last executing test programs:

6.459985523s ago: executing program 0 (id=274):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x28, r1, 0x801, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000094}, 0x0) (fail_nth: 4)

6.30138951s ago: executing program 0 (id=279):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f0000006180)={0x2020, 0x0, <r0=>0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xffff, 0x0, 0x1, 0x0, 0x0, 0x120, 0x2000, 0x0, r1, r2, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000440)={0x50, 0x0, r0, {0x7, 0x29, 0x0, 0x205dcc0, 0x40, 0x73, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0xc0104d04, 0x0)

6.300802826s ago: executing program 0 (id=281):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x80000000000004, 0xffffffffffffffff}})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f0000000280)=ANY=[@ANYBLOB], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x3, 0x7fff, 0x16, "b0bf2ebb48c849ac0000000003000018bfff40"})
r2 = syz_open_pts(r1, 0x0)
r3 = dup3(r2, r1, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0xff)
ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000000))
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
syz_emit_ethernet(0x46, &(0x7f00000002c0)={@multicast, @multicast, @void, {@ipv6={0x86dd, @generic={0xb, 0x6, '\x00', 0x10, 0x2c, 0x80, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @mcast2, {[@dstopts={0x88, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x5}]}]}}}}}, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x19, &(0x7f0000005980)=@bpq0, 0x10)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:src_t:s0\x00', 0x1b, 0x3)

6.071463688s ago: executing program 0 (id=284):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r1, 0x0, 0x240)
r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x341000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r2, 0x4112, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x271e, 0x0, &(0x7f0000000100))
r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="40040000f30304002dbd7000fbdbdf25020000000200000028000000040000005d07000000000000000000003a4c000009000000010000000f0000000500000004000000fbffffff10000000000cce00ff030000e1e100000600000001040000030000008100000000100000050000002200000002000000ab070000ffffffff01000000000000808b5300000900000000100000c50000009d8700000b000000ff07000001000000feffffff03000000010000006effffff070000000000000009007f71e6b7123dd71f0000fcffffff060000000500000006000000b87ef35e09000000950000000200000001000000cd0000000b00000004000000000000000000000003000000050000000ae7000009000000ffff000008000000660000000f000000220f000001000080ff000000020000000e00000008000000f3050000030000000400000000000080800000005f07000001000000050000000200000002000000a95c00000300000004000000040000007f0000000500000008000000050000000900000006000000b554000080000000008000000100000003000000ff07000003000000090000008a00000008000000ff01000000000000090000000600000001000000030000007aeb000008000000000000000600000004000000000000100400000003000000c282765b09000000040000000500000006000000000000000600000005000000000000007100000063060000060000008a1600000900000002000000070000000000000081000000090000003c855b03070000000600000039050000ffff0000040000006d600000010400000200000032ffffff0101000044bf0000b80d000001800000931f000004000000050000000b0000000002000081000000ff030000ffffff7f81000000000000000300000054a80000030000000a000000000000008100000002000000050000000300000008000000060000000700000040000000040000008e0d0000aa030000ffffffff080000002cffffffffff00000c0000000200000005000000010000000000000004000000100000006e4200005f0000000600000009000000050000000700000000000020040000000500000007000000ad0600000400000006000000080000000300000007000000cc0000000100000006000000000001000000000001800000a79d000008000000ff01000001000000008000009c9bc5ea00000000ff010000020000000012000096d40000000000000600000001000080784400000a00000081000000000100000c0000000e0d0000070000008000000003000000040000000a000000050000000100000005000000020000000100000000000018307bc30801000000060000000104000000100000060000000000000005000000000002000003000003000000076b000000000000007d000004000000080000008f0000001d00000024242f28237b5c002f6465762f6b766d002b007b265b2d26297b285e00000000"], 0x440}, 0x1, 0x0, 0x0, 0x4000}, 0x20004040)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
ptrace$getregs(0xe, r8, 0x3770, &(0x7f0000000140)=""/1)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0xc4a, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x1000, 0x9, 0x100, 0xfffffffffffffffb, 0x8, 0x71dd, 0x0, 0x8, 0x8d], 0x100000, 0x2008c0})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
close(r4)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)

5.990481132s ago: executing program 0 (id=287):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000004c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, &(0x7f0000000500)=[0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0xe9, &(0x7f0000000680)=[{}, {}], 0x10, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x3e, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000008c0)={<r3=>0x0, @broadcast, @initdev}, &(0x7f0000000900)=0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r5, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000940)={0x54, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {0x23}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24000815}, 0x4004844)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'gre0\x00', &(0x7f0000000b00)={'gre0\x00', <r6=>0x0, 0x10, 0x8000, 0x4, 0x2, {{0x20, 0x4, 0x2, 0x7, 0x80, 0x67, 0x0, 0xf5, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1, {[@timestamp_addr={0x44, 0x0, 0x94, 0x1, 0x4, [{@broadcast}]}, @ssrr={0x89, 0x27, 0x9a, [@rand_addr=0x64010102, @private=0xa010102, @multicast1, @dev={0xac, 0x14, 0x14, 0x2b}, @local, @multicast1, @rand_addr=0x64010100, @remote, @rand_addr=0x7]}, @generic={0x84, 0x8, "eb9f62c7e555"}, @cipso={0x86, 0x12, 0xacb44d8dbdcd7b95, [{0x1, 0x2}, {0x2, 0xfffffffffffffd8f, "6752825b4e219dbe"}, {0x7, 0x0, "baae7d54baa4d4eb28d2d5"}, {0x0, 0x0, "83129e6713cd902af701b5"}]}, @ra={0x94, 0x4, 0x5}, @rr={0x7, 0x17, 0x3f}, @ra={0x94, 0x4, 0x1}, @generic={0x6aa987850c92e844, 0xb, "4ab0e9639e5188a4c7"}]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f00000009c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000a00)=0x14)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000740), 0x400, 0x0)
ioctl$SNDCTL_SEQ_RESET(r8, 0x5100)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getrusage(0x0, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000400)={'syztnl1\x00', <r9=>r7, 0x7, 0x8081, 0x5, 0x7, {{0x1a, 0x4, 0x0, 0x1, 0x68, 0x66, 0x0, 0x6, 0x2b, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp={0x44, 0x28, 0x22, 0x0, 0x3, [0x7ff, 0xb63, 0x98, 0x8000, 0x1ff, 0x400, 0x7, 0x7, 0x8]}, @cipso={0x86, 0x28, 0xffffffffffffffff, [{0x5, 0x3, "a9"}, {0x0, 0x4, "be6a"}, {0x4, 0x9, "3d9dfe234a3870"}, {0x5, 0x12, "f03b97335e928a292dd8784e120a5e50"}]}, @noop]}}}}})
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000481000/0x1000)=nil)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e", @ANYRESOCT], 0xb8}}, 0x20040014)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r12, @ANYBLOB="08009e"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="d8d1ffec2ea4e5d0f766c911ad9357a90e682b2bbb05c345c4f47473acc8e99a9650bccf8c7c15f8e9fd1b22fd9b58760f719a311a6638b4e1f4cdf3a2", @ANYRES16=r2, @ANYBLOB="00012bbd7000ffdbdf25150000000c00018008000100", @ANYRES32=r6, @ANYBLOB="3c00018008000100", @ANYRES32=0x0, @ANYBLOB="14000200776731000000000000000000000000001400020076657468305f746f5f6272696467650008000100", @ANYRES32=r9, @ANYBLOB="0c0001800800030002000000"], 0x68}, 0x1, 0x0, 0x0, 0x20008080}, 0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB="180100000000000000000000040000008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)

5.611259015s ago: executing program 0 (id=293):
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x181100)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

5.566909777s ago: executing program 32 (id=293):
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x181100)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

1.883491438s ago: executing program 1 (id=339):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f00000000c0)='sysfs\x00', 0x989, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000280)=0x8)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup2(0xffffffffffffffff, r6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000140)=ANY=[@ANYRES32=r5, @ANYBLOB="02"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000040)={r5, 0x2}, 0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000340)={r5, 0xfb, "5530f8568b9ae65c3e9560c3e861a9b3182e8e1afb7e8a2d8af903a1cc3064c7a497b0746a180c18c5cedbd0acc1614ded52d9af34cdfadf18148809adaa396ec6c0c9d61e36fcf9341061c762a5d3e1b4a34ae5b5b92a26ec24962616e331a3cf0546c1869972264aa14e7654b626f6c5754075f77dfe5b440f84d0c7dabfd4d9bf018322a718f4ab27312203a8853ecc423ccf0e94be3e2f6cb4c60ec704b495b32c9f52c1d41e41f04f45a426cab22adbf63719a51168b3d7d2ce487258137ccf4fa2494c4b9b90439edf975781f49152b55dd60872712e4d368d0ac3c607198e0cd12bfed55618a7822f1bb51984a96a0b7dbd13d61c9c41ba"}, &(0x7f0000000480)=0x103)
connect$unix(r2, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_emit_ethernet(0x7a, &(0x7f0000000280)={@local, @dev, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e400ff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, '\x00', 0x80, 0x11, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @dev}, [], "17c11d58674e624c1a146558aab57fff"}}}}}}}, 0x0)
sendmmsg$unix(r2, &(0x7f0000004780)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='A', 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3], 0x18, 0x40001}}], 0x4000000000002b3, 0x0)
close(0x3)
r7 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000000)={0x0, 0x3, 0x4})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff00ffffff850000002f00000095000000000000003454a4f110e0e8b8c1820e816c795ae254e424dc949fa7dd1252ff14702cbec7d25ca0566158906025d5f276ba8cf6672919c5e8df4b9a81c1"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x0, 0xe, 0x0, &(0x7f00000001c0)="e00b90f177020000000000000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r9 = socket(0x28, 0x5, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(wp512-generic,cbc-camellia-aesni-avx2)\x00'}, 0x58)
close(0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r9, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
ioctl$VIDIOC_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000040)={0x0, @reserved})

1.809598391s ago: executing program 1 (id=341):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x10)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000600)=ANY=[], 0x8)
recvmmsg(r0, &(0x7f0000002980)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x26, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
timer_create(0x1, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
write$binfmt_elf64(r1, &(0x7f0000000880)=ANY=[], 0x41a)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.666355154s ago: executing program 1 (id=344):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc8)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@uuid_off}]})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) (fail_nth: 16)

1.461713438s ago: executing program 1 (id=349):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x3000000, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)

1.461486364s ago: executing program 1 (id=350):
unshare(0x6a040000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0xfffffffe)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x3)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000040], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff000000000000000000000000000000000000000000000000000000000000000000000b000000000000000000fcffffff00000000"]}, 0x108)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r2, &(0x7f00000020c0)={0x2020}, 0x2020)
ioctl$SNDRV_PCM_IOCTL_LINK(r2, 0x40044160, &(0x7f0000000180)=0x10001)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000000)={'nat\x00', 0x0, 0x0, 0x0, [0xe5, 0xa, 0x2, 0x4, 0xfa, 0xe]}, &(0x7f0000000080)=0x78)

1.460089669s ago: executing program 3 (id=351):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x11, r0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e29, @private=0xa010100}, 0x10)

1.331270971s ago: executing program 3 (id=352):
r0 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105511, &(0x7f00000000c0)={{0xc, 0x4, 0x10, 0xffff85e5, 'syz0\x00'}, 0x0, [0x400, 0xfffffffffffffffc, 0x7ffc, 0x5, 0xd, 0x100000000, 0x0, 0x45, 0x7, 0x7, 0x200000000c7, 0x8007f, 0x1, 0x200, 0x8000000, 0x0, 0x8, 0x1, 0x2, 0x1, 0x0, 0x0, 0x5, 0x3, 0x100000001, 0x40, 0x2, 0x10000004, 0x4, 0x4, 0x2, 0xfffffffffffffffe, 0x0, 0xfffffffe, 0x0, 0x3, 0x4, 0x0, 0x3, 0x20, 0xee4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffe, 0xfffffffffffffffe, 0x9, 0x2000008, 0xfffffffe, 0x0, 0x6, 0xfffffdfffffffffe, 0x0, 0x800001, 0x7, 0x3, 0x0, 0x7fffffff, 0x20000000000, 0x0, 0x0, 0x0, 0x1, 0x404, 0xb4f, 0xffffffff, 0x9, 0xfffffffc, 0x40001, 0x1ff, 0xffffffd, 0xd87, 0x0, 0xc700, 0x1, 0x0, 0x400000, 0x0, 0x4, 0x5, 0x0, 0x0, 0x0, 0x3, 0xe9, 0x6, 0x5, 0x0, 0x0, 0x6, 0xbb, 0x200000, 0x0, 0x0, 0xfffffffb, 0x7, 0x7ffffffc, 0x4, 0x0, 0x2, 0x1, 0x400003, 0x3, 0x0, 0xfffffffd, 0x1108, 0x3, 0x1, 0x6, 0x0, 0x8, 0x5, 0x0, 0x0, 0x6, 0x1, 0x7, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x7ff]})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@delchain={0x24, 0x66, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0xffe2, 0xfff1}, {0xfff2, 0xffff}, {0x1, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r6, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x10020)
setsockopt$sock_int(r6, 0x1, 0x2a, &(0x7f0000000100)=0x7, 0x4)
sendmmsg$inet(r5, &(0x7f0000000280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000014)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000005c0)={0x401, 0x6, 0x1ff, 0xff, '\x00', '\x00', '\x00', 0xc, 0x5, 0x8, 0x4, "972f7a6190af5eabf54ea7c8809371c9"})
socket$inet6(0xa, 0x6, 0x3)

1.330947609s ago: executing program 4 (id=353):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GDTEFACILITIES(r0, 0x89ea, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r1, 0x40096100, &(0x7f00000003c0)={{&(0x7f0000000600)={'Accelerator1\x00', {&(0x7f0000000240)=@adf_str={@normal='NumberDcInstances\x00', {"5628d103fc7e89258923626603e0d49634effaa49a3c0aa4a75e995e2eaabbca3d9fdaef01c77171613044b3b57fb7c89ee5e0ea1a5f166bc6b5656e833e0238"}, {&(0x7f0000000140)=@adf_str={@format={'Cy', '1', 'RingRx\x00'}, {"07ec7c3f320ef9b4f1bbc504c5e408baf40942605cafb23cba729074523752f2a188422388ce12cba2e929a3be30912279759e41c7d42f75e5245f1c295c22d2"}}}}}, {&(0x7f0000000440)={'Accelerator1\x00', {&(0x7f0000000540)=@adf_dec={@bank={'Bank', '1', 'InterruptCoalescingEnabled\x00'}, {0x80}, {&(0x7f0000000300)=@adf_str={@bank={'Bank', '1', 'CoreAffinity\x00'}, {"808881abecacb775b6c3025eb33a156d0d03ef732ef276992d467384c2ac6c7a607d324e288254b6bf6523a6f3abf3afd8d50b376ea660499e5cefdfe60a77d4"}}}}}}}}}, 0x5})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0xe, 0x40, 0x3, 0x41}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140), &(0x7f0000000040), 0x1003, r2}, 0x38)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="d800000018009903e00312ba028105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901223fc6ab007f6f94007100a007a290457f0189b316277ce06bf75c10dde13fb206b33b174e54980ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1000000730d7a5025ccca262f3d40fad956d2b6d5a3a6692ac217e11382e767e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6cc452a92307f00000e970300000000", 0xd8}], 0x1}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r5 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r5, 0xc10c5541, &(0x7f0000000140)={0x1, 0x6})
umount2(&(0x7f0000000040)='./file0\x00', 0xb)

1.259358072s ago: executing program 4 (id=354):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000000140)={0x0, 0x5}) (async, rerun: 64)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0) (rerun: 64)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0) (async)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19) (async)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x9) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async, rerun: 64)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, 0x0) (rerun: 64)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x3a)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r4, 0x4068aea3, &(0x7f00000002c0)) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000013000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
r5 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000040)="55ee2a1605a0cc93d4b3b19a2182d6191df1dce2c8713489a5e9afb8d3f6ca382d96d9a85ec0e7d2595199d6fdca05089878808d5c3e37e21bd149c9ab0eb0e3d0a1d37f47eae5ed45d8da7b87dcbfa41b3833331286e86475ed6a01c6fe8d991a203b1a4e4473cd69da67aa0ac5fb6c5354e4b62ec6b9129fd4e117298cad69da875fbf734b4473f5c66d28ee7dcdc777499932a0e03f5362016258312fbd2666b94cbc1a2ddbe32e088ec811160a4d8d1785fd3d544f", 0xb7) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x51}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (rerun: 64)

1.259138395s ago: executing program 2 (id=355):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r1, 0x4161, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/81, &(0x7f0000000480)=""/74})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0xd, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x46ee, 0x400, 0xffffdffd, 0x32e}, 0x0, 0x0)

1.15183837s ago: executing program 2 (id=356):
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x41032, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (fail_nth: 16)
move_pages(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000064000/0x1000)=nil], &(0x7f0000000240)=[0x1], 0x0, 0x0)

1.151547822s ago: executing program 4 (id=357):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x44, 0x30, 0x1, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = socket(0x3, 0x800, 0x35)
getsockopt(r0, 0x200000000114, 0x271c, &(0x7f0000000580)=""/102380, &(0x7f0000000040)=0x18fec)
getrlimit(0xc, &(0x7f0000000300))
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$pokeuser(0x6, r1, 0x8, 0x8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000200)=0x200000000000000a, 0x5, 0x3)
getpid()
setrlimit(0x7, &(0x7f0000000180)={0x0, 0xcc92})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rename(&(0x7f0000000040)='./bus\x00', 0x0)
mmap$usbmon(&(0x7f0000650000/0x4000)=nil, 0x4000, 0x4, 0x50, 0xffffffffffffffff, 0x300)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$CDROMREADAUDIO(r5, 0x530e, &(0x7f0000000280)={@lba=0x8, 0x1, 0x3f, &(0x7f0000000200)=""/24})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_GETMODE(r6, 0x5601, 0x0)
pipe2$9p(&(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x0)
r8 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
splice(r7, 0x0, r8, 0x0, 0x10000000000016, 0x0)

1.151170377s ago: executing program 1 (id=358):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x50) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003080)={r4, &(0x7f0000002300)="3b58a67128", &(0x7f0000002f80)=""/193}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003080)={r4, &(0x7f0000002300)="3b58a67128", &(0x7f0000002f80)=""/193}, 0x20)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r3)
sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, r5, 0x20, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x4}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xb}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040890}, 0x20000001)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x3c, r6, 0xa679d07be9d27db9, 0x70bd26, 0x25dfdbfe, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) (async)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x3c, r6, 0xa679d07be9d27db9, 0x70bd26, 0x25dfdbfe, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r8, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r13, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r15=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x20, r14, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r15}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x1c, r12, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r15}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x20000080)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, r10, 0xb10, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r15}, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x1}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xf6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x31}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1671}]]}, 0x5c}, 0x1, 0x0, 0x0, 0x200000a1}, 0x4040040)
setsockopt$inet6_mtu(r2, 0x29, 0x4e, 0x0, 0x3a) (async)
setsockopt$inet6_mtu(r2, 0x29, 0x4e, 0x0, 0x3a)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x24704c1c42c72fdc}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

1.011881898s ago: executing program 3 (id=359):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x810c5a, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0x4}, [], {}, [], {0x10, 0x6}, {0x20, 0x1}}, 0x24, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000001100)=ANY=[@ANYBLOB="0200000004000400000000000400000000000000100006000000000020"], 0x24, 0x1)

1.009062354s ago: executing program 2 (id=360):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e20, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, 0x1c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[], 0x28}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00'})
openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='8', @ANYRES16=r3, @ANYBLOB="010028bd70000100000001000000180001801400020076657468305f746f5f626f6e640000000c000380"], 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x50)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)

951.076983ms ago: executing program 3 (id=361):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61128c00000000006113"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
ioctl$int_in(r3, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r3)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x7ff, 0x6, 0xffff, 0x0, 0x10002, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x14, 0x1, 0x7, 0x3, 0x1000000, 0xfffffffffffffffe], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@updsa={0xf0, 0x1a, 0x1, 0x70bd26, 0x0, {{@in=@private=0xa010101, @in=@empty}, {@in=@multicast1, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x4000000000}, {}, 0x0, 0x20000, 0x2}}, 0xf0}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x170, 0xc8, 0x8, 0x170, 0x5803, 0x2d0, 0x2e8, 0x2e8, 0x2d0, 0x2e8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, [0x0, 0xff], [], 'lo\x00', 'geneve1\x00', {}, {}, 0x0, 0x0, 0x0, 0x55}, 0x0, 0x108, 0x170, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@connbytes={{0x38}, {[{0x14}, {0xc000400000000001}], 0x1, 0x2}}, @common=@hl={{0x28}, {0x2, 0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x12, 0x6, 0x8, 0x401, 'pptp\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x10, 0x0, 0x7, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
mmap(&(0x7f000097b000/0x2000)=nil, 0x2000, 0xb, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

851.48704ms ago: executing program 4 (id=362):
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000001c0), 0x841, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setrlimit(0x4, &(0x7f0000000180)={0x6})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8080000000000000, 0xc595, 0x0, 0x78, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 15)

