last executing test programs:

1m17.384444854s ago: executing program 2 (id=258):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000016c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x8, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote, {[@timestamp={0x44, 0xc, 0xc, 0x0, 0x0, [0x0, 0x0]}]}}, @echo}}}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb}, 0xc)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000004c0)=0xe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000280)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}}, 0x0, 0x0, 0x44, 0x0, "e541bd3d3aa6a2d875e9671e8abcb31c134f3a9db8f52e1f54fe6e079f35ac63186c7244fc3b3801e79b8e5545b90f2dbec29f15cec2fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db"}, 0xd8)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x0)
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}], 0x0)

1m16.244385035s ago: executing program 2 (id=265):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
readv(r1, &(0x7f0000000480)=[{&(0x7f0000000200)=""/216, 0xd8}], 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
flistxattr(r4, 0x0, 0xdeff)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r1, 0x4144, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000980)='/proc/bus/input/handlers\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x54}, {0x6}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x71, 0x71, 0x5, [@int={0xd, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x39}, @union={0x0, 0x5, 0x0, 0x5, 0x0, 0x7, [{0x2, 0x0, 0x8}, {0x6, 0x4, 0xffff0000}, {0xe, 0x0, 0x4}, {0x9, 0x0, 0x9}, {0xc, 0x1, 0x8}]}, @datasec={0x10, 0x0, 0x0, 0xf, 0x1, [], "a5"}, @restrict={0x0, 0x0, 0x0, 0xb, 0x5}]}, {0x0, [0x2e, 0x5f, 0x5f]}}, &(0x7f0000000140)=""/78, 0x91, 0x4e, 0x1, 0x10001}, 0x20)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x100580)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = dup(r8)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000280)={0xf000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f00000001c0))
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r8, 0x4010ae68, &(0x7f0000000040))
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r6, 0xc0305302, &(0x7f0000000200)={0x80000000, 0x9, 0x80000001, 0xfff, 0x10000, 0x2})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="181100000000000078f813e1ffde97542fa22eaa535e000000000000002020207b1af8ff00000000bfa100000000000007010000f861b4c92d02000800000000b7030000c55c000000006800000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r10}, 0x10)
times(0x0)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r11, 0x4b49, &(0x7f0000000780)={0x0, "033eed6e42faff815f993fd0e9dd486dfb0738b00d97eddf79b5ee5f7363bac424a2b131e83f05ec4334c91999e9f4f560b48dc25552a177b1d80d7db59f2f0126ceb914b840846596aae8da5590013ab5b4b962725fbc348ab654719dfd487f5c3f55a331645638f39424392979339de815e87c3cd49d6133ec8fb4448de4184c03b4a95fa7cb8ed05f3d9aa144fb061789def56783bebfc614fe84084939ae6f52435d74d9bbedc65b9cc6e831b0d486dba7267233947e1277a949a7e5938fb5655e6b54243e26a1cf0b97edbe52c0b95967ace9fe91f29cd76a5a5fe5d85c4bfee5aeb73ffdd2a21f9e933330529884de6182649fb72c54abc89271a08741f222edbef7bed6088465daccbe048a23c8e6114280657430345a71ab8b18b67c869f227c35d1e9a37c4401be2edd1b81486d4139d8b0ae22f71ead0a3cf74ecb5aca2298f43b9ceb7539b232a5093dfd0c884fc1733183d920cd46fbdc3debfc81b4e936092d74241b58342f4a554b23ec215a0804306734e232450a2bc6d10d6643865cece618a5e01baf06857d526f71fceff930046ce8f1e0195bed7022ab48bde3c7e40872a74d0b1b5b390a2db5c88c26f8f083b2d55d88fd057f9817e194333e8b287aafe6c07af322e533811b33758bba6e582b0a8216a457de4f4b97b59bb3c76e1a81875b5d0ffd39b1b61c2c249927f1d0b6162ef93b80bbfa2416"})

1m10.687751829s ago: executing program 2 (id=273):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f0000000000)='udf\x00', 0x8200, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
sendto(r0, &(0x7f00000000c0)="2c1f3e1e1da4e497b36dd0822a97f2b9864bab2efb30f9", 0x17, 0x8003, &(0x7f0000000100)=@ethernet={0x1, @broadcast}, 0x80)

1m5.242386429s ago: executing program 2 (id=276):
socket$key(0xf, 0x3, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20902, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x20002)
write$FUSE_LSEEK(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="cdcd10ab56d0f9464f0618b795bcfde3100fc32935b548e6f11c493417d16aaf3dc6b96251a314f8fe7d60fa1e4b54e46d99e926d4ad36ed0b916cc137a5d9279f"], 0x14}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000280)="0c000000010001", 0x7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4008000)
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x40}, &(0x7f00000004c0), &(0x7f00000001c0))
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="180000001600010a00000000000000000a0000"], 0x78}}, 0x0)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000020240), 0x10010)
write$sequencer(r0, &(0x7f0000000040)=ANY=[@ANYRES32=r2, @ANYRES16, @ANYRES64], 0x10)
socket$netlink(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd33570000000000000000251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c4c314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829be1827f9df303160df18597efba46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406200b3b1c321cc158dbe17123eace3000000000000000000000000000000000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b675639a26c76840cce40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c0705caae54024cf8ade6396ff44482284f415e5769d9ae8688a8d5516690aae9ce1c785262734723519b042a161e6efabf263a46ba92254a51ff6502470f3038cf6d8d991931cfd82ea97e1b596133e7754908d912d1054d174f5a731c019f152a5ca2e48599b6d563bfcd8c0950f4292769217a6e309452b14e64ae64ad58ced33582a1b3d2e0c300059fb1ee78cdddb827293de267d64bf47c3c8c419683c948e46de8cea0b232da00ff39ebef3b73b3d6fbeecd3f9ff06b7e08ed8ce2b9b9cf2e08975f5959fa7028f68c525ab173c0c553d21bd1e9176abdf799e7a08d2f3c14e1ca99d525bc3af0ca0f48f145c65b10dfc67803aab67f6b631d3d7e237fec4bc6eacc364b7cdd925973705d40c5a614e354d9b92357845d15ea41ad3e3a98396131f835e17f0cbfbdc59453991e689f9ce19bd4a3b4121e5a8b5dbb519b5556cb70603ceac0b7ca02cb05a01afa3164ca428add947673cdba49a0e6e8aeeddf52c0f0ef224c69a3c96c2fddf56d74c4ae7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)

1m3.743070541s ago: executing program 2 (id=283):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = dup2(r2, r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0xffffffa8}], 0x1, 0x800, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = gettid()
tkill(r6, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r3, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000300)={'syztnl0\x00', &(0x7f0000000440)={'syztnl0\x00', r7, 0x10, 0x8000, 0x200, 0x3, {{0x37, 0x4, 0x2, 0x3, 0xdc, 0x66, 0x0, 0x0, 0x2f, 0x0, @multicast1, @rand_addr=0x64010101, {[@ra={0x94, 0x4}, @ra={0x94, 0x4}, @cipso={0x86, 0x2c, 0x0, [{0x1, 0x10, "b1c477729992bce20e65bc0ae63b"}, {0x2, 0x9, "a9ea393a40838d"}, {0x0, 0xd, "a5289f539fc62418d2b5a1"}]}, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x3, 0x31}, @timestamp_addr={0x44, 0x2c, 0x66, 0x1, 0x3, [{@broadcast, 0x9}, {@rand_addr=0x64010101, 0x3ff}, {@local, 0x5ef}, {@remote, 0x8}, {@multicast2}]}, @timestamp_prespec={0x44, 0x54, 0xeb, 0x3, 0x6, [{@broadcast, 0x7}, {@empty, 0x6}, {@remote, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfff}, {@local, 0x80000000}, {@empty, 0x3f}, {@multicast2, 0x7}, {@local, 0x85}, {@broadcast}]}, @timestamp_addr={0x44, 0xc, 0x2b, 0x1, 0x9, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x100}]}]}}}}})
socket$netlink(0x10, 0x3, 0xc)
write$P9_RGETLOCK(r5, &(0x7f0000000540)=ANY=[@ANYBLOB='!\x00\x00\x007\x00'/24, @ANYRES32=0x0, @ANYBLOB="03fd36c4f443494101b42b28021f76353ab3c0a5cf362fc19de702bf8cc6c0f4ace9dd8faf6d615f6a2f617979905ccb523505f2739d5c778ac756814f1db1a86c4d22e94b8529ae4142f8eeb30d67fdb99f5760407cbdee51130cf688cd21be886ec7feecbd304617f08545acc28c4bbfd4e1b366edee6c92786af185d69bb6a1df7b84f74fa24d5e81d8453b5936758870f3fd357314d98c9e9d35c620abffd8660dbd5ac36a5894dd65fb5e1aea82d0d978c8a16848f768f534d5e2894fe3de783fdffd3748025af79d0c57fe7ec970db000006aa95932abe718951195bdb20d8"], 0xe6da)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf2000000000000015000000081400002d0301000000000095000000000000006916600000000000bf67000000000000260300000fff0710670600000f000000170300000ee60060bf050000000000001d360000000000006507f9ff01000000070700004c00d6cfcc75000000000000bf54000000000000070400000400f9ffad4301000000000095004000000000000500000000000000950000000000000032ff7f5be95e09b67754bb12feffffff8ecf264e0f84f9f17d3c51e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703d6c4f6f3be5b369289aa6812b8e007e733a9a4f16d0abbd5ad9381806ef08513e3d3778a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad5b803306b17cf4ef3f1d45f65727546e7c955ccefa1f6ab689fde4de4e63edf10271a5144ddc8da3aa5b0ab733a1b9ff129e609f4c787c6002d4519af619e3a2a4d69e0dee5eb106774a8f3e6916dfec88b5634ef79b02d2ca8ff54c158f0200000000eafb735fd552bdc206004aeb0743eb2dc819cf5c8ac86d8a297dff0445a13d00dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174cecac4d03723f1c932b3faffffffffffffff5fc998e13b670e373e3e5897f7ad2e99e0e67a993716dbf580469f0f53acbb40b401e3738270b315d362ed834f2a0700000096649a462e7ee4bcf8b07a101c879730beb4000000000000000000000000000000bc00f674629709e7e78f4ddc3d1bc3ebf0bd9d42ca019dd5d022cf7468659fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3472f4445d253887a5ad103649afa17691bb10184031e03a651bb96589a7eab04871bc47287cd313f3bea788ea2bcdc340ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f3767ce603c9d48cac052ca363f601ae899a53f67b63d20a268bb9f15a0a6e66ce4660fbee91629ab028acfc1d9260e9659a0f6a5480a55c22fe3ae5f562d0ae520c38d2bab6528000000596fb73a96b33c81cdbbd421a27f7f1db054cc7a0a4d372849c99a98822103b9851d924b85b1ca4b21b187db00000000000000066dead3b9670a7604a5ddd0fd2e4fb8a5749a8a8ad78454ba1eebeff1b528da294247d294d2487babb176fdfafeb3d492a325671e6b91afb41f87feda4ce2f468a3758750c0b8f151d4d8574bbbe027687a0e12311cdf3384a26ee3f6f2424b92e5be98ef1f8f2db9a4991e234f9f447e1730ceaf54cf25c0e3ad7cbb0de06d55db89d154c9d3fcd01c551b0ef5d5305845b9a8763b264e8f0bcd0f606fe92e511f122325ebc5fef1b67845d0eb8b8a4f97f83424221e94a5c4623feb8496ccdbc55b27773bf1b3e6a91a20e0c27fc80262647f88d8d1123d199b2c7729bb7700e887ea963f00004a1d0851dbfb9308d16cadcc7b477c9a84e3d6bd82526898735552a203c4797228533b1a73ab44aa115136353964648abcc4adbe765556643842290a92eafea0ec2c000000000000000000000000000000e1f3518dc3fc2bbefe043804ac1b6b1c8b7e3afed045a3a808700bca61a39d5bfa83877803013e2d145e642253632f3a283c6eee0e22cb69fe7f94786220c31e9b2a82a9856e947bace74923e4740bf1c17cb41ef19161c3d417655517c28bd08dee32d77a40b834ba7a12223354e9321b8300f7d5d63fa0e8f074adc176285a8f41609ce040cec99943792f5443ca5292447b0f0f240743c4b2b8142ce0b43d4d1731ce11533f61ef241c83557f5aae58a848b5ccce86b8b0fb21fe369c90f06e2d9680003df72f3f0060e6c3415cc1026d342003bece09fbfd062efdd9b48377335903f3b4e87386915e3ac429a4db646da1cc6e29ad8650f4da326cbfdce12c8d5deba32549d6aefe422e0d665d62325c737fe76ec1f3c3670ed96f86738a2cf1c59b5f9b84ffd068f7b4509f53617910a41b811a3f7cd6251f8100008133af11a4db2d00c0ad86ce9f40f3e06b41b45f729468548e5d8302802e5846b920"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xf000000}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
fcntl$setstatus(r3, 0x4, 0x2400)
write$UHID_INPUT(r1, &(0x7f0000001040)={0x7, {"a2e3ad21ed0d52f91b5d330987f70e06d038e7ff7fc6e5539b0d47078b089b34073b68090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a97370614060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)

1m2.910519653s ago: executing program 0 (id=285):
r0 = memfd_create(0x0, 0x0)
write(r0, 0x0, 0x0)
syz_open_dev$swradio(&(0x7f0000000b80), 0x1, 0x2)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x103902, 0x0)
r2 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8001)

59.594923207s ago: executing program 0 (id=290):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x102, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x2000000, 0x10c, 0x0, &(0x7f00000003c0)="63eced8e46dc3f0adf33c9f7bb1440000000f0dd5103b9d0ffd59fb98624fd5f97cabcd525b7846b24ee6ea6d50f4727c71f92c0d888358d54b3dfd6bf646ba219120ccd9d3872c3c82b560b430f7a6e8131828474bdc4cd4fccdf208c5a3a3c263724e568018bf042c5b04e3a557ded93dae9fd5c319f42a02779936f", 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305839, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="b40000001800000426bd7000010000801c2020fffd04c802001600000c00090001001020", @ANYRES32=0x0, @ANYBLOB="840013000000000000000000000f0f00000002000000000000000000000000000000010000000f00000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000010000000000000001000000000000000300000000000000000005001a0001000000"], 0xb4}, 0x1, 0x0, 0x0, 0x4000015}, 0x8000)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
sendto$inet(r5, 0x0, 0x0, 0x400c8c6, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r5, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
write$UHID_INPUT(r4, &(0x7f0000001980)={0x765, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3245078b089b39353b0e1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b33300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
open(0x0, 0x400000, 0x0)
msgget$private(0x0, 0x40)
msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='U'], 0x8, 0x0)
msgrcv(0x0, &(0x7f00000001c0)={0x0, ""/168}, 0xb0, 0xeaffffffffffffff, 0x0)
open(&(0x7f0000000440)='./bus\x00', 0x0, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})

8.467095134s ago: executing program 1 (id=369):
timer_create(0x2, &(0x7f00000002c0)={0x0, 0x0, 0x0, @thr={&(0x7f0000000100)="71d6643e950242bc99be825312a2a66ec20600", &(0x7f00000006c0)="2fd0d2c55a12369410f181411c7bb77131e4087119c88e9facbfed6897ecb26b226fa6f5090c1fae900ef1dacac59d8e3372cd19c2a983e68c78ad97930c7c7938cb076a7b1c39b61dca73bbd3e49d6d9df180188b381b0281cdc3f5ff3cd3e381fecdef0528bcb0fb008c015e700131f728cc6deb953bf755945c55c8768367592903b88e48d69a7e73f735234eafcaab061e187d97c7ece9cbd84e1459e9e70bc079e31f1ecb51e16e2248648e43d6d0d86bc59e7a2e5884cc4145d94b653edbb91be0694b43b6b3caaec2cfef6209f10dd575cde529912566c99d3fdcbdf6159e5f54cbf67ed2a35d3475305c406e7ccacb2c01"}}, 0x0)
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0x2}]}]}}}], 0x18}}], 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000c40)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x80000000)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000001c0)={'wlan1\x00'})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@loopback, @in=@multicast2}}, {{@in=@dev, 0x0, 0x33}, 0x0, @in6=@loopback}}, 0xe8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2)
ioctl$VIDIOC_QUERYCAP(r3, 0x80685600, &(0x7f0000000200))
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r4, 0x0)
keyctl$revoke(0x6, r4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYRESDEC, @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="020000", @ANYRES32, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000580), 0x24, 0x0)
unlinkat(0xffffffffffffffff, &(0x7f0000000380)='./file1\x00', 0x200)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000040)=0x20)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)

8.339154504s ago: executing program 4 (id=370):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./bus\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x40046207, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000000)={0xc, 0x0, &(0x7f00000003c0)=[@increfs, @enter_looper], 0x0, 0x0, 0x0})
dup3(r4, r3, 0x0)
r5 = syz_io_uring_setup(0x24b9, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x353, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)="f1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000580)={0x10, 0x0, &(0x7f0000000700)=[@request_death={0x400c630e, 0x0, 0xffffff7f00000000}], 0x0, 0x1000000000000, 0x0})
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
creat(&(0x7f0000000100)='./bus\x00', 0x0)

7.393759498s ago: executing program 4 (id=371):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x5}, {0x1, 0x4}, {0x400, 0x9, 0x2, 0x2}, {0x1, 0x5, 0x6, 0x400}]})
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)

7.303270648s ago: executing program 1 (id=372):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x8042, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000040)={0x1, 0xff, 0x1f})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r1, 0x0, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r2, 0x5100)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000880)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r3, 0x40085503, &(0x7f0000000400)=0x100000)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000340)={r0, 0x9, 0x7ff})
read$midi(r1, &(0x7f00000000c0)=""/78, 0x4e)
ioctl$SNDCTL_SEQ_RESET(r2, 0x5100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x8c, 0x8c, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2, 0x3}}, @func_proto={0x0, 0xa, 0x0, 0xd, 0x0, [{0x0, 0x2}, {0x9, 0x4}, {0x6, 0x4}, {0x4, 0x4}, {0x6, 0x1}, {0xc, 0x1}, {0x10, 0x2}, {0xb, 0x5}, {0x0, 0x2}, {0xb}]}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1, 0x4}]}]}}, 0x0, 0xa6, 0x0, 0x3}, 0x20)
mount(&(0x7f0000000300)=@sg0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hpfs\x00', 0x2880c10, &(0x7f0000000240)='\\/\x00')
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000140))
write$eventfd(0xffffffffffffffff, &(0x7f00000002c0)=0x7, 0x8)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080))

7.087827482s ago: executing program 4 (id=374):
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x980, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x61}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x0, 0x5, 0x9fd, 0x84}, 0x48)
socket(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="850000022ee40a998159501ffc0000002500000000000000950000100000aa242dc17994c6271c26bd0765fe87e92c65edda8180eec7e48599c099f20dd92e141cc7281972f0a462e57aac81720a411264c1ccb1774c06f1e0d872320fa853f56105d53925"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000030c0)=ANY=[@ANYBLOB="180000001600050200e616566e25b8ab660008"], 0x18}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000780)=0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x820061, &(0x7f0000000180)={[{@size={'size', 0x3d, [0x31]}}]})
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x800443d2, 0x20000000)

5.574591659s ago: executing program 3 (id=376):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000000c0), 0x4)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef)
ioctl$PIO_FONTRESET(r2, 0x541b, 0x20000000)
r3 = memfd_create(&(0x7f0000000080)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00]\xd8\xebD\x82S\x17?\xd6As\xc2\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xc5*T\x1e^\xf7o\xff\xff\xff\xffwI\x02\xf3\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xce\x83\xab\x05\x19-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6\xff\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\xf1\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x9bth~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94', 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e00000001300000000000000000000007374726565626f673531322d67656e65726963efffffff0000000000000000000000000000fc4e35ef000000000000000000000000000000000000000000000000000000000000000000000000000000009300"/224], 0xe0}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x40, 0x0, 0x0, 0x0, 0x0, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x40}}, 0x80)
sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c0000735a4976040000000000f0ff0000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800500100000000000"], 0x3c}}, 0x0)

5.532672119s ago: executing program 1 (id=377):
openat$random(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffecc, &(0x7f0000000200)=0x101)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2b22c0, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x10, r4, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x0, 0x0)
r6 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
pipe2$watch_queue(&(0x7f00000002c0)={<r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0)
add_key$user(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x3}, &(0x7f0000000280)="db8481df221363a222d850d2210f2313ce3c19c4c60290d27f0f4cf370f23ba6e7a1f1247b25ea9318f178d1ee2c37cadcb85bd464afe411dda364746c1181d43447dc2ef3520198e9fd91fcb98f136be22c20f8eaf6b0a6f9d274a3dc8b0e7435bef7383d41c50ac1a8bb6b12ff729e1bc87919ad86949133cd23ef8cf7fa8bafd7c85326268610088aee50eb89272778e31ab0e95552fe6d4969b8b20de9fcaa63e1d810929838f53569e10555e73412440daec6cb3bc22dcf6d9942bf07bf6cbaf7e12d49f3e8ed2576", 0xcb, r6)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

