last executing test programs:

17.036889938s ago: executing program 3 (id=214):
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, 0x0, 0x0)
getpid()
ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f000000be40))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt(r1, 0x0, 0x8001, &(0x7f0000000040)="98531ecf3a980c79868b8300cbdc2830b5c4bf2e5e8bd93e744c0e245d825515cf08b8248aaac81089503224884046d9efc12e48b297b2ca0f681737fc3b5ba256fa2a46d557fe2874b33563e748f9f4459fa8e2bb34acd4e33c2d1383e973288549c256c75f7de9d41c7fe340c725fa5f2d23ce9c4fc5de4c1d065190d8b86930b91b0ae07dd6e06a55ce701da34c698f8373d3d6e24c9ea03f245b29eaaf260bc8f5fbe55af32205930f0182b3edd50a1c7add576386cbcc1e0867d1fac7bfddb35bd93618d21b3c8418112af851507df53e5e7f054468265a99027ea19022dce716192fbfe70c36d885f7c5d07d5f716d0a82a7a57c435522", 0xfa)
syz_pidfd_open(0x0, 0x0)
ioctl$HCIINQUIRY(r1, 0x400448cb, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
prctl$PR_SET_IO_FLUSHER(0x34, 0x2)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000180)={r4, 0x0, 0x6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000002780)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r5, 0x3, r2, 0x5})
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x101, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)

16.595889207s ago: executing program 1 (id=217):
process_vm_readv(0x0, &(0x7f0000008400), 0x0, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
inotify_init1(0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x1010c0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x0, &(0x7f0000000240), 0x4)
bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
mount(&(0x7f0000000080)=@filename='./file0\x00', 0x0, &(0x7f0000000100)='hfs\x00', 0x4000, &(0x7f0000000140)='/dev/cpu/#/msr\x00')
sendfile(r1, r2, 0x0, 0xffffffff000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000001c0)={{0xf}, 0x1})

13.216214124s ago: executing program 2 (id=222):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0xb, 0x4)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
recvmmsg(r0, &(0x7f0000003480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES8=r1], 0xb)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000050053000100000043dffe227c597a63bd5ae03b5c1fc13c180291f5d7123d7eed548479d195478d154714b5c7b063758b8d02f48519ae1b40afb4ff86155a85206721c9ac710991abed6e83ede455a20b6b90b41bd70f67ee2438c038b0062f5365090252b49647cef88a76cdf9e61d4213687d77359483509232d3ca2f3cc508a1e2dffc5359ab9d0f8263870aabfb9264425ad683e811b64ae6606becf1484ee31a4bab5745229e0c8300000000000000"], 0x2c}}, 0x0)
r6 = io_uring_setup(0x1f8, &(0x7f0000000380)={0x0, 0x2cf6, 0x8, 0x3, 0x59})
r7 = openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000080)={0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB(r9, 0xc01c64ad, &(0x7f00000001c0)={r10})
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}], 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
close(r1)
write$binfmt_misc(r11, 0x0, 0xfffffecc)
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_FILES_UPDATE(r6, 0x6, &(0x7f0000000480)={0x2000f62d, 0x0, &(0x7f0000000100)}, 0x0)
fstat(r5, &(0x7f00000004c0))
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0xfffffffffffffffe, 0x84)

11.845411064s ago: executing program 2 (id=224):
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
fcntl$setstatus(r0, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

10.544748175s ago: executing program 2 (id=226):
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, 0x0, 0x0)
getpid()
ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f000000be40))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt(r1, 0x0, 0x8001, &(0x7f0000000040)="98531ecf3a980c79868b8300cbdc2830b5c4bf2e5e8bd93e744c0e245d825515cf08b8248aaac81089503224884046d9efc12e48b297b2ca0f681737fc3b5ba256fa2a46d557fe2874b33563e748f9f4459fa8e2bb34acd4e33c2d1383e973288549c256c75f7de9d41c7fe340c725fa5f2d23ce9c4fc5de4c1d065190d8b86930b91b0ae07dd6e06a55ce701da34c698f8373d3d6e24c9ea03f245b29eaaf260bc8f5fbe55af32205930f0182b3edd50a1c7add576386cbcc1e0867d1fac7bfddb35bd93618d21b3c8418112af851507df53e5e7f054468265a99027ea19022dce716192fbfe70c36d885f7c5d07d5f716d0a82a7a57c435522", 0xfa)
syz_pidfd_open(0x0, 0x0)
ioctl$HCIINQUIRY(r1, 0x400448cb, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
prctl$PR_SET_IO_FLUSHER(0x34, 0x2)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000100))
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r3, 0x0, 0x6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000002780))
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x101, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)

10.205931274s ago: executing program 4 (id=227):
syz_open_dev$usbfs(0x0, 0x74, 0x101341)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300))
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x15)
creat(0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x5, &(0x7f0000000540)=0x40000000010001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = epoll_create1(0x80000)
epoll_create1(0x0)
close(r2)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)

9.123492101s ago: executing program 3 (id=228):
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)

8.825637776s ago: executing program 4 (id=230):
r0 = socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}}, 0x0)

8.711936798s ago: executing program 1 (id=231):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0xb, 0x4)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
recvmmsg(r0, &(0x7f0000003480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x102, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES8=r1], 0xb)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000050053000100000043dffe227c597a63bd5ae03b5c1fc13c180291f5d7123d7eed548479d195478d154714b5c7b063758b8d02f48519ae1b40afb4ff86155a85206721c9ac710991abed6e83ede455a20b6b90b41bd70f67ee2438c038b0062f5365090252b49647cef88a76cdf9e61d4213687d77359483509232d3ca2f3cc508a1e2dffc5359ab9d0f8263870aabfb9264425ad683e811b64ae6606becf1484ee31a4bab5745229e0c8300000000000000"], 0x2c}}, 0x0)
r6 = io_uring_setup(0x1f8, &(0x7f0000000380)={0x0, 0x2cf6, 0x8, 0x3, 0x59})
r7 = openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000080)={0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB(r9, 0xc01c64ad, &(0x7f00000001c0)={r10})
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}], 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
close(r1)
write$binfmt_misc(r11, 0x0, 0xfffffecc)
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_FILES_UPDATE(r6, 0x6, &(0x7f0000000480)={0x2000f62d, 0x0, &(0x7f0000000100)}, 0x0)
fstat(r5, &(0x7f00000004c0))
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0xfffffffffffffffe, 0x84)

8.520591487s ago: executing program 4 (id=232):
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x2286, &(0x7f00000018c0))
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340)}])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r4, 0x4008ae6a, &(0x7f0000000080))
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = eventfd(0x0)
eventfd(0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000280)={r5})
ioctl$KVM_IRQFD(r4, 0x4020ae76, 0x0)
sendmsg$alg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000001480)="cd", 0x1}], 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="f0000000000000001701000002000000dc000000cf02c687de1d493e3fdaa29871afdff7b0096efc3e76f36c8835d4207a5323d0455eec7447d2f67146ee157c3526557695874823c095346d81f1c4e24ef9c71268ade8c7798d5eac7db06c2f87f17f64d83e015c4b367f8a8b999955c2610c32d1784e37b93dfcce9f81a8ce6c5a314a71f42123c97b5d64483746c68468bfb9613b09f6e1d30a63c8124e5e595a8d067b050f0ef296471132a2c5c167ec738849b55c05bc91269394a699a3032aacbde7e97119ffb18cc0dc8c33f261e4ba943e5eb6b4bbb52e090f0137cedb69fedc3ac73a649b3ffa30eca255de1800000000000000170100"/264], 0x108, 0x8080}, 0x814)
fremovexattr(0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="043e9c19"], 0x14)
r6 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
migrate_pages(0x0, 0x6, &(0x7f00000001c0)=0x400000009, &(0x7f0000000380)=0x102)
openat$cgroup_ro(r6, 0x0, 0x275a, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="c000000000000000000000000000000069869f9b4a0074586c9f0c522844c65014127e4651d085a89043138706e79a415b0b0d126c51c1215cfe34997eddd2b4a8256b525b5c15b219daa9ce4cca864a73d9c49ae2771bb70203ebd653200a0d37a0c028cb33b28c7532f384febe039d54537e6952f92cc821c13f34a5426d1532ddd442827bd8dae047fac4b17d711520cd27e961b3719609ab712940ecf8144bddecefbabf2f18e909822089ac4fcedea2b8ec7e90d0456d07b3770b6700009000000000000000000000000000000072a9590a604c03a1efaa205bc9b33fe1e977c3d1d1408ae17ab1ff9118f13db566222a1e12c010521a70c445d97d0cba145ba79178a6d3bbaf70f226652e625fada31ca89eb8c925dd4508fcd45487d3c7adbd913b169777e4af4eb9946246bba4c4738a0c7eddb08f69d74199764d908782652867dcd1da4aae000000000000e0000000000000000000000000000000187ab360a4694eb57bbe6342b5dda581327297f3380b94699ac0c4df81a9904c6b5b40886799022be834dbee1691a0b86881e701b7411036b9d70173dcfe9af0e46c8b97f7a94c1cb39e3ff9ffb5ead3394e9aa03d9a841b579823964df8643ed6ce4a33534bd8f71d23cf382643573c2b096540e8b3015e71ab7ab18d7b0365f8a57e46b31177feadae2f9ba0b1dec676eb60a744f5aac4213806b82bfc2390dc42727cc56d3bbf03700c77441d5e788d6ef2656c82c6b151c4180dbf2b21d7e7f8e824eb8e2c6ab20000000000000018000000000000001001000001000000aae238d3bba76ce2c983e9c4bb184518c35cdae94b15268bddfdf45a1d6276d4b02991f1822c47074a08f58bee4dc26bf03e8a03d10dd1bd0673886375ecc86ff495a5765c6f1f05854ed7f35803430247"], 0x248, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x10}], 0x10}}], 0x56, 0xc800)

8.311687452s ago: executing program 0 (id=233):
r0 = socket$kcm(0x10, 0x3, 0x10)
syz_emit_vhci(0x0, 0x22)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f0000000a00))
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000380)={"84db8cb4", 0x0, 0x0, 0x0, 0x0, 0x0, "0022aed9ae659d4d95fd3d1fa09814", "aadb641b", "912ec72a", "5439cfe3", ["f56f1a42e3d0ab344d8bc6cc", "22147745eb9df6cf6a880d29", "9ad3eb5918df0f52938453c9", "ac562047f08f7537b6597721"]})
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES64=r2], 0xd)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040600000000000000040000000000000000000253be97df6c4187149b547d6c57a0aa66139f75612594e7553394b9c7"], 0x14)
write$binfmt_script(r1, &(0x7f0000000780), 0x208e24b)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', &(0x7f0000000000)=@ethtool_dump})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
lseek(r4, 0x4, 0x0)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f0000000340)=""/121, 0x79})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffc, 0xffffffffffffffe1, 0x0, 0x0, 0x10001, 0xfffffffffffff924], 0x2})
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="02c800fc00f8000100100c0400050008000d6008000500fcffa700050003a908000000ec67000026070531140003000c00bc000409040000002402000078050100110302000001040251000900ff0304090200050200faff0200040901074201800600040006100002ffff02000000ff7f0000ff07000001020e0007021b1b05010007020800010201000610ff0256f90000000001000000010000000b085900e9aaa6aba2538f93b03e6aef22892d9b98385e1df1b3891207edbfea413f488160e3c063ef6461cf331038d364cb0d6f9cec069df069488d19df8ebb3ce2079c2e30af76940121e9ec219f07a00400ffff010100"/255], 0x101)
ioctl$TUNGETVNETBE(r4, 0x800454df, &(0x7f00000000c0)=0x1)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030021000b63d25a80648c2594f90124fc60350c030b022e0009083582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x3000}, 0x0)

8.040811721s ago: executing program 1 (id=234):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
syz_usb_connect$cdc_ncm(0x6, 0x16e, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x15c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "ccb4c51cad"}, {0x5, 0x24, 0x0, 0xc5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x2, 0x7}, {0x6}, [@mdlm_detail={0x19, 0x24, 0x13, 0x2, "a809edbc041369d1cc19adb30bba35ac9666dc4da2"}, @mdlm_detail={0xcc, 0x24, 0x13, 0x5, "ef20e467e2facc48e980250c3e8ee6ef0df81b992fae0891cd12cdfd1e809529755467b88f26b632281f7310fa4b70fb718a8175a3ab1a433a6fc59041fadddea5c39f298f71d70f8ca1e4932570236124d63ede75c644e2c409668fd8b6e743ad3bf352d132a45fe5935fff44116062ab9b5b4c3a51d21462b43a2c40a2249b653561040681b81f4e4915bf4cabce2742385c0972a48eed5822464e86af8849be1127ddce981629e16f9c0c4293a9aa545e13c958bafd4261f4085b614ee988f873ad7bf0699eb6"}, @dmm={0x7, 0x24, 0x14, 0x5, 0x3}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x3, 0x9}, @dmm={0x7, 0x24, 0x14, 0x0, 0x7}]}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0xe, 0xe0, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x8, 0x1, 0xfc}}, {{0x9, 0x5, 0x3, 0x2, 0x56f06b9cc09f8bd8, 0x92, 0x6, 0x4}}}}}}}]}}, &(0x7f00000006c0)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x300, 0x5, 0x81, 0x2d, 0x40, 0x2}, 0xbf, &(0x7f0000000300)={0x5, 0xf, 0xbf, 0x3, [@generic={0x10, 0x10, 0xb, "b60eea3bcb586ff2284d8dc28d"}, @ssp_cap={0x20, 0x10, 0xa, 0x3, 0x5, 0x1, 0xff00, 0x81, [0xc0, 0x3f, 0xcf, 0xff0000, 0xff2080]}, @generic={0x8a, 0x10, 0xb, "2ab678bd643100160bbcdb921405b678f53f2d568e5e0342c89a0915aa122c77e201b57e109580fa82dbd044c830413b81a4982abbc81f6dffc30f7229887c15a8e35fba7e7379d762f469b5562bd1ac45b77f81f5bfaeae51e2259700670ac9a2f0b8f748ad623991404b0a01c3840804bd6ee2b02bc515ffe47680ba0e3092446a3734f67959"}]}, 0x7, [{0x3, &(0x7f00000003c0)=@string={0x3, 0x3, '\''}}, {0x0, 0x0}, {0x0, 0x0}, {0x16, &(0x7f00000005c0)=@string={0x16, 0x3, "de6c28983603d1909ae333bdd523fb68eb4052dc"}}, {0x0, 0x0}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x423}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x40a}}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x3a0ffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
gettid()
r1 = userfaultfd(0x1)
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