579.157512ms ago: executing program 4 (id=363):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x4004, @fd=r0, 0x823, &(0x7f00000001c0)=[{0x0, 0x10}], 0x1})
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000580)={0xf, 0x40, 0x7})
r3 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000f000/0x2000)=nil, &(0x7f000001f000/0x1000)=nil, &(0x7f0000015000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000001d000/0x3000)=nil, &(0x7f0000012000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68)
setresgid(0x0, 0xffffffffffffffff, 0xee00)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0xfff1}, {0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000080)
io_uring_register$IORING_REGISTER_FILES(r3, 0x20, &(0x7f0000000000)=[r3], 0x1)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$TUNDETACHFILTER(r5, 0x5411, 0x1000000000000)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r5, 0x4018f50b, &(0x7f00000005c0)={0x1, 0x9a, 0xa})
r7 = syz_clone(0x2b02000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r8, 0x80000300, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000240)=""/138, &(0x7f0000000180)=""/122, &(0x7f0000000800)=""/4096, 0x26000})
r9 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000000380)={0x0, ""/256, 0x0, <r10=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r9, 0xd000943e, &(0x7f0000001800)={r10, 0x0, "8dae46d4544dced0b21e7ff5c712e3b14ae220614ccc56b06448a35d2252f766d671691ccea3b115b76c1b93d3a5a875e75d8be5f521a08292f7ea7e848a63dc0186b0b75d05042d5e1cc833fde73df45c66a2e303b25aa77bbe8ec5250b62025ffbbf3287d538d7b5bfa6b0a531be833542c6585e973fed73168876602b9026890db33863257908ba87a9d9569358b55b5edf0f02c42cab8480afa724575c3d8982aa1a3f30f88003ba08f19f36e37f8fd16ca36dc137b4bdb0fe7f041b1bc3685f125d74d10f5228a97ebe1b77ec1a277da2aaf78e4a33e6c9230043fbd65bff0c607583c1175639818a3fe1d0318ee9f839c6841143e9de6705cd64eaeafb", "bb3f17cb7b1dd8d423d258819fa6409d7fbad62524d28c69a727dfd5728f0e5d987a69b87adf7052afd8dac5dc5d92ffd3232370f2f7619aaa94b13f93e07038785ad982bb347484d26e08094db2ddfaa1c17da91652aeb2c031f5924438e60a11b7f7789f55a6d3cb710d91388447a542c1f3889686222b6dd464c44362b01c11348e7579071eca87cd40a5aacd8b24d34cb49ee34549cf5b07428f75df4c25d6a9d7213d6d2e1702e46f32e4168aa58f5048755dc6ec666b09255c785a26f8514d8e1e780110af959a2bbc579ecb93ed2799c2187d649d6bb266a054bf2b77f3bbc4e41a0724117cfb4b14e41655b28c050a139617e09faa0009eacc56a95965793e2dc6191595637cd275a6d3a0f809a4e66228ba88622f834c7c5d00ca0937602de862ee91e49c5239cf5a326290101f5f19acab145d40990c87f63adb81efccf556a9357e4eb5e6cc757257c5b38757f36f39fb56efb98f401b97fcf8b14eee904e5b35d1a479d214a7dd27594856dd0ea8dce7f803f61e697368aaee6473e672094003a2b5ff127ddaaca0ee951232d4110870f29c4f12311ca7317d4281d950e2fc000d7ccd424437ecdc81302889047f9cfcfbf43d0e477292e0d6bd2d6488202b1d6c9d0b9cc8a992bb217e57e88d7c928f8a870fc12b5145645204f613a1a27c9f273ef3ff0b1bfbb39e3a7ab8e770689ab6cc36d458899e66c06ff2bdfd8a165120d13fe0e4897a9ec34dc627b1f2eb771894997e9895dd06e5fd6cdbb3388bd139477ea67066a4daa27501c6ab60cf2b129128982994cf6692d814d237b5522d36533e10ca9b70ef74a2060110de35103b4cb29fd1c7c63aac81f39f236f8c12d079c11210dfc1d799786c2514b421e79f79cb59a88636eb84f2c3bf9688884d3aa8dcd1e446d0fba9c28897566500a19e4d4ab05110ba1dd967f0ebb490457cf5c50b571b7fcf842b1f04ff826734abb2ceaec2d4896fd3e692e72001a3d543cfc7654a9f80f7d985187e20ec1fa74d49da7170600c0b43d733b3e65e0684b05911545066d51ed1892550abb185e7c56f8246368e81fb48d975e452d925dd96b2b9b1a5063ca0290c4fbf3b335b5103b78bdb643d5ce4a097149a54452af4fb26ae2fc53bef34a99ad325069dccb5f06fa5fae447c526cf529630c6aac667f43c8e8d73ad0daa24191fdd1ee5cecd32cde05448fb97f21a48da1c442ed6f84aa59ec98515789a6632b525d9024b291574fffd0d8f6ee08ce1d0d89a0e76a3b2cc3bcc042903b9997b951122d842349daa7a41e958da81ac7c998e7dedff9a7ff053331626c46880d061bee35aee8b9b6baf544c72b37bc836790d954dde9d05502ca0c26ab2b0c91c3d70f5c9de8bcd47c6e5cfbd082ae53ef8fef1292d23490348ecef4a0dadf9d9e96587f76676764da923856d0d069c140affa18dae85f5423cc58b6d7b5d7c7902fee8d17621d98aefc7f818981c76e63ab4485b5e78bda0c327a30ecf17051eeefd28d0d7b97e82356f5a16815386ad91e6c6a81a6bdd2f63a406004378c409cc4e183612601ec07363e5fd4b746b940cdcdba8fc20ee030cc138d27535b5670e01cd371a4d11de3e1d611bf37e80639f90d9118d1d635cf2a66d7433488301e29684fbdda1b544f5d3f598f8694c728f6849d82b6f6bf1e98a0c84c9c9f54f829a9e5c230fd6cba2f305ddecff1401c400e153e7005c152dc1652b348a1440a39f21496ec53c7f1b864849a09d35bbdffd067e522cc5762397c9158e04d4a7c69054572acfc1964df83eff052a8660c9d51a173de26b3c58003f053c9231bb180a8108c25938c3f0ff9a15dd4e430f6023008ca6b9f1a0f03a67780f72a18f655aa16802acc198123388af1912ef38d2d55c2e54871390d786d62f3552ddabfd3c984b90dfdb5f759a3287fb8c5139ee1e283e13a813d7711969229d7480ba54470f36f9ffd879de71fe95b615ccca026346f82b1673bf0e0358514f9c195489a52ea5c77e8d0856d6ed329a029b1932a8404a62d1de44d1698003431c836c4fad4e18a55e3c4c453286a377e312cf6cc7c974556db4749528087e785232c9279d022d7dfd745b123b51d30cc06be5183dad98ed2192784b20af4c033a18cbcd02d648b3efd63fb70cefa4963b806d36447e54f2a9bf14ca631f036785fbe71ead2f09a3d94e1b90a473f38004c8abc9ad585fa6c8aa6564b3694cc5a66b817f56ecde177400b785bff86fa3f5b09a8d5684ce8b4cb00a85017e955c13ecd99e5acdc2a4cbd5bcb35df3e336d266e8ab9eca46d0852217240007aee478055438d6ef9e5fec32039f6a31013f135bba6f9ca26eafb79f9ba1827fceadbc34bbc82a331eb2aa98a92f681adaa5d54aaa3a4f4e4811a4adf1ac5cd730ab5f0c67684ade53ab819251a7b766cc77aeb18f482b564a389362490d7e04fbd82c4b21d13afee3c1664cf391f643fbfcf9b6d15a00ae904be059670180b0841c8fc24e7c9c388a39a265874b41b9a7b54faca83316da01b81ee0c0cac490b86e8c8b0307d4a1a163c8756107d0410b037b86bfe70000170a00ee7cddf6d0a87d95446b4aebf7c725e247c6ebadfc0ae9fb614a7e85d53e0bddea234e4fd58673789c772be2aeaf9d4ce2fe03c30083c0e373b5aeb9710ba510072dbdf3623075688e7ff22ca78ca009491217be15e5fc2887657738639658518d233d06e34074e1a3c0151004a51a714fb1cf2a3299e19cf50691245888a5c53a702f0598502c828148e6d39ade28ec03238bdfe4d3bcfd99fa869088f2fbbe59036b11da0340f86905d65862504a100d41ba0b13ba10a5f74d8417322af935265af7ea479298164d3f7789a6760ed9e9b03defb34a87b7a9f4f6bde79b5c17e737f0cc44fcc439bbfc56812f7f5ff56a26f25067089c805bf7cbd049f70e183c0a89104eba5e3545ae5ce92e7d147f5b00b72ec9dd69e97a5da9f883e4e8b85a92e69af9ff4402c62e4c54ce882ee21da2303ef36bc2f4e5d3bca936a0585c61ad6122c76809bcca9262ddc315e4f32b98d231e6e2343e14572c4b8c4d544a6eadc5810adb8b68aa06bc63177b0a580812e235758635247b31179ade90f1cb7cd4b34dc08faccd7593605ee6fd547b82eecd23e9cf23936a2ce7b1196b644a042824938dc94bc151d2d1762ee8df2ec1f86e9c1319179bb3d8a279c71207eaacafc339d9c0764560bf78b735e4d492de55c312c4ec67e3c0888fc5d1b81abcca950d151f5eaa931f113fd510921dee698fee5699bcab75c90427adcc6713c13e78a4f74b4034e7a12c32c9b40b5d5a0bce00cd0c4bb41507a0af0b797a5e6ee65d8167b3e66d2b37f7fae183bc874e3fa6d3a042ae4ff1aafa45275686a60ea2e766c0f761f74ef7eda75d4a9a68cdbe697da32ecae3907bb19363f4cd15d270088fa3d9647779aa5e422412b2309c10595ac28bf4d7edb3288c91a22358f57c5762b7bce9fed29ca713c5497cdcd3c97f98b3d180721f82244dd2698c0e5ba83fe12f535e37b1125c598f3eba74ad5d1ce739788af1d227c80b340c86396c51feff51dc87faba5cc9e8a71ee283579c7bd9f6d2ba5d6b4cf2e4d140dbaa0e020e5b5c62f16ee92ca75c2aa4f9a51edf5575f1e8dc5b448da5a2c8c70c5077f2d4a0c95ad9b4147a9f5d8afd16782103f883b8b15ce52c35254464f4ad4084b503b8485fa46102557e2955818853471e244c34b23a9d16202eb4e17ddfd46e853073189d06e80bed017c74a7b67c11349538cec993e25346c3bef05459b2a5d84879cb5e8dff293ed89bc1e0084d71d327375880424ef2d75357c608fb6a8b2ef7f453c2d0f69e1cff7d5a19d0057597ac9655237edde4a558504a65a2d83e802aa15f1bda3c3db2e50110e84e803af47b71c812889d4b083fa7e5dd9205e35a239df21503f29bd9e32c22b016df427f343374d712ac76eb7363c73710ad002c4fc999867f88d3ffac50cbcf94562cfcd031442b8684d915135875950844a94703e803ba339ead165f1bd0b0a63a11706071b3e2717568ec1d19249c050125d1c6325d7928a246ebaedd7a49c8401fd978157d35c788218be444fb0e9c441edd2c396c935dcebc286003c5739ace3efd74860cd4487bb10f15ae48dcba78ba89d88c840efe7b8380788c72fbb2b4be73d915851612a206caede4153c3f7733ce558fea3eed6e86e9d135da829049a9310297360211c2a1986227d3e1c0dfa75dfe6d8db71bcdd5d24db69be5ce7097a7feced02aff6ab8ef4648f6ddfe20f042841e4a2d8a0147aa4b64ba980d2e153cb4e529e6ecf1a6c46575cf45080b5c99e1ecf05dd6e4481dff38ad4314e3767fc4039a19f99f0af74c7fba57ddf0ff6cdeff84a3633797356fa296300ab5a2c62e3d608eac06c67521932757ea138c106fb14d3bdd2bd131d5c43806205d9da0aabd0518d694ee38d07f1e55f4d7422d35d5786ea4b1b4c8e70ee8f5b3bb2473521e2248eea15c62ca28cad1c412c1139e3de0e6885cf6516d9fab5f55dc7bb30d903ee1f32ab0a9c5dc81203c3669c12c21752a7815f885f343669e8f8695581b894225dc048fb49eb3b2b957feced9a51a343cea1cb0a214d7ce895dd2133d96cc3621996e1398903d0bf5977348df20c92c5d2929a9908b0829ff2a6ff4187adc9e8d7b7dd99b01116cb502985d0d3008a8fadd8a0da641bf8ea04b7ea30830370f6f3bbb8aa06e4a9e4f1b5264a121241e74563651f0f95c6709d717e57adda7120c40af40d7dd547f2935ed0fc5632053648148dfaaa244443e372c92c144e38960e7531745959cfc48b42089ec69434384a0aa949a899b4eb2ac21d4135e7900fef37dc6c7215da4f1395d02285c56d856e69cb7bb7e9bd9710cd68222845220515cf049136a913bb1607aad42e66a0a678339165e873f2649605b10e2d7a9563db299a0ddcaee5102e2ad63c192871ca0f4992defb763274d8896fc4360b1ee7db89b2cc5515db38902185cecca1ada349c1def8b250339bda955e621f5a5e03f0030f39675a04468765e3e49a7641b8cfb0167abd0db94fdffacca60a5670ab9bc7f236fcd15a14f7ff2dca276beee2a3c118dd7560a2f6cbfb3f9636ff14e1edf0e259738ef3a662ac75a699828d49d0e88598b3b98ec8d584b2ac4ab8c074055270d441f718a4d4a93c674ad344160452f71167d42df102c2a9f4eef045d3c24aba1e01a43f22ca2ac8db313e31c64358bb2356ab78daea6dc233065bde4855cad11d94fa6f3c38499e6f1d3d28dfd7d2e221ed8a3985b0efe1b58ffeb83e0fb7172e6dea5951a21a38945b84f18faee666287ebb3e304bd0721b6dfb4cf0b4150fcf7188235eb5f49a99b80419877daafed9965fd"})
ptrace(0x10, r7)
r11 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r11, 0x80044d04, &(0x7f0000000040))
ptrace$pokeuser(0x6, r7, 0x388, 0x2590f58a)
ioctl$SIOCAX25CTLCON(r4, 0x89e8, &(0x7f0000000100)={@default, @default, @null, 0x63, 0xffffffffffff0001, 0x1, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})

578.801222ms ago: executing program 3 (id=364):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000000140)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0500000082"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4004844)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x1600, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x100003, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {0x3, 0xfff9}, {0xd}}}, 0x24}}, 0x0)
close(r1)

575.849115ms ago: executing program 4 (id=365):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x181100)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1})
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={<r5=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000300)={r5, <r6=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={r6})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r8, 0x1, 0xffff, 0xa, 0x1ff, 0x1}) (fail_nth: 16)

101.50301ms ago: executing program 2 (id=366):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'hsr0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r2, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES32=r2], 0x68}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3000000040000701feffffff00000000047c0000040042801400018006000600800a000008001c00", @ANYBLOB="040008"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
socket$inet_tcp(0x2, 0x1, 0x0)
statx(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x6000, &(0x7f0000000240))
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x8084)
r4 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff})
r6 = socket$nl_route(0x10, 0x3, 0x0)
splice(r5, 0x0, r6, 0x0, 0x4ffe6, 0x0)
statx(r5, &(0x7f0000001740)='./cgroup.cpu/cgroup.procs\x00', 0x1000, 0x4, &(0x7f00000046c0))
sendmsg$SOCK_DIAG_BY_FAMILY(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x330, 0x14, 0x300, 0x70bd2d, 0x25dfdbfc, {0x29, 0xff}, [@INET_DIAG_REQ_BYTECODE={0x93, 0x1, "a8465cfcb205d5cde9e1a69c54dcb5c07355dd60ef64d50e8b590dd999fce663570bba85ddf0ef8df26101c417d12636380831c60ca3e94c285aa64f8b0171fcb4b704a7c53b2a41a7c0b4dfd4bad24716faf0f14e85e44caba4ddf65645d253b758633f9af184ad3506a22380be248a7b4967602fb899ea404581f0999abfcdea03f825ad00b1ffe93e1fa11a6215"}, @INET_DIAG_REQ_BYTECODE={0xfa, 0x1, "1d86d3cd426d7554d30fa34cc5d7973f5760798d6a5cd84f8374d030b5d70765ca5d79662300e296f71298c5dcec6d6fd9b103942e406ce9eaa04f2122d433aaff461cc40f2c9e700ce6be09856efe1251046aac4b11fb27d21032be073d236266e7eaf9e75c9d26fbaa06454209ef42c59faaf135458554697af1164bfd0a5ce8c8009d22ba1e5f794f69a98521e019cec7fa2815b37ec7df38b501513818548dceafa3f5cfb138978a7dc50c72e78ed29275656262f542f7ba02799aac3e61a9c2458edf6dc5866285956814a8a761eb9c5901bd01de66d2adf5ab12228062a3e314b8c59cb17a34bdbbd8d7bf26475bbc3c425863"}, @INET_DIAG_REQ_BYTECODE={0x98, 0x1, "16c3e35fff908e07552edef2510c80ed5beb0d5344482967841bf8e256bb66e20d80e6daab1d5d406d26836c6ad8bcd174f2b0dddaa51dc88ffc09c0fa16a430308a8922f4c123e39586baaec79b70b7e892b473925caa76ad315be359e8b5ceca708f266ebb89c7eb5e7f77f95eabbb73631cb841451006f5a26859d281e06f09c7de8a9c5afeec38bff94586e0bc340dbc10da"}, @INET_DIAG_REQ_BYTECODE={0xf2, 0x1, "fbcf41a4b5584c736b66d1a1285c4c0f47607d254330b16ea9e085dfcfc49cd949b3e0f1898e259434e08a6f08448b3ec3177e876349d5975e433676ac27347bc2a23c22f9ea4674980b37f928b20e969bdb4c350501659800705231d676b989b482a16af6c40a9eccca30a7e497e9a8eec1b0165adc99be891e8940384ebb350298c598227ade4c3a933890f3ce457b723db4a973be454d1ad75e595263e391a74190f5530538d4226977c5e662497f95a480c800a829563889d4f3aa620337a11dc42f5cb06a2189d2fa652aede423852ef2fd357aa661b0e687e749f323c4ae03ebc98f60927ac8e716baac33"}]}, 0x330}, 0x1, 0x0, 0x0, 0x40001}, 0x8004)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="73d600001600156f0000000000000000030000002c697d1be1cb40b1e1", @ANYRES32=0x0], 0x18}}, 0x0)
socket(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'hsr0\x00'}) (async)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000008000004800128008000100687372003c000280060005000180000008000100", @ANYRES32=r2, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES32=r2], 0x68}}, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3000000040000701feffffff00000000047c0000040042801400018006000600800a000008001c00", @ANYBLOB="040008"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
statx(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x6000, &(0x7f0000000240)) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x8084) (async)
socket(0x10, 0x3, 0x0) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) (async)
pipe(&(0x7f0000000080)) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
splice(r5, 0x0, r6, 0x0, 0x4ffe6, 0x0) (async)
statx(r5, &(0x7f0000001740)='./cgroup.cpu/cgroup.procs\x00', 0x1000, 0x4, &(0x7f00000046c0)) (async)
sendmsg$SOCK_DIAG_BY_FAMILY(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x330, 0x14, 0x300, 0x70bd2d, 0x25dfdbfc, {0x29, 0xff}, [@INET_DIAG_REQ_BYTECODE={0x93, 0x1, "a8465cfcb205d5cde9e1a69c54dcb5c07355dd60ef64d50e8b590dd999fce663570bba85ddf0ef8df26101c417d12636380831c60ca3e94c285aa64f8b0171fcb4b704a7c53b2a41a7c0b4dfd4bad24716faf0f14e85e44caba4ddf65645d253b758633f9af184ad3506a22380be248a7b4967602fb899ea404581f0999abfcdea03f825ad00b1ffe93e1fa11a6215"}, @INET_DIAG_REQ_BYTECODE={0xfa, 0x1, "1d86d3cd426d7554d30fa34cc5d7973f5760798d6a5cd84f8374d030b5d70765ca5d79662300e296f71298c5dcec6d6fd9b103942e406ce9eaa04f2122d433aaff461cc40f2c9e700ce6be09856efe1251046aac4b11fb27d21032be073d236266e7eaf9e75c9d26fbaa06454209ef42c59faaf135458554697af1164bfd0a5ce8c8009d22ba1e5f794f69a98521e019cec7fa2815b37ec7df38b501513818548dceafa3f5cfb138978a7dc50c72e78ed29275656262f542f7ba02799aac3e61a9c2458edf6dc5866285956814a8a761eb9c5901bd01de66d2adf5ab12228062a3e314b8c59cb17a34bdbbd8d7bf26475bbc3c425863"}, @INET_DIAG_REQ_BYTECODE={0x98, 0x1, "16c3e35fff908e07552edef2510c80ed5beb0d5344482967841bf8e256bb66e20d80e6daab1d5d406d26836c6ad8bcd174f2b0dddaa51dc88ffc09c0fa16a430308a8922f4c123e39586baaec79b70b7e892b473925caa76ad315be359e8b5ceca708f266ebb89c7eb5e7f77f95eabbb73631cb841451006f5a26859d281e06f09c7de8a9c5afeec38bff94586e0bc340dbc10da"}, @INET_DIAG_REQ_BYTECODE={0xf2, 0x1, "fbcf41a4b5584c736b66d1a1285c4c0f47607d254330b16ea9e085dfcfc49cd949b3e0f1898e259434e08a6f08448b3ec3177e876349d5975e433676ac27347bc2a23c22f9ea4674980b37f928b20e969bdb4c350501659800705231d676b989b482a16af6c40a9eccca30a7e497e9a8eec1b0165adc99be891e8940384ebb350298c598227ade4c3a933890f3ce457b723db4a973be454d1ad75e595263e391a74190f5530538d4226977c5e662497f95a480c800a829563889d4f3aa620337a11dc42f5cb06a2189d2fa652aede423852ef2fd357aa661b0e687e749f323c4ae03ebc98f60927ac8e716baac33"}]}, 0x330}, 0x1, 0x0, 0x0, 0x40001}, 0x8004) (async)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="73d600001600156f0000000000000000030000002c697d1be1cb40b1e1", @ANYRES32=0x0], 0x18}}, 0x0) (async)

