last executing test programs:

9.959748028s ago: executing program 0 (id=940):
getpid()
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20}, {0x0, 0x6faa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x5, 0x6}, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {{@in=@rand_addr=0x64010102, 0x0, 0x93}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x3505, 0x0, 0x0, 0x0, 0x6}}, 0xe8)
r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x2503, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140)) (async)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140))

9.880666564s ago: executing program 0 (id=941):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @mcast2}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003f00000008000300", @ANYRES32=r2, @ANYBLOB="18005e800c000100e692b027000000000800020000000000"], 0x34}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x2, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20044811}, 0x40080d4)
syz_emit_ethernet(0x6b, &(0x7f00000002c0)={@broadcast, @empty, @val={@void, {0x8100, 0x5, 0x1}}, {@ipv6={0x86dd, @udp={0x0, 0x6, "e100", 0x31, 0x11, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, {[], {0x4000, 0xe22, 0x31, 0x0, @gue={{0x2, 0x0, 0x2, 0x5, 0x100}, "b5c5365d46cfcbc249698b2f5540da112128a1d53616a49753728083d495615a01"}}}}}}}, 0x0)

9.878731628s ago: executing program 0 (id=943):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000340)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x8044) (async)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000048000000160a01000000000000000000010000010900010073797a30000000000900020073797a30000000001c0003800800014000000000080002400000000008000240000000065c020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000800014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070296d726567300000000000000000001400010070696d726567310000000000000000001400010069705f76746930000000000000000000140001007465616d5f736c6176655f300000000008000140000000200900020073797a30"], 0x2ec}, 0x1, 0x0, 0x0, 0x20008811}, 0x0)

9.770519694s ago: executing program 0 (id=946):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x188)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000000000000000080012"], 0x50}}, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=""/42, 0x2a)

9.700340396s ago: executing program 0 (id=950):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x30, 0x20, 0x301, 0x8000000, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x3}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x9}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x7fff}]}, 0x30}}, 0x0)
r1 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x8000)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "fd"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x80}, 0x1, 0x7}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x3]}]}, 0x6c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x3c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_LABELS={0x4}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff)
r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x800)
sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r5, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r6}, @L2TP_ATTR_RECV_TIMEOUT={0xc}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x44015}, 0x4000000)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x30, 0x20, 0x301, 0x8000000, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x3}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x9}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x7fff}]}, 0x30}}, 0x0) (async)
open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x8000) (async)
socket$key(0xf, 0x3, 0x2) (async)
sendmsg$key(r2, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "fd"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x80}, 0x1, 0x7}, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x3]}]}, 0x6c}}, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x3c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_LABELS={0x4}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820) (async)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) (async)
openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x800) (async)
sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r5, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp=r6}, @L2TP_ATTR_RECV_TIMEOUT={0xc}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x44015}, 0x4000000) (async)

9.459888174s ago: executing program 0 (id=957):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000640), &(0x7f0000000040)=r3}, 0x20)
syz_emit_ethernet(0x76, &(0x7f0000000080)={@link_local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb3e02", 0x40, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "974367", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [@dstopts={0x0, 0x1, '\x00', [@padn={0x1, 0x33, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}]}}}}}}}, 0x0)

9.384215877s ago: executing program 32 (id=957):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000640), &(0x7f0000000040)=r3}, 0x20)
syz_emit_ethernet(0x76, &(0x7f0000000080)={@link_local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb3e02", 0x40, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "974367", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [@dstopts={0x0, 0x1, '\x00', [@padn={0x1, 0x33, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}]}}}}}}}, 0x0)

3.559254617s ago: executing program 4 (id=1038):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0x4) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async)
fallocate(r0, 0x3, 0x10003, 0x2d22) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
mprotect(&(0x7f0000439000/0x2000)=nil, 0x2000, 0x1)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=@newsa={0x10c, 0x10, 0x7, 0x70bd28, 0x0, {{@in=@private=0xa010102, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, {0x0, 0x0, 0x2, 0x4, 0x10000000}, {0x0, 0x200000, 0x7}, {0xc, 0x0, 0xae5}, 0x4, 0xfffffffe, 0xa, 0x2, 0x0, 0xba4c15520301ae61}, [@coaddr={0x14, 0xe, @in6=@ipv4={'\x00', '\xff\xff', @empty}}, @replay_thresh={0x8, 0xb, 0x2}]}, 0x10c}, 0x1, 0x0, 0x0, 0x4000009}, 0x0)

3.55887838s ago: executing program 4 (id=1039):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_usb_connect$hid(0x5, 0x3f, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1, 0x1, &(0x7f0000000140)=@raw=[@exit], &(0x7f0000000240)='GPL\x00', 0x5, 0x2d, &(0x7f0000000280)=""/45, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x102, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40488c0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x2000000, 0x0, 0x0, 0x6}, 0x2}}, @TCA_MPLS_BOS={0x5}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
openat$fuse(0xffffff9c, &(0x7f0000000300), 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x170, 0xc8, 0x8, 0x170, 0x5803, 0x2d0, 0x2e8, 0x2e8, 0x2d0, 0x2e8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, [0x0, 0xff], [], 'lo\x00', 'geneve1\x00', {}, {}, 0x0, 0x0, 0x0, 0x55}, 0x0, 0x108, 0x170, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@connbytes={{0x38}, {[{0x14}, {0xc000400000000001}], 0x1, 0x2}}, @common=@hl={{0x28}, {0x2, 0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x12, 0x6, 0x8, 0x401, 'pptp\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x10, 0x0, 0x7, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x40d, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2404, 0x9}, [@IFLA_ADDRESS={0xa, 0x1, @random="4af29c3ff049"}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x8000)

2.099337629s ago: executing program 1 (id=1048):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x14985, 0x3, 0x3}, 0x18, 0x2)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1, './file0\x00'}, 0x6e)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x80000)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
splice(r4, 0x0, r5, 0x0, 0x6, 0xc)
landlock_restrict_self(r1, 0x1)
connect$unix(r2, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e)

1.236379409s ago: executing program 1 (id=1062):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x1}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) (async)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000023c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004c800}, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x44, 0x0, &(0x7f0000000200)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000340)={@flat=@handle={0x73682a85, 0x0, 0x1}, @fd={0x66642a85, 0x0, r3}, @flat=@binder={0x73622a85, 0x0, 0x3}}, &(0x7f0000000400)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000440)={0x0, 0x1000000, 0x0, 0x1, 0xa00, &(0x7f00000005c0)="c6"})

1.170290248s ago: executing program 1 (id=1063):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb01001800000000000000500000005000000002000000090000000000000e03000000010000000a0000000000000203000000000000000500000d00f9b46976b0c7b3e2fc5a4ad93b7254000000060000000100000000000000000000008ca468379e800000000000000000090000000000000001000000"], 0x0, 0x6a, 0x0, 0x0, 0x7fffffff}, 0x28)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='cpuacct.usage_all\x00', 0x26e1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x21)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000002140)={0x2020, 0x0, <r2=>0x0, 0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0xffffffffffffffff, 0x2, 0x101, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x100, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, r3, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000001c0)={<r5=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x1, @loopback, 0x10}, {0xa, 0x4e1e, 0x800000d, @mcast1}, r5, 0x5}}, 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x18, &(0x7f0000000100)=0xc, 0x4)
writev(r4, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)
write$FUSE_INIT(r1, &(0x7f0000000440)={0x50, 0x0, r2, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r6, 0x301, 0x200000000005)
close(r0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r7 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x3a0})
connect(0xffffffffffffffff, &(0x7f0000000280)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e20, 0x2, @private2, 0x1ff}}, 0x80)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000000)=ANY=[@ANYBLOB="19c1", @ANYBLOB="01002c"], 0x14}, 0x1, 0x0, 0x0, 0x2004c800}, 0x20040000)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r8, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x33, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x16, 0x2, 0x1, 0x40000000}]}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x100, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0xc0, 0x100, @val=0x80}}}}}}}, 0x0)
io_uring_enter(r7, 0x2219, 0x7721, 0x16, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})

1.169581413s ago: executing program 2 (id=1065):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xb}]}, 0x10)
getsockopt$sock_buf(r1, 0x1, 0x1a, &(0x7f0000000040)=""/23, &(0x7f0000000100)=0x17)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0xfffffffffffffe6c}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

1.079918799s ago: executing program 2 (id=1066):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000018000100ba080000fddbdf251d01010015000100000000000501000042ba18f9fe09f4860100000008000900", @ANYRES32=0x0, @ANYBLOB='\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="794597bc", @ANYRES32=0xee01, @ANYBLOB], 0x44}}, 0x880)
r1 = syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f00000002c0)=""/183)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1ff, 0x101940)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000280)={{0x6, 0x0, 0xb, 0x8, '\x00', 0x1}, 0x3, 0x100, 0xfffffff8, 0x0, 0x0, 0x3, 'syz1\x00', 0x0})
r3 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r4, &(0x7f0000000100)='\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(r3, &(0x7f0000000040)='auxv\x00')

750.347383ms ago: executing program 3 (id=1070):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r2 = dup(r1)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x4f00, 0x2, 0x100, 0x0, 0x4000}})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x1000, 0x2})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x5b, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000016c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x8, 0x3a, 0x0, @dev, @local, {[], @echo_request}}}}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0xc, 0xa}, {0x0, 0x9}, {0xffff, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8848}, @TCA_FLOWER_KEY_MPLS_OPTS={0x18, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x14, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL={0x8, 0x5, {0xfff, 0x0, 0x1}}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x5}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

687.880103ms ago: executing program 3 (id=1071):
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000000)='debugfs\x00', 0x4a81d0, 0x0)

687.52503ms ago: executing program 3 (id=1072):
r0 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x45, 0x0, &(0x7f0000cab000))
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r1, 0x89e5, &(0x7f0000000080)={0x15, "eb0d1a0df4c4d59ccc93f79305f1557d43f4cfd21428ca2d5d2e69d3e40384fc1e09ea16858e1e38b1065334ef87979b23a466311f862255e061a4a62c9b3823b2b00ca84fee2ce0b1d781432b2f7dd3bf85989382190944c0f4c698838790f08919ea35bac8839c5823a59f6f107578456bb5f2adc747f4f6f0b3da8a130ef6"})
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0)
syz_usb_connect(0x4, 0x2d, &(0x7f0000000040)=ANY=[@ANYRES8=r0, @ANYRES8], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000240), 0xc0000)

490.253113ms ago: executing program 4 (id=1073):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x2, 0x88b, 0x0, &(0x7f00000001c0)="20994f1d51b7214f53d7e3578f627ec8f7e2cb9b00cdff40e82d0204359ed408fa5ac0bb9feb09eef02f0e180b7958e4ba5a", 0x0, 0x32})
ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x20000000000003, 0x1004})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xfc40)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 64)

358.845358ms ago: executing program 1 (id=1074):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) (async)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x4044010}, 0x0) (async)
recvmsg$unix(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000240)=""/54, 0x36}], 0x1}, 0x0) (async)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000280)=[{0x10, 0xe, 0x81, 0xfff}]})
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000100)={0x4, <r4=>r2})
ioctl$DMA_BUF_IOCTL_SYNC(r4, 0x40086201, &(0x7f0000000540)=0x1)
ioctl$NS_GET_OWNER_UID(r4, 0xb704, 0x0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'hsr0\x00', 0x1000}) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x80, 0x0)
close(r5) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x402, 0x0) (async)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) (async)
close_range(r7, 0xffffffffffffffff, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00') (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
write$uinput_user_dev(r8, &(0x7f0000000b00)={'syz0\x00', {0x5, 0x7, 0xffff, 0x7}, 0x50, [0x2, 0x9, 0x0, 0x1, 0x5, 0xea45, 0xe, 0x1, 0x63, 0x1, 0x6, 0xc, 0x7, 0x9, 0x1, 0x4, 0x8000ffe, 0x7fffffff, 0x51, 0x8, 0x800, 0x6, 0x3ff, 0x4, 0x6, 0x10001, 0xffff, 0x0, 0x4, 0x6, 0x401, 0xc, 0x9, 0x4, 0x2, 0x1, 0x5, 0x4, 0x1, 0x4, 0xa, 0x8, 0x3, 0x9, 0x804d7f, 0x2, 0x8c00, 0x6, 0x939, 0x805, 0x9, 0x2, 0x2, 0x4, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x80000001, 0xd77, 0x5, 0x2a, 0x1, 0x23], [0x8, 0x20009, 0x9, 0x0, 0x80000005, 0x12, 0x802, 0xc, 0x0, 0x2329, 0xfd8, 0x3, 0x7, 0x6, 0x0, 0x24a, 0x2, 0xfffffff7, 0x2, 0x3, 0x5, 0x5, 0x80, 0xb, 0x8001, 0x40, 0xa5, 0x4, 0xffffffff, 0x3, 0x10004, 0x9e, 0xffffff00, 0x100007ff, 0x6, 0x7, 0x0, 0xe, 0xffff3f16, 0xc, 0x2, 0x9, 0xa, 0x5, 0x2, 0x207, 0x800, 0x5, 0xc5, 0x3, 0x1, 0x9, 0x8, 0x3, 0xffff7ff7, 0x3, 0x24c, 0x1ff, 0xd, 0x5, 0x6, 0x6, 0x280007, 0x8], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x9, 0x1, 0x8, 0x7aae, 0x5, 0x2, 0x7ffffff7, 0x8000, 0x1, 0x0, 0x5, 0x10001, 0x2, 0x2b0, 0x5, 0x97f82544, 0x8, 0x0, 0x0, 0x9, 0x5, 0x4, 0x10000, 0xc90, 0xffffff3c, 0x8b2, 0x10, 0x4, 0xff, 0x4, 0x2, 0x2, 0x1000000c, 0x0, 0x6, 0x0, 0x8007c12, 0x5, 0x1, 0x17, 0x8000, 0xe, 0xf3, 0x1, 0x8, 0x1, 0xffffff00, 0x100, 0x3fff80, 0x2, 0x0, 0x8, 0xdd, 0x1, 0x9, 0xc3, 0x7, 0x7a3], [0x9, 0x3a8d, 0xffff9a7f, 0x80000000, 0x6, 0x3, 0x1, 0x80000000, 0xd077, 0x2, 0xffffffff, 0x1f, 0x81, 0xa, 0x6, 0x2, 0x200, 0xfe, 0x2, 0x66608000, 0x5e82, 0x7fb, 0x6, 0x0, 0x4, 0x9, 0x80000001, 0xffff, 0xd, 0x0, 0xfffffffd, 0x1, 0x10001, 0x61, 0x10, 0x1000, 0xc, 0x100, 0x8, 0x20000000, 0x8, 0x15, 0xb32a, 0xec000000, 0x8001, 0x1904, 0x0, 0xc, 0x8, 0x7ff, 0x280, 0x5, 0xfffffffb, 0x7, 0x6e79, 0x8, 0xc, 0x9371, 0x4f89, 0x7, 0x580, 0x2d1, 0x80, 0x8]}, 0x45c) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x8c21f8d2edc70e9b, 0x12, r8, 0x0)
getresgid(&(0x7f0000000180), &(0x7f00000002c0), &(0x7f0000000280)) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

279.944984ms ago: executing program 4 (id=1075):
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0) (async)
close(r0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0f0000000400000004000000a2"], 0x50)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_settings={0x8, 0x4, @te1=0x0}}) (async)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_settings={0x8, 0x4, @te1=0x0}})
ioctl$sock_netdev_private(r3, 0x8947, &(0x7f0000000000)) (async)
ioctl$sock_netdev_private(r3, 0x8947, &(0x7f0000000000))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140), 0x4) (async)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140), 0x4)
close(0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x400448e3, &(0x7f0000000400))
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec777000)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac)
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file7/file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

279.684423ms ago: executing program 1 (id=1076):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='syz_tun\x00', 0x10) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xfffc, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, {0x12, 0x0, 0x0, @multicast1}}}}}, 0x0) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x34, 0x40, 0x1, 0x7fffc, 0x4, {0x1}, [@nested={0x4, 0x48}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@nested={0x4, 0x8}, @nested={0x4, 0xf}]}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001380), 0xffffffffffffffff)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x101, 0x4000, 0x0, 0xffffffff}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) (async, rerun: 32)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@xino_auto}]}) (rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1) (async)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265) (async)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) (async)
r4 = io_uring_setup(0x14cf, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x80008, 0xc0}) (async, rerun: 64)
prlimit64(0x0, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
io_uring_enter(r4, 0x2219, 0x7721, 0x14, 0x0, 0xffffffffffffff8f)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2}}]}, 0x1c}}, 0x0) (async)
sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f00000013c0)={0x14, r3, 0x205, 0x70bd2b, 0x25dfdbfb}, 0x14}}, 0x8) (async, rerun: 32)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0xa0, r3, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xa8720000}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40844}, 0x20040801) (rerun: 32)

209.692407ms ago: executing program 4 (id=1077):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xf, 0xc28c2) (async)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r1, 0xee01, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000a00)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e68080b8785d960001000000000000000000007efff100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd5992861ac00", "f4bd0000009f19000000000000000000ffff0000000000000000000000004e00", [0x7, 0xffffffff9673e35d]}})
fallocate(r0, 0x11, 0x0, 0x5345)

209.000713ms ago: executing program 2 (id=1078):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x24, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1, 0x4}, {0x4, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a0000020800"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x8, 'macsec0\x00', {'wlan1\x00'}})
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x100000, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r2, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd0002800800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

119.532269ms ago: executing program 4 (id=1079):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, &(0x7f0000000080)='\x00\x00\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
mlockall(0x7)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000b00)={0x2020}, 0x2020)
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000006800010003001000fdffff7f00000000000000000c000200010000001500000014000c8008000300ff0000000600010000cd07b70600030001"], 0x40}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='jfs\x00', 0x0, &(0x7f0000000140)='grpquota')

119.281751ms ago: executing program 1 (id=1080):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000080))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd25, 0x25dfdbde, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x3c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfff}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40006}, 0x4048801)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000080)) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd25, 0x25dfdbde, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x3c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfff}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40006}, 0x4048801) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

119.154637ms ago: executing program 3 (id=1081):
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)) (async)
r0 = syz_io_uring_setup(0x437d, &(0x7f0000000580)={0x0, 0x8b2, 0x13500, 0xfffffffe, 0x304}, &(0x7f0000000240), &(0x7f0000001880), &(0x7f0000000000))
r1 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\xfd\x89\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\rW\xef\x10\xd6d#\xf2\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x1f\xb2C\xf8\'?]\x16C\x166\xc0\xbcJT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8', 0x2)
pwritev(r1, &(0x7f0000000540)=[{&(0x7f0000000880)="eb", 0x1}], 0x1, 0x7ffffd, 0x8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) (async)
r3 = accept$alg(r2, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0x2000081) (async, rerun: 64)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x21, &(0x7f0000000440), 0x1) (rerun: 64)