7.49774108s ago: executing program 3 (id=235):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000240)={0x20, 0x4})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.021067513s ago: executing program 2 (id=236):
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
fcntl$setstatus(r0, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

6.989860051s ago: executing program 0 (id=237):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000300)={'syztnl1\x00', 0x0, 0x2500, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x4, 0x0, @multicast1, @private}}}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f00000003c0)={<r4=>0x0, 0x200, 0x9, 0x1})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r2, 0xc400941d, &(0x7f00000007c0)={r4, 0x8000, 0x8001})
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2044000, &(0x7f0000000c40)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [{@smackfsroot={'smackfsroot', 0x3d, ')@'}}], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
truncate(&(0x7f0000000080)='./file0\x00', 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xb, @empty=0x4000000}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9})
r10 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, <r11=>0x0})
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r11, 0x2, 0x5004)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000380)={0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x0, 0x1})

6.891260871s ago: executing program 4 (id=238):
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, 0x0, 0x0)
getpid()
ioctl$BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f000000be40))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt(r1, 0x0, 0x8001, &(0x7f0000000040)="98531ecf3a980c79868b8300cbdc2830b5c4bf2e5e8bd93e744c0e245d825515cf08b8248aaac81089503224884046d9efc12e48b297b2ca0f681737fc3b5ba256fa2a46d557fe2874b33563e748f9f4459fa8e2bb34acd4e33c2d1383e973288549c256c75f7de9d41c7fe340c725fa5f2d23ce9c4fc5de4c1d065190d8b86930b91b0ae07dd6e06a55ce701da34c698f8373d3d6e24c9ea03f245b29eaaf260bc8f5fbe55af32205930f0182b3edd50a1c7add576386cbcc1e0867d1fac7bfddb35bd93618d21b3c8418112af851507df53e5e7f054468265a99027ea19022dce716192fbfe70c36d885f7c5d07d5f716d0a82a7a57c435522", 0xfa)
syz_pidfd_open(0x0, 0x0)
ioctl$HCIINQUIRY(r1, 0x400448cb, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
prctl$PR_SET_IO_FLUSHER(0x34, 0x2)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000180)={r4, 0x0, 0x6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000002780)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r5, 0x3, r2, 0x5})
r6 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x101, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)

6.823940159s ago: executing program 3 (id=239):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
recvmmsg(r2, &(0x7f0000004400)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001d00)=[{0xfffffffffffffffd}], 0x1}}], 0x2, 0x0, 0x0)
r3 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0x10000000})
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000080), 0x4)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae", 0x0, 0xfffffffe}, 0x3c)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000200)={0x56, 0x7, 0x1, {0x4250}, {0xb9b8, 0x8000}, @period={0x5d, 0x6, 0xfff9, 0x8470, 0x4b16, {0x4, 0x3, 0x8003, 0xb7}, 0x6, &(0x7f0000000180)=[0xfff, 0x8, 0x0, 0x0, 0x7f, 0x1]}})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000100))
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000005)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000040))
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)

5.757746077s ago: executing program 2 (id=240):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='tlb_flush\x00'}, 0xa)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
chdir(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
socket$rds(0x15, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c1000003e0007012ebd700004101c000100000004000002041001"], 0x101c}}, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
recvmmsg(r1, &(0x7f0000005340)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f00000006c0)=""/209, 0xd1}, {&(0x7f00000007c0)=""/169, 0xa9}, {&(0x7f0000000880)=""/240, 0xf0}, {&(0x7f00000001c0)}, {&(0x7f0000000400)=""/65, 0x41}], 0x5, &(0x7f0000000a00)=""/99, 0x63}, 0xffff}, {{&(0x7f0000000a80)=@in={0x2, 0x0, @empty}, 0x80, &(0x7f0000002d80)=[{&(0x7f00000005c0)=""/22, 0x16}, {&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/8, 0x8}, {&(0x7f0000001b40)=""/186, 0xba}, {&(0x7f0000001c00)=""/148, 0x94}, {&(0x7f0000001cc0)=""/175, 0xaf}, {&(0x7f0000001d80)=""/4096, 0x1000}], 0x7, &(0x7f0000002e00)=""/27, 0x1b}, 0x8}, {{&(0x7f0000002e40)=@alg, 0x80, &(0x7f0000003040)=[{&(0x7f0000002ec0)=""/250, 0xfa}, {&(0x7f0000002fc0)=""/117, 0x75}], 0x2, &(0x7f0000003080)=""/3, 0x3}, 0x3}, {{&(0x7f00000030c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f00000036c0)=[{&(0x7f0000003140)=""/94, 0x5e}, {&(0x7f00000031c0)=""/45, 0x2d}, {&(0x7f0000003200)=""/201, 0xc9}, {&(0x7f0000003300)=""/198, 0xc6}, {&(0x7f0000003400)=""/226, 0xe2}, {&(0x7f0000003500)=""/97, 0x61}, {&(0x7f0000003580)=""/96, 0x60}, {&(0x7f0000003600)=""/135, 0x87}], 0x8, &(0x7f0000003740)=""/184, 0xb8}, 0xffffffff}, {{0x0, 0x0, &(0x7f0000003880)=[{&(0x7f0000003800)=""/73, 0x49}], 0x1}, 0xff}, {{&(0x7f00000038c0)=@ax25={{0x3, @netrom}, [@netrom, @netrom, @default, @bcast, @bcast, @default, @remote, @bcast]}, 0x80, &(0x7f0000004cc0)=[{&(0x7f0000003940)=""/165, 0xa5}, {&(0x7f0000003a00)=""/152, 0x98}, {&(0x7f0000003ac0)=""/154, 0x9a}, {&(0x7f0000003b80)=""/250, 0xfa}, {&(0x7f0000003c80)=""/4096, 0x1000}, {&(0x7f0000004c80)=""/39, 0x27}], 0x6, &(0x7f0000004d40)=""/217, 0xd9}, 0x9}, {{&(0x7f0000004e40)=@ethernet, 0x80, &(0x7f0000005200)=[{&(0x7f0000004ec0)=""/245, 0xf5}, {&(0x7f0000004fc0)=""/192, 0xc0}, {&(0x7f0000005080)=""/80, 0x50}, {&(0x7f0000005100)=""/79, 0x4f}, {0x0}, {&(0x7f00000051c0)=""/16, 0x10}], 0x6, &(0x7f0000005280)=""/150, 0x96}, 0x2}], 0x7, 0x0, &(0x7f0000005540))
openat$nci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000480)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xb, 0x9, 0x8001, 0x0, 0x0, r5, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x4}, 0x48)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r3, @ANYBLOB="b65d03c85851426a790c18681db406a9d962140a1581745b3b047bee1e002eca68b37303b2ba5b23051ecd9231a76a0aff114d22564602432e96a617097f3ec10fe51226abe4486d613fb7cc79ff273a782db89e152f3fdf9967143270013a67c66b06fdddf9a2020281bd406bca63f3c6489d10bda1958581db9ed58693afa637741281299ae6b5d64e"], 0x1c}}, 0x0)
write$nci(r2, &(0x7f000000a600)=ANY=[@ANYBLOB="6105061803030207081ffc013c05088a08017d"], 0x13)
clock_nanosleep(0x7, 0x1, &(0x7f0000009c40), 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000000c0)="2e00000010008188e6b62aa73708cc9f1ba1f848f123bd02e979d1e692420000005e0a001000000002800000129459673194a896ea0596f6dfafb144e2ec1050bb00647c443e6c073c37d7a4d4399c0aa03770e921ab1d5b9eee8299f2ce33e85dd674580037f6fff2b140175dc41a10d63a74735495d3570de9ca9cdb7900609fb26174b206b16030def96b3a1ba6", 0x8f}], 0x1}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000200), &(0x7f0000000240)=0x4)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r8, 0x40045542, &(0x7f0000000040))
r9 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000580)="0012735ba1e5b3960c52c38a8b5090537c83136a4d35ec", 0x17}], 0x1)
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$midi(&(0x7f0000000540), 0x6, 0x200a50)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040}, 0x0)

4.346623568s ago: executing program 3 (id=241):
process_vm_readv(0x0, &(0x7f0000008400), 0x0, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
inotify_init1(0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x1010c0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x0, &(0x7f0000000240), 0x4)
bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
mount(&(0x7f0000000080)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x4000, &(0x7f0000000140)='/dev/cpu/#/msr\x00')
sendfile(r1, r2, 0x0, 0xffffffff000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f00000001c0)={{0xf}, 0x1})

4.182125031s ago: executing program 1 (id=242):
r0 = socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b5950000", @ANYRES32=r2, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}}, 0x0)

3.660408137s ago: executing program 1 (id=243):
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
fcntl$setstatus(r0, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

3.547732386s ago: executing program 0 (id=244):
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="d4000000190019a9000000000000000002200000ff02ff000000000008000100ac14141218009400111a8200040090f7c10f4b31901b77481e35fd008a"], 0x1}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@gettaction={0x84, 0x32, 0x0, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x4}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}, @action_gd=@TCA_ACT_TAB={0x64, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x14, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0x14, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0x84}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2ca)
splice(r0, 0x0, r2, 0x0, 0x84ffe0, 0x0)

2.421511048s ago: executing program 0 (id=245):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
recvmmsg(r1, &(0x7f0000004400)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001d00)=[{0xfffffffffffffffd}], 0x1}}], 0x2, 0x0, 0x0)
r2 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x10000000})
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000080), 0x4)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae", 0x0, 0xfffffffe}, 0x3c)
socket(0x15, 0x5, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0xfffffffffffffffb, 0x410000)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000200)={0x56, 0x7, 0x1, {0x4250, 0xe0}, {0xb9b8, 0x8000}, @period={0x5d, 0x6, 0xfff9, 0x8470, 0x4b16, {0x4, 0x3, 0x8003, 0xb7}, 0x6, &(0x7f0000000180)=[0xfff, 0x8, 0x0, 0x0, 0x7f, 0x1]}})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000100))
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000005)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000040))
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000380)={0x3ff}, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r6 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r6, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000680)=""/233, 0xe9}], 0x1}, 0x0)
sendmsg$nl_route_sched_retired(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000010c0)=@delqdisc={0x34, 0x25, 0x0, 0x0, 0x0, {}, [@q_dsmark={{0xb}, {0x4}}]}, 0x34}}, 0x20048015)

2.321110768s ago: executing program 4 (id=246):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