1.476666ms ago: executing program 2 (id=367):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x81) (async)
socket(0x15, 0x3, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000400000000000000000000850000002c000000850000002a00000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r3 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
creat(&(0x7f0000000100)='./bus\x00', 0x100) (async)
mount(&(0x7f0000000340)=@filename='\x00', &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='ecryptfs\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x2c4a, 0x9, 0xf8, 0x10000010000000, 0x10000, 0x3, 0x4002004c2, 0x1000, 0x2000009, 0x161, 0xfffffffffffffffb, 0x8, 0x71dd, 0x0, 0x8, 0x7fffffffffffffff], 0x100000, 0x2000c0})
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
setsockopt$inet6_tcp_int(r5, 0x6, 0x1e, 0x0, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x0, &(0x7f0000000140)=0xfffffffc, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000140)={[0xfc, 0x7fffffffffffffff, 0x7fffffffffffffff, 0x73, 0x100000000, 0x100, 0xffffffffffffffff, 0x3, 0x5, 0x8, 0x200, 0x5, 0xb5ef, 0x6, 0xfffffffffffffff9, 0x100000000], 0x2000, 0x6a10}) (async)
r6 = timerfd_create(0x1, 0x800)
ioctl$TFD_IOC_SET_TICKS(r6, 0x40085400, 0x0) (async)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r7, 0x6, 0x3, &(0x7f0000000ac0)=0xb3, 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xf, 0x4, 0x8, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
getsockopt$bt_l2cap_L2CAP_LM(r7, 0x6, 0x3, &(0x7f00000000c0), &(0x7f0000000080)=0x1)

156.209µs ago: executing program 3 (id=368):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f00000012c0)={0x0, 0x22, 0x5, {0x5, 0xc, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000200)={0x1, 0x7f, 0x2, &(0x7f0000000180)={0x5, "2b000200074e000000007a28ac2d90aa267fb02cf8ed1b085e7600"}})

0s ago: executing program 2 (id=369):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1})
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={<r5=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000300)={r5, <r6=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000100)={r6})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000280)={0x3, r8, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