59.592101ms ago: executing program 2 (id=1082):
r0 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x307000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r1=>0x0})
sendmsg$nl_route_sched_retired(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)=@delqdisc={0x110, 0x25, 0x400, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {0x5, 0x2}, {0xfff1, 0xb}}, [@q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x82}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x3c, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x30}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xfff7}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xb1}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}]}}, @q_dsmark={{0xb}, {0x10, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x34, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x200}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x19}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xf8cc}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x12}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x4}]}}, @q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}]}}]}, 0x110}, 0x1, 0x0, 0x0, 0x44001}, 0x24040040)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000001a80)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001a40)={&(0x7f00000002c0)={0x175c, 0x0, 0x5, 0x801, 0x0, 0x0, {0x2, 0x0, 0xa}, [{{0x254, 0x1, {{0x0, 0x7}, 0xca, 0x8e, 0x8, 0xdef3, 0x28, 'syz0\x00', "41c233909c4251a43a34d4349353403ac4d7bff232338fe218eb9a562032b204", "937db6ccdf936824eef03c65f3e2e9e134dfa7793969d88351d89d0378b502c5", [{0x82, 0x10, {0x2}}, {0x7, 0x7, {0x0, 0x8}}, {0x0, 0xfff9, {0x1, 0x7}}, {0x2, 0x4, {0x0, 0xfffffc00}}, {0xe6, 0x0, {0x3, 0x6}}, {0x5, 0x6, {0x0, 0x8a}}, {0x8, 0x6, {0x0, 0xb8f4}}, {0x9, 0xff, {0x0, 0x9}}, {0x2, 0x91e, {0x3, 0x2}}, {0xd35, 0x4, {0x0, 0x9}}, {0x5, 0x240, {0x2, 0x3}}, {0x4, 0x3ff, {0x1, 0x1}}, {0x38, 0x1, {0x1}}, {0x1, 0x4, {0x1, 0x1}}, {0x9394, 0x5, {0x0, 0x8}}, {0x7, 0x3, {0x3, 0x80000001}}, {0x4, 0x40, {0x2, 0x1}}, {0xffff, 0x7, {0x3, 0x7}}, {0xc, 0x401, {0x0, 0xf67}}, {0x1, 0xc830, {0x1, 0x423c92cd}}, {0x45, 0x0, {0x2, 0x4}}, {0x0, 0x8c}, {0x1, 0x800, {0x2, 0xfffffffb}}, {0x7, 0x9, {0x3, 0x1ff}}, {0x3, 0xc42, {0x2, 0x5}}, {0x0, 0x7f, {0x1, 0x3}}, {0x4, 0x18b0, {0x1, 0x9}}, {0x5, 0x7, {0x3, 0x5}}, {0x5c47, 0x7, {0x1, 0x8001}}, {0x1, 0x4, {0x1, 0x7f}}, {0x1, 0x3}, {0x9, 0xffff, {0x2, 0x8}}, {0xfff9, 0x8, {0x0, 0x3f20}}, {0x4, 0x0, {0x0, 0x2}}, {0x5, 0x9, {0x0, 0x4}}, {0x0, 0x4, {0x3, 0x7ff}}, {0x1, 0x54, {0x0, 0x1}}, {0x7, 0x3, {0x2, 0x1}}, {0x3, 0x8, {0x2, 0x67}}, {0x5, 0xff, {0x2, 0x5}}]}}}, {{0x254, 0x1, {{0x1, 0x4}, 0x25, 0x4, 0xc, 0x9, 0x1f, 'syz0\x00', "eb7283beca34aba542e40b8c92817094dc822fba56f512a9beb8e5d250304138", "400870e53394d4ee9603b0d31709f1cb5c045880e36367510ffe550750f97219", [{0x6, 0x9, {0x3, 0x400}}, {0x1, 0x8000, {0x1, 0xaee4}}, {0x534b, 0x6, {0x1, 0x18f}}, {0x4f7, 0x2, {0x2, 0x3}}, {0x1, 0x6abc, {0x0, 0x1}}, {0xdaa0, 0x5, {0x2, 0xff}}, {0x2, 0x7fff, {0x3, 0x2}}, {0xfff, 0xe4, {0x3, 0x4}}, {0xbda1, 0x4, {0x3, 0x7}}, {0x4, 0x9, {0x1, 0x5}}, {0x6, 0x3, {0x1, 0x8}}, {0x0, 0x8}, {0xfffe, 0x7, {0x3, 0x5}}, {0x4, 0x3ff, {0x0, 0x9}}, {0x1, 0xfff, {0x2, 0x8}}, {0x8001, 0x0, {0x2, 0xc4d}}, {0xffff, 0xffff, {0x3, 0x10001}}, {0x3, 0x4, {0x0, 0xc43e}}, {0xfff, 0x80a, {0x3, 0xde1}}, {0xd9f8, 0x1, {0x3, 0x8}}, {0x8, 0x7de, {0x3, 0x8}}, {0x7, 0x1, {0x1, 0x80000000}}, {0x1, 0xf, {0x0, 0x3}}, {0x53, 0x8268, {0x0, 0x2}}, {0x57, 0xf7, {0x2, 0x5703}}, {0x800, 0x2, {0x3, 0x7}}, {0x6, 0x8, {0x1, 0x6}}, {0xe, 0x7, {0x3, 0x5}}, {0x42, 0x6, {0x2, 0x9}}, {0x9, 0x800, {0x2}}, {0x101, 0x7, {0x0, 0x2b}}, {0x0, 0x5, {0x1, 0x4}}, {0x8001, 0x7f, {0x0, 0x9}}, {0x6, 0x7, {0x1, 0x9}}, {0x1d, 0x5, {0x0, 0x6}}, {0x7fff, 0x6, {0x2, 0x9}}, {0xffff, 0x2, {0x1, 0x5}}, {0x50, 0x4, {0x0, 0xd3}}, {0x18, 0x0, {0x1, 0x3ff}}, {0x8, 0x4, {0x0, 0x10}}]}}}, {{0x254, 0x1, {{0x3, 0x400}, 0x10, 0x8, 0x4000, 0xd, 0x21, 'syz1\x00', "245cdd33ae5325b360d145d82968668bb0150fc203074b08363a1120700daad5", "42274f40113486500aefa240ca169731a4159985e145f7077b8c11388cb99f4d", [{0x80, 0xfff8, {0x0, 0x5}}, {0x4, 0x899b, {0x1, 0x4000000}}, {0xa800, 0x4, {0x1, 0x8}}, {0x1, 0x2, {0x3, 0x40}}, {0x8, 0x4, {0x0, 0x141b}}, {0x401, 0x200, {0x3, 0x200}}, {0x8, 0xe, {0x1, 0xc}}, {0x1ff, 0x64, {0x0, 0x358}}, {0x1, 0x5, {0x3, 0x7}}, {0x0, 0xfff9, {0x1, 0x8}}, {0xffff, 0x4, {0x1, 0xab}}, {0xfff9, 0xee, {0x1, 0x6}}, {0x400, 0x6, {0x0, 0x7}}, {0x6, 0x5134, {0x0, 0xd5}}, {0x5, 0x8}, {0x7, 0x5, {0x2, 0x5}}, {0x3, 0x9, {0x2}}, {0x800, 0x9, {0x2, 0x7}}, {0x1, 0xc, {0x3, 0x7}}, {0x7fff, 0x5, {0x2}}, {0x0, 0x4, {0x1, 0x5}}, {0x7ff, 0x239a, {0x1, 0x100}}, {0xa885, 0x138, {0x2, 0xbb9}}, {0xe9, 0xa, {0x3, 0x6}}, {0x40, 0x1}, {0x2, 0x2, {0x3, 0x3}}, {0x6248, 0x6, {0x0, 0x7}}, {0x0, 0xe, {0x1, 0x401}}, {0x1ffe, 0x81, {0x9477dd0aca842fe8, 0x1ff}}, {0x6, 0xf, {0x3, 0x98}}, {0x6, 0x6, {0x3, 0x8}}, {0x6, 0x7}, {0x1, 0x2, {0x0, 0x8}}, {0x2, 0x5, {0x3, 0xd9e}}, {0x5ce, 0x9, {0x2, 0x2}}, {0x1, 0x3, {0x2, 0x7fffffff}}, {0x4, 0x6, {0x3, 0x80}}, {0x5a, 0x8, {0x0, 0x31a1}}, {0x1, 0x4, {0x1, 0x4}}, {0x6808, 0x6, {0x0, 0x7}}]}}}, {{0x254, 0x1, {{0x3, 0xe8}, 0xd, 0x4, 0xffff, 0x1e, 0x3, 'syz0\x00', "6add18dae6ac4f18bacdc15083030f065f146dad11545ddce67bc6774ff9cb04", "9338a53a7a6731368be988e6f4f11e968cc844e15b9df3166d7f522e9cbe3122", [{0x6, 0x3}, {0x2, 0x3ff, {0x1, 0xad0}}, {0x2, 0x5, {0x0, 0x6}}, {0x5, 0x3, {0x3, 0xd7}}, {0x7, 0x8, {0x1, 0x2}}, {0x8, 0x81, {0x2, 0x2}}, {0x22a, 0x6, {0x1, 0x3}}, {0x1, 0x8, {0x1}}, {0x7, 0x3, {0x0, 0x2}}, {0x1, 0x0, {0x2, 0x8}}, {0x4, 0xe62, {0x2, 0x17a}}, {0x3, 0x8, {0x3, 0x7}}, {0x1, 0x4, {0x2, 0x1}}, {0xe, 0x9, {0x1, 0x30}}, {0x93, 0x2ad, {0x3, 0xffff}}, {0x800, 0x2, {0x2, 0x2}}, {0xffff, 0xfffa, {0x0, 0x5}}, {0x5, 0xff, {0x2, 0xb9}}, {0x401, 0x9, {0x0, 0xbfc}}, {0xff, 0x0, {0x0, 0x4}}, {0x4ace, 0xe67, {0x0, 0x5}}, {0x8000, 0x7, {0x0, 0xc7}}, {0x2, 0x8, {0x0, 0x3}}, {0x10, 0x6, {0x0, 0x6}}, {0x10, 0x6, {0x0, 0x2}}, {0xb2e, 0x1, {0x0, 0xaef2}}, {0x3, 0x3b, {0x2, 0x2}}, {0x8000, 0x30, {0x1, 0x3}}, {0x2, 0xffff, {0x2, 0x5}}, {0x0, 0xfff7, {0x0, 0x40}}, {0x421, 0x8, {0x3, 0xbd}}, {0x9, 0x0, {0x1, 0xffff0001}}, {0x2, 0x4, {0x1, 0xfffffff9}}, {0x6, 0x1ff, {0x2, 0x2}}, {0x1, 0x6, {0x1, 0x6}}, {0x66, 0x7, {0x3, 0x6}}, {0x5, 0xa5, {0x0, 0x9}}, {0x0, 0x0, {0x2, 0xf71e}}, {0x40, 0x5, {0x3, 0x2}}, {0x3, 0x5, {0x1, 0x7}}]}}}, {{0x254, 0x1, {{0x3, 0x1000}, 0x8, 0x2, 0x42, 0x9, 0x3, 'syz1\x00', "a49cf40d754a9885da62847e2423311526980d59fd9d5da8b717f6acd40f7ec2", "517bf90c79b1415b0d9a57f49a848097f2f8e2a2c20f38646212350d959db283", [{0xa0, 0x1, {0x3, 0xe48}}, {0x8, 0x27, {0x2, 0xcc14}}, {0x7fff, 0x1, {0x2, 0x9}}, {0x8, 0x101, {0x0, 0xfffffffc}}, {0x2, 0x1, {0x0, 0x9}}, {0x0, 0x9, {0x1, 0x7fffffff}}, {0x8, 0x4c, {0x3, 0x7}}, {0xcf39, 0x4, {0x1, 0xfffffffd}}, {0x8, 0x34, {0x1, 0x2}}, {0x4, 0xf, {0x3, 0x7}}, {0x5, 0x6, {0x2, 0x1}}, {0x80, 0x6, {0x1, 0xffff}}, {0x3ff, 0x1, {0x2, 0x2}}, {0x35, 0xd, {0x2, 0x7}}, {0x8, 0x4, {0x3, 0x1}}, {0x3, 0xa1d, {0x3}}, {0x5bc, 0x641, {0x2, 0xfb}}, {0x10, 0xa44, {0x3, 0x5a4}}, {0x200, 0x7, {0x3, 0x3}}, {0x6, 0x4, {0x2, 0x5}}, {0x5f, 0x2, {0x2, 0x8}}, {0xc00, 0x6, {0x0, 0x100}}, {0xe6e8, 0x3ff, {0x0, 0xc}}, {0x9, 0x4, {0x0, 0x4}}, {0x5, 0xd33, {0x2, 0x6}}, {0xc6bb, 0xf7, {0x5, 0x4}}, {0x80, 0x2, {0x1, 0x2}}, {0x2, 0x0, {0x3, 0xfff}}, {0xce65, 0x0, {0x0, 0x9}}, {0xcab2, 0xfff7, {0x1, 0x1}}, {0x9, 0x8000, {0x3, 0x268d}}, {0x2, 0xf958, {0x1, 0x4}}, {0x6, 0x9, {0x0, 0x10}}, {0x400, 0xc9a, {0x3, 0x3}}, {0xff78, 0x0, {0x3}}, {0x4, 0x0, {0x1, 0xb2d}}, {0x7, 0x1, {0x1, 0x3}}, {0x9, 0x0, {0x0, 0xc}}, {0xe50d, 0x40, {0x1, 0x3e}}, {0x8, 0x100, {0x1, 0x7f}}]}}}, {{0x254, 0x1, {{0x3, 0x6}, 0x7, 0x40, 0x9, 0x9, 0x17, 'syz0\x00', "f555249a7cb7455413b8673f64ac634d6f9167e40ac0d1b305f43aac0abfd4a9", "d2b80e618f92e9174da2b516b083463b3bed303859d6ce7962bff89b0ad220ca", [{0x0, 0x9f1, {0x1, 0xf}}, {0x0, 0x9, {0x2, 0x9}}, {0x99b, 0x3, {0xd62b44af7d81276c, 0x8}}, {0x3, 0x6, {0x0, 0xffff3a37}}, {0x7f, 0x7, {0x2, 0x3}}, {0x4, 0x1, {0x2, 0x1}}, {0x2, 0x9, {0x0, 0x3}}, {0x28f, 0x90, {0x2, 0x2}}, {0x0, 0xf6f, {0x0, 0x6}}, {0x6, 0x40, {0x3, 0x6da41298}}, {0x0, 0x40, {0x2, 0x1}}, {0x5, 0xfff7, {0x0, 0x1}}, {0x4, 0x7cf7, {0x1, 0x3}}, {0x8000, 0x5, {0x0, 0xb}}, {0xa, 0x9, {0x2, 0xf}}, {0x9, 0xd, {0x2, 0xaed}}, {0x5, 0x40, {0x0, 0x4}}, {0x7ff, 0x401, {0x1, 0x6}}, {0x7, 0xfff9, {0x2, 0x4}}, {0xc, 0x1, {0x0, 0x6298f10d}}, {0xffff, 0x84c5, {0x0, 0x80}}, {0x7ff, 0x4, {0x1, 0x2}}, {0xb, 0x101, {0x0, 0x977}}, {0x6, 0x4, {0x0, 0x4}}, {0x0, 0x7, {0x1, 0x10000}}, {0x9b1f, 0x8, {0x0, 0xb83}}, {0x7, 0x401, {0x1, 0x9}}, {0x7, 0xfffd, {0x2, 0x33}}, {0x81, 0x7fff, {0x0, 0x4}}, {0x7f2, 0x5, {0x1, 0x7}}, {0x7, 0x31f3, {0x3, 0x7}}, {0x7fff, 0xffff, {0x3, 0x13f1}}, {0x5, 0x71a6, {0x3, 0x2ca51175}}, {0x5, 0x100, {0x0, 0x6}}, {0x0, 0x6, {0x2, 0x5}}, {0x7ed3, 0x7, {0x1, 0x2}}, {0x9, 0xfff, {0x1, 0x3}}, {0x4, 0xa, {0x3, 0x6}}, {0x6, 0xab, {0x3, 0x4e}}, {0xfffc, 0x4, {0x2, 0x8}}]}}}, {{0x254, 0x1, {{0x3, 0x1c6}, 0x1, 0x76, 0xb, 0x33, 0x21, 'syz1\x00', "82794e19a0b141937375f5dcbf4f1732b0abe7e34690607c5a9e04363ca3105a", "7f55264c66f174aa9b2d21065349c6f64bd4f53f160e4a0574afed9c0d232787", [{0xeb, 0x28, {0x2, 0x1ff}}, {0x7, 0xa2, {0x2, 0x7}}, {0x7f, 0x3, {0x0, 0x70f}}, {0xc, 0x5, {0x1, 0xb}}, {0xdd, 0xeee3, {0x1, 0x7}}, {0x6, 0x8, {0x3, 0xc7}}, {0x3, 0x5, {0x0, 0x5}}, {0x9, 0x3, {0x0, 0x1}}, {0xfffe, 0x36, {0x1, 0x9}}, {0x1, 0x5, {0x3, 0x9}}, {0x7, 0x27, {0x1, 0x4}}, {0x9, 0xfff8}, {0x101, 0xd, {0x2, 0x2}}, {0x6f, 0xc, {0x2}}, {0x5, 0x7, {0x0, 0x5}}, {0xd, 0x400, {0x0, 0x7}}, {0x1, 0x1000, {0x1, 0x400}}, {0x2, 0x3, {0x0, 0x1}}, {0x9, 0x4, {0x2, 0xfff}}, {0x4, 0x9, {0x3, 0x6}}, {0x0, 0x8c, {0x1, 0x7}}, {0x543, 0x2, {0x2, 0x89}}, {0x4, 0x101, {0x3, 0x9}}, {0x5, 0x8000, {0x2}}, {0x101, 0x0, {0x3, 0x1}}, {0x6dfa, 0x8, {0x0, 0x9}}, {0x4, 0x5, {0x0, 0xf58}}, {0x6, 0x7fff}, {0x8, 0x3, {0x1, 0x7891}}, {0xc04, 0x9, {0x1, 0x9}}, {0x3, 0x8, {0x1, 0x401}}, {0x9457, 0x6, {0x2, 0x3}}, {0x0, 0x2, {0x1, 0x5}}, {0x7, 0x9, {0x2, 0x5}}, {0x3, 0x4, {0x1, 0x9}}, {0x2, 0x2, {0x2, 0xfffffffc}}, {0x9, 0x2, {0x3, 0x6}}, {0x3, 0xa13a, {0x1, 0x6}}, {0x920, 0xf, {0x3, 0x2}}, {0x6, 0xc1d3, {0x3, 0x5}}]}}}, {{0x254, 0x1, {{0x3, 0x1ff}, 0x4, 0x80, 0x1, 0x0, 0xf, 'syz1\x00', "0c0a6d4b063bd16588738164a662ad639c94da91fb166536998981261b19e72c", "7e9c9ab0eb221d50ed16ca7f618a68323fa1024c1ee67793b1b9e3d9378ef83e", [{0x0, 0x100, {0x0, 0x6}}, {0x0, 0x9, {0x1, 0x1f9215a0}}, {0x28, 0x8, {0x1, 0x1ff}}, {0x2, 0x2e1, {0x0, 0x3}}, {0x0, 0x2d10, {0x3, 0x9}}, {0x2d, 0x80, {0x3, 0x7}}, {0xd8d8, 0x1ff, {0x1, 0x5}}, {0x9, 0xdc24, {0x2, 0x3}}, {0x3, 0x0, {0x3, 0x1ff}}, {0xffff, 0x5, {0x1, 0xd822}}, {0x4, 0xff01, {0x0, 0x1}}, {0x6, 0x401, {0x0, 0x9}}, {0x9, 0x4, {0x0, 0x200}}, {0x5, 0x5, {0x3, 0x6}}, {0x5, 0x0, {0x3, 0x2}}, {0xd6a2, 0x7, {0x1, 0xe60}}, {0x3d2, 0x401, {0x0, 0x9}}, {0xfff9, 0x1, {0x1, 0x7fffffff}}, {0x3, 0x6, {0x3, 0x7ff}}, {0x9, 0x9, {0x0, 0x1}}, {0x90, 0x0, {0x3, 0x100}}, {0xa0e5, 0x4, {0x2, 0x401}}, {0x400, 0x6, {0x0, 0x6}}, {0x87, 0x100, {0x2}}, {0x9, 0xfff7, {0x1, 0x5}}, {0x7, 0xa, {0x0, 0x200}}, {0x0, 0xb, {0x3, 0x2}}, {0xfff4, 0x356, {0x1, 0x1}}, {0x1, 0x3ff, {0x0, 0x8}}, {0x7, 0x4, {0x3, 0x7}}, {0x7, 0x4}, {0xb7e, 0x7, {0x1, 0x2}}, {0x9, 0x4, {0x1, 0xfffe0}}, {0x101, 0x7, {0x1, 0x5}}, {0x80, 0xaf7, {0x1, 0x33}}, {0xf961, 0x6, {0x3, 0x140}}, {0x3, 0x7, {0x2, 0x6}}, {0x9, 0x5, {0x1, 0x9}}, {0x7, 0x2, {0x1, 0x9}}, {0x2a, 0x9, {0x1, 0x7}}]}}}, {{0x254, 0x1, {{0x1, 0x1}, 0x7, 0xeb, 0xf9c, 0x81, 0x23, 'syz0\x00', "a015851bbe4addc4b52c14dc9be8db5e9095fa232616805596fe8765ee2aca65", "9c414a9611da22fbe070a55125c613078916615c97f15ed916501901ef1fddcf", [{0x2ff, 0x965, {0x2, 0xffffffc0}}, {0x2, 0x7, {0x3, 0x1}}, {0x15, 0xff, {0x3, 0x4}}, {0x0, 0x5, {0x3, 0x5306}}, {0x6, 0x5, {0x2, 0x5}}, {0x26, 0x2dea, {0x2, 0x7}}, {0x7, 0x8, {0x2, 0xd}}, {0x7, 0xffff, {0x1, 0x80000000}}, {0x6, 0xfffc, {0x2, 0xaa}}, {0x6, 0x101, {0x2, 0x6}}, {0x7, 0x1, {0x0, 0x3}}, {0x200, 0x2, {0x2, 0x80}}, {0x0, 0x7, {0x2}}, {0x15, 0x3, {0x2, 0x2}}, {0x1cc, 0x4, {0x3, 0x400}}, {0x7, 0x1, {0x1, 0x9}}, {0x3, 0x9, {0x3}}, {0x306, 0x4, {0x1, 0x7fff}}, {0x7, 0x9, {0x3, 0x4}}, {0x0, 0xbaa, {0x1, 0x1}}, {0xbe, 0x465, {0x1}}, {0x7, 0xd318, {0x3, 0x4}}, {0x3cc, 0x3, {0x3, 0x39c2}}, {0x0, 0xf, {0x2, 0x5}}, {0xd, 0x400, {0x1, 0xec8}}, {0x9, 0x0, {0x1, 0x9}}, {0xfff8, 0x6, {0x2, 0x4}}, {0x3, 0x6, {0x1, 0x3}}, {0x4, 0x8, {0x3, 0x7}}, {0xd9, 0x3400, {0x2, 0xf8a}}, {0x4, 0x101, {0x0, 0x5}}, {0x1, 0xf231, {0x1, 0x4}}, {0x3ffc, 0x1ff, {0x0, 0x70000000}}, {0xeff, 0x4, {0x0, 0x9}}, {0x1, 0x48, {0x3}}, {0x2, 0xc, {0x2, 0xfc}}, {0x5, 0x7, {0x3, 0x9}}, {0x3, 0x9, {0x2, 0x7}}, {0x8, 0x9, {0x0, 0x9}}, {0x2, 0x1cc0, {0x2, 0x5}}]}}}, {{0x254, 0x1, {{0x3, 0x2}, 0x9, 0x17, 0x8, 0x3, 0x1d, 'syz0\x00', "b9c980e8b5830e1a887c270e6c159cfb78d88c39bca15274810d033c15dbb14a", "96a475d9d914747aee28fec45b2faae27586ef450243508ff07314f88b8fb7d8", [{0x2, 0x101, {0x1, 0x3ff}}, {0x6, 0x7fff, {0x2, 0x1}}, {0xf9a3, 0xd, {0x3, 0x73}}, {0xfff, 0xff08, {0x2, 0x10}}, {0x1, 0xaaa, {0x3, 0x81}}, {0x2, 0x9, {0x0, 0x400}}, {0xfff7, 0x3, {0x0, 0x6}}, {0x4, 0x5, {0x0, 0x52d2}}, {0x8, 0x8000, {0x0, 0xffffffff}}, {0x5, 0x100, {0x2, 0xb}}, {0x7, 0x3d1, {0x2}}, {0x6, 0x7, {0x0, 0x3}}, {0x3, 0x2, {0x0, 0x8}}, {0xf, 0x1, {0x0, 0x1f4e}}, {0x2, 0xfff7, {0x3, 0x10001}}, {0x0, 0xfffc, {0x1}}, {0x400, 0x6, {0x3, 0x6}}, {0x7, 0xa, {0x0, 0x80000001}}, {0x7, 0xf9, {0x3, 0x1}}, {0x8, 0x9, {0x2, 0x6}}, {0x7, 0xa, {0x2, 0x8}}, {0x100, 0x1, {0x3, 0x4}}, {0x9, 0x6, {0x1, 0x7fff}}, {0x199, 0xc24, {0x3, 0x1000}}, {0x6, 0x2, {0x0, 0x81}}, {0xffff, 0xf, {0x0, 0x2c}}, {0x9, 0xa, {0x1, 0x400}}, {0x5, 0x1000, {0x3, 0x5}}, {0x0, 0x1, {0x3, 0xc}}, {0x10ef, 0x0, {0x37e06a9902694c5a, 0x6}}, {0xaa, 0x8, {0x0, 0x3ff}}, {0x5, 0x800, {0x2, 0xff}}, {0x0, 0x5, {0x0, 0x70000}}, {0x0, 0x6, {0x2, 0xa5f}}, {0x5, 0x10f, {0x1, 0x4798da12}}, {0x5, 0x6, {0x2, 0x2}}, {0x8, 0x6, {0x2, 0x3}}, {0x5, 0x7, {0x3, 0x9de}}, {0x5, 0x9, {0x3, 0xb2e0}}, {0x1, 0x10, {0x1, 0x2}}]}}}]}, 0x175c}, 0x1, 0x0, 0x0, 0x48000}, 0x44080)
r2 = fsmount(r0, 0x0, 0x80)
syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000001b40)=[@text32={0x20, &(0x7f0000001ac0)="dc0d060000000fc77c63b2b916090000b878848141ba000000000f303e0f3266b872000f00d8b8010000000f01d90f01cb0fae644c40440f20c03505000000440f22c0660fe27c3928", 0x49}], 0x1, 0x14, &(0x7f0000001b80)=[@dstype0={0x6, 0x3}], 0x1)
writev(0xffffffffffffffff, &(0x7f0000001c40)=[{&(0x7f0000001bc0)}, {&(0x7f0000001c00)="e746d7036c0465fab16f422e3808fcd45d6f0a53e3dec3a16b62287085099405024d85dcb3c97d4cbbf706d2dae9b57138ee34fdab9c45d90a02f4b45b0d1a12", 0x40}], 0x2)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001d00)={{r0, <r3=>0xffffffffffffffff}, &(0x7f0000001c80), &(0x7f0000001cc0)='%pS    \x00'}, 0x20)
writev(r3, &(0x7f0000001ec0)=[{&(0x7f0000001d40)="c9599da9b8bd4380d28736601a1c4a36163d46ba60b2c040a6a9bde63817207378eaabbdec65cf8f8ad832c8a67c6a68e68e49577a0d57f4cfda89e21ab99be8e9c98c11b6778e164356a71aab4c9c789e71c005f7024e8c779cb49b99d2a5e9994b53ca0bc69525f056", 0x6a}, {&(0x7f0000001dc0)="97403e487357a5ac7592fc1e8a0ffc961d686465b15fa5180531affd0d557340e4fa0cb6e526615048a6dee30852ddb38dc9efb1dcb9df809bf9407ab8aaa9f783c7b2b8b756aac334111939381b891b7cf4ce5d9eaba4e8ba0840d26492f82baca8b3065f5d65d68393c40a2b17ef76c79b5657267a3fda2572484232895b44e34657799af72123092eef9970dbafe5877f817d483432", 0x97}, {&(0x7f0000001e80)="f25981a7a01c6fab", 0x8}], 0x3)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000001f00)={{0x1, 0x1, 0x18, <r4=>r0, {0x1}}, './file0\x00'})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
listen(r2, 0x10001)
syz_open_dev$vbi(&(0x7f0000001f40), 0x2, 0x2)
fgetxattr(r6, &(0x7f0000001f80)=@random={'osx.', '/dev/nmem0\x00'}, &(0x7f0000001fc0)=""/115, 0x73)
setxattr$security_selinux(&(0x7f0000002040)='./file0\x00', &(0x7f0000002080), &(0x7f00000020c0)='system_u:object_r:dri_device_t:s0\x00', 0x22, 0x1)
r7 = syz_open_dev$vcsa(&(0x7f0000002100), 0xe445, 0x180000)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f0000002180)={0x3, 0x0, &(0x7f0000002140)=[0x0, 0x0, 0x0]})
ioctl$XFS_IOC_PATH_TO_HANDLE(r4, 0xc0385869, &(0x7f00000022c0)={<r8=>r5, &(0x7f00000021c0)='\x00', 0x420041, &(0x7f0000002200)={@_ha_fsid={[0x0, 0x800]}, {0x8, 0x3ff, 0x3, 0x80}}, 0x1a84, &(0x7f0000002240)={@_ha_fsid}, &(0x7f0000002280)=0x200})
getsockopt$bt_l2cap_L2CAP_OPTIONS(r8, 0x6, 0x1, &(0x7f0000002300), &(0x7f0000002340)=0xc)
ioctl$KVM_GET_SUPPORTED_CPUID(r8, 0xc008ae05, &(0x7f0000002380)={0x2, 0x0, [{0x4, 0x6, 0x0, 0x7, 0x5fbb3e05, 0xff, 0x86}, {0x80000000, 0x778b, 0x1, 0x6, 0x40, 0x9, 0x59f5}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002600)={r7, 0x0, 0x13, 0x63, &(0x7f0000002400)="bbf8e41601086f7f69c0e758476b583f95206d", &(0x7f0000002440)=""/99, 0xffff, 0x0, 0xb3, 0x80, &(0x7f00000024c0)="2454e9fbf9f9fb5701ffed6a727b7cee7e94a1a15512e80729a9baa4cf786444263bf669b74c8d365db7f4765df04111d5b819f324b94ffb492a8d7ddd46c42f43c2e363c12c7006310763e90aafc4f45ccc9f0697da8adae4c35283ce3d5acda8f2feebd971e64d8c7b3fd8db5a5670054bcef65490502c794f42705c10b73f819c1b9e47b10a55499432a0ad2051ceb72936ce1bed5e1c4310363e22075c004a2b988afbbc209a2796e9ed38999bbd5aa929", &(0x7f0000002580)="5e432b0115e5d05f2564ad91de6d593f7e7b3c1cfc591dbfc5c67f70ce7eaa256f4d9a82be4fa152dd0a395850c07abe3236cf5f0ef883bb26caed2f2aa4e7fe68f857299649ae0dcd7c28f4f79bbb4bffed508e0a51e1b88f0bb388cbc1a5d513d66eb0c4a53eefd533e87e212e7087e1b07a06eed8196c2d8b5febe72e188a", 0x3, 0x0, 0x9}, 0x50)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000002840)={&(0x7f0000002680)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002800)={&(0x7f00000026c0)={0x12c, 0xb, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x6}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x80000000}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_COMMENT={0x4}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xa}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x3b}}}, @IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}, @IPSET_ATTR_NAME={0x9, 0x12, 'syz0\x00'}]}, @IPSET_ATTR_ADT={0x54, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x5}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x6}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @dev={0xfe, 0x80, '\x00', 0x15}}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x21}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x80000000}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x64, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x21}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x9, 0x1a, 'syz0\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x86}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz1\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x4}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x7f}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x12c}, 0x1, 0x0, 0x0, 0xc001}, 0x26004000)
sendmsg$IPSET_CMD_SWAP(r4, &(0x7f0000002940)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002900)={&(0x7f00000028c0)={0x40, 0x6, 0x6, 0x9c1e578b6dc034f2, 0x0, 0x0, {0x7, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
ioctl$NILFS_IOCTL_RESIZE(r2, 0x40086e8b, &(0x7f0000002980)=0x8)
r9 = syz_open_procfs(0x0, &(0x7f00000029c0)='net/psched\x00')
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002a40), r7)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r9, &(0x7f0000002b40)={&(0x7f0000002a00), 0xc, &(0x7f0000002b00)={&(0x7f0000002a80)={0x7c, r10, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x200, 0x6e}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x50}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xe}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x2b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x26}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x36}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x42}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}]}, 0x7c}, 0x1, 0x0, 0x0, 0x14}, 0x8000)
ioctl$KVM_CAP_HYPERV_SYNIC2(r0, 0x4068aea3, &(0x7f0000002b80))