5.243240202s ago: executing program 3 (id=378):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
gettid() (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x25, 0x0, @thr={&(0x7f00000016c0)="ada0d22fe4c60c3243cd201ec12d4a036ee02299d5fca833d33dfc214efc397639e60b9637b0214326203e00a96a44eeffbcb799939d86e9643237d6abca85cca7ea5cf70da36e54c9a731ff0e3e81a96a1e481638e772cd83954635c8b6619335bce2f774b497c7f4a132036e9469ae41bbbfcd37259200a3e3b703bbba5d3ae0319be17928ab06dd4106496b67ff77861f183f23b1f5ee025553fb1cdf106fb1904957e83e8d5bac14e1f90328d5482b57dcf415c4f5e779ecca602eee90b628cd5b7a4d9f6b0a162f76f2d1d4c1f1cd7288641390ae59171b4537873844e807aaea82076b53a6cdea3b5598e671a9f3a55f105f84024354e077e64149396a39bfd6bef66481feee8a2fd976968de5b641bd5f821891d90c77400c300ea9c9601a9d5249887d10bd6a1f6217aac406c525b59ff868ecb309e96ff4fbb371d15482d352de200180580f2c484665d2536506bd8dddf863a0f647350b108dfbe19e5e92f059c7740fc0bb19e49b6c0e4272d53d704009f502dca9c70074d5754db9bff91f1cabb153909ab424cd115727467b850c08255034a1941579cd7c228d1533419da885b0564185982a03f84aa966f0d22276e3bc5637353c7408bc17c3bf05b277d4f82b2f40a50e5416f4d3ffd28c3ac328cd2da875e18e2d29996622b42ead5711332be1f0676d95ca2f942f0736bc42708fae8be94603899a83d3f933ed30458a849fa0ad98bf159d2283434dfef16ba75928139615cdb2a0dbb2fd396e4a4fb69b163c63d419610e8319b50e5a5c40481caf8c21b72e209b647d7ffa4045f3f1a355be99bcd34ccc5ab2900aafbd496a55f39c03721b66728cf180f33735a254ea2aa76d1665f6385a906ac2c1f768ed02fb484cbcdd68e0d4e248297e6c7420614c1b221aaa716bb8c4740971588dbda2941685c87060ee53deff11a27292af767a1adcd29324b84e268cac5e497a851a5334eb87ba60e1658b7f6549e746d70eabb1f76938ab08716a597e7fd3e99c66f9cf13f7a8c90e732fb3306d6eb3ebd4d30aea7c2bf9952911ec42cd6dd10807222e3643628974da9f45c0508da481fdeb5ba0cb4007b270ccff500fe24609806c188c78f8ee042ed8ab11a8783f0b13633f420c089f8661cc7f6fc2d35ddf65f52d57a90ba199526b2060f8dc64ac9bc27c775d0cc7070c0e70245a51a578f3e6a99f10a2159506c4eb50e06eb4adec54e226334b91fdff72a8c1b096b8bae6c3371fae239504e124f1855f1340f06a12b9b36c1ef512a5dba86dde1e65dc0c155605920fa524dc8a19f7dcc337aebe22ed25b211b7c5c0a64305cf30508b1316706111dda4b1b42fc4ea3e4fa341fa2913ef056c55cdefa7fe55a2b92850cc10875abf6aad807ebf2418789eef944eb98969c81b75db669b752eb67a76d83c09749efff6f876b7b6271f836a1656b95d63b3ce6e6682bf830536927303883d542290dc3f49c3c9338b040287b63e35afadbe9acc0ee3d72eaa384c6ba10c38bcd921d13a3238ed8481ae1d19e5910b46e595c43fd5d02d8273561d3b4cf45b27abc37be7a64bdb05415e549fdc2a179494425e264037184a12e9414c160dd6ffebf8f4e5eb6caffdab170cff4d53d022270b380f31191e97324be1a05c5d9ff73470e28dba5a9024d5e9b3d20f0832cbaf13d9dedb00d66d94c8b4252e8da25b265f40188344b740997b3b72853ab6ba8487c60816ff421ef186e1a73ca63d4276d0cd6d4d2ab037d07dc216d9899ce833a20530d56544f3c89571055b9129653f52da2809c8b965ad18a14929ec5256e5473123ae479c44628569fef030a9ed49eb6e2f4fcc0e3fe94e1dd94a1134ef4c8cc88748bb2d22b10bd7ec241c3804c3a46664db82128b5f18a6ff5776df42a6554dcbd05b4ad9c64e1cee22ecb33a7c29f74db4b06f7342c3e4c2bc4ae0b6c7760382991617da5650409aa95c9630210c3b4d2a6f10c35bbb6281572a701642f701936c4d392f6c6dea69deb249fe7ad017daa983853ef82a28464cf8201c6f927ca995c6680149303a594b02eedc6abfb5ee73e1c4c1bd753768d31ae2858159abd21583b65f024912f32c6bfeedda32aa5b0df82334a351992298a6b9f6f6e3efc27ff20558a4af9b27f3e69ff3eec5b1ab54b2f05deaa559a8b41ab4168af16391eeca6efd6b7c48f1d43c03c3b8f724d6d56376612ea1d50d40ea5abddd4e57c3fc3f730c958b0746291721bc4a0bf67608c77a513a29aac68173d6c26d8bc0dc3f411e87b916921dd8938053e1a54c4641881171f94ab93245db4a17ee4a975ecf733475a9d537e74afa9f0246a4b64c46624aa3de59d8f6d9de0c43efbcd84930019dbbfca727048d8fe64937133233cb59d1bbdd8a87d0faeaf82e933e10ecabd705f8951565753aa81fcbdfeb7923f470cca95f9dd016836396831ec9e6f6268c2bd6abffc14e76aa1acd7d753f963fc58061770e486047fd8e26f91242db752b8f558085f1f67f389ded66d870a91c0f17db415882aa2f26b14e06c7a48dab2b1f85269fca87355775da76cb0ae6d5a50b0878a6eecd2c8af7874b7eff3bd5188268e7104911b37d2dd18daabca4eeac76448a57a2e1d0c6ff545e4f3bccdc4dba42e6ab2f0658aad8151447b4caa4f9a7cba05a5fbc0a2bea659a13c9fb8ddecc74f76349aa63efc993025c7ae72addb31dc3c7ae81f97ee9eb8f0f2cff087384fbaeb646fc1311e2cfe85520b3cc438cfdd4a2a77e7b6cd28c9f85de028e1533980af979aabcae2475578b8bc49c1b4b47bc79d721c01a5ee742e36d123a0c4a23faa03879721994b78f59161065365087910e801978e6c05cc57f08abe379f4edcf6278271390fc08f610edeb5ffa6a877fa8cc3eee9f540d80e381056f8510600b7cb1cdad1e021c0ebcb6186e6fedddfa5e089ea217dcf734219e20698b050d518b991b382b78d1baf5da0d33f84d25b98132e1b86c7323b47c6d3b97f3051bf4257f96c76fb9ed1a10fa907eccaba5e73f54e4200cc1620677d9a29413f71248e84c34f90defa25dbfe99f5e043ffb16cc718995bdaca6e25a2076269eea48a8cb0ed7991a3b33f6858534c682c5bf24587dc76fe9d3505ba83160f5eacb461366bf8012fbc0b432ebcb1f8ba0872de3c42cbe8607c612c0efe95b38d090f51df361221b5f1da58bf930b47584af297cd29611587e5d837368a3471203f24c2fb9120ea85e30f86ff7b2d404b535d177573273120bbe8f4607fd98c364f2009de51e06e60e6b34f8f90676763c2e70fedb92343143a121e5f4b3dda49a4698dcbcac7e48bce55a6c74b7dde5e9ed7c1c9aebe018c75172e4fcd14f39c24ecdabab77b219565ad9fb24268a4bafce477377cfaebc79bec0b5be9da5bb9e51d144b2c78a3b96e7372e115dae479f1b70b936b579bef1943a215dfabfb8e06c260b5fde2406c28f3a509efe0e239de374a04bacde9d986f99823252618181c4ab6b545ed67247fee7980f72d65a9cb66ba17223caacfd605bc7fce659fe57147e902c6e8fad4f9ac86f3ad71439ebed53bdcb755aa1054badb5b7f93827fa7f5de0c2cea9233a4e45d8941b708a9f00c6efd6378d7a7bebd07d4efa41ea384e3fcbf001ef213781161bd2cb9ab30eacaf797407de2145f5ae18660c4082c06028103655054ec5fb307bfc041814f421d8a65cd525650919aada751f9b57d9d6bdde94c2fe7115cf4883d2e8304aa34ace7677e966516e63dabd7d2a960f5c0fdac325457dccbe96cc7d6cd70b15a87b4c304c516aa2188d1c58cc31c63a4cad6dfb5252eea437c34e30fc6a2eb7050625a83e40969179e643b7beda960128b8d79a1fe1744d57868aaa7cc3d02e2c26acebc0387fe233aa055e71b207ea51affe53eea61cd79ba0bd1bb19b455d3d532a4b01b5034d5af57d238fb0feb22434961ecba20e75dc3842333aebbfbaecbaa4b65d8a3e92f68ba9ee0af5115b56e6142daf574a893b2f1dbc496d86e172653203f7af87f6e74a4106052e036a4303c9a2da97223e3feb81a7481a82c531eaddfba748ad84ac486f981e44171c06405091b96a7e84960289a28c4a24518cab4e141107d50a2fa5154f806aab943da3e7b3947ed074bda35bd4c3f3a1d23dcc0eb6565a76c06ee07bc030497ba65c415709ddca9a278772f99010aa16b027c9c908e7336bb6f6aaa84b014ca3f106d3b1d01ff05aecec53e268dd482645d06f2c4f6ace9dee0c173c4947227e6e7ffe6a5fb34a7315ca6bd816bc20f9a606c168340967650e6cd6c11a16705325c9645e892926bcc6dc95461b219dd39b9599d4e1cba940a7e576bb75859c6d417f9825f91534fc8591de23b961e14fad11c1878650790347e997f719a3a26bddf5f0f65e72865dd691b0b97bdd1967ef5897c0941735382889eca038a181417c458fcaa0ca506be8d2f12104b48fcfb61dcc3027c947e5f96f667fd79dcd355c9fcb773f1600290c8b46c0e81a1a1eb940ec1d5cba73a016696bbbc1e10475623366dd440b5ba83bbc9e5b78c5495d70c734e8b4df032fa440324c6fafab01f087e4a75ecbe5a480853e2d7a333196473bd44929ba8542c84fc7105f9373578255aa335194e79b5c84d895a820533727eacc2fb6b11dec8ba2e6c3a547835a465474bcbb87f80c9dd1bb06bd854428592bef0c9dcabfb835ad1f4d04f6b89ffc536d33f4c33ff7982e6f20383855ca99672c84e53194163030963d956b68cba05d0f15752d6d509fe7a7b3a8b5e800a931203bf81476d4b7cc0ed4482cdccb8c23efb68c3726aa1560cb1fda24613c2e36e945282a08e362747bdf2cf9c6ea259d31fadf7f13d021298d23c94423aea7c1d1cf6eee9df61156cd4cc5161e8562bd0a8ff8f3ddb1df01ea1304db63c9a74c1061848db9df54842c377abcdc6563b118c6a11f5d87c6a6c9d5d9bad4fc8e9bd5f9b865a0f0d4259b8daee4dec5d4eb2387dea88bfaff6baa9bd4533446944f636089ab0aa8093c0098c5f19cf9946941d50c814b4473fe9c76d3505e3381101d7ca3eef2ae02477906070929352e2cddc02c8d24aba4898f882a4d1cfd6f6c7fbc9dc2602d03af6ab9685ab6c44a98d18c3730a5aae09b09acf9b5640fd262c5441edd937bbd75a8c2c919090dc90d90aa641fd13db04d132af6e600776125f8d1813578cd8f8b1c40a47791a2bcc75ce35b5c268e75409834410d4974fbe624b84b58835abab920a6c66cb001a498b83042f54c7487c20f492ade7e0ddef97e9ea62d2c053acca123b4861ddf0e3616b02bd5f8a2b146a531ec098b938230e14090e90557f72c26a072a7ef309c5a12150fb98fac7c1ae583a8c9029806c00980425149a2646b266b7cd8c99679fb2ca86ce4544665a897785e0e4f0cc1c951f6b40fb1ef85a54b0b267f524eba66b77c48899372344075f33a38a071710276077bb2d0ecfa6b9aef1b9ea49f52199fd150855ebdb1dc4413d9bb92deae16c7883d551c314cc75eaef47c0fab63461e80cb17e9304d797b66480e416239b91a2d7524d706ead09a1820ae85fccbcf58ed94c12d10fbfeac5478fa422b09e94b4214ef7356be0b7e2d9fa9d9ead10bfb9ae6b8a92242626cc85bae6c5a32c5d3b045b9c903419696587606aa0a31cdb00ad6ccd8416606eb7c4815c24c16f87c3fda34b85a162d26d12bb3f3b030b42ac0bfa3b92780844fefe5965696f26d298103adafa0024967ab9ac64f6455114f01731f0228a34e7f2b47e0a270e3895db035", &(0x7f00000002c0)="ca91e011343b74b2acda8ff315129777954e7a2546fa7ce0ea905f70e1e8796898cfce24d818fe745c958a55af06acd058a4076e4250e539eeb679287d5b2d67fab2750a0575b52647f0ecd40988999030e93d32ff52b091bb81c3c26fbec6eb78c780837c90f6b0f5ee300b65b814ae2fbe8cc4db758372ba9a54f1c7b878e304b9ab4c964f1a7779346798eb2536e253b1f6b6e22c16f70000000000007f1372dbd79c01c22d9baf6267df7427ef97556d751842fe74e0a12a165b9698fb2eaa9e6c764f2237631293928a19d42d5ed3aff62fa0243df5457234b164bfb1a7fa3a89862dc876f06fc3cd1bc0cff7e29e1a1fdc1b698ea3bbefedccb52a183afda56f2a7195f6837e5376eedbb105356615cca6f8a8103b7f1084470be75f341b5ee60dd1a1920f912ad318548276ef98e6a0e3ba781f367cf463b251a16bf773fd0c4c00"/335}}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r1, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x1) (async)
write$UHID_DESTROY(r1, &(0x7f0000000080), 0x4) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], 0x0}, 0x90) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) (async)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x400145042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r4, 0x0) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (rerun: 64)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) (async)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) (async)
mremap(&(0x7f00008dc000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f0000015000/0x400000)=nil) (async)
close(0xffffffffffffffff) (async, rerun: 64)
socket$inet6_udp(0xa, 0x2, 0x0) (async, rerun: 64)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r6, 0x9) (async)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r7, 0x28, 0x0, &(0x7f0000001680)=""/59, &(0x7f0000000000)=0x3b) (async)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r8, 0x4b72, &(0x7f0000000040))

5.027345573s ago: executing program 4 (id=379):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000016c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x8, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote, {[@timestamp={0x44, 0xc, 0xc, 0x0, 0x0, [0x0, 0x0]}]}}, @echo}}}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb}, 0xc)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000004c0)=0xe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000280)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}}, 0x0, 0x0, 0x44, 0x0, "e541bd3d3aa6a2d875e9671e8abcb31c134f3a9db8f52e1f54fe6e079f35ac63186c7244fc3b3801e79b8e5545b90f2dbec29f15cec2fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db"}, 0xd8)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x11, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "d285b6853bc4dc54c6910c1d66f8841a"}, @sack={0x5, 0xa, [0x0, 0x0]}, @md5sig={0x13, 0x12, "adf059fd789278e2fb03dc15d356998a"}]}}}}}}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x0)
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}], 0x0)

4.967005009s ago: executing program 0 (id=297):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000ac0)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x20000a00, 0x0, 0x0, 0x20000a30, 0x20000a60], 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB]}, 0x78)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

4.77937253s ago: executing program 3 (id=380):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./bus\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x40046207, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000000)={0xc, 0x0, &(0x7f00000003c0)=[@increfs, @enter_looper], 0x0, 0x0, 0x0})
dup3(r4, r3, 0x0)
r5 = syz_io_uring_setup(0x24b9, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x353, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)="f1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000580)={0x10, 0x0, &(0x7f0000000700)=[@request_death={0x400c630e, 0x0, 0xffffff7f00000000}], 0x0, 0x1000000000000, 0x0})
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
creat(&(0x7f0000000100)='./bus\x00', 0x0)

4.766915278s ago: executing program 2 (id=294):
symlink(&(0x7f0000000300)='./file0\x00', 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000000c0))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x0, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$vim2m(&(0x7f0000000140), 0x10001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000001600)={0x1, @win={{0x3, 0x0, 0x2, 0x21}, 0x7, 0x8, 0x0, 0x0, &(0x7f0000001540)="e8865f3ada67ab60994d5df139b659", 0x5}})
read$msr(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r8 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r8, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0xf4c, '\x00', @p_u16=&(0x7f00000000c0)}})
sendmsg$TIPC_CMD_GET_NETID(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001180)={0x1c, 0x0, 0x1}, 0x1c}}, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
lgetxattr(&(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40)=@known='system.posix_acl_access\x00', 0x0, 0x0)

4.296486368s ago: executing program 1 (id=381):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008009776b70400000000000085000000330000001811"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=r2, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff05002400000000010500240001000000060027"], 0x58}}, 0x0)

3.661710013s ago: executing program 1 (id=382):
r0 = socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x400000c, 0x30, r0, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r1 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r1, &(0x7f0000008400), 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x3, 0x0, 0x0, 0x0, 0xfffffffe})
r2 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000000280), 0xc)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, &(0x7f0000000140)=0xf24, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
creat(0x0, 0x0)
fchdir(0xffffffffffffffff)
mount(0x0, &(0x7f0000001580)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10)
ptrace$pokeuser(0x6, r1, 0x3, 0x7)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x383, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000300)={0x4b02, 0x2}, 0x10, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r5 = syz_open_dev$midi(&(0x7f0000000240), 0x5, 0x501000)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r5, 0xc0305710, &(0x7f00000002c0)={0x1, 0x4, 0x4, 0x1, 0x4})

3.547612171s ago: executing program 0 (id=383):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x11, @broadcast, 0x0, 0x0, 'none\x00'}, 0x2c)

3.543625586s ago: executing program 3 (id=384):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa}, 0x48)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4}, &(0x7f00000000c0)=0x20)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@local, 0x0, 0x33}, @in=@dev, {0x6}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x4c, 0x14, {{'sm3\x00'}}}]}, 0x13c}}, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, r5)
recvmmsg(r5, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x1000, &(0x7f0000000e00)={0x0, 0x70}, 0x20)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0xe, 0x4, 0x4, 0x36e}, 0x48)

3.539133967s ago: executing program 4 (id=385):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
recvfrom(r1, &(0x7f00000001c0)=""/45, 0x2d, 0x40000140, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_GET_REPORT_REPLY(r3, &(0x7f00000000c0)={0xa, {0x0, 0x3, 0x11}}, 0xa)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff", 0x1f}], 0x1}, 0x0)
getsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000200), &(0x7f0000000940)=0x4)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000002c0)=ANY=[@ANYBLOB="50040000f30304002cbd7000fbdbdf2506000000010000000000000000020000010000000100000008000000f9ffffff01000000010000000d7d000003000000050000000700000007000000030000000b00000007000000030000000000000008000000020000000400000000000000e0070000000001000300000000080000ffffff7fac0c0000000000000800000038100000ff010000fcffffff06000000a4df00f000000000090000000000008002000000050000000c000000050000000101000001000000060000000c00000062000000f20900001000000000000000050000000e0000000200000000000000080000000100000002000000020000000400000044810000090000003903000000000000000000000500000007000000050000000100000000000000e20d000007000000000000000600000003000000070000008f000000f6ffffffb8090000040000005300000002000000090000000200000001000080b4040000adbd00000002000000000000000000000000000000800000e4ac000094d500000800000005000000000000000c000000ff7f00000700000004000000020000000700000009000000060000000200000004000000ff7f000000000000070000000500000002000000060000000000000001000000870700000300000003000000ff0f0000050000000700000000003000000200000700000002000000feff00000000000072af000009000000d90e000009000000fffeffff03000000010000000000000004000000f7ffffff000000000500000000000000faffffff0104000000000000320d0000c80c0000010000000900000007000000030000000b000000b901000003000000020000007f0000000800000006000000010000000300000001000000c802000004000000fd1500000500000008000000c704000005000000b100000003000000ca0000000004000007000000cc000000000000000000000000000000080000000100000026946f3e06000000010000000b0400004d9500009a000000010400001affffff050000000500000034e1000005000000fe960000010100007700000006000000ca0300000a00000008000000f10f0000ff7f00000200000002000000060000000400000002000000ffffff7f0000000040000000b4300000070000000100000001000000fdffffff0f0000002e0e00003b0600006f0000001d0d00000900000005000000010000000000000009000000000000000400000003000000f9ffffff01000000090000000400000017510000010000000d81745e0010000001ffffff05000000090000000101000080ffffff0002000000000000060000000500000009000000090000005000000001000000050000000400000000000000050000000100000009000000f6000000fcffffffdc0000000000000080000000faffffff050000002e000000217d002f6465762f756869640040"], 0x450}}, 0x4000041)
sendmsg$kcm(r2, 0x0, 0x25000000)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, 0x0)
r4 = dup(0xffffffffffffffff)
ioctl$VIDIOC_QUERYBUF_DMABUF(r4, 0xc0585609, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB='\b\x00\x00\x00'], 0x4)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001500)={0x30, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x30}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

2.404217693s ago: executing program 3 (id=386):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x10f, 0x32, 0x0, 0xff34)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000080), 0x10)
connect$can_j1939(r1, &(0x7f0000000000), 0x18)
socket$packet(0x11, 0x3, 0x300)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)=@generic={0x0}, 0x18)
socket$phonet_pipe(0x23, 0x5, 0x2)
r2 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xfffffffffffffed2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b03d25a806c8c6f94f90624fc601000127a0a000600093582c137153e37080c188001ac0f000300", 0x33fe0}], 0x1}, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
r3 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet(0x2, 0x0, 0x0)
ftruncate(r3, 0x2008002)
read$FUSE(r3, &(0x7f0000000700)={0x2020}, 0xfffffdef)
recvmsg$kcm(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)