BSS network, BSSID 50:50:50:50:50:50
[  394.028057][ T6033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.034508][ T6033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.058593][ T6101] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3'.
[  394.227867][ T6114] Bluetooth: MGMT ver 1.23
[  394.376745][ T6121] syzkaller0: entered promiscuous mode
[  394.378546][ T6121] syzkaller0: entered allmulticast mode
[  394.535634][   T60] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  394.685729][   T60] usb 8-1: Using ep0 maxpacket: 8
[  394.699271][   T60] usb 8-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  394.702685][   T60] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.706380][   T60] usb 8-1: Product: syz
[  394.708034][   T60] usb 8-1: Manufacturer: syz
[  394.709459][   T60] usb 8-1: SerialNumber: syz
[  394.714481][   T60] usb 8-1: config 0 descriptor??
[  394.720710][   T60] option 8-1:0.0: GSM modem (1-port) converter detected
[  394.825577][ T6000] Bluetooth: hci0: command tx timeout
[  394.895670][ T6000] Bluetooth: hci3: command tx timeout
[  394.895716][ T6006] Bluetooth: hci2: command tx timeout
[  394.897531][ T5296] Bluetooth: hci1: command tx timeout
[  394.977524][  T837] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  395.126073][  T837] usb 7-1: Using ep0 maxpacket: 8
[  395.129692][  T837] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  395.132943][  T837] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  395.136442][  T837] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  395.139452][  T837] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  395.143710][  T837] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  395.147045][  T837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.354611][  T837] usb 7-1: GET_CAPABILITIES returned 0
[  395.357026][  T837] usbtmc 7-1:16.0: can't read capabilities
[  395.433653][   T40] kauditd_printk_skb: 72 callbacks suppressed
[  395.433665][   T40] audit: type=1400 audit(1768437026.465:164): avc:  denied  { ioctl } for  pid=6140 comm="syz.1.18" path="socket:[10557]" dev="sockfs" ino=10557 ioctlcmd=0x9408 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  395.468224][   T40] audit: type=1400 audit(1768437026.505:165): avc:  denied  { append } for  pid=6143 comm="syz.1.19" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  395.554938][   T40] audit: type=1400 audit(1768437026.585:166): avc:  denied  { write } for  pid=6129 comm="syz.2.16" name="usbtmc0" dev="devtmpfs" ino=2843 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  395.568552][ T6090] usb 7-1: USB disconnect, device number 2
[  395.632503][   T40] audit: type=1400 audit(1768437026.665:167): avc:  denied  { read write } for  pid=6153 comm="syz.1.22" name="vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  395.646953][   T40] audit: type=1400 audit(1768437026.685:168): avc:  denied  { open } for  pid=6153 comm="syz.1.22" path="/dev/vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  395.647846][ T6156] devpts: Unknown parameter 'grpquota'
[  395.660541][   T40] audit: type=1400 audit(1768437026.695:169): avc:  denied  { ioctl } for  pid=6153 comm="syz.1.22" path="/dev/vhost-net" dev="devtmpfs" ino=1300 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  395.707271][   T40] audit: type=1400 audit(1768437026.745:170): avc:  denied  { read } for  pid=6158 comm="syz.1.24" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  395.708129][ T6159] FAULT_INJECTION: forcing a failure.
[  395.708129][ T6159] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  395.716186][   T40] audit: type=1400 audit(1768437026.745:171): avc:  denied  { open } for  pid=6158 comm="syz.1.24" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  395.720323][ T6159] CPU: 0 UID: 0 PID: 6159 Comm: syz.1.24 Not tainted syzkaller #0 PREEMPT(full) 
[  395.720337][ T6159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  395.720343][ T6159] Call Trace:
[  395.720348][ T6159]  <TASK>
[  395.720352][ T6159]  dump_stack_lvl+0x16c/0x1f0
[  395.720371][ T6159]  should_fail_ex+0x512/0x640
[  395.720388][ T6159]  _copy_to_user+0x32/0xd0
[  395.720404][ T6159]  msr_read+0x14e/0x250
[  395.720420][ T6159]  ? __pfx_msr_read+0x10/0x10
[  395.720434][ T6159]  ? bpf_lsm_file_permission+0x9/0x10
[  395.720444][ T6159]  ? security_file_permission+0x71/0x210
[  395.720459][ T6159]  ? rw_verify_area+0xcf/0x6c0
[  395.720470][ T6159]  ? __pfx_msr_read+0x10/0x10
[  395.720485][ T6159]  vfs_read+0x1e4/0xcf0
[  395.720499][ T6159]  ? __pfx_vfs_read+0x10/0x10
[  395.720510][ T6159]  ? find_held_lock+0x2b/0x80
[  395.720526][ T6159]  ? __fget_files+0x204/0x3c0
[  395.720542][ T6159]  ? __fget_files+0x20e/0x3c0
[  395.720564][ T6159]  ksys_read+0x12a/0x250
[  395.720580][ T6159]  ? __pfx_ksys_read+0x10/0x10
[  395.720605][ T6159]  do_syscall_64+0xcd/0xf80
[  395.720628][ T6159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.720645][ T6159] RIP: 0033:0x7f9fbab8f7c9
[  395.720659][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.720672][ T6159] RSP: 002b:00007f9fbba11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  395.720683][ T6159] RAX: ffffffffffffffda RBX: 00007f9fbade5fa0 RCX: 00007f9fbab8f7c9
[  395.720689][ T6159] RDX: 0000000000018ff8 RSI: 0000200000032680 RDI: 0000000000000003
[  395.720694][ T6159] RBP: 00007f9fbba11090 R08: 0000000000000000 R09: 0000000000000000
[  395.720700][ T6159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  395.720705][ T6159] R13: 00007f9fbade6038 R14: 00007f9fbade5fa0 R15: 00007ffec65cfe18
[  395.720718][ T6159]  </TASK>
[  395.892538][   T40] audit: type=1400 audit(1768437026.925:172): avc:  denied  { add_name } for  pid=6162 comm="syz.0.25" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  395.900760][   T40] audit: type=1400 audit(1768437026.925:173): avc:  denied  { create } for  pid=6162 comm="syz.0.25" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  396.325724][ T5962] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  396.475705][ T5962] usb 5-1: Using ep0 maxpacket: 8
[  396.476174][ T6184] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.479842][ T5962] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  396.480624][ T6184] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.484602][ T5962] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  396.490587][ T5962] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  396.493626][ T5962] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  396.497894][ T5962] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  396.501139][ T5962] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.535754][ T6184] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  396.543328][ T6184] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  396.634765][ T6033] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  396.644096][ T6033] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  396.662027][ T6033] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  396.680140][ T1145] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  396.709247][ T5962] usb 5-1: GET_CAPABILITIES returned 0
[  396.711243][ T5962] usbtmc 5-1:16.0: can't read capabilities
[  396.895696][ T5296] Bluetooth: hci0: command tx timeout
[  396.903406][ T6196] FAULT_INJECTION: forcing a failure.
[  396.903406][ T6196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.908027][ T6196] CPU: 2 UID: 0 PID: 6196 Comm: syz.2.38 Not tainted syzkaller #0 PREEMPT(full) 
[  396.908041][ T6196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  396.908047][ T6196] Call Trace:
[  396.908052][ T6196]  <TASK>
[  396.908056][ T6196]  dump_stack_lvl+0x16c/0x1f0
[  396.908076][ T6196]  should_fail_ex+0x512/0x640
[  396.908094][ T6196]  _copy_from_user+0x2e/0xd0
[  396.908110][ T6196]  __sys_bpf+0x248/0x4980
[  396.908128][ T6196]  ? __pfx___sys_bpf+0x10/0x10
[  396.908141][ T6196]  ? find_held_lock+0x2b/0x80
[  396.908159][ T6196]  ? find_held_lock+0x2b/0x80
[  396.908176][ T6196]  ? __mutex_unlock_slowpath+0x161/0x790
[  396.908198][ T6196]  ? fput+0x70/0xf0
[  396.908208][ T6196]  ? ksys_write+0x1ac/0x250
[  396.908220][ T6196]  ? __pfx_ksys_write+0x10/0x10
[  396.908235][ T6196]  __x64_sys_bpf+0x78/0xc0
[  396.908248][ T6196]  ? lockdep_hardirqs_on+0x7c/0x110
[  396.908262][ T6196]  do_syscall_64+0xcd/0xf80
[  396.908275][ T6196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.908285][ T6196] RIP: 0033:0x7f41aa18f7c9
[  396.908294][ T6196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.908304][ T6196] RSP: 002b:00007f41ab0f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  396.908314][ T6196] RAX: ffffffffffffffda RBX: 00007f41aa3e5fa0 RCX: 00007f41aa18f7c9
[  396.908320][ T6196] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  396.908325][ T6196] RBP: 00007f41ab0f1090 R08: 0000000000000000 R09: 0000000000000000
[  396.908331][ T6196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.908336][ T6196] R13: 00007f41aa3e6038 R14: 00007f41aa3e5fa0 R15: 00007ffd81e56d88
[  396.908349][ T6196]  </TASK>
[  396.975760][ T5296] Bluetooth: hci1: command tx timeout
[  396.977004][ T6000] Bluetooth: hci2: command tx timeout
[  396.977839][ T6006] Bluetooth: hci3: command tx timeout
[  397.027832][   T29] usb 8-1: USB disconnect, device number 2
[  397.034720][   T29] option 8-1:0.0: device disconnected
[  397.037864][ T6203] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=6203 comm=syz.2.40
[  397.214207][ T6211] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.217322][ T6211] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.271567][ T6211] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  397.279375][ T6211] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  397.371662][   T65] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  397.404703][ T6034] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  397.408045][ T6034] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  397.411257][ T6050] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  397.424954][ T6218] program syz.3.47 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  397.430088][ T6218] ata1.00: invalid command format 0
[  397.565578][   T60] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  397.715612][   T60] usb 6-1: Using ep0 maxpacket: 8
[  397.719617][   T60] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  397.722958][   T60] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  397.726223][   T60] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  397.729218][   T60] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  397.733259][   T60] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  397.736230][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.139645][ T6225] =======================================================
[  398.139645][ T6225] WARNING: The mand mount option has been deprecated and
[  398.139645][ T6225]          and is ignored by this kernel. Remove the mand
[  398.139645][ T6225]          option from the mount to silence this warning.
[  398.139645][ T6225] =======================================================
[  398.344513][ T6234] syzkaller0: entered promiscuous mode
[  398.346437][ T6234] syzkaller0: entered allmulticast mode
[  398.349938][ T6234] FAULT_INJECTION: forcing a failure.
[  398.349938][ T6234] name failslab, interval 1, probability 0, space 0, times 0
[  398.354045][ T6234] CPU: 0 UID: 0 PID: 6234 Comm: syz.3.53 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  398.354069][ T6234] Tainted: [L]=SOFTLOCKUP
[  398.354074][ T6234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  398.354082][ T6234] Call Trace:
[  398.354089][ T6234]  <TASK>
[  398.354096][ T6234]  dump_stack_lvl+0x16c/0x1f0
[  398.354123][ T6234]  should_fail_ex+0x512/0x640
[  398.354144][ T6234]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  398.354162][ T6234]  should_failslab+0xc2/0x120
[  398.354184][ T6234]  kmem_cache_alloc_node_noprof+0x86/0x800
[  398.354199][ T6234]  ? __alloc_skb+0x156/0x410
[  398.354218][ T6234]  ? __alloc_skb+0x156/0x410
[  398.354229][ T6234]  __alloc_skb+0x156/0x410
[  398.354240][ T6234]  ? __alloc_skb+0x35d/0x410
[  398.354248][ T6234]  ? __pfx___alloc_skb+0x10/0x10
[  398.354257][ T6234]  ? process_measurement+0x4a6/0x22d0
[  398.354271][ T6234]  ? down_write+0x14d/0x200
[  398.354288][ T6234]  alloc_skb_with_frags+0xe0/0x860
[  398.354304][ T6234]  sock_alloc_send_pskb+0x7f9/0x980
[  398.354322][ T6234]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  398.354335][ T6234]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  398.354350][ T6234]  ? find_held_lock+0x2b/0x80
[  398.354365][ T6234]  ? dev_get_by_index+0x17c/0x380
[  398.354380][ T6234]  packet_sendmsg+0x1fe4/0x54a0
[  398.354400][ T6234]  ? sock_has_perm+0x258/0x2f0
[  398.354411][ T6234]  ? __pfx_sock_has_perm+0x10/0x10
[  398.354422][ T6234]  ? __pfx_packet_sendmsg+0x10/0x10
[  398.354439][ T6234]  ____sys_sendmsg+0xa5d/0xc30
[  398.354453][ T6234]  ? copy_msghdr_from_user+0x10a/0x160
[  398.354463][ T6234]  ? __pfx_____sys_sendmsg+0x10/0x10
[  398.354482][ T6234]  ___sys_sendmsg+0x134/0x1d0
[  398.354494][ T6234]  ? __pfx____sys_sendmsg+0x10/0x10
[  398.354519][ T6234]  __sys_sendmsg+0x16d/0x220
[  398.354530][ T6234]  ? __pfx___sys_sendmsg+0x10/0x10
[  398.354548][ T6234]  do_syscall_64+0xcd/0xf80
[  398.354563][ T6234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.354573][ T6234] RIP: 0033:0x7fa037f8f7c9
[  398.354581][ T6234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.354591][ T6234] RSP: 002b:00007fa038e76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.354600][ T6234] RAX: ffffffffffffffda RBX: 00007fa0381e5fa0 RCX: 00007fa037f8f7c9
[  398.354607][ T6234] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000007
[  398.354612][ T6234] RBP: 00007fa038e76090 R08: 0000000000000000 R09: 0000000000000000
[  398.354617][ T6234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.354623][ T6234] R13: 00007fa0381e6038 R14: 00007fa0381e5fa0 R15: 00007fffa7928998
[  398.354636][ T6234]  </TASK>
[  398.976533][ T6000] Bluetooth: hci0: command tx timeout
[  399.065883][ T6000] Bluetooth: hci2: command tx timeout
[  399.065903][ T5296] Bluetooth: hci1: command tx timeout
[  399.066439][ T6006] Bluetooth: hci3: command tx timeout
[  399.829675][ T6253] /dev/sg0: Can't lookup blockdev
[  399.859339][ T6257] netlink: 4 bytes leftover after parsing attributes in process `syz.3.61'.
[  400.085983][ T6265] binder: BINDER_SET_CONTEXT_MGR bad uid 60929 != 0
[  400.088758][ T6265] binder: 6264:6265 ioctl 4018620d 200000004a80 returned -1
[  400.210595][ T6262] netlink: 40 bytes leftover after parsing attributes in process `syz.3.63'.
[  400.762170][ T6269] syz.3.65 uses obsolete (PF_INET,SOCK_PACKET)
[  400.812845][   T40] kauditd_printk_skb: 50 callbacks suppressed
[  400.812859][   T40] audit: type=1326 audit(1768437031.845:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6268 comm="syz.3.65" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa037f8f7c9 code=0x0
[  400.881771][ T6271] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.886196][ T6271] 8021q: adding VLAN 0 to HW filter on device team0
[  400.893320][ T6271] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  400.924766][   T40] audit: type=1400 audit(1768437031.955:225): avc:  denied  { setopt } for  pid=6268 comm="syz.3.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  401.043972][   T40] audit: type=1800 audit(1768437032.075:226): pid=6279 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.68" name="bus" dev="9p" ino=72876391 res=0 errno=0
[  401.051390][   T40] audit: type=1800 audit(1768437032.085:227): pid=6279 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.68" name="bus" dev="9p" ino=72876391 res=0 errno=0
[  401.221810][ T6282] FAULT_INJECTION: forcing a failure.
[  401.221810][ T6282] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.230283][ T6282] CPU: 3 UID: 0 PID: 6282 Comm: syz.2.69 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  401.230305][ T6282] Tainted: [L]=SOFTLOCKUP
[  401.230309][ T6282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.230318][ T6282] Call Trace:
[  401.230322][ T6282]  <TASK>
[  401.230326][ T6282]  dump_stack_lvl+0x16c/0x1f0
[  401.230347][ T6282]  should_fail_ex+0x512/0x640
[  401.230384][ T6282]  _copy_from_user+0x2e/0xd0
[  401.230416][ T6282]  copy_msghdr_from_user+0x98/0x160
[  401.230428][ T6282]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  401.230445][ T6282]  ___sys_sendmsg+0xfe/0x1d0
[  401.230456][ T6282]  ? __pfx____sys_sendmsg+0x10/0x10
[  401.230482][ T6282]  __sys_sendmsg+0x16d/0x220
[  401.230493][ T6282]  ? __pfx___sys_sendmsg+0x10/0x10
[  401.230512][ T6282]  do_syscall_64+0xcd/0xf80
[  401.230527][ T6282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.230537][ T6282] RIP: 0033:0x7f41aa18f7c9
[  401.230545][ T6282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.230555][ T6282] RSP: 002b:00007f41ab0f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.230565][ T6282] RAX: ffffffffffffffda RBX: 00007f41aa3e5fa0 RCX: 00007f41aa18f7c9
[  401.230571][ T6282] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  401.230576][ T6282] RBP: 00007f41ab0f1090 R08: 0000000000000000 R09: 0000000000000000
[  401.230582][ T6282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.230587][ T6282] R13: 00007f41aa3e6038 R14: 00007f41aa3e5fa0 R15: 00007ffd81e56d88
[  401.230600][ T6282]  </TASK>
[  401.936354][ T6170] usbtmc 5-1:16.0: stb usb_control_msg returned -110
[  401.948894][ T5962] usb 5-1: USB disconnect, device number 2
[  401.956100][   T60] usb 6-1: usb_control_msg returned -71
[  401.957969][   T60] usbtmc 6-1:16.0: can't read capabilities
[  401.966701][   T60] usb 6-1: USB disconnect, device number 2
[  401.975300][   T40] audit: type=1400 audit(1768437033.005:228): avc:  denied  { write } for  pid=6288 comm="syz.0.72" name="ip_tables_matches" dev="proc" ino=4026533151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  402.020646][   T40] audit: type=1400 audit(1768437033.055:229): avc:  denied  { mount } for  pid=6291 comm="syz.1.73" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  402.032215][ T6296] faux_driver vkms: [drm] Unknown color mode 256; guessing buffer size.
[  402.033231][ T6294] xt_TPROXY: Can be used only with -p tcp or -p udp
[  402.094741][   T40] audit: type=1400 audit(1768437033.125:230): avc:  denied  { write } for  pid=6297 comm="syz.0.74" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  402.105585][   T40] audit: type=1400 audit(1768437033.135:231): avc:  denied  { open } for  pid=6297 comm="syz.0.74" path="/7/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  402.114913][   T40] audit: type=1400 audit(1768437033.135:232): avc:  denied  { ioctl } for  pid=6297 comm="syz.0.74" path="/7/file0/file0" dev="fuse" ino=64 ioctlcmd=0x4d15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  402.126294][   T40] audit: type=1400 audit(1768437033.165:233): avc:  denied  { sys_module } for  pid=6299 comm="syz.3.75" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  402.166364][ T6301] Zero length message leads to an empty skb
[  402.583477][ T6323] comedi comedi0: s526: a I/O base address must be specified
[  402.725625][ T6090] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  402.795584][ T6329] netlink: 24 bytes leftover after parsing attributes in process `syz.1.84'.
[  402.802033][ T6329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.84'.
[  402.875545][ T6090] usb 8-1: Using ep0 maxpacket: 8
[  402.879375][ T6090] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  402.883156][ T6090] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  402.886881][ T6090] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  402.890101][ T6090] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  402.894104][ T6090] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  402.897168][ T6090] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.109492][ T6090] usb 8-1: usb_control_msg returned -71
[  403.114212][ T6090] usbtmc 8-1:16.0: can't read capabilities
[  403.127332][ T6090] usb 8-1: USB disconnect, device number 3
[  403.292295][ T6336] capability: warning: `syz.1.85' uses deprecated v2 capabilities in a way that may be insecure
[  403.386716][ T6083] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  403.535582][ T6083] usb 7-1: Using ep0 maxpacket: 8
[  403.540962][ T6083] usb 7-1: config 0 interface 0 has no altsetting 0
[  403.543338][ T6083] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  403.546989][ T6083] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.550988][ T6083] usb 7-1: config 0 descriptor??
[  403.661958][ T6338] fuse: Unknown parameter 'grouœid'
[  403.665041][ T6338] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  403.673671][ T6338] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  403.966546][ T6083] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  404.166618][ T5963] usb 7-1: USB disconnect, device number 3
[  404.197858][ T6340] syzkaller0: entered promiscuous mode
[  404.199723][ T6340] syzkaller0: entered allmulticast mode
[  404.945645][ T6093] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  405.095575][ T6093] usb 8-1: Using ep0 maxpacket: 8
[  405.100342][ T6093] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  405.104952][ T6093] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  405.110300][ T6093] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  405.116088][ T6093] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  405.121572][ T6093] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  405.125273][ T6093] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.345550][ T6093] usb 8-1: GET_CAPABILITIES returned 0
[  405.347339][ T6093] usbtmc 8-1:16.0: can't read capabilities
[  405.537168][ T5296] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  405.541479][ T5296] Bluetooth: hci1: Injecting HCI hardware error event
[  405.546273][ T5296] Bluetooth: hci1: hardware error 0x00
[  405.554699][   T60] usb 8-1: USB disconnect, device number 4
[  405.739978][ T6370] kvm: pic: non byte write
[  405.748451][ T6369] FAULT_INJECTION: forcing a failure.
[  405.748451][ T6369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.753528][ T6369] CPU: 0 UID: 0 PID: 6369 Comm: syz.1.99 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  405.753545][ T6369] Tainted: [L]=SOFTLOCKUP
[  405.753548][ T6369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.753554][ T6369] Call Trace:
[  405.753559][ T6369]  <TASK>
[  405.753563][ T6369]  dump_stack_lvl+0x16c/0x1f0
[  405.753581][ T6369]  should_fail_ex+0x512/0x640
[  405.753600][ T6369]  __kvm_read_guest_page+0x186/0x250
[  405.753617][ T6369]  kvm_fetch_guest_virt+0x128/0x1a0
[  405.753634][ T6369]  __do_insn_fetch_bytes+0x4fa/0x720
[  405.753648][ T6369]  ? rcu_is_watching+0x12/0xc0
[  405.753658][ T6369]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  405.753673][ T6369]  ? update_load_avg+0x233/0x2220
[  405.753687][ T6369]  x86_decode_insn+0xf88/0x6170
[  405.753708][ T6369]  ? __pfx_x86_decode_insn+0x10/0x10
[  405.753724][ T6369]  ? vmx_cache_reg+0x333/0x5e0
[  405.753733][ T6369]  ? kvm_register_read_raw+0xe9/0x240
[  405.753747][ T6369]  ? init_decode_cache+0xd/0x2a0
[  405.753761][ T6369]  ? init_emulate_ctxt+0x337/0x510
[  405.753775][ T6369]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  405.753791][ T6369]  ? kvm_multiple_exception+0x363/0x750
[  405.753807][ T6369]  x86_emulate_instruction+0x838/0x1c00
[  405.753820][ T6369]  ? trace_sched_exit_tp+0xd1/0x110
[  405.753831][ T6369]  ? __schedule+0x10b9/0x6150
[  405.753842][ T6369]  ? __schedule+0x114c/0x6150
[  405.753855][ T6369]  handle_ud+0x103/0x280
[  405.753866][ T6369]  ? __pfx_handle_ud+0x10/0x10
[  405.753886][ T6369]  ? __pfx_nested_vmx_reflect_vmexit+0x10/0x10
[  405.753901][ T6369]  handle_exception_nmi+0x856/0x1720
[  405.753915][ T6369]  ? __pfx_handle_exception_nmi+0x10/0x10
[  405.753927][ T6369]  vmx_handle_exit+0x129b/0x1a00
[  405.753942][ T6369]  vcpu_run+0x3468/0x5a80
[  405.753960][ T6369]  ? __pfx_vcpu_run+0x10/0x10
[  405.753971][ T6369]  ? kvm_get_linear_rip+0xa4/0x1d0
[  405.753981][ T6369]  ? __pfx_kvm_get_linear_rip+0x10/0x10
[  405.753994][ T6369]  ? rcu_is_watching+0x12/0xc0
[  405.754004][ T6369]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  405.754016][ T6369]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  405.754032][ T6369]  kvm_vcpu_ioctl+0x76d/0x16d0
[  405.754048][ T6369]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  405.754063][ T6369]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  405.754076][ T6369]  ? do_vfs_ioctl+0x128/0x14f0
[  405.754091][ T6369]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  405.754105][ T6369]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  405.754132][ T6369]  ? hook_file_ioctl_common+0x144/0x410