59.367203ms ago: executing program 3 (id=1083):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
shmdt(0x0)
ioctl$sock_bt_hci(r0, 0x400448de, &(0x7f00000004c0))

58.975591ms ago: executing program 2 (id=1084):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000002680), 0xc0800, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0xc, 0x0, 0x0, 0x20000, 0x8000000000400})
ioctl$CDROMVOLREAD(r0, 0x5313, &(0x7f0000000200))
openat$cdrom(0xffffffffffffff9c, &(0x7f0000002680), 0xc0800, 0x0) (async)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r1, 0x3ba0, &(0x7f0000000440)={0x48, 0xc, 0x0, 0x0, 0x20000, 0x8000000000400}) (async)
ioctl$CDROMVOLREAD(r0, 0x5313, &(0x7f0000000200)) (async)

56.409938ms ago: executing program 3 (id=1085):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
sendmsg$inet(r1, &(0x7f00000062c0)={0x0, 0x0, 0x0}, 0x4c084)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)="2e00000010008188e6b62aa73f72dc9f0ba1f8483a0000005e1206021f1f00000e000a0010000000028000001294", 0x2b}], 0x1}, 0xc840)
r3 = syz_usb_connect(0x4, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0009030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r4, &(0x7f00000001c0)=""/159, 0x9cfb33fe3f77411d)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0, @ANYRES64=r4, @ANYRESHEX=r3], 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000010000100000000000000da72e317ad61abd9050bfd00000000000a200000000001020000000000000000070000000900000073797a300000000054210000090a010400000000000000000a40000000000900020063797a31000000000900012273797a3000000000080005400000001708000640ffffff00080003400000003808000c40000000021400000010000100000095e5fa0000000000000184000ac93cb7e376e18432f812af20364ebe0121bdd7157d82b09e72c40ae91d7c9c10c500000000000047bcfe2a935c740e61b40c22c501b7f3aea4aeb4257b4d7668480eb4387d3d3aeb0d40e19698e555b0b76ac8bddd4c7c511ee2b16a845a0068decb2a"], 0x9c}, 0x1, 0x0, 0x0, 0x4814}, 0x4054)
socket$tipc(0x1e, 0x2, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
listns(&(0x7f0000000500)={0x20, 0x0, 0x9, 0x8000000, 0x0, 0x3}, &(0x7f0000000540)=[0x0], 0x1, 0x0)
bind$rxrpc(r5, &(0x7f0000000400)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e20, @private=0xa010100}}, 0x24)
pipe(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
landlock_restrict_self(r7, 0x5)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r6, 0x800442d3, &(0x7f0000000100)={0x800, 0x9, 0xffff, @local, 'veth0_vlan\x00'})

0s ago: executing program 2 (id=1086):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
poll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x1161}], 0x1, 0x100009f)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000002c0)={@dev={0xfe, 0x80, '\x00', 0x34}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote, 0x4, 0x6, 0x3a, 0x100, 0x4000000003c, 0x4440000, r2})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r4=>0x0})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r7 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r7, 0xc00864bf, &(0x7f0000000140)={<r8=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r7, 0xc01864cd, &(0x7f00000001c0)={&(0x7f0000000440), 0x0, 0x3ffffffffffffd5c})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r7, 0xc01864c1, &(0x7f0000000100)={r8, 0x1, <r9=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r9, 0xc0383e04, &(0x7f00000004c0)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000300)=[{}]})
ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, 0x0)
r10 = dup3(r6, r5, 0x0)
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r11, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r11, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000400)={0x60, 0x0, &(0x7f0000000840)=[@acquire_done={0x40106309, 0x1}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000780)={@fda={0x66646185, 0x9, 0x2, 0x2b}, @ptr={0x70742a85, 0x0, &(0x7f0000000680)=""/210, 0xd2}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000800)={0x0, 0x20, 0x48}}, 0x400}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000500)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x80028}, @ptr={0x66646185, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0xfffffffffffffffe, 0x1, 0x48}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x400}], 0x0, 0x0, 0x0})
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[], 0x7c}}, 0x4004c04)
sendmsg$NFT_BATCH(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x6}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xa}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa0}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000240)={@mcast2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @dev={0xfe, 0x80, '\x00', 0x36}, 0x1, 0x6, 0x6, 0x100, 0x4, 0x86020086, r4})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})

kernel console output (not intermixed with test programs):

