last executing test programs: 8m55.085861208s ago: executing program 2 (id=507): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f0000002e2e"], 0x0, 0x35}, 0x28) syz_emit_ethernet(0x51, &(0x7f0000000200)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cabf00", 0x1b, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x1, "a78ce54006598080a8"}]}}}}}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180005000000ffff000077b9080000009500000000d3a07e"], &(0x7f0000000080)='GPL\x00', 0x7, 0x4fa, &(0x7f0000000cc0)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x2, 0x4, 0x9}, 0x1, 0x0, 0x0, 0xff3e, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000240)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x0, 0x0, 0x0, 0x8, 0xffffffba, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xd4}, 0x94) r1 = socket(0x15, 0x5, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r2 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r2, &(0x7f0000000340)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1) getsockopt(r1, 0x200000000114, 0x2714, 0x0, &(0x7f0000000000)) 8m54.982318327s ago: executing program 2 (id=510): openat$kvm(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) socket$netlink(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r4, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r5, 0x6, 0x24, 0x0, &(0x7f0000002000)) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r6, 0x0, 0x0, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r7 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r7, 0x0, 0x0, 0x10000, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800"], 0x0, 0x5, 0x0, 0x0, 0x60ff78ce1cb3c070}, 0x94) ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x3000, {}, 0x0, 0x2}}) 8m52.446105753s ago: executing program 2 (id=530): r0 = memfd_create(&(0x7f0000000b00)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x01\x83y\xf3\xb2\xe6b$\a\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\b\x00\x00\x00LR\xa1\x00\x00\x17\x1f$^\xe1\x00\x04\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\xce\xd5O\xcc\b\x9e\x19\x19#\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\xfd\xc7\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$h\x0ew\x00&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x01\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xff\x06\xe7j\x9fTJ;T\xf3\xfa\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x00\x00\x00\x00\x00\x00\x00\x0f\x81\xf3\x05\xa3{\x96\xf9\xba\x9em\xe9\"\x03\x933P\xbb\xd6\x9b\f\xa7\x8f9\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10\x00\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x131\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\r\xd5)\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I\xfa\x12\xfc\x96\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW\x00\x00\x00\x8fw\xa9A\xf7m\xeec\xb6\\\xa4T\xeej\xe2\xba\xb2V\xacc\xc6|\xae]\xdb\x10\xb3\x80z\xd5\n\xa3u\xfb\b\x03\xe5\xca;\xe5uH<\x9a\x12\x84(\x9f\xd2\xe1k\x955;J\xa4\x81Lm\x90\x1a\xfdI}\xb0\xa1\xfa9\x17\xd1\xa2\xc7\xca\x98\xaeS\x92Ew`\xd2\x02\xda\xc9\xd4\xea\x02\x1d\xd3\xd5\x81\xdb\xd9~\xd6-:\xee\xe8\t\xf7\xe6\xf1\x88\x86\xb0\x04\x9ep\xb1\x93\x16\xf9\xdb\x15\x8a\xa3h<\xaf\xa0\xb5\xb0\x05ir\xff\xff\xff\xff\x00\x00\x00\x00\x83\x91\xad\x11\xf4\xbcz\x9b\x8bp]o\au\x175I\x1d\xe2\x97\xb6\x06\xdc\x14\x9b>\xd7F\xdb?\xc7%0n/\xf5S\xb5\xe8\xa5\xd1\xddN\xf9ir\xd1r\xf4L\t3\xadDz\\\xf4`\x13\xf7)\x91w\a\xcc+E\xdd\xe9\xdbb\x9c\xff\x98\x03\xb7\x0e=\xba\xa3um\xde\xff$|\xb7\x86j+\x00\x00\x00\x00\x00\x00\x00Z\xef\xd6\xf4Zs\xfc\ro\x03\xabB\x18\xdc\a\xe3\r\x00\x00\x00\x00\x00\x00', 0x6) fallocate(r0, 0x0, 0x1, 0x400001) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000009800000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x4fe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 8m52.186403439s ago: executing program 2 (id=531): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000040)={0x8, 0x0, 0x27f}) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCGPGRP(r1, 0x6801, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x4) 8m52.183803702s ago: executing program 2 (id=532): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) pwritev2(r1, &(0x7f0000002e40)=[{0x0}, {&(0x7f0000000280)}, {&(0x7f0000000180)="4a8a2f8401c2c6f3120db0fe140ab078958f4ba861d6bb8e82758ca763df43a4b4bd20", 0x23}, {&(0x7f0000000380)="a39c3045d0a67cda77fc38307c1b305d57a2da4c11d21335cdb6587cf2f95d35bd7364ca0ea3d77510126264c632e969abaed0d6a26c73f1f541bd8e1883bda8a9696f4b62b431", 0x47}, {&(0x7f0000000c40)="80d965ed27f5e36782edef6727b6f73ad9b5390cf161924761065fa691390ab2b22e4e5066f3af1bfb784026ac5c3381b30bbf7daa8748404eeaace8e1f7d140495231b9df0ca3cb6dc81ee31efaac427c8bd547bf715ddbc2c3c18b2f858973a140d639eff59772d1569d1f3e6617aba77491b2c829b496e1a2e9afb88c9425961295a847ef990cfebe082e2781a9f280bd1817999ecdd7fd90f578050d1864ed2e4e1520ed88e5cd44697687a7d352b3ae96d894cb10af8c62527d38fdf35dc4445cf7818f9602a105f25f17feb24d51eb5ecf826b652ed9691ab52a75ded75374c8d26fceedea35b211d7015c9bcec80bbe5131d3a4cc712ed90364dbca970d1bf3dc78cebb2d90d1bce7a41ceed593dcfc8f01a219771841b7bed38d7be0d0c72be8d43d512c1efc852b4c5aca724139739dee652f3d1aca1fb68ac323483a8b3f0ce160f1caf9ea099654a3088f200fad246c9ca224b44f8828dc18283092f20b139f5209a31f9ac59c50bcb7e5414ace01af81f7500b10d8e7b3ddda925761fe5fb791a4552025b1b096bbf95641fbb974679cef2c81e2e424c4fbe4a631d11f1b4559dcf9d9ea914c3c6c10cc890c520d584c6b7f5d3a9905a6932d3d443de61a2d21e1b29bc9e762aa4d9061cf3e609c6fc85073825575cad5208969678d960e305240545920832ebd4499286283f8ca9536c200f7e6b126e2b2d5305d13b41f28ed612742fdd63de2a87f7f542ec9d5231b6aec72617838c11b1826060ff82dec5945f3c42a13caf3a043d45dc2c0891d91b1b6f62d9f5da05c6d2dd6086b5d079a13ff14bd3693a78004e1d6530efdb48bca61165c9e3b53b112886986fcd5194f042411a3b7afded35202e6cbfffc7532996ba97f4156d65b6f6a13909a34f45f9df3c84c378544e75e8e9e16dfa8e7ffd2f340cc0e93a768fb42a872b599800b675df4a0c6021e703e60320719de8ca2349ebd9a75c1d2c5dfb10d5f464203efbf3cd6fa5ad76cbe3ed5b2d6efaf44e1b7c35585789fee3f72267364e7a78c09d44f318a839d4b7f1209267fa530adfd2a3de54e98893bd6a88657b09818b81e1c8f45615c38ceb50488def4ec48eb389dee8a947b0e3ad50544c3b0254a65b91d0cf265c18f3773696a1264df7a9952871e5ddedf3e40d1789748269530570b7ce7680804a1b93c2a3539945a9d30ac66852dedc09b6f711712fcc92f86cb6fb85b32d24342574287a6646516fe7732c71c66c8618a3c5ab423c911b4d33ac65eb8672faa8eb1a0cdb0a3872e8899249cb7bde802c148672f9919de22c009d9c9cbdd49636236aff71c5255962135232f1cad7cc8a21b47a1d0533d1bb831964554388337c67e89aa21fbdb61f5c4fb40ca4dafe10eb547519536b035a740e837d7e806350e5be896b3212dd84f447c35563216af4798302644db469bea8989f70327779bd5f54ba23293aabef165239d79cade6703ccfbf349c5c50f1969cdeb39b771f7255bca37d583234d9512b52da061673097b0c0ddd1f8a9730fcdd9a7e03fe00c9d82d9fada1a41f12a66190c74cd1a2fe6538f6c8849edb4828b92d3a883032aa344eef06b40c69f53a2365c2bbcab0b055e70698db65c930257bc268b467a93552b802e12e58a9ad165eb7d55e5068c4bea1fcda4b90ee53522ad24b175f47ba9414d4805ec27dbd64cd33ae0277c85b613493860a34e2aaf703a4841bf642ca6766e49879c523a90eacb01efd37ada0d22eef4beb1960f565461ee0916843425f513d5f0ac15581da613dc77a4f699dd76572b3e25d6c7595aacd92af6f918ceb8d791584cf425288dbe27b59e9d396d9bd5fdaf91d9edc1e1245f737425b6d3c20bd1a51fb57453fb209141bf3011e665cef1aa396bcbda9fe7055f2be5047c16c3c903519dd9200df7178c2fd86a48732a5f528bb35aa94883a951d52a53fd9c58174b7d3535a0bb28805e3dfe1265794a33b41c6611040cc0424e917e3b4279c8da7bf195d72c55dedb836a26b8d427a31776387abaf2dde1d2e65eeaa846871555063913ac16e18933529e358fea1b595f45cf1caea646052e6db26abfddf99af09cc6b94ca2e23857ae0920ef68012a911299502574574983691f7e088badf09f9746e01ea97af119acf118467c8d24aceececed661f670debac10759d08c6e737d94bcf8fd7c89c886a7bf9b341559a8e49667ac56bed2126038d564b7f745f6f98af3ceb1bd21efad2255336b1a13a10756555db53c32f87a48f53f6ccffb8113d812ba1056d53d3875da2c9dac3c07a54aec8762a905fb3f03caad6094165df2fc49a4bfcce6fc742f3c2d1ff990a2dd118d4e9e6da66238cf35246e30b01fb6d86afc23ba3a60a4b6c115eb02569ad22464a5a406fcbe1b6477c43aad217d31b729a5210be955a0008dd0fbd5f49e9ef3ee9537a8b532b655c9d9d4d90cc5a00b6e6f50dca230ea18bd701e4d6227a6f95abca45f09c49d289d761ae92f3c769c33228b60d49f696fabcaf3ab7b9458a62b1541579ea28ea06cc287cad52a9916aaa522353150053646be6c1ac4ce17ccbe6c6937c4ca88ebd36611a25fe14436d0f79722c0c2e6db12e386a5eb04a88f9a492313ab2a0531567b287eef044d1cae7203c819aa9c71e2d2b5c3fa3aa7eaa06b15bc2fff34318ea9e5753d9553996f151420d1ba99dd3c38483591c5eecce90b86e42c597199e50fef2aca35c19386e149bfffe82169e11c893c215b5922a3449b0bbf998b89ba3d2baecc5aeb70fe84b39c1d89eef3cfc038650d7409e511d3eda4b53a2aca538b6d54ec401cd3298e5160291370b4682f521e0cc1e1061c727c111ff1c1695300e9e628de193bd08611823b8c2ec4e0719dbe00a575f15726ff6c32bbfe5317f251090082ce6b5241f7ca8af141c43057dee12a1af9b6c550ec27639e0270f523b7070a6195d018614fa18e73d4a9da3c673c33717a955c454fe0a629e164e39e907645834a88ae44c3152d581c1e77d3084d2bded21cf3106973a7d36ba4cab25f233778ce63e29de89e85b6a7f4ccc2bf3e1d222bba46c6d3e73332f36f41f4308e2b8b50e19b9bc9a7d4d97cc7cc512903cbd28b17f03b1d7cb8793016a84deb85be34346bdcb39b7049f70e66b658e968b572a4d8f8602eb8975d8db8a12f544ec200705389d19fd4a1296a66f77385fdf6ca51a922c8fcf8c362e3a5d8d75f033dc3994c02402cb671c4a7837e3e033f80fa027de1758d0e4156f0a6891b1fbf3c325d9f967831e9c1d2bb8b2413c746a79e76bc018ae9acfc41460b9d0431eba6ca256825162d8f584eb6c0e113711a2fb05aef8dbcc058652c9b721ff5259679aa0eaeb7e8a624800f998d2fd74a0c0b9d29759def9c62b8bcf888e1ff9ede77c5f57cc215469ac3ad09b26337cc23f24e448dd04bd4ac690da27b5ade641e1f6259fcb2dee894aa190d0652c89a1b93d41aeb2bbeaf74d2da0bd342f5d0190719ef3a89f304362655ea12e95d11e6c0651fd4d6f170ca707e299c0f9cce27fd090c13ed0c81ff73313acaf1ea65e514b1cc5a5f10b6cc2e12c35076e79d4f33b85dd88b6c87fbe0e5cbc4c26213805e96e53d919e4bec4ffd4e62c0aaedcf9a6c6b00029411ab982f4ac066c1802c3345176f72841de723ec9d0f179268b487c4729f4b52eb13c06cf5af3af0223dad88d141dba2274d801ab70ac0cafa99f848eb2b769f3ffbe494f17ce3bcb3263cef9b65d4b754d8df7e63b17f80e04a8eda097cb695b92753f98029e0c0e1c8f8717bbacdae3da938c61effd61b3ed785871f5def1fed631f3eb67cb7c11b988f9af7b64101bf8ebd8c7ef1a5e33fdf9fdd5cc930eed4dccceef882a74b42fcf7da35e24bf267ab0a92f9b4c54881485f8fc90171be90f5811772f55ecedaeb4928c453d9c1f4b43266a17cbf21799070659368f628b78aa5aad990a19feb6921bfcf4e13a9e8407510fb7312ade8d1b59302c2f02c0e95e45d6305bba912a2423e446361304ca90825e8ebefba0f422da4", 0xb2f}], 0x5, 0x5, 0xa, 0x14) mkdir(&(0x7f00000003c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) utimes(&(0x7f0000000240)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000002c0)={{r2, r3/1000+10000}}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000400), 0xc0000, 0x0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000500)={0x0, 0x5a, "916c0b8b207a49f91500b2de5e042c6eea30d453eda40ceb2c9f956ebc971fa50fdc539d1b72dd14f819d0e54d80ecee31ba5c510391e675541294978739978d070ae8edda76a3efd63bde59331d172c1557742cf5f916616595"}, &(0x7f0000000580)=0x62) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f00000005c0)={r6, 0x8}, &(0x7f0000000600)=0x8) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080), &(0x7f00000000c0)={'U-', 0x7}, 0x16, 0x1) mount(0x0, &(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000340)='smb3\x00', 0x10000, &(0x7f0000000380)='nocase') 8m51.57470021s ago: executing program 2 (id=536): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) pwritev2(r1, &(0x7f0000002e40)=[{0x0}, {&(0x7f0000000280)}, {&(0x7f0000000400)="4a8a2f8401c2c6f3120db0fe140ab078958f4ba861d6bb8e82758ca763df43a4b4bd20", 0x23}, {&(0x7f0000000380)="a39c3045d0a67cda77fc38307c1b305d57a2da4c11d21335cdb6587cf2f95d35bd7364ca0ea3d77510126264c632e969abaed0d6a26c73f1f541bd8e1883bda8a9696f4b62b431", 0x47}, {&(0x7f0000000c40)="80d965ed27f5e36782edef6727b6f73ad9b5390cf161924761065fa691390ab2b22e4e5066f3af1bfb784026ac5c3381b30bbf7daa8748404eeaace8e1f7d140495231b9df0ca3cb6dc81ee31efaac427c8bd547bf715ddbc2c3c18b2f858973a140d639eff59772d1569d1f3e6617aba77491b2c829b496e1a2e9afb88c9425961295a847ef990cfebe082e2781a9f280bd1817999ecdd7fd90f578050d1864ed2e4e1520ed88e5cd44697687a7d352b3ae96d894cb10af8c62527d38fdf35dc4445cf7818f9602a105f25f17feb24d51eb5ecf826b652ed9691ab52a75ded75374c8d26fceedea35b211d7015c9bcec80bbe5131d3a4cc712ed90364dbca970d1bf3dc78cebb2d90d1bce7a41ceed593dcfc8f01a219771841b7bed38d7be0d0c72be8d43d512c1efc852b4c5aca724139739dee652f3d1aca1fb68ac323483a8b3f0ce160f1caf9ea099654a3088f200fad246c9ca224b44f8828dc18283092f20b139f5209a31f9ac59c50bcb7e5414ace01af81f7500b10d8e7b3ddda925761fe5fb791a4552025b1b096bbf95641fbb974679cef2c81e2e424c4fbe4a631d11f1b4559dcf9d9ea914c3c6c10cc890c520d584c6b7f5d3a9905a6932d3d443de61a2d21e1b29bc9e762aa4d9061cf3e609c6fc85073825575cad5208969678d960e305240545920832ebd4499286283f8ca9536c200f7e6b126e2b2d5305d13b41f28ed612742fdd63de2a87f7f542ec9d5231b6aec72617838c11b1826060ff82dec5945f3c42a13caf3a043d45dc2c0891d91b1b6f62d9f5da05c6d2dd6086b5d079a13ff14bd3693a78004e1d6530efdb48bca61165c9e3b53b112886986fcd5194f042411a3b7afded35202e6cbfffc7532996ba97f4156d65b6f6a13909a34f45f9df3c84c378544e75e8e9e16dfa8e7ffd2f340cc0e93a768fb42a872b599800b675df4a0c6021e703e60320719de8ca2349ebd9a75c1d2c5dfb10d5f464203efbf3cd6fa5ad76cbe3ed5b2d6efaf44e1b7c35585789fee3f72267364e7a78c09d44f318a839d4b7f1209267fa530adfd2a3de54e98893bd6a88657b09818b81e1c8f45615c38ceb50488def4ec48eb389dee8a947b0e3ad50544c3b0254a65b91d0cf265c18f3773696a1264df7a9952871e5ddedf3e40d1789748269530570b7ce7680804a1b93c2a3539945a9d30ac66852dedc09b6f711712fcc92f86cb6fb85b32d24342574287a6646516fe7732c71c66c8618a3c5ab423c911b4d33ac65eb8672faa8eb1a0cdb0a3872e8899249cb7bde802c148672f9919de22c009d9c9cbdd49636236aff71c5255962135232f1cad7cc8a21b47a1d0533d1bb831964554388337c67e89aa21fbdb61f5c4fb40ca4dafe10eb547519536b035a740e837d7e806350e5be896b3212dd84f447c35563216af4798302644db469bea8989f70327779bd5f54ba23293aabef165239d79cade6703ccfbf349c5c50f1969cdeb39b771f7255bca37d583234d9512b52da061673097b0c0ddd1f8a9730fcdd9a7e03fe00c9d82d9fada1a41f12a66190c74cd1a2fe6538f6c8849edb4828b92d3a883032aa344eef06b40c69f53a2365c2bbcab0b055e70698db65c930257bc268b467a93552b802e12e58a9ad165eb7d55e5068c4bea1fcda4b90ee53522ad24b175f47ba9414d4805ec27dbd64cd33ae0277c85b613493860a34e2aaf703a4841bf642ca6766e49879c523a90eacb01efd37ada0d22eef4beb1960f565461ee0916843425f513d5f0ac15581da613dc77a4f699dd76572b3e25d6c7595aacd92af6f918ceb8d791584cf425288dbe27b59e9d396d9bd5fdaf91d9edc1e1245f737425b6d3c20bd1a51fb57453fb209141bf3011e665cef1aa396bcbda9fe7055f2be5047c16c3c903519dd9200df7178c2fd86a48732a5f528bb35aa94883a951d52a53fd9c58174b7d3535a0bb28805e3dfe1265794a33b41c6611040cc0424e917e3b4279c8da7bf195d72c55dedb836a26b8d427a31776387abaf2dde1d2e65eeaa846871555063913ac16e18933529e358fea1b595f45cf1caea646052e6db26abfddf99af09cc6b94ca2e23857ae0920ef68012a911299502574574983691f7e088badf09f9746e01ea97af119acf118467c8d24aceececed661f670debac10759d08c6e737d94bcf8fd7c89c886a7bf9b341559a8e49667ac56bed2126038d564b7f745f6f98af3ceb1bd21efad2255336b1a13a10756555db53c32f87a48f53f6ccffb8113d812ba1056d53d3875da2c9dac3c07a54aec8762a905fb3f03caad6094165df2fc49a4bfcce6fc742f3c2d1ff990a2dd118d4e9e6da66238cf35246e30b01fb6d86afc23ba3a60a4b6c115eb02569ad22464a5a406fcbe1b6477c43aad217d31b729a5210be955a0008dd0fbd5f49e9ef3ee9537a8b532b655c9d9d4d90cc5a00b6e6f50dca230ea18bd701e4d6227a6f95abca45f09c49d289d761ae92f3c769c33228b60d49f696fabcaf3ab7b9458a62b1541579ea28ea06cc287cad52a9916aaa522353150053646be6c1ac4ce17ccbe6c6937c4ca88ebd36611a25fe14436d0f79722c0c2e6db12e386a5eb04a88f9a492313ab2a0531567b287eef044d1cae7203c819aa9c71e2d2b5c3fa3aa7eaa06b15bc2fff34318ea9e5753d9553996f151420d1ba99dd3c38483591c5eecce90b86e42c597199e50fef2aca35c19386e149bfffe82169e11c893c215b5922a3449b0bbf998b89ba3d2baecc5aeb70fe84b39c1d89eef3cfc038650d7409e511d3eda4b53a2aca538b6d54ec401cd3298e5160291370b4682f521e0cc1e1061c727c111ff1c1695300e9e628de193bd08611823b8c2ec4e0719dbe00a575f15726ff6c32bbfe5317f251090082ce6b5241f7ca8af141c43057dee12a1af9b6c550ec27639e0270f523b7070a6195d018614fa18e73d4a9da3c673c33717a955c454fe0a629e164e39e907645834a88ae44c3152d581c1e77d3084d2bded21cf3106973a7d36ba4cab25f233778ce63e29de89e85b6a7f4ccc2bf3e1d222bba46c6d3e73332f36f41f4308e2b8b50e19b9bc9a7d4d97cc7cc512903cbd28b17f03b1d7cb8793016a84deb85be34346bdcb39b7049f70e66b658e968b572a4d8f8602eb8975d8db8a12f544ec200705389d19fd4a1296a66f77385fdf6ca51a922c8fcf8c362e3a5d8d75f033dc3994c02402cb671c4a7837e3e033f80fa027de1758d0e4156f0a6891b1fbf3c325d9f967831e9c1d2bb8b2413c746a79e76bc018ae9acfc41460b9d0431eba6ca256825162d8f584eb6c0e113711a2fb05aef8dbcc058652c9b721ff5259679aa0eaeb7e8a624800f998d2fd74a0c0b9d29759def9c62b8bcf888e1ff9ede77c5f57cc215469ac3ad09b26337cc23f24e448dd04bd4ac690da27b5ade641e1f6259fcb2dee894aa190d0652c89a1b93d41aeb2bbeaf74d2da0bd342f5d0190719ef3a89f304362655ea12e95d11e6c0651fd4d6f170ca707e299c0f9cce27fd090c13ed0c81ff73313acaf1ea65e514b1cc5a5f10b6cc2e12c35076e79d4f33b85dd88b6c87fbe0e5cbc4c26213805e96e53d919e4bec4ffd4e62c0aaedcf9a6c6b00029411ab982f4ac066c1802c3345176f72841de723ec9d0f179268b487c4729f4b52eb13c06cf5af3af0223dad88d141dba2274d801ab70ac0cafa99f848eb2b769f3ffbe494f17ce3bcb3263cef9b65d4b754d8df7e63b17f80e04a8eda097cb695b92753f98029e0c0e1c8f8717bbacdae3da938c61effd61b3ed785871f5def1fed631f3eb67cb7c11b988f9af7b64101bf8ebd8c7ef1a5e33fdf9fdd5cc930eed4dccceef882a74b42fcf7da35e24bf267ab0a92f9b4c54881485f8fc90171be90f5811772f55ecedaeb4928c453d9c1f4b43266a17cbf21799070659368f628b78aa5aad990a19feb6921bfcf4e13a9e8407510fb7312ade8d1b59302c2f02c0e95e45d6305bba912a2423e446361304ca90825e8ebefba0f422da4", 0xb2f}], 0x5, 0x5, 0xa, 0x14) mkdir(&(0x7f00000003c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) (fail_nth: 14) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000040)) mount(0x0, &(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000340)='smb3\x00', 0x10000, &(0x7f0000000380)='nocase') 8m51.378296251s ago: executing program 32 (id=536): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) pwritev2(r1, &(0x7f0000002e40)=[{0x0}, {&(0x7f0000000280)}, {&(0x7f0000000400)="4a8a2f8401c2c6f3120db0fe140ab078958f4ba861d6bb8e82758ca763df43a4b4bd20", 0x23}, {&(0x7f0000000380)="a39c3045d0a67cda77fc38307c1b305d57a2da4c11d21335cdb6587cf2f95d35bd7364ca0ea3d77510126264c632e969abaed0d6a26c73f1f541bd8e1883bda8a9696f4b62b431", 