaller0: entered allmulticast mode
[  172.775623][ T5938] Bluetooth: hci2: command 0x0406 tx timeout
[  173.831210][T11103] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  173.836301][T11103] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.965163][T11103] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  173.969560][T11103] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.011522][T11150] 9pnet_fd: p9_fd_create_tcp (11150): problem connecting socket to 127.0.0.1
[  174.014409][T11146] gfs2: gfs2 mount does not exist
[  174.073216][T10350] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  174.076596][T10350] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.087435][T10350] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  174.091683][T10350] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.094871][ T5943] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  174.104668][T11159] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1436'.
[  174.112785][T11159] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1436'.
[  174.112914][   T40] kauditd_printk_skb: 221 callbacks suppressed
[  174.112927][   T40] audit: type=1400 audit(1776318891.069:2942): avc:  denied  { create } for  pid=11153 comm="syz.1.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  174.128812][   T40] audit: type=1400 audit(1776318891.078:2943): avc:  denied  { ioctl } for  pid=11153 comm="syz.1.1434" path="socket:[44978]" dev="sockfs" ino=44978 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  174.132615][T10347] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  174.139422][   T40] audit: type=1400 audit(1776318891.087:2944): avc:  denied  { create } for  pid=11163 comm="syz.6.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  174.141649][T10347] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.148109][   T40] audit: type=1400 audit(1776318891.087:2945): avc:  denied  { getopt } for  pid=11163 comm="syz.6.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  174.148138][   T40] audit: type=1400 audit(1776318891.087:2946): avc:  denied  { read } for  pid=11163 comm="syz.6.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  174.155527][T10347] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  174.165934][   T40] audit: type=1400 audit(1776318891.097:2947): avc:  denied  { perfmon } for  pid=11163 comm="syz.6.1437" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  174.175592][T10347] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.179378][T11159] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1436'.
[  174.185989][T11159] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1436'.
[  174.202663][T11167] netlink: 'syz.6.1438': attribute type 28 has an invalid length.
[  174.225350][   T40] audit: type=1400 audit(1776318891.162:2948): avc:  denied  { create } for  pid=11169 comm="syz.2.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  174.234125][   T40] audit: type=1400 audit(1776318891.181:2949): avc:  denied  { setopt } for  pid=11169 comm="syz.2.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  174.248792][   T40] audit: type=1400 audit(1776318891.190:2950): avc:  denied  { getopt } for  pid=11169 comm="syz.2.1439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  174.266572][   T40] audit: type=1400 audit(1776318891.209:2951): avc:  denied  { create } for  pid=11171 comm="syz.4.1440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  174.313271][T11183] ntfs3(loop4): try to read out of volume at offset 0x0
[  174.333523][T11186] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  174.341704][T11186] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1445'.
[  174.344738][T11188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1445'.
[  174.359390][T11189] netlink: 'syz.6.1444': attribute type 10 has an invalid length.
[  174.365722][T11189] team0: Device ipvlan1 failed to register rx_handler
[  174.424419][T11189] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1444'.
[  174.431403][T11189] overlayfs: empty lowerdir
[  174.442231][T11200] kernel profiling enabled (shift: 63)
[  174.449859][T11200] profiling shift: 63 too large
[  174.563199][T11212] ubi: mtd0 is already attached to ubi31
[  174.623185][T11224] veth1_macvtap: entered allmulticast mode
[  174.703887][T11235] 9pnet_virtio: no channels available for device 127.0.0.1
[  174.951910][T11267] netlink: 'syz.1.1467': attribute type 4 has an invalid length.
[  174.959122][T11266] netlink: 'syz.1.1467': attribute type 4 has an invalid length.
[  174.971559][T11273] netlink: 'syz.4.1468': attribute type 4 has an invalid length.
[  175.085480][T11273] kvm: kvm [11272]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  175.094992][T11273] kvm: kvm [11272]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  175.264851][T11291] netlink: 'syz.6.1472': attribute type 1 has an invalid length.