4' failed: Read-only file system
[   89.982023][ T7666] kvm: pic: non byte write
[   90.081461][ T7669] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7669 comm=syz.2.506
[   90.256828][ T7694] netlink: 'syz.2.511': attribute type 5 has an invalid length.
[   90.261093][ T7694] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[   90.476701][ T7713] iommufd_mock iommufd_mock0: Adding to iommu group 9
[   90.604662][ T7720] netlink: 48 bytes leftover after parsing attributes in process `syz.2.520'.
[   90.728805][ T7725] Bluetooth: MGMT ver 1.23
[   90.730295][ T7725] Bluetooth: hci1: too big key_count value 36871
[   91.566338][ T7760] netlink: 24 bytes leftover after parsing attributes in process `syz.3.530'.
[   91.669298][ T7765] FAULT_INJECTION: forcing a failure.
[   91.669298][ T7765] name failslab, interval 1, probability 0, space 0, times 0
[   91.674512][ T7765] CPU: 3 UID: 0 PID: 7765 Comm: syz.3.531 Not tainted syzkaller #0 PREEMPT(full) 
[   91.674527][ T7765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   91.674533][ T7765] Call Trace:
[   91.674538][ T7765]  <TASK>
[   91.674542][ T7765]  dump_stack_lvl+0x100/0x190
[   91.674565][ T7765]  should_fail_ex.cold+0x5/0xa
[   91.674581][ T7765]  should_failslab+0xc2/0x120
[   91.674593][ T7765]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   91.674609][ T7765]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   91.674624][ T7765]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   91.674640][ T7765]  mmu_topup_memory_caches+0x25/0x170
[   91.674655][ T7765]  kvm_mmu_load+0xd6/0x23e0
[   91.674668][ T7765]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   91.674687][ T7765]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   91.674714][ T7765]  ? __pfx_kvm_mmu_load+0x10/0x10
[   91.674732][ T7765]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   91.674750][ T7765]  ? kvm_check_and_inject_events+0x961/0x1070
[   91.674772][ T7765]  ? record_steal_time+0x420/0xbc0
[   91.674799][ T7765]  vcpu_run+0x39f4/0x5ca0
[   91.674826][ T7765]  ? __pfx_vcpu_run+0x10/0x10
[   91.674844][ T7765]  ? rcu_is_watching+0x12/0xc0
[   91.674862][ T7765]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   91.674881][ T7765]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   91.674908][ T7765]  kvm_vcpu_ioctl+0x730/0x1720
[   91.674928][ T7765]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   91.674944][ T7765]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   91.674965][ T7765]  ? do_vfs_ioctl+0x226/0x13e0
[   91.674982][ T7765]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   91.674999][ T7765]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   91.675036][ T7765]  ? __fget_files+0x215/0x3d0
[   91.675055][ T7765]  ? hook_file_ioctl_common+0x149/0x410
[   91.675079][ T7765]  ? selinux_file_ioctl+0x13b/0x290
[   91.675101][ T7765]  ? selinux_file_ioctl+0xb6/0x290
[   91.675125][ T7765]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   91.675143][ T7765]  __x64_sys_ioctl+0x18e/0x210
[   91.675162][ T7765]  do_syscall_64+0x115/0x870
[   91.675195][ T7765]  ? clear_bhb_loop+0x40/0x90
[   91.675214][ T7765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.675231][ T7765] RIP: 0033:0x7ff868f9ce59
[   91.675245][ T7765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   91.675260][ T7765] RSP: 002b:00007ff869e4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.675276][ T7765] RAX: ffffffffffffffda RBX: 00007ff869215fa0 RCX: 00007ff868f9ce59
[   91.675285][ T7765] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   91.675291][ T7765] RBP: 00007ff869e4c090 R08: 0000000000000000 R09: 0000000000000000
[   91.675297][ T7765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   91.675303][ T7765] R13: 00007ff869216038 R14: 00007ff869215fa0 R15: 00007fffcb73e8a8
[   91.675316][ T7765]  </TASK>
[   92.084305][ T7778] hfsplus: Unknown parameter 'barriere0'
[   92.169204][ T7787] netlink: 'syz.3.535': attribute type 5 has an invalid length.
[   92.174090][ T7785] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   92.180013][ T7785] bond0: (slave lo): Enslaving as an active interface with an up link
[   92.186102][ T7785] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[   92.290229][ T7798] netlink: 24 bytes leftover after parsing attributes in process `syz.3.542'.
[   92.391986][ T7810] netlink: 'syz.3.544': attribute type 13 has an invalid length.
[   92.437855][ T7810] gretap0: refused to change device tx_queue_len
[   92.439839][ T7810] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   92.482737][ T7815] overlayfs: upper fs does not support file handles, falling back to index=off.
[   92.491416][ T7818] netlink: 'syz.0.547': attribute type 15 has an invalid length.
[   92.896564][ T7833] tipc: Started in network mode
[   92.899745][ T7833] tipc: Node identity , cluster identity 4711
[   92.902329][ T7833] tipc: Failed to set node id, please configure manually
[   92.905193][ T7833] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   92.933996][ T5824] libceph: connect (1)[c::]:6789 error -101
[   92.936487][ T5824] libceph: mon0 (1)[c::]:6789 connect error
[   92.997626][ T7839] autofs: Unknown parameter ']X˜z¥zpZÂH—í\¬<ŸZvô3ý!¸vîQ»pðP�íâ€Â~¸QJÒܽ ä1ýD�:[©Z×±ˆTúvW;7Ÿ•–W�—?Üµãîê÷'
[   93.017383][ T7833] ceph: No mds server is up or the cluster is laggy
[   93.078397][ T7844] XFS (nbd1): SB validate failed with error -5.
[   93.276015][ T7869] syzkaller0: entered promiscuous mode
[   93.277718][ T7869] syzkaller0: entered allmulticast mode
[   93.425870][ T7886] loop5: detected capacity change from 0 to 2640
[   93.429384][ T7886] buffer_io_error: 7 callbacks suppressed
[   93.429393][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.434059][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.438322][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.441449][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.443937][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.446794][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.449135][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.451453][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.453854][ T7886] ldm_validate_partition_table(): Disk read failed.
[   93.457076][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.460297][ T7886] Buffer I/O error on dev loop5, logical block 0, async page read
[   93.462974][ T7886] Dev loop5: unable to read RDB block 0
[   93.464930][ T7886]  loop5: unable to read partition table
[   93.466764][ T7886] loop_reread_partitions: partition scan of loop5 (3„¾‚³˜) failed (rc=-5)
[   93.504312][ T5741] udevd[5741]: symlink '../../loop5' '/dev/disk/by-diskseq/84.tmp-b7:5' failed: Read-only file system
[   93.504733][ T7888] FAULT_INJECTION: forcing a failure.
[   93.504733][ T7888] name failslab, interval 1, probability 0, space 0, times 0
[   93.513773][ T7888] CPU: 0 UID: 0 PID: 7888 Comm: syz.0.563 Not tainted syzkaller #0 PREEMPT(full) 
[   93.513789][ T7888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   93.513795][ T7888] Call Trace:
[   93.513799][ T7888]  <TASK>
[   93.513803][ T7888]  dump_stack_lvl+0x100/0x190
[   93.513821][ T7888]  should_fail_ex.cold+0x5/0xa
[   93.513837][ T7888]  should_failslab+0xc2/0x120
[   93.513849][ T7888]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   93.513870][ T7888]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   93.513886][ T7888]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   93.513918][ T7888]  mmu_topup_memory_caches+0x25/0x170
[   93.513933][ T7888]  kvm_mmu_load+0xd6/0x23e0
[   93.513946][ T7888]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   93.513963][ T7888]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   93.513981][ T7888]  ? __pfx_kvm_mmu_load+0x10/0x10
[   93.513994][ T7888]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   93.514006][ T7888]  ? kvm_check_and_inject_events+0x961/0x1070
[   93.514020][ T7888]  ? record_steal_time+0x420/0xbc0
[   93.514038][ T7888]  vcpu_run+0x39f4/0x5ca0
[   93.514057][ T7888]  ? __pfx_vcpu_run+0x10/0x10
[   93.514076][ T7888]  ? rcu_is_watching+0x12/0xc0
[   93.514094][ T7888]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   93.514108][ T7888]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   93.514126][ T7888]  kvm_vcpu_ioctl+0x730/0x1720
[   93.514138][ T7888]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   93.514149][ T7888]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   93.514163][ T7888]  ? do_vfs_ioctl+0x226/0x13e0
[   93.514175][ T7888]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   93.514186][ T7888]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   93.514207][ T7888]  ? __fget_files+0x215/0x3d0
[   93.514219][ T7888]  ? hook_file_ioctl_common+0x149/0x410
[   93.514234][ T7888]  ? selinux_file_ioctl+0x13b/0x290
[   93.514248][ T7888]  ? selinux_file_ioctl+0xb6/0x290
[   93.514264][ T7888]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   93.514275][ T7888]  __x64_sys_ioctl+0x18e/0x210
[   93.514287][ T7888]  do_syscall_64+0x115/0x870
[   93.514303][ T7888]  ? clear_bhb_loop+0x40/0x90
[   93.514316][ T7888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.514327][ T7888] RIP: 0033:0x7f631159ce59
[   93.514337][ T7888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   93.514347][ T7888] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   93.514357][ T7888] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[   93.514364][ T7888] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   93.514372][ T7888] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[   93.514378][ T7888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.514384][ T7888] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[   93.514398][ T7888]  </TASK>
[   93.525044][ T5741] udevd[5741]: symlink '../../loop5' '/dev/disk/by-diskseq/84.tmp-b7:5' failed: Read-only file system
[   93.618514][ T5741] udevd[5741]: symlink '../../loop5' '/dev/disk/by-diskseq/84.tmp-b7:5' failed: Read-only file system
[   93.649564][ T7909] xt_hashlimit: max too large, truncated to 1048576
[   93.652757][ T7909] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   93.659964][   T40] kauditd_printk_skb: 40 callbacks suppressed
[   93.659976][   T40] audit: type=1400 audit(1779907451.136:954): avc:  denied  { map } for  pid=7908 comm="syz.3.568" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   93.735125][   T40] audit: type=1400 audit(1779907451.206:955): avc:  denied  { read write } for  pid=7923 comm="syz.3.574" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   93.739253][ T7922] netlink: 'syz.1.573': attribute type 1 has an invalid length.
[   93.739574][ T7924] xt_hashlimit: size too large, truncated to 1048576
[   93.747366][ T7922] netlink: 244 bytes leftover after parsing attributes in process `syz.1.573'.
[   93.759438][   T40] audit: type=1400 audit(1779907451.206:956): avc:  denied  { open } for  pid=7923 comm="syz.3.574" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   93.778999][   T40] audit: type=1400 audit(1779907451.256:957): avc:  denied  { mount } for  pid=7925 comm="syz.2.575" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   93.868463][   T40] audit: type=1400 audit(1779907451.346:958): avc:  denied  { map } for  pid=7923 comm="syz.3.574" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   93.988647][   T40] audit: type=1400 audit(1779907451.466:959): avc:  denied  { ioctl } for  pid=7939 comm="syz.1.577" path="socket:[24811]" dev="sockfs" ino=24811 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   94.062009][   T40] audit: type=1400 audit(1779907451.536:960): avc:  denied  { write } for  pid=7945 comm="syz.3.579" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   94.072948][ T7946] FAULT_INJECTION: forcing a failure.
[   94.072948][ T7946] name failslab, interval 1, probability 0, space 0, times 0
[   94.075085][ T7950] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[   94.078512][ T7946] CPU: 0 UID: 0 PID: 7946 Comm: syz.1.580 Not tainted syzkaller #0 PREEMPT(full) 
[   94.078535][ T7946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   94.078545][ T7946] Call Trace:
[   94.078551][ T7946]  <TASK>
[   94.078558][ T7946]  dump_stack_lvl+0x100/0x190
[   94.078584][ T7946]  should_fail_ex.cold+0x5/0xa
[   94.078610][ T7946]  should_failslab+0xc2/0x120
[   94.078631][ T7946]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   94.078657][ T7946]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   94.078684][ T7946]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   94.078711][ T7946]  mmu_topup_memory_caches+0x25/0x170
[   94.078737][ T7946]  kvm_mmu_load+0xd6/0x23e0
[   94.078765][ T7946]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   94.078793][ T7946]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   94.078825][ T7946]  ? __pfx_kvm_mmu_load+0x10/0x10
[   94.078846][ T7946]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   94.078866][ T7946]  ? kvm_check_and_inject_events+0x961/0x1070
[   94.078891][ T7946]  ? record_steal_time+0x420/0xbc0
[   94.078923][ T7946]  vcpu_run+0x39f4/0x5ca0
[   94.078957][ T7946]  ? __pfx_vcpu_run+0x10/0x10
[   94.078989][ T7946]  ? rcu_is_watching+0x12/0xc0
[   94.079020][ T7946]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   94.079042][ T7946]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   94.079073][ T7946]  kvm_vcpu_ioctl+0x730/0x1720
[   94.079091][ T7946]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   94.079108][ T7946]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   94.079129][ T7946]  ? do_vfs_ioctl+0x226/0x13e0
[   94.079147][ T7946]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   94.079163][ T7946]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   94.079193][ T7946]  ? __fget_files+0x215/0x3d0
[   94.079209][ T7946]  ? hook_file_ioctl_common+0x149/0x410
[   94.079234][ T7946]  ? selinux_file_ioctl+0x13b/0x290
[   94.079256][ T7946]  ? selinux_file_ioctl+0xb6/0x290
[   94.079282][ T7946]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   94.079300][ T7946]  __x64_sys_ioctl+0x18e/0x210
[   94.079320][ T7946]  do_syscall_64+0x115/0x870
[   94.079346][ T7946]  ? clear_bhb_loop+0x40/0x90
[   94.079367][ T7946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.079384][ T7946] RIP: 0033:0x7fa0c819ce59
[   94.079399][ T7946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.079416][ T7946] RSP: 002b:00007fa0c63f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.079432][ T7946] RAX: ffffffffffffffda RBX: 00007fa0c8415fa0 RCX: 00007fa0c819ce59
[   94.079443][ T7946] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   94.079453][ T7946] RBP: 00007fa0c63f6090 R08: 0000000000000000 R09: 0000000000000000
[   94.079464][ T7946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.079473][ T7946] R13: 00007fa0c8416038 R14: 00007fa0c8415fa0 R15: 00007fff019c6b98
[   94.079498][ T7946]  </TASK>
[   94.103307][ T7953] netlink: 'syz.3.582': attribute type 1 has an invalid length.
[   94.105965][   T40] audit: type=1400 audit(1779907451.576:961): avc:  denied  { read } for  pid=7948 comm="syz.0.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   94.171928][ T7956] netlink: 'syz.3.583': attribute type 15 has an invalid length.
[   94.184643][ T7956] netlink: 12 bytes leftover after parsing attributes in process `syz.3.583'.
[   94.216514][   T40] audit: type=1400 audit(1779907451.696:962): avc:  denied  { bind } for  pid=7959 comm="syz.0.586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   94.224681][ T7960] netlink: 204128 bytes leftover after parsing attributes in process `syz.0.586'.
[   94.229652][   T40] audit: type=1400 audit(1779907451.706:963): avc:  denied  { write } for  pid=7959 comm="syz.0.586" path="socket:[23866]" dev="sockfs" ino=23866 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   94.236369][ T7966] Failed to get privilege flags for destination (handle=0x2:0x5)
[   94.240702][ T7966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.587'.
[   94.453713][ T7989] xt_policy: neither incoming nor outgoing policy selected
[   94.490561][ T7966] netlink: 12 bytes leftover after parsing attributes in process `syz.1.587'.
[   94.638135][ T7992] FAULT_INJECTION: forcing a failure.
[   94.638135][ T7992] name failslab, interval 1, probability 0, space 0, times 0
[   94.642493][ T7992] CPU: 3 UID: 0 PID: 7992 Comm: syz.0.595 Not tainted syzkaller #0 PREEMPT(full) 
[   94.642512][ T7992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   94.642521][ T7992] Call Trace:
[   94.642526][ T7992]  <TASK>
[   94.642533][ T7992]  dump_stack_lvl+0x100/0x190
[   94.642553][ T7992]  should_fail_ex.cold+0x5/0xa
[   94.642573][ T7992]  should_failslab+0xc2/0x120
[   94.642589][ T7992]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   94.642609][ T7992]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   94.642629][ T7992]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   94.642648][ T7992]  mmu_topup_memory_caches+0x25/0x170
[   94.642669][ T7992]  kvm_mmu_load+0xd6/0x23e0
[   94.642686][ T7992]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   94.642712][ T7992]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   94.642736][ T7992]  ? __pfx_kvm_mmu_load+0x10/0x10
[   94.642752][ T7992]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   94.642767][ T7992]  ? kvm_check_and_inject_events+0x961/0x1070
[   94.642786][ T7992]  ? record_steal_time+0x420/0xbc0
[   94.642810][ T7992]  vcpu_run+0x39f4/0x5ca0
[   94.642830][ T7992]  ? __pfx_vcpu_run+0x10/0x10
[   94.642849][ T7992]  ? rcu_is_watching+0x12/0xc0
[   94.642867][ T7992]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   94.642881][ T7992]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   94.642900][ T7992]  kvm_vcpu_ioctl+0x730/0x1720
[   94.642911][ T7992]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   94.642922][ T7992]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   94.642935][ T7992]  ? do_vfs_ioctl+0x226/0x13e0
[   94.642947][ T7992]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   94.642958][ T7992]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   94.642979][ T7992]  ? __fget_files+0x215/0x3d0
[   94.642991][ T7992]  ? hook_file_ioctl_common+0x149/0x410
[   94.643006][ T7992]  ? selinux_file_ioctl+0x13b/0x290
[   94.643021][ T7992]  ? selinux_file_ioctl+0xb6/0x290
[   94.643037][ T7992]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   94.643048][ T7992]  __x64_sys_ioctl+0x18e/0x210
[   94.643060][ T7992]  do_syscall_64+0x115/0x870
[   94.643076][ T7992]  ? clear_bhb_loop+0x40/0x90
[   94.643090][ T7992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.643101][ T7992] RIP: 0033:0x7f631159ce59
[   94.643110][ T7992] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.643121][ T7992] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.643132][ T7992] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[   94.643139][ T7992] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   94.643145][ T7992] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[   94.643151][ T7992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.643157][ T7992] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[   94.643170][ T7992]  </TASK>
[   94.732488][  T845] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   94.887723][  T845] usb 7-1: config 0 interface 0 altsetting 255 has an endpoint descriptor with address 0x6E, changing to 0xE
[   94.892451][  T845] usb 7-1: config 0 interface 0 has no altsetting 0
[   94.896231][  T845] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   94.899293][  T845] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   94.901908][  T845] usb 7-1: Product: syz
[   94.903215][  T845] usb 7-1: Manufacturer: syz
[   94.904682][  T845] usb 7-1: SerialNumber: syz
[   94.911576][  T845] usb 7-1: config 0 descriptor??
[   94.920677][  T845] usb 7-1: selecting invalid altsetting 0
[   95.017228][ T8025] FAULT_INJECTION: forcing a failure.
[   95.017228][ T8025] name failslab, interval 1, probability 0, space 0, times 0
[   95.021145][ T8025] CPU: 1 UID: 0 PID: 8025 Comm: syz.0.605 Not tainted syzkaller #0 PREEMPT(full) 
[   95.021160][ T8025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   95.021166][ T8025] Call Trace:
[   95.021170][ T8025]  <TASK>
[   95.021174][ T8025]  dump_stack_lvl+0x100/0x190
[   95.021191][ T8025]  should_fail_ex.cold+0x5/0xa
[   95.021213][ T8025]  should_failslab+0xc2/0x120
[   95.021226][ T8025]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   95.021241][ T8025]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   95.021256][ T8025]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   95.021272][ T8025]  mmu_topup_memory_caches+0x25/0x170
[   95.021287][ T8025]  kvm_mmu_load+0xd6/0x23e0
[   95.021300][ T8025]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   95.021317][ T8025]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   95.021335][ T8025]  ? __pfx_kvm_mmu_load+0x10/0x10
[   95.021348][ T8025]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   95.021359][ T8025]  ? kvm_check_and_inject_events+0x961/0x1070
[   95.021373][ T8025]  ? record_steal_time+0x420/0xbc0
[   95.021392][ T8025]  vcpu_run+0x39f4/0x5ca0
[   95.021411][ T8025]  ? __pfx_vcpu_run+0x10/0x10
[   95.021430][ T8025]  ? rcu_is_watching+0x12/0xc0
[   95.021447][ T8025]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   95.021462][ T8025]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   95.021480][ T8025]  kvm_vcpu_ioctl+0x730/0x1720
[   95.021492][ T8025]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   95.021503][ T8025]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   95.021516][ T8025]  ? do_vfs_ioctl+0x226/0x13e0
[   95.021528][ T8025]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   95.021539][ T8025]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   95.021560][ T8025]  ? __fget_files+0x215/0x3d0
[   95.021572][ T8025]  ? hook_file_ioctl_common+0x149/0x410
[   95.021587][ T8025]  ? selinux_file_ioctl+0x13b/0x290
[   95.021601][ T8025]  ? selinux_file_ioctl+0xb6/0x290
[   95.021617][ T8025]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   95.021629][ T8025]  __x64_sys_ioctl+0x18e/0x210
[   95.021640][ T8025]  do_syscall_64+0x115/0x870
[   95.021656][ T8025]  ? clear_bhb_loop+0x40/0x90
[   95.021669][ T8025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.021680][ T8025] RIP: 0033:0x7f631159ce59
[   95.021690][ T8025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   95.021700][ T8025] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   95.021711][ T8025] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[   95.021718][ T8025] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   95.021724][ T8025] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[   95.021730][ T8025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.021736][ T8025] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[   95.021749][ T8025]  </TASK>
[   95.135533][ T7984] bond2: Unable to set up delay as MII monitoring is disabled
[   95.142263][ T7984] bond2 (unregistering): Released all slaves
[   95.172133][ T5837] usb 7-1: USB disconnect, device number 8
[   95.225579][ T8036] netlink: 'syz.0.607': attribute type 11 has an invalid length.
[   95.228192][ T8036] netlink: 199828 bytes leftover after parsing attributes in process `syz.0.607'.
[   95.251945][ T8040] comedi comedi3: pcmmio: I/O port conflict (0x100,32)
[   95.525805][   T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   95.695841][   T24] usb 5-1: Using ep0 maxpacket: 32
[   95.701558][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[   95.704858][   T24] usb 5-1: config 8 has an invalid interface number: 66 but max is 0
[   95.708105][   T24] usb 5-1: config 8 has no interface number 0
[   95.710071][   T24] usb 5-1: config 8 interface 66 has no altsetting 0
[   95.720296][   T24] usb 5-1: string descriptor 0 read error: -22
[   95.722412][   T24] usb 5-1: New USB device found, idVendor=0572, idProduct=c688, bcdDevice=ee.30
[   95.725267][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.064199][ T8054] syzkaller1: entered promiscuous mode
[   96.066003][ T8054] syzkaller1: entered allmulticast mode
[   96.171380][ T8042] max out of range
[   96.175550][ T8042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.180293][ T8042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.211302][   T24] usb 5-1: USB disconnect, device number 5
[   96.341961][ T8086] overlayfs: missing 'lowerdir'
[   96.371103][ T8091] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[   96.542870][ T8100] input: syz1 as /devices/virtual/input/input11
[   96.711653][ T8108] random: crng reseeded on system resumption
[   96.747315][ T8110] ieee802154 phy0 wpan0: encryption failed: -22
[   96.759082][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   96.765357][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   96.772586][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   96.893781][ T8110] infiniband syz2: set active
[   96.896827][ T6565] vxcan1 speed is unknown, defaulting to 1000
[   96.897018][ T8110] infiniband syz2: added vxcan1
[   96.915050][ T8110] smbdirect: ib_dev[syz2]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[   96.922147][ T8110] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[   96.929425][ T8110] smbdirect: ib_dev[syz2]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[   96.965646][ T8110] RDS/IB: syz2: added
[   96.967898][ T8110] smc: adding ib device syz2 with port count 1