822.207238ms ago: executing program 4 (id=247):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
r1 = syz_usb_connect$cdc_ncm(0x6, 0x174, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x162, 0x2, 0x1, 0x1, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "ccb4c51cad"}, {0x5, 0x24, 0x0, 0xc5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x2}, {0x6}, [@mdlm_detail={0x1f, 0x24, 0x13, 0x2, "a809edbc041369d1cc19adb30bba35ac9666dc4da25026bbc78d59"}, @mdlm_detail={0xcc, 0x24, 0x13, 0x5, "ef20e467e2facc48e980250c3e8ee6ef0df81b992fae0891cd12cdfd1e809529755467b88f26b632281f7310fa4b70fb718a8175a3ab1a433a6fc59041fadddea5c39f298f71d70f8ca1e4932570236124d63ede75c644e2c409668fd8b6e743ad3bf352d132a45fe5935fff44116062ab9b5b4c3a51d21462b43a2c40a2249b653561040681b81f4e4915bf4cabce2742385c0972a48eed5822464e86af8849be1127ddce981629e16f9c0c4293a9aa545e13c958bafd4261f4085b614ee988f873ad7bf0699eb6"}, @dmm={0x7, 0x24, 0x14, 0x5, 0x3}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x3, 0x9}, @dmm={0x7, 0x24, 0x14, 0x0, 0x7}]}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0xe, 0xe0, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x8, 0x1, 0xfc}}, {{0x9, 0x5, 0x3, 0x2, 0x56f06b9cc09f8bd8, 0x92, 0x6, 0x4}}}}}}}]}}, &(0x7f00000006c0)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x300, 0x0, 0x81, 0x2d, 0x40, 0x2}, 0xb7, &(0x7f0000000300)={0x5, 0xf, 0xb7, 0x3, [@generic={0x10, 0x10, 0xb, "b60eea3bcb586ff2284d8dc28d"}, @ssp_cap={0x20, 0x10, 0xa, 0x3, 0x5, 0x1, 0xff00, 0x81, [0xc0, 0x0, 0xcf, 0xff0000, 0xff2080]}, @generic={0x82, 0x10, 0xb, "2ab678bd643100160bbcdb921405b678f53f2d568e5e0342c89a0915aa122c77e201b57e109580fa82dbd044c830413b81a4982abbc81f6dffc30f7229887c15a8e35fba7e7379d762f469b5562bd1ac45b77f81f5bfaeae51e2259700670ac9a2f0b8f748ad623991404b0a01c3840804bd6ee2b02bc515ffe47680ba0e30"}]}, 0x7, [{0x1f, &(0x7f00000003c0)=@string={0x1f, 0x3, "27f13b9f307b64b11c8b26f279594be8d5c0f1810f866ae155ac9fd2f6"}}, {0x0, 0x0}, {0x34, &(0x7f0000000280)=@string={0x34, 0x3, "8310ff21eb82c497649a04a7d5f8dc02eb0f52306fc8aa8dba90b5fd2a191aad1dfb6baf11e9bbfb0a2c16b0353d8dd9ea9f"}}, {0x16, &(0x7f00000005c0)=@string={0x16, 0x3, "de6c28983603d1909ae333bdd523fb68eb4052dc"}}, {0x3, &(0x7f0000000600)=@string={0x3, 0x3, "ef"}}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x423}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x40a}}]})
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x3a0ffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
gettid()
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
r6 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
write$vhost_msg_v2(r2, &(0x7f0000000100)={0x2, 0x0, {&(0x7f0000000040)=""/77, 0x4d, &(0x7f00000000c0)=""/11, 0x0, 0x2}}, 0x48)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000080603000000000000000000020000000500010007"], 0x1c}}, 0x0)
recvfrom(0xffffffffffffffff, 0x0, 0x800000000000000, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, &(0x7f0000000840)={0x14, &(0x7f0000000480)=ANY=[@ANYBLOB="0007ab000000ab016c938b7c6a3d0de940bf53dfbfc2646250af55aac48fe77d55c3235a4cdcfdecc6a58cdfa69eacba166c084296ffa0a311ac2d68925453a0dc5ade0ca61545b6af79341f892d112bc4ab68987fc19f86db1d2eab63693ab90b710a2203e24638ff191ec12d9d5b7db2f0806287153e0715dbf53e9c5dd7413a0f4d5e98f423fb7812d19a10102c6172dd266fc7d23277534831fc53d5aa274538663e8bc92c124c6f498bcce37f0352efc39ef1768161a026654363808d5f1022fd489667b43dc9898ccb98ad2935438188ef79582db7fd182e2c837ea85ff0645d14cae75bbda4827cad3f2ddbb3651d630d7d009a1c7afde8b5d979c2e88896cbe8cfcc77b81e39"], &(0x7f0000000800)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000a80)={0x44, &(0x7f0000000880)={0x0, 0xa, 0x24, "78452e33200454ccfb796d7f0edebff316534bb2629bbb5893bc270edf86508852b5764b"}, &(0x7f00000008c0)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000900)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000940)={0x20, 0x80, 0x1c, {0xc, 0x0, 0x6, 0x4, 0x7, 0x55e, 0x9, 0x4, 0x1, 0x2, 0x4, 0x5}}, 0x0, &(0x7f00000009c0)={0x20, 0x83, 0x2}, &(0x7f0000000a00)={0x20, 0x87, 0x2, 0x6c}, &(0x7f0000000a40)={0x20, 0x89, 0x2, 0x1}})
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000440), 0x0, &(0x7f0000000b80)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[], [{@euid_lt}]}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020}, 0x2020)
setxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)

621.332226ms ago: executing program 1 (id=248):
r0 = socket$kcm(0x10, 0x3, 0x10)
syz_emit_vhci(0x0, 0x22)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f0000000a00))
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000380)={"84db8cb4", 0x0, 0x0, 0x0, 0x0, 0x0, "0022aed9ae659d4d95fd3d1fa09814", "aadb641b", "912ec72a", "5439cfe3", ["f56f1a42e3d0ab344d8bc6cc", "22147745eb9df6cf6a880d29", "9ad3eb5918df0f52938453c9", "ac562047f08f7537b6597721"]})
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYRES64=r2], 0xd)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040600000000000000040000000000000000000253be97df6c4187149b547d6c57a0aa66139f75612594e7553394b9c7"], 0x14)
write$binfmt_script(r1, &(0x7f0000000780), 0x208e24b)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', &(0x7f0000000000)=@ethtool_dump})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
lseek(r4, 0x4, 0x0)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f0000000340)=""/121, 0x79})
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffc, 0xffffffffffffffe1, 0x0, 0x0, 0x10001, 0xfffffffffffff924], 0x2})
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="02c800fc00f8000100100c0400050008000d6008000500fcffa700050003a908000000ec67000026070531140003000c00bc000409040000002402000078050100110302000001040251000900ff0304090200050200faff0200040901074201800600040006100002ffff02000000ff7f0000ff07000001020e0007021b1b05010007020800010201000610ff0256f90000000001000000010000000b085900e9aaa6aba2538f93b03e6aef22892d9b98385e1df1b3891207edbfea413f488160e3c063ef6461cf331038d364cb0d6f9cec069df069488d19df8ebb3ce2079c2e30af76940121e9ec219f07a00400ffff010100"/255], 0x101)
ioctl$TUNGETVNETBE(r4, 0x800454df, &(0x7f00000000c0)=0x1)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030021000b63d25a80648c2594f90124fc60350c030b022e0009083582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x3000}, 0x0)

587.216708ms ago: executing program 0 (id=249):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000240)={0x20, 0x4})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

95.506ms ago: executing program 2 (id=250):
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
fcntl$setstatus(r0, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

71.566483ms ago: executing program 3 (id=251):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
recvmmsg(r2, &(0x7f0000004400)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001d00)=[{0xfffffffffffffffd}], 0x1}}], 0x2, 0x0, 0x0)
r3 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000)={0x10000000})
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000080), 0x4)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae", 0x0, 0xfffffffe}, 0x3c)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000200)={0x56, 0x7, 0x1, {0x4250, 0xe0}, {0x0, 0x8000}, @period={0x5d, 0x6, 0xfff9, 0x8470, 0x4b16, {0x4, 0x3, 0x8003, 0xb7}, 0x6, &(0x7f0000000180)=[0xfff, 0x8, 0x0, 0x0, 0x7f, 0x1]}})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000100))
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000005)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000040))
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)

0s ago: executing program 0 (id=252):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
syz_usb_connect$cdc_ncm(0x6, 0x16e, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x15c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "ccb4c51cad"}, {0x5, 0x24, 0x0, 0xc5}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x2, 0x7}, {0x6}, [@mdlm_detail={0x19, 0x24, 0x13, 0x2, "a809edbc041369d1cc19adb30bba35ac9666dc4da2"}, @mdlm_detail={0xcc, 0x24, 0x13, 0x5, "ef20e467e2facc48e980250c3e8ee6ef0df81b992fae0891cd12cdfd1e809529755467b88f26b632281f7310fa4b70fb718a8175a3ab1a433a6fc59041fadddea5c39f298f71d70f8ca1e4932570236124d63ede75c644e2c409668fd8b6e743ad3bf352d132a45fe5935fff44116062ab9b5b4c3a51d21462b43a2c40a2249b653561040681b81f4e4915bf4cabce2742385c0972a48eed5822464e86af8849be1127ddce981629e16f9c0c4293a9aa545e13c958bafd4261f4085b614ee988f873ad7bf0699eb6"}, @dmm={0x7, 0x24, 0x14, 0x5, 0x3}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x3, 0x9}, @dmm={0x7, 0x24, 0x14, 0x0, 0x7}]}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0xe, 0xe0, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x8, 0x1, 0xfc}}, {{0x9, 0x5, 0x3, 0x2, 0x56f06b9cc09f8bd8, 0x92, 0x6, 0x4}}}}}}}]}}, &(0x7f00000006c0)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x300, 0x5, 0x81, 0x2d, 0x40, 0x2}, 0xbf, &(0x7f0000000300)={0x5, 0xf, 0xbf, 0x3, [@generic={0x10, 0x10, 0xb, "b60eea3bcb586ff2284d8dc28d"}, @ssp_cap={0x20, 0x10, 0xa, 0x3, 0x5, 0x1, 0xff00, 0x81, [0xc0, 0x3f, 0xcf, 0xff0000, 0xff2080]}, @generic={0x8a, 0x10, 0xb, "2ab678bd643100160bbcdb921405b678f53f2d568e5e0342c89a0915aa122c77e201b57e109580fa82dbd044c830413b81a4982abbc81f6dffc30f7229887c15a8e35fba7e7379d762f469b5562bd1ac45b77f81f5bfaeae51e2259700670ac9a2f0b8f748ad623991404b0a01c3840804bd6ee2b02bc515ffe47680ba0e3092446a3734f67959"}]}, 0x7, [{0x3, &(0x7f00000003c0)=@string={0x3, 0x3, '\''}}, {0x0, 0x0}, {0x0, 0x0}, {0x16, &(0x7f00000005c0)=@string={0x16, 0x3, "de6c28983603d1909ae333bdd523fb68eb4052dc"}}, {0x0, 0x0}, {0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x423}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x40a}}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x3a0ffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
gettid()
r1 = userfaultfd(0x1)
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

kernel console output (not intermixed with test programs):