2.313597092s ago: executing program 4 (id=387):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
readv(r1, &(0x7f0000000480)=[{&(0x7f0000000200)=""/216, 0xd8}], 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
flistxattr(r4, 0x0, 0xdeff)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r1, 0x4144, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000980)='/proc/bus/input/handlers\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x54}, {0x6}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x71, 0x71, 0x5, [@int={0xd, 0x0, 0x0, 0x1, 0x0, 0x68, 0x0, 0x39}, @union={0x0, 0x5, 0x0, 0x5, 0x0, 0x7, [{0x2, 0x0, 0x8}, {0x6, 0x4, 0xffff0000}, {0xe, 0x0, 0x4}, {0x9, 0x0, 0x9}, {0xc, 0x1, 0x8}]}, @datasec={0x10, 0x0, 0x0, 0xf, 0x1, [], "a5"}, @restrict={0x0, 0x0, 0x0, 0xb, 0x5}]}, {0x0, [0x2e, 0x5f, 0x5f]}}, &(0x7f0000000140)=""/78, 0x91, 0x4e, 0x1, 0x10001}, 0x20)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x100580)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = dup(r8)
ioctl$KVM_REGISTER_COALESCED_MMIO(r9, 0x4010ae67, &(0x7f0000000280)={0xf000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f00000001c0))
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r8, 0x4010ae68, &(0x7f0000000040))
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r6, 0xc0305302, &(0x7f0000000200)={0x80000000, 0x9, 0x80000001, 0xfff, 0x10000, 0x2})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="181100000000000078f813e1ffde97542fa22eaa535e000000000000002020207b1af8ff00000000bfa100000000000007010000f861b4c92d02000800000000b7030000c55c00000000680000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r10}, 0x10)
times(0x0)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r11, 0x4b49, &(0x7f0000000780)={0x0, "033eed6e42faff815f993fd0e9dd486dfb0738b00d97eddf79b5ee5f7363bac424a2b131e83f05ec4334c91999e9f4f560b48dc25552a177b1d80d7db59f2f0126ceb914b840846596aae8da5590013ab5b4b962725fbc348ab654719dfd487f5c3f55a331645638f39424392979339de815e87c3cd49d6133ec8fb4448de4184c03b4a95fa7cb8ed05f3d9aa144fb061789def56783bebfc614fe84084939ae6f52435d74d9bbedc65b9cc6e831b0d486dba7267233947e1277a949a7e5938fb5655e6b54243e26a1cf0b97edbe52c0b95967ace9fe91f29cd76a5a5fe5d85c4bfee5aeb73ffdd2a21f9e933330529884de6182649fb72c54abc89271a08741f222edbef7bed6088465daccbe048a23c8e6114280657430345a71ab8b18b67c869f227c35d1e9a37c4401be2edd1b81486d4139d8b0ae22f71ead0a3cf74ecb5aca2298f43b9ceb7539b232a5093dfd0c884fc1733183d920cd46fbdc3debfc81b4e936092d74241b58342f4a554b23ec215a0804306734e232450a2bc6d10d6643865cece618a5e01baf06857d526f71fceff930046ce8f1e0195bed7022ab48bde3c7e40872a74d0b1b5b390a2db5c88c26f8f083b2d55d88fd057f9817e194333e8b287aafe6c07af322e533811b33758bba6e582b0a8216a457de4f4b97b59bb3c76e1a81875b5d0ffd39b1b61c2c249927f1d0b6162ef93b80bbfa2416"})

2.256779329s ago: executing program 0 (id=388):
socket$alg(0x26, 0x5, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0x1, &(0x7f0000000080)=[{0x800, 0xe8, 0x7, 0xffff}]})
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r0 = syz_open_dev$video(&(0x7f0000003200), 0x7, 0x40000)
ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f40000000000000003e0000000001000200"})
r2 = syz_open_pts(r1, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x10004)
dup3(r2, r3, 0x0)
madvise(&(0x7f0000ff6000/0x7000)=nil, 0x7000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r7, &(0x7f0000000180)='blkio.bfq.idle_time\x00', 0x0, 0x0)
listen(0xffffffffffffffff, 0xfff)
syz_emit_ethernet(0x32, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffffffffffffff0008004338e90832ab11795cfb5a7ff4ff5d22e62041ac3b2c08000524c8bb3db1c3b5c197f3"], 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'bond0\x00'})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\f\x00\x00\x00\x00\x00\x00\x00Q', @ANYRES32=0x0, @ANYBLOB="0000000000000000d400128029000100766c616e00000000c40002800c000200000000001100000004000380580003800900010000000000000000000c00010000000000000000000c00010000000000000000000c00010000000000000000000c00010000000000000000000c00010040000000000000000c0001000000000000000000580004800c00010000000000050000000c00010004000000000000000c00010000000000000000000c00010000000000ff7f00000c00010000000000000000200c00010000000000000000000c00010000000000000000001400350064765ce7000000000000000000000000080003006fa8024e893367a3527b70d94dc32c9f22", @ANYRES32=0x0, @ANYBLOB], 0x110}}, 0x0)

2.250771906s ago: executing program 1 (id=389):
r0 = eventfd(0x0)
close(r0) (async)
socket$packet(0x11, 0x2, 0x300) (async)
ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000700)) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) (async)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000740)={0x101, 0x0, 0x3, 0x0, 0x1}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0xb, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xffe4}}, @TCA_SKBEDIT_PTYPE={0x6, 0x4}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x60}}}}]}]}, 0x70}}, 0x0)
ioctl$SIOCRSSCAUSE(0xffffffffffffffff, 0x89e1, &(0x7f0000000000)=0x1000)
ioctl$sock_netdev_private(r1, 0x89f7, &(0x7f0000000680))
r3 = syz_open_dev$vim2m(&(0x7f0000000300), 0x2, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f00000008c0)={0x13, 0x1, 0x0, "0e6a605103787fa03e08fd65b728aec1b20a1ca8de67a818b1c85f5a22f39ca6"}) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001000)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fallocate(r4, 0x0, 0x0, 0xc8ab)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r6 = openat$ttynull(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCGWINSZ(r6, 0x5413, &(0x7f0000000280)) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x1c}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0xe, &(0x7f0000003fc0)=ANY=[@ANYBLOB="b70200000f0e1d07bfa300000000000024020000fffeff7f7a03f0fff8ffffff79a4f0ff00000000b7060000d0b68af1de640300000000007502faff07cd10020404000003007d60b70700000d1000006a0a00fe000000188500000008000000b70000000604002995000000000000001da5ad3548ebb63d18db6a1c72821c9b767ac8328fbcd5c5e4a5ad1059b5725ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1aa503b8de7ab9a780001000000000000d4bf20c2bd152d814f01f2cd539e030b0000000000007f4133b08e6e497640000000aea5cac0ceafdb9a2eeb02a1f5104d16ddb64963d84d91004cd5817e0b7f005e6ee7a39e2f0b5a18ed786b783ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a62d79b4c03e53466fa4f22d8c19f958e8b34de3535e7dacf1b13f7e875d1843c2288e7ff949a7a48ce18799ee53de177a81ea67a8f84538a9a311c754e5ab59a43f56d2085786e7ec07d78917f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d34a442bc098f4fcc96623b7c373b0ef04d55b846b094b0d6c7a75a76d445e0dcdf72c7ef97e08200000007b6e09a6a7caffff0000141f65e7d9ebe3be70c4364333af9a9d91c3e41ac37a63f85ad8254479c12f7c84fa5df32b70a80cce69cf30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48eb19767e00b75041739952fe87fde27ce0172f497e251f5b102893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7686bc2e1b45577c205c70631e8ad585951950e851250540593e61860b69a521f4e210b6494e3ab2d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7f58bde38b44ab13d980c894e00009338923789a1edcd8043fe83919088383268324a25df14010c8ea79c0d93ca77fd6c7ee30ea3aad2c6d6b8c97c00eaa00ff9bc46e1cfecbdc0e4ffac53e8f76c8b556306b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404a0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37d2fe7a60b903d2d9fe9c151c2fcc8dc389671c2d08b6e2641500568445b00cee4585af04fa69e0380be0d66649dcf3bf8a9066e5961197332c5c9da52b573109ea8b308ff070000aab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628ebe757bae30b356521df06f995cb57f97052fc4158250ccecfb47ea8faf509593fadc76e5d3c6840ad05a57af1ede94d87590ce90a0a7579766f847ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6c9eb0dcca5303eed6689ea910900785f61278dde47e6672e93a314a5f60e7b682bf0cacde21f6090f4fb311afd7f8b48f3f0d8c66449d8687dcf2d0f76668b2b9bf8b32b518e01ffb985f8054d37959c529e99b7daf32acfed749d516d014cef5f98126324e202badc1e5c20d69e576a770000000000005addc0103756b894418e4591c624a9b2ccabbfb85ad413d923b0c901973cd7c9d197d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe84f483b15f45b9a1d3af087047c568aef1d8659c6146a793026ebfc0bb5ec10b6290dc757a4903a88fb2c035f9349b6d2f0c051b8b775152786118a1020000fc19928ccb713ff09e179c308fbe9bc543dcf43f731074d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad10e5e9d26631c2f1db3a2882f6e130a79517a88de7596429a20793e12616aa32b3e720c6521fbe933321adde8ca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9605a504bca38627df469cebb7db08358e1e5ab17eea477b1754f78f45468c9568471647f8bc03d11811ac6eec1741ceb39a3ecd043c325fcabbab3d12f6a759f7ce11dafa387a8077db8a2230d2014a57bc8dd47741270000008000000000b2eebd5e1626cab98499328ff024a240199993433ceb5be20427a32df7047d63010dfc6a461517ad48ff64042e84c85c899fd11c6320a8d8fc0e78c15a5a4dd567f91dd943f6c2b32d094a461a990000000000000000000000000000000000000000000200000000000000000000b385c644a4a170e6dc9e9e546bfa049d025b319abd87fd85481743db5d6c2cb6a204d4d888dd4140c8edb598a36e21ad132bf6b88c99c5a5ed047d6589c10a5f6633b01813fc5cd7d048469a966bbfb300fd772cbadf2cf26899bfd15e7d9408026a92f13f11d1c9832259b2f97227f84a3bb96253717a1f7ac091d0f4632f638b09a0307ff31729857f9e6fe9f19e481a3f77cead663f42456e080952636515c758f1047b2148944133a492ef20a1778088c42094903d6ece2497b99fc745c420b035ff7961484a0f62a2d957ae2e47ff1ea8a059f2d03bf9c3e8d2b16ab409de762522f6008de48bb70b698c5c9867437ac3127fad4bd699acaad78a5f66c7fc7d46e048082a0af61e6b052e473ed26b0309080ea10e985703b292c7336112b1f35c3b069363869dce725d8da75dcec76dcfa0c052feecee18c64c4600a0bc3d4945d4b918865bb7a8a726a500689cbd9a84d07846417796f2a85e7a41d27d64b10f8e970469cf495b4a1b4ea8b5322f78e9f3048351b550c59a634b47981420081ea4da18b9d318fa001ce660b28bbcf3c1a8893d130b26d25e491f478ae4f95f71ea8897b32858f78d6e25537b959b69a04c5507008b8453f08a5ae1b3b4d8c83053c57637a98ef57e5fa51971eba5e287e9d10cba734336703def181022cb9f1e62079c48c13fe1659b157e5d9de7bfb929e715ed1a9a505a04a8d8474482295afbb9de90de2e918522cac2d5b5ac09d1fdc4147d6393a684ad7234ecb65d0008000000000000560ad146e8b9e9cd9b050edb1f6735c90a76b1ba4dbdee34d0b6750f25ba7251944ada7766c301c65e56351d009a568c782f4438ecba9bee47f25286300e83bd1853076ad52eac84029335b86e7f21e39a1af3d070abef94bc0827db0046dcb7d63bf64bf801c836a40b0100d0961533737c57e9b7337b981a99f63f600f90647703f0640f6594dd9f26436024a1f90f174769bad5a283271e6d7f49dec90a05bd771dd0502dc2170ccf98ade27e858eb5686ac900000000ae1bc4246ae316c6af10bf02088b4bb2ac89c96e58578dc50eddbf01ece3cb8a363ecbeb8198997115d7151f691a2a755d8233e006dd38ed5ba350bd6aad3bf6f5108083f0100f8a20be455d16134d65ce69c4b906b76427224b69750b779d81eb6e37e1db62b1788ff918433787f8026ef5c518113d48419a14a2bd8d4afff527513a2efc8403be48e494b3de33b1deefd9d902e8dc868f30161c2cd13b21b0a20362181186ff8cf4c8d58d74822f92554287ee157e9f1597c3e2e238f382a91bf48b4de88363c841bd7a8cddae3344295bd3d434d9ecf74634ffc9539010f0d36e672b9d668cc6762c0b25e4a22afb4d184ba84498b1367e4b31faf75f1b3dcecfd80c57015d8cd16171507add30833865fc1a42780e9d57bb14a6ebea4018d26e18747546fc7a4a619753fd9ba9c18e746aa9ea132058eb90f9b80549473eea2fb9bc43d38d8719a1cca094bd933ceef87a3ec0c2ac70d5f843425100950000009e000000000008000018779600e4283095c203b1f2ae5ed34f5b7e77278f7ded9f030000002e050000009f95a59418f612dfa87c654043da1a59c3c43c7884ab65d4b34984afe30c67179c4f5a3ba0e491f2b942b754a3c0d5b878c4ad63591c3fc7d3a4d4296d4bab0a88e55ff9c2536654bb2f83e8015fac216119e8ce582698938c9a331a974087b71f07e50300f7ff00d03bf057b408c86a1165bd9a1bdbf3dff88c9b2173a75d5fc82dce6d8a3f297231e33588d7cf183109c1118d94a41d48f8efcf193ff2699a76973f3f1ec1cff64a1b912ededeb080f9a241e07709e6dd6a3a7e18200c9e80b9634e6f0c4d000000000000000000000000000000005e50e77d04fcf8931ad07b38a39957e6b3a3c909000000e9d694e483e848fe0d00ee7c7d6cc30932a9575aa8808d10a4963560250bb4e60e88c726f63662cb143daf4b9ebd0774998a59fbb42dc35f12452cca456a12b7d15cf3ce7ea350e9510e96527cde622998e83e65b235c284542d48052eb15e6600733ca32436f9e705dff00f08df1115175628a327876dea291480c2dde8a59d1856eed2b502965038af0d56e49e0e2e9cb0e25104805f386d460e212c27ac7bafe6a0078f8648ff9f1e0257338ae58457fb27b29430cc9ac6a33ea11b88ae8bc95dffa293aa69d6d47f89b28a25a7ec2fce6691549990f93d1f02e1b619813699303b6b1260d5537e85315551adabe00c98282795dc5547aab3dcbd82a06e7f00c8160af19f1fc456b5fc4f099814631024b734c0cd8843c5cb124a21092e6cdd8aa2f4d3f93e92c6d850898890d9449e3f499af92be74ba8ba7928feabbd99d6288dece7513c50b973bab87214415078857d18032ab5adb8d4bf32405cc5f63eba7e60bcd0098fd7957943b3c4cf13de4e049e06ad7ebc236d1088c99d35f40555364ff86cab4542261999bccd3269e51d10900a1c05696b47ff33a159abce6bb1d69193bd01f59f1d3f431b4e0868db623cb8375baa50785b8fcd37ce4c52abe43c1e3368735022e7cc7a9b397b494d0183cbd8dae2ba19b32adc91444f519ad33f7f2680e3cf7ecd3cfc67816eb66b1faa78dd8e3f7e233b6048c53813e6b508dfc713583d8ef8f9cfff5cdae59aa7aca654b1740c90eb75ca000000000000000000000000000000000000000000faa13c07b5f590ee4c8bfbd828e912b150dde95dafe80ee043a107bde9c0bb87155691d640fd000000e4a2d2aa0607b026f78417471e6ea0d10000309b29d0dae2d2c9c730ac21040000000000000009775f86a9e6d5b6c7b3c5d10177a873edb630fdf9b1e11005a1ce41d04a2ad3f5d25a1595e7609849033d2e86ac682f2f0cde376f50a88a3ab5e83f56e43a07641b82c077fa1479b79e85c71a9c00000000000000078ce7c4ab383dac0325fa7f4ffb201c479265ff572dd061679c0000000000000f4f6b4ef8eb757ac80dc44711ae17816e32e38d7c894ab51238b2d7051ee26121404c0ade6faea7e72449cf38be7173b066f3a7835a31f1516c4cb1fda57ec8c19bc2800e246c1b64cf278c7afb3c9a5e346bdb259ac6788eefd5086e45554c8e2bdde8a3ac990dd929277a6af1876940c7c012f4b7d3d7aa68f2f07d83e925b326b05f130000000000000000000000000000000003572023092306e73a16f4b362f725b22b32be04e53a2219e3b08d75537c158ea4c4821d17d3b844dbe87408c34bb0f26ba43bd4530000769d45b93b8f2b6c194afc197f77bfb136dfd38c265479bd4f74b9d0b5c2f37eaacb2894370ab02abe06b823a2753ca82ea8888f2a5063212212772dcc541de26c97c1312fc247b56a9cd3e05bcb8bc93363edfa05f9c76e94190f917c3af6884c8742371f25eb0000000000000000000000004ae9afd11c62a57a29a163acc55ca9fe6da9ce6d59bdd87adec5ba4052a5edcd9999720e8b2a08b69f79f78c78b9f720bcf6a2ab411d420db8231780cdf52d44985768353ce1bc587700adf3a307ff11be0ca772f1bcc565070ef9345c2d55f0506d9059fff65ca75c9809c8e5e423f6f210a195e9b59a08c43dab5b025b1dc33cfdafe62aa8f13c38341267a920fc0be4e61fe9d8bed61524ad62896e3dfba3091cf028cdb3fabb530f1d0d4bdf391c5dda4b8b248ea58cb56aed4d968d506a108626e2423c506cc11bc2ec9de3b793fec489d08085e8c582cf6fc06c20eb57f7a1ba7315c67bd0e50f529a01211f8add5f28fd65fcd373982ae902e67966990cf34be5ed5dcf39b9e44fb0165fa40fcc5643678bab244a3a76f43dd267db562efe5156b85f6e909066b8f37b81b756eeeeee4598195e70d74bd1e221c5e0cf111b816f8bd5c2ac451fabd160815b9e81b9c4abffef4b12d82e401a0cce36fbfedaec4ab6a89e128ef71e63f2239792338e87e4c7d571d6e4bc165ea1d476531b4ddfbb698101e8563f7c25b4d527240dafb074437aa96f66e293df5e132fa95aa09c08ee57f089afc0522b438480aa3dc9f41330dcd3b25703feb85777de8fd5ac57464a31ae5924745f797a0c852ddf67e01dd5736b4826e16f885afb91b6a7f226e0d0aaabd0c01a8262cb35e501ddb3c191797560c91717a2215012da9e717ec8d65887138e3bc3886e5b6f3058e58fb4320338d6413ce94012c293e0042a2f5dd86b78d05efd9e44bbbccfae8b9361072af38c1aa3c030196d72d01a160a19c0060900e8bb2f3613a7ddacf2b878aa6b2952556d79bd183ae195e14d32ffd398ae01dbd20b034da17f5a78ceb03a16e39181a07b14e54f4e2061049569046877b9f5478106f6ac76e56213ec2e85a4dcd5960ad486e7c05a21e52e5c688c1f315169452b1b6a795dd837867899c64a04ec08a4b2d5455d93f6d5baf14ffced8576bfde19de2903835607505b4af824a0a69aee28fe65683dc83c19f6d253a5824442530c85d354c05c8b95030e629fb817697f746b9dd02fb40edf4f9886a758e0741ca2711e425f2f5be70a7fa600718fa7af2eb416a2b774f5d36f5632d791e0ba01f58f2165e6d5e564aef11dbc558170cf47c5934d41f558b02dc04d3ae4aee08aa5ad7d1e5ad92cdb90db79e73524d97ca3ce0828513c74fb0a1543eba7d17d37cc1f1f2d937bfd5fafeb23f691b326554b92d8b97e76e2cbbcb858a16287c2090727334096e574b6bb937ec9f048e041f178e8d3a3543c6862fc8b63f968501fabd17cbc81db1ad47d37d3fe02190fde2af3ac5c9a2d64ec4db0c8b211dbdf4d7b7c01248de7269c0b8d4c374d9fecb9fdff846c4e57d7d976c3f571474e4f65a87954e31e67c8cf6ac7823451b448ec90ca0b36405f6d2eef4055b5d2f4dad1aa89216f6d89bd43c4de92d8f61781a9349626fb65952dfa3c68aada76c3105d65bde2bddb981f753407c7696b767aeb3707606d0d9930b79f449557d6c3088c740f2a08c68b67f8dbbf93da08544ca26db1b58baae17c091f9bc28042630d76248e4d9d326ee62fd6e5d9bedee38b0e8da3cff3ba22e92e800b28c26901cd1a32b7aae2d762e776d66f08d78666364a2fc154fadfd105b28495e8702400a53f5191908b98a4d109a9d44107369cdf864fa8be46f52d88b01bcd795025a90669e55fc634692e554fe3a73ae6db0a5aa706c83061ba3b99aa992947346327a2521d3d4294115d9c4b44f949ae465d5aa24e3911520658e542e85023552e91dd39d98065dabfec69691c868bfc45f5830de8089ae1074b6ff56b7dd8e9029b7e5ab8e500b970cb391b14302315f99ab3bc102fbcc8d911c931c662c2a53c7a7bce275bb76b4096ee6d21acb49b088c7b7e05f70e6ed4cade99d907717b43b958390caec36fdb71fb1a5f374e86d3181ae12d12ff6a279e2047d26803cf7b1684c561ee8ff8250230e5de4171803ec2f03615f231d51f8a005a1487fb51b657a7b7f352adbd86fe56bd9bd02063b2bad542ca2ca3b61b8946abb3012c87cfa11e6df516ae4f29577dfda12068197eafdf0e343738778335ea5491cdcd7fe699a075425c9a35a731d63c2f7d3260ca187e2959223dc1a70f55ce9d02ff56e0410e3bf5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000020000000000000c02000000000100000200000d000000000900000000000000000000000400000000005f001d19a402728a3548fd6d3d9bf379ca3592e935b0cd140ec1e16faa207e04f5d1762b168e19179fef49e2d1292b964bb19b3985775a5dfe"], 0x0, 0x44}, 0x20)
sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600034000000000060005"], 0xe4}}, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) (async)
recvfrom$l2tp(r1, &(0x7f0000000580)=""/126, 0x7e, 0x20100, &(0x7f0000000400)={0x2, 0x0, @private}, 0x10) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000280)="6e2e80cf70f09b40739bafdab1d4b1e0b0f143efd7ebd10cc3071b4e5588b020b2acc5f9aaf14921f8280ae12e4cf6cddbed04fc25dfd1ac291ce3e246e1dd042c220fa8c7fe56d50a9b0622b7f55aaeac3b0db60650667ec5f6faeda2a142d3fd1637425d3025b150cc253d3b21912a91e728cb2ab800a20cc5d3187a5f52bcf565d2bb935ca0e4dcd050dd12cdb3d21801ba1ac509afe77bfb984f3dfc929da4e1d3f6d7197856036d6aa22c7c7642", &(0x7f00000000c0)=""/164}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000080)={'wg1\x00', <r10=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r8, @ANYBLOB="0100000000000000000001000000ac000880a800008080000980040000801c000080060001000200000008000200ac1414aa05000300000000001c000080060001000200000008000200e00000010500030003000000400000800600010002000000080002000a0101000500030000000000060001000a00000014000200fc000000000000000000000000000000050003000200000024000100000000000000000000000000000000000000000000000000000000000000000008000100", @ANYRES32=r10, @ANYBLOB="0800050000000000"], 0xd0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