[  405.754159][ T6369]  ? selinux_file_ioctl+0x180/0x270
[  405.754177][ T6369]  ? selinux_file_ioctl+0xb4/0x270
[  405.754198][ T6369]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  405.754217][ T6369]  __x64_sys_ioctl+0x18e/0x210
[  405.754237][ T6369]  do_syscall_64+0xcd/0xf80
[  405.754259][ T6369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.754275][ T6369] RIP: 0033:0x7f9fbab8f7c9
[  405.754287][ T6369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.754302][ T6369] RSP: 002b:00007f9fbba11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  405.754317][ T6369] RAX: ffffffffffffffda RBX: 00007f9fbade5fa0 RCX: 00007f9fbab8f7c9
[  405.754326][ T6369] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  405.754336][ T6369] RBP: 00007f9fbba11090 R08: 0000000000000000 R09: 0000000000000000
[  405.754345][ T6369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  405.754353][ T6369] R13: 00007f9fbade6038 R14: 00007f9fbade5fa0 R15: 00007ffec65cfe18
[  405.754375][ T6369]  </TASK>
[  406.042973][ T6380] fuse: Bad value for 'user_id'
[  406.044890][ T6380] fuse: Bad value for 'user_id'
[  406.134968][   T40] kauditd_printk_skb: 29 callbacks suppressed
[  406.134979][   T40] audit: type=1800 audit(1768437037.165:263): pid=6387 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.106" name="bus" dev="9p" ino=72876391 res=0 errno=0
[  406.136995][   T40] audit: type=1800 audit(1768437037.175:264): pid=6387 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.106" name="bus" dev="9p" ino=72876391 res=0 errno=0
[  406.215548][ T6090] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  406.229448][ T6391] netlink: 40 bytes leftover after parsing attributes in process `syz.1.107'.
[  406.235393][   T40] audit: type=1400 audit(1768437037.265:265): avc:  denied  { read write } for  pid=6390 comm="syz.1.107" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  406.246429][   T40] audit: type=1400 audit(1768437037.285:266): avc:  denied  { open } for  pid=6390 comm="syz.1.107" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  406.279185][   T40] audit: type=1400 audit(1768437037.315:267): avc:  denied  { write } for  pid=6392 comm="syz.1.109" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  406.289526][   T40] audit: type=1400 audit(1768437037.325:268): avc:  denied  { open } for  pid=6392 comm="syz.1.109" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  406.298762][   T40] audit: type=1400 audit(1768437037.325:269): avc:  denied  { ioctl } for  pid=6392 comm="syz.1.109" path="socket:[11101]" dev="sockfs" ino=11101 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  406.309716][   T40] audit: type=1400 audit(1768437037.345:270): avc:  denied  { read } for  pid=6392 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  406.361286][   T40] audit: type=1400 audit(1768437037.395:271): avc:  denied  { setopt } for  pid=6392 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  406.372627][   T40] audit: type=1400 audit(1768437037.405:272): avc:  denied  { write } for  pid=6392 comm="syz.1.109" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  406.373135][ T6398] binder: BINDER_SET_CONTEXT_MGR already set
[  406.384788][ T6398] binder: 6392:6398 ioctl 4018620d 200000000040 returned -16
[  406.387123][ T6090] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  406.392053][ T6393] netlink: 16 bytes leftover after parsing attributes in process `syz.1.109'.
[  406.395817][ T6090] usb 5-1: config 0 has no interface number 0
[  406.398503][ T6090] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  406.403979][ T6090] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 64
[  406.412157][ T6090] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  406.415206][ T6090] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.419708][ T6090] usb 5-1: config 0 descriptor??
[  406.422311][ T6375] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  406.432247][ T6090] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  406.630136][   T29] usb 5-1: USB disconnect, device number 3
[  407.158905][ T6403] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  407.162085][ T6403] SELinux: failed to load policy
[  407.192971][ T6406] FAULT_INJECTION: forcing a failure.
[  407.192971][ T6406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.200691][ T6406] CPU: 1 UID: 0 PID: 6406 Comm: syz.1.111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  407.200710][ T6406] Tainted: [L]=SOFTLOCKUP
[  407.200713][ T6406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.200719][ T6406] Call Trace:
[  407.200723][ T6406]  <TASK>
[  407.200727][ T6406]  dump_stack_lvl+0x16c/0x1f0
[  407.200746][ T6406]  should_fail_ex+0x512/0x640
[  407.200765][ T6406]  _copy_to_user+0x32/0xd0
[  407.200782][ T6406]  msr_read+0x14e/0x250
[  407.200799][ T6406]  ? __pfx_msr_read+0x10/0x10
[  407.200814][ T6406]  ? bpf_lsm_file_permission+0x9/0x10
[  407.200825][ T6406]  ? security_file_permission+0x71/0x210
[  407.200841][ T6406]  ? rw_verify_area+0xcf/0x6c0
[  407.200853][ T6406]  ? __pfx_msr_read+0x10/0x10
[  407.200868][ T6406]  vfs_read+0x1e4/0xcf0
[  407.200884][ T6406]  ? __pfx_vfs_read+0x10/0x10
[  407.200895][ T6406]  ? find_held_lock+0x2b/0x80
[  407.200918][ T6406]  ? __fget_files+0x204/0x3c0
[  407.200935][ T6406]  ? __fget_files+0x20e/0x3c0
[  407.200953][ T6406]  ksys_read+0x12a/0x250
[  407.200966][ T6406]  ? __pfx_ksys_read+0x10/0x10
[  407.200983][ T6406]  do_syscall_64+0xcd/0xf80
[  407.200998][ T6406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.201009][ T6406] RIP: 0033:0x7f9fbab8f7c9
[  407.201018][ T6406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.201028][ T6406] RSP: 002b:00007f9fbba11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  407.201038][ T6406] RAX: ffffffffffffffda RBX: 00007f9fbade5fa0 RCX: 00007f9fbab8f7c9
[  407.201044][ T6406] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  407.201050][ T6406] RBP: 00007f9fbba11090 R08: 0000000000000000 R09: 0000000000000000
[  407.201056][ T6406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  407.201062][ T6406] R13: 00007f9fbade6038 R14: 00007f9fbade5fa0 R15: 00007ffec65cfe18
[  407.201075][ T6406]  </TASK>
[  407.298234][ T6415] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  407.300731][ T6415] IPv6: NLM_F_CREATE should be set when creating new route
[  407.303009][ T6415] IPv6: NLM_F_CREATE should be set when creating new route
[  407.305356][ T6415] IPv6: NLM_F_CREATE should be set when creating new route
[  407.555531][   T29] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  407.615609][ T5296] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  407.705532][   T29] usb 6-1: Using ep0 maxpacket: 8
[  407.717294][   T29] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  407.721176][   T29] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  407.724718][   T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  407.729766][   T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  407.734367][   T29] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  407.738208][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.745714][   T29] hub 6-1:1.0: bad descriptor, ignoring hub
[  407.748241][   T29] hub 6-1:1.0: probe with driver hub failed with error -5
[  407.756177][   T29] cdc_wdm 6-1:1.0: skipping garbage
[  407.758287][   T29] cdc_wdm 6-1:1.0: skipping garbage
[  407.762526][   T29] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  407.764679][   T29] cdc_wdm 6-1:1.0: Unknown control protocol
[  409.171156][ T6457] FAULT_INJECTION: forcing a failure.
[  409.171156][ T6457] name failslab, interval 1, probability 0, space 0, times 0
[  409.176347][ T6457] CPU: 3 UID: 0 PID: 6457 Comm: syz.3.127 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  409.176373][ T6457] Tainted: [L]=SOFTLOCKUP
[  409.176378][ T6457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  409.176387][ T6457] Call Trace:
[  409.176393][ T6457]  <TASK>
[  409.176400][ T6457]  dump_stack_lvl+0x16c/0x1f0
[  409.176426][ T6457]  should_fail_ex+0x512/0x640
[  409.176450][ T6457]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  409.176472][ T6457]  should_failslab+0xc2/0x120
[  409.176494][ T6457]  kmem_cache_alloc_node_noprof+0x86/0x800
[  409.176511][ T6457]  ? __alloc_skb+0x156/0x410
[  409.176530][ T6457]  ? __alloc_skb+0x156/0x410
[  409.176544][ T6457]  __alloc_skb+0x156/0x410
[  409.176556][ T6457]  ? __alloc_skb+0x35d/0x410
[  409.176571][ T6457]  ? __pfx___alloc_skb+0x10/0x10
[  409.176585][ T6457]  ? netlink_autobind.isra.0+0x158/0x370
[  409.176612][ T6457]  netlink_alloc_large_skb+0x69/0x140
[  409.176636][ T6457]  netlink_sendmsg+0x698/0xdd0
[  409.176660][ T6457]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.176688][ T6457]  ____sys_sendmsg+0xa5d/0xc30
[  409.176712][ T6457]  ? copy_msghdr_from_user+0x10a/0x160
[  409.176729][ T6457]  ? __pfx_____sys_sendmsg+0x10/0x10
[  409.176760][ T6457]  ___sys_sendmsg+0x134/0x1d0
[  409.176780][ T6457]  ? __pfx____sys_sendmsg+0x10/0x10
[  409.176825][ T6457]  __sys_sendmsg+0x16d/0x220
[  409.176844][ T6457]  ? __pfx___sys_sendmsg+0x10/0x10
[  409.176875][ T6457]  do_syscall_64+0xcd/0xf80
[  409.176897][ T6457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.176915][ T6457] RIP: 0033:0x7fa037f8f7c9
[  409.176928][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.176943][ T6457] RSP: 002b:00007fa038e76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  409.176958][ T6457] RAX: ffffffffffffffda RBX: 00007fa0381e5fa0 RCX: 00007fa037f8f7c9
[  409.176969][ T6457] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  409.176978][ T6457] RBP: 00007fa038e76090 R08: 0000000000000000 R09: 0000000000000000
[  409.176987][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.176996][ T6457] R13: 00007fa0381e6038 R14: 00007fa0381e5fa0 R15: 00007fffa7928998
[  409.177019][ T6457]  </TASK>
[  409.411390][ T6466] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  409.596209][ T6090] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  409.745563][ T6090] usb 7-1: Using ep0 maxpacket: 16
[  409.756980][ T6090] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  409.764638][ T6090] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  409.768651][ T6090] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.772104][ T6090] usb 7-1: Product: syz
[  409.773879][ T6090] usb 7-1: Manufacturer: syz
[  409.776417][ T6090] usb 7-1: SerialNumber: syz
[  409.788524][ T6090] usb 7-1: config 0 descriptor??
[  409.795845][ T6090] hub 7-1:0.0: bad descriptor, ignoring hub
[  409.798337][ T6090] hub 7-1:0.0: probe with driver hub failed with error -5
[  409.806231][ T6090] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input5
[  410.000403][ T6468] netlink: 'syz.3.131': attribute type 1 has an invalid length.
[  410.003534][ T6468] netlink: 44 bytes leftover after parsing attributes in process `syz.3.131'.
[  410.065821][ T6472] netlink: 72 bytes leftover after parsing attributes in process `syz.3.132'.
[  410.068665][ T6472] netlink: 96 bytes leftover after parsing attributes in process `syz.3.132'.
[  410.405228][   T29] usb 6-1: USB disconnect, device number 3
[  410.800300][ T6511] kvm: pic: non byte write
[  410.809475][ T6097] usb 7-1: USB disconnect, device number 4
[  410.942297][ T6515] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  410.949848][ T6515] FAULT_INJECTION: forcing a failure.
[  410.949848][ T6515] name failslab, interval 1, probability 0, space 0, times 0
[  410.954274][ T6515] CPU: 3 UID: 0 PID: 6515 Comm: syz.1.144 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  410.954298][ T6515] Tainted: [L]=SOFTLOCKUP
[  410.954303][ T6515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  410.954312][ T6515] Call Trace:
[  410.954319][ T6515]  <TASK>
[  410.954326][ T6515]  dump_stack_lvl+0x16c/0x1f0
[  410.954350][ T6515]  should_fail_ex+0x512/0x640
[  410.954371][ T6515]  ? kmem_cache_alloc_noprof+0x62/0x770
[  410.954389][ T6515]  should_failslab+0xc2/0x120
[  410.954409][ T6515]  kmem_cache_alloc_noprof+0x83/0x770
[  410.954423][ T6515]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  410.954446][ T6515]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  410.954473][ T6515]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  410.954495][ T6515]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  410.954524][ T6515]  mmu_topup_memory_caches+0x25/0x170
[  410.954543][ T6515]  kvm_mmu_load+0xd6/0x2390
[  410.954562][ T6515]  ? kvm_lapic_sync_to_vapic+0x208/0x6d0
[  410.954585][ T6515]  ? __pfx_kvm_mmu_load+0x10/0x10
[  410.954604][ T6515]  ? vmx_update_cr8_intercept+0x1fd/0x370
[  410.954627][ T6515]  vcpu_run+0x39d2/0x5a80
[  410.954656][ T6515]  ? __pfx_vcpu_run+0x10/0x10
[  410.954682][ T6515]  ? rcu_is_watching+0x12/0xc0
[  410.954700][ T6515]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  410.954716][ T6515]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  410.954740][ T6515]  kvm_vcpu_ioctl+0x76d/0x16d0
[  410.954765][ T6515]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  410.954787][ T6515]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  410.954806][ T6515]  ? do_vfs_ioctl+0x128/0x14f0
[  410.954824][ T6515]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  410.954850][ T6515]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  410.954879][ T6515]  ? hook_file_ioctl_common+0x144/0x410
[  410.954907][ T6515]  ? selinux_file_ioctl+0x180/0x270
[  410.954925][ T6515]  ? selinux_file_ioctl+0xb4/0x270
[  410.954944][ T6515]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  410.954967][ T6515]  __x64_sys_ioctl+0x18e/0x210
[  410.954984][ T6515]  do_syscall_64+0xcd/0xf80
[  410.955006][ T6515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.955020][ T6515] RIP: 0033:0x7f9fbab8f7c9
[  410.955033][ T6515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.955047][ T6515] RSP: 002b:00007f9fbba11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  410.955061][ T6515] RAX: ffffffffffffffda RBX: 00007f9fbade5fa0 RCX: 00007f9fbab8f7c9
[  410.955071][ T6515] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  410.955080][ T6515] RBP: 00007f9fbba11090 R08: 0000000000000000 R09: 0000000000000000
[  410.955089][ T6515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  410.955097][ T6515] R13: 00007f9fbade6038 R14: 00007f9fbade5fa0 R15: 00007ffec65cfe18
[  410.955118][ T6515]  </TASK>
[  411.272230][ T6523] overlay: ./file0 is not a directory
[  411.279246][ T6523] Cannot find set identified by id 65534 to match
[  411.359979][ T6526] delete_channel: no stack
[  411.364594][   T40] kauditd_printk_skb: 49613 callbacks suppressed
[  411.364606][   T40] audit: type=1400 audit(1768437042.395:49886): avc:  denied  { create } for  pid=6526 comm="syz.1.149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  411.374741][   T40] audit: type=1400 audit(1768437042.405:49887): avc:  denied  { create } for  pid=6529 comm="syz.0.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  411.382082][   T40] audit: type=1400 audit(1768437042.405:49888): avc:  denied  { bind } for  pid=6529 comm="syz.0.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  411.390499][   T40] audit: type=1400 audit(1768437042.405:49889): avc:  denied  { read write } for  pid=6529 comm="syz.0.150" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  411.400679][   T40] audit: type=1400 audit(1768437042.405:49890): avc:  denied  { open } for  pid=6529 comm="syz.0.150" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  411.411981][   T40] audit: type=1400 audit(1768437042.415:49891): avc:  denied  { connect } for  pid=6529 comm="syz.0.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  411.491521][   T40] audit: type=1400 audit(1768437042.525:49892): avc:  denied  { ioctl } for  pid=6535 comm="syz.3.152" path="socket:[12877]" dev="sockfs" ino=12877 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  411.570505][ T6541] mmap: syz.3.154 (6541) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  411.636276][ T6543] binder: BINDER_SET_CONTEXT_MGR already set
[  411.638623][ T6543] binder: 6542:6543 ioctl 4018620d 200000004a80 returned -16
[  411.675049][   T40] audit: type=1400 audit(1768437042.705:49893): avc:  denied  { setopt } for  pid=6544 comm="syz.0.156" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  411.682127][   T40] audit: type=1400 audit(1768437042.715:49894): avc:  denied  { accept } for  pid=6544 comm="syz.0.156" lport=35233 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  411.729634][ T5296] Bluetooth: hci2: Malformed LE Event: 0x1b
[  411.875553][ T6097] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  412.025746][ T6097] usb 8-1: device descriptor read/64, error -71
[  412.265591][ T6097] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  412.328720][   T40] audit: type=1400 audit(1768437043.365:49895): avc:  denied  { append } for  pid=6569 comm="syz.1.162" name="001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  412.342428][ T6574] FAULT_INJECTION: forcing a failure.
[  412.342428][ T6574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.348115][ T6574] CPU: 1 UID: 0 PID: 6574 Comm: syz.2.163 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  412.348141][ T6574] Tainted: [L]=SOFTLOCKUP
[  412.348147][ T6574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  412.348156][ T6574] Call Trace:
[  412.348161][ T6574]  <TASK>
[  412.348167][ T6574]  dump_stack_lvl+0x16c/0x1f0
[  412.348192][ T6574]  should_fail_ex+0x512/0x640
[  412.348219][ T6574]  _copy_to_user+0x32/0xd0
[  412.348246][ T6574]  msr_read+0x14e/0x250
[  412.348271][ T6574]  ? __pfx_msr_read+0x10/0x10
[  412.348293][ T6574]  ? bpf_lsm_file_permission+0x9/0x10
[  412.348311][ T6574]  ? security_file_permission+0x71/0x210
[  412.348334][ T6574]  ? rw_verify_area+0xcf/0x6c0
[  412.348352][ T6574]  ? __pfx_msr_read+0x10/0x10
[  412.348376][ T6574]  vfs_read+0x1e4/0xcf0
[  412.348401][ T6574]  ? __pfx_vfs_read+0x10/0x10
[  412.348418][ T6574]  ? find_held_lock+0x2b/0x80
[  412.348443][ T6574]  ? __fget_files+0x204/0x3c0
[  412.348470][ T6574]  ? __fget_files+0x20e/0x3c0
[  412.348499][ T6574]  ksys_read+0x12a/0x250
[  412.348518][ T6574]  ? __pfx_ksys_read+0x10/0x10
[  412.348545][ T6574]  do_syscall_64+0xcd/0xf80
[  412.348568][ T6574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.348584][ T6574] RIP: 0033:0x7f41aa18f7c9
[  412.348598][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.348612][ T6574] RSP: 002b:00007f41ab0f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  412.348628][ T6574] RAX: ffffffffffffffda RBX: 00007f41aa3e5fa0 RCX: 00007f41aa18f7c9
[  412.348638][ T6574] RDX: 0000000000018ff8 RSI: 0000200000032680 RDI: 0000000000000003
[  412.348648][ T6574] RBP: 00007f41ab0f1090 R08: 0000000000000000 R09: 0000000000000000
[  412.348657][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  412.348666][ T6574] R13: 00007f41aa3e6038 R14: 00007f41aa3e5fa0 R15: 00007ffd81e56d88
[  412.348689][ T6574]  </TASK>
[  412.405712][ T6097] usb 8-1: device descriptor read/64, error -71
[  412.488546][ T6579] binder: BINDER_SET_CONTEXT_MGR already set
[  412.490693][ T6579] binder: 6578:6579 ioctl 4018620d 200000004a80 returned -16
[  412.546050][ T6097] usb usb8-port1: attempt power cycle
[  412.554332][ T6581] process 'syz.2.166' launched './file0' with NULL argv: empty string added
[  412.845509][   T75] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  412.895948][ T6097] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  412.902626][ T6607] netlink: 'syz.1.170': attribute type 29 has an invalid length.
[  412.907154][ T6609] netlink: 'syz.1.170': attribute type 29 has an invalid length.
[  412.927224][ T6097] usb 8-1: device descriptor read/8, error -71
[  413.007074][   T75] usb 7-1: Using ep0 maxpacket: 8
[  413.010780][   T75] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  413.016991][   T75] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  413.021148][   T75] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  413.024631][   T75] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  413.030002][   T75] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  413.033016][   T75] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.202331][ T6097] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  413.240332][ T6097] usb 8-1: device descriptor read/8, error -71
[  413.250553][   T75] usb 7-1: GET_CAPABILITIES returned 0
[  413.252694][   T75] usbtmc 7-1:16.0: can't read capabilities
[  413.345885][ T6097] usb usb8-port1: unable to enumerate USB device
[  413.514088][ T6586] netlink: 4356 bytes leftover after parsing attributes in process `syz.2.169'.
[  413.518344][ T6586] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  413.667447][   T75] usb 7-1: USB disconnect, device number 5
[  414.055629][   T29] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  414.208069][   T29] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  414.208095][   T29] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  414.208110][   T29] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  414.208150][   T29] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  414.209505][   T29] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  414.209527][   T29] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  414.209543][   T29] usb 5-1: Product: syz
[  414.209555][   T29] usb 5-1: Manufacturer: syz
[  414.214585][   T29] cdc_wdm 5-1:1.0: skipping garbage
[  414.214610][   T29] cdc_wdm 5-1:1.0: skipping garbage
[  414.216459][   T29] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  414.216477][   T29] cdc_wdm 5-1:1.0: Unknown control protocol
[  414.312121][ T6668] netlink: 'syz.2.182': attribute type 12 has an invalid length.
[  414.315061][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.182'.
[  414.329293][ T6668] netlink: 'syz.2.182': attribute type 12 has an invalid length.
[  414.329313][ T6034] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  414.332632][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.182'.
[  414.340728][ T6034] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  414.345388][ T6034] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  414.364205][ T6034] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  414.499927][   T29] usb 5-1: USB disconnect, device number 4
[  414.605648][ T6082] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  414.655708][ T5296] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  414.658627][ T5296] Bluetooth: hci3: Injecting HCI hardware error event
[  414.661958][ T6000] Bluetooth: hci3: hardware error 0x00
[  414.765565][ T6082] usb 6-1: Using ep0 maxpacket: 8
[  414.769328][ T6082] usb 6-1: config 0 interface 0 has no altsetting 0
[  414.771808][ T6082] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  414.775039][ T6082] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.779963][ T6082] usb 6-1: config 0 descriptor??
[  415.134508][ T6684] support for the xor transformation has been removed.
[  415.190475][ T6082] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  415.393500][   T29] usb 6-1: USB disconnect, device number 4
[  416.166487][ T6702] openvswitch: netlink: Duplicate or invalid key (type 0).
[  416.168961][ T6702] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  416.223352][ T6704] kvm: pic: non byte write
[  416.277773][ T6702] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=6702 comm=syz.3.195
[  416.415034][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  416.415048][   T40] audit: type=1400 audit(1768437047.445:49921): avc:  denied  { write } for  pid=6716 comm="syz.1.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  416.431643][   T40] audit: type=1400 audit(1768437047.465:49922): avc:  denied  { allowed } for  pid=6716 comm="syz.1.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  416.440706][   T40] audit: type=1400 audit(1768437047.475:49923): avc:  denied  { sqpoll } for  pid=6716 comm="syz.1.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  416.662277][ T6723] FAULT_INJECTION: forcing a failure.
[  416.662277][ T6723] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  416.669516][ T6723] CPU: 2 UID: 0 PID: 6723 Comm: syz.1.199 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  416.669535][ T6723] Tainted: [L]=SOFTLOCKUP
[  416.669538][ T6723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.669544][ T6723] Call Trace:
[  416.669549][ T6723]  <TASK>
[  416.669554][ T6723]  dump_stack_lvl+0x16c/0x1f0
[  416.669593][ T6723]  should_fail_ex+0x512/0x640
[  416.669618][ T6723]  should_fail_alloc_page+0xe7/0x130
[  416.669633][ T6723]  prepare_alloc_pages+0x401/0x670
[  416.669647][ T6723]  ? rcu_is_watching+0x12/0xc0
[  416.669658][ T6723]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  416.669670][ T6723]  ? kvm_arch_vcpu_load+0x559/0xba0