[   96.970495][ T8110] smc:    ib device syz2 port 1 has no pnetid
[   96.973858][   T24] vxcan1 speed is unknown, defaulting to 1000
[   96.989803][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   97.220995][ T8125] netlink: 28 bytes leftover after parsing attributes in process `syz.1.630'.
[   97.241757][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   97.301221][ T8128] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'.
[   97.305087][ T8128] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.322607][ T8128] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.429603][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   97.610369][ T8110] vxcan1 speed is unknown, defaulting to 1000
[   97.773817][ T8163] tmpfs: Cannot change global quota limit on remount
[   97.846334][ T8174] debugfs: Bad value for 'mode'
[   97.858295][ T8170] syzkaller0: entered promiscuous mode
[   97.862885][ T8171] netlink: 96 bytes leftover after parsing attributes in process `syz.1.645'.
[   97.865897][ T8170] netlink: 96 bytes leftover after parsing attributes in process `syz.1.645'.
[   97.866744][ T8180] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[   97.875285][ T8180] /dev/nullb0: Can't open blockdev
[   97.891547][ T8180] bond2: Invalid ad_actor_system MAC address.
[   97.893535][ T8180] bond2: option ad_actor_system: invalid value (27571)
[   97.904001][ T8180] bond2 (unregistering): Released all slaves
[   97.979339][ T8190] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1539 sclass=netlink_route_socket pid=8190 comm=syz.3.649
[   98.279262][ T8198] No source specified
[   99.090917][ T8190] gtp1: entered allmulticast mode
[   99.093927][ T8190] team0: Device gtp1 is of different type
[   99.132311][ T8206] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[   99.134882][ T8206] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[   99.139415][ T8206] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[   99.143969][ T8206] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[   99.411489][   T40] kauditd_printk_skb: 24 callbacks suppressed
[   99.411500][   T40] audit: type=1400 audit(1779907456.886:988): avc:  denied  { write } for  pid=8232 comm="syz.0.661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   99.431538][ T8233] /dev/sr0: Can't open blockdev
[   99.571666][   T40] audit: type=1400 audit(1779907457.046:989): avc:  denied  { watch } for  pid=8237 comm="syz.0.663" path="/200/file0" dev="tmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   99.579619][   T40] audit: type=1400 audit(1779907457.046:990): avc:  denied  { watch_sb watch_reads } for  pid=8237 comm="syz.0.663" path="/200/file0" dev="tmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   99.681193][   T40] audit: type=1400 audit(1779907457.156:991): avc:  denied  { getopt } for  pid=8239 comm="syz.0.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   99.903975][   T40] audit: type=1400 audit(1779907457.376:992): avc:  denied  { firmware_load } for  pid=8248 comm="syz.0.667" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   99.949151][ T8249] syz.0.667 (8249) used greatest stack depth: 17704 bytes left
[  100.012166][ T8254] __nla_validate_parse: 4 callbacks suppressed
[  100.012178][ T8254] netlink: 44 bytes leftover after parsing attributes in process `syz.1.669'.
[  100.076768][ T8262] sg_write: data in/out 63015/14 bytes for SCSI command 0x0-- guessing data in;
[  100.076768][ T8262]    program syz.1.670 not setting count and/or reply_len properly
[  100.139507][ T8270] /dev/nullb0: Can't open blockdev
[  100.142063][   T40] audit: type=1400 audit(1779907457.616:993): avc:  denied  { mounton } for  pid=8269 comm="syz.3.674" path="/160/bus" dev="tmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  100.157601][ T8273] netlink: 164 bytes leftover after parsing attributes in process `syz.0.675'.
[  100.198855][   T40] audit: type=1400 audit(1779907457.676:994): avc:  denied  { read } for  pid=8277 comm="syz.0.678" name="btrfs-control" dev="devtmpfs" ino=1341 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  100.209677][   T40] audit: type=1400 audit(1779907457.676:995): avc:  denied  { open } for  pid=8277 comm="syz.0.678" path="/dev/btrfs-control" dev="devtmpfs" ino=1341 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  100.217029][   T40] audit: type=1400 audit(1779907457.676:996): avc:  denied  { ioctl } for  pid=8277 comm="syz.0.678" path="/dev/btrfs-control" dev="devtmpfs" ino=1341 ioctlcmd=0x9404 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  100.243584][   T40] audit: type=1400 audit(1779907457.716:997): avc:  denied  { mount } for  pid=8283 comm="syz.3.679" name="/" dev="rpc_pipefs" ino=26731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  100.302727][ T8289] netlink: 28 bytes leftover after parsing attributes in process `syz.0.681'.
[  100.306888][ T8289] CUSE: unknown device info ""
[  100.309130][ T8289] CUSE: zero length info key specified
[  100.323635][ T8292] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  100.338787][ T8297] Bluetooth: hci0: Opcode 0x080f failed: -22
[  100.358396][ T8288] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1575 sclass=netlink_xfrm_socket pid=8288 comm=syz.3.680
[  100.375954][ T4336] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  100.545849][ T4336] usb 7-1: Using ep0 maxpacket: 8
[  100.549689][ T4336] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  100.554198][ T4336] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  100.558215][ T4336] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.564460][ T4336] usb 7-1: config 0 descriptor??
[  100.675567][ T8319] netlink: 24 bytes leftover after parsing attributes in process `syz.0.687'.
[  100.718887][ T8321] cgroup: Unknown subsys name 'cpuset'
[  100.721854][ T8322] cgroup: Unknown subsys name 'cpuset'
[  100.770003][ T4336] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  100.796142][ T8325] support for the xor transformation has been removed.
[  100.889500][ T8332] vxcan1 speed is unknown, defaulting to 1000
[  100.928712][ T8335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.692'.
[  100.937899][ T8335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.692'.
[  100.974563][ T1343] usb 7-1: USB disconnect, device number 9
[  101.138014][ T8332] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  101.247434][ T8343] netlink: 12 bytes leftover after parsing attributes in process `syz.1.694'.
[  101.440692][ T8346] infiniband syz1: set active
[  101.443990][ T8346] infiniband syz1: added bond0
[  101.452104][ T8346] smbdirect: ib_dev[syz1]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  101.457024][ T8346] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  101.462410][ T8346] smbdirect: ib_dev[syz1]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  101.480443][ T8346] RDS/IB: syz1: added
[  101.481771][ T8346] smc: adding ib device syz1 with port count 1
[  101.485138][ T8346] smc:    ib device syz1 port 1 has no pnetid
[  101.522459][ T8350] netlink: 'syz.2.696': attribute type 1 has an invalid length.
[  101.536242][ T8350] 8021q: adding VLAN 0 to HW filter on device bond2
[  101.541932][ T8351] vlan0: entered allmulticast mode
[  101.543337][ T8351] veth0_to_bond: entered allmulticast mode
[  101.547234][ T8351] bond2: (slave vlan0): Enslaving as an active interface with a down link
[  102.094740][ T8372] FAULT_INJECTION: forcing a failure.
[  102.094740][ T8372] name failslab, interval 1, probability 0, space 0, times 0
[  102.101250][ T8372] CPU: 0 UID: 0 PID: 8372 Comm: syz.3.702 Not tainted syzkaller #0 PREEMPT(full) 
[  102.101269][ T8372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  102.101275][ T8372] Call Trace:
[  102.101279][ T8372]  <TASK>
[  102.101284][ T8372]  dump_stack_lvl+0x100/0x190
[  102.101307][ T8372]  should_fail_ex.cold+0x5/0xa
[  102.101322][ T8372]  should_failslab+0xc2/0x120
[  102.101334][ T8372]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  102.101350][ T8372]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  102.101366][ T8372]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  102.101381][ T8372]  mmu_topup_memory_caches+0x25/0x170
[  102.101396][ T8372]  kvm_mmu_load+0xd6/0x23e0
[  102.101410][ T8372]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  102.101427][ T8372]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  102.101445][ T8372]  ? __pfx_kvm_mmu_load+0x10/0x10
[  102.101458][ T8372]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  102.101470][ T8372]  ? kvm_check_and_inject_events+0x961/0x1070
[  102.101484][ T8372]  ? record_steal_time+0x420/0xbc0
[  102.101502][ T8372]  vcpu_run+0x39f4/0x5ca0
[  102.101522][ T8372]  ? __pfx_vcpu_run+0x10/0x10
[  102.101541][ T8372]  ? rcu_is_watching+0x12/0xc0
[  102.101559][ T8372]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  102.101574][ T8372]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  102.101592][ T8372]  kvm_vcpu_ioctl+0x730/0x1720
[  102.101604][ T8372]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.101615][ T8372]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  102.101628][ T8372]  ? do_vfs_ioctl+0x226/0x13e0
[  102.101640][ T8372]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  102.101651][ T8372]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  102.101677][ T8372]  ? __fget_files+0x215/0x3d0
[  102.101690][ T8372]  ? hook_file_ioctl_common+0x149/0x410
[  102.101705][ T8372]  ? selinux_file_ioctl+0x13b/0x290
[  102.101720][ T8372]  ? selinux_file_ioctl+0xb6/0x290
[  102.101736][ T8372]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.101747][ T8372]  __x64_sys_ioctl+0x18e/0x210
[  102.101759][ T8372]  do_syscall_64+0x115/0x870
[  102.101782][ T8372]  ? clear_bhb_loop+0x40/0x90
[  102.101795][ T8372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.101806][ T8372] RIP: 0033:0x7ff868f9ce59
[  102.101816][ T8372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.101826][ T8372] RSP: 002b:00007ff869e4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.101838][ T8372] RAX: ffffffffffffffda RBX: 00007ff869215fa0 RCX: 00007ff868f9ce59
[  102.101844][ T8372] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  102.101851][ T8372] RBP: 00007ff869e4c090 R08: 0000000000000000 R09: 0000000000000000
[  102.101857][ T8372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.101862][ T8372] R13: 00007ff869216038 R14: 00007ff869215fa0 R15: 00007fffcb73e8a8
[  102.101876][ T8372]  </TASK>
[  102.908060][ T8380] netlink: 172 bytes leftover after parsing attributes in process `syz.2.704'.
[  103.119650][ T8385] tmpfs: Cannot change global quota limit on remount
[  103.464804][ T8393] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  103.610796][ T8411] FAULT_INJECTION: forcing a failure.
[  103.610796][ T8411] name failslab, interval 1, probability 0, space 0, times 0
[  103.614901][ T8411] CPU: 2 UID: 0 PID: 8411 Comm: syz.0.711 Not tainted syzkaller #0 PREEMPT(full) 
[  103.614917][ T8411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.614923][ T8411] Call Trace:
[  103.614928][ T8411]  <TASK>
[  103.614932][ T8411]  dump_stack_lvl+0x100/0x190
[  103.614948][ T8411]  should_fail_ex.cold+0x5/0xa
[  103.614964][ T8411]  should_failslab+0xc2/0x120
[  103.614976][ T8411]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  103.614991][ T8411]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  103.615007][ T8411]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  103.615022][ T8411]  mmu_topup_memory_caches+0x25/0x170
[  103.615037][ T8411]  kvm_mmu_load+0xd6/0x23e0
[  103.615051][ T8411]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  103.615067][ T8411]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  103.615085][ T8411]  ? __pfx_kvm_mmu_load+0x10/0x10
[  103.615098][ T8411]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  103.615110][ T8411]  ? kvm_check_and_inject_events+0x961/0x1070
[  103.615124][ T8411]  ? record_steal_time+0x420/0xbc0
[  103.615142][ T8411]  vcpu_run+0x39f4/0x5ca0
[  103.615161][ T8411]  ? __pfx_vcpu_run+0x10/0x10
[  103.615180][ T8411]  ? rcu_is_watching+0x12/0xc0
[  103.615198][ T8411]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  103.615212][ T8411]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  103.615230][ T8411]  kvm_vcpu_ioctl+0x730/0x1720
[  103.615242][ T8411]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.615256][ T8411]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  103.615269][ T8411]  ? do_vfs_ioctl+0x226/0x13e0
[  103.615281][ T8411]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.615291][ T8411]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  103.615312][ T8411]  ? __fget_files+0x215/0x3d0
[  103.615325][ T8411]  ? hook_file_ioctl_common+0x149/0x410
[  103.615340][ T8411]  ? selinux_file_ioctl+0x13b/0x290
[  103.615355][ T8411]  ? selinux_file_ioctl+0xb6/0x290
[  103.615371][ T8411]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.615382][ T8411]  __x64_sys_ioctl+0x18e/0x210
[  103.615394][ T8411]  do_syscall_64+0x115/0x870
[  103.615410][ T8411]  ? clear_bhb_loop+0x40/0x90
[  103.615423][ T8411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.615434][ T8411] RIP: 0033:0x7f631159ce59
[  103.615443][ T8411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.615454][ T8411] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.615465][ T8411] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[  103.615471][ T8411] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  103.615477][ T8411] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[  103.615483][ T8411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.615489][ T8411] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[  103.615503][ T8411]  </TASK>
[  103.882820][ T8439] syzkaller1: entered promiscuous mode
[  103.884708][ T8439] syzkaller1: entered allmulticast mode
[  104.105590][ T8452] netlink: 60 bytes leftover after parsing attributes in process `syz.0.718'.
[  104.125609][ T8452] netlink: 60 bytes leftover after parsing attributes in process `syz.0.718'.
[  104.188929][ T8458] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  104.197272][ T8458] CIFS mount error: No usable UNC path provided in device string!
[  104.197272][ T8458] 
[  104.200481][ T8458] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  104.269056][ T8465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3848 sclass=netlink_route_socket pid=8465 comm=syz.2.723
[  104.285891][ T8463] program syz.1.722 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  104.289035][ T8463] ata1.00: non-matching transfer count (804839049/0)
[  104.330903][ T8466] tipc: Invalid UDP bearer configuration
[  104.330928][ T8466] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  104.348115][ T8468] FAULT_INJECTION: forcing a failure.
[  104.348115][ T8468] name failslab, interval 1, probability 0, space 0, times 0
[  104.352152][ T8468] CPU: 1 UID: 0 PID: 8468 Comm: syz.2.724 Not tainted syzkaller #0 PREEMPT(full) 
[  104.352168][ T8468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.352174][ T8468] Call Trace:
[  104.352178][ T8468]  <TASK>
[  104.352183][ T8468]  dump_stack_lvl+0x100/0x190
[  104.352199][ T8468]  should_fail_ex.cold+0x5/0xa
[  104.352215][ T8468]  should_failslab+0xc2/0x120
[  104.352226][ T8468]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  104.352243][ T8468]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  104.352258][ T8468]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  104.352273][ T8468]  mmu_topup_memory_caches+0x25/0x170
[  104.352289][ T8468]  kvm_mmu_load+0xd6/0x23e0
[  104.352307][ T8468]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  104.352324][ T8468]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  104.352343][ T8468]  ? __pfx_kvm_mmu_load+0x10/0x10
[  104.352355][ T8468]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  104.352367][ T8468]  ? kvm_check_and_inject_events+0x961/0x1070
[  104.352381][ T8468]  ? record_steal_time+0x420/0xbc0
[  104.352400][ T8468]  vcpu_run+0x39f4/0x5ca0
[  104.352420][ T8468]  ? __pfx_vcpu_run+0x10/0x10
[  104.352438][ T8468]  ? rcu_is_watching+0x12/0xc0
[  104.352456][ T8468]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.352471][ T8468]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.352489][ T8468]  kvm_vcpu_ioctl+0x730/0x1720
[  104.352501][ T8468]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.352512][ T8468]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.352525][ T8468]  ? do_vfs_ioctl+0x226/0x13e0
[  104.352536][ T8468]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  104.352548][ T8468]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  104.352569][ T8468]  ? __fget_files+0x215/0x3d0
[  104.352582][ T8468]  ? hook_file_ioctl_common+0x149/0x410
[  104.352597][ T8468]  ? selinux_file_ioctl+0x13b/0x290
[  104.352612][ T8468]  ? selinux_file_ioctl+0xb6/0x290
[  104.352628][ T8468]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.352639][ T8468]  __x64_sys_ioctl+0x18e/0x210
[  104.352651][ T8468]  do_syscall_64+0x115/0x870
[  104.352667][ T8468]  ? clear_bhb_loop+0x40/0x90
[  104.352680][ T8468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.352692][ T8468] RIP: 0033:0x7f718f99ce59
[  104.352701][ T8468] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.352711][ T8468] RSP: 002b:00007f719082a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.352723][ T8468] RAX: ffffffffffffffda RBX: 00007f718fc15fa0 RCX: 00007f718f99ce59
[  104.352729][ T8468] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  104.352735][ T8468] RBP: 00007f719082a090 R08: 0000000000000000 R09: 0000000000000000
[  104.352742][ T8468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.352748][ T8468] R13: 00007f718fc16038 R14: 00007f718fc15fa0 R15: 00007ffe35fb25e8
[  104.352761][ T8468]  </TASK>
[  104.519933][ T8471] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  104.583011][   T40] kauditd_printk_skb: 31 callbacks suppressed
[  104.583023][   T40] audit: type=1400 audit(1779907462.056:1029): avc:  denied  { unmount } for  pid=5732 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  104.660057][   T40] audit: type=1400 audit(1779907462.136:1030): avc:  denied  { connect } for  pid=8492 comm="syz.0.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  104.666489][   T40] audit: type=1400 audit(1779907462.136:1031): avc:  denied  { write } for  pid=8492 comm="syz.0.733" path="socket:[27126]" dev="sockfs" ino=27126 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  104.768132][ T8503] FAULT_INJECTION: forcing a failure.
[  104.768132][ T8503] name failslab, interval 1, probability 0, space 0, times 0
[  104.772234][ T8503] CPU: 0 UID: 0 PID: 8503 Comm: syz.0.736 Not tainted syzkaller #0 PREEMPT(full) 
[  104.772250][ T8503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.772256][ T8503] Call Trace:
[  104.772262][ T8503]  <TASK>
[  104.772268][ T8503]  dump_stack_lvl+0x100/0x190
[  104.772285][ T8503]  should_fail_ex.cold+0x5/0xa
[  104.772301][ T8503]  should_failslab+0xc2/0x120
[  104.772314][ T8503]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  104.772330][ T8503]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  104.772346][ T8503]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  104.772361][ T8503]  mmu_topup_memory_caches+0x25/0x170
[  104.772377][ T8503]  kvm_mmu_load+0xd6/0x23e0
[  104.772390][ T8503]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  104.772407][ T8503]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  104.772426][ T8503]  ? __pfx_kvm_mmu_load+0x10/0x10
[  104.772438][ T8503]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  104.772450][ T8503]  ? kvm_check_and_inject_events+0x961/0x1070
[  104.772464][ T8503]  ? record_steal_time+0x420/0xbc0
[  104.772483][ T8503]  vcpu_run+0x39f4/0x5ca0
[  104.772503][ T8503]  ? __pfx_vcpu_run+0x10/0x10
[  104.772521][ T8503]  ? rcu_is_watching+0x12/0xc0
[  104.772539][ T8503]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.772553][ T8503]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.772572][ T8503]  kvm_vcpu_ioctl+0x730/0x1720
[  104.772584][ T8503]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.772595][ T8503]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.772608][ T8503]  ? do_vfs_ioctl+0x226/0x13e0
[  104.772620][ T8503]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  104.772637][ T8503]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  104.772658][ T8503]  ? __fget_files+0x215/0x3d0
[  104.772671][ T8503]  ? hook_file_ioctl_common+0x149/0x410
[  104.772686][ T8503]  ? selinux_file_ioctl+0x13b/0x290
[  104.772701][ T8503]  ? selinux_file_ioctl+0xb6/0x290
[  104.772717][ T8503]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.772728][ T8503]  __x64_sys_ioctl+0x18e/0x210
[  104.772740][ T8503]  do_syscall_64+0x115/0x870
[  104.772757][ T8503]  ? clear_bhb_loop+0x40/0x90
[  104.772771][ T8503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.772782][ T8503] RIP: 0033:0x7f631159ce59
[  104.772792][ T8503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.772803][ T8503] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.772814][ T8503] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[  104.772821][ T8503] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  104.772827][ T8503] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[  104.772833][ T8503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.772838][ T8503] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[  104.772852][ T8503]  </TASK>
[  104.977305][   T40] audit: type=1400 audit(1779907462.456:1032): avc:  denied  { watch watch_reads } for  pid=8510 comm="syz.2.731" path="/182" dev="tmpfs" ino=969 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  104.996982][ T5824] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  105.079108][ T8528] netlink: 'syz.0.742': attribute type 1 has an invalid length.
[  105.091405][ T8528] 8021q: adding VLAN 0 to HW filter on device bond1
[  105.096495][ T8528] __nla_validate_parse: 5 callbacks suppressed
[  105.096507][ T8528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.742'.
[  105.101245][ T8528] netlink: 12 bytes leftover after parsing attributes in process `syz.0.742'.
[  105.157625][ T5824] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 80, changing to 10
[  105.162041][ T5824] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16464, setting to 1024
[  105.166687][ T5824] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  105.170521][ T5824] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  105.173221][ T5824] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.177624][ T5824] usb 6-1: config 0 descriptor??
[  105.822927][ T8534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.744'.
[  105.911473][ T8541] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  105.919991][ T8543] netlink: 'syz.2.748': attribute type 2 has an invalid length.
[  106.003167][ T8548] xt_hashlimit: size too large, truncated to 1048576
[  106.069350][ T8556] netlink: 28 bytes leftover after parsing attributes in process `syz.2.752'.
[  106.072544][ T8556] netlink: 8 bytes leftover after parsing attributes in process `syz.2.752'.
[  106.075209][ T8556] netlink: 24 bytes leftover after parsing attributes in process `syz.2.752'.
[  106.155287][   T40] audit: type=1400 audit(1779907463.626:1033): avc:  denied  { setopt } for  pid=8561 comm="syz.3.754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  106.182983][ T8566] netlink: 16 bytes leftover after parsing attributes in process `syz.3.756'.
[  106.223930][ T8572] netlink: 12 bytes leftover after parsing attributes in process `syz.3.757'.
[  106.233117][ T8572] team0: entered promiscuous mode
[  106.234714][ T8572] team_slave_0: entered promiscuous mode
[  106.236704][ T8572] team_slave_1: entered promiscuous mode
[  106.240753][ T8571] team0: left promiscuous mode
[  106.242862][ T8571] team_slave_0: left promiscuous mode
[  106.244794][ T8571] team_slave_1: left promiscuous mode
[  106.278595][ T8576] binder: 8575:8576 unknown command 0
[  106.280414][ T8576] binder: 8575:8576 ioctl c0306201 200000000080 returned -22
[  106.356056][   T53] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  106.527222][   T53] usb 7-1: config index 0 descriptor too short (expected 28277, got 36)
[  106.535752][   T53] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  106.539089][   T53] usb 7-1: config 0 has no interfaces?
[  106.543554][   T53] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  106.552807][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.558814][   T53] usb 7-1: config 0 descriptor??
[  106.847982][   T40] audit: type=1400 audit(1779907464.326:1034): avc:  denied  { listen } for  pid=8557 comm="syz.2.753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  106.854416][   T40] audit: type=1400 audit(1779907464.326:1035): avc:  denied  { accept } for  pid=8557 comm="syz.2.753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  106.981086][    T9] usb 7-1: USB disconnect, device number 10
[  107.525342][ T8595] netlink: 20 bytes leftover after parsing attributes in process `syz.2.762'.
[  107.532362][ T8595] netlink: 24 bytes leftover after parsing attributes in process `syz.2.762'.
[  107.535239][ T8595] smc: ib device syz2 ibport 1 applied user defined pnetid S
[  107.611475][ T5824] usbhid 6-1:0.0: can't add hid device: -71
[  107.613410][ T5824] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  107.620379][ T8607] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  107.622744][ T5824] usb 6-1: USB disconnect, device number 13