9.733215ms ago: executing program 0 (id=390):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2, 0x25, 0x2}, 0x40)
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

0s ago: executing program 3 (id=391):
openat$random(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffecc, &(0x7f0000000200)=0x101)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2b22c0, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x10, r4, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x0, 0x0)
r6 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
pipe2$watch_queue(&(0x7f00000002c0)={<r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0)
add_key$user(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x3}, &(0x7f0000000280)="db8481df221363a222d850d2210f2313ce3c19c4c60290d27f0f4cf370f23ba6e7a1f1247b25ea9318f178d1ee2c37cadcb85bd464afe411dda364746c1181d43447dc2ef3520198e9fd91fcb98f136be22c20f8eaf6b0a6f9d274a3dc8b0e7435bef7383d41c50ac1a8bb6b12ff729e1bc87919ad86949133cd23ef8cf7fa8bafd7c85326268610088aee50eb89272778e31ab0e95552fe6d4969b8b20de9fcaa63e1d810929838f53569e10555e73412440daec6cb3bc22dcf6d9942bf07bf6cbaf7e12d49f3e8ed2576", 0xcb, r6)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

kernel console output (not intermixed with test programs):

 0
[   91.782419][ T5094] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.796356][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.811736][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.822594][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.827081][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.840671][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.852741][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.862863][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.880710][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.880739][   T56] Bluetooth: hci0: command tx timeout
[   91.890615][ T5108] Bluetooth: hci3: command tx timeout
[   91.890697][ T5106] Bluetooth: hci1: command tx timeout
[   91.901406][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.932443][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.944688][ T5106] Bluetooth: hci2: command tx timeout
[   91.972792][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.982725][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.999590][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.013624][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.025732][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.036673][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.049452][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.063223][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.078084][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.092385][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.109154][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.120839][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.131487][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.143388][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.158538][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.206057][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.222431][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.232548][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.254407][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.273821][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.290808][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.309652][ T5095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.321868][ T5095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.341460][ T5095] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.390237][ T5095] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.407239][ T5095] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.416454][ T5095] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.426403][ T5095] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.440964][ T5092] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.450558][ T5092] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.459816][ T5092] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.468585][ T5092] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.493873][ T5191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8'.
[   92.500666][ T5192] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5192 comm=syz.0.8
[   92.591994][ T5191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8'.
[   92.604803][ T5191] bridge_slave_1: left allmulticast mode
[   92.616057][ T5191] bridge_slave_1: left promiscuous mode
[   92.622905][ T5191] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.654157][ T5191] bridge_slave_0: left allmulticast mode
[   92.659879][ T5191] bridge_slave_0: left promiscuous mode
[   92.669808][ T5191] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.885448][ T5196] 9pnet_fd: Insufficient options for proto=fd
[   93.642218][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.681872][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.744104][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.752994][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.802999][ T5202] warning: `syz.1.10' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   93.923939][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.943780][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.011361][   T29] kauditd_printk_skb: 28 callbacks suppressed
[   94.011379][   T29] audit: type=1400 audit(1721479483.125:151): avc:  denied  { mounton } for  pid=5094 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   94.131865][   T29] audit: type=1400 audit(1721479483.225:152): avc:  denied  { create } for  pid=5203 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   94.140235][ T2492] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.221251][ T2492] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.244873][   T29] audit: type=1400 audit(1721479483.365:153): avc:  denied  { execute } for  pid=5203 comm="syz.0.11" path="/5/net_prio.prioidx" dev="tmpfs" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   94.321576][   T29] audit: type=1400 audit(1721479483.435:154): avc:  denied  { bind } for  pid=5203 comm="syz.0.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   94.390414][ T2397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.423672][ T2397] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.442220][   T29] audit: type=1400 audit(1721479483.435:155): avc:  denied  { node_bind } for  pid=5203 comm="syz.0.11" saddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   94.613965][   T29] audit: type=1400 audit(1721479483.455:156): avc:  denied  { read } for  pid=5215 comm="syz.3.4" name="media1" dev="devtmpfs" ino=851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.797978][   T29] audit: type=1400 audit(1721479483.465:157): avc:  denied  { open } for  pid=5215 comm="syz.3.4" path="/dev/media1" dev="devtmpfs" ino=851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.855732][   T29] audit: type=1400 audit(1721479483.465:158): avc:  denied  { ioctl } for  pid=5215 comm="syz.3.4" path="/dev/media1" dev="devtmpfs" ino=851 ioctlcmd=0x7c05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   94.855749][ T2492] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.855768][ T2492] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.894530][   T29] audit: type=1400 audit(1721479483.955:159): avc:  denied  { setopt } for  pid=5220 comm="syz.1.13" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   95.013983][ T5229] vivid-007: =================  START STATUS  =================
[   95.022631][ T5229] vivid-007: Enable Output Cropping: true
[   95.029027][ T5229] vivid-007: Enable Output Composing: true
[   95.035121][ T5229] vivid-007: Enable Output Scaler: true
[   95.040829][ T5229] vivid-007: Tx RGB Quantization Range: Automatic
[   95.047516][ T5229] vivid-007: Transmit Mode: HDMI
[   95.052610][ T5229] vivid-007: Hotplug Present: 0x00000000
[   95.058903][ T5229] vivid-007: RxSense Present: 0x00000000
[   95.065275][ T5229] vivid-007: EDID Present: 0x00000000
[   95.071080][ T5229] vivid-007: ==================  END STATUS  ==================
[   95.272884][   T29] audit: type=1400 audit(1721479483.965:160): avc:  denied  { write } for  pid=5222 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   95.700472][ T5238] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.899780][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   96.764741][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.774437][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.804631][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.834493][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.843262][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.869207][ T5248] dlm: no locking on control device
[   97.129531][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   97.169606][ T5263] FAULT_INJECTION: forcing a failure.
[   97.169606][ T5263] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   97.194237][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.224129][ T5263] CPU: 0 PID: 5263 Comm: syz.0.22 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[   97.233728][ T5263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   97.243806][ T5263] Call Trace:
[   97.247080][ T5263]  <TASK>
[   97.250001][ T5263]  dump_stack_lvl+0x16c/0x1f0
[   97.254697][ T5263]  should_fail_ex+0x497/0x5b0
[   97.259400][ T5263]  _copy_to_user+0x30/0xc0
[   97.263824][ T5263]  simple_read_from_buffer+0xd0/0x160
[   97.269214][ T5263]  proc_fail_nth_read+0x1b0/0x290
[   97.274241][ T5263]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.279783][ T5263]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.285326][ T5263]  vfs_read+0x1d4/0xbd0
[   97.289477][ T5263]  ? __fdget_pos+0xeb/0x180
[   97.293972][ T5263]  ? __pfx_vfs_read+0x10/0x10
[   97.298643][ T5263]  ? __pfx___mutex_lock+0x10/0x10
[   97.303672][ T5263]  ? __fget_files+0x256/0x400
[   97.308364][ T5263]  ksys_read+0x12f/0x260
[   97.312600][ T5263]  ? __pfx_ksys_read+0x10/0x10
[   97.317445][ T5263]  do_syscall_64+0xcd/0x250
[   97.321943][ T5263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.327863][ T5263] RIP: 0033:0x7ff7f097463c
[   97.332281][ T5263] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   97.351890][ T5263] RSP: 002b:00007ff7f17a3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.360302][ T5263] RAX: ffffffffffffffda RBX: 00007ff7f0b06038 RCX: 00007ff7f097463c
[   97.368268][ T5263] RDX: 000000000000000f RSI: 00007ff7f17a30b0 RDI: 0000000000000003
[   97.376262][ T5263] RBP: 00007ff7f17a30a0 R08: 0000000000000000 R09: 0000000000000000
[   97.384247][ T5263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.392228][ T5263] R13: 000000000000006e R14: 00007ff7f0b06038 R15: 00007ffe660a08b8
[   97.400196][ T5263]  </TASK>
[   97.952376][ T5272] [U] 
[   98.060252][ T5277] FAULT_INJECTION: forcing a failure.
[   98.060252][ T5277] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.308820][ T5277] CPU: 0 PID: 5277 Comm: syz.4.26 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[   98.318425][ T5277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   98.328503][ T5277] Call Trace:
[   98.331806][ T5277]  <TASK>
[   98.334757][ T5277]  dump_stack_lvl+0x16c/0x1f0
[   98.339470][ T5277]  should_fail_ex+0x497/0x5b0
[   98.344162][ T5277]  _copy_to_user+0x30/0xc0
[   98.348604][ T5277]  simple_read_from_buffer+0xd0/0x160
[   98.354000][ T5277]  proc_fail_nth_read+0x1b0/0x290
[   98.359041][ T5277]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   98.364607][ T5277]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   98.370175][ T5277]  vfs_read+0x1d4/0xbd0
[   98.374350][ T5277]  ? __fdget_pos+0xeb/0x180
[   98.378861][ T5277]  ? __pfx_vfs_read+0x10/0x10
[   98.383546][ T5277]  ? __pfx___mutex_lock+0x10/0x10
[   98.388582][ T5277]  ? __fget_files+0x256/0x400
[   98.393271][ T5277]  ksys_read+0x12f/0x260
[   98.397523][ T5277]  ? __pfx_ksys_read+0x10/0x10
[   98.402296][ T5277]  do_syscall_64+0xcd/0x250
[   98.406812][ T5277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.412727][ T5277] RIP: 0033:0x7f7af317463c
[   98.417146][ T5277] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   98.436856][ T5277] RSP: 002b:00007f7af3f60040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   98.445281][ T5277] RAX: ffffffffffffffda RBX: 00007f7af3306038 RCX: 00007f7af317463c
[   98.453257][ T5277] RDX: 000000000000000f RSI: 00007f7af3f600b0 RDI: 0000000000000009
[   98.461242][ T5277] RBP: 00007f7af3f600a0 R08: 0000000000000000 R09: 0000000000000000
[   98.469241][ T5277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.477223][ T5277] R13: 000000000000006e R14: 00007f7af3306038 R15: 00007fff4a866ec8
[   98.485205][ T5277]  </TASK>
[   98.609454][ T5283] vivid-007: =================  START STATUS  =================
[   98.617225][ T5283] vivid-007: Enable Output Cropping: true
[   98.623111][ T5283] vivid-007: Enable Output Composing: true
[   98.629202][ T5283] vivid-007: Enable Output Scaler: true
[   98.634964][ T5283] vivid-007: Tx RGB Quantization Range: Automatic
[   98.641563][ T5283] vivid-007: Transmit Mode: HDMI
[   98.646802][ T5283] vivid-007: Hotplug Present: 0x00000000
[   98.652591][ T5283] vivid-007: RxSense Present: 0x00000000
[   98.658434][ T5283] vivid-007: EDID Present: 0x00000000
[   98.665683][ T5283] vivid-007: ==================  END STATUS  ==================
[   99.014191][   T29] kauditd_printk_skb: 34 callbacks suppressed
[   99.014209][   T29] audit: type=1400 audit(1721479488.115:195): avc:  denied  { execute } for  pid=5274 comm="syz.3.27" path="/3/cgroup.controllers" dev="tmpfs" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   99.201410][ T5285] Zero length message leads to an empty skb
[   99.284322][   T29] audit: type=1400 audit(1721479488.165:196): avc:  denied  { bind } for  pid=5274 comm="syz.3.27" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   99.366918][   T29] audit: type=1400 audit(1721479488.285:197): avc:  denied  { ioctl } for  pid=5284 comm="syz.2.28" path="/dev/vhost-net" dev="devtmpfs" ino=1084 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   99.492845][   T29] audit: type=1400 audit(1721479488.585:198): avc:  denied  { write } for  pid=5265 comm="syz.1.24" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  100.208710][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[  100.905045][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  101.156247][   T29] audit: type=1400 audit(1721479490.275:199): avc:  denied  { read write } for  pid=5303 comm="syz.2.35" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  101.236635][   T29] audit: type=1400 audit(1721479490.305:200): avc:  denied  { open } for  pid=5303 comm="syz.2.35" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  101.361820][   T29] audit: type=1400 audit(1721479490.315:201): avc:  denied  { mounton } for  pid=5303 comm="syz.2.35" path="/5/file0" dev="tmpfs" ino=46 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  101.449833][    C1] eth0: bad gso: type: 1, size: 1408
[  101.535340][   T29] audit: type=1400 audit(1721479490.645:202): avc:  denied  { write } for  pid=5315 comm="syz.4.37" name="swradio9" dev="devtmpfs" ino=989 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  101.626410][   T29] audit: type=1400 audit(1721479490.725:203): avc:  denied  { create } for  pid=5303 comm="syz.2.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  101.709110][   T29] audit: type=1400 audit(1721479490.725:204): avc:  denied  { connect } for  pid=5303 comm="syz.2.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  101.762311][ T5312] dlm: no locking on control device
[  102.135146][ T5330] syz.2.41 uses obsolete (PF_INET,SOCK_PACKET)
[  102.771562][ T5341] vivid-007: =================  START STATUS  =================
[  102.779403][ T5341] vivid-007: Enable Output Cropping: true
[  102.785433][ T5341] vivid-007: Enable Output Composing: true
[  102.791329][ T5341] vivid-007: Enable Output Scaler: true
[  102.797106][ T5341] vivid-007: Tx RGB Quantization Range: Automatic
[  102.803793][ T5341] vivid-007: Transmit Mode: HDMI
[  102.808894][ T5341] vivid-007: Hotplug Present: 0x00000000
[  102.814758][ T5341] vivid-007: RxSense Present: 0x00000000
[  102.820556][ T5341] vivid-007: EDID Present: 0x00000000
[  102.826806][ T5341] vivid-007: ==================  END STATUS  ==================
[  104.124217][  T928] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  104.181268][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  104.181279][   T29] audit: type=1400 audit(1721479493.295:209): avc:  denied  { setopt } for  pid=5356 comm="syz.1.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  104.292374][   T29] audit: type=1400 audit(1721479493.405:210): avc:  denied  { getopt } for  pid=5356 comm="syz.1.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  104.356548][  T928] usb 3-1: Using ep0 maxpacket: 8
[  104.370680][   T29] audit: type=1400 audit(1721479493.475:211): avc:  denied  { setopt } for  pid=5356 comm="syz.1.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  104.404815][  T928] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  104.422678][  T928] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  104.438671][  T928] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  104.450321][  T928] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  104.463955][  T928] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  104.481470][ T5360] netlink: 1212 bytes leftover after parsing attributes in process `syz.4.43'.
[  104.493122][  T928] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  104.543501][  T928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.699274][   T29] audit: type=1400 audit(1721479493.815:212): avc:  denied  { write } for  pid=5361 comm="syz.3.48" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  104.853890][  T928] usb 3-1: usb_control_msg returned -32
[  104.870073][  T928] usbtmc 3-1:16.0: can't read capabilities
[  105.207771][   T29] audit: type=1400 audit(1721479494.315:213): avc:  denied  { write } for  pid=5345 comm="syz.2.44" name="usbtmc0" dev="devtmpfs" ino=2332 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  105.224579][ T5374] usbtmc 3-1:16.0: usb_control_msg returned -32
[  105.330383][ T5377] 9pnet_fd: Insufficient options for proto=fd
[  106.005263][ T5152] usb 3-1: USB disconnect, device number 2
[  106.183295][   T29] audit: type=1400 audit(1721479495.295:214): avc:  denied  { create } for  pid=5384 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  106.309991][   T29] audit: type=1400 audit(1721479495.305:215): avc:  denied  { setopt } for  pid=5384 comm="syz.1.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  106.354272][ T5382] netlink: 'syz.3.54': attribute type 13 has an invalid length.
[  106.403764][  T933] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  106.453451][ T5389] process 'syz.1.56' launched '/dev/fd/6' with NULL argv: empty string added
[  106.503817][   T29] audit: type=1400 audit(1721479495.615:216): avc:  denied  { execute_no_trans } for  pid=5387 comm="syz.1.56" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CE1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F520C8103EC95C85174CBFCF91DF4DF3025E542A202864656C6574656429 dev="tmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  106.599294][  T933] usb 5-1: device descriptor read/64, error -71
[  106.762222][   T29] audit: type=1400 audit(1721479495.835:217): avc:  denied  { connect } for  pid=5387 comm="syz.1.56" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  106.871500][   T29] audit: type=1400 audit(1721479495.945:218): avc:  denied  { write } for  pid=5397 comm="syz.2.59" name="ppp" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  107.206488][  T933] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  107.371264][  T933] usb 5-1: device descriptor read/64, error -71
[  107.511237][  T933] usb usb5-port1: attempt power cycle
[  108.093088][ T5415] netlink: 1212 bytes leftover after parsing attributes in process `syz.2.63'.
[  108.123719][  T933] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  108.164491][  T933] usb 5-1: device descriptor read/8, error -71
[  108.406540][ T5423] 9pnet_fd: Insufficient options for proto=fd
[  109.403784][ T5432] 9pnet_fd: Insufficient options for proto=fd
[  110.174282][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  110.174300][   T29] audit: type=1400 audit(1721479499.295:220): avc:  denied  { setopt } for  pid=5427 comm="syz.4.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  110.456504][   T29] audit: type=1400 audit(1721479499.575:221): avc:  denied  { create } for  pid=5441 comm="syz.4.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  110.567708][   T29] audit: type=1400 audit(1721479499.575:222): avc:  denied  { bind } for  pid=5441 comm="syz.4.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  110.585228][ T5106] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  110.595674][ T5106] Bluetooth: hci0: Injecting HCI hardware error event
[  110.605701][ T5106] Bluetooth: hci0: hardware error 0x00
[  110.668518][ T5440] dlm: no locking on control device
[  110.746878][   T29] audit: type=1400 audit(1721479499.645:223): avc:  denied  { setopt } for  pid=5441 comm="syz.4.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  110.853283][   T29] audit: type=1400 audit(1721479499.655:224): avc:  denied  { accept } for  pid=5441 comm="syz.4.72" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  110.954280][   T29] audit: type=1400 audit(1721479499.665:225): avc:  denied  { mount } for  pid=5441 comm="syz.4.72" name="/" dev="ramfs" ino=7832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  111.045833][   T29] audit: type=1400 audit(1721479499.735:226): avc:  denied  { getopt } for  pid=5438 comm="syz.1.70" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  111.417681][   T29] audit: type=1400 audit(1721479500.535:227): avc:  denied  { unmount } for  pid=5092 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  112.021946][   T29] audit: type=1400 audit(1721479501.135:228): avc:  denied  { bind } for  pid=5474 comm="syz.2.78" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  112.119276][   T29] audit: type=1400 audit(1721479501.135:229): avc:  denied  { name_bind } for  pid=5474 comm="syz.2.78" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  112.213770][ T5152] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  112.736766][ T5152] usb 4-1: no configurations
[  113.001092][ T5106] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  113.084492][ T5152] usb 4-1: can't read configurations, error -22
[  113.270690][ T5152] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  113.278024][ T5487] FAULT_INJECTION: forcing a failure.
[  113.278024][ T5487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.348062][ T5487] CPU: 1 PID: 5487 Comm: syz.1.82 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  113.357667][ T5487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  113.367746][ T5487] Call Trace:
[  113.371038][ T5487]  <TASK>
[  113.373982][ T5487]  dump_stack_lvl+0x16c/0x1f0
[  113.378694][ T5487]  should_fail_ex+0x497/0x5b0
[  113.383411][ T5487]  _copy_from_user+0x30/0xf0
[  113.388031][ T5487]  kstrtouint_from_user+0xd7/0x1c0
[  113.393169][ T5487]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  113.398910][ T5487]  ? __pfx_lock_acquire+0x10/0x10
[  113.403968][ T5487]  proc_fail_nth_write+0x84/0x270
[  113.409022][ T5487]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  113.414689][ T5487]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  113.420359][ T5487]  vfs_write+0x29a/0x1140
[  113.424725][ T5487]  ? __fdget_pos+0xeb/0x180
[  113.429252][ T5487]  ? __pfx_vfs_write+0x10/0x10
[  113.434036][ T5487]  ? __pfx___mutex_lock+0x10/0x10
[  113.439084][ T5487]  ? __fget_files+0x256/0x400
[  113.443799][ T5487]  ksys_write+0x12f/0x260
[  113.448154][ T5487]  ? __pfx_ksys_write+0x10/0x10