0x47}, {&(0x7f0000000c40)="80d965ed27f5e36782edef6727b6f73ad9b5390cf161924761065fa691390ab2b22e4e5066f3af1bfb784026ac5c3381b30bbf7daa8748404eeaace8e1f7d140495231b9df0ca3cb6dc81ee31efaac427c8bd547bf715ddbc2c3c18b2f858973a140d639eff59772d1569d1f3e6617aba77491b2c829b496e1a2e9afb88c9425961295a847ef990cfebe082e2781a9f280bd1817999ecdd7fd90f578050d1864ed2e4e1520ed88e5cd44697687a7d352b3ae96d894cb10af8c62527d38fdf35dc4445cf7818f9602a105f25f17feb24d51eb5ecf826b652ed9691ab52a75ded75374c8d26fceedea35b211d7015c9bcec80bbe5131d3a4cc712ed90364dbca970d1bf3dc78cebb2d90d1bce7a41ceed593dcfc8f01a219771841b7bed38d7be0d0c72be8d43d512c1efc852b4c5aca724139739dee652f3d1aca1fb68ac323483a8b3f0ce160f1caf9ea099654a3088f200fad246c9ca224b44f8828dc18283092f20b139f5209a31f9ac59c50bcb7e5414ace01af81f7500b10d8e7b3ddda925761fe5fb791a4552025b1b096bbf95641fbb974679cef2c81e2e424c4fbe4a631d11f1b4559dcf9d9ea914c3c6c10cc890c520d584c6b7f5d3a9905a6932d3d443de61a2d21e1b29bc9e762aa4d9061cf3e609c6fc85073825575cad5208969678d960e305240545920832ebd4499286283f8ca9536c200f7e6b126e2b2d5305d13b41f28ed612742fdd63de2a87f7f542ec9d5231b6aec72617838c11b1826060ff82dec5945f3c42a13caf3a043d45dc2c0891d91b1b6f62d9f5da05c6d2dd6086b5d079a13ff14bd3693a78004e1d6530efdb48bca61165c9e3b53b112886986fcd5194f042411a3b7afded35202e6cbfffc7532996ba97f4156d65b6f6a13909a34f45f9df3c84c378544e75e8e9e16dfa8e7ffd2f340cc0e93a768fb42a872b599800b675df4a0c6021e703e60320719de8ca2349ebd9a75c1d2c5dfb10d5f464203efbf3cd6fa5ad76cbe3ed5b2d6efaf44e1b7c35585789fee3f72267364e7a78c09d44f318a839d4b7f1209267fa530adfd2a3de54e98893bd6a88657b09818b81e1c8f45615c38ceb50488def4ec48eb389dee8a947b0e3ad50544c3b0254a65b91d0cf265c18f3773696a1264df7a9952871e5ddedf3e40d1789748269530570b7ce7680804a1b93c2a3539945a9d30ac66852dedc09b6f711712fcc92f86cb6fb85b32d24342574287a6646516fe7732c71c66c8618a3c5ab423c911b4d33ac65eb8672faa8eb1a0cdb0a3872e8899249cb7bde802c148672f9919de22c009d9c9cbdd49636236aff71c5255962135232f1cad7cc8a21b47a1d0533d1bb831964554388337c67e89aa21fbdb61f5c4fb40ca4dafe10eb547519536b035a740e837d7e806350e5be896b3212dd84f447c35563216af4798302644db469bea8989f70327779bd5f54ba23293aabef165239d79cade6703ccfbf349c5c50f1969cdeb39b771f7255bca37d583234d9512b52da061673097b0c0ddd1f8a9730fcdd9a7e03fe00c9d82d9fada1a41f12a66190c74cd1a2fe6538f6c8849edb4828b92d3a883032aa344eef06b40c69f53a2365c2bbcab0b055e70698db65c930257bc268b467a93552b802e12e58a9ad165eb7d55e5068c4bea1fcda4b90ee53522ad24b175f47ba9414d4805ec27dbd64cd33ae0277c85b613493860a34e2aaf703a4841bf642ca6766e49879c523a90eacb01efd37ada0d22eef4beb1960f565461ee0916843425f513d5f0ac15581da613dc77a4f699dd76572b3e25d6c7595aacd92af6f918ceb8d791584cf425288dbe27b59e9d396d9bd5fdaf91d9edc1e1245f737425b6d3c20bd1a51fb57453fb209141bf3011e665cef1aa396bcbda9fe7055f2be5047c16c3c903519dd9200df7178c2fd86a48732a5f528bb35aa94883a951d52a53fd9c58174b7d3535a0bb28805e3dfe1265794a33b41c6611040cc0424e917e3b4279c8da7bf195d72c55dedb836a26b8d427a31776387abaf2dde1d2e65eeaa846871555063913ac16e18933529e358fea1b595f45cf1caea646052e6db26abfddf99af09cc6b94ca2e23857ae0920ef68012a911299502574574983691f7e088badf09f9746e01ea97af119acf118467c8d24aceececed661f670debac10759d08c6e737d94bcf8fd7c89c886a7bf9b341559a8e49667ac56bed2126038d564b7f745f6f98af3ceb1bd21efad2255336b1a13a10756555db53c32f87a48f53f6ccffb8113d812ba1056d53d3875da2c9dac3c07a54aec8762a905fb3f03caad6094165df2fc49a4bfcce6fc742f3c2d1ff990a2dd118d4e9e6da66238cf35246e30b01fb6d86afc23ba3a60a4b6c115eb02569ad22464a5a406fcbe1b6477c43aad217d31b729a5210be955a0008dd0fbd5f49e9ef3ee9537a8b532b655c9d9d4d90cc5a00b6e6f50dca230ea18bd701e4d6227a6f95abca45f09c49d289d761ae92f3c769c33228b60d49f696fabcaf3ab7b9458a62b1541579ea28ea06cc287cad52a9916aaa522353150053646be6c1ac4ce17ccbe6c6937c4ca88ebd36611a25fe14436d0f79722c0c2e6db12e386a5eb04a88f9a492313ab2a0531567b287eef044d1cae7203c819aa9c71e2d2b5c3fa3aa7eaa06b15bc2fff34318ea9e5753d9553996f151420d1ba99dd3c38483591c5eecce90b86e42c597199e50fef2aca35c19386e149bfffe82169e11c893c215b5922a3449b0bbf998b89ba3d2baecc5aeb70fe84b39c1d89eef3cfc038650d7409e511d3eda4b53a2aca538b6d54ec401cd3298e5160291370b4682f521e0cc1e1061c727c111ff1c1695300e9e628de193bd08611823b8c2ec4e0719dbe00a575f15726ff6c32bbfe5317f251090082ce6b5241f7ca8af141c43057dee12a1af9b6c550ec27639e0270f523b7070a6195d018614fa18e73d4a9da3c673c33717a955c454fe0a629e164e39e907645834a88ae44c3152d581c1e77d3084d2bded21cf3106973a7d36ba4cab25f233778ce63e29de89e85b6a7f4ccc2bf3e1d222bba46c6d3e73332f36f41f4308e2b8b50e19b9bc9a7d4d97cc7cc512903cbd28b17f03b1d7cb8793016a84deb85be34346bdcb39b7049f70e66b658e968b572a4d8f8602eb8975d8db8a12f544ec200705389d19fd4a1296a66f77385fdf6ca51a922c8fcf8c362e3a5d8d75f033dc3994c02402cb671c4a7837e3e033f80fa027de1758d0e4156f0a6891b1fbf3c325d9f967831e9c1d2bb8b2413c746a79e76bc018ae9acfc41460b9d0431eba6ca256825162d8f584eb6c0e113711a2fb05aef8dbcc058652c9b721ff5259679aa0eaeb7e8a624800f998d2fd74a0c0b9d29759def9c62b8bcf888e1ff9ede77c5f57cc215469ac3ad09b26337cc23f24e448dd04bd4ac690da27b5ade641e1f6259fcb2dee894aa190d0652c89a1b93d41aeb2bbeaf74d2da0bd342f5d0190719ef3a89f304362655ea12e95d11e6c0651fd4d6f170ca707e299c0f9cce27fd090c13ed0c81ff73313acaf1ea65e514b1cc5a5f10b6cc2e12c35076e79d4f33b85dd88b6c87fbe0e5cbc4c26213805e96e53d919e4bec4ffd4e62c0aaedcf9a6c6b00029411ab982f4ac066c1802c3345176f72841de723ec9d0f179268b487c4729f4b52eb13c06cf5af3af0223dad88d141dba2274d801ab70ac0cafa99f848eb2b769f3ffbe494f17ce3bcb3263cef9b65d4b754d8df7e63b17f80e04a8eda097cb695b92753f98029e0c0e1c8f8717bbacdae3da938c61effd61b3ed785871f5def1fed631f3eb67cb7c11b988f9af7b64101bf8ebd8c7ef1a5e33fdf9fdd5cc930eed4dccceef882a74b42fcf7da35e24bf267ab0a92f9b4c54881485f8fc90171be90f5811772f55ecedaeb4928c453d9c1f4b43266a17cbf21799070659368f628b78aa5aad990a19feb6921bfcf4e13a9e8407510fb7312ade8d1b59302c2f02c0e95e45d6305bba912a2423e446361304ca90825e8ebefba0f422da4", 0xb2f}], 0x5, 0x5, 0xa, 0x14) mkdir(&(0x7f00000003c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) (fail_nth: 14) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000040)) mount(0x0, &(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000340)='smb3\x00', 0x10000, &(0x7f0000000380)='nocase') 8m41.296224972s ago: executing program 3 (id=635): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010100}, 0x10) r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000780)={0xfc78, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x20, 0x1, 0x1, 0x1}, 0x0}) syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000100)={0x1c, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r1, @ANYRES16=r1, @ANYRES64=r0, @ANYRES32=r0], 0x0, 0x0}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000080)=0x4) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r3, 0x5b03, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) accept$unix(r4, &(0x7f0000000080)=@abs, &(0x7f0000000140)=0x6e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00') pread64(r0, &(0x7f0000000580)=""/177, 0xb1, 0x0) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x4c, &(0x7f000002eff0)={0x0, 0x0}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xd, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r6, @ANYRES64=r3], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3000000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="000000004f32010008001c00", @ANYRES32, @ANYBLOB="08002e0000000000f59bec58601f254fbd7aa175e542ba1ffc888fe3b8846e76749e41f664047ccffaefb54153a76afd527c24d501ba77029de452f1b452c649c3308e1a96956288bc66bb"], 0x30}, 0x1, 0x0, 0x0, 0x4e811}, 0x0) r8 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='(\x00', &(0x7f0000000080)=':\x00', 0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r9, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x6, 0x4, 0x200, 0x8001, 0x3, 0x3, 0x33b, 0x1ff}, &(0x7f0000000180)=0x95) 8m40.935832298s ago: executing program 1 (id=644): openat$kvm(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) socket$netlink(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r4, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r5, 0x6, 0x24, 0x0, &(0x7f0000002000)) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r6, 0x0, 0x0, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r7 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r7, &(0x7f00000048c0), 0x0, 0x10000, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800"], 0x0, 0x5, 0x0, 0x0, 0x60ff78ce1cb3c070}, 0x94) ioctl$KVM_SET_NESTED_STATE(r3, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x3000, {}, 0x0, 0x2}}) 8m39.506557592s ago: executing program 3 (id=652): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x27}}) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x1, 0x1, 0x801, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000099}, 0x4840) ioprio_set$pid(0x2, 0x0, 0x6000) syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0x400aee2, 0x2, 0x1, 0x317}, &(0x7f0000000200), &(0x7f0000000280), &(0x7f0000000000)) 8m39.506407595s ago: executing program 3 (id=653): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010100}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x100000, 0x0}, 0x0) 8m39.41591888s ago: executing program 3 (id=655): pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt(r1, 0xffffffff, 0x3, &(0x7f00000005c0)="fa3dd314d457d0956199af3e6327238ebb1089df752378615d3d1a4745d039dccc0ddb98d338824bd953aa66637a9fd9be196146bc68cbde16fb6412c10911da3b32c6270898fc19b2eb0b0a91db2dc72c92770d9848a41aac002a6d6be74c0b540bf5fabbf8fc1d64774b5372786ed95928ed533af4bae837009b099fc65305b9b3d7e57c0d3ad0f57cb7de8bf0e3447755872d218dc956916b877baeaab4f596781813f2849cc5", 0xa8) io_setup(0x6, &(0x7f0000000040)) sendmmsg$alg(r0, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="1b32668fc5b34b7b4fa8ca2f3dba56b7bcafd2dd92a60aca01833571eccc86270ecee941f66224efb7e8bf816b4b035303e62916fd1e5996bf9bb88d07d409bb18a9545b", 0x44}], 0x1, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x20000800}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)="da44a746945192c536b4557e9fb231", 0xf}, {&(0x7f0000000280)="5247d681d2594495ac2fb036c0d9fbee0b4ada41762c11c65b20ea9841c3459a3342beecae729ea67e7869a9afc780078c93f2d2b0a9a0e12f210cef110fa751191e31d4f04758bcc4a96dbe1c19ab4b21046f2d255d0727fb57390f74fffd81455338806ad8112ed6115123cb6c7c9f66412072071dccaecbc19865d720da4ef067b5b607589c259fcc76ecfb", 0x8d}], 0x2, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000017010000030000000100000000000000d0000000000000001701000002000000ba0000002f4166cc1d5ed4ff1540ebb6b5a7dbfc378e4a75c8585d8a6bae579564d20bfdb07758d8f36cfb08e069c1e72904c673f03af9682e9eab0ef9c52f02070b0c87e36d3c810da880dab94cdb522805ce2578bd837d5d17a8feb8cff2a47361a4ed1dcf4303b867548e2066dbf5588ee87a5b61c2d844d0525835db3451cfa3dee64cb745578ba3bf768311c49f213a47219614eb2d35c7a162f727deee1905c0b5d82b6d673253a05e855a6e6537b792ce6ca1da9b652ea5b547e20000000017010000040000000000000000000000180000000000000017010000030000000100000000000000180000000000000017010000030000000000000000000000880000000000000017010000020000006f000000f8d86b331b217114a0e2d9f71109cd443fe4726bdbcda6c0ac19013564bfbadedbcd7a93e9a766096ba06a7d943e3429ae83ccdf42edd3b46a0b3158db4f7e1180655b790d56f102e0f480e578d1d5bb481dd1d28f1f1e282e0cb975937b5a3987857f4bef4fa5a90fa778e09f0ad20000000000"], 0x1b8}], 0x2, 0x44081) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) readv(r2, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/127, 0x7f}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x40, 0x0) syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f"], 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f00000000c0)="170000000200010000ffbe8c5ee17688a2003c000301000a000002a257fc5ad90200bb6a880000d6c8db000000df018002000000fc0607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5af9b1c568302ffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a1b47b63a6323ded2231454668492f9c681a6a9fc", 0xb8) ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0xd3b7) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f00000006c0)={0x0, 0x8, 0x3, 0x0, 0x47, 0x1}, &(0x7f0000000700)=0x14) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000740)={r4, 0xd, 0x94, "cb8548c09fe04ff0ca5f1cb35e457b6da8c03473cf9b6b832a862ae46a77b792bb7055762cf308d7c40d6a34baa18c832f0a40db8b232ce95d2f73e0402d678d9a5b5603528e9b4fcab12d7be34c9fc18034fd58746bfd4502c602e53513fe3744ab531be0274d4bbd0e5c3da235851b5bcc7c4bf9f6fad95f381f3b2837ebaba183581d7ee98deb1cf3d778d69a2bae986462a6"}, 0x9c) close_range(r1, 0xffffffffffffffff, 0x0) ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000000)=0x6) 8m38.854429831s ago: executing program 1 (id=663): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010100}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xd0}, 0x0) 8m38.784889625s ago: executing program 1 (id=667): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000013000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000080)="0d0f0808820400000f32c4c15564efb9050000000f01d966ba410066ed0fa80f01c40fc70036f4c4e2fd40db6681ba6100003e9f0000ef", 0x37}], 0x1, 0xc, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0xd, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000005c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'}) creat(&(0x7f0000000280)='./file0\x00', 0x0) r3 = socket$netlink(0x10, 0x3, 0xa) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x2000000, &(0x7f0000000400)={'trans=virtio,', {[{@access_uid={'access', 0x3d, r4}}]}}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24}, 0x94) r5 = syz_io_uring_setup(0x38, &(0x7f0000000580)={0x0, 0xbbda, 0x13500}, &(0x7f0000000240), &(0x7f0000000480), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r5, 0x21, &(0x7f0000000440), 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8m38.525710704s ago: executing program 1 (id=672): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000003b40)={{{@in6=@rand_addr=' \x01\x00', @in6=@remote, 0x4e21, 0x9, 0x4e20, 0x0, 0xa, 0x0, 0x20, 0x2b}, {0x0, 0xfc00000000000000, 0x7, 0xffffffff, 0xad0a, 0xffffffff, 0x0, 0x8}, {0x2, 0x4, 0x2, 0x401}, 0x7fff, 0x6e6bb9, 0x2, 0x76464fa9d804edb4, 0x1}, {{@in=@broadcast, 0x4d2, 0x2b}, 0x2, @in=@multicast2, 0x3502, 0x1, 0x2, 0x8, 0xa, 0xfffffffb, 0x9}}, 0xe8) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, r3, 0x8003, 0x2000000}, [@IFLA_MASTER={0x8, 0xa, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x24044005}, 0x4054) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000000000000000000000000006119a00000005e5c07524d115dcc0000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80) lstat(&(0x7f0000000200)='./file0/../file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@rand_addr=0x64010102, 0x4e22, 0x2a58, 0x4e22, 0xfff1, 0x2, 0x20, 0x20, 0x3c, 0x0, r4}, {0x2, 0x100000001, 0x9, 0x1, 0x4, 0x3, 0x7ff, 0x8000000000000001}, {0x8, 0x5, 0xffff, 0x9}, 0x9, 0x6e6bba, 0x2, 0x0, 0x1, 0x1}, {{@in=@remote, 0x4d5, 0x2b}, 0x8, @in6=@remote, 0x3506, 0x1, 0x0, 0x6, 0xc, 0x92f, 0x2}}, 0xe8) 8m38.422680694s ago: executing program 1 (id=673): llistxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/21, 0x15) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x24, r5, 0x1, 0x0, 0x3, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001500)={0x34, r7, 0x1, 0x4000, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$nl_generic(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x198, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfb, {0x12}, [@typed={0xc, 0xe6, 0x0, 0x0, @u64=0x6}, @nested={0x101, 0x146, 0x0, 0x1, [@typed={0x8, 0x11b, 0x0, 0x0, @u32=0xffff}, @nested={0x4, 0xc4}, @generic="a7b2fa3d5619fb6e7824ff2f0e6f77ed87224dd87045f254181f90f50dda05be34fa2298dc03ce6efd1d1f781fc81c191167ad903e19e1b8ce8ce4586bb6afca1e90f9a95d266210cdaf6f8e5def4a8efe9a69546021ff3f79c493127aeda996133ca90a366d377c945db768b7146e5ba93161545bf4aafd07171a4a4fc640646544fb0ee3c20ad34d278277780c50c3b85e7ac9d0d42e5b1f2609f7a98d0a5311ea61aea07bca609f69869ad67d557201cd52756a7399d37df873ef24118510e9ba6789f8befddb1893a2d5c79515f0e1fdf69996cc014107c1d08020eaeb15abb33625b615920f2571e379b6", @nested={0x4, 0x78}]}, @generic="e3067d9c9dd89deb0fcb352ad80495454dcb2201fd61fb76cd4afc3c0229255987db82d5aefee71bdf394e2f399df4eabc726dc4690a056e70b2f1623e2eab6d5cf1f220bd164646fd80ee8821950aa83c284f6370c5dbd6c0eb50099b5dd0136e727a96984c3a7006", @typed={0x5, 0xdb, 0x0, 0x0, @str='\x00'}]}, 0x198}, 0x1, 0x0, 0x0, 0x20000854}, 0x40000) r8 = socket$inet6(0xa, 0x1, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=ANY=[@ANYBLOB="7c0000001800dd8d0000000000000000020000000100000600000000060015000500000058001680540001"], 0x7c}}, 0x20000810) r10 = epoll_create1(0x0) r11 = socket$unix(0x1, 0x2, 0x0) setsockopt$sock_int(r11, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r11, &(0x7f0000000100)={0xa0028000}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r13 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r13, 0x5, &(0x7f00000000c0)='fd', 0x0, r12) r14 = socket$nl_generic(0x10, 0x3, 0x10) r15 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x30, r15, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FLAGS={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) fsconfig$FSCONFIG_SET_FD(r13, 0x5, &(0x7f0000000000)='fd', 0x0, r12) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000180)={@empty, 0x800, 0x0, 0x3, 0x3}, 0x20) r16 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000540), 0x10000, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r16, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)={0x38, r2, 0x1, 0x72bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x6, 0x61}}}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 8m37.936534047s ago: executing program 3 (id=674): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000140)='./file1\x00') mkdir(&(0x7f00000020c0)='./file0\x00', 0x1c8) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100) r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f0000000040)={0x21, &(0x7f00000000c0)=[{0x2, '\x00', @data=0x3256, 0x14}, {0xb, '\x00', @data=0x4}]}) 8m37.796463263s ago: executing program 3 (id=675): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010100}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xf00}, 0x0) 8m37.795600026s ago: executing program 1 (id=676): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) (async) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x140, &(0x7f0000000900)=[{&(0x7f0000000040)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010006080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0xff0f000020000080) 8m37.650241884s ago: executing program 33 (id=676): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) (async) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x140, &(0x7f0000000900)=[{&(0x7f0000000040)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010006080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0xff0f000020000080) 8m22.808183364s ago: executing program 34 (id=675): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010100}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xf00}, 0x0) 8m18.191620997s ago: executing program 6 (id=792): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x310, 0x11, 0x148, 0x310, 0x0, 0x410, 0x2a8, 0x2a8, 0x410, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@inet=@tos={{0x28}, {0x0, 0x8, 0x1}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'nr0\x00', 'netdevsim0\x00', {}, {}, 0x0, 0x0, 0x44}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x508) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000100)={'pimreg\x00', {0x2, 0x0, @dev}}) r1 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0) r2 = socket(0x11, 0x800000002, 0x0) ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000540)={'wlan0\x00', {0x2, 0x0, @private=0xf30a4000}}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000040)={0x3, 0x980914, 0x3}) close(r1) fstat(r0, &(0x7f0000000000)) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f0000000f40)={0x5, 0x0, [{0x8000, 0x7, 0xfffff714, [0x9, 0x9, 0x1af, 0xb9a2, 0x1, 0x10, 0x8, 0x2]}, {0xfffff78a, 0x6, 0x9, [0x9f7, 0x3, 0x1, 0x0, 0x4, 0xf, 0x8, 0x200]}, {0x1ff, 0x9, 0x1ff, [0x94f, 0x1, 0x73e5d9cb, 0x9, 0x0, 0x9, 0xfffffff7, 0x400]}, {0x5, 0x7fffffff, 0xf, [0xbf, 0x100, 0x0, 0x10000, 0x8001, 0xca, 0x100, 0xf08b9bb]}, {0x2e, 0x3, 0x8, [0x8, 0x6, 0xb1, 0x7, 0x7, 0x0, 0x100, 0x4]}]}) ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f00000000c0)=r4) 8m17.98419306s ago: executing program 6 (id=829): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010001fff001201000006000043be4354", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616e00000004000280080004"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) r2 = inotify_init() prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r3 = io_uring_setup(0xc, &(0x7f0000000100)={0x0, 0xc8a1, 0xdb00, 0x8, 0x29}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50) io_uring_enter(r3, 0x2219, 0x7721, 0x1f, 0x0, 0x0) inotify_add_watch(r2, &(0x7f0000000000)='./file0\x00', 0x4200004b) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=0x0) timer_settime(r7, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) landlock_restrict_self(0xffffffffffffffff, 0xc) close(r1) 8m17.896065277s ago: executing program 6 (id=831): r0 = socket$unix(0x1, 0x2, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBLED(r1, 0x4b65, 0x7) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x2, 0x4) connect$unix(r0, &(0x7f0000000140)=@file={0x1, '.