[  416.669683][ T6723]  ? lock_acquire+0x179/0x330
[  416.669695][ T6723]  ? find_held_lock+0x2b/0x80
[  416.669727][ T6723]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  416.669739][ T6723]  ? rcu_is_watching+0x12/0xc0
[  416.669748][ T6723]  ? look_up_lock_class+0x6b/0x130
[  416.669761][ T6723]  ? trace_sched_exit_tp+0xd1/0x110
[  416.669774][ T6723]  ? __lock_acquire+0x436/0x2890
[  416.669787][ T6723]  ? __lock_acquire+0x436/0x2890
[  416.669798][ T6723]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  416.669811][ T6723]  ? policy_nodemask+0xea/0x4e0
[  416.669826][ T6723]  alloc_pages_mpol+0x1fb/0x550
[  416.669839][ T6723]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  416.669856][ T6723]  folio_alloc_mpol_noprof+0x36/0x2f0
[  416.669873][ T6723]  vma_alloc_folio_noprof+0xed/0x1e0
[  416.669887][ T6723]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  416.669906][ T6723]  do_anonymous_page+0xc81/0x2190
[  416.669927][ T6723]  __handle_mm_fault+0x1ecf/0x2bb0
[  416.669946][ T6723]  ? __pfx___handle_mm_fault+0x10/0x10
[  416.669969][ T6723]  ? find_vma+0xbf/0x140
[  416.669987][ T6723]  ? __pfx_find_vma+0x10/0x10
[  416.670000][ T6723]  handle_mm_fault+0x3fe/0xad0
[  416.670017][ T6723]  do_user_addr_fault+0x7a6/0x1370
[  416.670032][ T6723]  ? rcu_is_watching+0x12/0xc0
[  416.670043][ T6723]  exc_page_fault+0x64/0xc0
[  416.670056][ T6723]  asm_exc_page_fault+0x26/0x30
[  416.670066][ T6723] RIP: 0010:__kvm_write_guest_page+0x166/0x2b0
[  416.670079][ T6723] Code: 00 48 8b 3c 24 44 89 e6 4d 63 fc e8 94 86 f1 00 0f 1f 44 00 00 e8 7a a6 87 00 0f 01 cb 48 63 fb 4c 89 f9 48 8b 34 24 4c 01 ef <f3> a4 0f 1f 00 0f 01 ca 41 89 cc e8 5a a6 87 00 31 ff 44 89 e6 e8
[  416.670088][ T6723] RSP: 0018:ffffc90007e178c8 EFLAGS: 00050206
[  416.670097][ T6723] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000003
[  416.670103][ T6723] RDX: ffff88803a1124c0 RSI: ffffc90007e17a09 RDI: 0000200000f9b000
[  416.670109][ T6723] RBP: ffff888013002800 R08: 0000000000000000 R09: fffff52000fc2f41
[  416.670115][ T6723] R10: 0000000000000003 R11: ffff88803a112ff0 R12: 0000000000000003
[  416.670120][ T6723] R13: 0000200000f9b000 R14: 0000000000000010 R15: 0000000000000003
[  416.670133][ T6723]  ? __kvm_write_guest_page+0x156/0x2b0
[  416.670147][ T6723]  kvm_write_guest+0x63/0xe0
[  416.670159][ T6723]  kvm_write_guest_offset_cached+0x46f/0x510
[  416.670175][ T6723]  kvm_lapic_sync_to_vapic+0x48c/0x6d0
[  416.670195][ T6723]  ? __pfx_kvm_lapic_sync_to_vapic+0x10/0x10
[  416.670212][ T6723]  ? vmx_update_cr8_intercept+0x1fd/0x370
[  416.670228][ T6723]  vcpu_run+0xec9/0x5a80
[  416.670247][ T6723]  ? __pfx_vcpu_run+0x10/0x10
[  416.670264][ T6723]  ? rcu_is_watching+0x12/0xc0
[  416.670274][ T6723]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  416.670286][ T6723]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  416.670302][ T6723]  kvm_vcpu_ioctl+0x76d/0x16d0
[  416.670320][ T6723]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  416.670335][ T6723]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  416.670346][ T6723]  ? do_vfs_ioctl+0x128/0x14f0
[  416.670358][ T6723]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  416.670370][ T6723]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  416.670389][ T6723]  ? hook_file_ioctl_common+0x144/0x410
[  416.670409][ T6723]  ? selinux_file_ioctl+0x180/0x270
[  416.670421][ T6723]  ? selinux_file_ioctl+0xb4/0x270
[  416.670435][ T6723]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  416.670450][ T6723]  __x64_sys_ioctl+0x18e/0x210
[  416.670463][ T6723]  do_syscall_64+0xcd/0xf80
[  416.670477][ T6723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.670487][ T6723] RIP: 0033:0x7f9fbab8f7c9
[  416.670495][ T6723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.670504][ T6723] RSP: 002b:00007f9fbba11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  416.670512][ T6723] RAX: ffffffffffffffda RBX: 00007f9fbade5fa0 RCX: 00007f9fbab8f7c9
[  416.670518][ T6723] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  416.670523][ T6723] RBP: 00007f9fbba11090 R08: 0000000000000000 R09: 0000000000000000
[  416.670529][ T6723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  416.670534][ T6723] R13: 00007f9fbade6038 R14: 00007f9fbade5fa0 R15: 00007ffec65cfe18
[  416.670548][ T6723]  </TASK>
[  416.738878][ T6000] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  417.155598][   T29] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  417.181893][ T6729] FAULT_INJECTION: forcing a failure.
[  417.181893][ T6729] name failslab, interval 1, probability 0, space 0, times 0
[  417.186178][ T6729] CPU: 2 UID: 0 PID: 6729 Comm: syz.3.202 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  417.186194][ T6729] Tainted: [L]=SOFTLOCKUP
[  417.186198][ T6729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.186204][ T6729] Call Trace:
[  417.186216][ T6729]  <TASK>
[  417.186220][ T6729]  dump_stack_lvl+0x16c/0x1f0
[  417.186251][ T6729]  should_fail_ex+0x512/0x640
[  417.186273][ T6729]  ? __kmalloc_cache_noprof+0x5f/0x800
[  417.186284][ T6729]  should_failslab+0xc2/0x120
[  417.186298][ T6729]  __kmalloc_cache_noprof+0x80/0x800
[  417.186308][ T6729]  ? drm_atomic_helper_setup_commit+0x63a/0x15d0
[  417.186327][ T6729]  ? drm_atomic_helper_setup_commit+0x63a/0x15d0
[  417.186341][ T6729]  ? __pfx___drm_dev_dbg+0x10/0x10
[  417.186353][ T6729]  drm_atomic_helper_setup_commit+0x63a/0x15d0
[  417.186374][ T6729]  drm_atomic_helper_commit+0xa9/0x380
[  417.186384][ T6729]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  417.186394][ T6729]  drm_atomic_commit+0x234/0x300
[  417.186410][ T6729]  ? __pfx_drm_atomic_commit+0x10/0x10
[  417.186426][ T6729]  ? __pfx___drm_printfn_info+0x10/0x10
[  417.186444][ T6729]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  417.186464][ T6729]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  417.186485][ T6729]  drm_atomic_helper_update_plane+0x30b/0x400
[  417.186510][ T6729]  __setplane_atomic+0x25a/0x380
[  417.186531][ T6729]  drm_mode_cursor_universal+0x4a6/0xcb0
[  417.186551][ T6729]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  417.186571][ T6729]  ? __pfx_drm_lease_held+0x10/0x10
[  417.186586][ T6729]  ? modeset_lock+0x114/0x6d0
[  417.186601][ T6729]  drm_mode_cursor_common+0x308/0x960
[  417.186618][ T6729]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  417.186633][ T6729]  ? avc_has_extended_perms+0x33a/0x1090
[  417.186650][ T6729]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  417.186661][ T6729]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.186676][ T6729]  drm_mode_cursor_ioctl+0xd1/0x110
[  417.186686][ T6729]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  417.186695][ T6729]  ? find_held_lock+0x2b/0x80
[  417.186712][ T6729]  ? do_raw_spin_unlock+0x172/0x230
[  417.186728][ T6729]  drm_ioctl_kernel+0x1f4/0x3e0
[  417.186740][ T6729]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  417.186750][ T6729]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  417.186767][ T6729]  drm_ioctl+0x5c9/0xc30
[  417.186782][ T6729]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  417.186792][ T6729]  ? __pfx_drm_ioctl+0x10/0x10
[  417.186811][ T6729]  ? selinux_file_ioctl+0x180/0x270
[  417.186829][ T6729]  ? selinux_file_ioctl+0xb4/0x270
[  417.186842][ T6729]  ? __pfx_drm_ioctl+0x10/0x10
[  417.186856][ T6729]  __x64_sys_ioctl+0x18e/0x210
[  417.186869][ T6729]  do_syscall_64+0xcd/0xf80
[  417.186883][ T6729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.186893][ T6729] RIP: 0033:0x7fa037f8f7c9
[  417.186902][ T6729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.186911][ T6729] RSP: 002b:00007fa038e76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  417.186921][ T6729] RAX: ffffffffffffffda RBX: 00007fa0381e5fa0 RCX: 00007fa037f8f7c9
[  417.186927][ T6729] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  417.186933][ T6729] RBP: 00007fa038e76090 R08: 0000000000000000 R09: 0000000000000000
[  417.186938][ T6729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  417.186944][ T6729] R13: 00007fa0381e6038 R14: 00007fa0381e5fa0 R15: 00007fffa7928998
[  417.186957][ T6729]  </TASK>
[  417.194864][   T40] audit: type=1400 audit(1768437048.225:49924): avc:  denied  { create } for  pid=6730 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  417.304674][ T6737] syzkaller1: entered promiscuous mode
[  417.315689][   T40] audit: type=1400 audit(1768437048.335:49925): avc:  denied  { relabelfrom } for  pid=6730 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  417.326842][ T6737] syzkaller1: entered allmulticast mode
[  417.327338][   T40] audit: type=1400 audit(1768437048.335:49926): avc:  denied  { relabelto } for  pid=6730 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  417.335695][   T40] audit: type=1400 audit(1768437048.335:49927): avc:  denied  { ioctl } for  pid=6730 comm="syz.0.201" path="socket:[14454]" dev="sockfs" ino=14454 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  417.385535][   T29] usb 6-1: Using ep0 maxpacket: 8
[  417.388470][   T29] usb 6-1: config 0 interface 0 has no altsetting 0
[  417.390783][   T29] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  417.394287][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.399558][   T29] usb 6-1: config 0 descriptor??
[  417.605532][   T75] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  417.755553][   T75] usb 7-1: Using ep0 maxpacket: 8
[  417.758955][   T75] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  417.762379][   T75] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  417.766408][   T75] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.840689][   T29] mcp2221 0003:04D8:00DD.0004: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  418.015327][   T40] audit: type=1326 audit(1768437049.045:49928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.1.200" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbab8f7c9 code=0x7ffc0000
[  418.023812][   T40] audit: type=1326 audit(1768437049.045:49929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.1.200" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbab8f7c9 code=0x7ffc0000
[  418.031740][   T40] audit: type=1326 audit(1768437049.055:49930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.1.200" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9fbab8f7c9 code=0x7ffc0000
[  418.555650][ T6097] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  418.705569][ T6097] usb 5-1: Using ep0 maxpacket: 8
[  418.710399][ T6097] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  418.715342][ T6097] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  418.719748][ T6097] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  418.723790][ T6097] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  418.729329][ T6097] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  418.732862][ T6097] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.946676][ T6097] usb 5-1: GET_CAPABILITIES returned 0
[  418.949201][ T6097] usbtmc 5-1:16.0: can't read capabilities
[  419.149382][   T29] usb 5-1: USB disconnect, device number 5
[  419.927080][ T6090] usb 6-1: USB disconnect, device number 5
[  419.964727][ T6770] bridge_slave_0: left allmulticast mode
[  419.966918][ T6770] bridge_slave_0: left promiscuous mode
[  419.968908][ T6770] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.978610][ T6770] bridge_slave_1: left allmulticast mode
[  419.981011][ T6770] bridge_slave_1: left promiscuous mode
[  419.983619][ T6770] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.992604][ T6770] bond0: (slave bond_slave_0): Releasing backup interface
[  420.001364][ T6770] bond0: (slave bond_slave_1): Releasing backup interface
[  420.015251][ T6770] team0: Port device team_slave_0 removed
[  420.023531][ T6770] team0: Port device team_slave_1 removed
[  420.026188][ T6770] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  420.028592][ T6770] batman_adv: batadv0: Removing interface: batadv_slave_0
[  420.032499][ T6770] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  420.035528][ T6770] batman_adv: batadv0: Removing interface: batadv_slave_1
[  420.038995][ T6770] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  420.049527][ T6771] team0: Mode changed to "activebackup"
[  420.107342][ T6775] Invalid source name
[  420.108964][ T6775] UBIFS error (pid: 6775): cannot open "ubifs", error -22
[  420.117372][ T6775] evm: overlay not supported
[  420.129970][ T6775] overlayfs: orphan index entry (index/00fb210001fe2e905f156a488d95091c2de8511ea8e5654caa1501000000000000, ftype=2000, nlink=1)
[  420.275258][ T6777] kvm: pic: non byte write
[  420.388270][ T6097] usb 7-1: USB disconnect, device number 6
[  420.603996][ T6097] libceph: connect (1)[c::]:6789 error -101
[  420.607915][ T6097] libceph: mon0 (1)[c::]:6789 connect error
[  420.661031][ T6809] netlink: 'syz.3.224': attribute type 2 has an invalid length.
[  420.866698][ T6097] libceph: connect (1)[c::]:6789 error -101
[  420.869138][ T6097] libceph: mon0 (1)[c::]:6789 connect error
[  421.354790][ T6794] ceph: No mds server is up or the cluster is laggy
[  421.376853][ T6097] libceph: connect (1)[c::]:6789 error -101
[  421.387347][ T6097] libceph: mon0 (1)[c::]:6789 connect error
[  421.443942][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  421.443957][   T40] audit: type=1400 audit(1768437052.475:49958): avc:  denied  { write } for  pid=6826 comm="syz.2.231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  421.454661][ T6827] atomic_op ffff8880351da198 conn xmit_atomic 0000000000000000
[  421.459082][ T6827] SELinux:  Context system_u:object_r:unconfined_execmem_exec_t:s0 is not valid (left unmapped).
[  421.463042][   T40] audit: type=1400 audit(1768437052.495:49959): avc:  denied  { relabelto } for  pid=6826 comm="syz.2.231" name="cpu.stat" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:unconfined_execmem_exec_t:s0"
[  421.464987][ T6827] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  421.474122][   T40] audit: type=1400 audit(1768437052.495:49960): avc:  denied  { associate } for  pid=6826 comm="syz.2.231" name="cpu.stat" dev="tmpfs" ino=331 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:unconfined_execmem_exec_t:s0"
[  421.474171][   T40] audit: type=1400 audit(1768437052.495:49961): avc:  denied  { append } for  pid=6826 comm="syz.2.231" path="/59/cpu.stat" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:unconfined_execmem_exec_t:s0"
[  421.530883][ T6827] netlink: 'syz.2.231': attribute type 9 has an invalid length.
[  421.533595][ T6827] netlink: 'syz.2.231': attribute type 11 has an invalid length.
[  421.536314][ T6827] netlink: 'syz.2.231': attribute type 12 has an invalid length.
[  421.538792][ T6827] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.231'.
[  421.541915][ T6827] netlink: 4 bytes leftover after parsing attributes in process `syz.2.231'.
[  421.560515][   T40] audit: type=1400 audit(1768437052.595:49962): avc:  denied  { unlink } for  pid=5997 comm="syz-executor" name="cpu.stat" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:unconfined_execmem_exec_t:s0"
[  421.586442][   T60] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  421.627563][   T40] audit: type=1800 audit(1768437052.655:49963): pid=6839 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.233" name="bus" dev="9p" ino=72876391 res=0 errno=0
[  421.636492][   T40] audit: type=1800 audit(1768437052.665:49964): pid=6839 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.233" name="bus" dev="9p" ino=72876391 res=0 errno=0
[  421.653480][ T6836] netlink: 'syz.2.234': attribute type 12 has an invalid length.
[  421.657386][ T6836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.234'.
[  421.661333][ T6836] netlink: 'syz.2.234': attribute type 12 has an invalid length.
[  421.664578][ T6836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.234'.
[  421.747150][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.750561][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  421.753584][   T60] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  421.760719][   T60] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  421.763532][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.768859][   T60] usb 6-1: config 0 descriptor??
[  421.815259][ T6845] netlink: zone id is out of range
[  422.200573][   T60] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  422.285577][ T6090] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  422.435576][ T6090] usb 5-1: Using ep0 maxpacket: 32
[  422.439035][ T6090] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.443675][ T6090] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  422.448232][ T6090] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  422.452019][ T6090] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.457688][ T6090] usb 5-1: config 0 descriptor??
[  422.645500][ T6855] syzkaller0: entered promiscuous mode
[  422.647502][ T6855] syzkaller0: entered allmulticast mode
[  422.651285][   T40] audit: type=1400 audit(1768437053.685:49965): avc:  denied  { write } for  pid=6854 comm="syz.3.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  422.809019][   T40] audit: type=1400 audit(1768437053.845:49966): avc:  denied  { setopt } for  pid=6818 comm="syz.1.228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  422.816739][ T6082] usb 6-1: USB disconnect, device number 6
[  422.871233][ T6090] usbhid 5-1:0.0: can't add hid device: -71
[  422.873230][ T6090] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  422.877287][ T6090] usb 5-1: USB disconnect, device number 6
[  422.971275][   T40] audit: type=1400 audit(1768437054.005:49967): avc:  denied  { write } for  pid=6859 comm="syz.3.242" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  423.579259][ T6881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6881 comm=syz.0.250
[  423.586448][ T6881] syzkaller0: entered promiscuous mode
[  423.588677][ T6881] syzkaller0: entered allmulticast mode
[  423.714655][ T6888] syzkaller0: entered promiscuous mode
[  423.717689][ T6888] syzkaller0: entered allmulticast mode
[  423.736996][ T6888] erspan1: entered promiscuous mode
[  424.382312][ T6901] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  424.416993][ T6097] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  424.575929][ T6097] usb 6-1: Using ep0 maxpacket: 8
[  424.579853][ T6097] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  424.584317][ T6097] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  424.588951][ T6097] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  424.593119][ T6097] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  424.599294][ T6097] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  424.603611][ T6097] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.655237][ T6908] netlink: 4 bytes leftover after parsing attributes in process `syz.2.261'.
[  424.813217][ T6097] usb 6-1: GET_CAPABILITIES returned 0
[  424.815077][ T6097] usbtmc 6-1:16.0: can't read capabilities
[  424.851253][ T6915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.262'.
[  425.021292][ T5962] usb 6-1: USB disconnect, device number 7
[  425.135923][ T6097] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  425.285555][ T6097] usb 7-1: Using ep0 maxpacket: 16
[  425.288865][ T6097] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  425.294185][ T6097] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  425.297339][ T6097] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.300244][ T6097] usb 7-1: Product: syz
[  425.301631][ T6097] usb 7-1: Manufacturer: syz
[  425.303227][ T6097] usb 7-1: SerialNumber: syz
[  425.306526][ T6097] usb 7-1: config 0 descriptor??
[  425.309628][ T6097] hub 7-1:0.0: bad descriptor, ignoring hub
[  425.311628][ T6097] hub 7-1:0.0: probe with driver hub failed with error -5
[  425.315720][ T6097] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input6
[  425.838662][ T6939] netlink: 8 bytes leftover after parsing attributes in process `syz.0.271'.
[  425.966394][ T6945] FAULT_INJECTION: forcing a failure.
[  425.966394][ T6945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.971902][ T6945] CPU: 3 UID: 0 PID: 6945 Comm: syz.0.274 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  425.971933][ T6945] Tainted: [L]=SOFTLOCKUP
[  425.971938][ T6945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.971947][ T6945] Call Trace:
[  425.971953][ T6945]  <TASK>
[  425.971960][ T6945]  dump_stack_lvl+0x16c/0x1f0
[  425.972005][ T6945]  should_fail_ex+0x512/0x640
[  425.972041][ T6945]  _copy_from_iter+0x2a4/0x16c0
[  425.972068][ T6945]  ? __alloc_skb+0x220/0x410
[  425.972081][ T6945]  ? __alloc_skb+0x35d/0x410
[  425.972096][ T6945]  ? __pfx__copy_from_iter+0x10/0x10
[  425.972117][ T6945]  ? netlink_autobind.isra.0+0x158/0x370
[  425.972146][ T6945]  netlink_sendmsg+0x820/0xdd0
[  425.972170][ T6945]  ? __pfx_netlink_sendmsg+0x10/0x10
[  425.972197][ T6945]  ____sys_sendmsg+0xa5d/0xc30
[  425.972221][ T6945]  ? copy_msghdr_from_user+0x10a/0x160
[  425.972237][ T6945]  ? __pfx_____sys_sendmsg+0x10/0x10
[  425.972267][ T6945]  ___sys_sendmsg+0x134/0x1d0
[  425.972286][ T6945]  ? __pfx____sys_sendmsg+0x10/0x10
[  425.972329][ T6945]  __sys_sendmsg+0x16d/0x220
[  425.972347][ T6945]  ? __pfx___sys_sendmsg+0x10/0x10
[  425.972379][ T6945]  do_syscall_64+0xcd/0xf80
[  425.972400][ T6945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.972417][ T6945] RIP: 0033:0x7f111778f7c9
[  425.972430][ T6945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.972445][ T6945] RSP: 002b:00007f11185e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  425.972460][ T6945] RAX: ffffffffffffffda RBX: 00007f11179e5fa0 RCX: 00007f111778f7c9
[  425.972469][ T6945] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  425.972480][ T6945] RBP: 00007f11185e4090 R08: 0000000000000000 R09: 0000000000000000
[  425.972488][ T6945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.972496][ T6945] R13: 00007f11179e6038 R14: 00007f11179e5fa0 R15: 00007ffd7d0012b8
[  425.972519][ T6945]  </TASK>
[  426.063431][ T6953] warning: `syz.1.278' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  426.083606][ T6957] fuse: Bad value for 'fd'
[  426.161448][ T6963] ata1.00: invalid cdb length 6
[  426.232030][ T6964] SELinux:  Context system_u:object_r:src_t:s0 is not valid (left unmapped).
[  426.629368][ T6097] usb 7-1: USB disconnect, device number 7
[  426.739793][ T6995] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  426.816358][ T6000] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  426.819099][ T6000] Bluetooth: hci0: Injecting HCI hardware error event
[  426.821744][ T6000] Bluetooth: hci0: hardware error 0x00
[  426.851320][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  426.851337][   T40] audit: type=1400 audit(1768437057.885:49991): avc:  denied  { execute } for  pid=6997 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  426.870052][   T40] audit: type=1400 audit(1768437057.885:49992): avc:  denied  { execute_no_trans } for  pid=6997 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  426.908313][ T6006] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  426.912499][ T6999] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  426.912576][ T6006] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  426.920465][ T6999] FAULT_INJECTION: forcing a failure.
[  426.920465][ T6999] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  426.925679][ T6006] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  426.926998][ T6006] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  426.928044][ T6999] CPU: 0 UID: 0 PID: 6999 Comm: syz.3.295 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  426.928061][ T6999] Tainted: [L]=SOFTLOCKUP
[  426.928064][ T6999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  426.928070][ T6999] Call Trace:
[  426.928075][ T6999]  <TASK>
[  426.928079][ T6999]  dump_stack_lvl+0x16c/0x1f0
[  426.928097][ T6999]  should_fail_ex+0x512/0x640
[  426.928115][ T6999]  should_fail_alloc_page+0xe7/0x130
[  426.928131][ T6999]  prepare_alloc_pages+0x401/0x670
[  426.928147][ T6999]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  426.928160][ T6999]  ? __lock_acquire+0x436/0x2890
[  426.928175][ T6999]  ? __lock_acquire+0x436/0x2890
[  426.928188][ T6999]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  426.928203][ T6999]  ? do_raw_spin_lock+0x12c/0x2b0
[  426.928217][ T6999]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  426.928232][ T6999]  ? const_folio_flags+0x5b/0x100
[  426.928241][ T6999]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  426.928254][ T6999]  ? policy_nodemask+0xea/0x4e0
[  426.928268][ T6999]  alloc_pages_mpol+0x1fb/0x550
[  426.928282][ T6999]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  426.928299][ T6999]  folio_alloc_mpol_noprof+0x36/0x2f0