[  113.453028][ T5487]  do_syscall_64+0xcd/0x250
[  113.457558][ T5487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.463481][ T5487] RIP: 0033:0x7fa5be5746df
[  113.467922][ T5487] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  113.487556][ T5487] RSP: 002b:00007fa5bf291040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  113.495997][ T5487] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa5be5746df
[  113.503988][ T5487] RDX: 0000000000000001 RSI: 00007fa5bf2910b0 RDI: 0000000000000003
[  113.511975][ T5487] RBP: 00007fa5bf2910a0 R08: 0000000000000000 R09: 0000000000000000
[  113.519965][ T5487] R10: 0000000000000025 R11: 0000000000000293 R12: 0000000000000001
[  113.527957][ T5487] R13: 000000000000000b R14: 00007fa5be705f60 R15: 00007fff23ca4828
[  113.535955][ T5487]  </TASK>
[  113.592051][ T5106] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  113.601360][ T5106] Bluetooth: hci3: Injecting HCI hardware error event
[  113.610942][ T5106] Bluetooth: hci3: hardware error 0x00
[  113.666239][ T5152] usb 4-1: no configurations
[  113.677344][ T5152] usb 4-1: can't read configurations, error -22
[  113.711009][ T5152] usb usb4-port1: attempt power cycle
[  114.041291][ T5491] IPVS: set_ctl: invalid protocol: 46 127.0.0.1:20000
[  114.286991][ T5152] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  114.644688][ T5152] usb 4-1: no configurations
[  114.650719][ T5152] usb 4-1: can't read configurations, error -22
[  114.668813][ T5493] overlayfs: failed to resolve './bus': -2
[  114.940619][ T5502] netlink: 'syz.3.87': attribute type 10 has an invalid length.
[  114.966075][ T5505] syz.0.88[5505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.966280][ T5505] syz.0.88[5505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.024130][ T5502] netlink: 2 bytes leftover after parsing attributes in process `syz.3.87'.
[  115.086530][ T5502] team0: entered promiscuous mode
[  115.091759][ T5502] team_slave_0: entered promiscuous mode
[  115.109443][ T5502] team_slave_1: entered promiscuous mode
[  115.130400][ T5502] bridge0: port 3(team0) entered blocking state
[  115.138404][ T5502] bridge0: port 3(team0) entered disabled state
[  115.145877][ T5502] team0: entered allmulticast mode
[  115.152448][ T5502] team_slave_0: entered allmulticast mode
[  115.164274][ T5502] team_slave_1: entered allmulticast mode
[  115.239360][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  115.239378][   T29] audit: type=1326 audit(1721479504.355:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5503 comm="syz.0.88" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7f0975b59 code=0x0
[  115.276290][ T5502] bridge0: port 3(team0) entered blocking state
[  115.282764][ T5502] bridge0: port 3(team0) entered forwarding state
[  115.705049][ T5106] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  117.001460][ T5530] netlink: 248 bytes leftover after parsing attributes in process `syz.0.95'.
[  117.053908][ T5530] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.157557][ T5534] netlink: 12 bytes leftover after parsing attributes in process `syz.2.96'.
[  117.188212][   T29] audit: type=1400 audit(1721479506.275:239): avc:  denied  { ioctl } for  pid=5528 comm="syz.0.95" path="socket:[7961]" dev="sockfs" ino=7961 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  117.243753][ T5106] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  117.253048][ T5106] Bluetooth: hci4: Injecting HCI hardware error event
[  117.261649][ T5106] Bluetooth: hci4: hardware error 0x00
[  117.325862][   T29] audit: type=1400 audit(1721479506.325:240): avc:  denied  { write } for  pid=5531 comm="syz.2.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  117.497499][   T29] audit: type=1400 audit(1721479506.615:241): avc:  denied  { unlink } for  pid=5542 comm="syz.3.99" name="#1" dev="tmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  117.531113][   T29] audit: type=1400 audit(1721479506.635:242): avc:  denied  { mount } for  pid=5542 comm="syz.3.99" name="/" dev="overlay" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  117.552981][    C1] vkms_vblank_simulate: vblank timer overrun
[  117.628202][ T5548] 9pnet_fd: Insufficient options for proto=fd
[  117.833862][   T47] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  118.247609][   T47] usb 2-1: no configurations
[  118.369387][   T47] usb 2-1: can't read configurations, error -22
[  118.523901][   T47] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  118.564857][   T29] audit: type=1400 audit(1721479507.675:243): avc:  denied  { read } for  pid=5553 comm="syz.4.101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  118.583894][    C1] vkms_vblank_simulate: vblank timer overrun
[  118.592815][ T5557] netlink: 'syz.0.103': attribute type 10 has an invalid length.
[  118.600948][ T5557] netlink: 2 bytes leftover after parsing attributes in process `syz.0.103'.
[  118.610046][ T5557] team0: entered promiscuous mode
[  118.615586][ T5557] team_slave_0: entered promiscuous mode
[  118.625676][ T5557] team_slave_1: entered promiscuous mode
[  119.148253][   T47] usb 2-1: no configurations
[  119.257867][   T47] usb 2-1: can't read configurations, error -22
[  119.407825][ T5106] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  119.499134][   T47] usb usb2-port1: attempt power cycle
[  119.577043][ T5566] syz.3.105[5566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.577187][ T5566] syz.3.105[5566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.790708][   T29] audit: type=1326 audit(1721479508.905:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5565 comm="syz.3.105" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x0
[  119.874041][   T29] audit: type=1400 audit(1721479508.985:245): avc:  denied  { name_bind } for  pid=5570 comm="syz.4.107" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  119.918403][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  119.943899][   T47] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  119.977180][   T29] audit: type=1400 audit(1721479508.985:246): avc:  denied  { node_bind } for  pid=5570 comm="syz.4.107" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  120.021145][ T5576] netlink: 1212 bytes leftover after parsing attributes in process `syz.2.106'.
[  120.041995][   T47] usb 2-1: no configurations
[  120.063804][   T47] usb 2-1: can't read configurations, error -22
[  120.224391][   T47] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  121.109433][   T47] usb 2-1: device descriptor read/8, error -71
[  121.243821][   T47] usb usb2-port1: unable to enumerate USB device
[  121.461479][ T5597] netlink: 'syz.1.112': attribute type 10 has an invalid length.
[  121.472564][ T5597] netlink: 2 bytes leftover after parsing attributes in process `syz.1.112'.
[  121.482647][ T5597] team0: entered promiscuous mode
[  121.487913][ T5597] team_slave_0: entered promiscuous mode
[  121.495730][ T5597] team_slave_1: entered promiscuous mode
[  121.505741][ T5597] bridge0: port 3(team0) entered blocking state
[  121.513195][ T5597] bridge0: port 3(team0) entered disabled state
[  121.523736][ T5597] team0: entered allmulticast mode
[  121.529046][ T5597] team_slave_0: entered allmulticast mode
[  121.548871][ T5597] team_slave_1: entered allmulticast mode
[  121.570429][ T5597] bridge0: port 3(team0) entered blocking state
[  121.576881][ T5597] bridge0: port 3(team0) entered forwarding state
[  121.613851][ T5149] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  121.753770][ T5099] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  121.874936][ T5149] usb 4-1: Using ep0 maxpacket: 8
[  121.883144][ T5603] netlink: 1212 bytes leftover after parsing attributes in process `syz.0.115'.
[  121.902270][ T5149] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  121.936712][ T5149] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  121.955973][ T5099] usb 5-1: Using ep0 maxpacket: 32
[  121.964550][ T5099] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  121.972228][ T5149] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  121.992088][ T5099] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  122.026270][ T5099] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  122.035498][ T5149] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  122.035712][ T5099] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.059888][ T5099] usb 5-1: Product: syz
[  122.074605][ T5149] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  122.092408][ T5099] usb 5-1: Manufacturer: syz
[  122.100295][ T5099] usb 5-1: SerialNumber: syz
[  122.109934][ T5149] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  122.127300][ T5149] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.368680][ T5099] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  122.396093][ T5149] usb 4-1: GET_CAPABILITIES returned 0
[  122.425910][ T5149] usbtmc 4-1:16.0: can't read capabilities
[  122.603223][   T29] audit: type=1400 audit(1721479511.715:247): avc:  denied  { read write } for  pid=5593 comm="syz.3.114" name="lp0" dev="devtmpfs" ino=2343 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  123.022154][ T5099] usb 4-1: USB disconnect, device number 6
[  123.558803][   T29] audit: type=1400 audit(1721479511.755:248): avc:  denied  { open } for  pid=5593 comm="syz.3.114" path="/dev/usb/lp0" dev="devtmpfs" ino=2343 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  123.619637][ T5152] usb 5-1: USB disconnect, device number 6
[  123.633667][   T29] audit: type=1400 audit(1721479511.835:249): avc:  denied  { ioctl } for  pid=5593 comm="syz.3.114" path="/dev/usb/lp0" dev="devtmpfs" ino=2343 ioctlcmd=0x5b13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  123.653353][ T5152] usblp0: removed
[  123.739329][ T5616] netlink: 'syz.0.120': attribute type 1 has an invalid length.
[  123.859369][ T5620] 9pnet_fd: Insufficient options for proto=fd
[  124.692366][ T5626] netlink: 248 bytes leftover after parsing attributes in process `syz.2.121'.
[  124.772004][ T5625] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  125.095417][ T5152] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  125.605207][ T5152] usb 2-1: no configurations
[  125.613023][ T5152] usb 2-1: can't read configurations, error -22
[  125.654135][ T5619] 8021q: adding VLAN 0 to HW filter on device bond1
[  125.773868][ T5152] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  125.855458][ T5640] netlink: 1276 bytes leftover after parsing attributes in process `syz.3.123'.
[  126.014786][ T5152] usb 2-1: no configurations
[  126.032722][ T5152] usb 2-1: can't read configurations, error -22
[  126.059488][ T5152] usb usb2-port1: attempt power cycle
[  126.374568][ T5655] netlink: 'syz.4.128': attribute type 10 has an invalid length.
[  127.173656][ T5655] netlink: 2 bytes leftover after parsing attributes in process `syz.4.128'.
[  127.183397][ T5655] team0: entered promiscuous mode
[  127.189427][ T5655] team_slave_0: entered promiscuous mode
[  127.204746][ T5655] team_slave_1: entered promiscuous mode
[  127.211639][ T5655] bridge0: port 3(team0) entered blocking state
[  127.218210][ T5655] bridge0: port 3(team0) entered disabled state
[  127.240171][ T5655] team0: entered allmulticast mode
[  127.245514][ T5655] team_slave_0: entered allmulticast mode
[  127.251291][ T5655] team_slave_1: entered allmulticast mode
[  127.265817][ T5655] bridge0: port 3(team0) entered blocking state
[  127.272267][ T5655] bridge0: port 3(team0) entered forwarding state
[  127.273683][ T5152] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  127.283716][   T29] audit: type=1400 audit(1721479516.385:250): avc:  denied  { create } for  pid=5646 comm="syz.2.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  127.316115][ T5660] syz.0.130[5660] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.316330][ T5660] syz.0.130[5660] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.370457][   T29] audit: type=1400 audit(1721479516.405:251): avc:  denied  { write } for  pid=5646 comm="syz.2.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  127.370520][   T29] audit: type=1400 audit(1721479516.405:252): avc:  denied  { nlmsg_write } for  pid=5646 comm="syz.2.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  127.415375][ T5152] usb 2-1: no configurations
[  127.415394][ T5152] usb 2-1: can't read configurations, error -22
[  127.471402][   T29] audit: type=1326 audit(1721479516.585:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5659 comm="syz.0.130" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7f0975b59 code=0x0
[  127.603909][ T5152] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  127.628271][ T5651] tty tty25: ldisc open failed (-12), clearing slot 24
[  127.648692][ T5152] usb 2-1: no configurations
[  127.653931][ T5152] usb 2-1: can't read configurations, error -22
[  127.665061][ T5152] usb usb2-port1: unable to enumerate USB device
[  127.911369][ T5670] netlink: 'syz.1.133': attribute type 9 has an invalid length.
[  127.936935][ T5670] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.133'.
[  128.010947][ T5675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.134'.
[  128.072359][ T5674] netlink: 20 bytes leftover after parsing attributes in process `syz.4.134'.
[  128.097093][   T29] audit: type=1400 audit(1721479517.215:254): avc:  denied  { create } for  pid=5673 comm="syz.4.134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  128.113026][ T5680] netlink: 248 bytes leftover after parsing attributes in process `syz.1.136'.
[  128.144533][ T5676] netlink: 'syz.3.135': attribute type 10 has an invalid length.
[  128.152575][ T5676] netlink: 2 bytes leftover after parsing attributes in process `syz.3.135'.
[  128.570589][   T29] audit: type=1400 audit(1721479517.685:255): avc:  denied  { write } for  pid=5684 comm="syz.0.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  128.634220][ T5690] netlink: 248 bytes leftover after parsing attributes in process `syz.4.140'.
[  129.861372][   T29] audit: type=1400 audit(1721479518.695:256): avc:  denied  { read } for  pid=5695 comm="syz.4.143" name="sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  130.294115][   T29] audit: type=1400 audit(1721479518.695:257): avc:  denied  { open } for  pid=5695 comm="syz.4.143" path="/dev/sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  130.892613][ T5711] netlink: 248 bytes leftover after parsing attributes in process `syz.0.146'.
[  131.460918][   T29] audit: type=1400 audit(1721479520.205:258): avc:  denied  { mount } for  pid=5706 comm="syz.1.144" name="/" dev="hugetlbfs" ino=9340 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  131.820650][   T29] audit: type=1400 audit(1721479520.755:259): avc:  denied  { unmount } for  pid=5096 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  133.841502][ T5723] FAULT_INJECTION: forcing a failure.
[  133.841502][ T5723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.855321][ T5723] CPU: 0 PID: 5723 Comm: syz.2.148 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  133.864978][ T5723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  133.875058][ T5723] Call Trace:
[  133.878354][ T5723]  <TASK>
[  133.881298][ T5723]  dump_stack_lvl+0x16c/0x1f0
[  133.886011][ T5723]  should_fail_ex+0x497/0x5b0
[  133.890718][ T5723]  _copy_to_user+0x30/0xc0
[  133.895170][ T5723]  pagemap_read+0x565/0x8c0
[  133.899703][ T5723]  ? __pfx_pagemap_read+0x10/0x10
[  133.904759][ T5723]  ? __pfx_pagemap_read+0x10/0x10
[  133.909816][ T5723]  vfs_read+0x1d4/0xbd0
[  133.913993][ T5723]  ? __pfx_lock_release+0x10/0x10
[  133.919042][ T5723]  ? __pfx_vfs_read+0x10/0x10
[  133.923738][ T5723]  ? populate_seccomp_data+0x213/0x540
[  133.929236][ T5723]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  133.935167][ T5723]  ? __fget_files+0x256/0x400
[  133.939881][ T5723]  __x64_sys_pread64+0x1fe/0x260
[  133.944851][ T5723]  ? __pfx___x64_sys_pread64+0x10/0x10
[  133.950335][ T5723]  ? __secure_computing+0x273/0x3f0
[  133.955556][ T5723]  do_syscall_64+0xcd/0x250
[  133.960091][ T5723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.966018][ T5723] RIP: 0033:0x7fa975175b59
[  133.970454][ T5723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.990079][ T5723] RSP: 002b:00007fa975f67048 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  133.998533][ T5723] RAX: ffffffffffffffda RBX: 00007fa975306110 RCX: 00007fa975175b59
[  134.006533][ T5723] RDX: 0000000000019000 RSI: 000000002001a240 RDI: 0000000000000007
[  134.014528][ T5723] RBP: 00007fa975f670a0 R08: 0000000000000000 R09: 0000000000000000
[  134.022516][ T5723] R10: 0000000000100018 R11: 0000000000000246 R12: 0000000000000001
[  134.030504][ T5723] R13: 000000000000006e R14: 00007fa975306110 R15: 00007ffc3bb804b8
[  134.038502][ T5723]  </TASK>
[  134.706237][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  134.716843][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  135.967869][   T29] audit: type=1400 audit(1721479525.075:260): avc:  denied  { create } for  pid=5728 comm="syz.2.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  136.108156][   T29] audit: type=1400 audit(1721479525.075:261): avc:  denied  { accept } for  pid=5728 comm="syz.2.153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  136.267238][ T5741] netlink: 248 bytes leftover after parsing attributes in process `syz.4.156'.
[  136.419256][ T5747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.158'.
[  137.640119][ T5765] syz.0.164[5765] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.640333][ T5765] syz.0.164[5765] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.918295][   T29] audit: type=1400 audit(1721479527.035:262): avc:  denied  { name_connect } for  pid=5767 comm="syz.4.165" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  138.049951][   T29] audit: type=1326 audit(1721479527.135:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5763 comm="syz.0.164" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7f0975b59 code=0x0
[  138.127119][   T29] audit: type=1400 audit(1721479527.245:264): avc:  denied  { bind } for  pid=5770 comm="syz.1.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  138.200870][   T29] audit: type=1400 audit(1721479527.245:265): avc:  denied  { name_bind } for  pid=5770 comm="syz.1.166" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  138.256493][   T29] audit: type=1400 audit(1721479527.245:266): avc:  denied  { node_bind } for  pid=5770 comm="syz.1.166" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  138.318004][   T29] audit: type=1400 audit(1721479527.285:267): avc:  denied  { listen } for  pid=5770 comm="syz.1.166" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  138.366724][   T29] audit: type=1400 audit(1721479527.285:268): avc:  denied  { connect } for  pid=5770 comm="syz.1.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  138.386718][   T29] audit: type=1400 audit(1721479527.285:269): avc:  denied  { name_connect } for  pid=5770 comm="syz.1.166" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  141.584015][ T5824] 9pnet_fd: Insufficient options for proto=fd
[  142.283654][ T5217] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  142.304818][ T5829] syz.2.181[5829] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.305033][ T5829] syz.2.181[5829] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.347940][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  142.347958][   T29] audit: type=1400 audit(1721479531.465:278): avc:  denied  { unmount } for  pid=5096 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  142.484280][   T29] audit: type=1326 audit(1721479531.605:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5828 comm="syz.2.181" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa975175b59 code=0x0
[  142.543744][ T5217] usb 1-1: Using ep0 maxpacket: 16
[  142.550669][ T5217] usb 1-1: no configurations
[  142.556212][ T5217] usb 1-1: can't read configurations, error -22
[  142.607906][   T29] audit: type=1400 audit(1721479531.715:280): avc:  denied  { create } for  pid=5837 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  142.614785][ T5839] Bluetooth: MGMT ver 1.23
[  142.653490][   T29] audit: type=1400 audit(1721479531.725:281): avc:  denied  { write } for  pid=5837 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  142.688934][   T29] audit: type=1400 audit(1721479531.725:282): avc:  denied  { bind } for  pid=5837 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  142.712486][   T29] audit: type=1400 audit(1721479531.725:283): avc:  denied  { write } for  pid=5837 comm="syz.3.185" path="socket:[9164]" dev="sockfs" ino=9164 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  142.736759][   T29] audit: type=1400 audit(1721479531.765:284): avc:  denied  { name_bind } for  pid=5837 comm="syz.3.185" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  142.760104][ T5217] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  142.953859][ T5217] usb 1-1: Using ep0 maxpacket: 16
[  142.966620][ T5217] usb 1-1: no configurations
[  142.971539][ T5217] usb 1-1: can't read configurations, error -22
[  142.990774][ T5217] usb usb1-port1: attempt power cycle
[  143.484518][ T5217] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  144.318611][ T5217] usb 1-1: device descriptor read/8, error -71
[  144.386426][ T5854] netlink: 'syz.4.189': attribute type 10 has an invalid length.
[  144.414471][ T5854] netlink: 2 bytes leftover after parsing attributes in process `syz.4.189'.
[  144.926354][ T5873] 9pnet_fd: Insufficient options for proto=fd
[  145.866496][ T5882] FAULT_INJECTION: forcing a failure.
[  145.866496][ T5882] name failslab, interval 1, probability 0, space 0, times 0
[  145.942774][ T5882] CPU: 1 PID: 5882 Comm: syz.4.198 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  145.952460][ T5882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  145.962542][ T5882] Call Trace:
[  145.965844][ T5882]  <TASK>
[  145.968802][ T5882]  dump_stack_lvl+0x16c/0x1f0
[  145.973527][ T5882]  should_fail_ex+0x497/0x5b0
[  145.978240][ T5882]  should_failslab+0x9/0x20
[  145.982773][ T5882]  __kmalloc_noprof+0xcb/0x400
[  145.987573][ T5882]  tomoyo_encode2+0x100/0x3e0
[  145.992291][ T5882]  tomoyo_encode+0x29/0x50
[  145.996741][ T5882]  tomoyo_realpath_from_path+0x19d/0x720
[  146.002416][ T5882]  ? tomoyo_profile+0x47/0x60
[  146.007124][ T5882]  tomoyo_path_number_perm+0x245/0x590
[  146.012612][ T5882]  ? tomoyo_path_number_perm+0x232/0x590
[  146.018245][ T5882]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  146.024228][ T5882]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  146.030203][ T5882]  ? __fget_files+0x256/0x400
[  146.034872][ T5882]  security_file_ioctl+0x75/0xc0
[  146.039806][ T5882]  __x64_sys_ioctl+0xbb/0x220
[  146.044473][ T5882]  do_syscall_64+0xcd/0x250
[  146.048971][ T5882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.054860][ T5882] RIP: 0033:0x7f7af3175b59
[  146.059263][ T5882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.078864][ T5882] RSP: 002b:00007f7af3f81048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.087267][ T5882] RAX: ffffffffffffffda RBX: 00007f7af3305f60 RCX: 00007f7af3175b59
[  146.095227][ T5882] RDX: 0000000020000000 RSI: 0000000000008936 RDI: 0000000000000005
[  146.103185][ T5882] RBP: 00007f7af3f810a0 R08: 0000000000000000 R09: 0000000000000000
[  146.111140][ T5882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.119096][ T5882] R13: 000000000000000b R14: 00007f7af3305f60 R15: 00007fff4a866ec8
[  146.127057][ T5882]  </TASK>
[  146.945163][ T5882] ERROR: Out of memory at tomoyo_realpath_from_path.
[  147.683508][ T5910] netlink: 'syz.0.203': attribute type 10 has an invalid length.
[  147.707367][   T29] audit: type=1400 audit(1721479536.815:285): avc:  denied  { read } for  pid=5897 comm="syz.3.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  147.771514][ T5910] netlink: 2 bytes leftover after parsing attributes in process `syz.0.203'.
[  147.857884][ T5911] netlink: 1268 bytes leftover after parsing attributes in process `syz.4.201'.