\x02\x00'}, 0x6e) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) rt_tgsigqueueinfo(0x0, 0x0, 0x400000a, &(0x7f0000000600)={0x81, 0x3, 0xfffff2bb}) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000140)='./file1\x00') r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f0000000000)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$poke(0x4, r3, &(0x7f0000000080), 0x0) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='fd=', @ANYRES16=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYRESHEX=r4, @ANYRESDEC=0x0]) read$FUSE(r5, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r5, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0xffffffffffffffff, 0x2, 0x80000001, 0x0, 0x0, 0x10000004, {0x40, 0xd08, 0x8, 0xfe, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r5, &(0x7f0000000440)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50) openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) 8m17.772960628s ago: executing program 6 (id=834): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=[@wrmsr={0x65, 0x20, {0x40000000, 0x3}}, @wrmsr={0x65, 0x20, {0x40000001, 0x400000000000003f}}], 0x40}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x38, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCAN_SSIDS={0x1c, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}]}]}, 0x38}}, 0x4080) ioctl$KVM_RUN(r3, 0xae80, 0x0) socket$kcm(0x10, 0x2, 0x0) r7 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, 0x0}) r8 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xd3, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000040)={r7, r8, r7}, &(0x7f0000000240)=""/69, 0x45, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) r10 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r10, 0x0, 0x8, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r10, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18) syz_emit_ethernet(0x46, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x1b, 0x38, 0x0, 0x0, 0xfb, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x7, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @loopback, @rand_addr=0x640100fe, {[@cipso={0x86, 0x6, 0x20}]}}}}}}}, 0x0) r11 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r11}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, 0x0, 0x0}, 0x94) r12 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mq_notify(r12, &(0x7f0000000000)={0x110c230000, 0x3, 0x2}) r13 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r12, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, r13, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}, @MPTCP_PM_ATTR_ADDR={0x3c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x11}, 0x4000) bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) sendto$packet(r9, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) 8m16.842910023s ago: executing program 6 (id=842): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x98}, 0x1, 0x0, 0x0, 0x2000c091}, 0x800) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffd}]}) syz_usb_connect$printer(0x37baa74bb178c350, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0xff, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x130, 0xf, "", [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x7, 0x1, 0x3, 0x2, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x2, 0x7f, 0x1}}}}}]}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x1b, 0x1, 0xb, 0x20, 0x78}, 0x5e, &(0x7f0000000140)={0x5, 0xf, 0x5e, 0x5, [@ssp_cap={0x24, 0x10, 0xa, 0x0, 0x6, 0x6, 0xf000, 0x2, [0xf0, 0xffc030, 0xfe80f0, 0x0, 0x3f00, 0xc0]}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0x5, 0x0, 0x9}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x5, 0x3, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0xf, 0x2}, @ssp_cap={0x20, 0x10, 0xa, 0x12, 0x5, 0x101, 0xf0f, 0xe16, [0xc000, 0xc030, 0x3f0f, 0x30, 0xc000]}]}, 0x1, [{0x101, &(0x7f00000001c0)=@string={0x101, 0x3, "40b0f3c6c927e2ecb0b044caa765154c9f9070083c6f8d1fc241f5d223120d233c466b6e97f059c5150d840f1ff9eef746a9be772d33264ae8151ee7cddc4ae6ba395753f93c6f516e3868083d5506c8e7372219cd405e083ab6efab3f3f92f7ddb59bcd6e6522c735d9bc5cf6199f31507d7e719d892d197af9bbd1c3558979c288042a6caeed25492a77bf8b4e3ad2a20fa266e04ffa559ff169eeb4656c1d741adce1648d6ef2af47100aadf17a1aaa99c87b6a824672cc389dee1fb9ff182c0647006b767e20e49b612287bdfb359193fc018d7c2a52f2fee0dd4f11595ef9150d2752253b442dad831cb2ccce9cf2b3a8254f4aaeb88d23352efbd9b6"}}]}) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha1\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f00000042c0)=[{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000700)="86", 0x1}], 0x1, 0x0, 0x0, 0x4010}], 0x1, 0x20040) r5 = dup2(r0, r2) close_range(r5, 0xffffffffffffffff, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)) 8m16.753843668s ago: executing program 35 (id=842): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x98}, 0x1, 0x0, 0x0, 0x2000c091}, 0x800) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffd}]}) syz_usb_connect$printer(0x37baa74bb178c350, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0xff, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x130, 0xf, "", [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x7, 0x1, 0x3, 0x2, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x2, 0x7f, 0x1}}}}}]}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x1b, 0x1, 0xb, 0x20, 0x78}, 0x5e, &(0x7f0000000140)={0x5, 0xf, 0x5e, 0x5, [@ssp_cap={0x24, 0x10, 0xa, 0x0, 0x6, 0x6, 0xf000, 0x2, [0xf0, 0xffc030, 0xfe80f0, 0x0, 0x3f00, 0xc0]}, @ext_cap={0x7, 0x10, 0x2, 0x8, 0x5, 0x0, 0x9}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x5, 0x3, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0xf, 0x2}, @ssp_cap={0x20, 0x10, 0xa, 0x12, 0x5, 0x101, 0xf0f, 0xe16, [0xc000, 0xc030, 0x3f0f, 0x30, 0xc000]}]}, 0x1, [{0x101, &(0x7f00000001c0)=@string={0x101, 0x3, "40b0f3c6c927e2ecb0b044caa765154c9f9070083c6f8d1fc241f5d223120d233c466b6e97f059c5150d840f1ff9eef746a9be772d33264ae8151ee7cddc4ae6ba395753f93c6f516e3868083d5506c8e7372219cd405e083ab6efab3f3f92f7ddb59bcd6e6522c735d9bc5cf6199f31507d7e719d892d197af9bbd1c3558979c288042a6caeed25492a77bf8b4e3ad2a20fa266e04ffa559ff169eeb4656c1d741adce1648d6ef2af47100aadf17a1aaa99c87b6a824672cc389dee1fb9ff182c0647006b767e20e49b612287bdfb359193fc018d7c2a52f2fee0dd4f11595ef9150d2752253b442dad831cb2ccce9cf2b3a8254f4aaeb88d23352efbd9b6"}}]}) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha1\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f00000042c0)=[{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000700)="86", 0x1}], 0x1, 0x0, 0x0, 0x4010}], 0x1, 0x20040) r5 = dup2(r0, r2) close_range(r5, 0xffffffffffffffff, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)) 4m51.737231508s ago: executing program 0 (id=2945): r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000005c0)={0x8, 0x1, 0x0, 0x3, 0xfffffffa, 0xc, 0x6b15, 0xfffff768, r3}, 0x20) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={r3, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}}, 0x1, 0xf}, 0x90) r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0) r5 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEY(r5, 0x110, 0x1, &(0x7f0000000080)='*\x00', 0x2) r6 = io_uring_setup(0xaae, &(0x7f0000000080)={0x0, 0xdf4, 0x80, 0x7, 0x2, 0x0, r4}) io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil) writev(r4, &(0x7f0000000000)=[{&(0x7f00000001c0)='4', 0x1}], 0x1) 4m51.61090872s ago: executing program 0 (id=2946): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e6574000000000c00078008000640", @ANYRES16=r0], 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20084884) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x300, 0x0, 0x10040003}, 0x0) sendmmsg$sock(r0, &(0x7f0000000580)=[{{&(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x3, 0x3, {0xa, 0x4e20, 0x2, @mcast1, 0x2}}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000180)="344eb17523fb3b4dd8ee68598ffa5d2e2fb49b264da2d904cdba4c829dacc9f634af68d8424173f7156726b8166e992f7cde0faa2c9693f9355324187ff9bd019ec79b5003de7b8679a3f267bced65af0f424ed07864d4", 0x57}, {&(0x7f0000000200)="be8733588644cffff33c15bf8b881f3c6ed3", 0x12}, {&(0x7f0000000400)="b7811ca20b78aa42fb3065cfe354a2b2050002000000000000e68d7e65644a94af04107b8c9724766804241ef3a208d05467ccaaf10d6245eb8e64a80000b6e2b2447fe4566c9cb08b49c39aa111d29a59895ce0015c7d5777460f7eb32127e5799080e1089fea272ee51628bb934e0fdfd214405069f8ff5e58335c21c288dbaaabcf832b50f2f4d94608b77e9aa4e66d3e6946fcc6d94f64b5105e8f0d778ca119b08be0c8b754e7d860b0b68c0525a7571b6dcfebc618ab048b02a587a761bd0260f1f3de08df05306e3094f9432eb2cc39b483a89324604a8cb9", 0xdc}], 0x3, &(0x7f0000000540)=[@mark={{0x14, 0x1, 0x24, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0xe}}], 0x30}}], 0x1, 0x400c801) 4m51.608206281s ago: executing program 0 (id=2947): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async, rerun: 64) r0 = syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 64) syz_clone3(&(0x7f0000000380)={0x22340200, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, &(0x7f0000000340)=[r0], 0x1}, 0x58) (async) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x80047210, &(0x7f0000000040)) 4m50.531674708s ago: executing program 0 (id=2958): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x28, r2, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x4040010) (async) r3 = syz_open_dev$sndctrl(&(0x7f00000002c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r3, 0x40405514, &(0x7f0000000000)={0x6, 0x0, 0x0, 0x0, 'syz0\x00'}) (async) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) (async) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) (async) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0) (async) r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) read$FUSE(r6, &(0x7f00000001c0)={0x2020}, 0x2020) (async) write$FUSE_DIRENTPLUS(r6, &(0x7f0000002200)=ANY=[@ANYBLOB="10000000daffffffd91318071257ec7604f7aa8d7eb310e7535a402cab3504da322acb10fa956b838e9f3d12642de6a34d936c0ee9c6e73ccf7abf28b522ef798dde97ab51b5bffb87433cba7ac3e4afaf6d200dc5e0140fcc40af25ca872d0d881cc7ef0f61da3bb7d5a153fbb9cf8223f60bc29f6436f1702b24fe4945ecb07302747c38eb7ccac59245945bb012f1069ed77f3aa10eed2e08ed67081311fd243f7678e84e590d19a80aa705e1a9bda15b2b", @ANYRES64=0x3], 0x10) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64) r10 = socket(0x10, 0x3, 0x0) (rerun: 64) sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) (async) getsockname$packet(r10, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) (async) sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0) (async) sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x34, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0xffe0}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x4040004) (async, rerun: 64) socket$nl_route(0x10, 0x3, 0x0) (rerun: 64) socket(0x10, 0x803, 0x4) 4m48.006615267s ago: executing program 0 (id=2983): r0 = syz_io_uring_setup(0x7c46, &(0x7f0000000000)={0x0, 0x21b7, 0x80, 0x0, 0xffffff, 0x0, 0x0}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000a40)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='auxv\x00') r4 = socket$inet(0x2, 0x1, 0x100) bind$inet(r4, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10) pipe(&(0x7f0000000340)={0xffffffffffffffff}) r6 = fsopen(&(0x7f00000022c0)='hugetlbfs\x00', 0x1) r7 = fcntl$dupfd(r6, 0x0, r6) fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x200) ioctl$CEC_RECEIVE(r8, 0xc0386106, &(0x7f0000000040)={0x80000001, 0x7f, 0x8, 0x0, 0x0, 0x2, "77afcd484bbeb37fc22331a9d74d92c1", 0x4, 0x3, 0x5, 0x3, 0x10, 0x7, 0x2}) fcntl$getflags(r5, 0x3) ioctl$XFS_IOC_FSBULKSTAT(r5, 0xc0205865, &(0x7f0000000780)={&(0x7f0000000180)=0x4, 0x2, &(0x7f0000000440)=[{}, {}, {}, {}], &(0x7f0000000740)}) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_POWER_SAVE(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002dbd7000fcdbdf253d00000008000300", @ANYRES32=r12, @ANYBLOB="22005d000140da76"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 4m44.396913893s ago: executing program 0 (id=3009): sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=ANY=[], 0x2c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff0000000002000000000000000400010008"], 0x50}}, 0x4000850) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="8011000042000701feffffff00000020017c000004"], 0x1180}, 0x1, 0x0, 0x0, 0xc000}, 0xc000) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, 0x46, 0x107, 0x70bd28, 0x0, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xb, 0x3, &(0x7f0000000a00)=ANY=[], 0x0}, 0x94) listen(r1, 0x2) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0) 4m44.297356258s ago: executing program 36 (id=3009): sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=ANY=[], 0x2c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff0000000002000000000000000400010008"], 0x50}}, 0x4000850) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="8011000042000701feffffff00000020017c000004"], 0x1180}, 0x1, 0x0, 0x0, 0xc000}, 0xc000) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x4) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, 0x46, 0x107, 0x70bd28, 0x0, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xb, 0x3, &(0x7f0000000a00)=ANY=[], 0x0}, 0x94) listen(r1, 0x2) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0) 4.937442847s ago: executing program 7 (id=6406): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x5f) r1 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x22, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0, 0x0, 0x2}]}, 0x1}, 0x1) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r0, 0x0, 0x0, 0x800) r3 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0xc1485544, &(0x7f00000003c0)) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f462d5fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5b0200000000000000ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f0000000600)="e8700e444d50a969ff67347cff6127e6ef12ee38192714820d000000000000004db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd", 0x59}], 0x2, 0x0, 0x0, 0x40480c0}], 0x1, 0x40800) r4 = fcntl$dupfd(r0, 0x406, r3) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b0000001a0001000000ff7f0000000080"], 0x24}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x8, [@var={0x9, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x5f, 0x30, 0x61, 0x61, 0x61, 0x5f]}}, &(0x7f0000000680)=""/234, 0x30, 0xea, 0x2, 0x0, 0x10000, @value=r4}, 0x28) r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockname(r6, 0x0, &(0x7f0000000500)) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0) socket$alg(0x26, 0x5, 0x0) (async) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x5f) (async) syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000000)) (async) io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x22, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0, 0x0, 0x2}]}, 0x1}, 0x1) (async) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async) accept4(r0, 0x0, 0x0, 0x800) (async) syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0) (async) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0xc1485544, &(0x7f00000003c0)) (async) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f462d5fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5b0200000000000000ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f0000000600)="e8700e444d50a969ff67347cff6127e6ef12ee38192714820d000000000000004db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd", 0x59}], 0x2, 0x0, 0x0, 0x40480c0}], 0x1, 0x40800) (async) fcntl$dupfd(r0, 0x406, r3) (async) socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b0000001a0001000000ff7f0000000080"], 0x24}}, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x8, [@var={0x9, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x5f, 0x30, 0x61, 0x61, 0x61, 0x5f]}}, &(0x7f0000000680)=""/234, 0x30, 0xea, 0x2, 0x0, 0x10000, @value=r4}, 0x28) (async) syz_init_net_socket$rose(0xb, 0x5, 0x0) (async) getsockname(r6, 0x0, &(0x7f0000000500)) (async) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0) (async) 4.53002184s ago: executing program 7 (id=6418): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000480)={0x3f, 0x2, 0x2, 0x3}, 0x10) write(r2, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000000000001000000080009001d000000", 0x24) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000040)) write(r1, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) pipe(&(0x7f0000000000)) r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$KVM_GET_MSRS_sys(r3, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x486, 0x0, 0x8001}]}) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="1400000013000100000000000000000008"], 0x14}], 0x1}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x3, [@const={0x0, 0x0, 0x0, 0x9, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @fwd={0x1}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x1}}]}, {0x0, [0x61]}}, 0x0, 0x5b}, 0x28) 4.435229268s ago: executing program 7 (id=6419): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0) syz_usbip_server_init(0x6) bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) write$sequencer(r0, &(0x7f0000000000)=[@t={0x81, 0x5, 0x0, 0x1, @generic=0xf}], 0x8) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@t={0x81, 0x5, 0x3, 0x4, @generic=0xffffe861}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0xa, 0x4}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x87e272306c76c2bf) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000002c0)={r2, 0x40, 0x475da40b, 0x9}) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$SNDCTL_TMR_STOP(r0, 0x5403) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@acquire], 0xffffffffffffff47, 0x0, 0x0}) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none') dup3(r4, r1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x3f00}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x1, 0xffffffffffffffff}}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0xda32}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) sendmsg$inet(r3, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000400)="2fd0e450fe3d982ee3496ae2ba672e6bad6096c59e0c11f3ab2ebfc3473577dbcb99fe4f35f9340f68fa9ab774279f87c504f9a426594d53f9229ae2a30e0458647995509b21443e07034c1f00cbc9dd591b7378566cf4faebbd36167042b79da2d6a3bd650a3be41030cfc718006dc6728a835a715a", 0x76}], 0x1, &(0x7f00000004c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xa5}}], 0x18}, 0x200008d1) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0) r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f00000001c0)={0x1, @pix_mp={0x1, 0xde4, 0x50323234, 0x8, 0xc, [{0x40, 0x4}, {0x99, 0x9}, {0x7, 0xa}, {0x1, 0x8001}, {0x1ff, 0x20000}, {0x8, 0x9}, {0xfffffffa, 0x2}, {0x52c8, 0x3}], 0x8, 0xa2, 0x4, 0x1, 0x1}}) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0xfffffffffffffffd}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000800)={@ptr={0x73622a85, 0x0, 0x0, 0x0, 0x0, 0x1a}, @flat=@binder={0x73622a85, 0x1000, 0x3}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000240)={0x0, 0x28, 0x40}}, 0x1040}], 0x0, 0x0, 0x0}) write$uinput_user_dev(r2, &(0x7f0000000880)={'syz1\x00', {0x6, 0x8000, 0x101, 0x5}, 0x3e, [0xa9c, 0x38, 0x9d2d, 0x27c19938, 0x91, 0x5, 0x155dce06, 0x2, 0x60b, 0x8, 0x9, 0x6, 0x4, 0x4, 0x8, 0x3, 0x6, 0xfe, 0x9, 0x4, 0x5, 0x44, 0xd21, 0x401, 0x0, 0x5, 0x6, 0x1, 0xb7ba, 0x5, 0xbd5, 0x8, 0x2, 0xe, 0x400, 0x8, 0x0, 0xffffffff, 