[  175.269919][T11286] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=11286 comm=syz.2.1471
[  175.287663][T11286] binder: 11285:11286 ioctl c0306201 200000000640 returned -22
[  175.331999][T11291] 8021q: adding VLAN 0 to HW filter on device bond4
[  175.437207][    C3] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  175.446300][T11312] macsec1: entered promiscuous mode
[  175.452347][T11312] macsec1: entered allmulticast mode
[  175.533968][T11320] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  175.999496][T11352] netlink: 'syz.2.1490': attribute type 3 has an invalid length.
[  176.145277][T11358] binder: 11357:11358 ioctl c018620c 200000000240 returned -22
[  176.283775][T11373] __nla_validate_parse: 11 callbacks suppressed
[  176.283788][T11373] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1496'.
[  176.302396][T11371] input: syz0 as /devices/virtual/input/input13
[  176.490830][T11384] xt_hashlimit: size too large, truncated to 1048576
[  176.948930][T11423] fuse: Unknown parameter 'fÔ¡DÁd<0x0000000000000003'
[  176.992071][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  176.995228][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  176.998192][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.002555][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.005444][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.008830][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.011693][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.014582][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.017391][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.020815][ T1025] hid-generic 00A0:0006:0003.0003: unknown main item tag 0x0
[  177.037997][ T1025] hid-generic 00A0:0006:0003.0003: hidraw1: <UNKNOWN> HID v0.05 Device [syz0] on syz0
[  177.114027][T11425] fido_id[11425]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  177.381389][   T29] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  177.408886][T11436] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1510'.
[  177.453778][T11441] fuse: Bad value for 'rootmode'
[  177.541705][   T29] usb 9-1: Using ep0 maxpacket: 8
[  177.546938][   T29] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  177.552092][   T29] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  177.556292][   T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  177.563192][   T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  177.567491][   T29] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  177.575540][   T29] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  177.579646][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.810710][   T29] usb 9-1: usb_control_msg returned -32
[  177.813022][   T29] usbtmc 9-1:16.0: can't read capabilities
[  177.850639][T11453] netlink: 'syz.1.1514': attribute type 1 has an invalid length.
[  177.854247][T11453] workqueue: Failed to create a rescuer kthread for wq "bond35": -EINTR
[  177.942475][T11462] random: crng reseeded on system resumption
[  178.108851][T11475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11475 comm=syz.2.1522
[  178.196163][T11482] usbtmc 9-1:16.0: usb_control_msg returned -32
[  178.201360][T11429] netlink: 'syz.4.1508': attribute type 1 has an invalid length.
[  178.213930][   T29] usb 9-1: USB disconnect, device number 7
[  178.215813][ T5943] Bluetooth: hci0: Invalid handle: 0xffff > 0x0eff
[  178.279434][T11487] ipt_REJECT: TCP_RESET invalid for non-tcp
[  178.985250][T11525] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1539'.
[  178.994251][T11526] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1539'.
[  179.120052][T11544] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1535'.
[  179.127753][T11530] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1540'.
[  179.163638][T11548] ipt_ECN: cannot use operation on non-tcp rule
[  179.186330][T11550] netlink: 'syz.2.1544': attribute type 7 has an invalid length.
[  179.194738][T11550] xt_TPROXY: Can be used only with -p tcp or -p udp
[  179.366110][T11570] IPVS: set_ctl: invalid protocol: 59 255.255.255.255:20001
[  179.459707][T11574] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1553'.