[  147.993372][   T29] audit: type=1400 audit(1721479537.105:286): avc:  denied  { write } for  pid=5913 comm="syz.1.206" name="event2" dev="devtmpfs" ino=838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  148.062002][ T5916] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  148.379513][ T5916] netlink: 'syz.3.207': attribute type 4 has an invalid length.
[  148.426771][ T5916] 9pnet_fd: Insufficient options for proto=fd
[  148.441076][   T29] audit: type=1400 audit(1721479537.145:287): avc:  denied  { open } for  pid=5913 comm="syz.1.206" path="/dev/input/event2" dev="devtmpfs" ino=838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  148.689500][ T5149] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  148.784007][ T5923] 9pnet_fd: Insufficient options for proto=fd
[  149.012976][ T5149] usb 2-1: device descriptor read/64, error -71
[  149.529767][ T5149] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  149.699989][ T5149] usb 2-1: device descriptor read/64, error -71
[  149.848507][ T5149] usb usb2-port1: attempt power cycle
[  149.963397][ T5940] netlink: 1272 bytes leftover after parsing attributes in process `syz.3.213'.
[  150.283910][ T5149] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  150.341340][ T5149] usb 2-1: device descriptor read/8, error -71
[  150.644526][ T5149] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  150.705233][ T5149] usb 2-1: device descriptor read/8, error -71
[  150.780895][   T29] audit: type=1400 audit(1721479539.895:288): avc:  denied  { read } for  pid=5947 comm="syz.3.217" name="nvram" dev="devtmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  150.834766][ T5149] usb usb2-port1: unable to enumerate USB device
[  150.850843][   T29] audit: type=1400 audit(1721479539.895:289): avc:  denied  { open } for  pid=5947 comm="syz.3.217" path="/dev/nvram" dev="devtmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  150.987756][   T29] audit: type=1400 audit(1721479540.085:290): avc:  denied  { ioctl } for  pid=5952 comm="syz.4.218" path="socket:[9936]" dev="sockfs" ino=9936 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  150.989418][ T5953] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  151.037084][   T29] audit: type=1400 audit(1721479540.095:291): avc:  denied  { bind } for  pid=5952 comm="syz.4.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  151.138585][ T5956] FAULT_INJECTION: forcing a failure.
[  151.138585][ T5956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.163481][   T29] audit: type=1400 audit(1721479540.195:292): avc:  denied  { unmount } for  pid=5096 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  151.164532][ T5956] CPU: 1 PID: 5956 Comm: syz.0.219 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  151.192803][ T5956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  151.202859][ T5956] Call Trace:
[  151.206131][ T5956]  <TASK>
[  151.209053][ T5956]  dump_stack_lvl+0x16c/0x1f0
[  151.213739][ T5956]  should_fail_ex+0x497/0x5b0
[  151.218432][ T5956]  _copy_from_user+0x30/0xf0
[  151.223013][ T5956]  userfaultfd_ioctl+0x297b/0x5f20
[  151.228133][ T5956]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  151.234068][ T5956]  ? do_vfs_ioctl+0x515/0x1ad0
[  151.238854][ T5956]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  151.244347][ T5956]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  151.250881][ T5956]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  151.257410][ T5956]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  151.264293][ T5956]  ? selinux_file_ioctl+0x180/0x270
[  151.269517][ T5956]  ? selinux_file_ioctl+0xb4/0x270
[  151.274655][ T5956]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  151.280148][ T5956]  ? __x64_sys_ioctl+0x193/0x220
[  151.285107][ T5956]  __x64_sys_ioctl+0x193/0x220
[  151.289902][ T5956]  do_syscall_64+0xcd/0x250
[  151.294422][ T5956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.300319][ T5956] RIP: 0033:0x7ff7f0975b59
[  151.304728][ T5956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.324331][ T5956] RSP: 002b:00007ff7f17a3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  151.332736][ T5956] RAX: ffffffffffffffda RBX: 00007ff7f0b06038 RCX: 00007ff7f0975b59
[  151.340698][ T5956] RDX: 0000000020000100 RSI: 00000000c020aa04 RDI: 0000000000000007
[  151.348660][ T5956] RBP: 00007ff7f17a30a0 R08: 0000000000000000 R09: 0000000000000000
[  151.356623][ T5956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.364585][ T5956] R13: 000000000000006e R14: 00007ff7f0b06038 R15: 00007ffe660a08b8
[  151.372549][ T5956]  </TASK>
[  151.414546][ T5953] netlink: 28 bytes leftover after parsing attributes in process `syz.4.218'.
[  151.436617][   T29] audit: type=1400 audit(1721479540.215:293): avc:  denied  { ioctl } for  pid=5954 comm="syz.0.219" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=10330 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  151.471052][ T5953] netlink: 248 bytes leftover after parsing attributes in process `syz.4.218'.
[  152.768673][ T5974] 9pnet_fd: Insufficient options for proto=fd
[  153.207326][ T5966] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.221'.
[  153.286978][   T29] audit: type=1400 audit(1721479542.385:294): avc:  denied  { create } for  pid=5976 comm="syz.3.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  153.372785][   T29] audit: type=1400 audit(1721479542.405:295): avc:  denied  { write } for  pid=5976 comm="syz.3.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  153.501033][ T5984] FAULT_INJECTION: forcing a failure.
[  153.501033][ T5984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.538423][ T5984] CPU: 0 PID: 5984 Comm: syz.3.228 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  153.548099][ T5984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  153.558186][ T5984] Call Trace:
[  153.561486][ T5984]  <TASK>
[  153.564438][ T5984]  dump_stack_lvl+0x16c/0x1f0
[  153.569153][ T5984]  should_fail_ex+0x497/0x5b0
[  153.573858][ T5984]  _copy_from_user+0x30/0xf0
[  153.578468][ T5984]  vmci_host_do_alloc_queuepair.constprop.0+0x28f/0x3d0
[  153.585430][ T5984]  ? __pfx_vmci_host_do_alloc_queuepair.constprop.0+0x10/0x10
[  153.592921][ T5984]  ? tomoyo_path_number_perm+0x292/0x590
[  153.598572][ T5984]  ? __pfx_lock_release+0x10/0x10
[  153.603617][ T5984]  ? kfree+0x12a/0x3b0
[  153.607707][ T5984]  vmci_host_unlocked_ioctl+0x50e/0x1fb0
[  153.613359][ T5984]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  153.619441][ T5984]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  153.625962][ T5984]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  153.632481][ T5984]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  153.639983][ T5984]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  153.646017][ T5984]  ? selinux_file_ioctl+0x180/0x270
[  153.651243][ T5984]  ? selinux_file_ioctl+0xb4/0x270
[  153.656384][ T5984]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  153.662472][ T5984]  __x64_sys_ioctl+0x193/0x220
[  153.667248][ T5984]  do_syscall_64+0xcd/0x250
[  153.671767][ T5984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.677676][ T5984] RIP: 0033:0x7f824d575b59
[  153.682093][ T5984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.701709][ T5984] RSP: 002b:00007f824e313048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.710137][ T5984] RAX: ffffffffffffffda RBX: 00007f824d705f60 RCX: 00007f824d575b59
[  153.718130][ T5984] RDX: 0000000020000000 RSI: 00000000000007a8 RDI: 0000000000000003
[  153.726123][ T5984] RBP: 00007f824e3130a0 R08: 0000000000000000 R09: 0000000000000000
[  153.734105][ T5984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.742086][ T5984] R13: 000000000000000b R14: 00007f824d705f60 R15: 00007ffdb3239908
[  153.750073][ T5984]  </TASK>
[  154.483652][   T29] audit: type=1400 audit(1721479543.565:296): avc:  denied  { write } for  pid=5991 comm="syz.1.231" name="mcfilter6" dev="proc" ino=4026533089 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  154.659267][ T5999] fuse: Unknown parameter 'Ja®VHÙ“4·7éE’¡Dÿžë )€Íÿ‡Yƒž‡þ-Ñ G)‡!çÀçÀÄá–\â1îóÌ I$äUÝ)hª9ðyˤD‡ÓÃ…Án…âI‚±÷«a•ÝµÈC€rROš{—7'
[  156.630961][ T5106] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[  156.859533][   T29] audit: type=1400 audit(1721479545.975:297): avc:  denied  { open } for  pid=6012 comm="syz.2.239" path="/dev/ptyq8" dev="devtmpfs" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  157.008710][ T6026] netlink: 1272 bytes leftover after parsing attributes in process `syz.3.240'.
[  157.097151][   T29] audit: type=1400 audit(1721479546.015:298): avc:  denied  { ioctl } for  pid=6012 comm="syz.2.239" path="/dev/ptyq8" dev="devtmpfs" ino=129 ioctlcmd=0x5406 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  162.376172][ T6040] =======================================================
[  162.376172][ T6040] WARNING: The mand mount option has been deprecated and
[  162.376172][ T6040]          and is ignored by this kernel. Remove the mand
[  162.376172][ T6040]          option from the mount to silence this warning.
[  162.376172][ T6040] =======================================================
[  162.411010][    C0] vkms_vblank_simulate: vblank timer overrun
[  162.480932][   T29] audit: type=1400 audit(1721479551.495:299): avc:  denied  { remount } for  pid=6039 comm="syz.0.246" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  162.606916][   T29] audit: type=1400 audit(1721479551.695:300): avc:  denied  { create } for  pid=6044 comm="syz.1.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  162.919683][ T6050] syz.3.250[6050] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.919886][ T6050] syz.3.250[6050] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.055663][   T29] audit: type=1326 audit(1721479552.175:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6049 comm="syz.3.250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x0
[  163.850991][   T29] audit: type=1400 audit(1721479552.965:302): avc:  denied  { mount } for  pid=6053 comm="syz.4.252" name="/" dev="ramfs" ino=10131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  163.879845][ T6054] capability: warning: `syz.4.252' uses deprecated v2 capabilities in a way that may be insecure
[  163.919460][ T6054] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  163.944875][ T6054] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  165.617317][   T29] audit: type=1400 audit(1721479554.735:303): avc:  denied  { connect } for  pid=6076 comm="syz.3.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  165.769318][   T29] audit: type=1400 audit(1721479554.765:304): avc:  denied  { setopt } for  pid=6076 comm="syz.3.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  165.866279][   T29] audit: type=1400 audit(1721479554.845:305): avc:  denied  { create } for  pid=6076 comm="syz.3.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  166.081370][   T29] audit: type=1400 audit(1721479554.885:306): avc:  denied  { read write } for  pid=6076 comm="syz.3.259" name="raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  166.105854][ T5149] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  166.123112][   T29] audit: type=1400 audit(1721479554.885:307): avc:  denied  { open } for  pid=6076 comm="syz.3.259" path="/dev/raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  166.188120][   T29] audit: type=1400 audit(1721479554.885:308): avc:  denied  { ioctl } for  pid=6076 comm="syz.3.259" path="/dev/raw-gadget" dev="devtmpfs" ino=733 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  166.406558][ T5149] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  166.430907][ T5149] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  166.453935][ T5149] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  166.483648][ T5149] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.550923][ T6093] netlink: 1272 bytes leftover after parsing attributes in process `syz.0.257'.
[  170.582688][ T5149] usb 4-1: can't set config #27, error -71
[  170.667732][ T5149] usb 4-1: USB disconnect, device number 7
[  170.694622][ T6098] syz.2.265[6098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.694812][ T6098] syz.2.265[6098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  170.816523][   T29] audit: type=1326 audit(1721479559.935:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6097 comm="syz.2.265" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa975175b59 code=0x0
[  178.029938][   T29] audit: type=1400 audit(1721479567.135:310): avc:  denied  { mount } for  pid=6136 comm="syz.3.277" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  178.180873][   T29] audit: type=1400 audit(1721479567.295:311): avc:  denied  { unmount } for  pid=5094 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  181.759036][ T6153] sched: RT throttling activated
[  181.987036][   T29] audit: type=1326 audit(1721479571.095:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6158 comm="syz.4.284" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7af3175b59 code=0x0
[  182.738959][   T29] audit: type=1400 audit(1721479571.845:313): avc:  denied  { write } for  pid=6163 comm="syz.1.286" name="sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  183.024848][ T6174] FAULT_INJECTION: forcing a failure.
[  183.024848][ T6174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.024931][ T6174] CPU: 1 PID: 6174 Comm: syz.3.287 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  183.024960][ T6174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  183.024975][ T6174] Call Trace:
[  183.024985][ T6174]  <TASK>
[  183.024996][ T6174]  dump_stack_lvl+0x16c/0x1f0
[  183.025039][ T6174]  should_fail_ex+0x497/0x5b0
[  183.025076][ T6174]  _copy_to_user+0x30/0xc0
[  183.025110][ T6174]  simple_read_from_buffer+0xd0/0x160
[  183.025147][ T6174]  proc_fail_nth_read+0x1b0/0x290
[  183.025180][ T6174]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.025214][ T6174]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  183.025245][ T6174]  vfs_read+0x1d4/0xbd0
[  183.025274][ T6174]  ? __fdget_pos+0xeb/0x180
[  183.025303][ T6174]  ? read_tsc+0x9/0x20
[  183.025333][ T6174]  ? __pfx_vfs_read+0x10/0x10
[  183.025360][ T6174]  ? __pfx___mutex_lock+0x10/0x10
[  183.025389][ T6174]  ? __fget_files+0x256/0x400
[  183.025420][ T6174]  ksys_read+0x12f/0x260
[  183.025449][ T6174]  ? __pfx_ksys_read+0x10/0x10
[  183.025480][ T6174]  do_syscall_64+0xcd/0x250
[  183.025510][ T6174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.025548][ T6174] RIP: 0033:0x7f824d57463c
[  183.025568][ T6174] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  183.025592][ T6174] RSP: 002b:00007f824e313040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  183.025620][ T6174] RAX: ffffffffffffffda RBX: 00007f824d705f60 RCX: 00007f824d57463c
[  183.025639][ T6174] RDX: 000000000000000f RSI: 00007f824e3130b0 RDI: 0000000000000003
[  183.025656][ T6174] RBP: 00007f824e3130a0 R08: 0000000000000000 R09: 0000000000000000
[  183.025674][ T6174] R10: 0000000000012042 R11: 0000000000000246 R12: 0000000000000001
[  183.025691][ T6174] R13: 000000000000000b R14: 00007f824d705f60 R15: 00007ffdb3239908
[  183.025713][ T6174]  </TASK>
[  183.141811][    C1] vkms_vblank_simulate: vblank timer overrun
[  191.483822][   T29] audit: type=1326 audit(1721479573.705:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6179 comm="syz.0.290" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7f0975b59 code=0x0
[  191.686174][ T6193] FAULT_INJECTION: forcing a failure.
[  191.686174][ T6193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.686305][ T6193] CPU: 0 PID: 6193 Comm: syz.3.292 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  191.686334][ T6193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  191.686349][ T6193] Call Trace:
[  191.686359][ T6193]  <TASK>
[  191.686368][ T6193]  dump_stack_lvl+0x16c/0x1f0
[  191.686411][ T6193]  should_fail_ex+0x497/0x5b0
[  191.686448][ T6193]  _copy_from_user+0x30/0xf0
[  191.686483][ T6193]  hci_sock_ioctl+0x77d/0x880
[  191.686518][ T6193]  ? __pfx_hci_sock_ioctl+0x10/0x10
[  191.686554][ T6193]  sock_do_ioctl+0x116/0x280
[  191.686586][ T6193]  ? __pfx_sock_do_ioctl+0x10/0x10
[  191.686620][ T6193]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  191.686660][ T6193]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  191.686701][ T6193]  sock_ioctl+0x22e/0x6c0
[  191.686734][ T6193]  ? __pfx_sock_ioctl+0x10/0x10
[  191.686768][ T6193]  ? selinux_file_ioctl+0x180/0x270
[  191.686804][ T6193]  ? selinux_file_ioctl+0xb4/0x270
[  191.686841][ T6193]  ? __pfx_sock_ioctl+0x10/0x10
[  191.686874][ T6193]  __x64_sys_ioctl+0x193/0x220
[  191.686901][ T6193]  do_syscall_64+0xcd/0x250
[  191.686931][ T6193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.686968][ T6193] RIP: 0033:0x7f824d575b59
[  191.686987][ T6193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.687012][ T6193] RSP: 002b:00007f824e2d1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  191.687039][ T6193] RAX: ffffffffffffffda RBX: 00007f824d706110 RCX: 00007f824d575b59
[  191.687057][ T6193] RDX: 0000000020000000 RSI: 00000000400448e7 RDI: 0000000000000009
[  191.687075][ T6193] RBP: 00007f824e2d10a0 R08: 0000000000000000 R09: 0000000000000000
[  191.687092][ T6193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.687113][ T6193] R13: 000000000000006e R14: 00007f824d706110 R15: 00007ffdb3239908
[  191.687135][ T6193]  </TASK>
[  193.654039][   T29] audit: type=1400 audit(1721479582.775:315): avc:  denied  { write } for  pid=6197 comm="syz.3.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  193.697977][ T6205] Bluetooth: MGMT ver 1.23
[  194.100495][   T56] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  194.106741][   T56] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  194.108188][   T56] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  194.112693][   T56] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  194.118409][   T56] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  194.118927][   T56] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  194.125995][   T29] audit: type=1400 audit(1721479583.245:316): avc:  denied  { mounton } for  pid=6209 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  194.191205][ T5106] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  194.193610][ T5106] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  194.194539][ T5106] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  194.195994][ T5106] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  194.197356][ T5106] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  194.198226][ T5106] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  194.538792][ T5106] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  194.540965][ T5106] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  194.543083][ T5106] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  194.572410][ T5106] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  194.594706][ T5106] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  194.602299][ T5106] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  194.914332][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  194.914435][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  195.191599][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.436493][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.702931][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.141901][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.184085][   T56] Bluetooth: hci5: command tx timeout
[  196.264720][   T56] Bluetooth: hci6: command tx timeout
[  196.673699][   T56] Bluetooth: hci4: command tx timeout
[  196.733235][ T6213] chnl_net:caif_netlink_parms(): no params data found
[  197.131704][ T6209] chnl_net:caif_netlink_parms(): no params data found
[  198.264142][   T56] Bluetooth: hci2: command tx timeout
[  198.269599][   T56] Bluetooth: hci5: command tx timeout
[  198.343655][   T56] Bluetooth: hci6: command tx timeout
[  198.681639][ T6256] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  198.681639][ T6256] The task syz.4.307 (6256) triggered the difference, watch for misbehavior.
[  198.744149][   T56] Bluetooth: hci4: command tx timeout
[  198.773805][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  198.788292][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  198.799528][   T35] bond0 (unregistering): Released all slaves
[  198.897892][   T35] bond1 (unregistering): Released all slaves
[  199.110549][   T29] audit: type=1400 audit(1721479588.225:317): avc:  denied  { read } for  pid=6262 comm="syz.3.308" name="uinput" dev="devtmpfs" ino=836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  199.129950][ T6263] i2c i2c-0: Invalid block write size 34
[  199.157079][   T29] audit: type=1400 audit(1721479588.275:318): avc:  denied  { search } for  pid=4757 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  199.178322][    C1] vkms_vblank_simulate: vblank timer overrun
[  199.200197][   T29] audit: type=1400 audit(1721479588.315:319): avc:  denied  { read } for  pid=4757 comm="dhcpcd" name="n68" dev="tmpfs" ino=2460 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  199.231944][   T29] audit: type=1400 audit(1721479588.315:320): avc:  denied  { open } for  pid=4757 comm="dhcpcd" path="/run/udev/data/n68" dev="tmpfs" ino=2460 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  199.271538][   T29] audit: type=1400 audit(1721479588.315:321): avc:  denied  { getattr } for  pid=4757 comm="dhcpcd" path="/run/udev/data/n68" dev="tmpfs" ino=2460 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  199.294684][    C1] vkms_vblank_simulate: vblank timer overrun
[  199.607360][ T6213] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.622173][ T6213] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.636672][ T6213] bridge_slave_0: entered allmulticast mode
[  199.645900][ T6213] bridge_slave_0: entered promiscuous mode
[  199.656060][ T6209] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.671533][ T6209] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.683907][ T6209] bridge_slave_0: entered allmulticast mode
[  199.692820][ T6209] bridge_slave_0: entered promiscuous mode
[  199.793933][ T6213] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.814422][ T6213] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.841128][ T6213] bridge_slave_1: entered allmulticast mode
[  199.850231][ T6213] bridge_slave_1: entered promiscuous mode
[  199.867949][   T29] audit: type=1400 audit(1721479588.975:322): avc:  denied  { search } for  pid=4525 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  199.914634][   T29] audit: type=1400 audit(1721479588.975:323): avc:  denied  { write } for  pid=4525 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  199.950197][   T29] audit: type=1400 audit(1721479588.975:324): avc:  denied  { remove_name } for  pid=4525 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  200.000076][ T6209] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.033734][ T6209] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.044606][   T29] audit: type=1400 audit(1721479588.975:325): avc:  denied  { rename } for  pid=4525 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  200.045504][ T6209] bridge_slave_1: entered allmulticast mode
[  200.070608][   T29] audit: type=1400 audit(1721479588.975:326): avc:  denied  { add_name } for  pid=4525 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  200.102524][ T6209] bridge_slave_1: entered promiscuous mode
[  200.344975][   T56] Bluetooth: hci5: command tx timeout
[  200.425602][   T56] Bluetooth: hci6: command tx timeout
[  200.446911][ T6209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.501717][ T6209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.607667][ T6213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.681201][ T6292] ptrace attach of "./syz-executor exec"[5092] was attempted by "./syz-executor exec"[6292]
[  200.775673][ T6213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.824031][   T56] Bluetooth: hci4: command tx timeout