0x8, 0x3, 0x9, 0x33, 0x3, 0x9, 0x39, 0x4, 0x6, 0x4, 0x7, 0xffffffff, 0x448, 0x0, 0xfffffff9, 0x8001, 0x93a, 0x4, 0x9, 0x8, 0xd, 0x7, 0x8001, 0x2, 0x7, 0x90000], [0x745, 0xb70, 0x4, 0x6, 0x4, 0x80000000, 0x7f, 0x10000, 0x3, 0xc, 0x1000, 0x2, 0xc, 0xfe0b, 0x800, 0x80, 0x3ff, 0x8, 0x6, 0x5a5d, 0x67, 0x6, 0x6, 0x1, 0x64af, 0x7c, 0x8, 0xf, 0x90000000, 0x6cc, 0x7ff, 0x0, 0x8, 0x9, 0x1, 0x10, 0x9, 0x1, 0xd126, 0x3a, 0x4, 0x477, 0xf, 0x7, 0x9, 0xb0, 0x86, 0x23, 0x1181, 0xffff7f83, 0x9, 0x6, 0x1, 0xd, 0x77, 0x401, 0x5, 0x5, 0x0, 0x12, 0x81, 0x3, 0x7, 0x1], [0x8, 0x8, 0x6000000, 0x0, 0x1, 0xffffffff, 0x0, 0x3, 0x2, 0x6, 0x5, 0x5, 0x3, 0x72, 0x7, 0x2, 0x5, 0x6, 0x5, 0x4, 0x0, 0x49d, 0x7fff, 0xfffffffd, 0x1, 0x4, 0x49aba9e8, 0x4, 0x7fffffff, 0x4, 0x8001, 0xffe0000, 0xf, 0x800, 0x5, 0x7, 0x9, 0x2, 0x3, 0x1, 0xfffffffc, 0x1b, 0x7, 0x9, 0x4, 0x8, 0xabf, 0x2, 0x19d, 0x3, 0x0, 0x101, 0x4a46, 0x2f, 0x4, 0x10, 0x8, 0x157a, 0x9, 0x7, 0x7fff, 0x0, 0x0, 0x1], [0x61376d15, 0x2da62c0a, 0x4, 0x5a, 0x4, 0x4, 0x7f, 0x2, 0x4269, 0xa7ec, 0x4, 0x3, 0x5, 0x7fffffff, 0xfff, 0x5, 0x3, 0x6, 0x1833, 0xd21, 0x5, 0x2, 0x6, 0xffffffff, 0x6, 0x1, 0x3, 0x712, 0x10000, 0x7, 0x5, 0x6, 0xda, 0x7, 0x0, 0xff, 0x7, 0x4, 0x5, 0x5, 0xffff, 0x8, 0x681b, 0x3, 0x8001, 0x9, 0x3, 0x9, 0x7, 0xa2, 0x6, 0xa, 0x5, 0x858, 0x81, 0x3, 0x3d, 0xffffff15, 0x5, 0x272b, 0x2, 0xa75f, 0x7, 0x4]}, 0x45c) 3.683677705s ago: executing program 8 (id=6431): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x400000000, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) ioctl$BLKPG(r4, 0x1269, &(0x7f0000000000)={0x1, 0x0, 0x98, &(0x7f00000004c0)={0x10001, 0x6, 0xb}}) (fail_nth: 7) 3.430677501s ago: executing program 8 (id=6433): r0 = socket$netlink(0x10, 0x3, 0x6) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000200001032cbd70004000000802000000000000000100010008001a"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0) 3.355256702s ago: executing program 8 (id=6434): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x10, 0x2, [@TCA_TAPRIO_ATTR_SCHED_BASE_TIME={0xc, 0x3, 0x3}]}}]}, 0x40}, 0x1, 0x0, 0xc00000000000000}, 0x0) 3.194158215s ago: executing program 4 (id=6436): set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003a00)=[{}, {0x0, 0x0, &(0x7f00000024c0)=[{&(0x7f0000001140)="942c96fe071621e3d1a665e762cf2ffe4046a4cfecb8cbbedd8daf7082b79e73c5b3c2f145661f0da265272ed5dbe6266348114a7c62b1a2d73ed8fc70bd381c18f71413c1952b9db59c5cc940f1937f3b9435bf8116c05b", 0x58}], 0x1, 0x0, 0x1c0, 0x24004050}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1018, 0x48000}], 0x3, 0x40800) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000100)={'\x00', 0x0, 0x0, {0xfffffffffffffff8, 0x10000}, {0x6, 0x6}, 0xab4, [0x5, 0x7a, 0x1, 0x4000000005, 0x40, 0x63, 0xffffffffffffffff, 0x5f, 0x2, 0xfffffffffffffffd, 0x10, 0x4, 0x6, 0xffdffffffffffff7, 0x1, 0xa]}) (async) r1 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x169101, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000180)) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x150, 0x0, &(0x7f00000011c0)="f6f4e9a10000502468da5eb17914cb11ad63bf3707164aac031971560900000053f86fbc6b204e076aa7a493e796123bbbd8e3b7e62d8fd097cf21d6d431a069ebc0aefd5fce80cc99fb38c771df46e2c36a95fe998760277711a14806e47f47b0aedc10a0c8c5cc448b0f978ec272258539135c4a7738e11b36076a90d92ce1f925d8742a31dd798eb4f1daae1a32aa362e954fa7fcd2b1b4eb502fef43e30d8ceaba62aec3b738100ae04b2a97cdd9ea262ab669a6f5d1bd5172697e3191aa43ff3fd8eaee6d38980b16ddde02982cc7a44971d968a5644997efcca4812d28ebfe7508befb0f8b23268ae0612524afb6f31768372a257eae3e0122b6fd2600ab50e898565608e73d3c14c831a841ba041dc31b4b8507f699ea1fff2c331656f06e07e8712dcbc61b5d97dc704beaa5474043db767fc257b860a0bbadf1c612a8cb1db86b25177988213b9fbc108c1b", 0x0, 0x86, 0x0, 0x27, 0x0, &(0x7f0000000000)="daf9e846ab1563fc71c78e3ab950dbe54c62f1fb2bb59652333536dbfd26a6d0546366e36eb77d", 0x0, 0x1}, 0x50) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendto(r2, &(0x7f0000000f80), 0x0, 0x10, 0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) (async, rerun: 64) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) (rerun: 64) ioctl$F2FS_IOC_SEC_TRIM_FILE(r0, 0x4018f514, 0x0) (async) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) (async) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) (async) r6 = accept$alg(r5, 0x0, 0x0) r7 = accept4(r6, 0x0, 0x0, 0x0) sendmmsg$unix(r7, &(0x7f0000003280)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000180)="80d62f", 0x3}, {&(0x7f0000000240)="8932ea", 0x3}], 0x2, 0x0, 0x0, 0xc001}}], 0x1, 0x1) (async) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000003, 0x42032, r7, 0x200000000000000) 3.067194098s ago: executing program 8 (id=6437): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x330, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x260, 0x2e0, 0x2e0, 0x260, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xd8, 0x120, 0x0, {0x0, 0x32}, [@common=@frag={{0x30}, {[0x0, 0x3f3], 0x2, 0x1, 0x1}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x1, 'syz0\x00', {0x9}}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xb}}, @inet=@rpfilter={{0x28}, {0xc}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x390) 3.066927228s ago: executing program 8 (id=6438): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c010000100013070000c6000000000000000000000000000000000000000000ff0100000000db000000000000000001000000004e756301000000002e000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac1414bb000000000000000000000000000004d632000000e0000002000000000000000000000000020000000000000000000000000000000000000000000000090000000000200001000000ffffffff00000000000000003f0000000000000043050000000000000400000000000000ffffffffffffff7fffffffffffffffff07000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000080000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r2], 0x15c}, 0x1, 0x0, 0x0, 0x890}, 0x2014) 2.990423805s ago: executing program 8 (id=6439): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x10000}, 0x28) setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, 0x0, 0x0) ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89ed, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x100, 0x25dfdbfd, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x128, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xffffffffffffffff}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x34}, [@coaddr={0x14, 0xe, @in6=@remote}, @lifetime_val={0x24, 0x9, {0x3, 0x8000000000000001, 0xb4, 0x5}}]}, 0x128}}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x70bd2a, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast1, 0xffff, 0x0, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60000}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) fsopen(&(0x7f0000000000)='ceph\x00', 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48) syz_usb_connect(0x2, 0x2d, &(0x7f0000000a00)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e402010902"], 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_SET(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x2c, r7, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x24008040) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x4, 0x2, 0x9, 0xe1, 0x10, @loopback, @private0, 0x8000, 0x0, 0x7, 0x800}}) sendmsg$ETHTOOL_MSG_WOL_GET(r1, &(0x7f0000000480)={&(0x7f0000000200), 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r7, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044800}, 0x40000) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r5, 0x0, 0x0}, 0x10) 2.871854665s ago: executing program 7 (id=6440): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="6112300bd800000061134c0000000000bf2000000000000016001000071b48013d030100000000000702000000b0ff80bc26100000000000bf6720000000000016020000000000016702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48) 2.871452923s ago: executing program 7 (id=6441): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8001, 0x1, @loopback, 0xfffffff6}, 0x1c) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4) listen(r1, 0x2) pipe2$9p(0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), 0x0, 0xfa, &(0x7f0000000280)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x57, 0x8, 0x8, &(0x7f0000000180)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x11, '\x00', r2, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r3}, 0x94) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c0008"], 0xd8}}, 0x20008004) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000100)={0x40, 0x15, 0xff, 0x7, 0x2, 0x54f, &(0x7f00000001c0)="9904"}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'gretap0\x00', 0x0}) ioctl$COMEDI_SETWSUBD(0xffffffffffffffff, 0x6411) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r6], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) 2.78749518s ago: executing program 7 (id=6442): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000015c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_PMKSA(r4, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000240)={0x28, r5, 0x201, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x4000844) ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000100)={0x2000, 0xc000}) 1.270903907s ago: executing program 4 (id=6443): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) socket$packet(0x11, 0x2, 0x300) connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e28, 0x80000000, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e20, @multicast2}}}, 0x88) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000000000002000000e0"], 0x190) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, 0x0, 0x0) sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = socket$kcm(0x29, 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3000000040000100feffffffffdbdf25017c0000040042836b00018006000600800a00000c0002800800ffff04000100"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0x800c000) getsockopt$IP_VS_SO_GET_DAEMON(r5, 0x119, 0x487, 0x0, 0x0) r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r7, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0x8, 0x5, {}, 0x1, 0x2, 0x4}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x80000001}}}, 0x118) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYRES16=0x0], &(0x7f0000000140)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x8}, 0x94) r10 = inotify_init1(0x800) dup2(r6, r10) r11 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r11, &(0x7f0000000000)={0x0, 0x1, 0x7, 0x3, 0xfd}, 0x8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r9, 0x0, 0x25, 0x0, @void}, 0x10) sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, 0x0, {0x0, 0x7}, {0x0, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 1.024759712s ago: executing program 4 (id=6445): r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000005c00)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xe0}}, {{&(0x7f0000005a80)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10, &(0x7f0000005bc0)=[{&(0x7f0000005ac0)='h', 0x1}], 0x1, 0x0, 0x0, 0x20050000}}], 0x2, 0xe000) 1.024145285s ago: executing program 4 (id=6446): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mkdir(&(0x7f0000000180)='./file0/file0\x00', 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), r0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'tunl0\x00', &(0x7f0000000300)={'gretap0\x00', 0x0, 0x700, 0x8000, 0xf, 0x1, {{0x21, 0x4, 0x2, 0x5, 0x84, 0x66, 0x0, 0x2a, 0x29, 0x0, @loopback, @private=0xa010105, {[@rr={0x7, 0xb, 0x7f, [@remote, @local]}, @generic={0x88, 0x4, "2c81"}, @noop, @ssrr={0x89, 0xb, 0x9b, [@empty, @multicast1]}, @timestamp_prespec={0x44, 0x2c, 0x71, 0x3, 0x4, [{@multicast1, 0x5}, {@local, 0x7}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x1}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x8}, {@broadcast, 0x30e}]}, @cipso={0x86, 0x1c, 0xffffffffffffffff, [{0x0, 0x6, "667cdfa6"}, {0x7, 0xb, "100000000000000000"}, {0x1, 0x5, "855946"}]}, @timestamp_prespec={0x44, 0xc, 0xcb, 0x3, 0x7, [{@local, 0x10}]}]}}}}}) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macvtap0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000001d0001008a0000000000000007000000", @ANYRES32=r5, @ANYBLOB="f60012000a0002"], 0x28}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000005c0)={'syztnl0\x00', &(0x7f0000000540)={'ip6_vti0\x00', 0x0, 0x2f, 0x84, 0x9, 0x8, 0x1, @mcast1, @dev={0xfe, 0x80, '\x00', 0x13}, 0x7800, 0x1, 0x2d00, 0x382}}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'vcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000740)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)={0xc8, r3, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x24000884}, 0x40800) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x4c, r1, 0xd55319eec59dfa33, 0xfffffffd, 0x25dfdbfc, {{}, {@void, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x0, 0x67}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'caif0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}]]}, 0x4c}, 0x1, 0x0, 0x0, 0xc804}, 0xc2010) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) r10 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r10, 0x84, 0xc, &(0x7f00000000c0), 0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f0000000200)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r10, 0x84, 0x6c, &(0x7f0000000c00)={r11, 0x10, "0d037a3433ee92ae59c1b169cf6ed6e0"}, &(0x7f00000001c0)=0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c2) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) rmdir(&(0x7f0000000240)='./file0\x00') 394.421312ms ago: executing program 5 (id=6450): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="5c010000100013070000c6000000000000000000000000000000000000000000ff0100000000db000000000000000001000000004e756301000000002e000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac1414bb000000000000000000000000000004d632000000e0000002000000000000000000000000020000000000000000000000000000000000000000000000090000000000000008000000ffffffff00000000000000003f0000000000000043050000000000000400000000000000ffffffffffffff7fffffffffffffffff07000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000080000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r2], 0x15c}, 0x1, 0x0, 0x0, 0x890}, 0x2014) 394.206241ms ago: executing program 5 (id=6451): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="6112307fe000000061134c0000000000bf2000000000000016001000071b48013d030100000000000702000000b0ff80bc26100000000000bf6720000000000016020000000000016702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48) 392.517808ms ago: executing program 5 (id=6452): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/net', 0x0, 0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/cgroup\x00') openat(r0, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x117) 309.666694ms ago: executing program 5 (id=6453): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) socket$packet(0x11, 0x2, 0x300) connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e28, 0x80000000, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e20, @multicast2}}}, 0x88) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000000000002000000e0"], 0x190) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, 0x0, 0x0) sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0) socket$netlink(0x10, 0x3, 0xf) r5 = socket$kcm(0x29, 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3000000040000100feffffffffdbdf25017c0000040042836b00018006000600800a00000c0002800800ffff04000100"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0x800c000) getsockopt$IP_VS_SO_GET_DAEMON(r5, 0x119, 0x487, 0x0, 0x0) r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r7, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0x8, 0x5, {}, 0x1, 0x2, 0x4}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x80000001}}}, 0x118) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYRES16=0x0], &(0x7f0000000140)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x8}, 0x94) r10 = inotify_init1(0x800) dup2(r6, r10) r11 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r11, &(0x7f0000000000)={0x0, 0x1, 0x7, 0x3, 0xfd}, 0x8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r9, 0x0, 0x25, 0x0, @void}, 0x10) sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, 0x0, {0x0, 0x7}, {0x0, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 213.273538ms ago: executing program 5 (id=6454): syz_clone(0x2000, &(0x7f0000000240)="e17bd837af2e", 0x6, 0x0, 0x0, 0x0) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x80800) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00') lseek(r3, 0xfffffffffffffffe, 0x2) sendmmsg$alg(r2, &(0x7f00000027c0)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38f", 0x5}, {&(0x7f0000000140)="ebe3a0e9", 0x4}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x44040}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03", 0x3}], 0x1}, 0x0) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r4) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r6], 0x1c}}, 0x4008054) write$nci(r0, &(0x7f0000000240)=ANY=[@ANYBLOB='p\x00\t'], 0xc) write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5001"], 0x14) 63.511072ms ago: executing program 4 (id=6455): r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000005c00)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xe0}}, {{&(0x7f0000005a80)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10, &(0x7f0000005bc0)=[{&(0x7f0000005ac0)='h', 0x1}], 0x1, 0x0, 0x0, 0x60000000}}], 0x2, 0xe000) 62.984477ms ago: executing program 5 (id=6456): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) ioperm(0x0, 0x80, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a40)=ANY=[@ANYBLOB="3c0100001900010000000000"], 0x13c}, 0x1, 0x0, 0x0, 0x11}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) ioprio_set$pid(0x2, 0x0, 0x6000) r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'wlan1\x00', 0x0}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc4f}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2200, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000001c0)={0x1, 0x0, [{0xc0010141, 0x0, 0xfa}]}) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r7 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r6, &(0x7f0000bb9000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000005c0)="0f01cf66b9800000c00f326635000400000f303664652665660f3829710d66b9d60a000066b80300000066ba000000000f3066b97d09000066b80000000066ba000000800f30ffc20f01ca650f01dfb800098ed00f07", 0x56}], 0x1, 0x0, &(0x7f0000000100)=[@cstype0={0x4, 0x6}], 0x27) ioctl$KVM_INTERRUPT(r6, 0x4004ae86, &(0x7f00000000c0)=0x6) ioctl$KVM_RUN(r6, 0xae80, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x381841, 0x0) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) r8 = socket$kcm(0x29, 0x2, 0x0) r9 = memfd_create(&(0x7f0000000640)='\xcd\xff\xea\x1f\x02\x00E\x88-\xb0\xbc`(\xe8\x92\xe9\xf9\xd0\x803\x05\x00R\xac\x15\xfb\x8e\x7fx,\x9c\x00\x00\x00\x90\xc7\x11U\xdcd\\\xdc\x1b+\tq\xf4\xbe\x99\xd6\x11;\x9b\xc4\xad\xf73|J\x96\xf4L\xfb\xf2\xba\xe5\xdd0 }\x9bdq\xa9X\xed\xef\xf2\t\xafN\x80\xe2\x14\xbc\xc3Le\xe2p.&\x00\x10N\xe6\xd5\xfb]\xe4\x9a\x83FS\xc4&\xf3T\xa8\x8b\xb5L\xafx\x9cco&?