[  426.928314][ T6999]  vma_alloc_folio_noprof+0xed/0x1e0
[  426.928329][ T6999]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  426.928348][ T6999]  do_anonymous_page+0xc81/0x2190
[  426.928369][ T6999]  __handle_mm_fault+0x1ecf/0x2bb0
[  426.928387][ T6999]  ? __pfx___handle_mm_fault+0x10/0x10
[  426.928410][ T6999]  ? find_vma+0xbf/0x140
[  426.928421][ T6999]  ? __pfx_find_vma+0x10/0x10
[  426.928434][ T6999]  handle_mm_fault+0x3fe/0xad0
[  426.928451][ T6999]  do_user_addr_fault+0x7a6/0x1370
[  426.928467][ T6999]  ? rcu_is_watching+0x12/0xc0
[  426.928478][ T6999]  exc_page_fault+0x64/0xc0
[  426.928492][ T6999]  asm_exc_page_fault+0x26/0x30
[  426.928501][ T6999] RIP: 0010:kvm_write_guest_offset_cached+0x2dc/0x510
[  426.928517][ T6999] Code: 99 87 00 48 8b 7c 24 08 44 89 e6 e8 8e 79 f1 00 0f 1f 44 00 00 e8 74 99 87 00 0f 01 cb 48 8b 74 24 08 4a 8d 7c 35 00 4c 89 e1 <f3> a4 0f 1f 00 49 89 cc 0f 01 ca e9 2a ff ff ff e8 4f 99 87 00 49
[  426.928526][ T6999] RSP: 0018:ffffc9000e277948 EFLAGS: 00050293
[  426.928535][ T6999] RAX: 0000000000000000 RBX: ffff888039edcab8 RCX: 0000000000000004
[  426.928541][ T6999] RDX: ffff88802ff4c980 RSI: ffffc9000e277a08 RDI: 0000200000001004
[  426.928547][ T6999] RBP: 0000000000000000 R08: 0000000000000000 R09: fffff52001c4ef41
[  426.928552][ T6999] R10: 0000000000000003 R11: ffff88802ff4d4b0 R12: 0000000000000004
[  426.928558][ T6999] R13: ffff888057640000 R14: 0000200000001004 R15: ffff888039edcad8
[  426.928571][ T6999]  ? kvm_write_guest_offset_cached+0x2cc/0x510
[  426.928586][ T6999]  kvm_lapic_sync_to_vapic+0x48c/0x6d0
[  426.928603][ T6999]  ? __pfx_kvm_lapic_sync_to_vapic+0x10/0x10
[  426.928620][ T6999]  ? vmx_update_cr8_intercept+0x1fd/0x370
[  426.928635][ T6999]  vcpu_run+0xec9/0x5a80
[  426.928654][ T6999]  ? __pfx_vcpu_run+0x10/0x10
[  426.928671][ T6999]  ? rcu_is_watching+0x12/0xc0
[  426.928682][ T6999]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  426.928694][ T6999]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  426.928710][ T6999]  kvm_vcpu_ioctl+0x76d/0x16d0
[  426.928727][ T6999]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  426.928743][ T6999]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  426.928759][ T6999]  ? do_vfs_ioctl+0x128/0x14f0
[  426.928772][ T6999]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  426.928783][ T6999]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  426.928803][ T6999]  ? hook_file_ioctl_common+0x144/0x410
[  426.928823][ T6999]  ? selinux_file_ioctl+0x180/0x270
[  426.928835][ T6999]  ? selinux_file_ioctl+0xb4/0x270
[  426.928849][ T6999]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  426.928864][ T6999]  __x64_sys_ioctl+0x18e/0x210
[  426.928877][ T6999]  do_syscall_64+0xcd/0xf80
[  426.928891][ T6999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.928901][ T6999] RIP: 0033:0x7fa037f8f7c9
[  426.928910][ T6999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.928919][ T6999] RSP: 002b:00007fa038e76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  426.928927][ T6999] RAX: ffffffffffffffda RBX: 00007fa0381e5fa0 RCX: 00007fa037f8f7c9
[  426.928933][ T6999] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  426.928939][ T6999] RBP: 00007fa038e76090 R08: 0000000000000000 R09: 0000000000000000
[  426.928945][ T6999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  426.928950][ T6999] R13: 00007fa0381e6038 R14: 00007fa0381e5fa0 R15: 00007fffa7928998
[  426.928964][ T6999]  </TASK>
[  427.076758][   T40] audit: type=1400 audit(1768437058.115:49993): avc:  denied  { map_read map_write } for  pid=7008 comm="syz.1.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  427.098183][ T7009] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  427.101085][ T6006] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  427.146350][   T65] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.210252][   T40] audit: type=1400 audit(1768437058.245:49994): avc:  denied  { create } for  pid=7015 comm="syz.3.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  427.218090][   T40] audit: type=1400 audit(1768437058.245:49995): avc:  denied  { write } for  pid=7015 comm="syz.3.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  427.225647][   T40] audit: type=1400 audit(1768437058.245:49996): avc:  denied  { nlmsg_write } for  pid=7015 comm="syz.3.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  427.245939][ T7000] chnl_net:caif_netlink_parms(): no params data found
[  427.269278][   T65] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.320256][   T40] audit: type=1400 audit(1768437058.355:49997): avc:  denied  { setopt } for  pid=7015 comm="syz.3.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  427.342064][   T65] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.367342][ T7000] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.369707][ T7000] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.372107][ T7000] bridge_slave_0: entered allmulticast mode
[  427.374926][ T7000] bridge_slave_0: entered promiscuous mode
[  427.381204][ T7000] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.384694][ T7000] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.388193][ T7000] bridge_slave_1: entered allmulticast mode
[  427.391683][ T7000] bridge_slave_1: entered promiscuous mode
[  427.401897][   T40] audit: type=1400 audit(1768437058.435:49998): avc:  denied  { create } for  pid=7029 comm="syz.3.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  427.411078][   T40] audit: type=1400 audit(1768437058.445:49999): avc:  denied  { sys_admin } for  pid=7029 comm="syz.3.301" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  427.418578][ T7031] VFS: Mount too revealing
[  427.425974][   T40] audit: type=1400 audit(1768437058.455:50000): avc:  denied  { mount } for  pid=7029 comm="syz.3.301" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  427.458084][   T65] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.468811][ T7000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  427.473871][ T7000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  427.502768][ T7000] team0: Port device team_slave_0 added
[  427.509151][ T7000] team0: Port device team_slave_1 added
[  427.547982][ T7000] batman_adv: batadv0: Adding interface: batadv_slave_0
[  427.550868][ T7000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  427.561507][ T7000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  427.569103][ T7000] batman_adv: batadv0: Adding interface: batadv_slave_1
[  427.572093][ T7000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  427.583413][ T7000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  427.585509][ T7044] capability: warning: `syz.1.306' uses 32-bit capabilities (legacy support in use)
[  427.607818][ T7000] hsr_slave_0: entered promiscuous mode
[  427.610072][ T7000] hsr_slave_1: entered promiscuous mode
[  427.612133][ T7000] debugfs: 'hsr0' already exists in 'hsr'
[  427.614006][ T7000] Cannot create hsr debugfs directory
[  427.674283][ T7049] fuse: Bad value for 'user_id'
[  427.676102][ T7049] fuse: Bad value for 'user_id'
[  427.778216][ T7052] netlink: 32 bytes leftover after parsing attributes in process `syz.1.311'.
[  427.823991][   T65] bridge_slave_1: left allmulticast mode
[  427.827013][   T65] bridge_slave_1: left promiscuous mode
[  427.830619][   T65] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.850630][   T65] bridge_slave_0: left allmulticast mode
[  427.853137][   T65] bridge_slave_0: left promiscuous mode
[  427.859566][   T65] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.916989][ T7061] PKCS7: Unknown OID: [4] 5.25.43183(bad)
[  427.925567][ T7061] PKCS7: Only support pkcs7_signedData type
[  427.932578][ T7061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.311'.
[  428.078242][   T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  428.083715][   T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  428.089058][   T65] bond0 (unregistering): Released all slaves
[  428.125864][ T7054] 8021q: adding VLAN 0 to HW filter on device bond0
[  428.129114][ T7054] 8021q: adding VLAN 0 to HW filter on device team0
[  428.134376][ T7054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  428.142274][ T7055] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  428.197002][ T7000] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  428.230020][ T7000] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  428.242727][ T7000] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  428.298153][ T7000] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  428.344579][ T7067] syzkaller0: entered promiscuous mode
[  428.347872][ T7067] syzkaller0: entered allmulticast mode
[  428.455533][ T6097] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  428.487463][ T7000] 8021q: adding VLAN 0 to HW filter on device bond0
[  428.502827][ T7000] 8021q: adding VLAN 0 to HW filter on device team0
[  428.512189][ T6050] bridge0: port 1(bridge_slave_0) entered blocking state
[  428.515318][ T6050] bridge0: port 1(bridge_slave_0) entered forwarding state
[  428.524962][ T6119] bridge0: port 2(bridge_slave_1) entered blocking state
[  428.528076][ T6119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  428.568816][   T65] hsr_slave_0: left promiscuous mode
[  428.570970][   T65] hsr_slave_1: left promiscuous mode
[  428.573007][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  428.579836][   T65] batman_adv: batadv0: Removing interface: batadv_slave_0
[  428.584836][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  428.592018][   T65] batman_adv: batadv0: Removing interface: batadv_slave_1
[  428.605721][ T6097] usb 8-1: Using ep0 maxpacket: 32
[  428.609537][   T65] veth1_macvtap: left promiscuous mode
[  428.611491][   T65] veth0_macvtap: left promiscuous mode
[  428.613306][   T65] veth1_vlan: left promiscuous mode
[  428.615185][   T65] veth0_vlan: left promiscuous mode
[  428.615602][ T6097] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.623092][ T6097] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.627944][ T6097] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  428.631889][ T6097] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.640338][ T6097] usb 8-1: config 0 descriptor??
[  428.895602][ T6000] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  428.995191][   T65] team0 (unregistering): Port device team_slave_1 removed
[  429.025397][   T65] team0 (unregistering): Port device team_slave_0 removed
[  429.057267][ T7064] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.069181][ T7064] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.091012][ T6097] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  429.146046][ T6083] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  429.148246][ T6000] Bluetooth: hci2: command tx timeout
[  429.309764][ T6083] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  429.312328][ T6083] usb 7-1: config 0 has no interface number 0
[  429.314522][ T6083] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  429.318297][ T6083] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 64
[  429.322649][ T6083] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  429.327513][ T6083] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.336919][ T6083] usb 7-1: config 0 descriptor??
[  429.337288][ T6049] usb 8-1: USB disconnect, device number 9
[  429.339553][ T7090] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  429.346478][ T6083] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  429.550765][ T6083] usb 7-1: USB disconnect, device number 8
[  429.578330][ T7108] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.631447][ T7000] 8021q: adding VLAN 0 to HW filter on device batadv0
[  429.657013][ T7108] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.748501][ T7108] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.833635][ T7000] veth0_vlan: entered promiscuous mode
[  429.841285][ T7000] veth1_vlan: entered promiscuous mode
[  429.857440][ T7000] veth0_macvtap: entered promiscuous mode
[  429.861805][ T7000] veth1_macvtap: entered promiscuous mode
[  429.890743][ T7108] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.893677][ T7126] netlink: 'syz.3.322': attribute type 2 has an invalid length.
[  429.912042][ T7000] batman_adv: batadv0: Interface activated: batadv_slave_0
[  429.929586][ T7000] batman_adv: batadv0: Interface activated: batadv_slave_1
[  429.938745][ T6050] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  429.947688][ T6050] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  429.947724][ T6050] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  429.947742][ T6050] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  429.997296][ T6050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.997316][ T6050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  430.026948][ T6050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  430.029574][ T6050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  430.042691][ T6050] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  430.060675][ T6050] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  430.082842][ T1145] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  430.094766][ T1145] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  430.135024][ T7138] netlink: 24 bytes leftover after parsing attributes in process `syz.4.294'.
[  430.140528][ T7141] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3088 sclass=netlink_route_socket pid=7141 comm=syz.1.324
[  430.196601][ T7143] block nbd3: NBD_DISCONNECT
[  430.273317][ T6090] IPVS: starting estimator thread 0...
[  430.346094][ T7163] netlink: 'syz.4.333': attribute type 1 has an invalid length.
[  430.375701][ T7153] IPVS: using max 46 ests per chain, 110400 per kthread
[  430.402193][ T7163] netlink: 8 bytes leftover after parsing attributes in process `syz.4.333'.
[  430.410991][ T7163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.333'.
[  430.469974][ T7173] fuse: Bad value for 'fd'
[  430.559582][ T7183] syzkaller0: entered promiscuous mode
[  430.562082][ T7183] syzkaller0: entered allmulticast mode
[  430.566293][ T7183] TC_ACT_REPEAT abuse ?
[  430.748716][ T7193] FAULT_INJECTION: forcing a failure.
[  430.748716][ T7193] name failslab, interval 1, probability 0, space 0, times 0
[  430.756280][ T7193] CPU: 2 UID: 0 PID: 7193 Comm: syz.1.344 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  430.756299][ T7193] Tainted: [L]=SOFTLOCKUP
[  430.756303][ T7193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.756309][ T7193] Call Trace:
[  430.756313][ T7193]  <TASK>
[  430.756318][ T7193]  dump_stack_lvl+0x16c/0x1f0
[  430.756369][ T7193]  should_fail_ex+0x512/0x640
[  430.756392][ T7193]  ? __kmalloc_node_track_caller_noprof+0xcb/0x930
[  430.756409][ T7193]  should_failslab+0xc2/0x120
[  430.756423][ T7193]  __kmalloc_node_track_caller_noprof+0xec/0x930
[  430.756436][ T7193]  ? ovl_mount_dir+0x26/0x1f0
[  430.756450][ T7193]  ? kstrdup+0x53/0x100
[  430.756460][ T7193]  kstrdup+0x53/0x100
[  430.756471][ T7193]  ovl_mount_dir+0x26/0x1f0
[  430.756484][ T7193]  ovl_parse_param+0x10ae/0x15a0
[  430.756496][ T7193]  ? selinux_fs_context_parse_param+0xd8/0x130
[  430.756511][ T7193]  ? __pfx_ovl_parse_param+0x10/0x10
[  430.756523][ T7193]  ? __kmalloc_node_track_caller_noprof+0x370/0x930
[  430.756538][ T7193]  ? static_key_count+0x5a/0x70
[  430.756550][ T7193]  ? __pfx_ovl_parse_param+0x10/0x10
[  430.756563][ T7193]  vfs_parse_fs_param+0x20b/0x3c0
[  430.756574][ T7193]  vfs_parse_fs_qstr+0x138/0x1c0
[  430.756584][ T7193]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[  430.756599][ T7193]  ? ovl_next_opt+0x143/0x1c0
[  430.756610][ T7193]  ? __pfx_ovl_next_opt+0x10/0x10
[  430.756620][ T7193]  vfs_parse_monolithic_sep+0x18d/0x210
[  430.756632][ T7193]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  430.756643][ T7193]  ? alloc_fs_context+0x677/0xf50
[  430.756657][ T7193]  path_mount+0x76e/0x23a0
[  430.756667][ T7193]  ? rcu_is_watching+0x12/0xc0
[  430.756680][ T7193]  ? __pfx_path_mount+0x10/0x10
[  430.756689][ T7193]  ? kmem_cache_free+0x2d8/0x770
[  430.756700][ T7193]  ? putname+0xf5/0x1a0
[  430.756718][ T7193]  ? putname+0xf5/0x1a0
[  430.756731][ T7193]  ? putname+0xf5/0x1a0
[  430.756747][ T7193]  ? __x64_sys_mount+0x293/0x310
[  430.756756][ T7193]  __x64_sys_mount+0x293/0x310
[  430.756766][ T7193]  ? __pfx___x64_sys_mount+0x10/0x10
[  430.756780][ T7193]  do_syscall_64+0xcd/0xf80
[  430.756795][ T7193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.756805][ T7193] RIP: 0033:0x7f9fbab8f7c9
[  430.756814][ T7193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  430.756825][ T7193] RSP: 002b:00007f9fbba11038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  430.756836][ T7193] RAX: ffffffffffffffda RBX: 00007f9fbade5fa0 RCX: 00007f9fbab8f7c9
[  430.756842][ T7193] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  430.756848][ T7193] RBP: 00007f9fbba11090 R08: 0000200000000200 R09: 0000000000000000
[  430.756855][ T7193] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  430.756860][ T7193] R13: 00007f9fbade6038 R14: 00007f9fbade5fa0 R15: 00007ffec65cfe18
[  430.756874][ T7193]  </TASK>
[  430.899976][ T7199] bond1: option xmit_hash_policy: invalid value (6)
[  430.905942][ T7199] bond1 (unregistering): Released all slaves
[  430.986728][ T7199] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'.
[  430.989879][ T7199] netlink: 12 bytes leftover after parsing attributes in process `syz.2.348'.
[  431.038933][ T7200] bond1: option xmit_hash_policy: invalid value (6)
[  431.049719][ T7216] netlink: 24 bytes leftover after parsing attributes in process `syz.3.352'.
[  431.054260][ T7200] bond1 (unregistering): Released all slaves
[  431.084626][ T7219] IPv6: Can't replace route, no match found
[  431.225618][ T6000] Bluetooth: hci2: command tx timeout
[  431.276710][ T7240] FAULT_INJECTION: forcing a failure.
[  431.276710][ T7240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.280913][ T7240] CPU: 1 UID: 0 PID: 7240 Comm: syz.2.356 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  431.280930][ T7240] Tainted: [L]=SOFTLOCKUP
[  431.280933][ T7240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.280939][ T7240] Call Trace:
[  431.280944][ T7240]  <TASK>
[  431.280948][ T7240]  dump_stack_lvl+0x16c/0x1f0
[  431.280967][ T7240]  should_fail_ex+0x512/0x640
[  431.280985][ T7240]  _copy_to_user+0x32/0xd0
[  431.281001][ T7240]  msr_read+0x14e/0x250
[  431.281017][ T7240]  ? __pfx_msr_read+0x10/0x10
[  431.281030][ T7240]  ? bpf_lsm_file_permission+0x9/0x10
[  431.281041][ T7240]  ? security_file_permission+0x71/0x210
[  431.281057][ T7240]  ? rw_verify_area+0xcf/0x6c0
[  431.281068][ T7240]  ? __pfx_msr_read+0x10/0x10
[  431.281082][ T7240]  vfs_read+0x1e4/0xcf0
[  431.281097][ T7240]  ? __pfx_vfs_read+0x10/0x10
[  431.281107][ T7240]  ? find_held_lock+0x2b/0x80
[  431.281123][ T7240]  ? __fget_files+0x204/0x3c0
[  431.281139][ T7240]  ? __fget_files+0x20e/0x3c0
[  431.281156][ T7240]  ksys_read+0x12a/0x250
[  431.281168][ T7240]  ? __pfx_ksys_read+0x10/0x10
[  431.281183][ T7240]  do_syscall_64+0xcd/0xf80
[  431.281198][ T7240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.281208][ T7240] RIP: 0033:0x7f41aa18f7c9
[  431.281217][ T7240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.281226][ T7240] RSP: 002b:00007f41ab0f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  431.281237][ T7240] RAX: ffffffffffffffda RBX: 00007f41aa3e5fa0 RCX: 00007f41aa18f7c9
[  431.281243][ T7240] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  431.281249][ T7240] RBP: 00007f41ab0f1090 R08: 0000000000000000 R09: 0000000000000000
[  431.281255][ T7240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  431.281260][ T7240] R13: 00007f41aa3e6038 R14: 00007f41aa3e5fa0 R15: 00007ffd81e56d88
[  431.281273][ T7240]  </TASK>
[  431.411430][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.358'.
[  431.434009][ T7239] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.524585][ T7239] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.553716][ T7250] FAULT_INJECTION: forcing a failure.
[  431.553716][ T7250] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.558302][ T7250] CPU: 2 UID: 0 PID: 7250 Comm: syz.4.362 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  431.558319][ T7250] Tainted: [L]=SOFTLOCKUP
[  431.558322][ T7250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.558328][ T7250] Call Trace:
[  431.558332][ T7250]  <TASK>
[  431.558336][ T7250]  dump_stack_lvl+0x16c/0x1f0
[  431.558355][ T7250]  should_fail_ex+0x512/0x640
[  431.558373][ T7250]  __kvm_read_guest_page+0x186/0x250
[  431.558390][ T7250]  kvm_fetch_guest_virt+0x128/0x1a0
[  431.558407][ T7250]  __do_insn_fetch_bytes+0x4fa/0x720
[  431.558421][ T7250]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  431.558440][ T7250]  x86_decode_insn+0xf88/0x6170
[  431.558461][ T7250]  ? __pfx_x86_decode_insn+0x10/0x10
[  431.558476][ T7250]  ? vmx_cache_reg+0x333/0x5e0
[  431.558486][ T7250]  ? kvm_register_read_raw+0xe9/0x240
[  431.558500][ T7250]  ? init_decode_cache+0xd/0x2a0
[  431.558513][ T7250]  ? init_emulate_ctxt+0x337/0x510
[  431.558527][ T7250]  ? bpf_ksym_find+0x127/0x1c0
[  431.558540][ T7250]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  431.558556][ T7250]  ? kvm_multiple_exception+0x379/0x750
[  431.558570][ T7250]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  431.558584][ T7250]  x86_emulate_instruction+0x838/0x1c00
[  431.558596][ T7250]  ? skip_emulated_instruction+0x2cd/0x6a0
[  431.558611][ T7250]  ? __pfx_skip_emulated_instruction+0x10/0x10
[  431.558628][ T7250]  handle_ud+0x103/0x280
[  431.558639][ T7250]  ? __pfx_handle_ud+0x10/0x10
[  431.558656][ T7250]  ? __lock_acquire+0x436/0x2890
[  431.558670][ T7250]  ? rcu_is_watching+0x12/0xc0
[  431.558679][ T7250]  ? __vmx_complete_interrupts+0x111/0x4e0
[  431.558692][ T7250]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  431.558704][ T7250]  handle_exception_nmi+0x856/0x1720
[  431.558718][ T7250]  ? __pfx_handle_exception_nmi+0x10/0x10
[  431.558730][ T7250]  vmx_handle_exit+0x129b/0x1a00
[  431.558745][ T7250]  vcpu_run+0x3468/0x5a80
[  431.558763][ T7250]  ? __pfx_vcpu_run+0x10/0x10
[  431.558779][ T7250]  ? complete_emulated_mmio+0x394/0x7f0
[  431.558793][ T7250]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  431.558805][ T7250]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  431.558821][ T7250]  kvm_vcpu_ioctl+0x76d/0x16d0
[  431.558837][ T7250]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  431.558853][ T7250]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  431.558864][ T7250]  ? do_vfs_ioctl+0x128/0x14f0
[  431.558878][ T7250]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  431.558932][ T7250]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  431.558952][ T7250]  ? hook_file_ioctl_common+0x144/0x410
[  431.558972][ T7250]  ? selinux_file_ioctl+0x180/0x270
[  431.558984][ T7250]  ? selinux_file_ioctl+0xb4/0x270
[  431.558997][ T7250]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  431.559013][ T7250]  __x64_sys_ioctl+0x18e/0x210
[  431.559026][ T7250]  do_syscall_64+0xcd/0xf80
[  431.559042][ T7250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.559054][ T7250] RIP: 0033:0x7f223898f7c9
[  431.559064][ T7250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.559081][ T7250] RSP: 002b:00007f2239859038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.559093][ T7250] RAX: ffffffffffffffda RBX: 00007f2238be5fa0 RCX: 00007f223898f7c9
[  431.559099][ T7250] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  431.559105][ T7250] RBP: 00007f2239859090 R08: 0000000000000000 R09: 0000000000000000
[  431.559111][ T7250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  431.559117][ T7250] R13: 00007f2238be6038 R14: 00007f2238be5fa0 R15: 00007fff6f508938
[  431.559130][ T7250]  </TASK>
[  431.602658][ T7252] xt_connbytes: Forcing CT accounting to be enabled
[  431.711239][ T7252] xt_CT: You must specify a L4 protocol and not use inversions on it
[  431.741874][ T7239] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.811527][ T7259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.364'.
[  431.854552][ T7239] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.857898][ T7262] FAULT_INJECTION: forcing a failure.
[  431.857898][ T7262] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  431.862638][ T7262] CPU: 1 UID: 0 PID: 7262 Comm: syz.4.365 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  431.862654][ T7262] Tainted: [L]=SOFTLOCKUP
[  431.862658][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.862664][ T7262] Call Trace:
[  431.862668][ T7262]  <TASK>
[  431.862672][ T7262]  dump_stack_lvl+0x16c/0x1f0
[  431.862690][ T7262]  should_fail_ex+0x512/0x640