[  179.526281][   T40] kauditd_printk_skb: 317 callbacks suppressed
[  179.526298][   T40] audit: type=1400 audit(1776318896.131:3269): avc:  denied  { create } for  pid=11578 comm="syz.4.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  179.539858][   T40] audit: type=1400 audit(1776318896.141:3270): avc:  denied  { read } for  pid=11578 comm="syz.4.1555" name="media3" dev="devtmpfs" ino=964 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  179.549500][   T40] audit: type=1400 audit(1776318896.141:3271): avc:  denied  { open } for  pid=11578 comm="syz.4.1555" path="/dev/media3" dev="devtmpfs" ino=964 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  179.560372][   T40] audit: type=1400 audit(1776318896.141:3272): avc:  denied  { ioctl } for  pid=11578 comm="syz.4.1555" path="/dev/media3" dev="devtmpfs" ino=964 ioctlcmd=0x7c02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  179.571065][   T40] audit: type=1400 audit(1776318896.141:3273): avc:  denied  { setopt } for  pid=11578 comm="syz.4.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  179.580409][   T40] audit: type=1400 audit(1776318896.150:3274): avc:  denied  { write } for  pid=11578 comm="syz.4.1555" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  179.589507][   T40] audit: type=1400 audit(1776318896.150:3275): avc:  denied  { open } for  pid=11578 comm="syz.4.1555" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  179.589719][T11581] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1556'.
[  179.598445][   T40] audit: type=1400 audit(1776318896.150:3276): avc:  denied  { write } for  pid=11578 comm="syz.4.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  179.683302][   T40] audit: type=1400 audit(1776318896.281:3277): avc:  denied  { read } for  pid=11582 comm="syz.4.1557" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  179.696575][   T40] audit: type=1400 audit(1776318896.281:3278): avc:  denied  { open } for  pid=11582 comm="syz.4.1557" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  180.220341][T11607] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1561'.
[  180.389262][T11622] xt_cluster: node mask cannot exceed total number of nodes
[  180.844282][T11633] FAT-fs (loop4): unable to read boot sector
[  180.852141][T11633] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1569'.
[  180.856173][T11633] 9pnet_fd: p9_fd_create_tcp (11633): problem connecting socket to 127.0.0.1
[  181.118601][T11648] fuse: Bad value for 'user_id'
[  181.120171][T11648] fuse: Bad value for 'user_id'
[  181.185361][T11654] gfs2: not a GFS2 filesystem
[  181.219990][T11652] syzkaller0: entered promiscuous mode
[  181.222353][T11652] syzkaller0: entered allmulticast mode
[  181.266881][T11658] omfs: Invalid superblock (0)
[  182.942984][T11667] __nla_validate_parse: 1 callbacks suppressed
[  182.943002][T11667] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1581'.
[  182.954863][T11667] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1581'.
[  182.958473][T11667] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1581'.
[  183.004873][T11685] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1584'.
[  183.007193][T11688] binder: 11686:11688 ioctl c018620c 200000000c40 returned -1
[  183.282270][T11719] fuse: Bad value for 'group_id'
[  183.282293][T11719] fuse: Bad value for 'group_id'
[  183.291663][T11719] efs: device does not support 512 byte blocks
[  183.291692][T11719] device does not support 512 byte blocks
[  183.291692][T11719] 
[  183.343680][T11711] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1590'.
[  183.619115][T11734] ipvlan2: entered allmulticast mode
[  183.622252][T11734] batadv_slave_1: entered allmulticast mode
[  183.629951][T11734] batman_adv: batadv0: Adding interface: ipvlan2
[  183.634890][T11734] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  183.647642][T11734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.652171][T11734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.656202][T11734] batman_adv: batadv0: Interface activated: ipvlan2
[  183.872508][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1603'.