\xb1\x95?z\xd3\xdb.7\xc1\xc8b\xe9|\xaaM\x04+*\x18\x86!:\x7fp\xf1\xacsPxx \xf3\x14w\xb6\x8e\xae\xa3\x11\x02\xd0N\xfcu\xc7\xb0\nr\x95l\xc7\xbc\x0e;\xcb\xfbn\x03\x935\xfb\xf8Z\xd0V-,\xf1\xea\r\xef\xfe_\xee\xb1\xc0\x06\xbegmU_*\xd7\x1f\x00'/219, 0x2) pwritev(r9, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x3, 0x0) sendmsg$inet(r8, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)='\n', 0x1}], 0x1}, 0x800) sendfile(r8, r9, 0x0, 0x8000fb00) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0e000000040000000800000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 0s ago: executing program 4 (id=6457): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x400000000, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) ioctl$BLKPG(r4, 0x1269, &(0x7f0000000000)={0x1, 0x0, 0x98, &(0x7f00000004c0)={0x10001, 0x6, 0xb}}) (fail_nth: 9) kernel console output (not intermixed with test programs): t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 626.382468][ T9488] dw2102: su3000_power_ctrl: 0, initialized 1 [ 626.390961][ T40] audit: type=1400 audit(2000524665.826:35377): avc: denied { ioctl } for pid=5332 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=4477 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 626.394646][ T9488] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 626.397278][ T9488] usb 12-1: USB disconnect, device number 55 [ 626.555321][ T9488] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 626.736242][ T5836] usb 13-1: new high-speed USB device number 28 using dummy_hcd [ 626.773442][T25836] FAULT_INJECTION: forcing a failure. [ 626.773442][T25836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 626.778482][T25836] CPU: 3 UID: 0 PID: 25836 Comm: syz.7.6053 Tainted: G L syzkaller #0 PREEMPT(full) [ 626.778505][T25836] Tainted: [L]=SOFTLOCKUP [ 626.778510][T25836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 626.778518][T25836] Call Trace: [ 626.778525][T25836] [ 626.778531][T25836] dump_stack_lvl+0x100/0x190 [ 626.778555][T25836] should_fail_ex.cold+0x5/0xa [ 626.778577][T25836] _copy_from_user+0x2e/0xd0 [ 626.778617][T25836] input_event_from_user+0x123/0x310 [ 626.778634][T25836] ? __pfx_input_event_from_user+0x10/0x10 [ 626.778649][T25836] ? __pfx___might_resched+0x10/0x10 [ 626.778670][T25836] ? input_inject_event+0x1a6/0x390 [ 626.778687][T25836] evdev_write+0x342/0x610 [ 626.778706][T25836] ? __pfx_evdev_write+0x10/0x10 [ 626.778722][T25836] ? bpf_lsm_file_permission+0x9/0x10 [ 626.778744][T25836] ? security_file_permission+0x76/0x210 [ 626.778764][T25836] ? rw_verify_area+0xce/0x6d0 [ 626.778785][T25836] vfs_write+0x2aa/0x1070 [ 626.778806][T25836] ? __pfx_evdev_write+0x10/0x10 [ 626.778822][T25836] ? __pfx_vfs_write+0x10/0x10 [ 626.778841][T25836] ? find_held_lock+0x2b/0x80 [ 626.778876][T25836] ? __fget_files+0x215/0x3d0 [ 626.778890][T25836] ? __fget_files+0x215/0x3d0 [ 626.778904][T25836] ? __fget_files+0x21f/0x3d0 [ 626.778919][T25836] ksys_write+0x1f8/0x250 [ 626.778936][T25836] ? __pfx_ksys_write+0x10/0x10 [ 626.778958][T25836] ? rcu_is_watching+0x12/0xc0 [ 626.778979][T25836] do_syscall_64+0x10b/0xf80 [ 626.778994][T25836] ? clear_bhb_loop+0x40/0x90 [ 626.779013][T25836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.779029][T25836] RIP: 0033:0x7f781539c819 [ 626.779043][T25836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 626.779058][T25836] RSP: 002b:00007f78162d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 626.779078][T25836] RAX: ffffffffffffffda RBX: 00007f7815615fa0 RCX: 00007f781539c819 [ 626.779090][T25836] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 626.779099][T25836] RBP: 00007f78162d8090 R08: 0000000000000000 R09: 0000000000000000 [ 626.779109][T25836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 626.779118][T25836] R13: 00007f7815616038 R14: 00007f7815615fa0 R15: 00007ffd737a2548 [ 626.779140][T25836] [ 626.918083][ T5836] usb 13-1: Using ep0 maxpacket: 32 [ 626.921566][ T5836] usb 13-1: unable to get BOS descriptor or descriptor too short [ 626.926300][ T5836] usb 13-1: config 8 has an invalid interface number: 188 but max is 0 [ 626.929412][ T5836] usb 13-1: config 8 has no interface number 0 [ 626.933560][ T5836] usb 13-1: config 8 interface 188 has no altsetting 0 [ 626.939700][ T5836] usb 13-1: string descriptor 0 read error: -22 [ 626.941808][ T5836] usb 13-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 626.945914][ T5836] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 626.957802][ T5836] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 626.961678][ T5836] dw2102: su3000_power_ctrl: 1, initialized 0 [ 626.964712][ T5836] dvb-usb: bulk message failed: -22 (2/0) [ 626.970837][ T5836] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 626.977574][ T5836] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 626.980467][ T5836] usb 13-1: media controller created [ 626.983029][ T5836] dvb-usb: bulk message failed: -22 (6/0) [ 626.985151][ T5836] dw2102: i2c transfer failed. [ 626.986779][ T5836] dvb-usb: bulk message failed: -22 (6/0) [ 626.988943][ T5836] dw2102: i2c transfer failed. [ 626.990910][ T5836] dvb-usb: bulk message failed: -22 (6/0) [ 626.994363][ T5836] dw2102: i2c transfer failed. [ 626.998000][ T5836] dvb-usb: bulk message failed: -22 (6/0) [ 626.999942][ T5836] dw2102: i2c transfer failed. [ 627.001479][ T5836] dvb-usb: bulk message failed: -22 (6/0) [ 627.003742][ T5836] dw2102: i2c transfer failed. [ 627.005536][ T5836] dvb-usb: bulk message failed: -22 (6/0) [ 627.007627][ T5836] dw2102: i2c transfer failed. [ 627.009419][ T5836] dvb-usb: MAC address: 02:02:02:02:02:02 [ 627.031307][ T5836] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 627.048333][ T5836] dvb-usb: bulk message failed: -22 (3/0) [ 627.051516][ T5836] dw2102: command 0x0e transfer failed. [ 627.053457][ T5836] dvb-usb: bulk message failed: -22 (3/0) [ 627.055919][ T5836] dw2102: command 0x0e transfer failed. [ 627.222553][T25867] netlink: 'syz.7.6061': attribute type 27 has an invalid length. [ 627.228401][T25867] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6061'. [ 627.232416][T25867] openvswitch: netlink: Flow key attr not present in new flow. [ 627.246639][T25867] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6061'. [ 627.399077][ T5836] dvb-usb: bulk message failed: -22 (3/0) [ 627.401873][ T5836] dw2102: command 0x0e transfer failed. [ 627.404287][ T5836] dvb-usb: bulk message failed: -22 (3/0) [ 627.406758][ T5836] dw2102: command 0x0e transfer failed. [ 627.409130][ T5836] dvb-usb: bulk message failed: -22 (1/0) [ 627.412018][ T5836] dw2102: command 0x51 transfer failed. [ 627.414663][T25819] dw2102: i2c wr: len=66 is too big! [ 627.414663][T25819] [ 627.433546][ T5836] DVB: Unable to find symbol ds3000_attach() [ 627.436361][ T5836] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 627.484864][ T5836] rc_core: IR keymap rc-su3000 not found [ 627.488601][ T5836] Registered IR keymap rc-empty [ 627.493122][ T5836] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.8/usb13/13-1/rc/rc0 [ 627.499857][ T5836] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.8/usb13/13-1/rc/rc0/input99 [ 627.512361][ T5836] dvb-usb: schedule remote query interval to 150 msecs. [ 627.515657][ T5836] dw2102: su3000_power_ctrl: 0, initialized 1 [ 627.518962][ T5836] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 627.525435][ T5836] usb 13-1: USB disconnect, device number 28 [ 627.644870][ T5836] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 627.765721][T25878] FAULT_INJECTION: forcing a failure. [ 627.765721][T25878] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 627.772001][T25878] CPU: 0 UID: 0 PID: 25878 Comm: syz.5.6065 Tainted: G L syzkaller #0 PREEMPT(full) [ 627.772039][T25878] Tainted: [L]=SOFTLOCKUP [ 627.772047][T25878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 627.772060][T25878] Call Trace: [ 627.772072][T25878] [ 627.772082][T25878] dump_stack_lvl+0x100/0x190 [ 627.772120][T25878] should_fail_ex.cold+0x5/0xa [ 627.772152][T25878] _copy_from_user+0x2e/0xd0 [ 627.772187][T25878] input_event_from_user+0x123/0x310 [ 627.772213][T25878] ? __pfx_input_event_from_user+0x10/0x10 [ 627.772237][T25878] ? __pfx___might_resched+0x10/0x10 [ 627.772263][T25878] ? input_inject_event+0x1a6/0x390 [ 627.772287][T25878] evdev_write+0x342/0x610 [ 627.772313][T25878] ? __pfx_evdev_write+0x10/0x10 [ 627.772336][T25878] ? bpf_lsm_file_permission+0x9/0x10 [ 627.772363][T25878] ? security_file_permission+0x76/0x210 [ 627.772390][T25878] ? rw_verify_area+0xce/0x6d0 [ 627.772420][T25878] vfs_write+0x2aa/0x1070 [ 627.772447][T25878] ? __pfx_evdev_write+0x10/0x10 [ 627.772470][T25878] ? __pfx_vfs_write+0x10/0x10 [ 627.772495][T25878] ? find_held_lock+0x2b/0x80 [ 627.772523][T25878] ? __fget_files+0x215/0x3d0 [ 627.772541][T25878] ? __fget_files+0x215/0x3d0 [ 627.772563][T25878] ? __fget_files+0x21f/0x3d0 [ 627.772590][T25878] ksys_write+0x1f8/0x250 [ 627.772617][T25878] ? __pfx_ksys_write+0x10/0x10 [ 627.772646][T25878] ? rcu_is_watching+0x12/0xc0 [ 627.772677][T25878] do_syscall_64+0x10b/0xf80 [ 627.772696][T25878] ? clear_bhb_loop+0x40/0x90 [ 627.772719][T25878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.772739][T25878] RIP: 0033:0x7f8a8419c819 [ 627.772757][T25878] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 627.772775][T25878] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 627.772814][T25878] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 627.772827][T25878] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 627.772839][T25878] RBP: 00007f8a84f95090 R08: 0000000000000000 R09: 0000000000000000 [ 627.772850][T25878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 627.772862][T25878] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 627.772889][T25878] [ 628.036611][T25891] netlink: 'syz.4.6071': attribute type 27 has an invalid length. [ 628.092124][T25893] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6071'. [ 628.095382][T25893] openvswitch: netlink: Flow key attr not present in new flow. [ 628.099956][T25893] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6071'. [ 628.172282][T16620] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 628.175617][T16620] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 628.180338][T16620] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 628.184263][T16620] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 628.213252][T25895] fuse: Unknown parameter 'rootmj¾¬Pò§C /00ýi}Wø¾a¹g‚u000000q§.ãR' [ 628.362594][ T1250] nci: nci_rx_work: unknown MT 0x7 [ 628.467328][T25909] FAULT_INJECTION: forcing a failure. [ 628.467328][T25909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 628.473695][T25909] CPU: 0 UID: 0 PID: 25909 Comm: syz.7.6075 Tainted: G L syzkaller #0 PREEMPT(full) [ 628.473726][T25909] Tainted: [L]=SOFTLOCKUP [ 628.473732][T25909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 628.473744][T25909] Call Trace: [ 628.473752][T25909] [ 628.473773][T25909] dump_stack_lvl+0x100/0x190 [ 628.473802][T25909] should_fail_ex.cold+0x5/0xa [ 628.473830][T25909] _copy_from_user+0x2e/0xd0 [ 628.473859][T25909] input_event_from_user+0x123/0x310 [ 628.473881][T25909] ? __pfx_input_event_from_user+0x10/0x10 [ 628.473901][T25909] ? __pfx___might_resched+0x10/0x10 [ 628.473932][T25909] ? input_inject_event+0x1a6/0x390 [ 628.473955][T25909] evdev_write+0x342/0x610 [ 628.473981][T25909] ? __pfx_evdev_write+0x10/0x10 [ 628.474002][T25909] ? bpf_lsm_file_permission+0x9/0x10 [ 628.474028][T25909] ? security_file_permission+0x76/0x210 [ 628.474054][T25909] ? rw_verify_area+0xce/0x6d0 [ 628.474081][T25909] vfs_write+0x2aa/0x1070 [ 628.474107][T25909] ? __pfx_evdev_write+0x10/0x10 [ 628.474127][T25909] ? __pfx_vfs_write+0x10/0x10 [ 628.474151][T25909] ? find_held_lock+0x2b/0x80 [ 628.474177][T25909] ? __fget_files+0x215/0x3d0 [ 628.474194][T25909] ? __fget_files+0x215/0x3d0 [ 628.474218][T25909] ? __fget_files+0x21f/0x3d0 [ 628.474244][T25909] ksys_write+0x1f8/0x250 [ 628.474271][T25909] ? __pfx_ksys_write+0x10/0x10 [ 628.474299][T25909] ? rcu_is_watching+0x12/0xc0 [ 628.474330][T25909] do_syscall_64+0x10b/0xf80 [ 628.474349][T25909] ? clear_bhb_loop+0x40/0x90 [ 628.474371][T25909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.474390][T25909] RIP: 0033:0x7f781539c819 [ 628.474407][T25909] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 628.474425][T25909] RSP: 002b:00007f78162b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 628.474444][T25909] RAX: ffffffffffffffda RBX: 00007f7815616090 RCX: 00007f781539c819 [ 628.474456][T25909] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 628.474467][T25909] RBP: 00007f78162b7090 R08: 0000000000000000 R09: 0000000000000000 [ 628.474477][T25909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 628.474488][T25909] R13: 00007f7815616128 R14: 00007f7815616090 R15: 00007ffd737a2548 [ 628.474514][T25909] [ 628.610210][T25911] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2320 sclass=netlink_route_socket pid=25911 comm=syz.8.6076 [ 628.610726][T25912] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2320 sclass=netlink_route_socket pid=25912 comm=syz.8.6076 [ 629.155602][T25919] overlayfs: metacopy with no lower data found - abort lookup (/file1) [ 629.493860][ T9488] usb 10-1: new high-speed USB device number 69 using dummy_hcd [ 629.653985][ T9488] usb 10-1: Using ep0 maxpacket: 32 [ 629.658789][ T9488] usb 10-1: unable to get BOS descriptor or descriptor too short [ 629.664042][ T9488] usb 10-1: config 8 has an invalid interface number: 188 but max is 0 [ 629.668435][ T9488] usb 10-1: config 8 has no interface number 0 [ 629.671156][ T9488] usb 10-1: config 8 interface 188 has no altsetting 0 [ 629.677434][ T9488] usb 10-1: string descriptor 0 read error: -22 [ 629.680342][ T9488] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 629.684065][ T9488] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 629.694235][ T9488] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 629.697862][ T9488] dw2102: su3000_power_ctrl: 1, initialized 0 [ 629.700588][ T9488] dvb-usb: bulk message failed: -22 (2/0) [ 629.707913][ T9488] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 629.712670][ T9488] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 629.716321][ T9488] usb 10-1: media controller created [ 629.718829][ T9488] dvb-usb: bulk message failed: -22 (6/0) [ 629.721215][ T9488] dw2102: i2c transfer failed. [ 629.723524][ T9488] dvb-usb: bulk message failed: -22 (6/0) [ 629.726370][ T9488] dw2102: i2c transfer failed. [ 629.729027][ T9488] dvb-usb: bulk message failed: -22 (6/0) [ 629.731457][ T9488] dw2102: i2c transfer failed. [ 629.733496][ T9488] dvb-usb: bulk message failed: -22 (6/0) [ 629.735973][ T9488] dw2102: i2c transfer failed. [ 629.738051][ T9488] dvb-usb: bulk message failed: -22 (6/0) [ 629.740559][ T9488] dw2102: i2c transfer failed. [ 629.742650][ T9488] dvb-usb: bulk message failed: -22 (6/0) [ 629.745070][ T9488] dw2102: i2c transfer failed. [ 629.747783][ T9488] dvb-usb: MAC address: 02:02:02:02:02:02 [ 629.760354][ T9488] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 629.776490][ T9488] dvb-usb: bulk message failed: -22 (3/0) [ 629.779277][ T9488] dw2102: command 0x0e transfer failed. [ 629.781907][ T9488] dvb-usb: bulk message failed: -22 (3/0) [ 629.784632][ T9488] dw2102: command 0x0e transfer failed. [ 630.115729][ T9488] dvb-usb: bulk message failed: -22 (3/0) [ 630.117619][ T9488] dw2102: command 0x0e transfer failed. [ 630.119554][ T9488] dvb-usb: bulk message failed: -22 (3/0) [ 630.121607][ T9488] dw2102: command 0x0e transfer failed. [ 630.123427][ T9488] dvb-usb: bulk message failed: -22 (1/0) [ 630.125854][ T9488] dw2102: command 0x51 transfer failed. [ 630.148039][ T9488] DVB: Unable to find symbol ds3000_attach() [ 630.150436][ T9488] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 630.209748][ T9488] rc_core: IR keymap rc-su3000 not found [ 630.212221][ T9488] Registered IR keymap rc-empty [ 630.217083][ T9488] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0 [ 630.224187][ T9488] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0/input100 [ 630.229509][ T9488] dvb-usb: schedule remote query interval to 150 msecs. [ 630.232002][ T9488] dw2102: su3000_power_ctrl: 0, initialized 1 [ 630.234110][ T9488] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 630.239597][ T9488] usb 10-1: USB disconnect, device number 69 [ 630.373653][ T9488] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 631.480297][T25898] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 631.624404][ T40] kauditd_printk_skb: 143 callbacks suppressed [ 631.624421][ T40] audit: type=1400 audit(2000524670.747:35521): avc: denied { create } for pid=25932 comm="syz.5.6085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 631.635273][ T40] audit: type=1400 audit(2000524670.747:35522): avc: denied { setopt } for pid=25932 comm="syz.5.6085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 631.646957][ T40] audit: type=1400 audit(2000524670.747:35523): avc: denied { bind } for pid=25932 comm="syz.5.6085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 631.654474][ T40] audit: type=1400 audit(2000524670.747:35524): avc: denied { node_bind } for pid=25932 comm="syz.5.6085" saddr=255.255.255.255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 631.662369][ T40] audit: type=1400 audit(2000524670.747:35525): avc: denied { name_bind } for pid=25932 comm="syz.5.6085" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 631.669150][ T40] audit: type=1400 audit(2000524670.747:35526): avc: denied { ioctl } for pid=25932 comm="syz.5.6085" path="socket:[129302]" dev="sockfs" ino=129302 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 631.679327][ T40] audit: type=1400 audit(2000524670.747:35527): avc: denied { connect } for pid=25932 comm="syz.5.6085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 631.686800][ T40] audit: type=1400 audit(2000524670.747:35528): avc: denied { write } for pid=25932 comm="syz.5.6085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 631.720071][ T40] audit: type=1400 audit(2000524670.841:35529): avc: denied { write } for pid=25949 comm="syz.8.6093" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 631.737682][ T40] audit: type=1400 audit(2000524670.850:35530): avc: denied { create } for pid=25951 comm="syz.4.6088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 631.738870][T25953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 631.750019][T25953] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 631.823862][ T5996] usb 12-1: new high-speed USB device number 56 using dummy_hcd [ 631.830848][T25960] FAULT_INJECTION: forcing a failure. [ 631.830848][T25960] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 631.836830][T25960] CPU: 1 UID: 0 PID: 25960 Comm: syz.8.6095 Tainted: G L syzkaller #0 PREEMPT(full) [ 631.836864][T25960] Tainted: [L]=SOFTLOCKUP [ 631.836869][T25960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 631.836876][T25960] Call Trace: [ 631.836882][T25960] [ 631.836888][T25960] dump_stack_lvl+0x100/0x190 [ 631.836910][T25960] should_fail_ex.cold+0x5/0xa [ 631.836929][T25960] _copy_from_user+0x2e/0xd0 [ 631.836952][T25960] input_event_from_user+0x123/0x310 [ 631.836967][T25960] ? __pfx_input_event_from_user+0x10/0x10 [ 631.836980][T25960] ? __pfx___might_resched+0x10/0x10 [ 631.836998][T25960] ? input_inject_event+0x1a6/0x390 [ 631.837013][T25960] evdev_write+0x342/0x610 [ 631.837029][T25960] ? __pfx_evdev_write+0x10/0x10 [ 631.837043][T25960] ? bpf_lsm_file_permission+0x9/0x10 [ 631.837062][T25960] ? security_file_permission+0x76/0x210 [ 631.837080][T25960] ? rw_verify_area+0xce/0x6d0 [ 631.837099][T25960] vfs_write+0x2aa/0x1070 [ 631.837116][T25960] ? __pfx_evdev_write+0x10/0x10 [ 631.837129][T25960] ? __pfx_vfs_write+0x10/0x10 [ 631.837145][T25960] ? find_held_lock+0x2b/0x80 [ 631.837162][T25960] ? __fget_files+0x215/0x3d0 [ 631.837173][T25960] ? __fget_files+0x215/0x3d0 [ 631.837186][T25960] ? __fget_files+0x21f/0x3d0 [ 631.837206][T25960] ksys_write+0x1f8/0x250 [ 631.837223][T25960] ? __pfx_ksys_write+0x10/0x10 [ 631.837241][T25960] ? rcu_is_watching+0x12/0xc0 [ 631.837261][T25960] do_syscall_64+0x10b/0xf80 [ 631.837273][T25960] ? clear_bhb_loop+0x40/0x90 [ 631.837287][T25960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.837299][T25960] RIP: 0033:0x7fa67239c819 [ 631.837311][T25960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 631.837322][T25960] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 631.837335][T25960] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 631.837342][T25960] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 631.837350][T25960] RBP: 00007fa673327090 R08: 0000000000000000 R09: 0000000000000000 [ 631.837358][T25960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 631.837367][T25960] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 631.837388][T25960] [ 631.987305][T25962] netlink: 'syz.8.6096': attribute type 11 has an invalid length. [ 631.992384][T25962] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6096'. [ 632.005336][ T58] usb 9-1: new high-speed USB device number 79 using dummy_hcd [ 632.005360][ T5996] usb 12-1: Using ep0 maxpacket: 32 [ 632.012321][ T5996] usb 12-1: unable to get BOS descriptor or descriptor too short [ 632.015832][ T5996] usb 12-1: config 8 has an invalid interface number: 188 but max is 0 [ 632.018605][ T5996] usb 12-1: config 8 has no interface number 0 [ 632.020835][ T5996] usb 12-1: config 8 interface 188 has no altsetting 0 [ 632.027831][ T5996] usb 12-1: string descriptor 0 read error: -22 [ 632.030065][ T5996] usb 12-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 632.033340][ T5996] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.043566][ T5996] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 632.050084][ T5996] dw2102: su3000_power_ctrl: 1, initialized 0 [ 632.052095][ T5996] dvb-usb: bulk message failed: -22 (2/0) [ 632.068645][ T5996] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 632.072514][ T5996] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 632.075446][ T5996] usb 12-1: media controller created [ 632.077201][ T5996] dvb-usb: bulk message failed: -22 (6/0) [ 632.079226][ T5996] dw2102: i2c transfer failed. [ 632.081373][ T5996] dvb-usb: bulk message failed: -22 (6/0) [ 632.083737][ T5996] dw2102: i2c transfer failed. [ 632.085530][ T5996] dvb-usb: bulk message failed: -22 (6/0) [ 632.087519][ T5996] dw2102: i2c transfer failed. [ 632.089045][ T5996] dvb-usb: bulk message failed: -22 (6/0) [ 632.093157][ T5996] dw2102: i2c transfer failed. [ 632.094707][ T5996] dvb-usb: bulk message failed: -22 (6/0) [ 632.096541][ T5996] dw2102: i2c transfer failed. [ 632.098173][ T5996] dvb-usb: bulk message failed: -22 (6/0) [ 632.100023][ T5996] dw2102: i2c transfer failed. [ 632.101677][ T5996] dvb-usb: MAC address: 02:02:02:02:02:02 [ 632.109440][ T5996] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 632.127324][ T5996] dvb-usb: bulk message failed: -22 (3/0) [ 632.129247][ T5996] dw2102: command 0x0e transfer failed. [ 632.134920][ T5996] dvb-usb: bulk message failed: -22 (3/0) [ 632.136817][ T5996] dw2102: command 0x0e transfer failed. [ 632.147834][ T12] nci: nci_rx_work: unknown MT 0x7 [ 632.180086][ T58] usb 9-1: Using ep0 maxpacket: 8 [ 632.184889][ T58] usb 9-1: config 179 has an invalid interface number: 65 but max is 0 [ 632.189856][ T58] usb 9-1: config 179 has no interface number 0 [ 632.193236][ T58] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 632.198065][ T58] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 632.201860][ T58] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 632.205444][ T58] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 632.209790][ T58] usb 9-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 632.214663][ T58] usb 9-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 632.217640][ T58] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 632.222520][T25952] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 632.447565][ T9488] usb 9-1: USB disconnect, device number 79 [ 632.447589][ C3] xpad 9-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 632.475806][ T5996] dvb-usb: bulk message failed: -22 (3/0) [ 632.478857][ T5996] dw2102: command 0x0e transfer failed. [ 632.482160][ T5996] dvb-usb: bulk message failed: -22 (3/0) [ 632.484922][ T5996] dw2102: command 0x0e transfer failed. [ 632.489057][ T5996] dvb-usb: bulk message failed: -22 (1/0) [ 632.491238][ T5996] dw2102: command 0x51 transfer failed. [ 632.512174][ T5996] DVB: Unable to find symbol ds3000_attach() [ 632.514224][ T5996] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 632.571937][ T5996] rc_core: IR keymap rc-su3000 not found [ 632.574164][ T5996] Registered IR keymap rc-empty [ 632.576889][ T5996] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.7/usb12/12-1/rc/rc0 [ 632.586862][ T5996] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.7/usb12/12-1/rc/rc0/input101 [ 632.595048][ T5996] dvb-usb: schedule remote query interval to 150 msecs. [ 632.599045][ T5996] dw2102: su3000_power_ctrl: 0, initialized 1 [ 632.601509][ T5996] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 632.612672][ T5996] usb 12-1: USB disconnect, device number 56 [ 632.757218][ T5996] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 632.828483][ T58] usb 10-1: new high-speed USB device number 70 using dummy_hcd [ 633.011465][ T58] usb 10-1: Using ep0 maxpacket: 32 [ 633.021902][ T58] usb 10-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 633.028626][ T58] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 633.032923][ T58] usb 10-1: Product: syz [ 633.035187][ T58] usb 10-1: Manufacturer: syz [ 633.037268][ T58] usb 10-1: SerialNumber: syz [ 633.041199][ T58] usb 10-1: config 0 descriptor?? [ 633.047532][ T58] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 633.051360][ T58] dvb-usb: bulk message failed: -22 (4/0) [ 633.054306][ T58] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 633.058914][ T58] dvb-usb: bulk message failed: -22 (5/0) [ 633.061642][ T58] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 633.069922][ T58] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 633.075664][ T58] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 633.079496][ T58] usb 10-1: media controller created [ 633.093621][ T58] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 633.107453][ T58] usb 10-1: selecting invalid altsetting 3 [ 633.110174][ T58] ttusb2: set interface to alts=3 failed [ 633.118608][T25995] FAULT_INJECTION: forcing a failure. [ 633.118608][T25995] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 633.123946][T25995] CPU: 2 UID: 0 PID: 25995 Comm: syz.4.6107 Tainted: G L syzkaller #0 PREEMPT(full) [ 633.123986][T25995] Tainted: [L]=SOFTLOCKUP [ 633.123995][T25995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 633.124009][T25995] Call Trace: [ 633.124018][T25995] [ 633.124027][T25995] dump_stack_lvl+0x100/0x190 [ 633.124061][T25995] should_fail_ex.cold+0x5/0xa [ 633.124093][T25995] _copy_from_user+0x2e/0xd0 [ 633.124126][T25995] input_event_from_user+0x123/0x310 [ 633.124151][T25995] ? __pfx_input_event_from_user+0x10/0x10 [ 633.124173][T25995] ? __pfx___might_resched+0x10/0x10 [ 633.124204][T25995] ? input_inject_event+0x1a6/0x390 [ 633.124229][T25995] evdev_write+0x342/0x610 [ 633.124257][T25995] ? __pfx_evdev_write+0x10/0x10 [ 633.124301][T25995] ? bpf_lsm_file_permission+0x9/0x10 [ 633.124331][T25995] ? security_file_permission+0x76/0x210 [ 633.124362][T25995] ? rw_verify_area+0xce/0x6d0 [ 633.124392][T25995] vfs_write+0x2aa/0x1070 [ 633.124422][T25995] ? __pfx_evdev_write+0x10/0x10 [ 633.124447][T25995] ? __pfx_vfs_write+0x10/0x10 [ 633.124474][T25995] ? find_held_lock+0x2b/0x80 [ 633.124503][T25995] ? __fget_files+0x215/0x3d0 [ 633.124525][T25995] ? __fget_files+0x215/0x3d0 [ 633.124551][T25995] ? __fget_files+0x21f/0x3d0 [ 633.124578][T25995] ksys_write+0x1f8/0x250 [ 633.124605][T25995] ? __pfx_ksys_write+0x10/0x10 [ 633.124635][T25995] ? rcu_is_watching+0x12/0xc0 [ 633.124668][T25995] do_syscall_64+0x10b/0xf80 [ 633.124687][T25995] ? clear_bhb_loop+0x40/0x90 [ 633.124711][T25995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.124730][T25995] RIP: 0033:0x7f405799c819 [ 633.124748][T25995] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 633.124766][T25995] RSP: 002b:00007f40587f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 633.124786][T25995] RAX: ffffffffffffffda RBX: 00007f4057c16090 RCX: 00007f405799c819 [ 633.124799][T25995] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 633.124811][T25995] RBP: 00007f40587f4090 R08: 0000000000000000 R09: 0000000000000000 [ 633.124822][T25995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 633.124834][T25995] R13: 00007f4057c16128 R14: 00007f4057c16090 R15: 00007ffc2a002ad8 [ 633.124862][T25995] [ 633.140344][ T58] DVB: Unable to find symbol tda10086_attach() [ 633.218351][ T58] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 633.222039][ T58] dvb-usb: bulk message failed: -22 (4/0) [ 633.225463][ T58] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 633.229805][ T58] dvb-usb: bulk message failed: -22 (5/0) [ 633.232534][ T58] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 633.236713][ T58] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 633.265896][T25975] dvb-usb: bulk message failed: -22 (7/0) [ 633.281737][T25975] ttusb2: there might have been an error during control message transfer. (rlen = 3, was 0) [ 633.287990][T25975] ttusb2: i2c transfer failed. [ 634.810054][T26014] dlm: non-version read from control device 0 [ 634.814206][T26014] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 635.247882][T25964] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 635.256005][ T58] usb 10-1: USB disconnect, device number 70 [ 635.276402][ T58] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 635.871713][T26037] overlay: Unknown parameter 'dont_hash' [ 635.956848][T26040] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 635.960068][T26040] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 635.963542][T26040] overlayfs: fs on '.' does not support file handles, falling back to xino=off. [ 636.002693][T26043] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6122'. [ 636.005699][T26043] openvswitch: netlink: Flow key attr not present in new flow. [ 636.013793][T26043] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6122'. [ 636.198984][T26045] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 6410, magic 64 != 6b] [ 636.257394][ T12] nci: nci_rx_work: unknown MT 0x7 [ 636.345477][T26061] tmpfs: Bad value for 'mpol' [ 636.721518][T26075] FAULT_INJECTION: forcing a failure. [ 636.721518][T26075] name failslab, interval 1, probability 0, space 0, times 0 [ 636.727099][T26075] CPU: 3 UID: 0 PID: 26075 Comm: syz.7.6131 Tainted: G L syzkaller #0 PREEMPT(full) [ 636.727132][T26075] Tainted: [L]=SOFTLOCKUP [ 636.727139][T26075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 636.727156][T26075] Call Trace: [ 636.727166][T26075] [ 636.727175][T26075] dump_stack_lvl+0x100/0x190 [ 636.727206][T26075] should_fail_ex.cold+0x5/0xa [ 636.727253][T26075] should_failslab+0xc2/0x120 [ 636.727288][T26075] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 636.727316][T26075] ? __d_alloc+0x34/0xa80 [ 636.727338][T26075] ? __pfx_map_id_range_up+0x10/0x10 [ 636.727361][T26075] ? cred_has_capability.isra.0+0x186/0x300 [ 636.727394][T26075] __d_alloc+0x34/0xa80 [ 636.727419][T26075] d_alloc_parallel+0x111/0x14e0 [ 636.727458][T26075] ? __pfx_d_alloc_parallel+0x10/0x10 [ 636.727489][T26075] ? lockdep_init_map_type+0x5c/0x250 [ 636.727514][T26075] ? lockdep_init_map_type+0x5c/0x250 [ 636.727542][T26075] __lookup_slow+0x193/0x460 [ 636.727570][T26075] ? __pfx___lookup_slow+0x10/0x10 [ 636.727616][T26075] lookup_slow+0x50/0x70 [ 636.727640][T26075] path_lookupat+0x5e8/0xc40 [ 636.727668][T26075] ? __lock_acquire+0x4a5/0x2630 [ 636.727692][T26075] filename_lookup+0x202/0x590 [ 636.727720][T26075] ? kasan_save_track+0x14/0x30 [ 636.727750][T26075] ? __pfx_filename_lookup+0x10/0x10 [ 636.727808][T26075] filename_linkat+0x145/0x640 [ 636.727834][T26075] ? __pfx_filename_linkat+0x10/0x10 [ 636.727856][T26075] ? do_getname+0x2ec/0x390 [ 636.727876][T26075] ? kmem_cache_free+0x127/0x6c0 [ 636.727904][T26075] ? do_getname+0x191/0x390 [ 636.727929][T26075] __x64_sys_linkat+0xf6/0x150 [ 636.727951][T26075] do_syscall_64+0x10b/0xf80 [ 636.727967][T26075] ? clear_bhb_loop+0x40/0x90 [ 636.727990][T26075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.728007][T26075] RIP: 0033:0x7f781539c819 [ 636.728022][T26075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 636.728038][T26075] RSP: 002b:00007f78162d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 636.728051][T26075] RAX: ffffffffffffffda RBX: 00007f7815615fa0 RCX: 00007f781539c819 [ 636.728059][T26075] RDX: ffffffffffffff9c RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 636.728066][T26075] RBP: 00007f78162d8090 R08: 0000000000001000 R09: 0000000000000000 [ 636.728075][T26075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 636.728085][T26075] R13: 00007f7815616038 R14: 00007f7815615fa0 R15: 00007ffd737a2548 [ 636.728106][T26075] [ 636.976375][ T40] kauditd_printk_skb: 125 callbacks suppressed [ 636.976392][ T40] audit: type=1400 audit(2000524675.762:35656): avc: denied { map_create } for pid=26083 comm="syz.7.6134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 636.984948][ T40] audit: type=1400 audit(2000524675.762:35657): avc: denied { write } for pid=26083 comm="syz.7.6134" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 636.992906][ T40] audit: type=1400 audit(2000524675.762:35658): avc: denied { open } for pid=26083 comm="syz.7.6134" path="/295/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 637.001463][ T40] audit: type=1400 audit(2000524675.762:35659): avc: denied { ioctl } for pid=26083 comm="syz.7.6134" path="/295/file0/file0" dev="fuse" ino=64 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 637.034785][ T40] audit: type=1400 audit(2000524675.809:35660): avc: denied { read } for pid=26087 comm="syz.7.6135" dev="nsfs" ino=4026533942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 637.047317][ T40] audit: type=1400 audit(2000524675.809:35661): avc: denied { open } for pid=26087 comm="syz.7.6135" path="net:[4026533942]" dev="nsfs" ino=4026533942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 637.057500][ T40] audit: type=1400 audit(2000524675.809:35662): avc: denied { module_request } for pid=26087 comm="syz.7.6135" kmod="netdev-wpan4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 639.351221][T26047] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 639.401883][ T40] audit: type=1400 audit(2000524678.027:35663): avc: denied { perfmon } for pid=26095 comm="syz.7.6136" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 639.440078][ T40] audit: type=1400 audit(2000524678.064:35664): avc: denied { recv } for pid=24568 comm="ipvs-e:63:0" saddr=127.0.0.1 src=47540 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 639.447043][T26102] fuse: Unknown parameter '000000000000000000040x0000000000000003' [ 639.504483][ T40] audit: type=1400 audit(2000524678.120:35665): avc: denied { ioctl } for pid=26105 comm="syz.4.6142" path="/dev/radio7" dev="devtmpfs" ino=1020 ioctlcmd=0x561b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 639.627037][T26115] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.6137'. [ 639.634779][T26115] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6137'. [ 639.642510][T26118] pimreg9: entered allmulticast mode [ 639.680828][T26122] netlink: 4436 bytes leftover after parsing attributes in process `syz.7.6147'. [ 639.684347][T26122] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096 [ 640.046842][ T9545] nci: nci_rsp_packet: unknown rsp opcode 0x3f [ 640.387571][T26134] FAULT_INJECTION: forcing a failure. [ 640.387571][T26134] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 640.393059][T26134] CPU: 3 UID: 0 PID: 26134 Comm: syz.5.6149 Tainted: G L syzkaller #0 PREEMPT(full) [ 640.393090][T26134] Tainted: [L]=SOFTLOCKUP [ 640.393097][T26134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 640.393108][T26134] Call Trace: [ 640.393116][T26134] [ 640.393123][T26134] dump_stack_lvl+0x100/0x190 [ 640.393152][T26134] should_fail_ex.cold+0x5/0xa [ 640.393183][T26134] _copy_to_user+0x32/0xd0 [ 640.393213][T26134] simple_read_from_buffer+0xcb/0x170 [ 640.393244][T26134] proc_fail_nth_read+0x1af/0x230 [ 640.393273][T26134] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 640.393298][T26134] ? rw_verify_area+0xce/0x6d0 [ 640.393321][T26134] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 640.393343][T26134] vfs_read+0x1e4/0xb30 [ 640.393371][T26134] ? __pfx_vfs_read+0x10/0x10 [ 640.393393][T26134] ? __fget_files+0x215/0x3d0 [ 640.393417][T26134] ? __fget_files+0x21f/0x3d0 [ 640.393440][T26134] ksys_read+0x12a/0x250 [ 640.393461][T26134] ? __pfx_ksys_read+0x10/0x10 [ 640.393485][T26134] ? rcu_is_watching+0x12/0xc0 [ 640.393512][T26134] do_syscall_64+0x10b/0xf80 [ 640.393564][T26134] ? clear_bhb_loop+0x40/0x90 [ 640.393589][T26134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.393608][T26134] RIP: 0033:0x7f8a8415d04e [ 640.393624][T26134] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 640.393642][T26134] RSP: 002b:00007f8a84f94fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 640.393660][T26134] RAX: ffffffffffffffda RBX: 00007f8a84f956c0 RCX: 00007f8a8415d04e [ 640.393672][T26134] RDX: 000000000000000f RSI: 00007f8a84f950a0 RDI: 0000000000000004 [ 640.393683][T26134] RBP: 00007f8a84f95090 R08: 0000000000000000 R09: 0000000000000000 [ 640.393694][T26134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 640.393729][T26134] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 640.393756][T26134] [ 640.681348][T26152] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6154'. [ 640.698011][T26152] bridge1: port 1(erspan0) entered blocking state [ 640.701227][T26152] bridge1: port 1(erspan0) entered disabled state [ 640.704250][T26152] erspan0: entered allmulticast mode [ 640.708073][T26152] erspan0: entered promiscuous mode [ 640.728223][T26152] bridge1: port 2(bond1) entered blocking state [ 640.731012][T26152] bridge1: port 2(bond1) entered disabled state [ 640.733957][T26152] bond1: entered allmulticast mode [ 640.737509][T26152] bond1: entered promiscuous mode [ 640.752229][T26156] FAULT_INJECTION: forcing a failure. [ 640.752229][T26156] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 640.758048][T26156] CPU: 3 UID: 0 PID: 26156 Comm: syz.4.6156 Tainted: G L syzkaller #0 PREEMPT(full) [ 640.758097][T26156] Tainted: [L]=SOFTLOCKUP [ 640.758105][T26156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 640.758116][T26156] Call Trace: [ 640.758127][T26156] [ 640.758149][T26156] dump_stack_lvl+0x100/0x190 [ 640.758184][T26156] should_fail_ex.cold+0x5/0xa [ 640.758213][T26156] _copy_from_user+0x2e/0xd0 [ 640.758245][T26156] input_event_from_user+0x123/0x310 [ 640.758269][T26156] ? __pfx_input_event_from_user+0x10/0x10 [ 640.758290][T26156] ? __pfx___might_resched+0x10/0x10 [ 640.758318][T26156] ? input_inject_event+0x1a6/0x390 [ 640.758342][T26156] evdev_write+0x342/0x610 [ 640.758369][T26156] ? __pfx_evdev_write+0x10/0x10 [ 640.758391][T26156] ? bpf_lsm_file_permission+0x9/0x10 [ 640.758418][T26156] ? security_file_permission+0x76/0x210 [ 640.758445][T26156] ? rw_verify_area+0xce/0x6d0 [ 640.758473][T26156] vfs_write+0x2aa/0x1070 [ 640.758500][T26156] ? __pfx_evdev_write+0x10/0x10 [ 640.758522][T26156] ? __pfx_vfs_write+0x10/0x10 [ 640.758545][T26156] ? find_held_lock+0x2b/0x80 [ 640.758573][T26156] ? __fget_files+0x215/0x3d0 [ 640.758592][T26156] ? __fget_files+0x215/0x3d0 [ 640.758614][T26156] ? __fget_files+0x21f/0x3d0 [ 640.758639][T26156] ksys_write+0x1f8/0x250 [ 640.758665][T26156] ? __pfx_ksys_write+0x10/0x10 [ 640.758694][T26156] ? rcu_is_watching+0x12/0xc0 [ 640.758725][T26156] do_syscall_64+0x10b/0xf80 [ 640.758744][T26156] ? clear_bhb_loop+0x40/0x90 [ 640.758767][T26156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.758787][T26156] RIP: 0033:0x7f405799c819 [ 640.758805][T26156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 640.758824][T26156] RSP: 002b:00007f40587f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 640.758849][T26156] RAX: ffffffffffffffda RBX: 00007f4057c16090 RCX: 00007f405799c819 [ 640.758861][T26156] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 640.758872][T26156] RBP: 00007f40587f4090 R08: 0000000000000000 R09: 0000000000000000 [ 640.758883][T26156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 640.758894][T26156] R13: 00007f4057c16128 R14: 00007f4057c16090 R15: 00007ffc2a002ad8 [ 640.758922][T26156] [ 641.224612][T26159] fuse: Bad value for 'user_id' [ 641.226831][T26159] fuse: Bad value for 'user_id' [ 642.262730][T26170] sp0: Synchronizing with TNC [ 643.155810][T26127] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 643.218442][ T40] kauditd_printk_skb: 84 callbacks suppressed [ 643.218455][ T40] audit: type=1400 audit(2000524681.601:35750): avc: denied { create } for pid=26171 comm="syz.4.6162" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 643.245864][ T40] audit: type=1400 audit(2000524681.620:35751): avc: denied { unlink } for pid=26175 comm="syz.5.6164" name="#112" dev="tmpfs" ino=643 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 643.260338][ T40] audit: type=1400 audit(2000524681.620:35752): avc: denied { read } for pid=26171 comm="syz.4.6162" name="file0" dev="tmpfs" ino=3334 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 643.278641][T26174] FAULT_INJECTION: forcing a failure. [ 643.278641][T26174] name failslab, interval 1, probability 0, space 0, times 0 [ 643.298260][T26174] CPU: 3 UID: 0 PID: 26174 Comm: syz.8.6161 Tainted: G L syzkaller #0 PREEMPT(full) [ 643.298282][T26174] Tainted: [L]=SOFTLOCKUP [ 643.298287][T26174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 643.298294][T26174] Call Trace: [ 643.298299][T26174] [ 643.298304][T26174] dump_stack_lvl+0x100/0x190 [ 643.298329][T26174] should_fail_ex.cold+0x5/0xa [ 643.298346][T26174] should_failslab+0xc2/0x120 [ 643.298370][T26174] __kmalloc_cache_noprof+0x7a/0x6f0 [ 643.298384][T26174] ? inode_doinit_use_xattr+0x54/0x330 [ 643.298397][T26174] ? find_held_lock+0x2b/0x80 [ 643.298417][T26174] inode_doinit_use_xattr+0x54/0x330 [ 643.298431][T26174] inode_doinit_with_dentry+0xb60/0x1320 [ 643.298450][T26174] ? __pfx_inode_doinit_with_dentry+0x10/0x10 [ 643.298470][T26174] selinux_d_instantiate+0x26/0x40 [ 643.298484][T26174] security_d_instantiate+0x14c/0x1b0 [ 643.298503][T26174] d_splice_alias_ops+0xd7/0x1320 [ 643.298522][T26174] ? kasan_quarantine_put+0x104/0x240 [ 643.298537][T26174] ? lockdep_hardirqs_on+0x78/0x100 [ 643.298549][T26174] ? __pfx_d_splice_alias_ops+0x10/0x10 [ 643.298566][T26174] ? rcu_is_watching+0x12/0xc0 [ 643.298582][T26174] ? ovl_lookup+0x58f/0x6b0 [ 643.298599][T26174] ? kfree+0x1dd/0x6c0 [ 643.298613][T26174] ovl_lookup+0x5b0/0x6b0 [ 643.298629][T26174] ? __pfx_ovl_lookup+0x10/0x10 [ 643.298651][T26174] ? lockdep_init_map_type+0x5c/0x250 [ 643.298668][T26174] __lookup_slow+0x251/0x460 [ 643.298684][T26174] ? __pfx___lookup_slow+0x10/0x10 [ 643.298711][T26174] lookup_slow+0x50/0x70 [ 643.298725][T26174] path_lookupat+0x5e8/0xc40 [ 643.298742][T26174] ? __lock_acquire+0x4a5/0x2630 [ 643.298757][T26174] filename_lookup+0x202/0x590 [ 643.298774][T26174] ? kasan_save_track+0x14/0x30 [ 643.298792][T26174] ? __pfx_filename_lookup+0x10/0x10 [ 643.298825][T26174] filename_linkat+0x145/0x640 [ 643.298841][T26174] ? __pfx_filename_linkat+0x10/0x10 [ 643.298855][T26174] ? do_getname+0x2ec/0x390 [ 643.298867][T26174] ? kmem_cache_free+0x127/0x6c0 [ 643.298884][T26174] ? do_getname+0x191/0x390 [ 643.298899][T26174] __x64_sys_linkat+0xf6/0x150 [ 643.298913][T26174] do_syscall_64+0x10b/0xf80 [ 643.298924][T26174] ? clear_bhb_loop+0x40/0x90 [ 643.298938][T26174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.298949][T26174] RIP: 0033:0x7fa67239c819 [ 643.298961][T26174] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.298972][T26174] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 643.298984][T26174] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 643.298991][T26174] RDX: ffffffffffffff9c RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 643.298998][T26174] RBP: 00007fa673327090 R08: 0000000000001000 R09: 0000000000000000 [ 643.299005][T26174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 643.299011][T26174] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 643.299026][T26174] [ 643.463299][ T40] audit: type=1400 audit(2000524681.826:35753): avc: denied { recv } for pid=1250 comm="kworker/u32:10" saddr=127.0.0.1 src=47540 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 643.493071][ T40] audit: type=1400 audit(2000524681.854:35754): avc: denied { unlink } for pid=18750 comm="syz-executor" name="file0" dev="tmpfs" ino=3334 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 643.506050][ T40] audit: type=1400 audit(2000524681.872:35755): avc: denied { mount } for pid=26181 comm="syz.8.6166" name="/" dev="overlay" ino=809 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 643.515113][ T40] audit: type=1400 audit(2000524681.872:35756): avc: denied { create } for pid=26181 comm="syz.8.6166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 643.524615][ T40] audit: type=1400 audit(2000524681.872:35757): avc: denied { write } for pid=26181 comm="syz.8.6166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 643.542009][ T40] audit: type=1400 audit(2000524681.872:35758): avc: denied { remount } for pid=26181 comm="syz.8.6166" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 643.551207][ T40] audit: type=1400 audit(2000524681.882:35759): avc: denied { read write } for pid=26186 comm="syz.4.6167" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 643.556889][T26192] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6169'. [ 643.738206][T16620] nci: nci_rsp_packet: unknown rsp opcode 0x3f [ 643.984568][T26211] FAULT_INJECTION: forcing a failure. [ 643.984568][T26211] name failslab, interval 1, probability 0, space 0, times 0 [ 643.993350][T26211] CPU: 3 UID: 0 PID: 26211 Comm: syz.5.6174 Tainted: G L syzkaller #0 PREEMPT(full) [ 643.993383][T26211] Tainted: [L]=SOFTLOCKUP [ 643.993391][T26211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 643.993403][T26211] Call Trace: [ 643.993412][T26211] [ 643.993420][T26211] dump_stack_lvl+0x100/0x190 [ 643.993451][T26211] should_fail_ex.cold+0x5/0xa [ 643.993480][T26211] should_failslab+0xc2/0x120 [ 643.993543][T26211] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 643.993573][T26211] ? sidtab_sid2str_get+0x17a/0x670 [ 643.993608][T26211] kmemdup_noprof+0x29/0x60 [ 643.993637][T26211] sidtab_sid2str_get+0x17a/0x670 [ 643.993667][T26211] security_sid_to_context_core+0x35a/0x6d0 [ 643.993721][T26211] selinux_inode_getsecurity+0x292/0x330 [ 643.993749][T26211] ? __pfx_selinux_inode_getsecurity+0x10/0x10 [ 643.993778][T26211] ? find_held_lock+0x2b/0x80 [ 643.993813][T26211] security_inode_getsecurity+0x12f/0x2f0 [ 643.993848][T26211] vfs_getxattr+0x1b6/0x2a0 [ 643.993871][T26211] ? __pfx_vfs_getxattr+0x10/0x10 [ 643.993898][T26211] ovl_xattr_get+0xf4/0x190 [ 643.993925][T26211] ? __pfx_ovl_xattr_get+0x10/0x10 [ 643.993947][T26211] ? xattr_resolve_name+0x27d/0x3f0 [ 643.993969][T26211] ? __pfx_ovl_other_xattr_get+0x10/0x10 [ 643.993992][T26211] __vfs_getxattr+0x13d/0x1a0 [ 643.994012][T26211] ? __pfx___vfs_getxattr+0x10/0x10 [ 643.994039][T26211] inode_doinit_use_xattr+0xb5/0x330 [ 643.994063][T26211] inode_doinit_with_dentry+0xb60/0x1320 [ 643.994094][T26211] ? __pfx_inode_doinit_with_dentry+0x10/0x10 [ 643.994127][T26211] selinux_d_instantiate+0x26/0x40 [ 643.994152][T26211] security_d_instantiate+0x14c/0x1b0 [ 643.994182][T26211] d_splice_alias_ops+0xd7/0x1320 [ 643.994230][T26211] ? kasan_quarantine_put+0x104/0x240 [ 643.994258][T26211] ? lockdep_hardirqs_on+0x78/0x100 [ 643.994278][T26211] ? __pfx_d_splice_alias_ops+0x10/0x10 [ 643.994306][T26211] ? rcu_is_watching+0x12/0xc0 [ 643.994333][T26211] ? ovl_lookup+0x58f/0x6b0 [ 643.994355][T26211] ? kfree+0x1dd/0x6c0 [ 643.994381][T26211] ovl_lookup+0x5b0/0x6b0 [ 643.994408][T26211] ? __pfx_ovl_lookup+0x10/0x10 [ 643.994449][T26211] ? lockdep_init_map_type+0x5c/0x250 [ 643.994478][T26211] __lookup_slow+0x251/0x460 [ 643.994504][T26211] ? __pfx___lookup_slow+0x10/0x10 [ 643.994552][T26211] lookup_slow+0x50/0x70 [ 643.994577][T26211] path_lookupat+0x5e8/0xc40 [ 643.994604][T26211] ? __lock_acquire+0x4a5/0x2630 [ 643.994629][T26211] filename_lookup+0x202/0x590 [ 643.994657][T26211] ? kasan_save_track+0x14/0x30 [ 643.994687][T26211] ? __pfx_filename_lookup+0x10/0x10 [ 643.994748][T26211] filename_linkat+0x145/0x640 [ 643.994775][T26211] ? __pfx_filename_linkat+0x10/0x10 [ 643.994797][T26211] ? do_getname+0x2ec/0x390 [ 643.994818][T26211] ? kmem_cache_free+0x127/0x6c0 [ 643.994852][T26211] ? do_getname+0x191/0x390 [ 643.994878][T26211] __x64_sys_linkat+0xf6/0x150 [ 643.994902][T26211] do_syscall_64+0x10b/0xf80 [ 643.994921][T26211] ? clear_bhb_loop+0x40/0x90 [ 643.994946][T26211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.994967][T26211] RIP: 0033:0x7f8a8419c819 [ 643.994986][T26211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.995004][T26211] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 643.995025][T26211] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 643.995038][T26211] RDX: ffffffffffffff9c RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 643.995050][T26211] RBP: 00007f8a84f95090 R08: 0000000000001000 R09: 0000000000000000 [ 643.995062][T26211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 643.995073][T26211] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 643.995101][T26211] [ 643.995282][T26211] SELinux: inode_doinit_use_xattr: getxattr returned 12 for dev=overlay ino=681 [ 644.502523][T26225] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.6180'. [ 644.563724][T26216] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 644.612208][T26233] FAULT_INJECTION: forcing a failure. [ 644.612208][T26233] name failslab, interval 1, probability 0, space 0, times 0 [ 644.617924][T26233] CPU: 0 UID: 0 PID: 26233 Comm: syz.5.6184 Tainted: G L syzkaller #0 PREEMPT(full) [ 644.617956][T26233] Tainted: [L]=SOFTLOCKUP [ 644.617963][T26233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 644.617973][T26233] Call Trace: [ 644.617980][T26233] [ 644.617988][T26233] dump_stack_lvl+0x100/0x190 [ 644.618018][T26233] should_fail_ex.cold+0x5/0xa [ 644.618045][T26233] should_failslab+0xc2/0x120 [ 644.618074][T26233] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 644.618100][T26233] ? security_context_to_sid_core+0xc5/0x870 [ 644.618131][T26233] kmemdup_nul+0x49/0xd0 [ 644.618159][T26233] security_context_to_sid_core+0xc5/0x870 [ 644.618186][T26233] ? __pfx_security_context_to_sid_core+0x10/0x10 [ 644.618225][T26233] inode_doinit_use_xattr+0x105/0x330 [ 644.618248][T26233] inode_doinit_with_dentry+0xb60/0x1320 [ 644.618277][T26233] ? __pfx_inode_doinit_with_dentry+0x10/0x10 [ 644.618308][T26233] selinux_d_instantiate+0x26/0x40 [ 644.618330][T26233] security_d_instantiate+0x14c/0x1b0 [ 644.618358][T26233] d_splice_alias_ops+0xd7/0x1320 [ 644.618387][T26233] ? kasan_quarantine_put+0x104/0x240 [ 644.618410][T26233] ? lockdep_hardirqs_on+0x78/0x100 [ 644.618429][T26233] ? __pfx_d_splice_alias_ops+0x10/0x10 [ 644.618455][T26233] ? rcu_is_watching+0x12/0xc0 [ 644.618480][T26233] ? ovl_lookup+0x58f/0x6b0 [ 644.618570][T26233] ? kfree+0x1dd/0x6c0 [ 644.618595][T26233] ovl_lookup+0x5b0/0x6b0 [ 644.618621][T26233] ? __pfx_ovl_lookup+0x10/0x10 [ 644.618658][T26233] ? lockdep_init_map_type+0x5c/0x250 [ 644.618686][T26233] __lookup_slow+0x251/0x460 [ 644.618712][T26233] ? __pfx___lookup_slow+0x10/0x10 [ 644.618758][T26233] lookup_slow+0x50/0x70 [ 644.618783][T26233] path_lookupat+0x5e8/0xc40 [ 644.618819][T26233] ? __lock_acquire+0x4a5/0x2630 [ 644.618846][T26233] filename_lookup+0x202/0x590 [ 644.618875][T26233] ? kasan_save_track+0x14/0x30 [ 644.618907][T26233] ? __pfx_filename_lookup+0x10/0x10 [ 644.618974][T26233] filename_linkat+0x145/0x640 [ 644.619003][T26233] ? __pfx_filename_linkat+0x10/0x10 [ 644.619027][T26233] ? do_getname+0x2ec/0x390 [ 644.619050][T26233] ? kmem_cache_free+0x127/0x6c0 [ 644.619080][T26233] ? do_getname+0x191/0x390 [ 644.619107][T26233] __x64_sys_linkat+0xf6/0x150 [ 644.619134][T26233] do_syscall_64+0x10b/0xf80 [ 644.619155][T26233] ? clear_bhb_loop+0x40/0x90 [ 644.619182][T26233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.619204][T26233] RIP: 0033:0x7f8a8419c819 [ 644.619224][T26233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 644.619245][T26233] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000109 [ 644.619268][T26233] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 644.619282][T26233] RDX: ffffffffffffff9c RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 644.619297][T26233] RBP: 00007f8a84f95090 R08: 0000000000001000 R09: 0000000000000000 [ 644.619309][T26233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 644.619321][T26233] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 644.619351][T26233] [ 644.619362][T26233] SELinux: inode_doinit_use_xattr: context_to_sid(root:object_r:user_tmpfs_t) returned 12 for dev=overlay ino=721 [ 644.666191][T26237] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6186'. [ 644.666855][T26238] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6186'. [ 644.865440][T26247] FAULT_INJECTION: forcing a failure. [ 644.865440][T26247] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 644.870952][T26247] CPU: 3 UID: 0 PID: 26247 Comm: syz.5.6189 Tainted: G L syzkaller #0 PREEMPT(full) [ 644.870982][T26247] Tainted: [L]=SOFTLOCKUP [ 644.870989][T26247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 644.870998][T26247] Call Trace: [ 644.871009][T26247] [ 644.871019][T26247] dump_stack_lvl+0x100/0x190 [ 644.871048][T26247] should_fail_ex.cold+0x5/0xa [ 644.871075][T26247] _copy_from_user+0x2e/0xd0 [ 644.871111][T26247] input_event_from_user+0x123/0x310 [ 644.871132][T26247] ? __pfx_input_event_from_user+0x10/0x10 [ 644.871150][T26247] ? __pfx___might_resched+0x10/0x10 [ 644.871176][T26247] ? input_inject_event+0x1a6/0x390 [ 644.871198][T26247] evdev_write+0x342/0x610 [ 644.871221][T26247] ? __pfx_evdev_write+0x10/0x10 [ 644.871241][T26247] ? bpf_lsm_file_permission+0x9/0x10 [ 644.871266][T26247] ? security_file_permission+0x76/0x210 [ 644.871290][T26247] ? rw_verify_area+0xce/0x6d0 [ 644.871317][T26247] vfs_write+0x2aa/0x1070 [ 644.871342][T26247] ? __pfx_evdev_write+0x10/0x10 [ 644.871364][T26247] ? __pfx_vfs_write+0x10/0x10 [ 644.871385][T26247] ? find_held_lock+0x2b/0x80 [ 644.871413][T26247] ? __fget_files+0x215/0x3d0 [ 644.871429][T26247] ? __fget_files+0x215/0x3d0 [ 644.871449][T26247] ? __fget_files+0x21f/0x3d0 [ 644.871473][T26247] ksys_write+0x1f8/0x250 [ 644.871499][T26247] ? __pfx_ksys_write+0x10/0x10 [ 644.871527][T26247] ? rcu_is_watching+0x12/0xc0 [ 644.871555][T26247] do_syscall_64+0x10b/0xf80 [ 644.871575][T26247] ? clear_bhb_loop+0x40/0x90 [ 644.871596][T26247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.871613][T26247] RIP: 0033:0x7f8a8419c819 [ 644.871629][T26247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 644.871645][T26247] RSP: 002b:00007f8a84f74028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 644.871663][T26247] RAX: ffffffffffffffda RBX: 00007f8a84416090 RCX: 00007f8a8419c819 [ 644.871674][T26247] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 644.871684][T26247] RBP: 00007f8a84f74090 R08: 0000000000000000 R09: 0000000000000000 [ 644.871694][T26247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 644.871704][T26247] R13: 00007f8a84416128 R14: 00007f8a84416090 R15: 00007ffedd4cc048 [ 644.871727][T26247] [ 646.845749][T26201] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 646.937933][T26263] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 646.967509][T26261] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 646.974427][T26261] block device autoloading is deprecated and will be removed. [ 646.982337][T26263] macsec1: entered promiscuous mode [ 646.984706][T26263] macsec1: entered allmulticast mode [ 647.232619][T26277] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6196'. [ 647.246018][T26272] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6196'. [ 647.266039][T26272] bond2: entered promiscuous mode [ 647.269134][T26272] 8021q: adding VLAN 0 to HW filter on device bond2 [ 647.274549][T26272] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6196'. [ 647.278458][T26272] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6196'. [ 647.281229][T26272] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6196'. [ 647.297683][T26272] bond2: (slave sit1): refused to change device type [ 647.458078][T26287] FAULT_INJECTION: forcing a failure. [ 647.458078][T26287] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 647.463199][T26287] CPU: 2 UID: 0 PID: 26287 Comm: syz.7.6200 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.463220][T26287] Tainted: [L]=SOFTLOCKUP [ 647.463224][T26287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 647.463232][T26287] Call Trace: [ 647.463237][T26287] [ 647.463241][T26287] dump_stack_lvl+0x100/0x190 [ 647.463263][T26287] should_fail_ex.cold+0x5/0xa [ 647.463281][T26287] _copy_from_user+0x2e/0xd0 [ 647.463299][T26287] input_event_from_user+0x123/0x310 [ 647.463313][T26287] ? __pfx_input_event_from_user+0x10/0x10 [ 647.463326][T26287] ? __pfx___might_resched+0x10/0x10 [ 647.463344][T26287] ? input_inject_event+0x1a6/0x390 [ 647.463358][T26287] evdev_write+0x342/0x610 [ 647.463374][T26287] ? __pfx_evdev_write+0x10/0x10 [ 647.463387][T26287] ? bpf_lsm_file_permission+0x9/0x10 [ 647.463404][T26287] ? security_file_permission+0x76/0x210 [ 647.463421][T26287] ? rw_verify_area+0xce/0x6d0 [ 647.463438][T26287] vfs_write+0x2aa/0x1070 [ 647.463456][T26287] ? __pfx_evdev_write+0x10/0x10 [ 647.463468][T26287] ? __pfx_vfs_write+0x10/0x10 [ 647.463484][T26287] ? find_held_lock+0x2b/0x80 [ 647.463502][T26287] ? __fget_files+0x215/0x3d0 [ 647.463513][T26287] ? __fget_files+0x215/0x3d0 [ 647.463526][T26287] ? __fget_files+0x21f/0x3d0 [ 647.463541][T26287] ksys_write+0x1f8/0x250 [ 647.463557][T26287] ? __pfx_ksys_write+0x10/0x10 [ 647.463575][T26287] ? rcu_is_watching+0x12/0xc0 [ 647.463594][T26287] do_syscall_64+0x10b/0xf80 [ 647.463606][T26287] ? clear_bhb_loop+0x40/0x90 [ 647.463621][T26287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.463632][T26287] RIP: 0033:0x7f781539c819 [ 647.463643][T26287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.463654][T26287] RSP: 002b:00007f78162d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 647.463666][T26287] RAX: ffffffffffffffda RBX: 00007f7815615fa0 RCX: 