[  107.648899][ T8609] netlink: 'syz.1.768': attribute type 10 has an invalid length.
[  107.662035][   T40] audit: type=1400 audit(1779907465.136:1036): avc:  denied  { write } for  pid=8612 comm="syz.3.763" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  107.704221][   T40] audit: type=1400 audit(1779907465.176:1037): avc:  denied  { setopt } for  pid=8621 comm="syz.2.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  107.711460][ T5747] Bluetooth: hci1: SCO packet for unknown connection handle 201
[  107.713160][   T40] audit: type=1400 audit(1779907465.186:1038): avc:  denied  { ioctl } for  pid=8621 comm="syz.2.771" path="socket:[30491]" dev="sockfs" ino=30491 ioctlcmd=0x662c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  107.823589][ T5747] Bluetooth: hci2: Malformed LE Event: 0x0d
[  107.834353][ T8635] vxcan1 speed is unknown, defaulting to 1000
[  108.093726][ T8643] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  108.129018][ T8652] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  108.134216][ T8652] SELinux: failed to load policy
[  108.254278][ T8658] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  108.687194][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  108.869245][ T8675] MINIX-fs: unable to read superblock
[  109.055029][ T8677] netlink: 'syz.1.789': attribute type 1 has an invalid length.
[  109.177792][ T8677] 8021q: adding VLAN 0 to HW filter on device bond1
[  109.719284][ T8715] syz.0.798 (8715): /proc/8714/oom_adj is deprecated, please use /proc/8714/oom_score_adj instead.
[  109.731060][   T90] Bluetooth: (null): Invalid header checksum
[  110.010155][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  110.010171][   T40] audit: type=1400 audit(1779907467.486:1043): avc:  denied  { append } for  pid=8723 comm="syz.0.801" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  110.101794][ T8726] syzkaller0: entered promiscuous mode
[  110.103789][ T8726] syzkaller0: entered allmulticast mode
[  110.107702][ T8726] __nla_validate_parse: 7 callbacks suppressed
[  110.107713][ T8726] netlink: 12 bytes leftover after parsing attributes in process `syz.1.802'.
[  110.116899][ T8726] netlink: 12 bytes leftover after parsing attributes in process `syz.1.802'.
[  110.153642][   T40] audit: type=1400 audit(1779907467.636:1044): avc:  denied  { mounton } for  pid=8728 comm="syz.0.803" path="/proc/765/task" dev="proc" ino=31140 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  110.190950][   T40] audit: type=1400 audit(1779907467.666:1045): avc:  denied  { ioctl } for  pid=8731 comm="syz.0.804" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0xaa08 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  110.224999][ T8736] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61993 sclass=netlink_route_socket pid=8736 comm=syz.1.805
[  110.230955][   T40] audit: type=1400 audit(1779907467.716:1046): avc:  denied  { append } for  pid=8735 comm="syz.1.805" name="2:0:0:0" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  110.236609][ T8736] syz.1.805: calling unsupported SCSI_IOCTL_SEND_COMMAND
[  110.333753][   T40] audit: type=1400 audit(1779907467.806:1047): avc:  denied  { bind } for  pid=8749 comm="syz.0.808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  110.393444][ T8752] netlink: 28 bytes leftover after parsing attributes in process `syz.0.809'.
[  110.409989][ T8755] tmpfs: Bad value for 'mpol'
[  110.424182][ T8754] netlink: 20 bytes leftover after parsing attributes in process `syz.1.810'.
[  110.428267][ T8754] openvswitch: netlink: Flow key attr not present in new flow.
[  110.438746][ T8758] FAULT_INJECTION: forcing a failure.
[  110.438746][ T8758] name failslab, interval 1, probability 0, space 0, times 0
[  110.442747][ T8758] CPU: 2 UID: 0 PID: 8758 Comm: syz.0.811 Not tainted syzkaller #0 PREEMPT(full) 
[  110.442761][ T8758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  110.442767][ T8758] Call Trace:
[  110.442771][ T8758]  <TASK>
[  110.442776][ T8758]  dump_stack_lvl+0x100/0x190
[  110.442792][ T8758]  should_fail_ex.cold+0x5/0xa
[  110.442807][ T8758]  should_failslab+0xc2/0x120
[  110.442819][ T8758]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  110.442836][ T8758]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  110.442851][ T8758]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  110.442866][ T8758]  mmu_topup_memory_caches+0x25/0x170
[  110.442882][ T8758]  kvm_mmu_load+0xd6/0x23e0
[  110.442895][ T8758]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  110.442911][ T8758]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  110.442929][ T8758]  ? __pfx_kvm_mmu_load+0x10/0x10
[  110.442942][ T8758]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  110.442954][ T8758]  ? kvm_check_and_inject_events+0x961/0x1070
[  110.442968][ T8758]  ? record_steal_time+0x420/0xbc0
[  110.442986][ T8758]  vcpu_run+0x39f4/0x5ca0
[  110.443005][ T8758]  ? __pfx_vcpu_run+0x10/0x10
[  110.443024][ T8758]  ? rcu_is_watching+0x12/0xc0
[  110.443041][ T8758]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  110.443056][ T8758]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  110.443074][ T8758]  kvm_vcpu_ioctl+0x730/0x1720
[  110.443086][ T8758]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  110.443097][ T8758]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  110.443111][ T8758]  ? do_vfs_ioctl+0x226/0x13e0
[  110.443122][ T8758]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  110.443133][ T8758]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  110.443154][ T8758]  ? __fget_files+0x215/0x3d0
[  110.443166][ T8758]  ? hook_file_ioctl_common+0x149/0x410
[  110.443181][ T8758]  ? selinux_file_ioctl+0x13b/0x290
[  110.443195][ T8758]  ? selinux_file_ioctl+0xb6/0x290
[  110.443211][ T8758]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  110.443222][ T8758]  __x64_sys_ioctl+0x18e/0x210
[  110.443234][ T8758]  do_syscall_64+0x115/0x870
[  110.443250][ T8758]  ? clear_bhb_loop+0x40/0x90
[  110.443263][ T8758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.443274][ T8758] RIP: 0033:0x7f631159ce59
[  110.443284][ T8758] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  110.443294][ T8758] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  110.443304][ T8758] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[  110.443311][ T8758] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  110.443317][ T8758] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[  110.443323][ T8758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  110.443329][ T8758] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[  110.443342][ T8758]  </TASK>
[  110.463101][ T8761] netlink: 48 bytes leftover after parsing attributes in process `syz.1.812'.
[  110.476779][   T40] audit: type=1400 audit(1779907467.936:1048): avc:  denied  { watch watch_reads } for  pid=8760 comm="syz.1.812" path="pipe:[31757]" dev="pipefs" ino=31757 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  110.480527][ T8761] netlink: 48 bytes leftover after parsing attributes in process `syz.1.812'.
[  110.481757][   T40] audit: type=1400 audit(1779907467.936:1049): avc:  denied  { relabelfrom } for  pid=8760 comm="syz.1.812" name="" dev="pipefs" ino=31758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  110.591357][ T8775] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  110.594629][ T8774] netlink: 28 bytes leftover after parsing attributes in process `syz.3.815'.
[  110.598878][   T40] audit: type=1400 audit(1779907468.076:1050): avc:  denied  { relabelto } for  pid=8772 comm="syz.3.815" name="198" dev="tmpfs" ino=1070 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  110.607916][   T40] audit: type=1400 audit(1779907468.076:1051): avc:  denied  { associate } for  pid=8772 comm="syz.3.815" name="198" dev="tmpfs" ino=1070 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  110.626703][   T40] audit: type=1400 audit(1779907468.096:1052): avc:  denied  { write } for  pid=5730 comm="syz-executor" name="198" dev="tmpfs" ino=1070 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  110.803389][ T8795] program syz.3.817 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.073273][ T8811] netlink: 4 bytes leftover after parsing attributes in process `syz.0.826'.
[  111.087536][ T8811] bridge0: port 3(macvlan2) entered blocking state
[  111.090488][ T8811] bridge0: port 3(macvlan2) entered disabled state
[  111.093416][ T8811] macvlan2: entered allmulticast mode
[  111.097923][ T8811] macvlan2: left allmulticast mode
[  111.438090][ T8828] netlink: 8 bytes leftover after parsing attributes in process `syz.0.831'.
[  111.510091][ T8831] netlink: 'syz.3.832': attribute type 10 has an invalid length.
[  111.536166][ T8831] team0: Port device dummy0 added
[  111.574388][ T8842] netlink: 172 bytes leftover after parsing attributes in process `syz.3.836'.
[  111.604354][ T8848] (syz.1.838,8848,1):ocfs2_get_sector:1714 ERROR: status = -5
[  111.609375][ T8848] (syz.1.838,8848,1):ocfs2_sb_probe:753 ERROR: status = -5
[  111.614829][ T8848] (syz.1.838,8848,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  111.617981][ T8848] (syz.1.838,8848,1):ocfs2_fill_super:1177 ERROR: status = -5
[  111.618608][ T8849] FAULT_INJECTION: forcing a failure.
[  111.618608][ T8849] name failslab, interval 1, probability 0, space 0, times 0
[  111.625338][ T8849] CPU: 3 UID: 0 PID: 8849 Comm: syz.3.839 Not tainted syzkaller #0 PREEMPT(full) 
[  111.625355][ T8849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  111.625362][ T8849] Call Trace:
[  111.625366][ T8849]  <TASK>
[  111.625371][ T8849]  dump_stack_lvl+0x100/0x190
[  111.625387][ T8849]  should_fail_ex.cold+0x5/0xa
[  111.625403][ T8849]  should_failslab+0xc2/0x120
[  111.625415][ T8849]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  111.625431][ T8849]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  111.625446][ T8849]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  111.625464][ T8849]  mmu_topup_memory_caches+0x25/0x170
[  111.625480][ T8849]  kvm_mmu_load+0xd6/0x23e0
[  111.625493][ T8849]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  111.625509][ T8849]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  111.625528][ T8849]  ? __pfx_kvm_mmu_load+0x10/0x10
[  111.625540][ T8849]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  111.625552][ T8849]  ? kvm_check_and_inject_events+0x961/0x1070
[  111.625566][ T8849]  ? record_steal_time+0x420/0xbc0
[  111.625584][ T8849]  vcpu_run+0x39f4/0x5ca0
[  111.625604][ T8849]  ? __pfx_vcpu_run+0x10/0x10
[  111.625622][ T8849]  ? rcu_is_watching+0x12/0xc0
[  111.625640][ T8849]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  111.625654][ T8849]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  111.625672][ T8849]  kvm_vcpu_ioctl+0x730/0x1720
[  111.625699][ T8849]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  111.625710][ T8849]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  111.625724][ T8849]  ? do_vfs_ioctl+0x226/0x13e0
[  111.625735][ T8849]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  111.625746][ T8849]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  111.625768][ T8849]  ? __fget_files+0x215/0x3d0
[  111.625780][ T8849]  ? hook_file_ioctl_common+0x149/0x410
[  111.625796][ T8849]  ? selinux_file_ioctl+0x13b/0x290
[  111.625810][ T8849]  ? selinux_file_ioctl+0xb6/0x290
[  111.625826][ T8849]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  111.625838][ T8849]  __x64_sys_ioctl+0x18e/0x210
[  111.625850][ T8849]  do_syscall_64+0x115/0x870
[  111.625865][ T8849]  ? clear_bhb_loop+0x40/0x90
[  111.625879][ T8849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.625890][ T8849] RIP: 0033:0x7ff868f9ce59
[  111.625900][ T8849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  111.625910][ T8849] RSP: 002b:00007ff869e4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  111.625921][ T8849] RAX: ffffffffffffffda RBX: 00007ff869215fa0 RCX: 00007ff868f9ce59
[  111.625928][ T8849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  111.625934][ T8849] RBP: 00007ff869e4c090 R08: 0000000000000000 R09: 0000000000000000
[  111.625940][ T8849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  111.625946][ T8849] R13: 00007ff869216038 R14: 00007ff869215fa0 R15: 00007fffcb73e8a8
[  111.625964][ T8849]  </TASK>
[  111.833337][ T8862] netlink: 'syz.3.844': attribute type 1 has an invalid length.
[  111.901803][ T8866] tmpfs: Bad value for 'mpol'
[  111.933425][ T8869] vxcan1 speed is unknown, defaulting to 1000
[  111.972587][ T8872] tmpfs: Group quota block hardlimit too large.
[  112.236232][ T1343] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  112.395906][ T1343] usb 7-1: Using ep0 maxpacket: 8
[  112.399619][ T1343] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.404092][ T1343] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.408562][ T1343] usb 7-1: config 0 interface 0 has no altsetting 0
[  112.411179][ T1343] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  112.414795][ T1343] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.421154][ T1343] usb 7-1: config 0 descriptor??
[  112.495806][ T5879] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  112.580597][ T8895] sit0: entered promiscuous mode
[  112.590730][ T8895] netlink: 'syz.1.853': attribute type 1 has an invalid length.
[  112.624916][ T8898] netlink: 'syz.1.854': attribute type 3 has an invalid length.
[  112.626750][ T8897] netlink: 'syz.1.854': attribute type 3 has an invalid length.
[  112.648367][ T5879] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  112.652740][ T5879] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  112.656904][ T5879] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  112.663194][ T5879] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  112.666049][ T5879] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.668537][ T5879] usb 5-1: Product: syz
[  112.669866][ T5879] usb 5-1: Manufacturer: syz
[  112.671342][ T5879] usb 5-1: SerialNumber: syz
[  112.677247][ T5879] usb 5-1: config 0 descriptor??
[  112.680179][ T8889] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  112.725813][ T5879] rc_core: IR keymap rc-streamzap not found
[  112.727704][ T5879] Registered IR keymap rc-empty
[  112.730818][ T5879] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  112.735510][ T5879] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input14
[  112.783767][ T8904] syzkaller0: entered promiscuous mode
[  112.785635][ T8904] syzkaller0: entered allmulticast mode
[  112.833128][ T1343] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  112.835545][ T1343] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  112.838152][ T1343] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  112.840373][ T1343] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  112.842630][ T1343] mcp2221 0003:04D8:00DD.0004: unknown main item tag 0x0
[  112.848131][ T1343] mcp2221 0003:04D8:00DD.0004: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  112.886686][ T8889] capability: warning: `syz.0.850' uses 32-bit capabilities (legacy support in use)
[  112.897595][    T9] usb 5-1: USB disconnect, device number 6
[  113.036244][ T5837] usb 7-1: USB disconnect, device number 11
[  113.041269][ T8919] x_tables: duplicate underflow at hook 1
[  113.065003][ T8922] x_tables: duplicate underflow at hook 1
[  113.068941][ T8922] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  113.070967][ T8922] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  113.073363][ T8922] vhci_hcd vhci_hcd.0: Device attached
[  113.103332][ T8923] vhci_hcd: connection closed
[  113.104641][  T226] vhci_hcd vhci_hcd.1: stop threads
[  113.108219][  T226] vhci_hcd vhci_hcd.1: release socket
[  113.109923][  T226] vhci_hcd vhci_hcd.1: disconnect device
[  113.665940][ T5824] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  113.828226][ T5824] usb 5-1: Using ep0 maxpacket: 32
[  113.838746][ T5824] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  113.844664][ T5824] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  113.849126][ T5824] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  113.852508][ T5824] usb 5-1: Product: syz
[  113.854173][ T5824] usb 5-1: Manufacturer: syz
[  113.856454][ T5824] usb 5-1: SerialNumber: syz
[  113.861527][ T5824] usb 5-1: config 0 descriptor??
[  113.861987][ T8952] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  113.864361][ T8927] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  113.875433][ T5824] hub 5-1:0.0: bad descriptor, ignoring hub
[  113.879509][ T6069] vxcan1 speed is unknown, defaulting to 1000
[  113.879522][ T5824] hub 5-1:0.0: probe with driver hub failed with error -5
[  113.883177][ T8952] 9pnet_virtio: no channels available for device syz
[  114.170371][ T8990] BIDI support in bsg has been removed.
[  114.201244][    T9] usb 5-1: USB disconnect, device number 7
[  114.250383][ T8995] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  114.269573][ T8995] comedi comedi3: pcl812: I/O port conflict (0x100,16)
[  114.415452][ T9008] overlayfs: conflicting lowerdir path
[  114.417636][ T9006] 0x000000000008-0x000000020027 : ""
[  114.420509][ T9006] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1fff8
[  114.422545][ T9008] overlayfs: failed to resolve '/ÿ': -2
[  114.435922][ T9006] ftl_cs: FTL header corrupt!
[  114.581447][ T9023] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  114.584201][ T9023] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  114.588759][ T9023] vhci_hcd vhci_hcd.0: Device attached
[  114.595500][ T9023] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(6)
[  114.598036][ T9023] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  114.603961][ T9023] vhci_hcd vhci_hcd.0: Device attached
[  114.616230][ T9023] bond2: invalid ARP target 0.0.0.0 specified for addition
[  114.618900][ T9023] bond2: option arp_ip_target: invalid value (0)
[  114.622224][ T9023] bond2 (unregistering): Released all slaves
[  114.634784][ T9021] kvm: kvm [9020]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x7
[  114.638761][ T9021] kvm: kvm [9020]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x7
[  114.668657][ T9030] bond2: invalid ARP target 0.0.0.0 specified for addition
[  114.671067][ T9030] bond2: option arp_ip_target: invalid value (0)
[  114.677709][ T9030] bond2 (unregistering): Released all slaves
[  114.721242][ T9021] kvm_intel: kvm [9020]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0x1
[  114.740740][ T9021] kvm: kvm [9020]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0x1
[  114.744461][ T9021] kvm: kvm [9020]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x1
[  114.769901][ T9026] vhci_hcd: connection closed
[  114.772138][ T9024] vhci_hcd: connection closed
[  114.775244][   T12] vhci_hcd vhci_hcd.3: stop threads
[  114.782069][   T12] vhci_hcd vhci_hcd.3: release socket
[  114.786669][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  114.789181][   T12] vhci_hcd vhci_hcd.3: stop threads
[  114.791231][   T12] vhci_hcd vhci_hcd.3: release socket
[  114.793762][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  114.836612][ T6069] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  114.842975][ T6069] usb 43-1: enqueue for inactive port 0
[  114.916067][ T6069] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  115.031851][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  115.031867][   T40] audit: type=1400 audit(1779907472.506:1074): avc:  denied  { read write } for  pid=9043 comm="syz.2.897" name="uhid" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  115.043878][   T40] audit: type=1400 audit(1779907472.506:1075): avc:  denied  { open } for  pid=9043 comm="syz.2.897" path="/dev/uhid" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  115.251489][ T9053] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  115.255657][ T9056] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  115.313530][   T40] audit: type=1400 audit(1779907472.786:1076): avc:  denied  { connect } for  pid=9059 comm="syz.3.901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  115.481901][ T9075] __nla_validate_parse: 85 callbacks suppressed
[  115.481921][ T9075] netlink: 48 bytes leftover after parsing attributes in process `syz.2.904'.
[  115.488214][ T9075] netlink: 'syz.2.904': attribute type 10 has an invalid length.
[  115.494900][ T9075] team0: Port device dummy0 added
[  115.624127][   T40] audit: type=1400 audit(1779907473.096:1077): avc:  denied  { setopt } for  pid=9088 comm="syz.3.909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  115.657468][ T9095] netlink: 'syz.3.912': attribute type 1 has an invalid length.
[  115.675737][ T9101] netlink: 'syz.2.913': attribute type 1 has an invalid length.
[  115.690080][ T9095] 8021q: adding VLAN 0 to HW filter on device bond2
[  115.709117][ T9101] 8021q: adding VLAN 0 to HW filter on device bond3
[  115.727726][ T9101] bond4: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  115.733455][ T9101] bond4 (unregistering): Released all slaves
[  115.768362][ T9109] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9109 comm=syz.2.913
[  115.816727][ T9110] bond1: (slave veth0_to_bond): Releasing backup interface
[  115.848075][ T9110] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  115.856964][ T9110] input: syz1 as /devices/virtual/input/input15
[  115.873080][ T9117] netlink: 20 bytes leftover after parsing attributes in process `syz.1.918'.
[  115.911761][ T9124] netlink: 'syz.0.920': attribute type 10 has an invalid length.
[  115.924746][   T40] audit: type=1326 audit(1779907473.396:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9123 comm="syz.0.920" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f631159ce59 code=0x0
[  115.994235][ T9133] FAULT_INJECTION: forcing a failure.
[  115.994235][ T9133] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  115.999787][ T9133] CPU: 2 UID: 0 PID: 9133 Comm: syz.1.924 Not tainted syzkaller #0 PREEMPT(full) 
[  115.999811][ T9133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  115.999822][ T9133] Call Trace:
[  115.999828][ T9133]  <TASK>
[  115.999835][ T9133]  dump_stack_lvl+0x100/0x190
[  115.999870][ T9133]  should_fail_ex.cold+0x5/0xa
[  115.999890][ T9133]  ? prepare_alloc_pages+0x16d/0x5f0
[  115.999914][ T9133]  should_fail_alloc_page+0xeb/0x140
[  115.999937][ T9133]  prepare_alloc_pages+0x1f0/0x5f0
[  115.999960][ T9133]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  115.999988][ T9133]  ? stack_depot_save_flags+0x27/0x9d0
[  116.000019][ T9133]  ? stack_depot_save_flags+0x27/0x9d0
[  116.000046][ T9133]  ? kasan_save_stack+0x3f/0x50
[  116.000063][ T9133]  ? kasan_save_stack+0x30/0x50
[  116.000078][ T9133]  ? kasan_save_track+0x14/0x30
[  116.000094][ T9133]  ? __kasan_kmalloc+0xaa/0xb0
[  116.000115][ T9133]  ? __kvmalloc_node_noprof+0x360/0xa00
[  116.000141][ T9133]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  116.000161][ T9133]  ? mmu_topup_memory_caches+0xbc/0x170
[  116.000183][ T9133]  ? kvm_mmu_load+0xd6/0x23e0
[  116.000200][ T9133]  ? vcpu_run+0x39f4/0x5ca0
[  116.000222][ T9133]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  116.000245][ T9133]  ? kvm_vcpu_ioctl+0x730/0x1720
[  116.000260][ T9133]  ? __x64_sys_ioctl+0x18e/0x210
[  116.000279][ T9133]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  116.000325][ T9133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  116.000348][ T9133]  ? policy_nodemask+0xed/0x4f0
[  116.000371][ T9133]  alloc_pages_mpol+0x1fb/0x540
[  116.000394][ T9133]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  116.000415][ T9133]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  116.000441][ T9133]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  116.000465][ T9133]  alloc_pages_noprof+0x1a/0x160
[  116.000489][ T9133]  get_free_pages_noprof+0x10/0xb0
[  116.000508][ T9133]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  116.000536][ T9133]  mmu_topup_memory_caches+0xbc/0x170
[  116.000560][ T9133]  kvm_mmu_load+0xd6/0x23e0
[  116.000583][ T9133]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  116.000610][ T9133]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  116.000665][ T9133]  ? __pfx_kvm_mmu_load+0x10/0x10
[  116.000685][ T9133]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  116.000704][ T9133]  ? kvm_check_and_inject_events+0x961/0x1070
[  116.000727][ T9133]  ? record_steal_time+0x420/0xbc0
[  116.000759][ T9133]  vcpu_run+0x39f4/0x5ca0
[  116.000794][ T9133]  ? __pfx_vcpu_run+0x10/0x10
[  116.000824][ T9133]  ? rcu_is_watching+0x12/0xc0
[  116.000854][ T9133]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  116.000877][ T9133]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  116.000908][ T9133]  kvm_vcpu_ioctl+0x730/0x1720
[  116.000930][ T9133]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  116.000946][ T9133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  116.000967][ T9133]  ? do_vfs_ioctl+0x226/0x13e0
[  116.000986][ T9133]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  116.001006][ T9133]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  116.001040][ T9133]  ? __fget_files+0x215/0x3d0
[  116.001061][ T9133]  ? hook_file_ioctl_common+0x149/0x410
[  116.001085][ T9133]  ? selinux_file_ioctl+0x13b/0x290
[  116.001115][ T9133]  ? selinux_file_ioctl+0xb6/0x290