[  183.887404][T11740] lo: Master is either lo or non-ether device
[  184.400494][T11771] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  184.769417][T11801] tipc: Started in network mode
[  184.771155][T11801] tipc: Node identity 080211000001, cluster identity 4711
[  184.773940][T11801] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  184.890118][   T40] kauditd_printk_skb: 194 callbacks suppressed
[  184.904571][   T40] audit: type=1400 audit(1776318901.147:3473): avc:  denied  { setopt } for  pid=11792 comm="syz.6.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  184.932774][   T40] audit: type=1400 audit(1776318901.185:3474): avc:  denied  { create } for  pid=11792 comm="syz.6.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  184.939417][   T40] audit: type=1400 audit(1776318901.185:3475): avc:  denied  { create } for  pid=11792 comm="syz.6.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  184.946433][   T40] audit: type=1400 audit(1776318901.185:3476): avc:  denied  { read } for  pid=11792 comm="syz.6.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  184.976043][   T40] audit: type=1400 audit(1776318901.231:3477): avc:  denied  { unmount } for  pid=5931 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  184.992432][   T40] audit: type=1400 audit(1776318901.250:3478): avc:  denied  { write } for  pid=11792 comm="syz.6.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  185.001577][   T40] audit: type=1400 audit(1776318901.250:3479): avc:  denied  { accept } for  pid=11792 comm="syz.6.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  185.011713][   T40] audit: type=1400 audit(1776318901.259:3480): avc:  denied  { read write } for  pid=11810 comm="syz.1.1627" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  185.022293][   T40] audit: type=1400 audit(1776318901.259:3481): avc:  denied  { open } for  pid=11810 comm="syz.1.1627" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  185.029340][T11811] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1627'.
[  185.031475][   T40] audit: type=1400 audit(1776318901.259:3482): avc:  denied  { shutdown } for  pid=11810 comm="syz.1.1627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  185.218812][T11809] bridge5: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  185.257134][T11825] gretap1: entered promiscuous mode
[  185.260449][T11825] batman_adv: batadv0: Adding interface: gretap1
[  185.263310][T11825] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  185.271023][T11825] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  185.278409][T11825] MPI: mpi too large (16392 bits)
[  185.328040][T11830] tipc: Started in network mode
[  185.329724][T11830] tipc: Node identity 220643fc828e, cluster identity 4711
[  185.341613][T11830] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  185.354090][T11829] tipc: Disabling bearer <eth:syzkaller0>
[  185.538411][T11841] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  185.601741][T11857] 9p: Invalid uid '0x00000000ffffffff'
[  185.657271][T11863] netlink: 'syz.1.1642': attribute type 2 has an invalid length.
[  185.671423][T11864] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1638'.
[  185.676496][T11864] netlink: 5 bytes leftover after parsing attributes in process `syz.4.1638'.
[  185.679025][T11851] ------------[ cut here ]------------
[  185.679746][T11864] 0ªî{X¹¦: renamed from gretap0
[  185.681330][T11851] enable_ept && !allow_smaller_maxphyaddr
[  185.683028][T11851] WARNING: arch/x86/kvm/vmx/vmx.c:5444 at handle_exception_nmi+0xa6e/0x1bb0, CPU#3: syz.4.1638/11851
[  185.691595][T11851] Modules linked in:
[  185.693302][T11851] CPU: 3 UID: 0 PID: 11851 Comm: syz.4.1638 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  185.697344][T11851] Tainted: [L]=SOFTLOCKUP