[  200.923407][ T6218] chnl_net:caif_netlink_parms(): no params data found
[  201.070752][   T35] hsr_slave_0: left promiscuous mode
[  201.116786][   T35] hsr_slave_1: left promiscuous mode
[  201.123246][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.138236][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.165923][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.178833][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.251480][   T35] veth1_macvtap: left promiscuous mode
[  201.267129][   T35] veth0_macvtap: left promiscuous mode
[  201.282274][   T35] veth1_vlan: left promiscuous mode
[  201.299286][   T35] veth0_vlan: left promiscuous mode
[  201.401102][ T6307] netlink: 'syz.3.314': attribute type 11 has an invalid length.
[  202.170584][ T6303] kexec: Could not allocate control_code_buffer
[  202.424771][   T56] Bluetooth: hci5: command tx timeout
[  202.504329][   T56] Bluetooth: hci6: command tx timeout
[  202.554149][   T35] team_slave_1 (unregistering): left promiscuous mode
[  202.579222][   T35] team0 (unregistering): Port device team_slave_1 removed
[  202.594513][   T56] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  202.604382][   T56] Bluetooth: hci2: Injecting HCI hardware error event
[  202.615888][ T5106] Bluetooth: hci2: hardware error 0x00
[  202.644069][ T5099] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  202.706775][   T35] team_slave_0 (unregistering): left promiscuous mode
[  202.719177][   T35] team0 (unregistering): Port device team_slave_0 removed
[  202.856248][ T5099] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.877826][ T5099] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.913186][ T5099] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  202.915975][   T56] Bluetooth: hci4: command tx timeout
[  202.927623][ T5099] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.976165][ T5099] usb 4-1: config 0 descriptor??
[  203.779637][ T6209] team0: Port device team_slave_0 added
[  204.516492][ T6209] team0: Port device team_slave_1 added
[  204.621551][ T6213] team0: Port device team_slave_0 added
[  204.655609][ T6213] team0: Port device team_slave_1 added
[  204.665111][ T5106] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  204.731617][ T6328] FAULT_INJECTION: forcing a failure.
[  204.731617][ T6328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.736000][ T5099] usbhid 4-1:0.0: can't add hid device: -71
[  204.749806][ T6328] CPU: 1 PID: 6328 Comm: syz.4.319 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  204.760637][ T6328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  204.770698][ T6328] Call Trace:
[  204.773978][ T6328]  <TASK>
[  204.776912][ T6328]  dump_stack_lvl+0x16c/0x1f0
[  204.781626][ T6328]  should_fail_ex+0x497/0x5b0
[  204.786342][ T6328]  _copy_from_user+0x30/0xf0
[  204.790960][ T6328]  core_sys_select+0x2cf/0xb80
[  204.795741][ T6328]  ? __pfx_core_sys_select+0x10/0x10
[  204.801039][ T6328]  ? get_pid_task+0xfc/0x250
[  204.805645][ T6328]  ? set_user_sigmask+0x217/0x2a0
[  204.810685][ T6328]  ? __pfx_set_user_sigmask+0x10/0x10
[  204.816066][ T6328]  do_pselect.constprop.0+0x1a0/0x1f0
[  204.821467][ T6328]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  204.827381][ T6328]  __x64_sys_pselect6+0x183/0x240
[  204.832427][ T6328]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  204.837999][ T6328]  do_syscall_64+0xcd/0x250
[  204.842534][ T6328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.848463][ T6328] RIP: 0033:0x7f7af3175b59
[  204.852898][ T6328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.872528][ T6328] RSP: 002b:00007f7af3f81048 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  204.880954][ T6328] RAX: ffffffffffffffda RBX: 00007f7af3305f60 RCX: 00007f7af3175b59
[  204.888933][ T6328] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000040
[  204.896907][ T6328] RBP: 00007f7af3f810a0 R08: 0000000000000000 R09: 0000000000000000
[  204.904880][ T6328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.912854][ T6328] R13: 000000000000000b R14: 00007f7af3305f60 R15: 00007fff4a866ec8
[  204.920832][ T6328]  </TASK>
[  204.931221][ T5099] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  204.944845][ T5099] usb 4-1: USB disconnect, device number 8
[  205.055654][ T6209] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.079077][ T6209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.106254][ T6209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.142039][ T6209] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.157037][ T6209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.186544][ T6209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.358197][ T6213] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.375669][ T6213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.420463][ T6213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.449925][ T6331] kvm: kvm [6330]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x24df00000080
[  205.493037][ T6213] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.504255][ T6213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.547462][ T6331] kvm: kvm [6330]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4d0000000000
[  205.572283][ T6331] kvm: kvm [6330]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4d4500000080
[  205.582187][ T6213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.596674][ T6331] kvm: kvm [6330]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x640000000000
[  205.627674][ T6331] kvm: kvm [6330]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x7d4500000080
[  205.700606][ T6218] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.731451][ T6218] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.763158][ T6218] bridge_slave_0: entered allmulticast mode
[  205.788072][ T6218] bridge_slave_0: entered promiscuous mode
[  205.901582][ T6209] hsr_slave_0: entered promiscuous mode
[  205.929009][ T6209] hsr_slave_1: entered promiscuous mode
[  206.016542][ T6218] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.033794][ T6218] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.053514][ T6218] bridge_slave_1: entered allmulticast mode
[  206.066511][ T6218] bridge_slave_1: entered promiscuous mode
[  206.535238][ T6218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.627810][ T6213] hsr_slave_0: entered promiscuous mode
[  206.647735][ T6213] hsr_slave_1: entered promiscuous mode
[  206.658702][ T6213] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.685644][ T6213] Cannot create hsr debugfs directory
[  206.780069][ T6218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.873816][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  206.873835][   T29] audit: type=1400 audit(1721479595.985:349): avc:  denied  { create } for  pid=6357 comm="syz.3.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  207.056275][ T6361] ptrace attach of "./syz-executor exec"[5094] was attempted by "./syz-executor exec"[6361]
[  207.145470][ T6218] team0: Port device team_slave_0 added
[  207.305784][ T6218] team0: Port device team_slave_1 added
[  207.500779][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.531378][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.574120][ T6218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.705127][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.712978][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.789635][ T6218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.962106][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.368454][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.610831][ T6218] hsr_slave_0: entered promiscuous mode
[  208.652791][ T6218] hsr_slave_1: entered promiscuous mode
[  208.668769][   T29] audit: type=1400 audit(1721479597.785:350): avc:  denied  { append } for  pid=6378 comm="syz.4.327" name="nvme-fabrics" dev="devtmpfs" ino=687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  208.742909][ T6218] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.756015][ T6381] nvme_fabrics: unknown parameter or missing value ']' in ctrl creation request
[  208.777073][ T6218] Cannot create hsr debugfs directory
[  208.824645][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.055637][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.320862][ T6388] kvm: kvm [6387]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x24df00000080
[  209.340401][ T6388] kvm: kvm [6387]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4d0000000000
[  209.356091][ T6388] kvm: kvm [6387]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4d4500000080
[  209.408000][ T6388] kvm: kvm [6387]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x640000000000
[  209.455467][ T6388] kvm: kvm [6387]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x7d4500000080
[  209.649304][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.826941][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.030039][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.203167][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.756041][   T35] bridge_slave_1: left allmulticast mode
[  210.765256][   T35] bridge_slave_1: left promiscuous mode
[  210.771809][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.835199][   T35] bridge_slave_0: left allmulticast mode
[  210.840883][   T35] bridge_slave_0: left promiscuous mode
[  210.866380][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.930556][   T35] team0: left allmulticast mode
[  210.935728][   T35] team_slave_0: left allmulticast mode
[  210.953424][   T35] team_slave_1: left allmulticast mode
[  210.983394][   T35] bridge0: port 3(team0) entered disabled state
[  211.000062][   T35] bridge_slave_1: left allmulticast mode
[  211.010229][   T35] bridge_slave_1: left promiscuous mode
[  211.016976][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.028076][   T35] bridge_slave_0: left allmulticast mode
[  211.043665][   T35] bridge_slave_0: left promiscuous mode
[  211.049524][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.483761][   T29] audit: type=1326 audit(1721479600.535:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  211.688944][   T29] audit: type=1326 audit(1721479600.535:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  211.756891][   T29] audit: type=1326 audit(1721479600.535:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=176 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  211.780520][   T29] audit: type=1326 audit(1721479600.535:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  211.811756][   T29] audit: type=1326 audit(1721479600.535:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  211.856258][   T29] audit: type=1326 audit(1721479600.535:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f824d574590 code=0x7ffc0000
[  211.880920][   T29] audit: type=1326 audit(1721479600.535:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f824d5772e7 code=0x7ffc0000
[  211.905425][   T29] audit: type=1326 audit(1721479600.535:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  211.960486][   T29] audit: type=1326 audit(1721479600.535:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f824d5772e7 code=0x7ffc0000
[  211.984138][   T29] audit: type=1326 audit(1721479600.535:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f824d57488a code=0x7ffc0000
[  212.008080][   T29] audit: type=1326 audit(1721479600.535:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  212.032463][   T29] audit: type=1326 audit(1721479600.535:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  212.068417][   T29] audit: type=1326 audit(1721479600.545:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f824d5778ec code=0x7ffc0000
[  212.091772][   T29] audit: type=1326 audit(1721479600.545:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f824d577824 code=0x7ffc0000
[  212.119069][   T29] audit: type=1326 audit(1721479600.545:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f824d577824 code=0x7ffc0000
[  212.152593][   T29] audit: type=1326 audit(1721479600.545:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  212.198594][   T29] audit: type=1326 audit(1721479600.545:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6418 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x7ffc0000
[  214.323267][ T6437] ptrace attach of "./syz-executor exec"[5092] was attempted by "./syz-executor exec"[6437]
[  214.388980][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.411370][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.445674][   T35] bond0 (unregistering): Released all slaves
[  214.577377][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.600269][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.626224][   T35] bond0 (unregistering): Released all slaves
[  215.001169][ T6443] 9pnet_fd: Insufficient options for proto=fd
[  216.610625][   T35] hsr_slave_0: left promiscuous mode
[  216.636054][   T35] hsr_slave_1: left promiscuous mode
[  216.677521][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.694126][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.734306][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.753685][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.854500][   T35] hsr_slave_0: left promiscuous mode
[  216.882746][   T35] hsr_slave_1: left promiscuous mode
[  216.904923][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.920917][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.936307][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.944483][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.896284][   T35] veth1_macvtap: left promiscuous mode
[  217.901932][   T35] veth0_macvtap: left promiscuous mode
[  217.911058][   T35] veth1_vlan: left promiscuous mode
[  217.928105][   T35] veth0_vlan: left promiscuous mode
[  217.948786][   T35] veth1_macvtap: left promiscuous mode
[  217.978879][   T35] veth0_macvtap: left promiscuous mode
[  217.996559][   T35] veth1_vlan: left promiscuous mode
[  218.022798][   T35] veth0_vlan: left promiscuous mode
[  219.194733][ T6479] syz.4.343[6479] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  219.194938][ T6479] syz.4.343[6479] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  219.257292][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  219.257313][   T29] audit: type=1326 audit(1721479608.375:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6478 comm="syz.4.343" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7af3175b59 code=0x0
[  220.317941][   T35] team0 (unregistering): Port device team_slave_1 removed
[  220.424479][   T35] team0 (unregistering): Port device team_slave_0 removed
[  220.637197][ T6492] kvm_pr_unimpl_wrmsr: 5 callbacks suppressed
[  220.637220][ T6492] kvm: kvm [6488]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x94500000000
[  222.540614][   T29] audit: type=1400 audit(1721479611.665:398): avc:  denied  { write } for  pid=6497 comm="syz.3.348" name="binder1" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  222.828890][   T35] team_slave_1 (unregistering): left promiscuous mode
[  222.858356][   T35] team0 (unregistering): Port device team_slave_1 removed
[  222.938810][   T35] team_slave_0 (unregistering): left promiscuous mode
[  223.311445][   T35] team0 (unregistering): Port device team_slave_0 removed
[  224.806297][   T29] audit: type=1400 audit(1721479613.925:399): avc:  denied  { create } for  pid=6518 comm="syz.4.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  224.932063][   T29] audit: type=1400 audit(1721479614.045:400): avc:  denied  { connect } for  pid=6518 comm="syz.4.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  225.133810][ T6213] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  225.341518][ T6213] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  225.428157][ T6213] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  225.447377][   T29] audit: type=1400 audit(1721479614.565:401): avc:  denied  { setrlimit } for  pid=6522 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  225.658487][ T6213] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  225.674833][ T6526] FAULT_INJECTION: forcing a failure.
[  225.674833][ T6526] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  225.710232][ T6526] CPU: 1 PID: 6526 Comm: syz.3.354 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  225.719906][ T6526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  225.729964][ T6526] Call Trace:
[  225.733231][ T6526]  <TASK>
[  225.736151][ T6526]  dump_stack_lvl+0x16c/0x1f0
[  225.740826][ T6526]  should_fail_ex+0x497/0x5b0
[  225.745506][ T6526]  ? fs_reclaim_acquire+0xae/0x160
[  225.750613][ T6526]  __should_fail_alloc_page+0xe7/0x130
[  225.756066][ T6526]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  225.762212][ T6526]  __alloc_pages_noprof+0x194/0x2460
[  225.767490][ T6526]  ? save_trace+0x53/0xb50
[  225.771907][ T6526]  ? _find_first_zero_bit+0x94/0xb0
[  225.777123][ T6526]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  225.782839][ T6526]  ? lockdep_unlock+0x11a/0x290
[  225.787694][ T6526]  ? __lock_acquire+0x20f2/0x3cb0
[  225.792713][ T6526]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  225.798599][ T6526]  ? policy_nodemask+0xea/0x4e0
[  225.803442][ T6526]  alloc_pages_mpol_noprof+0x275/0x610
[  225.808893][ T6526]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  225.814864][ T6526]  ? __pmd_alloc+0x365/0x830
[  225.819442][ T6526]  ? __pfx_lock_release+0x10/0x10
[  225.824455][ T6526]  pte_alloc_one+0x20/0x370
[  225.828953][ T6526]  __pte_alloc+0x6e/0x3a0
[  225.833266][ T6526]  ? __pfx___pte_alloc+0x10/0x10
[  225.838194][ T6526]  ? _raw_spin_unlock+0x28/0x50
[  225.843044][ T6526]  ? __pmd_alloc+0x36a/0x830
[  225.847625][ T6526]  __handle_mm_fault+0x4846/0x53d0
[  225.852729][ T6526]  ? __pfx_mt_find+0x10/0x10
[  225.857309][ T6526]  ? __pfx___handle_mm_fault+0x10/0x10
[  225.862757][ T6526]  ? find_vma+0xc0/0x140
[  225.866996][ T6526]  ? __pfx_find_vma+0x10/0x10
[  225.871690][ T6526]  handle_mm_fault+0x476/0xa00
[  225.876467][ T6526]  ? __pkru_allows_pkey+0x52/0xb0
[  225.881484][ T6526]  do_user_addr_fault+0x7a3/0x13f0
[  225.886588][ T6526]  exc_page_fault+0x5c/0xc0
[  225.891078][ T6526]  asm_exc_page_fault+0x26/0x30
[  225.895926][ T6526] RIP: 0010:rep_movs_alternative+0x30/0x70
[  225.901725][ T6526] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08
[  225.921319][ T6526] RSP: 0018:ffffc900032cf948 EFLAGS: 00050202
[  225.927374][ T6526] RAX: 0000000000000001 RBX: 0000000020000000 RCX: 000000000000003c
[  225.935332][ T6526] RDX: fffff52000659f4e RSI: 0000000020000000 RDI: ffffc900032cfa38
[  225.943287][ T6526] RBP: 000000000000003c R08: 0000000000000001 R09: fffff52000659f4e
[  225.951247][ T6526] R10: 0000000000000003 R11: 0000000000000000 R12: 000000002000003c
[  225.959209][ T6526] R13: ffffc900032cfa38 R14: 0000000000000000 R15: ffff88802aff8030
[  225.967186][ T6526]  _copy_from_user+0xc6/0xf0
[  225.971790][ T6526]  ip_mroute_setsockopt+0xf4f/0x1440
[  225.977083][ T6526]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  225.982800][ T6526]  ? avc_has_perm_noaudit+0x119/0x3a0
[  225.988165][ T6526]  ? __lock_acquire+0xbdd/0x3cb0
[  225.993111][ T6526]  ? avc_has_perm_noaudit+0x143/0x3a0
[  225.998489][ T6526]  do_ip_setsockopt+0x2e8/0x38b0
[  226.003435][ T6526]  ? __pfx_avc_has_perm+0x10/0x10
[  226.008463][ T6526]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  226.013845][ T6526]  ? sock_has_perm+0x25a/0x2f0
[  226.018619][ T6526]  ? __pfx_sock_has_perm+0x10/0x10
[  226.023724][ T6526]  ? selinux_netlbl_socket_setsockopt+0x142/0x440
[  226.030147][ T6526]  ip_setsockopt+0x59/0xf0
[  226.034571][ T6526]  raw_setsockopt+0xb8/0x290
[  226.039156][ T6526]  ? __pfx_raw_setsockopt+0x10/0x10
[  226.044344][ T6526]  ? selinux_socket_setsockopt+0x6a/0x80
[  226.049982][ T6526]  ? sock_common_setsockopt+0x2e/0xf0
[  226.055390][ T6526]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  226.061303][ T6526]  do_sock_setsockopt+0x222/0x480
[  226.066322][ T6526]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  226.071877][ T6526]  ? __fget_light+0x173/0x210
[  226.076556][ T6526]  __sys_setsockopt+0x1a4/0x270
[  226.081405][ T6526]  ? __pfx___sys_setsockopt+0x10/0x10
[  226.086767][ T6526]  ? fput+0x32/0x390
[  226.090659][ T6526]  ? ksys_write+0x1ab/0x260
[  226.095155][ T6526]  ? __pfx_ksys_write+0x10/0x10
[  226.099999][ T6526]  __x64_sys_setsockopt+0xbd/0x160
[  226.105104][ T6526]  ? do_syscall_64+0x91/0x250
[  226.109771][ T6526]  ? lockdep_hardirqs_on+0x7c/0x110
[  226.114960][ T6526]  do_syscall_64+0xcd/0x250
[  226.119453][ T6526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.125339][ T6526] RIP: 0033:0x7f824d575b59
[  226.129739][ T6526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.149333][ T6526] RSP: 002b:00007f824e313048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  226.157742][ T6526] RAX: ffffffffffffffda RBX: 00007f824d705f60 RCX: 00007f824d575b59
[  226.165720][ T6526] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000003
[  226.173710][ T6526] RBP: 00007f824e3130a0 R08: 000000000000003c R09: 0000000000000000
[  226.181678][ T6526] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  226.189650][ T6526] R13: 000000000000000b R14: 00007f824d705f60 R15: 00007ffdb3239908
[  226.197623][ T6526]  </TASK>
[  226.747202][ T6529] kvm: kvm [6527]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x94500000000
[  227.230133][ T6213] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.401662][ T6213] 8021q: adding VLAN 0 to HW filter on device team0
[  227.485108][  T928] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.492325][  T928] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.533777][ T6218] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  227.567796][ T6218] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  227.608369][ T6218] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  227.660563][  T928] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.667897][  T928] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.688505][ T6218] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  228.638752][ T6209] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  228.657805][ T6209] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  228.695795][ T6545] 9pnet: p9_errstr2errno: server reported unknown error 
[  228.730122][ T6209] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  228.757440][   T29] audit: type=1400 audit(1721479617.875:402): avc:  denied  { bind } for  pid=6546 comm="syz.4.360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  228.794573][ T6209] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  228.836339][ T6549] netlink: 'syz.3.361': attribute type 1 has an invalid length.
[  228.882512][ T6549] 8021q: adding VLAN 0 to HW filter on device bond1
[  228.899557][ T6549] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  228.914206][ T6213] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  229.094170][ T5152] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  229.207945][ T6218] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.227782][ T6213] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.274969][ T6218] 8021q: adding VLAN 0 to HW filter on device team0
[  229.296793][ T5152] usb 5-1: Using ep0 maxpacket: 16
[  229.308284][ T5152] usb 5-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  229.319603][ T5152] usb 5-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  229.345494][ T5152] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.347144][   T47] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.359341][   T47] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.366453][ T5152] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  229.386625][ T5152] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.411390][ T5152] usb 5-1: Product: syz
[  229.428222][   T47] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.435447][   T47] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.439825][ T5152] usb 5-1: Manufacturer: syz