[  116.001141][ T9133]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  116.001159][ T9133]  __x64_sys_ioctl+0x18e/0x210
[  116.001180][ T9133]  do_syscall_64+0x115/0x870
[  116.001230][ T9133]  ? clear_bhb_loop+0x40/0x90
[  116.001253][ T9133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.001272][ T9133] RIP: 0033:0x7fa0c819ce59
[  116.001288][ T9133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  116.001305][ T9133] RSP: 002b:00007fa0c63f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.001322][ T9133] RAX: ffffffffffffffda RBX: 00007fa0c8415fa0 RCX: 00007fa0c819ce59
[  116.001333][ T9133] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  116.001342][ T9133] RBP: 00007fa0c63f6090 R08: 0000000000000000 R09: 0000000000000000
[  116.001351][ T9133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.001363][ T9133] R13: 00007fa0c8416038 R14: 00007fa0c8415fa0 R15: 00007fff019c6b98
[  116.001388][ T9133]  </TASK>
[  116.117462][ T9141] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  116.184895][ T9142] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  116.231909][ T9146] netlink: 16 bytes leftover after parsing attributes in process `syz.2.928'.
[  116.377416][ T9152] netlink: 92 bytes leftover after parsing attributes in process `syz.2.929'.
[  116.451987][ T9150] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  116.457553][ T9150] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  116.459702][ T9150] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  116.583138][ T9162] sit0: left promiscuous mode
[  116.583499][ T9163] netlink: 'syz.1.933': attribute type 32 has an invalid length.
[  116.596611][ T9162] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.600488][ T9162] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.690314][ T9162] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.799151][ T9162] geneve2: left promiscuous mode
[  116.810554][ T9163] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  116.822584][  T226] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.829948][  T226] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  116.833068][  T226] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.837732][  T226] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  116.846565][  T226] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.849772][  T226] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  116.852677][  T226] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.855825][  T226] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  116.862566][ T9171] syzkaller0: entered promiscuous mode
[  116.864709][ T9171] syzkaller0: entered allmulticast mode
[  116.878801][ T9183] FAULT_INJECTION: forcing a failure.
[  116.878801][ T9183] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  116.882995][ T9183] CPU: 2 UID: 0 PID: 9183 Comm: syz.0.938 Not tainted syzkaller #0 PREEMPT(full) 
[  116.883011][ T9183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  116.883018][ T9183] Call Trace:
[  116.883023][ T9183]  <TASK>
[  116.883029][ T9183]  dump_stack_lvl+0x100/0x190
[  116.883046][ T9183]  should_fail_ex.cold+0x5/0xa
[  116.883060][ T9183]  ? prepare_alloc_pages+0x16d/0x5f0
[  116.883074][ T9183]  should_fail_alloc_page+0xeb/0x140
[  116.883088][ T9183]  prepare_alloc_pages+0x1f0/0x5f0
[  116.883103][ T9183]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  116.883120][ T9183]  ? stack_depot_save_flags+0x27/0x9d0
[  116.883137][ T9183]  ? kasan_save_stack+0x3f/0x50
[  116.883147][ T9183]  ? kasan_save_stack+0x30/0x50
[  116.883155][ T9183]  ? kasan_save_track+0x14/0x30
[  116.883164][ T9183]  ? __kasan_kmalloc+0xaa/0xb0
[  116.883173][ T9183]  ? __kvmalloc_node_noprof+0x360/0xa00
[  116.883189][ T9183]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  116.883201][ T9183]  ? mmu_topup_memory_caches+0xbc/0x170
[  116.883215][ T9183]  ? kvm_mmu_load+0xd6/0x23e0
[  116.883226][ T9183]  ? vcpu_run+0x39f4/0x5ca0
[  116.883240][ T9183]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  116.883253][ T9183]  ? kvm_vcpu_ioctl+0x730/0x1720
[  116.883262][ T9183]  ? __x64_sys_ioctl+0x18e/0x210
[  116.883274][ T9183]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  116.883300][ T9183]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  116.883314][ T9183]  ? policy_nodemask+0xed/0x4f0
[  116.883327][ T9183]  alloc_pages_mpol+0x1fb/0x540
[  116.883351][ T9183]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  116.883366][ T9183]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  116.883381][ T9183]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  116.883394][ T9183]  alloc_pages_noprof+0x1a/0x160
[  116.883408][ T9183]  get_free_pages_noprof+0x10/0xb0
[  116.883437][ T9183]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  116.883460][ T9183]  mmu_topup_memory_caches+0xbc/0x170
[  116.883474][ T9183]  kvm_mmu_load+0xd6/0x23e0
[  116.883487][ T9183]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  116.883504][ T9183]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  116.883522][ T9183]  ? __pfx_kvm_mmu_load+0x10/0x10
[  116.883535][ T9183]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  116.883546][ T9183]  ? kvm_check_and_inject_events+0x961/0x1070
[  116.883560][ T9183]  ? record_steal_time+0x420/0xbc0
[  116.883579][ T9183]  vcpu_run+0x39f4/0x5ca0
[  116.883599][ T9183]  ? __pfx_vcpu_run+0x10/0x10
[  116.883618][ T9183]  ? rcu_is_watching+0x12/0xc0
[  116.883636][ T9183]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  116.883650][ T9183]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  116.883668][ T9183]  kvm_vcpu_ioctl+0x730/0x1720
[  116.883680][ T9183]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  116.883691][ T9183]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  116.883704][ T9183]  ? do_vfs_ioctl+0x226/0x13e0
[  116.883714][ T9183]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  116.883725][ T9183]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  116.883746][ T9183]  ? __fget_files+0x215/0x3d0
[  116.883759][ T9183]  ? hook_file_ioctl_common+0x149/0x410
[  116.883774][ T9183]  ? selinux_file_ioctl+0x13b/0x290
[  116.883789][ T9183]  ? selinux_file_ioctl+0xb6/0x290
[  116.883805][ T9183]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  116.883816][ T9183]  __x64_sys_ioctl+0x18e/0x210
[  116.883828][ T9183]  do_syscall_64+0x115/0x870
[  116.883844][ T9183]  ? clear_bhb_loop+0x40/0x90
[  116.883857][ T9183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.883867][ T9183] RIP: 0033:0x7f631159ce59
[  116.883878][ T9183] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  116.883888][ T9183] RSP: 002b:00007f6312421028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.883901][ T9183] RAX: ffffffffffffffda RBX: 00007f6311815fa0 RCX: 00007f631159ce59
[  116.883915][ T9183] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  116.883923][ T9183] RBP: 00007f6312421090 R08: 0000000000000000 R09: 0000000000000000
[  116.883932][ T9183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.883940][ T9183] R13: 00007f6311816038 R14: 00007f6311815fa0 R15: 00007ffc7eb8dcf8
[  116.883960][ T9183]  </TASK>
[  117.042068][   T40] audit: type=1400 audit(1779907474.516:1079): avc:  denied  { mounton } for  pid=9186 comm="syz.1.939" path="/syzcgroup/unified/syz1" dev="pstore" ino=6192 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1
[  117.042087][ T9187] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  117.062081][ T9187] romfs: unable to set blocksize
[  117.062081][ T9187] 
[  117.084117][ T9189] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1
[  117.084121][ T9190] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1
[  117.118610][ T9187] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  117.156453][ T9200] netlink: 'syz.0.943': attribute type 10 has an invalid length.
[  117.160332][ T9198] netlink: 168 bytes leftover after parsing attributes in process `syz.3.944'.
[  117.160494][ T9201] netlink: 'syz.0.943': attribute type 10 has an invalid length.
[  117.161390][ T9202] netlink: 328 bytes leftover after parsing attributes in process `syz.0.943'.
[  117.178828][ T9200] team0: Port device dummy0 added
[  117.181598][ T9204] netlink: 28 bytes leftover after parsing attributes in process `syz.1.945'.
[  117.188636][ T9201] team0: Port device dummy0 removed
[  117.192890][ T9201] 
: (slave dummy0): Enslaving as an active interface with an up link
[  117.201241][   T40] audit: type=1400 audit(1779907474.676:1080): avc:  denied  { ioctl } for  pid=9203 comm="syz.1.945" path="socket:[34403]" dev="sockfs" ino=34403 ioctlcmd=0x5826 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  117.237565][   T40] audit: type=1400 audit(1779907474.716:1081): avc:  denied  { mount } for  pid=9208 comm="syz.0.946" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  117.255344][   T40] audit: type=1400 audit(1779907474.726:1082): avc:  denied  { link } for  pid=9208 comm="syz.0.946" name="#29" dev="tmpfs" ino=1619 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  117.265121][   T40] audit: type=1400 audit(1779907474.726:1083): avc:  denied  { rename } for  pid=9208 comm="syz.0.946" name="#2a" dev="tmpfs" ino=1619 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  117.279494][ T5735] overlayfs: failed lookup in lower (newroot/291, name='bus', err=-40): overlapping layers
[  117.286657][ T5735] overlayfs: failed lookup in lower (newroot/291, name='bus', err=-40): overlapping layers
[  117.398760][ T9222] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[  117.454112][ T9228] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[  117.568751][ T9212] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  117.682074][ T9247] 9p: Could not find request transport: véª+2o
[  117.719307][ T5737] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  117.723987][ T5737] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  117.728291][ T5737] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  117.732624][ T5737] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  117.740663][ T5737] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  117.915143][ T9253] vxcan1 speed is unknown, defaulting to 1000
[  118.129325][ T9277] 9p: Unknown access argument 18446744073709551615: -34
[  118.134390][ T9279] 9p: Unknown access argument 18446744073709551615: -34
[  118.239947][ T9253] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.242231][ T9253] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.244604][ T9253] bridge_slave_0: entered allmulticast mode
[  118.248821][ T9253] bridge_slave_0: entered promiscuous mode
[  118.251929][ T9253] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.254196][ T9253] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.257952][ T9253] bridge_slave_1: entered allmulticast mode
[  118.263152][ T9253] bridge_slave_1: entered promiscuous mode
[  118.289917][ T9253] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.295364][ T9253] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.320316][ T9253] team0: Port device team_slave_0 added
[  118.324979][ T9253] team0: Port device team_slave_1 added
[  118.341270][ T9253] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.343384][ T9253] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  118.351450][ T9253] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.357242][ T9253] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.359362][ T9253] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  118.365944][ T5747] Bluetooth: hci1: command 0x0c1a tx timeout
[  118.367318][ T9253] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.388786][ T9253] hsr_slave_0: entered promiscuous mode
[  118.391277][ T9253] hsr_slave_1: entered promiscuous mode
[  118.393283][ T9253] debugfs: 'hsr0' already exists in 'hsr'
[  118.395029][ T9253] Cannot create hsr debugfs directory
[  118.505113][ T9253] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  118.510863][ T9253] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  118.513747][ T9253] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  118.518836][ T9253] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  118.521615][ T9253] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  118.525822][ T5747] Bluetooth: hci2: command 0x0c1a tx timeout
[  118.527638][ T9253] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  118.531010][ T9253] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  118.535042][ T9253] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  118.554529][ T9253] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.556877][ T9253] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.559232][ T9253] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.561426][ T9253] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.586537][ T9302] hpfs: hpfs_map_sector(): read error
[  118.596836][ T9253] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.608434][ T9253] 8021q: adding VLAN 0 to HW filter on device team0
[  118.612471][  T138] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.617829][  T138] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.630866][ T9302] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  118.647245][  T138] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.650237][  T138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.667726][   T90] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.670383][   T90] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.682427][ T9308] FAULT_INJECTION: forcing a failure.
[  118.682427][ T9308] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  118.688588][ T9308] CPU: 2 UID: 0 PID: 9308 Comm: syz.1.970 Not tainted syzkaller #0 PREEMPT(full) 
[  118.688609][ T9308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  118.688618][ T9308] Call Trace:
[  118.688623][ T9308]  <TASK>
[  118.688629][ T9308]  dump_stack_lvl+0x100/0x190
[  118.688650][ T9308]  should_fail_ex.cold+0x5/0xa
[  118.688668][ T9308]  ? prepare_alloc_pages+0x16d/0x5f0
[  118.688687][ T9308]  should_fail_alloc_page+0xeb/0x140
[  118.688705][ T9308]  prepare_alloc_pages+0x1f0/0x5f0
[  118.688725][ T9308]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  118.688747][ T9308]  ? stack_depot_save_flags+0x27/0x9d0
[  118.688771][ T9308]  ? kasan_save_stack+0x3f/0x50
[  118.688783][ T9308]  ? kasan_save_stack+0x30/0x50
[  118.688795][ T9308]  ? kasan_save_track+0x14/0x30
[  118.688806][ T9308]  ? __kasan_kmalloc+0xaa/0xb0
[  118.688817][ T9308]  ? __kvmalloc_node_noprof+0x360/0xa00
[  118.688839][ T9308]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  118.688854][ T9308]  ? mmu_topup_memory_caches+0xbc/0x170
[  118.688872][ T9308]  ? kvm_mmu_load+0xd6/0x23e0
[  118.688887][ T9308]  ? vcpu_run+0x39f4/0x5ca0
[  118.688904][ T9308]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  118.688922][ T9308]  ? kvm_vcpu_ioctl+0x730/0x1720
[  118.688935][ T9308]  ? __x64_sys_ioctl+0x18e/0x210
[  118.688950][ T9308]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  118.688991][ T9308]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  118.689009][ T9308]  ? policy_nodemask+0xed/0x4f0
[  118.689026][ T9308]  alloc_pages_mpol+0x1fb/0x540
[  118.689043][ T9308]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  118.689059][ T9308]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  118.689095][ T9308]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  118.689114][ T9308]  alloc_pages_noprof+0x1a/0x160
[  118.689132][ T9308]  get_free_pages_noprof+0x10/0xb0
[  118.689146][ T9308]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  118.689167][ T9308]  mmu_topup_memory_caches+0xbc/0x170
[  118.689186][ T9308]  kvm_mmu_load+0xd6/0x23e0
[  118.689203][ T9308]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  118.689224][ T9308]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  118.689249][ T9308]  ? __pfx_kvm_mmu_load+0x10/0x10
[  118.689265][ T9308]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  118.689280][ T9308]  ? kvm_check_and_inject_events+0x961/0x1070
[  118.689298][ T9308]  ? record_steal_time+0x420/0xbc0
[  118.689323][ T9308]  vcpu_run+0x39f4/0x5ca0
[  118.689349][ T9308]  ? __pfx_vcpu_run+0x10/0x10
[  118.689375][ T9308]  ? rcu_is_watching+0x12/0xc0
[  118.689398][ T9308]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  118.689417][ T9308]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  118.689442][ T9308]  kvm_vcpu_ioctl+0x730/0x1720
[  118.689457][ T9308]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  118.689472][ T9308]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  118.689489][ T9308]  ? do_vfs_ioctl+0x226/0x13e0
[  118.689503][ T9308]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  118.689518][ T9308]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  118.689547][ T9308]  ? __fget_files+0x215/0x3d0
[  118.689563][ T9308]  ? hook_file_ioctl_common+0x149/0x410
[  118.689584][ T9308]  ? selinux_file_ioctl+0x13b/0x290
[  118.689603][ T9308]  ? selinux_file_ioctl+0xb6/0x290
[  118.689625][ T9308]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  118.689640][ T9308]  __x64_sys_ioctl+0x18e/0x210
[  118.689656][ T9308]  do_syscall_64+0x115/0x870
[  118.689677][ T9308]  ? clear_bhb_loop+0x40/0x90
[  118.689695][ T9308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.689709][ T9308] RIP: 0033:0x7fa0c819ce59
[  118.689722][ T9308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  118.689735][ T9308] RSP: 002b:00007fa0c63f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  118.689750][ T9308] RAX: ffffffffffffffda RBX: 00007fa0c8415fa0 RCX: 00007fa0c819ce59
[  118.689759][ T9308] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  118.689767][ T9308] RBP: 00007fa0c63f6090 R08: 0000000000000000 R09: 0000000000000000
[  118.689775][ T9308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.689783][ T9308] R13: 00007fa0c8416038 R14: 00007fa0c8415fa0 R15: 00007fff019c6b98
[  118.689804][ T9308]  </TASK>
[  119.015501][ T9336] geneve2: entered promiscuous mode
[  119.017666][ T9336] geneve2: entered allmulticast mode
[  119.038466][ T9339] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.979'.
[  119.091993][ T9253] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.282364][ T9253] veth0_vlan: entered promiscuous mode
[  119.286481][ T5837] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  119.293580][ T9253] veth1_vlan: entered promiscuous mode
[  119.315635][ T9253] veth0_macvtap: entered promiscuous mode
[  119.326101][ T9253] veth1_macvtap: entered promiscuous mode
[  119.340009][ T9253] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.354007][ T9253] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.361288][   T58] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.364073][   T58] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.367157][   T58] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.370663][   T58] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  119.447551][ T5837] usb 6-1: Using ep0 maxpacket: 32
[  119.450925][ T5837] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  119.452410][ T1255] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.453502][ T5837] usb 6-1: can't read configurations, error -22
[  119.455946][ T1255] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.498072][ T1255] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.500568][ T1255] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.555279][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  119.594819][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  119.596605][ T5837] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  119.611307][ T9390] Cannot find add_set index 65532 as target
[  119.735990][ T9396] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=44 sclass=netlink_tcpdiag_socket pid=9396 comm=syz.3.990
[  119.765924][ T5837] usb 6-1: Using ep0 maxpacket: 32
[  119.771550][ T5837] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  119.774619][ T5837] usb 6-1: can't read configurations, error -22
[  119.776472][ T9399] overlay: ./file0 is not a directory
[  119.777650][ T5837] usb usb6-port1: attempt power cycle
[  119.795816][ T5747] Bluetooth: hci3: command tx timeout
[  120.125801][ T5837] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  120.147708][ T5837] usb 6-1: Using ep0 maxpacket: 32
[  120.150871][ T5837] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  120.153374][ T5837] usb 6-1: can't read configurations, error -22
[  120.273393][ T9404] program syz.2.991 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  120.285769][ T5837] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  120.307163][ T5837] usb 6-1: Using ep0 maxpacket: 32
[  120.311017][ T5837] usb 6-1: config index 0 descriptor too short (expected 9, got 0)
[  120.314304][ T5837] usb 6-1: can't read configurations, error -22
[  120.317906][ T5837] usb usb6-port1: unable to enumerate USB device
[  120.321161][ T9407] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  120.467816][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  120.580103][ T9426] netlink: 40 bytes leftover after parsing attributes in process `syz.3.996'.
[  120.610905][ T9428] program syz.3.997 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  120.664648][ T9432] netlink: 32 bytes leftover after parsing attributes in process `syz.3.998'.
[  120.668419][ T9432] netlink: 23 bytes leftover after parsing attributes in process `syz.3.998'.
[  120.672143][ T9433] netlink: 32 bytes leftover after parsing attributes in process `syz.3.998'.
[  120.677677][ T9433] netlink: 23 bytes leftover after parsing attributes in process `syz.3.998'.
[  120.766068][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  120.766084][   T40] audit: type=1400 audit(1779907478.246:1098): avc:  denied  { append } for  pid=9435 comm="syz.3.999" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  120.766690][ T9436] netlink: 12 bytes leftover after parsing attributes in process `syz.3.999'.
[  120.884239][ T9441] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1001'.
[  121.260824][   T40] audit: type=1400 audit(1779907478.736:1099): avc:  granted  { setsecparam } for  pid=9454 comm="syz.3.1005" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  121.359865][ T9463] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.363102][ T9463] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  121.627499][ T9481] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1012'.
[  121.683056][ T9484] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  121.831736][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  121.861980][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  121.878789][   T40] audit: type=1400 audit(1779907479.356:1100): avc:  denied  { write } for  pid=9495 comm="syz.4.1017" name="/" dev="9p" ino=82051163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  121.886050][ T5747] Bluetooth: hci3: command tx timeout
[  121.889268][   T40] audit: type=1400 audit(1779907479.356:1101): avc:  denied  { remove_name } for  pid=9495 comm="syz.4.1017" name="file1" dev="9p" ino=82051167 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  121.898333][   T40] audit: type=1400 audit(1779907479.356:1102): avc:  denied  { unlink } for  pid=9495 comm="syz.4.1017" name="file1" dev="9p" ino=82051167 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  122.066328][ T9498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1019'.
[  122.079624][ T9500] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  122.084973][ T9500] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  122.089511][ T9500] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  122.092232][ T9500] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  122.104089][ T9500] netlink: 'syz.2.1016': attribute type 1 has an invalid length.
[  122.123528][ T9500] 8021q: adding VLAN 0 to HW filter on device bond4
[  122.143197][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  122.152676][ T9504] Cannot find del_set index 0 as target
[  122.191372][ T9504] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1018'.
[  122.227880][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  122.233153][ T9513] CIFS mount error: No usable UNC path provided in device string!
[  122.233153][ T9513] 
[  122.236678][ T9513] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  122.266195][ T5741] udevd[5741]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system
[  122.331068][ T9520] loop2: detected capacity change from 0 to 3
[  122.340110][ T9520] Dev loop2: unable to read RDB block 3
[  122.341879][ T9520]  loop2: AHDI p1 p2 p3
[  122.344794][ T9520] loop2: partition table partially beyond EOD, truncated
[  122.349998][ T9520] loop2: p1 start 1601398130 is beyond EOD, truncated
[  122.352161][ T9520] loop2: p2 start 1702059890 is beyond EOD, truncated
[  122.360451][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/87.tmp-b7:2' failed: Read-only file system
[  122.378403][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/87.tmp-b7:2' failed: Read-only file system
[  122.394944][ T9525] bond2: invalid ARP target 0.0.0.0 specified for addition
[  122.397395][ T9525] bond2: option arp_ip_target: invalid value (0)
[  122.402005][ T9525] bond2 (unregistering): Released all slaves
[  122.554584][ T9531] netem: change failed
[  122.916061][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  123.084835][ T9539] /dev/sg0: Can't lookup blockdev