syzkaller login: [   84.872435][   T29] audit: type=1400 audit(1720699042.112:78): avc:  denied  { transition } for  pid=5029 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   84.897704][   T29] audit: type=1400 audit(1720699042.112:79): avc:  denied  { noatsecure } for  pid=5029 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   84.925610][   T29] audit: type=1400 audit(1720699042.112:80): avc:  denied  { write } for  pid=5029 comm="sh" path="pipe:[4211]" dev="pipefs" ino=4211 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   84.961914][   T29] audit: type=1400 audit(1720699042.112:81): avc:  denied  { rlimitinh } for  pid=5029 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   84.987026][   T29] audit: type=1400 audit(1720699042.112:82): avc:  denied  { siginh } for  pid=5029 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   85.968923][   T29] audit: type=1400 audit(1720699043.202:83): avc:  denied  { read } for  pid=4516 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   86.016054][   T29] audit: type=1400 audit(1720699043.212:84): avc:  denied  { append } for  pid=4516 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   86.039051][   T29] audit: type=1400 audit(1720699043.212:85): avc:  denied  { open } for  pid=4516 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   86.062550][   T29] audit: type=1400 audit(1720699043.212:86): avc:  denied  { getattr } for  pid=4516 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '10.128.1.183' (ED25519) to the list of known hosts.
[   97.541058][  T784] cfg80211: failed to load regulatory.db
[   98.772718][   T29] audit: type=1400 audit(1720699056.012:87): avc:  denied  { mounton } for  pid=5074 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   98.784558][ T5074] cgroup: Unknown subsys name 'net'
[   98.795775][   T29] audit: type=1400 audit(1720699056.012:88): avc:  denied  { mount } for  pid=5074 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   98.823547][   T29] audit: type=1400 audit(1720699056.042:89): avc:  denied  { unmount } for  pid=5074 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   99.023185][ T5074] cgroup: Unknown subsys name 'rlimit'
[   99.222930][   T29] audit: type=1400 audit(1720699056.462:90): avc:  denied  { setattr } for  pid=5074 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   99.257096][   T29] audit: type=1400 audit(1720699056.462:91): avc:  denied  { create } for  pid=5074 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   99.297089][   T29] audit: type=1400 audit(1720699056.462:92): avc:  denied  { write } for  pid=5074 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   99.322927][   T29] audit: type=1400 audit(1720699056.462:93): avc:  denied  { read } for  pid=5074 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   99.343384][   T29] audit: type=1400 audit(1720699056.492:94): avc:  denied  { mounton } for  pid=5074 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   99.368706][   T29] audit: type=1400 audit(1720699056.492:95): avc:  denied  { mount } for  pid=5074 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   99.392594][   T29] audit: type=1400 audit(1720699056.522:96): avc:  denied  { read } for  pid=4748 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   99.443197][ T5076] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[  101.343645][ T5074] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  104.235698][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  104.235721][   T29] audit: type=1400 audit(1720699061.472:102): avc:  denied  { execmem } for  pid=5079 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  105.247019][   T29] audit: type=1400 audit(1720699062.472:103): avc:  denied  { mounton } for  pid=5084 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  105.302353][   T29] audit: type=1400 audit(1720699062.472:104): avc:  denied  { mount } for  pid=5084 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  105.360198][   T29] audit: type=1400 audit(1720699062.472:105): avc:  denied  { create } for  pid=5084 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  105.363704][ T5086] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  105.390488][   T29] audit: type=1400 audit(1720699062.472:106): avc:  denied  { read write } for  pid=5084 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1077 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  105.416324][   T29] audit: type=1400 audit(1720699062.472:107): avc:  denied  { open } for  pid=5084 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1077 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  105.441255][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  105.450174][ T5092] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  105.455346][   T29] audit: type=1400 audit(1720699062.552:108): avc:  denied  { ioctl } for  pid=5084 comm="syz-executor" path="socket:[4271]" dev="sockfs" ino=4271 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  105.474535][ T5098] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  105.492137][ T5098] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  105.500425][ T5098] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  105.502774][ T5100] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  105.509875][ T5098] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  105.515216][ T5100] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  105.524213][ T5098] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  105.529750][ T5100] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  105.539045][ T5098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  105.543757][ T5100] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  105.558432][ T5098] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  105.559255][ T5100] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  105.568322][ T5098] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  105.579932][ T5098] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  105.588214][ T5098] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  105.592102][ T5099] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  105.595950][ T5098] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  105.608012][ T5099] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  105.611644][ T5098] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  105.616769][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  105.657343][ T4478] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  105.660644][   T29] audit: type=1400 audit(1720699062.892:109): avc:  denied  { read } for  pid=5087 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  105.686478][ T5102] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  105.695251][ T5102] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  105.703022][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  105.717619][ T5102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  105.730035][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  105.747420][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  105.762788][   T29] audit: type=1400 audit(1720699062.892:110): avc:  denied  { open } for  pid=5087 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  105.880116][   T29] audit: type=1400 audit(1720699062.952:111): avc:  denied  { mounton } for  pid=5087 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  106.683022][ T5091] chnl_net:caif_netlink_parms(): no params data found
[  106.844771][ T5089] chnl_net:caif_netlink_parms(): no params data found
[  106.905261][ T5084] chnl_net:caif_netlink_parms(): no params data found
[  106.941055][ T5088] chnl_net:caif_netlink_parms(): no params data found
[  107.071719][ T5087] chnl_net:caif_netlink_parms(): no params data found
[  107.191853][ T5091] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.200448][ T5091] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.208786][ T5091] bridge_slave_0: entered allmulticast mode
[  107.216672][ T5091] bridge_slave_0: entered promiscuous mode
[  107.282090][ T5091] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.289623][ T5091] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.297095][ T5091] bridge_slave_1: entered allmulticast mode
[  107.305344][ T5091] bridge_slave_1: entered promiscuous mode
[  107.399173][ T5089] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.406463][ T5089] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.413832][ T5089] bridge_slave_0: entered allmulticast mode
[  107.421554][ T5089] bridge_slave_0: entered promiscuous mode
[  107.519251][ T5091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.540756][ T5089] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.548960][ T5089] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.556193][ T5089] bridge_slave_1: entered allmulticast mode
[  107.564323][ T5089] bridge_slave_1: entered promiscuous mode
[  107.592559][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.599901][ T5088] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.607253][ T5088] bridge_slave_0: entered allmulticast mode
[  107.614944][ T5088] bridge_slave_0: entered promiscuous mode
[  107.648360][ T5091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.698147][ T5102] Bluetooth: hci4: command tx timeout
[  107.704084][ T5093] Bluetooth: hci1: command tx timeout
[  107.707683][ T5102] Bluetooth: hci0: command tx timeout
[  107.741333][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.748968][ T5088] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.756226][ T5088] bridge_slave_1: entered allmulticast mode
[  107.764856][ T5088] bridge_slave_1: entered promiscuous mode
[  107.772839][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.777151][ T5102] Bluetooth: hci2: command tx timeout
[  107.781051][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.792852][ T5084] bridge_slave_0: entered allmulticast mode
[  107.800752][ T5084] bridge_slave_0: entered promiscuous mode
[  107.812123][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.819455][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.826888][ T5084] bridge_slave_1: entered allmulticast mode
[  107.836805][ T5084] bridge_slave_1: entered promiscuous mode
[  107.857484][ T5102] Bluetooth: hci3: command tx timeout
[  107.890491][ T5089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.906456][ T5089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.964405][ T5091] team0: Port device team_slave_0 added
[  107.971846][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.979766][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.987150][ T5087] bridge_slave_0: entered allmulticast mode
[  107.995185][ T5087] bridge_slave_0: entered promiscuous mode
[  108.070059][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.083984][ T5091] team0: Port device team_slave_1 added
[  108.110803][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.118236][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.125423][ T5087] bridge_slave_1: entered allmulticast mode
[  108.133657][ T5087] bridge_slave_1: entered promiscuous mode
[  108.188133][ T5089] team0: Port device team_slave_0 added
[  108.200184][ T5088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.213228][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.285249][ T5089] team0: Port device team_slave_1 added
[  108.301043][ T5088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.351326][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.358668][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.385611][ T5091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.401954][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.418146][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.492392][ T5084] team0: Port device team_slave_0 added
[  108.504567][ T5084] team0: Port device team_slave_1 added
[  108.515133][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.522916][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.550212][ T5091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.582074][ T5089] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.589169][ T5089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.615342][ T5089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.632985][ T5088] team0: Port device team_slave_0 added
[  108.644249][ T5088] team0: Port device team_slave_1 added
[  108.721836][ T5089] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.729706][ T5089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.756111][ T5089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.820200][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.828395][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.856034][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.870007][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.877021][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.903014][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.923652][ T5087] team0: Port device team_slave_0 added
[  108.951999][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.959404][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.988696][ T5088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.003386][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.011084][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.037380][ T5088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.066770][ T5087] team0: Port device team_slave_1 added
[  109.231390][ T5091] hsr_slave_0: entered promiscuous mode
[  109.238964][ T5091] hsr_slave_1: entered promiscuous mode
[  109.276341][ T5089] hsr_slave_0: entered promiscuous mode
[  109.285574][ T5089] hsr_slave_1: entered promiscuous mode
[  109.292266][ T5089] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.300654][ T5089] Cannot create hsr debugfs directory
[  109.333506][ T5084] hsr_slave_0: entered promiscuous mode
[  109.341003][ T5084] hsr_slave_1: entered promiscuous mode
[  109.349003][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.356628][ T5084] Cannot create hsr debugfs directory
[  109.363393][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.371397][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.398068][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.441500][ T5088] hsr_slave_0: entered promiscuous mode
[  109.449139][ T5088] hsr_slave_1: entered promiscuous mode
[  109.455812][ T5088] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.464680][ T5088] Cannot create hsr debugfs directory
[  109.505323][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.512537][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.539748][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.767851][ T5087] hsr_slave_0: entered promiscuous mode
[  109.775295][ T5087] hsr_slave_1: entered promiscuous mode
[  109.781157][ T5102] Bluetooth: hci1: command tx timeout
[  109.781188][   T53] Bluetooth: hci0: command tx timeout
[  109.788023][ T5093] Bluetooth: hci4: command tx timeout
[  109.797123][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.805318][ T5087] Cannot create hsr debugfs directory
[  109.870649][ T5093] Bluetooth: hci2: command tx timeout
[  109.946816][ T5093] Bluetooth: hci3: command tx timeout
[  110.547332][ T5089] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  110.565034][ T5089] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  110.578563][ T5089] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  110.592026][ T5089] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  110.713664][ T5091] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  110.732940][ T5091] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  110.756820][ T5091] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  110.772680][ T5091] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  110.909840][ T5088] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  110.958995][ T5088] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  110.973435][ T5088] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  110.991518][ T5088] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  111.187202][ T5084] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  111.202240][ T5084] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  111.221543][ T5084] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  111.235811][ T5084] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  111.266091][ T5089] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.397689][ T5089] 8021q: adding VLAN 0 to HW filter on device team0
[  111.516666][ T5071] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.524230][ T5071] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.562939][ T5087] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  111.580813][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.588101][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.629484][ T5087] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  111.651023][ T5087] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  111.666235][ T5087] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  111.693205][ T5091] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.857869][ T5093] Bluetooth: hci0: command tx timeout
[  111.862217][ T5091] 8021q: adding VLAN 0 to HW filter on device team0
[  111.868544][ T5093] Bluetooth: hci4: command tx timeout
[  111.871210][   T53] Bluetooth: hci1: command tx timeout
[  111.920454][ T5088] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.948888][   T53] Bluetooth: hci2: command tx timeout
[  111.975462][ T5089] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  111.987063][ T5089] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  112.017819][   T53] Bluetooth: hci3: command tx timeout
[  112.059939][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.067313][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.135728][ T5088] 8021q: adding VLAN 0 to HW filter on device team0
[  112.173174][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.180487][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.206560][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.213986][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.228110][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  112.228132][   T29] audit: type=1400 audit(1720699069.462:113): avc:  denied  { sys_module } for  pid=5089 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  112.290500][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.400358][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.407746][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.522394][ T5084] 8021q: adding VLAN 0 to HW filter on device team0
[  112.640196][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.647552][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.664936][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.672261][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.760351][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.852531][ T5089] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.964356][ T5087] 8021q: adding VLAN 0 to HW filter on device team0
[  113.029640][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.036886][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.119646][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.127024][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.213090][ T5091] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.286712][ T5089] veth0_vlan: entered promiscuous mode
[  113.336788][ T5089] veth1_vlan: entered promiscuous mode
[  113.446793][ T5088] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.686827][ T5089] veth0_macvtap: entered promiscuous mode