[  229.460138][ T5152] usb 5-1: SerialNumber: syz
[  229.461154][ T6209] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.492376][ T5152] usb 5-1: config 0 descriptor??
[  229.556919][ T5152] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5
[  229.570120][ T6561] syz.3.362[6561] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  229.570321][ T6561] syz.3.362[6561] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  229.590816][ T6213] veth0_vlan: entered promiscuous mode
[  229.674883][   T29] audit: type=1400 audit(1721479618.785:403): avc:  denied  { read } for  pid=4528 comm="acpid" name="mouse1" dev="devtmpfs" ino=2366 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.751710][ T6213] veth1_vlan: entered promiscuous mode
[  229.764993][   T29] audit: type=1400 audit(1721479618.785:404): avc:  denied  { open } for  pid=4528 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2366 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.801755][ T6209] 8021q: adding VLAN 0 to HW filter on device team0
[  229.840871][ T5218] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.848159][ T5218] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.865526][   T29] audit: type=1326 audit(1721479618.885:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6560 comm="syz.3.362" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f824d575b59 code=0x0
[  229.909305][ T6547] bridge0: port 3(team0) entered disabled state
[  229.916358][ T6547] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.924499][ T6547] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.127446][   T47] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.134681][   T47] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.193348][ T6213] veth0_macvtap: entered promiscuous mode
[  230.237045][ T6213] veth1_macvtap: entered promiscuous mode
[  230.337986][ T6213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  230.351920][ T6213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.366213][ T6213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  230.379630][ T6213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.393278][ T6213] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.471998][ T6213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.503135][ T6213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.525269][ T6213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.539569][ T6213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.558732][ T6213] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.647626][ T6213] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.674975][ T6213] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.692279][ T6213] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.701913][ T6213] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.718533][  T933] usb 5-1: USB disconnect, device number 7
[  230.743177][ T6581] netlink: 'syz.3.363': attribute type 1 has an invalid length.
[  230.803007][ T6218] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.809933][ T6581] netlink: 216 bytes leftover after parsing attributes in process `syz.3.363'.
[  230.862335][ T6581] NCSI netlink: No device for ifindex 33022
[  230.924229][ T6581] netlink: 16 bytes leftover after parsing attributes in process `syz.3.363'.
[  231.343872][ T2824] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.359183][ T2824] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.394295][ T6218] veth0_vlan: entered promiscuous mode
[  231.427732][ T6209] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.598219][ T6218] veth1_vlan: entered promiscuous mode
[  231.615758][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.663364][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.072823][ T6598] kvm: kvm [6596]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x94500000000
[  232.123077][ T6209] veth0_vlan: entered promiscuous mode
[  232.200499][ T6218] veth0_macvtap: entered promiscuous mode
[  232.211973][ T6613] mmap: syz.1.293 (6613) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  232.284846][ T6209] veth1_vlan: entered promiscuous mode
[  232.315408][ T6218] veth1_macvtap: entered promiscuous mode
[  232.435508][   T29] audit: type=1400 audit(1721479621.555:406): avc:  denied  { sqpoll } for  pid=6610 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  232.469443][ T6209] veth0_macvtap: entered promiscuous mode
[  232.511369][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.531787][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.542985][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.599626][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.619335][   T29] audit: type=1400 audit(1721479621.735:407): avc:  denied  { nlmsg_read } for  pid=6618 comm="syz.3.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  232.692702][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.795380][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.818772][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.840618][ T6209] veth1_macvtap: entered promiscuous mode
[  232.862478][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.888541][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.907191][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.990353][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.047374][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.064129][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.163459][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.222525][ T6218] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.333324][ T6218] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.409834][ T6218] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.073854][ T6218] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.336654][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.361646][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.402066][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.441227][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.460906][   T29] audit: type=1400 audit(1721479623.575:408): avc:  denied  { write } for  pid=6635 comm="syz.3.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  234.471940][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.557555][   T29] audit: type=1400 audit(1721479623.665:409): avc:  denied  { watch watch_reads } for  pid=6637 comm="syz.4.370" path="/95/bus" dev="overlay" ino=538 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  234.602522][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.698051][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.810856][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.985908][ T6209] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.290485][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.311361][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.354405][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.365849][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.376809][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.390810][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.401040][ T6209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.411908][ T6209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.424583][ T6209] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.522090][ T6209] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.573585][ T6209] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.594833][ T6209] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.620513][ T6209] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.682265][ T6659] FAULT_INJECTION: forcing a failure.
[  235.682265][ T6659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.747559][ T6659] CPU: 1 PID: 6659 Comm: syz.3.373 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  235.757249][ T6659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  235.767330][ T6659] Call Trace:
[  235.770627][ T6659]  <TASK>
[  235.773574][ T6659]  dump_stack_lvl+0x16c/0x1f0
[  235.778295][ T6659]  should_fail_ex+0x497/0x5b0
[  235.783009][ T6659]  _copy_to_user+0x30/0xc0
[  235.787464][ T6659]  simple_read_from_buffer+0xd0/0x160
[  235.792871][ T6659]  proc_fail_nth_read+0x1b0/0x290
[  235.797926][ T6659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  235.803505][ T6659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  235.809082][ T6659]  vfs_read+0x1d4/0xbd0
[  235.813274][ T6659]  ? __fdget_pos+0xeb/0x180
[  235.817810][ T6659]  ? __pfx_vfs_read+0x10/0x10
[  235.822510][ T6659]  ? __pfx___mutex_lock+0x10/0x10
[  235.827563][ T6659]  ? __fget_files+0x256/0x400
[  235.832273][ T6659]  ksys_read+0x12f/0x260
[  235.836549][ T6659]  ? __pfx_ksys_read+0x10/0x10
[  235.841344][ T6659]  do_syscall_64+0xcd/0x250
[  235.845876][ T6659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.851791][ T6659] RIP: 0033:0x7f824d57463c
[  235.856215][ T6659] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  235.875835][ T6659] RSP: 002b:00007f824e313040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  235.884264][ T6659] RAX: ffffffffffffffda RBX: 00007f824d705f60 RCX: 00007f824d57463c
[  235.892241][ T6659] RDX: 000000000000000f RSI: 00007f824e3130b0 RDI: 0000000000000006
[  235.900216][ T6659] RBP: 00007f824e3130a0 R08: 0000000000000000 R09: 0000000000000000
[  235.908195][ T6659] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000001
[  235.916172][ T6659] R13: 000000000000000b R14: 00007f824d705f60 R15: 00007ffdb3239908
[  235.924154][ T6659]  </TASK>
[  236.711289][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.724938][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.340118][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.370682][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.502644][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.534283][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.653058][ T2824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.697776][ T2824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.083085][   T29] audit: type=1400 audit(1721479627.195:410): avc:  denied  { ioctl } for  pid=6700 comm="syz.2.294" path="socket:[14913]" dev="sockfs" ino=14913 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  238.762890][ T6702] evm: overlay not supported
[  240.441724][   T29] audit: type=1400 audit(1721479629.555:411): avc:  denied  { connect } for  pid=6731 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  240.580649][   T29] audit: type=1400 audit(1721479629.595:412): avc:  denied  { create } for  pid=6731 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  240.642098][   T29] audit: type=1400 audit(1721479629.755:413): avc:  denied  { create } for  pid=6734 comm="syz.0.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  240.962553][ T6736] syz.4.387[6736] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.962775][ T6736] syz.4.387[6736] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  242.820036][ T6748] netlink: 40 bytes leftover after parsing attributes in process `syz.1.389'.
[  242.855389][ T6748] netlink: 51 bytes leftover after parsing attributes in process `syz.1.389'.
[  242.871246][   T29] audit: type=1326 audit(1721479631.985:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6735 comm="syz.4.387" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7af3175b59 code=0x0
[  242.896693][    C1] ==================================================================
[  242.904790][    C1] BUG: KASAN: slab-use-after-free in __xsk_map_flush+0x2f9/0x310
[  242.912538][    C1] Read of size 8 at addr ffff888022006c10 by task syz.0.390/6755
[  242.920270][    C1] 
[  242.922592][    C1] CPU: 1 PID: 6755 Comm: syz.0.390 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  242.932222][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  242.942286][    C1] Call Trace:
[  242.945567][    C1]  <IRQ>
[  242.948413][    C1]  dump_stack_lvl+0x116/0x1f0
[  242.953109][    C1]  print_report+0xc3/0x620
[  242.957541][    C1]  ? __virt_addr_valid+0x5e/0x590
[  242.962571][    C1]  ? __phys_addr+0xc6/0x150
[  242.967077][    C1]  kasan_report+0xd9/0x110
[  242.971502][    C1]  ? __xsk_map_flush+0x2f9/0x310
[  242.976452][    C1]  ? __xsk_map_flush+0x2f9/0x310
[  242.981400][    C1]  __xsk_map_flush+0x2f9/0x310
[  242.986189][    C1]  xdp_do_check_flushed+0x175/0x4e0
[  242.991412][    C1]  __napi_poll.constprop.0+0xd1/0x550
[  242.996809][    C1]  net_rx_action+0xa92/0x1010
[  243.001503][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  243.006627][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  243.011828][    C1]  ? sched_clock+0x38/0x60
[  243.016249][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  243.021110][    C1]  handle_softirqs+0x216/0x8f0
[  243.025881][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  243.031171][    C1]  ? irqtime_account_irq+0x18d/0x2e0
[  243.036462][    C1]  ? tun_rx_batched+0x435/0x780
[  243.041315][    C1]  do_softirq+0xb2/0xf0
[  243.045479][    C1]  </IRQ>
[  243.048409][    C1]  <TASK>
[  243.051338][    C1]  __local_bh_enable_ip+0x100/0x120
[  243.056545][    C1]  tun_rx_batched+0x43a/0x780
[  243.061227][    C1]  ? __pfx_tun_rx_batched+0x10/0x10
[  243.066437][    C1]  ? tun_get_user+0x1d81/0x3c30
[  243.071296][    C1]  tun_get_user+0x2a5c/0x3c30
[  243.075986][    C1]  ? __pfx_tun_get_user+0x10/0x10
[  243.081016][    C1]  ? find_held_lock+0x2d/0x110
[  243.085789][    C1]  ? __pfx_lock_release+0x10/0x10
[  243.090819][    C1]  tun_chr_write_iter+0xe8/0x210
[  243.095763][    C1]  vfs_write+0x6b6/0x1140
[  243.100098][    C1]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  243.105653][    C1]  ? __pfx_vfs_write+0x10/0x10
[  243.110418][    C1]  ? do_futex+0x123/0x350
[  243.114748][    C1]  ? __fget_files+0x256/0x400
[  243.119425][    C1]  ? __fget_light+0x173/0x210
[  243.124103][    C1]  ksys_write+0x12f/0x260
[  243.128434][    C1]  ? __pfx_ksys_write+0x10/0x10
[  243.133287][    C1]  do_syscall_64+0xcd/0x250
[  243.137795][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.143711][    C1] RIP: 0033:0x7ff8953746df
[  243.148137][    C1] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  243.167756][    C1] RSP: 002b:00007ff896147010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  243.176172][    C1] RAX: ffffffffffffffda RBX: 00007ff895505f60 RCX: 00007ff8953746df
[  243.184141][    C1] RDX: 000000000000004e RSI: 0000000020000200 RDI: 00000000000000c8
[  243.192106][    C1] RBP: 00007ff8953e4e5d R08: 0000000000000000 R09: 0000000000000000
[  243.200073][    C1] R10: 000000000000004e R11: 0000000000000293 R12: 0000000000000000
[  243.208039][    C1] R13: 000000000000000b R14: 00007ff895505f60 R15: 00007ffef8f5fa48
[  243.216012][    C1]  </TASK>
[  243.219021][    C1] 
[  243.221332][    C1] Allocated by task 6755:
[  243.225651][    C1]  kasan_save_stack+0x33/0x60
[  243.230340][    C1]  kasan_save_track+0x14/0x30
[  243.235018][    C1]  __kasan_mempool_unpoison_object+0x193/0x1d0
[  243.241172][    C1]  napi_skb_cache_get+0x327/0x890
[  243.246192][    C1]  __napi_build_skb+0x14/0x50
[  243.250868][    C1]  napi_build_skb+0x22/0x280
[  243.255456][    C1]  skb_pp_cow_data+0x2de/0xc00
[  243.260218][    C1]  skb_cow_data_for_xdp+0x88/0xb0
[  243.265250][    C1]  do_xdp_generic+0x3fc/0xd70
[  243.269929][    C1]  __netif_receive_skb_core.constprop.0+0x12f7/0x4330
[  243.276696][    C1]  __netif_receive_skb_one_core+0xb1/0x1e0
[  243.282506][    C1]  __netif_receive_skb+0x1d/0x160
[  243.287531][    C1]  netif_receive_skb+0x13f/0x7b0
[  243.292472][    C1]  tun_rx_batched+0x429/0x780
[  243.297150][    C1]  tun_get_user+0x2a5c/0x3c30
[  243.301828][    C1]  tun_chr_write_iter+0xe8/0x210
[  243.306773][    C1]  vfs_write+0x6b6/0x1140
[  243.311106][    C1]  ksys_write+0x12f/0x260
[  243.315434][    C1]  do_syscall_64+0xcd/0x250
[  243.319937][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.325839][    C1] 
[  243.328152][    C1] Freed by task 6755:
[  243.332119][    C1]  kasan_save_stack+0x33/0x60
[  243.336794][    C1]  kasan_save_track+0x14/0x30
[  243.341470][    C1]  kasan_save_free_info+0x3b/0x60
[  243.346492][    C1]  poison_slab_object+0xf7/0x160
[  243.351428][    C1]  __kasan_slab_free+0x32/0x50
[  243.356197][    C1]  kmem_cache_free+0x12f/0x3a0
[  243.360975][    C1]  kfree_skbmem+0x10e/0x200
[  243.365485][    C1]  sk_skb_reason_drop+0x140/0x210
[  243.370508][    C1]  tcp_v6_rcv+0xea8/0x4120
[  243.374923][    C1]  ip6_protocol_deliver_rcu+0x188/0x1530
[  243.380562][    C1]  ip6_input_finish+0x14f/0x2f0
[  243.385416][    C1]  ip6_input+0xa1/0xd0
[  243.389487][    C1]  ipv6_rcv+0x265/0x680
[  243.393647][    C1]  __netif_receive_skb_one_core+0x12e/0x1e0
[  243.399544][    C1]  __netif_receive_skb+0x1d/0x160
[  243.404570][    C1]  netif_receive_skb+0x13f/0x7b0
[  243.409524][    C1]  tun_rx_batched+0x429/0x780
[  243.414217][    C1]  tun_get_user+0x2a5c/0x3c30
[  243.418910][    C1]  tun_chr_write_iter+0xe8/0x210
[  243.423862][    C1]  vfs_write+0x6b6/0x1140
[  243.428203][    C1]  ksys_write+0x12f/0x260
[  243.432550][    C1]  do_syscall_64+0xcd/0x250
[  243.437056][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.442954][    C1] 
[  243.445271][    C1] The buggy address belongs to the object at ffff888022006b40
[  243.445271][    C1]  which belongs to the cache skbuff_head_cache of size 240
[  243.459912][    C1] The buggy address is located 208 bytes inside of
[  243.459912][    C1]  freed 240-byte region [ffff888022006b40, ffff888022006c30)
[  243.473710][    C1] 
[  243.476026][    C1] The buggy address belongs to the physical page:
[  243.482440][    C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22006
[  243.491216][    C1] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  243.498680][    C1] page_type: 0xffffefff(slab)
[  243.503366][    C1] raw: 00fff00000000000 ffff88801969d780 ffffea0001af7480 dead000000000003
[  243.511952][    C1] raw: 0000000000000000 00000000000c000c 00000001ffffefff 0000000000000000
[  243.520613][    C1] page dumped because: kasan: bad access detected
[  243.527018][    C1] page_owner tracks the page as allocated
[  243.532722][    C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6213, tgid 6213 (syz-executor), ts 194251013380, free_ts 194187425834
[  243.553575][    C1]  post_alloc_hook+0x2d1/0x350
[  243.558350][    C1]  get_page_from_freelist+0x1353/0x2e50
[  243.563904][    C1]  __alloc_pages_noprof+0x22b/0x2460
[  243.569198][    C1]  alloc_slab_page+0x56/0x110
[  243.573879][    C1]  new_slab+0x84/0x260
[  243.577950][    C1]  ___slab_alloc+0xdac/0x1870
[  243.582630][    C1]  kmem_cache_alloc_bulk_noprof+0x257/0x930
[  243.588528][    C1]  napi_skb_cache_get+0x51a/0x890
[  243.593551][    C1]  __napi_build_skb+0x14/0x50
[  243.598226][    C1]  napi_alloc_skb+0x43e/0xac0
[  243.602894][    C1]  napi_get_frags+0x61/0x140
[  243.607486][    C1]  napi_get_frags_check+0x2e/0xb0
[  243.612510][    C1]  netif_napi_add_weight+0x538/0xab0
[  243.617794][    C1]  gro_cells_init+0x193/0x2f0
[  243.622471][    C1]  ip_tunnel_init+0x105/0x640
[  243.627153][    C1]  ipgre_tunnel_init+0x167/0x480
[  243.632090][    C1] page last free pid 6213 tgid 6213 stack trace:
[  243.638405][    C1]  free_unref_page+0x64a/0xe40
[  243.643166][    C1]  __put_partials+0x14c/0x170
[  243.647855][    C1]  qlist_free_all+0x4e/0x140
[  243.652446][    C1]  kasan_quarantine_reduce+0x192/0x1e0
[  243.657905][    C1]  __kasan_slab_alloc+0x69/0x90
[  243.662761][    C1]  kmem_cache_alloc_noprof+0x121/0x2f0
[  243.668232][    C1]  vm_area_alloc+0x1f/0x230
[  243.672741][    C1]  mmap_region+0x3a5/0x2760
[  243.677248][    C1]  do_mmap+0xbc7/0xf60
[  243.681318][    C1]  vm_mmap_pgoff+0x1ba/0x360
[  243.685908][    C1]  ksys_mmap_pgoff+0x7d/0x5d0
[  243.690580][    C1]  __x64_sys_mmap+0x125/0x190
[  243.695252][    C1]  do_syscall_64+0xcd/0x250
[  243.699757][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.705657][    C1] 
[  243.707971][    C1] Memory state around the buggy address:
[  243.713590][    C1]  ffff888022006b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  243.721644][    C1]  ffff888022006b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  243.729698][    C1] >ffff888022006c00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  243.737747][    C1]                          ^
[  243.742323][    C1]  ffff888022006c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  243.750376][    C1]  ffff888022006d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  243.758446][    C1] ==================================================================
[  243.766669][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  243.773875][    C1] CPU: 1 PID: 6755 Comm: syz.0.390 Not tainted 6.10.0-syzkaller-09703-gd7e78951a8b8 #0
[  243.783520][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  243.793580][    C1] Call Trace:
[  243.796856][    C1]  <IRQ>
[  243.799697][    C1]  dump_stack_lvl+0x3d/0x1f0
[  243.804305][    C1]  panic+0x6f5/0x7a0
[  243.808216][    C1]  ? __pfx_panic+0x10/0x10
[  243.812633][    C1]  ? irqentry_exit+0x3b/0x90
[  243.817232][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  243.822437][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  243.827552][    C1]  check_panic_on_warn+0xab/0xb0
[  243.832492][    C1]  end_report+0x117/0x180
[  243.836829][    C1]  kasan_report+0xe9/0x110
[  243.841251][    C1]  ? __xsk_map_flush+0x2f9/0x310
[  243.846202][    C1]  ? __xsk_map_flush+0x2f9/0x310
[  243.851146][    C1]  __xsk_map_flush+0x2f9/0x310
[  243.855920][    C1]  xdp_do_check_flushed+0x175/0x4e0
[  243.861124][    C1]  __napi_poll.constprop.0+0xd1/0x550
[  243.866508][    C1]  net_rx_action+0xa92/0x1010
[  243.871202][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  243.876324][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  243.881521][    C1]  ? sched_clock+0x38/0x60
[  243.885943][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  243.890886][    C1]  handle_softirqs+0x216/0x8f0
[  243.895660][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  243.900949][    C1]  ? irqtime_account_irq+0x18d/0x2e0
[  243.906241][    C1]  ? tun_rx_batched+0x435/0x780
[  243.911099][    C1]  do_softirq+0xb2/0xf0
[  243.915265][    C1]  </IRQ>
[  243.918192][    C1]  <TASK>
[  243.921114][    C1]  __local_bh_enable_ip+0x100/0x120
[  243.926321][    C1]  tun_rx_batched+0x43a/0x780
[  243.931013][    C1]  ? __pfx_tun_rx_batched+0x10/0x10
[  243.936218][    C1]  ? tun_get_user+0x1d81/0x3c30
[  243.941076][    C1]  tun_get_user+0x2a5c/0x3c30
[  243.945775][    C1]  ? __pfx_tun_get_user+0x10/0x10
[  243.950817][    C1]  ? find_held_lock+0x2d/0x110
[  243.955602][    C1]  ? __pfx_lock_release+0x10/0x10
[  243.960641][    C1]  tun_chr_write_iter+0xe8/0x210
[  243.965606][    C1]  vfs_write+0x6b6/0x1140
[  243.969951][    C1]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  243.975518][    C1]  ? __pfx_vfs_write+0x10/0x10
[  243.980293][    C1]  ? do_futex+0x123/0x350
[  243.984638][    C1]  ? __fget_files+0x256/0x400
[  243.989335][    C1]  ? __fget_light+0x173/0x210
[  243.994024][    C1]  ksys_write+0x12f/0x260
[  243.998365][    C1]  ? __pfx_ksys_write+0x10/0x10
[  244.003226][    C1]  do_syscall_64+0xcd/0x250
[  244.007737][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.013644][    C1] RIP: 0033:0x7ff8953746df
[  244.018058][    C1] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  244.037667][    C1] RSP: 002b:00007ff896147010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  244.046083][    C1] RAX: ffffffffffffffda RBX: 00007ff895505f60 RCX: 00007ff8953746df
[  244.054055][    C1] RDX: 000000000000004e RSI: 0000000020000200 RDI: 00000000000000c8
[  244.062025][    C1] RBP: 00007ff8953e4e5d R08: 0000000000000000 R09: 0000000000000000
[  244.069993][    C1] R10: 000000000000004e R11: 0000000000000293 R12: 0000000000000000
[  244.077971][    C1] R13: 000000000000000b R14: 00007ff895505f60 R15: 00007ffef8f5fa48
[  244.085948][    C1]  </TASK>
[  244.089066][    C1] Kernel Offset: disabled
[  244.093375][    C1] Rebooting in 86400 seconds..