[  123.332832][ T9568] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  123.343695][   T40] audit: type=1400 audit(1779907480.816:1103): avc:  denied  { ioctl } for  pid=9567 comm="syz.4.1036" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1293 ioctlcmd=0x5870 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  123.538373][ T9585] syzkaller0: entered promiscuous mode
[  123.540158][ T9585] syzkaller0: entered allmulticast mode
[  123.582272][ T9588] xt_connbytes: Forcing CT accounting to be enabled
[  123.585023][ T9588] xt_CT: You must specify a L4 protocol and not use inversions on it
[  123.669376][ T9581] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  123.927646][ T9596] random: crng reseeded on system resumption
[  123.955898][ T5747] Bluetooth: hci3: command tx timeout
[  124.857722][ T9595] netlink: 'syz.2.1044': attribute type 4 has an invalid length.
[  124.897711][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  124.900310][ T9604] ufs: You didn't specify the type of your ufs filesystem
[  124.900310][ T9604] 
[  124.900310][ T9604] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  124.900310][ T9604] 
[  124.900310][ T9604] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  124.913308][ T9604] ufs: failed to set blocksize
[  124.977141][ T9604] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  125.004039][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.038334][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.132864][   T40] audit: type=1326 audit(1779907482.606:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9625 comm="syz.3.1052" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff868f9ce59 code=0x0
[  125.148019][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.174968][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.215532][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.232916][ T9636] netlink: 'syz.2.1055': attribute type 2 has an invalid length.
[  125.259043][   T40] audit: type=1400 audit(1779907482.736:1105): avc:  denied  { append } for  pid=9637 comm="syz.2.1056" name="btrfs-control" dev="devtmpfs" ino=1341 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  125.269369][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.392117][ T9643] binder: 9642:9643 ioctl c0306201 200000000640 returned -22
[  125.392941][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.413965][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.441801][ T5741] udevd[5741]: symlink '../../loop2' '/dev/disk/by-diskseq/88.tmp-b7:2' failed: Read-only file system
[  125.484081][  T226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.489923][  T226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.501222][ T9649] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9649 comm=syz.2.1060
[  125.575153][ T9652] FAULT_INJECTION: forcing a failure.
[  125.575153][ T9652] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  125.579270][ T9652] CPU: 1 UID: 0 PID: 9652 Comm: syz.2.1061 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  125.579316][ T9652] Tainted: [L]=SOFTLOCKUP
[  125.579324][ T9652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  125.579334][ T9652] Call Trace:
[  125.579341][ T9652]  <TASK>
[  125.579348][ T9652]  dump_stack_lvl+0x100/0x190
[  125.579381][ T9652]  should_fail_ex.cold+0x5/0xa
[  125.579402][ T9652]  ? prepare_alloc_pages+0x16d/0x5f0
[  125.579423][ T9652]  should_fail_alloc_page+0xeb/0x140
[  125.579447][ T9652]  prepare_alloc_pages+0x1f0/0x5f0
[  125.579472][ T9652]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  125.579500][ T9652]  ? stack_depot_save_flags+0x27/0x9d0
[  125.579528][ T9652]  ? stack_depot_save_flags+0x27/0x9d0
[  125.579554][ T9652]  ? kasan_save_stack+0x3f/0x50
[  125.579569][ T9652]  ? kasan_save_stack+0x30/0x50
[  125.579584][ T9652]  ? kasan_save_track+0x14/0x30
[  125.579598][ T9652]  ? __kasan_kmalloc+0xaa/0xb0
[  125.579611][ T9652]  ? __kvmalloc_node_noprof+0x360/0xa00
[  125.579636][ T9652]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  125.579654][ T9652]  ? mmu_topup_memory_caches+0xbc/0x170
[  125.579675][ T9652]  ? kvm_mmu_load+0xd6/0x23e0
[  125.579693][ T9652]  ? vcpu_run+0x39f4/0x5ca0
[  125.579713][ T9652]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  125.579734][ T9652]  ? kvm_vcpu_ioctl+0x730/0x1720
[  125.579748][ T9652]  ? __x64_sys_ioctl+0x18e/0x210
[  125.579765][ T9652]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  125.579807][ T9652]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  125.579827][ T9652]  ? policy_nodemask+0xed/0x4f0
[  125.579853][ T9652]  alloc_pages_mpol+0x1fb/0x540
[  125.579872][ T9652]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  125.579891][ T9652]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  125.579917][ T9652]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  125.579939][ T9652]  alloc_pages_noprof+0x1a/0x160
[  125.579961][ T9652]  get_free_pages_noprof+0x10/0xb0
[  125.579977][ T9652]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  125.580001][ T9652]  mmu_topup_memory_caches+0xbc/0x170
[  125.580023][ T9652]  kvm_mmu_load+0xd6/0x23e0
[  125.580043][ T9652]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  125.580069][ T9652]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  125.580098][ T9652]  ? __pfx_kvm_mmu_load+0x10/0x10
[  125.580119][ T9652]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  125.580138][ T9652]  ? kvm_check_and_inject_events+0x961/0x1070
[  125.580160][ T9652]  ? record_steal_time+0x420/0xbc0
[  125.580189][ T9652]  vcpu_run+0x39f4/0x5ca0
[  125.580221][ T9652]  ? __pfx_vcpu_run+0x10/0x10
[  125.580246][ T9652]  ? rcu_is_watching+0x12/0xc0
[  125.580265][ T9652]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  125.580279][ T9652]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  125.580298][ T9652]  kvm_vcpu_ioctl+0x730/0x1720
[  125.580310][ T9652]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.580321][ T9652]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  125.580334][ T9652]  ? do_vfs_ioctl+0x226/0x13e0
[  125.580347][ T9652]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  125.580358][ T9652]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  125.580379][ T9652]  ? __fget_files+0x215/0x3d0
[  125.580391][ T9652]  ? hook_file_ioctl_common+0x149/0x410
[  125.580406][ T9652]  ? selinux_file_ioctl+0x13b/0x290
[  125.580421][ T9652]  ? selinux_file_ioctl+0xb6/0x290
[  125.580437][ T9652]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.580448][ T9652]  __x64_sys_ioctl+0x18e/0x210
[  125.580460][ T9652]  do_syscall_64+0x115/0x870
[  125.580485][ T9652]  ? clear_bhb_loop+0x40/0x90
[  125.580509][ T9652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.580520][ T9652] RIP: 0033:0x7f718f99ce59
[  125.580530][ T9652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  125.580540][ T9652] RSP: 002b:00007f719082a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.580551][ T9652] RAX: ffffffffffffffda RBX: 00007f718fc15fa0 RCX: 00007f718f99ce59
[  125.580558][ T9652] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  125.580564][ T9652] RBP: 00007f719082a090 R08: 0000000000000000 R09: 0000000000000000
[  125.580570][ T9652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.580576][ T9652] R13: 00007f718fc16038 R14: 00007f718fc15fa0 R15: 00007ffe35fb25e8
[  125.580590][ T9652]  </TASK>
[  125.829603][ T9661] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.
[  125.890575][ T9663] __nla_validate_parse: 6 callbacks suppressed
[  125.890589][ T9663] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1065'.
[  125.921497][ T9667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1066'.
[  125.927545][   T40] audit: type=1326 audit(1779907483.406:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9666 comm="syz.2.1066" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f718f99ce59 code=0x0
[  126.024250][   T40] audit: type=1400 audit(1779907483.496:1107): avc:  denied  { bind } for  pid=9672 comm="syz.3.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  126.031109][   T40] audit: type=1400 audit(1779907483.496:1108): avc:  denied  { name_bind } for  pid=9672 comm="syz.3.1068" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  126.037601][   T40] audit: type=1400 audit(1779907483.496:1109): avc:  denied  { node_bind } for  pid=9672 comm="syz.3.1068" saddr=::ffff:172.20.20.170 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  126.045834][ T5747] Bluetooth: hci3: command tx timeout
[  126.046549][   T40] audit: type=1400 audit(1779907483.526:1110): avc:  denied  { getattr } for  pid=9672 comm="syz.3.1068" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=40128 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  126.510255][ T9685] FAULT_INJECTION: forcing a failure.
[  126.510255][ T9685] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  126.514160][ T9685] CPU: 1 UID: 0 PID: 9685 Comm: syz.4.1073 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  126.514178][ T9685] Tainted: [L]=SOFTLOCKUP
[  126.514182][ T9685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  126.514188][ T9685] Call Trace:
[  126.514193][ T9685]  <TASK>
[  126.514198][ T9685]  dump_stack_lvl+0x100/0x190
[  126.514214][ T9685]  should_fail_ex.cold+0x5/0xa
[  126.514227][ T9685]  ? prepare_alloc_pages+0x16d/0x5f0
[  126.514242][ T9685]  should_fail_alloc_page+0xeb/0x140
[  126.514255][ T9685]  prepare_alloc_pages+0x1f0/0x5f0
[  126.514270][ T9685]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  126.514287][ T9685]  ? stack_depot_save_flags+0x27/0x9d0
[  126.514304][ T9685]  ? kasan_save_stack+0x3f/0x50
[  126.514313][ T9685]  ? kasan_save_stack+0x30/0x50
[  126.514322][ T9685]  ? kasan_save_track+0x14/0x30
[  126.514336][ T9685]  ? __kasan_kmalloc+0xaa/0xb0
[  126.514344][ T9685]  ? __kvmalloc_node_noprof+0x360/0xa00
[  126.514361][ T9685]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  126.514372][ T9685]  ? mmu_topup_memory_caches+0xbc/0x170
[  126.514385][ T9685]  ? kvm_mmu_load+0xd6/0x23e0
[  126.514396][ T9685]  ? vcpu_run+0x39f4/0x5ca0
[  126.514409][ T9685]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  126.514423][ T9685]  ? kvm_vcpu_ioctl+0x730/0x1720
[  126.514432][ T9685]  ? __x64_sys_ioctl+0x18e/0x210
[  126.514443][ T9685]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  126.514470][ T9685]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.514483][ T9685]  ? policy_nodemask+0xed/0x4f0
[  126.514496][ T9685]  alloc_pages_mpol+0x1fb/0x540
[  126.514508][ T9685]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  126.514521][ T9685]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  126.514537][ T9685]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  126.514550][ T9685]  alloc_pages_noprof+0x1a/0x160
[  126.514563][ T9685]  get_free_pages_noprof+0x10/0xb0
[  126.514574][ T9685]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  126.514590][ T9685]  mmu_topup_memory_caches+0xbc/0x170
[  126.514605][ T9685]  kvm_mmu_load+0xd6/0x23e0
[  126.514618][ T9685]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  126.514634][ T9685]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  126.514653][ T9685]  ? __pfx_kvm_mmu_load+0x10/0x10
[  126.514665][ T9685]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  126.514677][ T9685]  ? kvm_check_and_inject_events+0x961/0x1070
[  126.514691][ T9685]  ? record_steal_time+0x420/0xbc0
[  126.514709][ T9685]  vcpu_run+0x39f4/0x5ca0
[  126.514728][ T9685]  ? __pfx_vcpu_run+0x10/0x10
[  126.514746][ T9685]  ? rcu_is_watching+0x12/0xc0
[  126.514764][ T9685]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  126.514778][ T9685]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  126.514797][ T9685]  kvm_vcpu_ioctl+0x730/0x1720
[  126.514809][ T9685]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  126.514820][ T9685]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.514832][ T9685]  ? do_vfs_ioctl+0x226/0x13e0
[  126.514843][ T9685]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  126.514854][ T9685]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  126.514874][ T9685]  ? __fget_files+0x215/0x3d0
[  126.514886][ T9685]  ? hook_file_ioctl_common+0x149/0x410
[  126.514902][ T9685]  ? selinux_file_ioctl+0x13b/0x290
[  126.514916][ T9685]  ? selinux_file_ioctl+0xb6/0x290
[  126.514932][ T9685]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  126.514943][ T9685]  __x64_sys_ioctl+0x18e/0x210
[  126.514955][ T9685]  do_syscall_64+0x115/0x870
[  126.514971][ T9685]  ? clear_bhb_loop+0x40/0x90
[  126.514985][ T9685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.514995][ T9685] RIP: 0033:0x7ff670f9ce59
[  126.515005][ T9685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  126.515015][ T9685] RSP: 002b:00007ff671e3d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  126.515026][ T9685] RAX: ffffffffffffffda RBX: 00007ff671215fa0 RCX: 00007ff670f9ce59
[  126.515033][ T9685] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  126.515039][ T9685] RBP: 00007ff671e3d090 R08: 0000000000000000 R09: 0000000000000000
[  126.515045][ T9685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  126.515051][ T9685] R13: 00007ff671216038 R14: 00007ff671215fa0 R15: 00007ffc0535c688
[  126.515064][ T9685]  </TASK>
[  126.772153][ T9699] openvswitch: netlink: Multiple metadata blocks provided
[  126.778384][ T9700] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  126.783387][ T9700] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  126.787276][ T9700] overlayfs: fs on '.' does not support file handles, falling back to xino=off.
[  126.790519][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.793811][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.796278][ T9704] loop5: detected capacity change from 0 to 7
[  126.796604][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.800928][ T9704] Dev loop5: unable to read RDB block 7
[  126.801258][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.802549][ T9704]  loop5: unable to read partition table
[  126.806761][ T9704] loop5: partition table beyond EOD, truncated
[  126.808151][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.808888][ T9704] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  126.814441][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.816072][    C0] operation not supported error, dev loop5, sector 0 op 0x9:(WRITE_ZEROES) flags 0x10000800 phys_seg 0 prio class 2
[  126.820890][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.823742][ T9700] overlay: filesystem on ./bus not supported as upperdir
[  126.843857][ T9708] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.1078'.
[  126.888175][ T9716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1080'.
[  126.891117][ T9716] netlink: 'syz.1.1080': attribute type 26 has an invalid length.
[  126.893741][ T9716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1080'.
[  126.897139][ T9716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1080'.
[  126.902629][ T9716] netlink: 'syz.1.1080': attribute type 26 has an invalid length.
[  126.906812][ T9716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1080'.
[  126.945651][   T40] audit: type=1400 audit(1779907484.416:1111): avc:  denied  { read } for  pid=9709 comm="syz.4.1079" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  126.954737][   T40] audit: type=1400 audit(1779907484.426:1112): avc:  denied  { open } for  pid=9709 comm="syz.4.1079" path="/dev/input/mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  126.987389][   T40] audit: type=1400 audit(1779907484.466:1113): avc:  denied  { bind } for  pid=9729 comm="syz.3.1085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  127.001174][ T9731] Mount JFS Failure: -5
[  127.004063][ T9731] jfs_mount failed w/return code = -5
[  127.061645][ T9735] ------------[ cut here ]------------
[  127.063460][ T9735] 1
[  127.063467][ T9735] WARNING: mm/page_alloc.c:5197 at __alloc_frozen_pages_noprof+0x23da/0x2bc0, CPU#1: syz.2.1086/9735
[  127.068006][ T9735] Modules linked in:
[  127.069592][ T9735] CPU: 1 UID: 0 PID: 9735 Comm: syz.2.1086 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  127.073168][ T9735] Tainted: [L]=SOFTLOCKUP
[  127.074603][ T9735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  127.078068][ T9735] RIP: 0010:__alloc_frozen_pages_noprof+0x23da/0x2bc0
[  127.080153][ T9735] Code: 00 45 31 c9 49 83 bc 24 78 05 00 00 00 4c 89 4c 24 50 0f 85 64 f8 ff ff c6 44 24 10 00 e9 f2 ea ff ff c6 05 4f 75 56 0e 01 90 <0f> 0b 90 e9 79 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41
[  127.086370][ T9735] RSP: 0018:ffffc90006d0f760 EFLAGS: 00010246
[  127.088280][ T9735] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  127.090936][ T9735] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0
[  127.093362][ T9735] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009
[  127.095829][ T9735] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0
[  127.098204][ T9735] R13: 1ffff92000da1f3b R14: 0000000000000016 R15: 1ffff92000da1f05
[  127.100616][ T9735] FS:  00007f71908096c0(0000) GS:ffff8880d6490000(0000) knlGS:0000000000000000
[  127.103423][ T9735] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.105456][ T9735] CR2: 00007f718f986480 CR3: 0000000027206000 CR4: 0000000000352ef0
[  127.108229][ T9735] Call Trace:
[  127.109269][ T9735]  <TASK>
[  127.110189][ T9735]  ? find_held_lock+0x2b/0x80
[  127.111698][ T9735]  ? is_bpf_text_address+0x8a/0x1a0
[  127.113310][ T9735]  ? is_bpf_text_address+0x8a/0x1a0
[  127.114914][ T9735]  ? bpf_ksym_find+0x128/0x1c0
[  127.116466][ T9735]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  127.118340][ T9735]  ? is_bpf_text_address+0x94/0x1a0
[  127.119950][ T9735]  ? kernel_text_address+0x8d/0x100
[  127.121543][ T9735]  ? __pfx_widen_string+0x10/0x10
[  127.123080][ T9735]  ? __kernel_text_address+0xd/0x30
[  127.124887][ T9735]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  127.126826][ T9735]  ? arch_stack_walk+0xa6/0xf0
[  127.128273][ T9735]  ? stack_trace_save+0x8e/0xc0
[  127.129722][ T9735]  ? __pfx_stack_trace_save+0x10/0x10
[  127.131357][ T9735]  ? stack_depot_save_flags+0x27/0x9d0
[  127.132964][ T9735]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  127.134775][ T9735]  ? policy_nodemask+0xed/0x4f0
[  127.136347][ T9735]  alloc_pages_mpol+0x1fb/0x540
[  127.137841][ T9735]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  127.139481][ T9735]  ? drm_syncobj_array_find+0x34/0x3b0
[  127.141160][ T9735]  ___kmalloc_large_node+0xe5/0x120
[  127.142911][ T9735]  __kmalloc_large_node_noprof+0x1c/0x70
[  127.144739][ T9735]  __kmalloc_noprof+0x5be/0x850
[  127.146294][ T9735]  drm_syncobj_array_find+0x34/0x3b0
[  127.147930][ T9735]  drm_syncobj_timeline_signal_ioctl+0x22a/0x8d0
[  127.149886][ T9735]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  127.152031][ T9735]  ? drm_dev_exit+0x41/0x60
[  127.153392][ T9735]  ? drm_dev_exit+0x41/0x60
[  127.154768][ T9735]  drm_ioctl_kernel+0x1f3/0x3e0
[  127.156320][ T9735]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  127.158415][ T9735]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  127.160055][ T9735]  drm_ioctl+0x5e6/0xc60
[  127.161389][ T9735]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  127.163613][ T9735]  ? __pfx_drm_ioctl+0x10/0x10
[  127.165061][ T9735]  ? selinux_file_ioctl+0x13b/0x290
[  127.166681][ T9735]  ? selinux_file_ioctl+0xb6/0x290
[  127.168231][ T9735]  ? __pfx_drm_ioctl+0x10/0x10
[  127.169671][ T9735]  __x64_sys_ioctl+0x18e/0x210
[  127.171103][ T9735]  do_syscall_64+0x115/0x870
[  127.172484][ T9735]  ? clear_bhb_loop+0x40/0x90
[  127.173899][ T9735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.175629][ T9735] RIP: 0033:0x7f718f99ce59
[  127.177029][ T9735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  127.182675][ T9735] RSP: 002b:00007f7190809028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  127.185298][ T9735] RAX: ffffffffffffffda RBX: 00007f718fc16090 RCX: 00007f718f99ce59
[  127.187678][ T9735] RDX: 00002000000001c0 RSI: 00000000c01864cd RDI: 000000000000000a
[  127.190040][ T9735] RBP: 00007f718fa32d6f R08: 0000000000000000 R09: 0000000000000000
[  127.192350][ T9735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.194721][ T9735] R13: 00007f718fc16128 R14: 00007f718fc16090 R15: 00007ffe35fb25e8
[  127.197178][ T9735]  </TASK>
[  127.198138][ T9735] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  127.200320][ T9735] CPU: 1 UID: 0 PID: 9735 Comm: syz.2.1086 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  127.203536][ T9735] Tainted: [L]=SOFTLOCKUP
[  127.204791][ T9735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  127.207875][ T9735] Call Trace:
[  127.208861][ T9735]  <TASK>
[  127.209735][ T9735]  dump_stack_lvl+0x100/0x190
[  127.211121][ T9735]  vpanic+0x552/0x970
[  127.212344][ T9735]  ? __pfx_vpanic+0x10/0x10
[  127.213741][ T9735]  panic+0xd1/0xe0
[  127.214862][ T9735]  ? __pfx_panic+0x10/0x10
[  127.216201][ T9735]  check_panic_on_warn.cold+0x19/0x34
[  127.217812][ T9735]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  127.219622][ T9735]  __warn.cold+0x191/0x328
[  127.220971][ T9735]  __report_bug+0x296/0x3d0
[  127.222312][ T9735]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  127.224174][ T9735]  ? __pfx___report_bug+0x10/0x10
[  127.225690][ T9735]  ? __lock_acquire+0x4a5/0x2630
[  127.227177][ T9735]  ? __lock_acquire+0x4a5/0x2630
[  127.228676][ T9735]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  127.230665][ T9735]  report_bug+0xb2/0x220
[  127.231924][ T9735]  ? __alloc_frozen_pages_noprof+0x23da/0x2bc0
[  127.233732][ T9735]  handle_bug+0x16a/0x2a0
[  127.235045][ T9735]  exc_invalid_op+0x17/0x50
[  127.236407][ T9735]  asm_exc_invalid_op+0x1a/0x20
[  127.237869][ T9735] RIP: 0010:__alloc_frozen_pages_noprof+0x23da/0x2bc0
[  127.239848][ T9735] Code: 00 45 31 c9 49 83 bc 24 78 05 00 00 00 4c 89 4c 24 50 0f 85 64 f8 ff ff c6 44 24 10 00 e9 f2 ea ff ff c6 05 4f 75 56 0e 01 90 <0f> 0b 90 e9 79 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41
[  127.245517][ T9735] RSP: 0018:ffffc90006d0f760 EFLAGS: 00010246
[  127.247295][ T9735] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  127.249598][ T9735] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0
[  127.251880][ T9735] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009
[  127.254425][ T9735] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0
[  127.256778][ T9735] R13: 1ffff92000da1f3b R14: 0000000000000016 R15: 1ffff92000da1f05
[  127.259077][ T9735]  ? find_held_lock+0x2b/0x80
[  127.260492][ T9735]  ? is_bpf_text_address+0x8a/0x1a0
[  127.262091][ T9735]  ? is_bpf_text_address+0x8a/0x1a0
[  127.263680][ T9735]  ? bpf_ksym_find+0x128/0x1c0
[  127.265240][ T9735]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  127.267684][ T9735]  ? is_bpf_text_address+0x94/0x1a0
[  127.269779][ T9735]  ? kernel_text_address+0x8d/0x100
[  127.271874][ T9735]  ? __pfx_widen_string+0x10/0x10
[  127.273885][ T9735]  ? __kernel_text_address+0xd/0x30
[  127.275938][ T9735]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  127.278491][ T9735]  ? arch_stack_walk+0xa6/0xf0
[  127.280020][ T9735]  ? stack_trace_save+0x8e/0xc0
[  127.281486][ T9735]  ? __pfx_stack_trace_save+0x10/0x10
[  127.283113][ T9735]  ? stack_depot_save_flags+0x27/0x9d0
[  127.284801][ T9735]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  127.286593][ T9735]  ? policy_nodemask+0xed/0x4f0
[  127.288079][ T9735]  alloc_pages_mpol+0x1fb/0x540
[  127.289570][ T9735]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  127.291219][ T9735]  ? drm_syncobj_array_find+0x34/0x3b0
[  127.292900][ T9735]  ___kmalloc_large_node+0xe5/0x120
[  127.294736][ T9735]  __kmalloc_large_node_noprof+0x1c/0x70
[  127.296763][ T9735]  __kmalloc_noprof+0x5be/0x850
[  127.298346][ T9735]  drm_syncobj_array_find+0x34/0x3b0
[  127.300010][ T9735]  drm_syncobj_timeline_signal_ioctl+0x22a/0x8d0
[  127.302084][ T9735]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  127.304517][ T9735]  ? drm_dev_exit+0x41/0x60
[  127.305975][ T9735]  ? drm_dev_exit+0x41/0x60
[  127.307455][ T9735]  drm_ioctl_kernel+0x1f3/0x3e0
[  127.309338][ T9735]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  127.312132][ T9735]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  127.313812][ T9735]  drm_ioctl+0x5e6/0xc60
[  127.315146][ T9735]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  127.317226][ T9735]  ? __pfx_drm_ioctl+0x10/0x10
[  127.318716][ T9735]  ? selinux_file_ioctl+0x13b/0x290
[  127.320377][ T9735]  ? selinux_file_ioctl+0xb6/0x290
[  127.322063][ T9735]  ? __pfx_drm_ioctl+0x10/0x10
[  127.323605][ T9735]  __x64_sys_ioctl+0x18e/0x210
[  127.325091][ T9735]  do_syscall_64+0x115/0x870
[  127.326562][ T9735]  ? clear_bhb_loop+0x40/0x90
[  127.328057][ T9735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.329896][ T9735] RIP: 0033:0x7f718f99ce59
[  127.331517][ T9735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  127.337299][ T9735] RSP: 002b:00007f7190809028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  127.339827][ T9735] RAX: ffffffffffffffda RBX: 00007f718fc16090 RCX: 00007f718f99ce59
[  127.342238][ T9735] RDX: 00002000000001c0 RSI: 00000000c01864cd RDI: 000000000000000a
[  127.344736][ T9735] RBP: 00007f718fa32d6f R08: 0000000000000000 R09: 0000000000000000
[  127.347146][ T9735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.349527][ T9735] R13: 00007f718fc16128 R14: 00007f718fc16090 R15: 00007ffe35fb25e8
[  127.351931][ T9735]  </TASK>
[  127.353659][ T9735] Kernel Offset: disabled
[  127.355011][ T9735] Rebooting in 86400 seconds..