[  113.762126][ T5089] veth1_macvtap: entered promiscuous mode
[  113.889626][ T5089] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.937973][   T53] Bluetooth: hci1: command tx timeout
[  113.943555][   T53] Bluetooth: hci4: command tx timeout
[  113.951326][ T5093] Bluetooth: hci0: command tx timeout
[  113.971947][ T5089] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.018352][   T53] Bluetooth: hci2: command tx timeout
[  114.035146][ T5088] veth0_vlan: entered promiscuous mode
[  114.058397][ T5089] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.072870][ T5089] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.082094][ T5089] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.097235][   T53] Bluetooth: hci3: command tx timeout
[  114.106440][ T5089] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.135036][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.220373][ T5088] veth1_vlan: entered promiscuous mode
[  114.414449][ T5091] veth0_vlan: entered promiscuous mode
[  114.432428][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.457101][ T5084] veth0_vlan: entered promiscuous mode
[  114.491641][ T5084] veth1_vlan: entered promiscuous mode
[  114.551950][ T5091] veth1_vlan: entered promiscuous mode
[  114.576335][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.602952][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.720391][ T5088] veth0_macvtap: entered promiscuous mode
[  114.733316][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.755843][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.788592][ T5088] veth1_macvtap: entered promiscuous mode
[  114.807115][ T5084] veth0_macvtap: entered promiscuous mode
[  114.832045][   T29] audit: type=1400 audit(1720699072.062:114): avc:  denied  { mounton } for  pid=5089 comm="syz-executor" path="/root/syzkaller.OVGsWq/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  114.858290][   T29] audit: type=1400 audit(1720699072.072:115): avc:  denied  { mount } for  pid=5089 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  114.866858][ T5091] veth0_macvtap: entered promiscuous mode
[  114.901639][ T5091] veth1_macvtap: entered promiscuous mode
[  114.917818][   T29] audit: type=1400 audit(1720699072.072:116): avc:  denied  { mounton } for  pid=5089 comm="syz-executor" path="/root/syzkaller.OVGsWq/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  114.950036][   T29] audit: type=1400 audit(1720699072.082:117): avc:  denied  { mount } for  pid=5089 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  114.973719][   T29] audit: type=1400 audit(1720699072.102:118): avc:  denied  { unmount } for  pid=5089 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  115.016085][   T29] audit: type=1400 audit(1720699072.142:119): avc:  denied  { mounton } for  pid=5089 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  115.055103][   T29] audit: type=1400 audit(1720699072.152:120): avc:  denied  { mount } for  pid=5089 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  115.067570][ T5084] veth1_macvtap: entered promiscuous mode
[  115.131190][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.143269][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.161756][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.173352][   T29] audit: type=1400 audit(1720699072.412:121): avc:  denied  { read write } for  pid=5089 comm="syz-executor" name="loop1" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  115.265731][   T29] audit: type=1400 audit(1720699072.412:122): avc:  denied  { open } for  pid=5089 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  115.326727][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.351155][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.369283][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.390027][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.412260][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.424216][ T5087] veth0_vlan: entered promiscuous mode
[  115.462224][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.481560][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.496234][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.521023][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.538308][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.560539][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.580333][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.598316][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.628465][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.640304][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.650312][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.661681][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.673585][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.684313][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.864783][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.120922][ T5084] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.142167][ T5084] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.155957][ T5084] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.183941][ T5084] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.211792][ T5087] veth1_vlan: entered promiscuous mode
[  116.231913][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.253818][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.274710][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.289825][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.307477][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  116.325433][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  116.339451][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.359215][ T5088] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.380333][ T5088] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.396102][ T5088] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.422674][ T5088] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.474016][ T5091] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.493052][ T5091] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.512597][ T5091] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.521476][ T5091] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.082906][ T5087] veth0_macvtap: entered promiscuous mode
[  117.121415][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.138109][ T5176] netlink: 64 bytes leftover after parsing attributes in process `syz.1.6'.
[  117.162044][ T5087] veth1_macvtap: entered promiscuous mode
[  117.176864][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.372196][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.400376][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.485072][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.504469][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.517435][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.529033][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.554681][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.565920][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.576463][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.588132][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.612522][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.703185][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.736037][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.749505][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.763492][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.773818][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.785445][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.797118][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.808108][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.829724][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.843115][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.886480][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.092385][ T5087] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.096328][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  118.096351][   T29] audit: type=1400 audit(1720699075.332:137): avc:  denied  { mounton } for  pid=5088 comm="syz-executor" path="/root/syzkaller.99HXim/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  118.157395][ T5087] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.166198][ T5087] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.179331][ T5087] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.200952][   T29] audit: type=1400 audit(1720699075.432:138): avc:  denied  { mounton } for  pid=5088 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  118.239089][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.252836][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.383712][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.417057][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.569279][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.603005][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.645294][   T29] audit: type=1400 audit(1720699075.872:139): avc:  denied  { create } for  pid=5178 comm="syz.1.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  118.907459][   T29] audit: type=1400 audit(1720699076.002:140): avc:  denied  { write } for  pid=5177 comm="syz.3.4" name="task" dev="proc" ino=6089 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  119.143301][   T29] audit: type=1400 audit(1720699076.002:141): avc:  denied  { add_name } for  pid=5177 comm="syz.3.4" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  119.422001][   T29] audit: type=1400 audit(1720699076.002:142): avc:  denied  { create } for  pid=5177 comm="syz.3.4" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  119.473319][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.545468][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.548787][   T29] audit: type=1400 audit(1720699076.012:143): avc:  denied  { associate } for  pid=5177 comm="syz.3.4" name="memory.events" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  119.584294][   T29] audit: type=1400 audit(1720699076.022:144): avc:  denied  { create } for  pid=5177 comm="syz.3.4" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  119.608081][   T29] audit: type=1400 audit(1720699076.032:145): avc:  denied  { map } for  pid=5177 comm="syz.3.4" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=6887 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  119.702455][   T29] audit: type=1400 audit(1720699076.032:146): avc:  denied  { read write } for  pid=5177 comm="syz.3.4" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=6887 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  119.766751][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.833850][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.869927][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  120.074639][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  122.238093][ T5194] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5'.
[  124.155543][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  124.155567][   T29] audit: type=1400 audit(1720699081.392:161): avc:  denied  { create } for  pid=5210 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  124.306817][   T29] audit: type=1400 audit(1720699081.542:162): avc:  denied  { bind } for  pid=5210 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  125.878903][   T29] audit: type=1400 audit(1720699083.102:163): avc:  denied  { create } for  pid=5210 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.209219][   T29] audit: type=1400 audit(1720699083.442:164): avc:  denied  { read } for  pid=5210 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.477119][   T29] audit: type=1400 audit(1720699083.542:165): avc:  denied  { create } for  pid=5210 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  126.597454][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  126.828477][ T5226] netlink: 64 bytes leftover after parsing attributes in process `syz.1.14'.
[  127.191308][   T29] audit: type=1400 audit(1720699084.432:166): avc:  denied  { setopt } for  pid=5210 comm="syz.3.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  127.837029][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  127.858627][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!!
[  127.869259][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  128.438481][ T5237] Zero length message leads to an empty skb
[  128.927753][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  129.049630][   T29] audit: type=1400 audit(1720699086.252:167): avc:  denied  { read } for  pid=5238 comm="syz.3.18" name="ppp" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  129.537586][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  129.917760][   T29] audit: type=1400 audit(1720699086.272:168): avc:  denied  { open } for  pid=5238 comm="syz.3.18" path="/dev/ppp" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  129.947270][   T29] audit: type=1400 audit(1720699086.322:169): avc:  denied  { ioctl } for  pid=5238 comm="syz.3.18" path="/dev/ppp" dev="devtmpfs" ino=694 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  130.417025][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  130.425338][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  131.288375][ T5251] xt_time: invalid argument - start or stop time greater than 23:59:59
[  131.359866][   T29] audit: type=1400 audit(1720699087.832:170): avc:  denied  { create } for  pid=5242 comm="syz.0.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  131.577271][   T29] audit: type=1400 audit(1720699088.752:171): avc:  denied  { read write } for  pid=5238 comm="syz.3.18" name="raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  131.681829][   T29] audit: type=1400 audit(1720699088.752:172): avc:  denied  { open } for  pid=5238 comm="syz.3.18" path="/dev/raw-gadget" dev="devtmpfs" ino=733 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  132.016856][   T29] audit: type=1400 audit(1720699088.752:173): avc:  denied  { ioctl } for  pid=5238 comm="syz.3.18" path="/dev/raw-gadget" dev="devtmpfs" ino=733 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  132.948787][    T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  133.392550][ T5268] netlink: zone id is out of range
[  133.402607][ T5268] netlink: zone id is out of range
[  134.714601][ T5268] netlink: set zone limit has 4 unknown bytes
[  138.323975][   T29] audit: type=1400 audit(1720699095.562:174): avc:  denied  { create } for  pid=5290 comm="syz.1.31" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  138.389891][ T5292] netlink: 64 bytes leftover after parsing attributes in process `syz.0.28'.
[  138.527588][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  138.541242][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  138.613408][   T53] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  138.622762][   T53] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  138.630175][   T29] audit: type=1400 audit(1720699095.872:175): avc:  denied  { ioctl } for  pid=5299 comm="syz.2.33" path="socket:[7437]" dev="sockfs" ino=7437 ioctlcmd=0x89b0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  138.715618][ T5301] netlink: 72 bytes leftover after parsing attributes in process `syz.1.31'.
[  138.737961][   T29] audit: type=1400 audit(1720699095.952:176): avc:  denied  { write } for  pid=5290 comm="syz.1.31" path="socket:[7431]" dev="sockfs" ino=7431 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  138.762190][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  138.768820][   T53] Bluetooth: Wrong link type (-22)
[  138.774539][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  138.781227][   T53] Bluetooth: Wrong link type (-22)
[  138.786633][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  138.795131][   T53] Bluetooth: Wrong link type (-22)
[  138.875850][   T29] audit: type=1400 audit(1720699096.012:177): avc:  denied  { connect } for  pid=5299 comm="syz.2.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  138.901572][   T29] audit: type=1400 audit(1720699096.012:178): avc:  denied  { name_connect } for  pid=5299 comm="syz.2.33" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  139.025062][   T29] audit: type=1400 audit(1720699096.262:179): avc:  denied  { accept } for  pid=5303 comm="syz.4.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  139.213563][   T29] audit: type=1400 audit(1720699096.452:180): avc:  denied  { read } for  pid=5289 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  139.356588][   T29] audit: type=1400 audit(1720699096.592:181): avc:  denied  { write } for  pid=5289 comm="syz.3.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  140.616919][    C0] sched: RT throttling activated
[  140.757059][   T29] audit: type=1400 audit(1720699097.332:182): avc:  denied  { name_bind } for  pid=5315 comm="syz.0.37" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  141.093603][   T29] audit: type=1400 audit(1720699097.332:183): avc:  denied  { node_bind } for  pid=5315 comm="syz.0.37" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  142.704190][ T5347] netlink: zone id is out of range
[  142.763966][ T5350] xt_time: invalid argument - start or stop time greater than 23:59:59
[  142.842533][ T5347] netlink: zone id is out of range
[  143.020569][ T5347] netlink: set zone limit has 4 unknown bytes
[  143.057170][ T5137] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  143.298087][ T5137] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  143.351569][ T5137] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  143.394928][   T53] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  143.402154][   T53] Bluetooth: hci4: unexpected event 0x06 length: 17 > 3
[  143.404460][ T5137] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  143.428597][ T5137] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.475702][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  143.483940][   T53] Bluetooth: Wrong link type (-22)
[  143.489598][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  143.496182][   T53] Bluetooth: Wrong link type (-22)
[  143.501770][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  143.508626][   T53] Bluetooth: Wrong link type (-22)
[  143.518567][ T5350] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  143.882662][ T5350] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.944801][ T5350] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  144.137768][ T5351] netlink: 14 bytes leftover after parsing attributes in process `syz.3.42'.
[  145.837777][ T5347] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  146.111117][ T5139] usb 3-1: USB disconnect, device number 2
[  146.280439][ T5102] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  146.301477][ T5102] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  146.311636][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  146.324602][ T5102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  146.333295][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  146.341920][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  146.374008][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  146.374031][   T29] audit: type=1400 audit(1720699103.612:186): avc:  denied  { mounton } for  pid=5373 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  146.464213][ T5102] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  146.481913][ T5102] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  146.660862][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  146.674498][ T5102] Bluetooth: Wrong link type (-22)