[  185.698973][T11851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  185.703076][T11851] RIP: 0010:handle_exception_nmi+0xa6e/0x1bb0
[  185.705330][T11851] Code: 08 84 d2 0f 85 fd 10 00 00 44 0f b6 2d 46 72 3b 0f 31 ff 44 89 ee e8 11 5d 69 00 45 84 ed 0f 85 b5 0e 00 00 e8 b3 62 69 00 90 <0f> 0b 90 31 ff 44 89 e6 e8 55 5d 69 00 45 85 e4 0f 85 7f 0b 00 00
[  185.712467][T11851] RSP: 0018:ffffc9000443f9d8 EFLAGS: 00010287
[  185.715031][T11851] RAX: 000000000001061b RBX: ffff88803cdca980 RCX: ffffc90131012000
[  185.718497][T11851] RDX: 0000000000080000 RSI: ffffffff819fc74d RDI: ffff888034c10000
[  185.722079][T11851] RBP: 000000000f6632eb R08: 0000000000000001 R09: 0000000000000000
[  185.725662][T11851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  185.729741][T11851] R13: 0000000000000000 R14: ffff88802f1cf000 R15: ffff88803cdcaa50
[  185.732624][T11851] FS:  00007f46a8dd96c0(0000) GS:ffff8880d6609000(0000) knlGS:0000000000000000
[  185.735593][T11851] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  185.738014][T11851] CR2: 0000000000000000 CR3: 0000000041b9d000 CR4: 0000000000352ef0
[  185.740892][T11851] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000009100
[  185.744020][T11851] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  185.746975][T11851] Call Trace:
[  185.748247][T11851]  <TASK>
[  185.749432][T11851]  ? __pfx_handle_exception_nmi+0x10/0x10
[  185.751403][T11851]  vmx_handle_exit+0x84d/0x1f40
[  185.753051][T11851]  vcpu_run+0x34cf/0x5ca0
[  185.754528][T11851]  ? __pfx_vcpu_run+0x10/0x10
[  185.756085][T11851]  ? rcu_is_watching+0x12/0xc0
[  185.757852][T11851]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  185.760152][T11851]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  185.762480][T11851]  kvm_vcpu_ioctl+0x730/0x1720
[  185.764256][T11851]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  185.766149][T11851]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.768231][T11851]  ? do_vfs_ioctl+0x226/0x13e0
[  185.770026][T11851]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  185.771791][T11851]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  185.774358][T11851]  ? __fget_files+0x215/0x3d0
[  185.776043][T11851]  ? hook_file_ioctl_common+0x149/0x410
[  185.778168][T11851]  ? selinux_file_ioctl+0x13b/0x290
[  185.780366][T11851]  ? selinux_file_ioctl+0xb6/0x290
[  185.782462][T11851]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  185.784544][T11851]  __x64_sys_ioctl+0x18e/0x210
[  185.786307][T11851]  do_syscall_64+0x10b/0xf80
[  185.787981][T11851]  ? clear_bhb_loop+0x40/0x90
[  185.789693][T11851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.791848][T11851] RIP: 0033:0x7f46a7f9c819
[  185.793514][T11851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  185.800701][T11851] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  185.803800][T11851] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  185.806621][T11851] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000a
[  185.809426][T11851] RBP: 00007f46a8032c91 R08: 0000000000000000 R09: 0000000000000000
[  185.812689][T11851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  185.815715][T11851] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  185.818476][T11851]  </TASK>
[  185.819582][T11851] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  185.822173][T11851] CPU: 3 UID: 0 PID: 11851 Comm: syz.4.1638 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  185.825977][T11851] Tainted: [L]=SOFTLOCKUP
[  185.827643][T11851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  185.831550][T11851] Call Trace:
[  185.832763][T11851]  <TASK>
[  185.833852][T11851]  dump_stack_lvl+0x100/0x190
[  185.835504][T11851]  vpanic+0x552/0x970
[  185.836914][T11851]  ? __pfx_vpanic+0x10/0x10
[  185.838545][T11851]  panic+0xd1/0xe0
[  185.839950][T11851]  ? __pfx_panic+0x10/0x10