[  431.862709][ T7262]  should_fail_alloc_page+0xe7/0x130
[  431.862724][ T7262]  prepare_alloc_pages+0x401/0x670
[  431.862741][ T7262]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  431.862752][ T7262]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  431.862764][ T7262]  ? is_bpf_text_address+0x94/0x1a0
[  431.862776][ T7262]  ? kernel_text_address+0x8d/0x100
[  431.862790][ T7262]  ? __kernel_text_address+0xd/0x40
[  431.862803][ T7262]  ? unwind_get_return_address+0x59/0xa0
[  431.862817][ T7262]  ? arch_stack_walk+0xa6/0x100
[  431.862832][ T7262]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  431.862850][ T7262]  ? check_path.constprop.0+0x24/0x50
[  431.862861][ T7262]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  431.862875][ T7262]  ? policy_nodemask+0xea/0x4e0
[  431.862890][ T7262]  alloc_pages_mpol+0x1fb/0x550
[  431.862919][ T7262]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  431.862931][ T7262]  ? kasan_save_track+0x14/0x30
[  431.862942][ T7262]  ? __kasan_kmalloc+0xaa/0xb0
[  431.862952][ T7262]  ? __get_vm_area_node+0x101/0x330
[  431.862969][ T7262]  alloc_pages_noprof+0x131/0x390
[  431.862982][ T7262]  get_free_pages_noprof+0x10/0xb0
[  431.862995][ T7262]  __kasan_populate_vmalloc+0xa0/0x220
[  431.863009][ T7262]  alloc_vmap_area+0x98d/0x2a50
[  431.863028][ T7262]  ? __pfx_alloc_vmap_area+0x10/0x10
[  431.863045][ T7262]  __get_vm_area_node+0x1ca/0x330
[  431.863061][ T7262]  __vmalloc_node_range_noprof+0x247/0x16b0
[  431.863076][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  431.863091][ T7262]  ? __pfx___might_resched+0x10/0x10
[  431.863101][ T7262]  ? rcu_is_watching+0x12/0xc0
[  431.863110][ T7262]  ? trace_contention_end+0xdd/0x110
[  431.863123][ T7262]  ? __mutex_lock+0x27b/0x1ca0
[  431.863137][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  431.863152][ T7262]  ? system_heap_vmap+0xad/0x5c0
[  431.863168][ T7262]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  431.863184][ T7262]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  431.863200][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  431.863214][ T7262]  __vmalloc_node_noprof+0xad/0xf0
[  431.863228][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  431.863244][ T7262]  system_heap_vmap+0x225/0x5c0
[  431.863261][ T7262]  ? __pfx_system_heap_vmap+0x10/0x10
[  431.863276][ T7262]  ? rcu_is_watching+0x12/0xc0
[  431.863285][ T7262]  ? trace_contention_end+0xdd/0x110
[  431.863300][ T7262]  dma_buf_vmap+0x2c1/0x480
[  431.863315][ T7262]  ? __pfx_system_heap_vmap+0x10/0x10
[  431.863330][ T7262]  ? __pfx_dma_buf_vmap+0x10/0x10
[  431.863348][ T7262]  drm_gem_shmem_vmap_locked+0x10f/0x7e0
[  431.863363][ T7262]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  431.863378][ T7262]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  431.863390][ T7262]  drm_gem_vmap_locked+0xc8/0x1c0
[  431.863407][ T7262]  drm_gem_vmap+0x4a/0xa0
[  431.863419][ T7262]  drm_gem_fb_vmap+0xc7/0x4d0
[  431.863437][ T7262]  vkms_prepare_fb+0x87/0xb0
[  431.863454][ T7262]  drm_atomic_helper_prepare_planes+0x1ef/0xbb0
[  431.863469][ T7262]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  431.863487][ T7262]  drm_atomic_helper_commit+0x191/0x380
[  431.863497][ T7262]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  431.863507][ T7262]  drm_atomic_commit+0x234/0x300
[  431.863523][ T7262]  ? __pfx_drm_atomic_commit+0x10/0x10
[  431.863538][ T7262]  ? __pfx___drm_printfn_info+0x10/0x10
[  431.863552][ T7262]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  431.863568][ T7262]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  431.863585][ T7262]  drm_atomic_helper_update_plane+0x30b/0x400
[  431.863633][ T7262]  __setplane_atomic+0x25a/0x380
[  431.863652][ T7262]  drm_mode_cursor_universal+0x4a6/0xcb0
[  431.863672][ T7262]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  431.863693][ T7262]  ? __pfx_drm_lease_held+0x10/0x10
[  431.863708][ T7262]  ? modeset_lock+0x114/0x6d0
[  431.863723][ T7262]  drm_mode_cursor_common+0x308/0x960
[  431.863742][ T7262]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  431.863757][ T7262]  ? avc_has_extended_perms+0x33a/0x1090
[  431.863775][ T7262]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  431.863786][ T7262]  ? lockdep_hardirqs_on+0x7c/0x110
[  431.863802][ T7262]  drm_mode_cursor_ioctl+0xd1/0x110
[  431.863812][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  431.863821][ T7262]  ? find_held_lock+0x2b/0x80
[  431.863838][ T7262]  ? do_raw_spin_unlock+0x172/0x230
[  431.863854][ T7262]  drm_ioctl_kernel+0x1f4/0x3e0
[  431.863867][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  431.863877][ T7262]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  431.863899][ T7262]  drm_ioctl+0x5c9/0xc30
[  431.863922][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  431.863934][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  431.863954][ T7262]  ? selinux_file_ioctl+0x180/0x270
[  431.863967][ T7262]  ? selinux_file_ioctl+0xb4/0x270
[  431.863981][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  431.864001][ T7262]  __x64_sys_ioctl+0x18e/0x210
[  431.864020][ T7262]  do_syscall_64+0xcd/0xf80
[  431.864035][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.864045][ T7262] RIP: 0033:0x7f223898f7c9
[  431.864054][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.864064][ T7262] RSP: 002b:00007f2239859038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.864074][ T7262] RAX: ffffffffffffffda RBX: 00007f2238be5fa0 RCX: 00007f223898f7c9
[  431.864080][ T7262] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  431.864086][ T7262] RBP: 00007f2239859090 R08: 0000000000000000 R09: 0000000000000000
[  431.864092][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  431.864097][ T7262] R13: 00007f2238be6038 R14: 00007f2238be5fa0 R15: 00007fff6f508938
[  431.864111][ T7262]  </TASK>
[  431.864295][ T7262] syz.4.365: vmalloc error: size 264, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  432.103976][ T7262] CPU: 1 UID: 0 PID: 7262 Comm: syz.4.365 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.103992][ T7262] Tainted: [L]=SOFTLOCKUP
[  432.103995][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.104002][ T7262] Call Trace:
[  432.104006][ T7262]  <TASK>
[  432.104010][ T7262]  dump_stack_lvl+0x16c/0x1f0
[  432.104028][ T7262]  warn_alloc+0x248/0x3a0
[  432.104041][ T7262]  ? __pfx_warn_alloc+0x10/0x10
[  432.104052][ T7262]  ? __get_vm_area_node+0x2cd/0x330
[  432.104069][ T7262]  ? __get_vm_area_node+0x2cd/0x330
[  432.104082][ T7262]  ? __get_vm_area_node+0x208/0x330
[  432.104098][ T7262]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  432.104113][ T7262]  ? __pfx___might_resched+0x10/0x10
[  432.104124][ T7262]  ? rcu_is_watching+0x12/0xc0
[  432.104133][ T7262]  ? trace_contention_end+0xdd/0x110
[  432.104147][ T7262]  ? __mutex_lock+0x27b/0x1ca0
[  432.104161][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  432.104177][ T7262]  ? system_heap_vmap+0xad/0x5c0
[  432.104193][ T7262]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  432.104209][ T7262]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  432.104225][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  432.104239][ T7262]  __vmalloc_node_noprof+0xad/0xf0
[  432.104254][ T7262]  ? system_heap_vmap+0x225/0x5c0
[  432.104270][ T7262]  system_heap_vmap+0x225/0x5c0
[  432.104288][ T7262]  ? __pfx_system_heap_vmap+0x10/0x10
[  432.104302][ T7262]  ? rcu_is_watching+0x12/0xc0
[  432.104311][ T7262]  ? trace_contention_end+0xdd/0x110
[  432.104327][ T7262]  dma_buf_vmap+0x2c1/0x480
[  432.104340][ T7262]  ? __pfx_system_heap_vmap+0x10/0x10
[  432.104356][ T7262]  ? __pfx_dma_buf_vmap+0x10/0x10
[  432.104374][ T7262]  drm_gem_shmem_vmap_locked+0x10f/0x7e0
[  432.104389][ T7262]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  432.104404][ T7262]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  432.104416][ T7262]  drm_gem_vmap_locked+0xc8/0x1c0
[  432.104428][ T7262]  drm_gem_vmap+0x4a/0xa0
[  432.104440][ T7262]  drm_gem_fb_vmap+0xc7/0x4d0
[  432.104459][ T7262]  vkms_prepare_fb+0x87/0xb0
[  432.104475][ T7262]  drm_atomic_helper_prepare_planes+0x1ef/0xbb0
[  432.104489][ T7262]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  432.104507][ T7262]  drm_atomic_helper_commit+0x191/0x380
[  432.104518][ T7262]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  432.104528][ T7262]  drm_atomic_commit+0x234/0x300
[  432.104543][ T7262]  ? __pfx_drm_atomic_commit+0x10/0x10
[  432.104557][ T7262]  ? __pfx___drm_printfn_info+0x10/0x10
[  432.104571][ T7262]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  432.104587][ T7262]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  432.104604][ T7262]  drm_atomic_helper_update_plane+0x30b/0x400
[  432.104622][ T7262]  __setplane_atomic+0x25a/0x380
[  432.104641][ T7262]  drm_mode_cursor_universal+0x4a6/0xcb0
[  432.104661][ T7262]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  432.104682][ T7262]  ? __pfx_drm_lease_held+0x10/0x10
[  432.104696][ T7262]  ? modeset_lock+0x114/0x6d0
[  432.104711][ T7262]  drm_mode_cursor_common+0x308/0x960
[  432.104729][ T7262]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  432.104744][ T7262]  ? avc_has_extended_perms+0x33a/0x1090
[  432.104762][ T7262]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  432.104772][ T7262]  ? lockdep_hardirqs_on+0x7c/0x110
[  432.104789][ T7262]  drm_mode_cursor_ioctl+0xd1/0x110
[  432.104798][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.104807][ T7262]  ? find_held_lock+0x2b/0x80
[  432.104824][ T7262]  ? do_raw_spin_unlock+0x172/0x230
[  432.104840][ T7262]  drm_ioctl_kernel+0x1f4/0x3e0
[  432.104856][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.104867][ T7262]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  432.104885][ T7262]  drm_ioctl+0x5c9/0xc30
[  432.104900][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.104910][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  432.104930][ T7262]  ? selinux_file_ioctl+0x180/0x270
[  432.104944][ T7262]  ? selinux_file_ioctl+0xb4/0x270
[  432.104957][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  432.104971][ T7262]  __x64_sys_ioctl+0x18e/0x210
[  432.104984][ T7262]  do_syscall_64+0xcd/0xf80
[  432.104999][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.105009][ T7262] RIP: 0033:0x7f223898f7c9
[  432.105018][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.105028][ T7262] RSP: 002b:00007f2239859038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.105037][ T7262] RAX: ffffffffffffffda RBX: 00007f2238be5fa0 RCX: 00007f223898f7c9
[  432.105043][ T7262] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  432.105061][ T7262] RBP: 00007f2239859090 R08: 0000000000000000 R09: 0000000000000000
[  432.105067][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  432.105073][ T7262] R13: 00007f2238be6038 R14: 00007f2238be5fa0 R15: 00007fff6f508938
[  432.105087][ T7262]  </TASK>
[  432.105124][ T7262] Mem-Info:
[  432.287650][ T7265] openvswitch: netlink: nsh attr 8 is out of range max 3
[  432.288063][ T7262] active_anon:24059 inactive_anon:0 isolated_anon:0
[  432.288063][ T7262]  active_file:13260 inactive_file:40653 isolated_file:0
[  432.288063][ T7262]  unevictable:1768 dirty:54 writeback:0
[  432.288063][ T7262]  slab_reclaimable:12372 slab_unreclaimable:66507
[  432.288063][ T7262]  mapped:25009 shmem:17818 pagetables:1261
[  432.288063][ T7262]  sec_pagetables:308 bounce:0
[  432.288063][ T7262]  kernel_misc_reclaimable:0
[  432.288063][ T7262]  free:438580 free_pcp:22852 free_cma:0
[  432.308174][ T7262] Node 0 active_anon:96236kB inactive_anon:0kB active_file:53040kB inactive_file:162408kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100036kB dirty:208kB writeback:0kB shmem:67736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13024kB pagetables:4848kB sec_pagetables:1232kB all_unreclaimable? no Balloon:0kB
[  432.318775][ T7262] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:96kB pagetables:196kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  432.332457][ T7262] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  432.347810][ T7262] lowmem_reserve[]: 0 1235 1235 1235 1235
[  432.350317][ T7262] Node 0 DMA32 free:138196kB boost:0kB min:27548kB low:34432kB high:41316kB reserved_highatomic:0KB free_highatomic:0KB active_anon:96236kB inactive_anon:0kB active_file:53040kB inactive_file:162408kB unevictable:3536kB writepending:208kB zspages:0kB present:2080628kB managed:1265168kB mlocked:0kB bounce:0kB free_pcp:68864kB local_pcp:16288kB free_cma:0kB
[  432.364442][ T7262] lowmem_reserve[]: 0 0 0 0 0
[  432.366850][ T7262] Node 1 Normal free:1602292kB boost:0kB min:39692kB low:49612kB high:59532kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB writepending:8kB zspages:0kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:22792kB local_pcp:6952kB free_cma:0kB
[  432.380380][ T7262] lowmem_reserve[]: 0 0 0 0 0
[  432.382385][ T7262] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  432.388869][ T7262] Node 0 DMA32: 1491*4kB (UM) 797*8kB (UME) 370*16kB (UME) 630*32kB (UME) 167*64kB (UME) 28*128kB (UME) 10*256kB (UM) 10*512kB (UME) 6*1024kB (U) 3*2048kB (UME) 16*4096kB (M) = 138196kB
[  432.397389][ T7262] Node 1 Normal: 3*4kB (ME) 5*8kB (UE) 10*16kB (ME) 27*32kB (UME) 19*64kB (UME) 8*128kB (UME) 2*256kB (UE) 6*512kB (UME) 0*1024kB 1*2048kB (M) 389*4096kB (M) = 1602292kB
[  432.403372][ T7262] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  432.406756][ T7262] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  432.409506][ T7262] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  432.412393][ T7262] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  432.416698][ T7262] 71727 total pagecache pages
[  432.418659][ T7262] 0 pages in swap cache
[  432.420350][ T7262] Free swap  = 124996kB
[  432.421935][ T7262] Total swap = 124996kB
[  432.423558][ T7262] 1048443 pages RAM
[  432.425087][ T7262] 0 pages HighMem/MovableOnly
[  432.427864][ T7262] 282840 pages reserved
[  432.429539][ T7262] 0 pages cma reserved
[  432.431943][ T7262] ------------[ cut here ]------------
[  432.434556][ T7262] WARNING: drivers/dma-buf/dma-buf.c:1528 at dma_buf_vmap+0x41b/0x480, CPU#0: syz.4.365/7262
[  432.438526][ T7262] Modules linked in:
[  432.440159][ T7262] CPU: 0 UID: 0 PID: 7262 Comm: syz.4.365 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.443529][ T7262] Tainted: [L]=SOFTLOCKUP
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  432.444766][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.447977][ T7262] RIP: 0010:dma_buf_vmap+0x41b/0x480
[  432.449491][ T7262] Code: fc e9 94 fd ff ff 48 8b 3c 24 e8 90 2d 20 fc e9 26 ff ff ff e8 56 54 b6 fb 90 0f 0b e8 4e 54 b6 fb 90 0f 0b e8 46 54 b6 fb 90 <0f> 0b 90 e9 25 fe ff ff 4c 89 f7 e8 a5 2c 20 fc e9 82 fd ff ff e8
[  432.455867][ T7262] RSP: 0018:ffffc9000720f420 EFLAGS: 00010293
[  432.458196][ T7262] RAX: 0000000000000000 RBX: ffff88802ce06800 RCX: ffffffff8608a63d
[  432.461529][ T7262] RDX: ffff8880352024c0 RSI: ffffffff8608a78a RDI: 0000000000000005
[  432.464609][ T7262] RBP: ffffc9000720f4c8 R08: 0000000000000005 R09: 0000000000000000
[  432.467713][ T7262] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffff88802ce04cd0
[  432.470669][ T7262] R13: 1ffff92000e41e88 R14: ffff88802ce06830 R15: 00000000fffffff4
[  432.473684][ T7262] FS:  00007f22398596c0(0000) GS:ffff8880d68f4000(0000) knlGS:0000000000000000
[  432.477331][ T7262] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  432.479803][ T7262] CR2: 000000110c26166f CR3: 00000000521bf000 CR4: 0000000000352ef0
[  432.482740][ T7262] Call Trace:
[  432.483785][ T7262]  <TASK>
[  432.484727][ T7262]  ? __pfx_system_heap_vmap+0x10/0x10
[  432.486743][ T7262]  ? __pfx_dma_buf_vmap+0x10/0x10
[  432.488365][ T7262]  drm_gem_shmem_vmap_locked+0x10f/0x7e0
[  432.489927][ T7262]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  432.491654][ T7262]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  432.493384][ T7262]  drm_gem_vmap_locked+0xc8/0x1c0
[  432.494915][ T7262]  drm_gem_vmap+0x4a/0xa0
[  432.496294][ T7262]  drm_gem_fb_vmap+0xc7/0x4d0
[  432.497619][ T7262]  vkms_prepare_fb+0x87/0xb0
[  432.498893][ T7262]  drm_atomic_helper_prepare_planes+0x1ef/0xbb0
[  432.500663][ T7262]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  432.502160][ T7262]  drm_atomic_helper_commit+0x191/0x380
[  432.503735][ T7262]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  432.505756][ T7262]  drm_atomic_commit+0x234/0x300
[  432.507242][ T7262]  ? __pfx_drm_atomic_commit+0x10/0x10
[  432.508767][ T7262]  ? __pfx___drm_printfn_info+0x10/0x10
[  432.510285][ T7262]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  432.511963][ T7262]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  432.513639][ T7262]  drm_atomic_helper_update_plane+0x30b/0x400
[  432.515394][ T7262]  __setplane_atomic+0x25a/0x380
[  432.517021][ T7262]  drm_mode_cursor_universal+0x4a6/0xcb0
[  432.518832][ T7262]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  432.520633][ T7262]  ? __pfx_drm_lease_held+0x10/0x10
[  432.522107][ T7262]  ? modeset_lock+0x114/0x6d0
[  432.523418][ T7262]  drm_mode_cursor_common+0x308/0x960
[  432.524952][ T7262]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  432.526681][ T7262]  ? avc_has_extended_perms+0x33a/0x1090
[  432.528287][ T7262]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  432.529938][ T7262]  ? lockdep_hardirqs_on+0x7c/0x110
[  432.531391][ T7262]  drm_mode_cursor_ioctl+0xd1/0x110
[  432.533086][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.535048][ T7262]  ? find_held_lock+0x2b/0x80
[  432.536595][ T7262]  ? do_raw_spin_unlock+0x172/0x230
[  432.538184][ T7262]  drm_ioctl_kernel+0x1f4/0x3e0
[  432.539631][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.541318][ T7262]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  432.542906][ T7262]  drm_ioctl+0x5c9/0xc30
[  432.544180][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.546132][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  432.547675][ T7262]  ? selinux_file_ioctl+0x180/0x270
[  432.549208][ T7262]  ? selinux_file_ioctl+0xb4/0x270
[  432.550711][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  432.552152][ T7262]  __x64_sys_ioctl+0x18e/0x210
[  432.553612][ T7262]  do_syscall_64+0xcd/0xf80
[  432.555041][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.556872][ T7262] RIP: 0033:0x7f223898f7c9
[  432.558188][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.563721][ T7262] RSP: 002b:00007f2239859038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.566266][ T7262] RAX: ffffffffffffffda RBX: 00007f2238be5fa0 RCX: 00007f223898f7c9
[  432.568572][ T7262] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  432.570851][ T7262] RBP: 00007f2239859090 R08: 0000000000000000 R09: 0000000000000000
[  432.573130][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  432.575521][ T7262] R13: 00007f2238be6038 R14: 00007f2238be5fa0 R15: 00007fff6f508938
[  432.577844][ T7262]  </TASK>
[  432.578778][ T7262] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  432.580838][ T7262] CPU: 0 UID: 0 PID: 7262 Comm: syz.4.365 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  432.583841][ T7262] Tainted: [L]=SOFTLOCKUP
[  432.585148][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.588258][ T7262] Call Trace:
[  432.589466][ T7262]  <TASK>
[  432.590478][ T7262]  dump_stack_lvl+0x3d/0x1f0
[  432.591850][ T7262]  vpanic+0x640/0x6f0
[  432.593029][ T7262]  ? dma_buf_vmap+0x41b/0x480
[  432.594725][ T7262]  panic+0xca/0xd0
[  432.596086][ T7262]  ? __pfx_panic+0x10/0x10
[  432.597703][ T7262]  ? check_panic_on_warn+0x1f/0xb0
[  432.599221][ T7262]  check_panic_on_warn+0xab/0xb0
[  432.600686][ T7262]  __warn+0x108/0x3c0
[  432.601878][ T7262]  __report_bug+0x2a0/0x520
[  432.603226][ T7262]  ? dma_buf_vmap+0x41b/0x480
[  432.604678][ T7262]  ? __pfx___report_bug+0x10/0x10
[  432.606187][ T7262]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  432.608114][ T7262]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  432.609852][ T7262]  ? __vmalloc_node_noprof+0xad/0xf0
[  432.611400][ T7262]  ? dma_buf_vmap+0x41b/0x480
[  432.612786][ T7262]  report_bug+0xb2/0x220
[  432.614035][ T7262]  ? dma_buf_vmap+0x41b/0x480
[  432.615437][ T7262]  handle_bug+0x127/0x260
[  432.616762][ T7262]  exc_invalid_op+0x17/0x50
[  432.618185][ T7262]  asm_exc_invalid_op+0x1a/0x20
[  432.619874][ T7262] RIP: 0010:dma_buf_vmap+0x41b/0x480
[  432.621457][ T7262] Code: fc e9 94 fd ff ff 48 8b 3c 24 e8 90 2d 20 fc e9 26 ff ff ff e8 56 54 b6 fb 90 0f 0b e8 4e 54 b6 fb 90 0f 0b e8 46 54 b6 fb 90 <0f> 0b 90 e9 25 fe ff ff 4c 89 f7 e8 a5 2c 20 fc e9 82 fd ff ff e8
[  432.626949][ T7262] RSP: 0018:ffffc9000720f420 EFLAGS: 00010293
[  432.628712][ T7262] RAX: 0000000000000000 RBX: ffff88802ce06800 RCX: ffffffff8608a63d
[  432.630969][ T7262] RDX: ffff8880352024c0 RSI: ffffffff8608a78a RDI: 0000000000000005
[  432.633242][ T7262] RBP: ffffc9000720f4c8 R08: 0000000000000005 R09: 0000000000000000
[  432.635564][ T7262] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffff88802ce04cd0
[  432.637841][ T7262] R13: 1ffff92000e41e88 R14: ffff88802ce06830 R15: 00000000fffffff4
[  432.640112][ T7262]  ? dma_buf_vmap+0x2cd/0x480
[  432.641474][ T7262]  ? dma_buf_vmap+0x41a/0x480
[  432.642839][ T7262]  ? __pfx_system_heap_vmap+0x10/0x10
[  432.644420][ T7262]  ? __pfx_dma_buf_vmap+0x10/0x10
[  432.645896][ T7262]  drm_gem_shmem_vmap_locked+0x10f/0x7e0
[  432.647510][ T7262]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  432.649315][ T7262]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  432.651091][ T7262]  drm_gem_vmap_locked+0xc8/0x1c0
[  432.652551][ T7262]  drm_gem_vmap+0x4a/0xa0
[  432.653897][ T7262]  drm_gem_fb_vmap+0xc7/0x4d0
[  432.655613][ T7262]  vkms_prepare_fb+0x87/0xb0
[  432.657277][ T7262]  drm_atomic_helper_prepare_planes+0x1ef/0xbb0
[  432.659306][ T7262]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  432.660880][ T7262]  drm_atomic_helper_commit+0x191/0x380
[  432.662460][ T7262]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  432.664259][ T7262]  drm_atomic_commit+0x234/0x300
[  432.665727][ T7262]  ? __pfx_drm_atomic_commit+0x10/0x10
[  432.667527][ T7262]  ? __pfx___drm_printfn_info+0x10/0x10
[  432.669282][ T7262]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  432.671014][ T7262]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  432.672776][ T7262]  drm_atomic_helper_update_plane+0x30b/0x400
[  432.675026][ T7262]  __setplane_atomic+0x25a/0x380
[  432.676701][ T7262]  drm_mode_cursor_universal+0x4a6/0xcb0
[  432.678296][ T7262]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  432.680054][ T7262]  ? __pfx_drm_lease_held+0x10/0x10
[  432.681519][ T7262]  ? modeset_lock+0x114/0x6d0
[  432.682868][ T7262]  drm_mode_cursor_common+0x308/0x960
[  432.684531][ T7262]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  432.686265][ T7262]  ? avc_has_extended_perms+0x33a/0x1090
[  432.687929][ T7262]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  432.689644][ T7262]  ? lockdep_hardirqs_on+0x7c/0x110
[  432.691199][ T7262]  drm_mode_cursor_ioctl+0xd1/0x110
[  432.692709][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.694449][ T7262]  ? find_held_lock+0x2b/0x80
[  432.695915][ T7262]  ? do_raw_spin_unlock+0x172/0x230
[  432.697805][ T7262]  drm_ioctl_kernel+0x1f4/0x3e0
[  432.699389][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.701134][ T7262]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  432.702742][ T7262]  drm_ioctl+0x5c9/0xc30
[  432.704035][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  432.705792][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  432.707211][ T7262]  ? selinux_file_ioctl+0x180/0x270
[  432.708769][ T7262]  ? selinux_file_ioctl+0xb4/0x270
[  432.710261][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[  432.711667][ T7262]  __x64_sys_ioctl+0x18e/0x210
[  432.713101][ T7262]  do_syscall_64+0xcd/0xf80
[  432.714622][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.716616][ T7262] RIP: 0033:0x7f223898f7c9
[  432.717926][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.723432][ T7262] RSP: 002b:00007f2239859038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.725900][ T7262] RAX: ffffffffffffffda RBX: 00007f2238be5fa0 RCX: 00007f223898f7c9
[  432.728314][ T7262] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  432.730598][ T7262] RBP: 00007f2239859090 R08: 0000000000000000 R09: 0000000000000000
[  432.732903][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  432.735230][ T7262] R13: 00007f2238be6038 R14: 00007f2238be5fa0 R15: 00007fff6f508938
[  432.737532][ T7262]  </TASK>
[  432.739391][ T7262] Kernel Offset: disabled
[  432.740794][ T7262] Rebooting in 86400 seconds..