[  146.679934][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  146.686515][ T5102] Bluetooth: Wrong link type (-22)
[  146.692009][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  146.701515][ T5102] Bluetooth: Wrong link type (-22)
[  147.066843][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.919788][ T5102] Bluetooth: hci3: command tx timeout
[  150.393566][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.193383][   T29] audit: type=1400 audit(1720699108.422:187): avc:  denied  { read write } for  pid=5397 comm="syz.4.54" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  151.236148][   T29] audit: type=1400 audit(1720699108.422:188): avc:  denied  { open } for  pid=5397 comm="syz.4.54" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  151.367840][   T29] audit: type=1400 audit(1720699108.602:189): avc:  denied  { ioctl } for  pid=5397 comm="syz.4.54" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=7603 ioctlcmd=0xaa00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  151.728106][ T5102] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  151.735198][ T5102] Bluetooth: hci2: unexpected event 0x06 length: 17 > 3
[  151.987103][ T5102] Bluetooth: hci3: command tx timeout
[  152.419456][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  152.426131][ T5102] Bluetooth: Wrong link type (-22)
[  152.427742][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.432227][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  152.454650][ T5102] Bluetooth: Wrong link type (-22)
[  152.459943][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  152.466454][ T5102] Bluetooth: Wrong link type (-22)
[  152.472236][ T5102] Bluetooth: hci2: link tx timeout
[  152.478369][ T5102] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  152.823180][ T5416] syz.0.58 uses obsolete (PF_INET,SOCK_PACKET)
[  153.686031][   T29] audit: type=1400 audit(1720699110.922:190): avc:  denied  { ioctl } for  pid=5413 comm="syz.0.58" path="socket:[7623]" dev="sockfs" ino=7623 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  153.788161][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.017577][   T53] Bluetooth: hci3: command tx timeout
[  154.638905][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  155.292406][   T29] audit: type=1400 audit(1720699112.522:191): avc:  denied  { create } for  pid=5418 comm="syz.2.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  155.644180][   T29] audit: type=1400 audit(1720699112.872:192): avc:  denied  { read } for  pid=5418 comm="syz.2.59" name="card1" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  156.590928][ T5102] Bluetooth: hci3: command tx timeout
[  156.688373][   T29] audit: type=1400 audit(1720699112.872:193): avc:  denied  { open } for  pid=5418 comm="syz.2.59" path="/dev/dri/card1" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  156.769773][   T29] audit: type=1400 audit(1720699113.912:194): avc:  denied  { bind } for  pid=5418 comm="syz.2.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  157.946036][ T5424] can0: slcan on ptm0.
[  158.266167][ T5424] can0 (unregistered): slcan off ptm0.
[  158.366129][   T11] bridge_slave_1: left allmulticast mode
[  158.383058][   T11] bridge_slave_1: left promiscuous mode
[  158.428732][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.571326][   T11] bridge_slave_0: left allmulticast mode
[  158.599164][ T5102] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  158.607736][ T5102] Bluetooth: hci2: unexpected event 0x06 length: 17 > 3
[  158.692913][   T11] bridge_slave_0: left promiscuous mode
[  158.734928][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  158.741872][ T5102] Bluetooth: Wrong link type (-22)
[  158.748584][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  158.755151][ T5102] Bluetooth: Wrong link type (-22)
[  158.760639][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  158.767194][ T5102] Bluetooth: Wrong link type (-22)
[  158.787343][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.394796][ T5460] ALSA: mixer_oss: invalid OSS volume ''
[  161.593027][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  161.615086][   T29] audit: type=1400 audit(1720699118.852:195): avc:  denied  { read } for  pid=5467 comm="syz.4.72" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  161.615816][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  161.666225][   T29] audit: type=1400 audit(1720699118.852:196): avc:  denied  { open } for  pid=5467 comm="syz.4.72" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  161.708794][   T11] bond0 (unregistering): Released all slaves
[  161.745986][ T5373] chnl_net:caif_netlink_parms(): no params data found
[  161.891475][   T29] audit: type=1400 audit(1720699119.132:197): avc:  denied  { search } for  pid=4748 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  162.016766][   T29] audit: type=1400 audit(1720699119.252:198): avc:  denied  { read } for  pid=5472 comm="syz.2.74" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  162.118381][   T29] audit: type=1400 audit(1720699119.252:199): avc:  denied  { open } for  pid=5472 comm="syz.2.74" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  162.382730][   T29] audit: type=1400 audit(1720699119.612:200): avc:  denied  { bind } for  pid=5481 comm="syz.0.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  162.486354][ T5102] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  162.489593][ T5490] xt_time: invalid argument - start or stop time greater than 23:59:59
[  162.589385][   T29] audit: type=1400 audit(1720699119.662:201): avc:  denied  { setopt } for  pid=5481 comm="syz.0.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  163.232083][   T29] audit: type=1400 audit(1720699119.702:202): avc:  denied  { read } for  pid=5481 comm="syz.0.77" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  163.260693][ T5102] Bluetooth: hci1: Malformed LE Event: 0x0d
[  163.339639][   T29] audit: type=1400 audit(1720699119.872:203): avc:  denied  { ioctl } for  pid=5481 comm="syz.0.77" path="socket:[7776]" dev="sockfs" ino=7776 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  163.408304][ T5071] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  163.499571][   T29] audit: type=1400 audit(1720699120.552:204): avc:  denied  { read write } for  pid=5494 comm="syz.4.78" name="video7" dev="devtmpfs" ino=867 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  163.740536][ T5071] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  163.761126][ T5071] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  163.771402][ T5071] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  163.790252][ T5071] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.923416][ T5478] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  164.369375][ T5484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  164.474536][ T5484] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  164.811954][ T5373] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.856779][ T5373] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.871133][ T5373] bridge_slave_0: entered allmulticast mode
[  164.922822][ T5373] bridge_slave_0: entered promiscuous mode
[  165.131128][ T5373] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.185579][ T5373] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.237967][ T5373] bridge_slave_1: entered allmulticast mode
[  165.289234][ T5373] bridge_slave_1: entered promiscuous mode
[  165.761524][    T9] usb 4-1: USB disconnect, device number 3
[  165.945428][ T5373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.090508][   T11] hsr_slave_0: left promiscuous mode
[  166.143871][   T11] hsr_slave_1: left promiscuous mode
[  166.167331][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.200727][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.221927][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.235323][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  166.251270][ T5102] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  166.261064][ T5102] Bluetooth: hci2: unexpected event 0x06 length: 17 > 3
[  166.299543][   T11] veth1_macvtap: left promiscuous mode
[  166.313003][   T11] veth0_macvtap: left promiscuous mode
[  166.327663][   T11] veth1_vlan: left promiscuous mode
[  166.333475][   T11] veth0_vlan: left promiscuous mode
[  166.408841][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  166.415412][ T5102] Bluetooth: Wrong link type (-22)
[  166.421353][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  166.428085][ T5102] Bluetooth: Wrong link type (-22)
[  166.433304][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  166.440060][ T5102] Bluetooth: Wrong link type (-22)
[  166.816719][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  166.816744][   T29] audit: type=1400 audit(1720699124.052:227): avc:  denied  { unmount } for  pid=5091 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  167.869999][   T11] team0 (unregistering): Port device team_slave_1 removed
[  167.962364][   T11] team0 (unregistering): Port device team_slave_0 removed
[  168.279475][   T29] audit: type=1400 audit(1720699125.482:228): avc:  denied  { create } for  pid=5541 comm="syz.4.88" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  169.455873][ T5522] netlink: 20 bytes leftover after parsing attributes in process `syz.0.81'.
[  169.471000][ T5373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  169.723512][   T29] audit: type=1400 audit(1720699126.962:229): avc:  denied  { create } for  pid=5549 comm="syz.0.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  169.797808][   T29] audit: type=1400 audit(1720699127.012:230): avc:  denied  { write } for  pid=5549 comm="syz.0.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  169.849775][ T5373] team0: Port device team_slave_0 added
[  169.871065][   T29] audit: type=1400 audit(1720699127.022:231): avc:  denied  { bind } for  pid=5549 comm="syz.0.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.903958][ T5373] team0: Port device team_slave_1 added
[  169.987081][   T29] audit: type=1400 audit(1720699127.022:232): avc:  denied  { name_bind } for  pid=5549 comm="syz.0.90" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  170.067460][   T29] audit: type=1400 audit(1720699127.022:233): avc:  denied  { node_bind } for  pid=5549 comm="syz.0.90" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  170.139735][   T29] audit: type=1400 audit(1720699127.032:234): avc:  denied  { listen } for  pid=5549 comm="syz.0.90" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  170.271924][   T29] audit: type=1400 audit(1720699127.082:235): avc:  denied  { accept } for  pid=5549 comm="syz.0.90" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  170.306864][ T5373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.320928][ T5373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.419987][ T5373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.469146][ T5373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.505815][ T5373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.577493][ T5565] ALSA: mixer_oss: invalid OSS volume ''
[  170.610250][ T5373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.608184][ T5373] hsr_slave_0: entered promiscuous mode
[  171.765094][ T5373] hsr_slave_1: entered promiscuous mode
[  171.775829][ T5373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  171.820080][ T5102] Bluetooth: hci2: Malformed LE Event: 0x0d
[  171.834262][ T5373] Cannot create hsr debugfs directory
[  175.184244][ T5102] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  175.197213][ T5102] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  175.481029][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  175.496580][ T5102] Bluetooth: Wrong link type (-22)
[  175.504002][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  175.511145][ T5102] Bluetooth: Wrong link type (-22)
[  175.516859][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  175.526393][ T5102] Bluetooth: Wrong link type (-22)
[  175.537418][ T5102] Bluetooth: hci1: link tx timeout
[  175.542898][ T5102] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  176.844851][ T5373] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  177.213341][ T5373] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  177.428043][ T5373] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  177.520336][ T5373] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  177.617364][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  177.911744][   T29] audit: type=1400 audit(1720699135.152:236): avc:  denied  { read } for  pid=5637 comm="syz.2.107" name="event0" dev="devtmpfs" ino=834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  178.050399][   T29] audit: type=1400 audit(1720699135.152:237): avc:  denied  { open } for  pid=5637 comm="syz.2.107" path="/dev/input/event0" dev="devtmpfs" ino=834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  178.091712][ T5639] netlink: 72 bytes leftover after parsing attributes in process `syz.3.106'.
[  178.285855][ T5373] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.325877][   T29] audit: type=1400 audit(1720699135.552:238): avc:  denied  { create } for  pid=5637 comm="syz.2.107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  178.462646][ T5373] 8021q: adding VLAN 0 to HW filter on device team0
[  178.505405][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.513552][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.521671][   T29] audit: type=1400 audit(1720699135.742:239): avc:  denied  { setopt } for  pid=5637 comm="syz.2.107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  178.917379][   T29] audit: type=1400 audit(1720699135.762:240): avc:  denied  { bind } for  pid=5637 comm="syz.2.107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  179.020947][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.028296][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.068261][   T29] audit: type=1400 audit(1720699136.302:241): avc:  denied  { write } for  pid=5637 comm="syz.2.107" path="socket:[8733]" dev="sockfs" ino=8733 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  180.743853][ T5667] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  180.799744][   T29] audit: type=1400 audit(1720699137.982:242): avc:  denied  { ioctl } for  pid=5665 comm="syz.0.111" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  181.184281][ T5373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.271684][ T5102] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  181.278814][ T5102] Bluetooth: hci4: unexpected event 0x06 length: 17 > 3
[  182.606654][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  182.620299][ T5102] Bluetooth: Wrong link type (-22)
[  182.625514][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  182.633154][ T5102] Bluetooth: Wrong link type (-22)
[  182.638840][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  182.645930][ T5102] Bluetooth: Wrong link type (-22)
[  182.651692][ T5102] Bluetooth: hci4: link tx timeout
[  182.660481][ T5102] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  182.729701][ T5373] veth0_vlan: entered promiscuous mode
[  183.425116][ T5373] veth1_vlan: entered promiscuous mode
[  183.733597][ T5373] veth0_macvtap: entered promiscuous mode
[  183.776266][ T5373] veth1_macvtap: entered promiscuous mode
[  184.314631][   T29] audit: type=1400 audit(1720699141.542:243): avc:  denied  { mount } for  pid=5692 comm="syz.3.116" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  184.757136][   T53] Bluetooth: hci4: command 0x0406 tx timeout
[  185.069588][   T29] audit: type=1400 audit(1720699142.202:244): avc:  denied  { unmount } for  pid=5088 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  185.132461][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.173793][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.230415][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.267350][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.311252][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.337022][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.360777][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.383981][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.421588][ T5373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.505786][ T5703] netlink: 12 bytes leftover after parsing attributes in process `syz.4.118'.
[  185.597639][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.627290][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.646778][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.683623][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.730071][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.746588][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.796595][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.831539][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.866854][ T5373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.834757][   T29] audit: type=1400 audit(1720699144.072:245): avc:  denied  { read } for  pid=5715 comm="syz.0.121" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  186.918162][   T29] audit: type=1400 audit(1720699144.112:246): avc:  denied  { open } for  pid=5715 comm="syz.0.121" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  186.991402][ T5373] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.041301][ T5373] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.097077][ T5373] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.143243][ T5373] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.197104][ T5139] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  187.223405][ T5719] warning: `syz.4.122' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  187.447576][ T5139] usb 1-1: Using ep0 maxpacket: 32
[  187.490069][ T5139] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.504404][ T3726] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.534303][ T5139] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.553767][ T5139] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  187.575464][ T5139] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  187.590380][ T5139] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  187.614456][ T5139] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  187.662049][ T5139] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  187.686982][ T5139] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.720283][ T3726] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.730817][ T5139] usb 1-1: Product: syz
[  187.735025][ T5139] usb 1-1: Manufacturer: syz
[  187.762554][ T5139] usb 1-1: SerialNumber: syz
[  187.987799][ T3726] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.049317][ T5102] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  188.057637][ T5102] Bluetooth: hci4: unexpected event 0x06 length: 17 > 3
[  188.243327][ T3726] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.330670][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  188.337404][ T5102] Bluetooth: Wrong link type (-22)
[  188.344126][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  188.351324][ T5102] Bluetooth: Wrong link type (-22)
[  188.356564][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  188.363379][ T5102] Bluetooth: Wrong link type (-22)
[  188.403752][ T5139] cdc_ncm 1-1:1.0: bind() failure
[  188.438446][ T5139] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  188.448244][ T5139] cdc_ncm 1-1:1.1: bind() failure
[  188.469540][ T5139] usb 1-1: USB disconnect, device number 2