[  185.841724][T11851]  check_panic_on_warn.cold+0x19/0x34
[  185.843922][T11851]  ? handle_exception_nmi+0xa6e/0x1bb0
[  185.846151][T11851]  __warn.cold+0x191/0x328
[  185.847782][T11851]  __report_bug+0x296/0x3d0
[  185.849399][T11851]  ? handle_exception_nmi+0xa6e/0x1bb0
[  185.851278][T11851]  ? __pfx___report_bug+0x10/0x10
[  185.853097][T11851]  ? mark_held_locks+0x40/0x70
[  185.854791][T11851]  ? __pfx___schedule+0x10/0x10
[  185.856616][T11851]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.858984][T11851]  ? handle_exception_nmi+0xa6e/0x1bb0
[  185.861100][T11851]  report_bug+0xb2/0x220
[  185.862621][T11851]  ? handle_exception_nmi+0xa6e/0x1bb0
[  185.864538][T11851]  handle_bug+0x16a/0x2a0
[  185.866095][T11851]  exc_invalid_op+0x17/0x50
[  185.867713][T11851]  asm_exc_invalid_op+0x1a/0x20
[  185.869471][T11851] RIP: 0010:handle_exception_nmi+0xa6e/0x1bb0
[  185.871857][T11851] Code: 08 84 d2 0f 85 fd 10 00 00 44 0f b6 2d 46 72 3b 0f 31 ff 44 89 ee e8 11 5d 69 00 45 84 ed 0f 85 b5 0e 00 00 e8 b3 62 69 00 90 <0f> 0b 90 31 ff 44 89 e6 e8 55 5d 69 00 45 85 e4 0f 85 7f 0b 00 00
[  185.878709][T11851] RSP: 0018:ffffc9000443f9d8 EFLAGS: 00010287
[  185.880823][T11851] RAX: 000000000001061b RBX: ffff88803cdca980 RCX: ffffc90131012000
[  185.883762][T11851] RDX: 0000000000080000 RSI: ffffffff819fc74d RDI: ffff888034c10000
[  185.886786][T11851] RBP: 000000000f6632eb R08: 0000000000000001 R09: 0000000000000000
[  185.889623][T11851] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  185.892386][T11851] R13: 0000000000000000 R14: ffff88802f1cf000 R15: ffff88803cdcaa50
[  185.895145][T11851]  ? handle_exception_nmi+0xa6d/0x1bb0
[  185.897200][T11851]  ? handle_exception_nmi+0xa6d/0x1bb0
[  185.899282][T11851]  ? __pfx_handle_exception_nmi+0x10/0x10
[  185.901437][T11851]  vmx_handle_exit+0x84d/0x1f40
[  185.903173][T11851]  vcpu_run+0x34cf/0x5ca0
[  185.904695][T11851]  ? __pfx_vcpu_run+0x10/0x10
[  185.906392][T11851]  ? rcu_is_watching+0x12/0xc0
[  185.908090][T11851]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  185.910132][T11851]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  185.912132][T11851]  kvm_vcpu_ioctl+0x730/0x1720
[  185.913898][T11851]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  185.916099][T11851]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.918658][T11851]  ? do_vfs_ioctl+0x226/0x13e0
[  185.920469][T11851]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  185.922248][T11851]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  185.924631][T11851]  ? __fget_files+0x215/0x3d0
[  185.926353][T11851]  ? hook_file_ioctl_common+0x149/0x410
[  185.928300][T11851]  ? selinux_file_ioctl+0x13b/0x290
[  185.930130][T11851]  ? selinux_file_ioctl+0xb6/0x290
[  185.931929][T11851]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  185.933783][T11851]  __x64_sys_ioctl+0x18e/0x210
[  185.935476][T11851]  do_syscall_64+0x10b/0xf80
[  185.937125][T11851]  ? clear_bhb_loop+0x40/0x90
[  185.938781][T11851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.940877][T11851] RIP: 0033:0x7f46a7f9c819
[  185.942530][T11851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  185.949380][T11851] RSP: 002b:00007f46a8dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  185.952292][T11851] RAX: ffffffffffffffda RBX: 00007f46a8215fa0 RCX: 00007f46a7f9c819
[  185.955201][T11851] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000a
[  185.958183][T11851] RBP: 00007f46a8032c91 R08: 0000000000000000 R09: 0000000000000000
[  185.960982][T11851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  185.963740][T11851] R13: 00007f46a8216038 R14: 00007f46a8215fa0 R15: 00007ffd6a2b3ee8
[  185.966501][T11851]  </TASK>
[  185.968502][T11851] Kernel Offset: disabled
[  185.969948][T11851] Rebooting in 86400 seconds..