[  188.832866][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.877190][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.328949][   T29] audit: type=1400 audit(1720699146.572:247): avc:  denied  { bind } for  pid=5736 comm="syz.0.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  189.372752][ T5394] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.439640][ T5394] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.447409][ T3726] bridge_slave_1: left allmulticast mode
[  189.453848][   T29] audit: type=1400 audit(1720699146.572:248): avc:  denied  { name_bind } for  pid=5736 comm="syz.0.126" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  189.467041][ T3726] bridge_slave_1: left promiscuous mode
[  189.486415][   T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  189.500672][   T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  189.510671][   T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  189.523963][   T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  189.533671][ T3726] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.542722][   T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  189.551145][   T29] audit: type=1400 audit(1720699146.572:249): avc:  denied  { node_bind } for  pid=5736 comm="syz.0.126" saddr=ff01::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  189.573417][   T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  189.611481][   T29] audit: type=1400 audit(1720699146.672:250): avc:  denied  { listen } for  pid=5736 comm="syz.0.126" laddr=ff01::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  189.634314][    C0] vkms_vblank_simulate: vblank timer overrun
[  189.676987][ T3726] bridge_slave_0: left allmulticast mode
[  189.683001][ T3726] bridge_slave_0: left promiscuous mode
[  189.702872][ T3726] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.781268][ T5102] Bluetooth: hci0: unexpected event 0x09 length: 8 > 3
[  191.075654][ T3726] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.123050][ T3726] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.149965][ T3726] bond0 (unregistering): Released all slaves
[  191.231549][   T29] audit: type=1400 audit(1720699148.462:251): avc:  denied  { mount } for  pid=5373 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  191.253567][    C0] vkms_vblank_simulate: vblank timer overrun
[  191.633387][ T5102] Bluetooth: hci2: command tx timeout
[  191.813398][ T5777] kernel profiling enabled (shift: 0)
[  193.726974][ T5102] Bluetooth: hci2: command tx timeout
[  196.098222][ T5102] Bluetooth: hci2: command tx timeout
[  197.845287][   T29] audit: type=1400 audit(1720699155.082:252): avc:  denied  { write } for  pid=5783 comm="syz.0.130" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  198.389799][ T3726] hsr_slave_0: left promiscuous mode
[  198.474870][ T3726] hsr_slave_1: left promiscuous mode
[  198.507714][ T3726] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.547918][ T3726] batman_adv: batadv0: Removing interface: batadv_slave_0
[  198.581755][ T3726] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.609984][ T3726] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.762642][ T3726] veth1_macvtap: left promiscuous mode
[  198.780336][ T3726] veth0_macvtap: left promiscuous mode
[  198.838513][ T3726] veth1_vlan: left promiscuous mode
[  198.845060][ T3726] veth0_vlan: left promiscuous mode
[  198.985968][   T29] audit: type=1400 audit(1720699156.212:253): avc:  denied  { create } for  pid=5795 comm="syz.1.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  199.271470][ T5102] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  199.278633][ T5102] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  199.412882][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  199.426475][ T5102] Bluetooth: Wrong link type (-22)
[  199.431743][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  199.438427][ T5102] Bluetooth: Wrong link type (-22)
[  199.443596][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  199.450183][ T5102] Bluetooth: Wrong link type (-22)
[  199.709495][ T5102] Bluetooth: hci2: command tx timeout
[  199.960872][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  199.989244][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  200.894471][ T5102] Bluetooth: hci3: Malformed LE Event: 0x0d
[  201.882717][ T3726] team0 (unregistering): Port device team_slave_1 removed
[  202.079576][ T3726] team0 (unregistering): Port device team_slave_0 removed
[  202.588211][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  202.607130][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  202.636488][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  202.669119][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  202.721152][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  202.729279][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  203.546043][ T5791] netlink: 'syz.0.130': attribute type 4 has an invalid length.
[  203.685663][ T5791] syz.0.130 (5791) used greatest stack depth: 21600 bytes left
[  204.858454][   T53] Bluetooth: hci5: command tx timeout
[  206.722599][ T5835] netlink: 72 bytes leftover after parsing attributes in process `syz.1.139'.
[  206.989627][   T53] Bluetooth: hci5: command tx timeout
[  208.215076][ T5738] chnl_net:caif_netlink_parms(): no params data found
[  208.693113][ T5873] ALSA: mixer_oss: invalid OSS volume ''
[  208.904728][ T5823] chnl_net:caif_netlink_parms(): no params data found
[  209.057249][   T53] Bluetooth: hci5: command tx timeout
[  209.404937][ T5738] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.445270][ T5738] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.476761][ T5738] bridge_slave_0: entered allmulticast mode
[  209.534719][ T5738] bridge_slave_0: entered promiscuous mode
[  209.604177][ T5738] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.627219][ T5738] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.636184][ T5738] bridge_slave_1: entered allmulticast mode
[  209.655676][   T53] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  209.662770][   T53] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  209.669878][ T5738] bridge_slave_1: entered promiscuous mode
[  210.738312][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  210.744855][   T53] Bluetooth: Wrong link type (-22)
[  210.750163][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  210.756672][   T53] Bluetooth: Wrong link type (-22)
[  210.761920][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  210.768507][   T53] Bluetooth: Wrong link type (-22)
[  211.138916][   T53] Bluetooth: hci5: command tx timeout
[  211.273514][ T5738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.373068][ T5738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.404148][ T5902] xt_time: invalid argument - start or stop time greater than 23:59:59
[  211.764896][ T5138] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  212.079097][ T5138] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  212.096516][ T5138] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  212.115449][ T5738] team0: Port device team_slave_0 added
[  212.164761][ T5138] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  212.237626][ T5138] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.297411][ T5902] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  212.339576][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.346763][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.436392][ T5823] bridge_slave_0: entered allmulticast mode
[  212.468711][ T5823] bridge_slave_0: entered promiscuous mode
[  212.525783][ T5738] team0: Port device team_slave_1 added
[  212.584724][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.607382][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.627243][ T5823] bridge_slave_1: entered allmulticast mode
[  212.682599][ T5823] bridge_slave_1: entered promiscuous mode
[  213.185287][ T5902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.206094][ T5902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.687854][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.718949][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.745019][    C0] vkms_vblank_simulate: vblank timer overrun
[  213.770154][ T5738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.897631][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.924561][ T5925] xt_time: invalid argument - start or stop time greater than 23:59:59
[  213.968594][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.160096][   T63] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.241177][ T5930] xt_time: invalid argument - start or stop time greater than 23:59:59
[  214.263789][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.297275][ T5141] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  214.303151][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.330838][    C0] vkms_vblank_simulate: vblank timer overrun
[  214.435363][ T5738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.577095][ T5141] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  214.611742][ T5141] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  214.638683][ T5141] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  214.685214][ T5141] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.728537][ T5140] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  214.750179][ T5071] usb 1-1: USB disconnect, device number 3
[  214.804931][ T5925] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  214.963114][ T5140] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  215.006095][ T5140] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  215.036535][ T5140] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  215.113904][ T5140] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.181104][   T63] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.194802][ T5930] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  215.508976][ T5823] team0: Port device team_slave_0 added
[  215.658928][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  215.675174][ T5823] team0: Port device team_slave_1 added
[  215.869118][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  216.239429][   T63] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.300785][ T5926] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  216.346467][ T5926] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.128880][   T63] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.291781][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.336138][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.363163][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.417355][ T5140] usb 3-1: USB disconnect, device number 3
[  217.562257][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.716158][ T5738] hsr_slave_0: entered promiscuous mode
[  217.803046][ T1530] usb 2-1: USB disconnect, device number 2
[  217.839628][   T53] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  217.847800][ T5738] hsr_slave_1: entered promiscuous mode
[  217.878834][ T5738] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.996252][ T5738] Cannot create hsr debugfs directory
[  218.128107][   T29] audit: type=1400 audit(1720699175.352:254): avc:  denied  { write } for  pid=5949 comm="syz.1.157" name="001" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  218.222262][ T5950] usb usb8: usbfs: process 5950 (syz.1.157) did not claim interface 0 before use
[  218.248686][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.255785][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.354329][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.722206][ T5953] netlink: 60 bytes leftover after parsing attributes in process `syz.1.158'.
[  218.867851][   T53] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  218.878663][   T53] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  219.013215][ T5823] hsr_slave_0: entered promiscuous mode
[  219.031914][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  219.038568][   T53] Bluetooth: Wrong link type (-22)
[  219.044440][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  219.052350][   T53] Bluetooth: Wrong link type (-22)
[  219.058766][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  219.065704][   T53] Bluetooth: Wrong link type (-22)
[  219.148074][ T5823] hsr_slave_1: entered promiscuous mode
[  219.157478][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.165231][ T5823] Cannot create hsr debugfs directory
[  222.394357][   T53] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  222.413231][   T53] Bluetooth: hci3: unexpected event 0x06 length: 17 > 3
[  222.456734][   T63] bridge_slave_1: left allmulticast mode
[  222.533659][   T63] bridge_slave_1: left promiscuous mode
[  222.568510][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.642621][   T63] bridge_slave_0: left allmulticast mode
[  222.652352][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  222.659457][   T53] Bluetooth: Wrong link type (-22)
[  222.664876][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  222.671573][   T53] Bluetooth: Wrong link type (-22)
[  222.676807][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  222.685304][   T53] Bluetooth: Wrong link type (-22)
[  222.692881][   T53] Bluetooth: hci3: link tx timeout
[  222.699117][   T53] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  222.754173][   T63] bridge_slave_0: left promiscuous mode
[  222.774436][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.378643][ T5102] Bluetooth: hci1: Malformed LE Event: 0x0d
[  223.535755][ T5102] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  223.545010][ T5102] Bluetooth: hci0: unexpected event 0x06 length: 17 > 3
[  223.773633][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x10
[  223.787466][ T5102] Bluetooth: Wrong link type (-22)
[  223.792670][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  223.799353][ T5102] Bluetooth: Wrong link type (-22)
[  223.804537][ T5102] Bluetooth: Unknown BR/EDR signaling command 0x11
[  223.811122][ T5102] Bluetooth: Wrong link type (-22)
[  223.816631][ T5102] Bluetooth: hci0: link tx timeout
[  223.822344][ T5102] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  224.301251][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  224.347682][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  224.372455][   T63] bond0 (unregistering): Released all slaves
[  224.737151][ T5093] Bluetooth: hci3: command 0x0406 tx timeout
[  224.844555][   T53] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  224.853009][   T53] Bluetooth: hci0: unexpected event 0x06 length: 17 > 3
[  224.962742][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  224.977794][   T53] Bluetooth: Wrong link type (-22)
[  224.986632][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  224.993402][   T53] Bluetooth: Wrong link type (-22)
[  224.998709][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  225.005258][   T53] Bluetooth: Wrong link type (-22)
[  225.010861][   T53] Bluetooth: hci0: link tx timeout
[  225.015988][   T53] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  225.999911][   T53] Bluetooth: hci0: command 0x0406 tx timeout
[  226.567519][   T29] audit: type=1400 audit(1720699183.812:255): avc:  denied  { write } for  pid=6021 comm="syz.1.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  226.634247][   T29] audit: type=1400 audit(1720699183.862:256): avc:  denied  { read } for  pid=6021 comm="syz.1.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  228.234532][   T63] hsr_slave_0: left promiscuous mode
[  228.274413][   T63] hsr_slave_1: left promiscuous mode
[  228.301894][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.330890][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.368684][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.376486][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.464112][   T63] veth1_macvtap: left promiscuous mode
[  228.498972][   T63] veth0_macvtap: left promiscuous mode
[  228.521645][   T63] veth1_vlan: left promiscuous mode
[  228.541266][   T63] veth0_vlan: left promiscuous mode
[  230.824098][   T63] team0 (unregistering): Port device team_slave_1 removed
[  230.896239][   T63] team0 (unregistering): Port device team_slave_0 removed
[  232.468147][ T5093] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  232.475823][ T5093] Bluetooth: hci0: unexpected event 0x06 length: 17 > 3
[  232.534605][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x10
[  232.549254][ T5093] Bluetooth: Wrong link type (-22)
[  232.554582][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  232.561682][ T5093] Bluetooth: Wrong link type (-22)
[  232.567181][ T5093] Bluetooth: Unknown BR/EDR signaling command 0x11
[  232.573793][ T5093] Bluetooth: Wrong link type (-22)
[  232.739842][ T5100] Bluetooth: hci0: command 0x0406 tx timeout
[  232.746413][ T5093] Bluetooth: hci1: command 0x0406 tx timeout
[  233.545752][ T6086] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  233.583575][ T6086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.720263][ T5823] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  233.770627][ T5823] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  233.836458][ T5823] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  233.881250][ T5102] Bluetooth: hci3: Malformed LE Event: 0x0d
[  233.962078][ T5823] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  234.161580][ T5738] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  234.196613][ T5738] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  234.242233][ T5738] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  234.284135][ T5738] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  235.063144][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.112872][ T5738] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.185196][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[  235.344300][ T5738] 8021q: adding VLAN 0 to HW filter on device team0
[  235.431523][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.438805][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.594254][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.601580][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.653104][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.660395][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.870415][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.877720][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.694998][ T6129] xt_time: invalid argument - start or stop time greater than 23:59:59
[  238.267154][ T5141] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  238.310212][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.365163][ T5738] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.512386][ T5141] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  238.543507][ T5141] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  238.580202][ T5141] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  238.627523][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.703808][ T5738] veth0_vlan: entered promiscuous mode
[  238.731586][ T6129] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  238.885504][ T5738] veth1_vlan: entered promiscuous mode
[  239.107886][ T5738] veth0_macvtap: entered promiscuous mode
[  239.193353][ T5738] veth1_macvtap: entered promiscuous mode
[  239.428911][ T5738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.477061][ T5738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.510764][ T5102] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  239.511679][ T5738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.518100][ T5102] Bluetooth: hci1: unexpected event 0x06 length: 17 > 3
[  239.591632][ T6129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.616053][ T6129] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.665281][ T5738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.677379][ T5738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.712153][ T5102] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  239.747052][ T5738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.812136][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.953937][ T5738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.019584][ T5738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.054402][ T5738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.094560][ T5738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.118896][ T5738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.136347][ T5738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.184677][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.210425][ T6157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.254565][ T5738] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.315106][ T5738] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.350793][ T5738] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.370642][ T5738] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.955506][    T8] usb 2-1: USB disconnect, device number 3
[  241.096460][ T3726] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.142421][ T3726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.177278][ T5823] veth0_vlan: entered promiscuous mode
[  241.272982][ T5823] veth1_vlan: entered promiscuous mode
[  241.491852][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.663491][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.254904][ T5823] veth0_macvtap: entered promiscuous mode
[  242.410774][ T5823] veth1_macvtap: entered promiscuous mode
[  243.007573][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.206401][ T5102] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  243.216962][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.327406][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.338223][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.350947][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.361606][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.386970][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.647343][   T29] audit: type=1400 audit(1720699200.862:257): avc:  denied  { write } for  pid=6181 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  243.684868][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.739673][   T29] audit: type=1400 audit(1720699200.862:258): avc:  denied  { connect } for  pid=6181 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  243.758374][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[  243.759400][   T29] audit: type=1400 audit(1720699200.862:259): avc:  denied  { name_connect } for  pid=6181 comm="syz.0.201" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  246.388868][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  246.507018][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  246.561646][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  246.625587][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  246.674039][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  246.712930][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  246.743767][ T5823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  246.795483][ T5823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  246.956661][ T6211] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.997546][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.844165][ T5823] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.907272][ T5823] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.944259][ T5823] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.975313][ T5823] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.495157][ T5102] Bluetooth: hci3: unexpected subevent 0x19 length: 16 < 28
[  248.504363][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.538217][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.706992][   T29] audit: type=1400 audit(1720699205.942:260): avc:  denied  { write } for  pid=6219 comm="syz.2.206" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  248.954769][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.135750][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.098848][   T29] audit: type=1400 audit(1720699208.332:261): avc:  denied  { setopt } for  pid=6251 comm="syz.2.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  251.126396][    C0] vkms_vblank_simulate: vblank timer overrun
[  251.517670][ T5102] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  252.008110][ T5102] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  252.836418][   T29] audit: type=1400 audit(1720699210.072:262): avc:  denied  { connect } for  pid=6258 comm="syz.3.214" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  253.166718][ T6270] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  255.895129][ T5102] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  259.689678][ T6333] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  259.713576][ T5102] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  259.965650][ T5102] Bluetooth: hci5: unexpected subevent 0x19 length: 16 < 28
[  260.200280][ T5102] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  260.207378][ T5102] Bluetooth: hci0: unexpected event 0x06 length: 17 > 3
[  260.461030][ T5102] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  261.522637][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  261.532524][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  263.007788][ T6398] netlink: zone id is out of range
[  263.157413][ T6398] netlink: zone id is out of range
[  263.412161][   T29] audit: type=1400 audit(1720699220.632:263): avc:  denied  { read } for  pid=6388 comm="syz.4.238" path="socket:[12758]" dev="sockfs" ino=12758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  263.580193][   T29] audit: type=1400 audit(1720699220.822:264): avc:  denied  { rename } for  pid=4516 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  263.717397][   T29] audit: type=1400 audit(1720699220.822:265): avc:  denied  { unlink } for  pid=4516 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  263.754559][ T6398] netlink: set zone limit has 4 unknown bytes
[  263.808124][   T29] audit: type=1400 audit(1720699220.852:266): avc:  denied  { create } for  pid=4516 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  263.883541][ T6393] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  264.928636][ T6433] netlink: 12 bytes leftover after parsing attributes in process `syz.0.244'.
[  265.315838][ T6400] netlink: 14 bytes leftover after parsing attributes in process `syz.2.240'.
[  267.989129][   T53] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  268.005551][   T53] Bluetooth: hci3: unexpected event 0x06 length: 17 > 3
[  268.493301][   T53] Bluetooth: Unknown BR/EDR signaling command 0x10
[  268.507088][   T53] Bluetooth: Wrong link type (-22)
[  268.512387][   T53] Bluetooth: Unknown BR/EDR signaling command 0x0d
[  268.519927][   T53] Bluetooth: Wrong link type (-22)
[  268.525210][   T53] Bluetooth: Unknown BR/EDR signaling command 0x11
[  268.533502][   T53] Bluetooth: Wrong link type (-22)
[  268.617029][   T53] ==================================================================
[  268.625169][   T53] BUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x786/0x920
[  268.632885][   T53] Read of size 4 at addr ffff88801aa88010 by task kworker/u9:0/53
[  268.640743][   T53] 
[  268.643095][   T53] CPU: 0 PID: 53 Comm: kworker/u9:0 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  268.653298][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  268.663398][   T53] Workqueue: hci3 hci_rx_work
[  268.668148][   T53] Call Trace:
[  268.671468][   T53]  <TASK>
[  268.674433][   T53]  dump_stack_lvl+0x116/0x1f0
[  268.679178][   T53]  print_report+0xc3/0x620
[  268.683662][   T53]  ? __virt_addr_valid+0x5e/0x590
[  268.688730][   T53]  ? __phys_addr+0xc6/0x150
[  268.693276][   T53]  kasan_report+0xd9/0x110
[  268.697733][   T53]  ? l2cap_send_cmd+0x786/0x920
[  268.702647][   T53]  ? l2cap_send_cmd+0x786/0x920
[  268.707688][   T53]  l2cap_send_cmd+0x786/0x920
[  268.712434][   T53]  l2cap_recv_frame+0x2352/0x8ea0
[  268.717523][   T53]  ? hci_rx_work+0xa83/0x1610
[  268.722256][   T53]  ? __pfx_lock_release+0x10/0x10
[  268.727347][   T53]  ? __pfx___lock_acquire+0x10/0x10
[  268.732606][   T53]  ? __pfx_l2cap_recv_frame+0x10/0x10
[  268.738030][   T53]  ? trace_contention_end+0xea/0x140
[  268.743367][   T53]  ? __mutex_unlock_slowpath+0x164/0x650
[  268.749055][   T53]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  268.755090][   T53]  ? hci_rx_work+0xa6f/0x1610
[  268.759822][   T53]  ? hci_conn_enter_active_mode+0x219/0x360
[  268.765863][   T53]  ? __pfx_lock_release+0x10/0x10
[  268.770950][   T53]  ? __pfx_hci_conn_enter_active_mode+0x10/0x10
[  268.777255][   T53]  l2cap_recv_acldata+0x9ac/0xb60
[  268.782345][   T53]  hci_rx_work+0xaa7/0x1610
[  268.786907][   T53]  process_one_work+0x9c5/0x1b40
[  268.791896][   T53]  ? __pfx_lock_acquire+0x10/0x10
[  268.797506][   T53]  ? __pfx_process_one_work+0x10/0x10
[  268.802923][   T53]  ? assign_work+0x1a0/0x250
[  268.807573][   T53]  worker_thread+0x6c8/0xf30
[  268.812207][   T53]  ? __pfx_worker_thread+0x10/0x10
[  268.817360][   T53]  kthread+0x2c1/0x3a0
[  268.821486][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  268.826729][   T53]  ? __pfx_kthread+0x10/0x10
[  268.831371][   T53]  ret_from_fork+0x45/0x80
[  268.835844][   T53]  ? __pfx_kthread+0x10/0x10
[  268.840488][   T53]  ret_from_fork_asm+0x1a/0x30
[  268.845317][   T53]  </TASK>
[  268.848365][   T53] 
[  268.850806][   T53] Allocated by task 53:
[  268.854982][   T53]  kasan_save_stack+0x33/0x60
[  268.859715][   T53]  kasan_save_track+0x14/0x30
[  268.864450][   T53]  __kasan_kmalloc+0xaa/0xb0
[  268.869098][   T53]  l2cap_conn_add.part.0+0x60/0xa60
[  268.874352][   T53]  l2cap_connect_cfm+0x428/0xf80
[  268.879333][   T53]  hci_remote_features_evt+0x548/0x9e0
[  268.884836][   T53]  hci_event_packet+0x9e3/0x1170
[  268.889818][   T53]  hci_rx_work+0x2c4/0x1610
[  268.894365][   T53]  process_one_work+0x9c5/0x1b40
[  268.899341][   T53]  worker_thread+0x6c8/0xf30
[  268.903966][   T53]  kthread+0x2c1/0x3a0
[  268.908081][   T53]  ret_from_fork+0x45/0x80
[  268.912542][   T53]  ret_from_fork_asm+0x1a/0x30
[  268.917356][   T53] 
[  268.919700][   T53] Freed by task 5102:
[  268.923700][   T53]  kasan_save_stack+0x33/0x60
[  268.928448][   T53]  kasan_save_track+0x14/0x30
[  268.933180][   T53]  kasan_save_free_info+0x3b/0x60
[  268.938278][   T53]  poison_slab_object+0xf7/0x160
[  268.943291][   T53]  __kasan_slab_free+0x32/0x50
[  268.948104][   T53]  kfree+0x12a/0x3b0
[  268.952043][   T53]  l2cap_conn_del+0x59d/0x740
[  268.956753][   T53]  l2cap_connect_cfm+0x9e6/0xf80
[  268.961727][   T53]  hci_conn_failed+0x1c3/0x370
[  268.966545][   T53]  hci_abort_conn_sync+0x75a/0xb50
[  268.971798][   T53]  abort_conn_sync+0x197/0x360
[  268.976607][   T53]  hci_cmd_sync_work+0x1a4/0x410
[  268.981597][   T53]  process_one_work+0x9c5/0x1b40
[  268.986571][   T53]  worker_thread+0x6c8/0xf30
[  268.991199][   T53]  kthread+0x2c1/0x3a0
[  268.995323][   T53]  ret_from_fork+0x45/0x80
[  268.999790][   T53]  ret_from_fork_asm+0x1a/0x30
[  269.004606][   T53] 
[  269.006952][   T53] Last potentially related work creation:
[  269.012689][   T53]  kasan_save_stack+0x33/0x60
[  269.017439][   T53]  __kasan_record_aux_stack+0xba/0xd0
[  269.022856][   T53]  insert_work+0x36/0x230
[  269.027251][   T53]  __queue_work+0x944/0x1020
[  269.031875][   T53]  call_timer_fn+0x1a0/0x610
[  269.036516][   T53]  __run_timers+0x567/0xaf0
[  269.041071][   T53]  run_timer_base+0x111/0x190
[  269.045802][   T53]  run_timer_softirq+0x1a/0x40
[  269.050620][   T53]  handle_softirqs+0x216/0x8f0
[  269.055427][   T53]  irq_exit_rcu+0xbb/0x120
[  269.059907][   T53]  sysvec_apic_timer_interrupt+0x95/0xb0
[  269.065582][   T53]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  269.071611][   T53] 
[  269.073950][   T53] Second to last potentially related work creation:
[  269.080643][   T53]  kasan_save_stack+0x33/0x60
[  269.085371][   T53]  __kasan_record_aux_stack+0xba/0xd0
[  269.090781][   T53]  insert_work+0x36/0x230
[  269.095163][   T53]  __queue_work+0x525/0x1020
[  269.099791][   T53]  queue_work_on+0x11a/0x140
[  269.104418][   T53]  l2cap_connect_cfm+0x9c9/0xf80
[  269.109401][   T53]  hci_remote_features_evt+0x548/0x9e0
[  269.114902][   T53]  hci_event_packet+0x9e3/0x1170
[  269.119889][   T53]  hci_rx_work+0x2c4/0x1610
[  269.124435][   T53]  process_one_work+0x9c5/0x1b40
[  269.129412][   T53]  worker_thread+0x6c8/0xf30
[  269.134047][   T53]  kthread+0x2c1/0x3a0
[  269.138162][   T53]  ret_from_fork+0x45/0x80
[  269.142639][   T53]  ret_from_fork_asm+0x1a/0x30
[  269.147464][   T53] 
[  269.149812][   T53] The buggy address belongs to the object at ffff88801aa88000
[  269.149812][   T53]  which belongs to the cache kmalloc-1k of size 1024
[  269.163989][   T53] The buggy address is located 16 bytes inside of
[  269.163989][   T53]  freed 1024-byte region [ffff88801aa88000, ffff88801aa88400)
[  269.177826][   T53] 
[  269.180171][   T53] The buggy address belongs to the physical page:
[  269.186612][   T53] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1aa88
[  269.195405][   T53] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  269.203941][   T53] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  269.211523][   T53] page_type: 0xffffefff(slab)
[  269.216241][   T53] raw: 00fff00000000040 ffff888015441dc0 dead000000000100 dead000000000122
[  269.224873][   T53] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  269.233497][   T53] head: 00fff00000000040 ffff888015441dc0 dead000000000100 dead000000000122
[  269.242212][   T53] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  269.250924][   T53] head: 00fff00000000003 ffffea00006aa201 ffffffffffffffff 0000000000000000
[  269.259636][   T53] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  269.268332][   T53] page dumped because: kasan: bad access detected
[  269.274787][   T53] page_owner tracks the page as allocated
[  269.280524][   T53] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 35, tgid 35 (kworker/u8:2), ts 117412726353, free_ts 117293300108
[  269.301117][   T53]  post_alloc_hook+0x2d1/0x350
[  269.305933][   T53]  get_page_from_freelist+0x1353/0x2e50
[  269.311536][   T53]  __alloc_pages_noprof+0x22b/0x2460
[  269.316877][   T53]  alloc_slab_page+0x56/0x110
[  269.321598][   T53]  new_slab+0x84/0x260
[  269.325718][   T53]  ___slab_alloc+0xdac/0x1870
[  269.330475][   T53]  __slab_alloc.constprop.0+0x56/0xb0
[  269.335906][   T53]  __kmalloc_noprof+0x36d/0x410
[  269.340787][   T53]  ieee802_11_parse_elems_full+0xea/0x15d0
[  269.346666][   T53]  ieee80211_inform_bss+0xfd/0x1140
[  269.351936][   T53]  cfg80211_inform_single_bss_data+0x87d/0x2080
[  269.358229][   T53]  cfg80211_inform_bss_data+0x205/0x39d0
[  269.363934][   T53]  cfg80211_inform_bss_frame_data+0x271/0x7c0
[  269.370062][   T53]  ieee80211_bss_info_update+0x311/0xab0
[  269.375759][   T53]  ieee80211_ibss_rx_queued_mgmt+0x1898/0x2f40
[  269.381972][   T53]  ieee80211_iface_work+0xc07/0xf00
[  269.387232][   T53] page last free pid 5139 tgid 5139 stack trace:
[  269.393583][   T53]  free_unref_page+0x64a/0xe40
[  269.398397][   T53]  qlist_free_all+0x4e/0x140
[  269.403057][   T53]  kasan_quarantine_reduce+0x192/0x1e0
[  269.408569][   T53]  __kasan_slab_alloc+0x69/0x90
[  269.413498][   T53]  kmalloc_node_track_caller_noprof+0x1c1/0x430
[  269.419782][   T53]  kmalloc_reserve+0xef/0x2c0
[  269.424498][   T53]  __alloc_skb+0x164/0x380
[  269.428959][   T53]  alloc_skb_with_frags+0xe4/0x710
[  269.434126][   T53]  sock_alloc_send_pskb+0x7f1/0x980
[  269.439374][   T53]  mld_newpack.isra.0+0x1ed/0x790
[  269.444451][   T53]  add_grhead+0x299/0x340
[  269.448828][   T53]  add_grec+0x111e/0x1670
[  269.453222][   T53]  mld_ifc_work+0x41f/0xce0
[  269.457774][   T53]  process_one_work+0x9c5/0x1b40
[  269.462783][   T53]  worker_thread+0x6c8/0xf30
[  269.467415][   T53]  kthread+0x2c1/0x3a0
[  269.471537][   T53] 
[  269.473881][   T53] Memory state around the buggy address:
[  269.479558][   T53]  ffff88801aa87f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  269.487655][   T53]  ffff88801aa87f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  269.495747][   T53] >ffff88801aa88000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  269.503832][   T53]                          ^
[  269.508452][   T53]  ffff88801aa88080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  269.516544][   T53]  ffff88801aa88100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  269.524628][   T53] ==================================================================
[  269.976192][   T53] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  269.983432][   T53] CPU: 1 PID: 53 Comm: kworker/u9:0 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0
[  269.993524][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  270.003630][   T53] Workqueue: hci3 hci_rx_work
[  270.008370][   T53] Call Trace:
[  270.011663][   T53]  <TASK>
[  270.014608][   T53]  dump_stack_lvl+0x3d/0x1f0
[  270.019236][   T53]  panic+0x6f5/0x7a0
[  270.023175][   T53]  ? __pfx_panic+0x10/0x10
[  270.027636][   T53]  ? preempt_schedule_thunk+0x1a/0x30
[  270.033045][   T53]  ? preempt_schedule_common+0x44/0xc0
[  270.038532][   T53]  check_panic_on_warn+0xab/0xb0
[  270.043506][   T53]  end_report+0x117/0x180
[  270.047875][   T53]  kasan_report+0xe9/0x110
[  270.052308][   T53]  ? l2cap_send_cmd+0x786/0x920
[  270.057204][   T53]  ? l2cap_send_cmd+0x786/0x920
[  270.062090][   T53]  l2cap_send_cmd+0x786/0x920
[  270.066809][   T53]  l2cap_recv_frame+0x2352/0x8ea0
[  270.071870][   T53]  ? hci_rx_work+0xa83/0x1610
[  270.076574][   T53]  ? __pfx_lock_release+0x10/0x10
[  270.081636][   T53]  ? __pfx___lock_acquire+0x10/0x10
[  270.086875][   T53]  ? __pfx_l2cap_recv_frame+0x10/0x10
[  270.092276][   T53]  ? trace_contention_end+0xea/0x140
[  270.097586][   T53]  ? __mutex_unlock_slowpath+0x164/0x650
[  270.103274][   T53]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  270.109305][   T53]  ? hci_rx_work+0xa6f/0x1610
[  270.114026][   T53]  ? hci_conn_enter_active_mode+0x219/0x360
[  270.119960][   T53]  ? __pfx_lock_release+0x10/0x10
[  270.125022][   T53]  ? __pfx_hci_conn_enter_active_mode+0x10/0x10
[  270.131297][   T53]  l2cap_recv_acldata+0x9ac/0xb60
[  270.136351][   T53]  hci_rx_work+0xaa7/0x1610
[  270.140882][   T53]  process_one_work+0x9c5/0x1b40
[  270.145839][   T53]  ? __pfx_lock_acquire+0x10/0x10
[  270.150921][   T53]  ? __pfx_process_one_work+0x10/0x10
[  270.156319][   T53]  ? assign_work+0x1a0/0x250
[  270.160953][   T53]  worker_thread+0x6c8/0xf30
[  270.165582][   T53]  ? __pfx_worker_thread+0x10/0x10
[  270.170801][   T53]  kthread+0x2c1/0x3a0
[  270.174904][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  270.180126][   T53]  ? __pfx_kthread+0x10/0x10
[  270.184745][   T53]  ret_from_fork+0x45/0x80
[  270.189194][   T53]  ? __pfx_kthread+0x10/0x10
[  270.193810][   T53]  ret_from_fork_asm+0x1a/0x30
[  270.198641][   T53]  </TASK>
[  270.201996][   T53] Kernel Offset: disabled
[  270.206328][   T53] Rebooting in 86400 seconds..