00007f781539c819 [ 647.463673][T26287] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 647.463680][T26287] RBP: 00007f78162d8090 R08: 0000000000000000 R09: 0000000000000000 [ 647.463687][T26287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 647.463694][T26287] R13: 00007f7815616038 R14: 00007f7815615fa0 R15: 00007ffd737a2548 [ 647.463708][T26287] [ 647.790364][T26301] nfs4: Bad value for 'source' [ 647.872550][T26311] sctp: [Deprecated]: syz.7.6209 (pid 26311) Use of int in maxseg socket option. [ 647.872550][T26311] Use struct sctp_assoc_value instead [ 648.587065][ T40] kauditd_printk_skb: 179 callbacks suppressed [ 648.587293][ T40] audit: type=1400 audit(2000524686.616:35939): avc: denied { write } for pid=26340 comm="syz.5.6219" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 648.620926][ T40] audit: type=1400 audit(2000524686.616:35940): avc: denied { checkpoint_restore } for pid=26340 comm="syz.5.6219" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 648.643041][ T40] audit: type=1400 audit(2000524686.616:35941): avc: denied { write } for pid=26340 comm="syz.5.6219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 648.667785][ T40] audit: type=1400 audit(2000524686.700:35942): avc: denied { read write } for pid=26353 comm="syz.7.6224" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 648.676285][ T40] audit: type=1400 audit(2000524686.700:35943): avc: denied { open } for pid=26353 comm="syz.7.6224" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 648.688001][ T40] audit: type=1400 audit(2000524686.700:35944): avc: denied { mounton } for pid=26353 comm="syz.7.6224" path="/327/file0" dev="tmpfs" ino=1934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 648.699053][ T40] audit: type=1400 audit(2000524686.700:35945): avc: denied { mount } for pid=26353 comm="syz.7.6224" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 648.742186][ T40] audit: type=1400 audit(2000524686.757:35946): avc: denied { read } for pid=26353 comm="syz.7.6224" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 648.762862][ T40] audit: type=1400 audit(2000524686.757:35947): avc: denied { open } for pid=26353 comm="syz.7.6224" path="/327/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 648.773058][ T40] audit: type=1400 audit(2000524686.766:35948): avc: denied { ioctl } for pid=26353 comm="syz.7.6224" path="/327/file0/file0" dev="fuse" ino=64 ioctlcmd=0x921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 648.804280][T26363] netlink: 'syz.8.6226': attribute type 2 has an invalid length. [ 648.869620][T26354] md: could not open device unknown-block(0,0). [ 648.872468][T26354] md: error, md_import_device() returned -6 [ 648.875654][T26367] netlink: 56 bytes leftover after parsing attributes in process `syz.5.6228'. [ 648.886346][T26367] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6228'. [ 648.975766][T26378] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6231'. [ 648.981090][T26378] openvswitch: netlink: Flow key attr not present in new flow. [ 648.991510][T26378] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6231'. [ 649.068911][T26385] FAULT_INJECTION: forcing a failure. [ 649.068911][T26385] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 649.083836][T26385] CPU: 1 UID: 0 PID: 26385 Comm: syz.8.6233 Tainted: G L syzkaller #0 PREEMPT(full) [ 649.083865][T26385] Tainted: [L]=SOFTLOCKUP [ 649.083871][T26385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 649.083880][T26385] Call Trace: [ 649.083887][T26385] [ 649.083894][T26385] dump_stack_lvl+0x100/0x190 [ 649.083921][T26385] should_fail_ex.cold+0x5/0xa [ 649.083945][T26385] _copy_from_user+0x2e/0xd0 [ 649.083971][T26385] input_event_from_user+0x123/0x310 [ 649.083990][T26385] ? __pfx_input_event_from_user+0x10/0x10 [ 649.084008][T26385] ? __pfx___might_resched+0x10/0x10 [ 649.084031][T26385] ? input_inject_event+0x1a6/0x390 [ 649.084050][T26385] evdev_write+0x342/0x610 [ 649.084071][T26385] ? __pfx_evdev_write+0x10/0x10 [ 649.084089][T26385] ? bpf_lsm_file_permission+0x9/0x10 [ 649.084111][T26385] ? security_file_permission+0x76/0x210 [ 649.084134][T26385] ? rw_verify_area+0xce/0x6d0 [ 649.084158][T26385] vfs_write+0x2aa/0x1070 [ 649.084181][T26385] ? __pfx_evdev_write+0x10/0x10 [ 649.084199][T26385] ? __pfx_vfs_write+0x10/0x10 [ 649.084220][T26385] ? find_held_lock+0x2b/0x80 [ 649.084243][T26385] ? __fget_files+0x215/0x3d0 [ 649.084259][T26385] ? __fget_files+0x215/0x3d0 [ 649.084277][T26385] ? __fget_files+0x21f/0x3d0 [ 649.084294][T26385] ksys_write+0x1f8/0x250 [ 649.084313][T26385] ? __pfx_ksys_write+0x10/0x10 [ 649.084335][T26385] ? rcu_is_watching+0x12/0xc0 [ 649.084358][T26385] do_syscall_64+0x10b/0xf80 [ 649.084371][T26385] ? clear_bhb_loop+0x40/0x90 [ 649.084388][T26385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.084403][T26385] RIP: 0033:0x7fa67239c819 [ 649.084416][T26385] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 649.084429][T26385] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 649.084443][T26385] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 649.084452][T26385] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 649.084459][T26385] RBP: 00007fa673327090 R08: 0000000000000000 R09: 0000000000000000 [ 649.084467][T26385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 649.084476][T26385] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 649.084493][T26385] [ 649.380881][T26398] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 649.536915][T26409] netlink: 136 bytes leftover after parsing attributes in process `syz.8.6242'. [ 649.540817][T26409] sg_write: data in/out 63015/10 bytes for SCSI command 0xff-- guessing data in; [ 649.540817][T26409] program syz.8.6242 not setting count and/or reply_len properly [ 649.579130][T26411] FAULT_INJECTION: forcing a failure. [ 649.579130][T26411] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 649.584326][T26411] CPU: 2 UID: 0 PID: 26411 Comm: syz.8.6243 Tainted: G L syzkaller #0 PREEMPT(full) [ 649.584347][T26411] Tainted: [L]=SOFTLOCKUP [ 649.584352][T26411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 649.584359][T26411] Call Trace: [ 649.584365][T26411] [ 649.584372][T26411] dump_stack_lvl+0x100/0x190 [ 649.584392][T26411] should_fail_ex.cold+0x5/0xa [ 649.584410][T26411] _copy_from_user+0x2e/0xd0 [ 649.584430][T26411] input_event_from_user+0x123/0x310 [ 649.584445][T26411] ? __pfx_input_event_from_user+0x10/0x10 [ 649.584458][T26411] ? __pfx___might_resched+0x10/0x10 [ 649.584475][T26411] ? input_inject_event+0x1a6/0x390 [ 649.584490][T26411] evdev_write+0x342/0x610 [ 649.584506][T26411] ? __pfx_evdev_write+0x10/0x10 [ 649.584519][T26411] ? bpf_lsm_file_permission+0x9/0x10 [ 649.584536][T26411] ? security_file_permission+0x76/0x210 [ 649.584554][T26411] ? rw_verify_area+0xce/0x6d0 [ 649.584572][T26411] vfs_write+0x2aa/0x1070 [ 649.584589][T26411] ? __pfx_evdev_write+0x10/0x10 [ 649.584602][T26411] ? __pfx_vfs_write+0x10/0x10 [ 649.584618][T26411] ? find_held_lock+0x2b/0x80 [ 649.584636][T26411] ? __fget_files+0x215/0x3d0 [ 649.584648][T26411] ? __fget_files+0x215/0x3d0 [ 649.584664][T26411] ? __fget_files+0x21f/0x3d0 [ 649.584679][T26411] ksys_write+0x1f8/0x250 [ 649.584696][T26411] ? __pfx_ksys_write+0x10/0x10 [ 649.584714][T26411] ? rcu_is_watching+0x12/0xc0 [ 649.584733][T26411] do_syscall_64+0x10b/0xf80 [ 649.584745][T26411] ? clear_bhb_loop+0x40/0x90 [ 649.584760][T26411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.584772][T26411] RIP: 0033:0x7fa67239c819 [ 649.584783][T26411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 649.584794][T26411] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 649.584806][T26411] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 649.584813][T26411] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 649.584820][T26411] RBP: 00007fa673327090 R08: 0000000000000000 R09: 0000000000000000 [ 649.584827][T26411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 649.584833][T26411] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 649.584848][T26411] [ 649.935393][T26423] netlink: 'syz.5.6247': attribute type 1 has an invalid length. [ 650.167631][T26433] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 650.941937][T26452] fuse: Unknown parameter 'f¸ º0oÀÐ)Ïžþd' [ 651.129946][T26462] FAULT_INJECTION: forcing a failure. [ 651.129946][T26462] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 651.136972][T26462] CPU: 0 UID: 0 PID: 26462 Comm: syz.5.6262 Tainted: G L syzkaller #0 PREEMPT(full) [ 651.137001][T26462] Tainted: [L]=SOFTLOCKUP [ 651.137008][T26462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 651.137018][T26462] Call Trace: [ 651.137026][T26462] [ 651.137034][T26462] dump_stack_lvl+0x100/0x190 [ 651.137070][T26462] should_fail_ex.cold+0x5/0xa [ 651.137097][T26462] _copy_from_user+0x2e/0xd0 [ 651.137127][T26462] input_event_from_user+0x123/0x310 [ 651.137147][T26462] ? __pfx_input_event_from_user+0x10/0x10 [ 651.137167][T26462] ? __pfx___might_resched+0x10/0x10 [ 651.137211][T26462] ? input_inject_event+0x1a6/0x390 [ 651.137233][T26462] evdev_write+0x342/0x610 [ 651.137259][T26462] ? __pfx_evdev_write+0x10/0x10 [ 651.137280][T26462] ? bpf_lsm_file_permission+0x9/0x10 [ 651.137307][T26462] ? security_file_permission+0x76/0x210 [ 651.137332][T26462] ? rw_verify_area+0xce/0x6d0 [ 651.137359][T26462] vfs_write+0x2aa/0x1070 [ 651.137385][T26462] ? __pfx_evdev_write+0x10/0x10 [ 651.137406][T26462] ? __pfx_vfs_write+0x10/0x10 [ 651.137430][T26462] ? find_held_lock+0x2b/0x80 [ 651.137456][T26462] ? __fget_files+0x215/0x3d0 [ 651.137473][T26462] ? __fget_files+0x215/0x3d0 [ 651.137517][T26462] ? __fget_files+0x21f/0x3d0 [ 651.137542][T26462] ksys_write+0x1f8/0x250 [ 651.137567][T26462] ? __pfx_ksys_write+0x10/0x10 [ 651.137594][T26462] ? rcu_is_watching+0x12/0xc0 [ 651.137624][T26462] do_syscall_64+0x10b/0xf80 [ 651.137643][T26462] ? clear_bhb_loop+0x40/0x90 [ 651.137664][T26462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.137684][T26462] RIP: 0033:0x7f8a8419c819 [ 651.137701][T26462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 651.137717][T26462] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 651.137736][T26462] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 651.137747][T26462] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 651.137759][T26462] RBP: 00007f8a84f95090 R08: 0000000000000000 R09: 0000000000000000 [ 651.137768][T26462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 651.137777][T26462] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 651.137802][T26462] [ 651.278021][ T5947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 651.287259][ T5947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 651.291073][ T5947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 651.295614][ T5947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 651.298704][ T5947] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 651.417856][T26471] ipt_REJECT: TCP_RESET invalid for non-tcp [ 651.625139][T26463] chnl_net:caif_netlink_parms(): no params data found [ 651.629785][T26482] netlink: 'syz.5.6266': attribute type 21 has an invalid length. [ 651.777390][T26489] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 651.858969][T26502] netlink: 'syz.5.6273': attribute type 1 has an invalid length. [ 651.872355][T26463] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.875646][T26463] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.878892][T26463] bridge_slave_0: entered allmulticast mode [ 651.883022][T26463] bridge_slave_0: entered promiscuous mode [ 651.928976][T26502] bond3: entered promiscuous mode [ 651.932246][T26502] 8021q: adding VLAN 0 to HW filter on device bond3 [ 651.936871][T26463] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.939957][T26507] netlink: 'syz.7.6274': attribute type 1 has an invalid length. [ 651.940334][T26463] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.953095][T26463] bridge_slave_1: entered allmulticast mode [ 651.957701][T26463] bridge_slave_1: entered promiscuous mode [ 651.959013][T26507] netlink: 'syz.7.6274': attribute type 2 has an invalid length. [ 651.966688][T26507] netlink: 'syz.7.6274': attribute type 1 has an invalid length. [ 651.970053][T26507] netlink: 'syz.7.6274': attribute type 3 has an invalid length. [ 651.987257][T26505] bond3: entered allmulticast mode [ 652.053763][T26510] overlayfs: failed to verify origin (338/file1, ino=2009, err=-116) [ 652.061606][T26510] overlayfs: failed to verify origin (338/file1, ino=2009, err=-116) [ 652.106643][T26505] bond3: (slave bridge1): making interface the new active one [ 652.109717][T26505] bridge1: entered promiscuous mode [ 652.111746][T26505] bridge1: entered allmulticast mode [ 652.115019][T26505] bond3: (slave bridge1): Enslaving as an active interface with an up link [ 652.121184][T26510] bond0: (slave bridge_slave_1): Releasing backup interface [ 652.157643][T26510] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 652.172801][T26463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 652.193587][T26463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 652.210010][T26511] team0: Mode changed to "loadbalance" [ 652.253883][T26463] team0: Port device team_slave_0 added [ 652.259199][T26463] team0: Port device team_slave_1 added [ 652.285809][T26463] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 652.288593][T26463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 652.300624][T26463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 652.307261][T26463] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 652.310855][T26463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 652.321808][T26463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 652.365225][T26463] hsr_slave_0: entered promiscuous mode [ 652.369201][T26463] hsr_slave_1: entered promiscuous mode [ 652.371821][T26463] debugfs: 'hsr0' already exists in 'hsr' [ 652.373827][T26463] Cannot create hsr debugfs directory [ 652.407879][ T10] usb 10-1: new high-speed USB device number 71 using dummy_hcd [ 652.426982][T26515] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 652.433366][T26515] Error validating options; rc = [-22] [ 652.570342][ T10] usb 10-1: Using ep0 maxpacket: 8 [ 652.576232][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 652.582073][ T10] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 652.586385][ T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.608149][ T10] usb 10-1: config 0 descriptor?? [ 652.622629][ T12] bridge_slave_1: left allmulticast mode [ 652.624966][ T12] bridge_slave_1: left promiscuous mode [ 652.627405][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 652.647205][ T12] bridge_slave_0: left allmulticast mode [ 652.655594][ T12] bridge_slave_0: left promiscuous mode [ 652.657739][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 652.757684][T26529] __nla_validate_parse: 9 callbacks suppressed [ 652.757702][T26529] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6280'. [ 652.766264][T26529] openvswitch: netlink: Flow key attr not present in new flow. [ 652.778977][T26529] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6280'. [ 652.807590][ T12] bond2 (unregistering): (slave geneve2): Releasing active interface [ 652.835720][ T10] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 652.864962][T26531] netlink: 187416 bytes leftover after parsing attributes in process `syz.8.6282'. [ 652.877785][T26531] netlink: Unknown conntrack attr (type=10247, max=9) [ 653.013892][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 653.038606][T26533] FAULT_INJECTION: forcing a failure. [ 653.038606][T26533] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 653.051722][T26533] CPU: 3 UID: 0 PID: 26533 Comm: syz.8.6283 Tainted: G L syzkaller #0 PREEMPT(full) [ 653.051731][ T5836] usb 10-1: USB disconnect, device number 71 [ 653.051745][T26533] Tainted: [L]=SOFTLOCKUP [ 653.051751][T26533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 653.051758][T26533] Call Trace: [ 653.051763][T26533] [ 653.051768][T26533] dump_stack_lvl+0x100/0x190 [ 653.051789][T26533] should_fail_ex.cold+0x5/0xa [ 653.051806][T26533] _copy_from_user+0x2e/0xd0 [ 653.051825][T26533] input_event_from_user+0x123/0x310 [ 653.051840][T26533] ? __pfx_input_event_from_user+0x10/0x10 [ 653.051852][T26533] ? __pfx___might_resched+0x10/0x10 [ 653.051869][T26533] ? input_inject_event+0x1a6/0x390 [ 653.051883][T26533] evdev_write+0x342/0x610 [ 653.051898][T26533] ? __pfx_evdev_write+0x10/0x10 [ 653.051913][T26533] ? bpf_lsm_file_permission+0x9/0x10 [ 653.051930][T26533] ? security_file_permission+0x76/0x210 [ 653.051947][T26533] ? rw_verify_area+0xce/0x6d0 [ 653.051965][T26533] vfs_write+0x2aa/0x1070 [ 653.051982][T26533] ? __pfx_evdev_write+0x10/0x10 [ 653.051995][T26533] ? __pfx_vfs_write+0x10/0x10 [ 653.052011][T26533] ? find_held_lock+0x2b/0x80 [ 653.052029][T26533] ? __fget_files+0x215/0x3d0 [ 653.052040][T26533] ? __fget_files+0x215/0x3d0 [ 653.052053][T26533] ? __fget_files+0x21f/0x3d0 [ 653.052068][T26533] ksys_write+0x1f8/0x250 [ 653.052085][T26533] ? __pfx_ksys_write+0x10/0x10 [ 653.052103][T26533] ? rcu_is_watching+0x12/0xc0 [ 653.052122][T26533] do_syscall_64+0x10b/0xf80 [ 653.052134][T26533] ? clear_bhb_loop+0x40/0x90 [ 653.052148][T26533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.052160][T26533] RIP: 0033:0x7fa67239c819 [ 653.052172][T26533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 653.052183][T26533] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 653.052195][T26533] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 653.052202][T26533] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000005 [ 653.052209][T26533] RBP: 00007fa673327090 R08: 0000000000000000 R09: 0000000000000000 [ 653.052215][T26533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 653.052222][T26533] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 653.052237][T26533] [ 653.160678][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 653.225892][ T12] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 653.284731][ T12] bond0 (unregistering): Released all slaves [ 653.290383][ T12] bond1 (unregistering): Released all slaves [ 653.308739][ T12] bond2 (unregistering): Released all slaves [ 653.317144][ T12] bond3 (unregistering): Released all slaves [ 653.615416][ T5298] Bluetooth: hci2: command tx timeout [ 653.671268][ T5650] 8021q: adding VLAN 0 to HW filter on device eth22 [ 653.941397][ T5650] 8021q: adding VLAN 0 to HW filter on device eth23 [ 653.959910][ T40] kauditd_printk_skb: 256 callbacks suppressed [ 653.959927][ T40] audit: type=1400 audit(2000524691.641:36205): avc: denied { mount } for pid=26560 comm="syz.7.6289" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 654.186136][ T40] audit: type=1400 audit(2000524691.856:36206): avc: denied { create } for pid=26567 comm="syz.8.6290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 654.193018][T26570] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 654.197969][ T40] audit: type=1400 audit(2000524691.865:36207): avc: denied { write } for pid=26567 comm="syz.8.6290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 654.208943][ T40] audit: type=1400 audit(2000524691.884:36208): avc: denied { recv } for pid=26565 comm="dhcpcd-run-hook" saddr=127.0.0.1 src=47540 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 654.243950][ T12] hsr_slave_0: left promiscuous mode [ 654.246588][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 654.250495][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 654.300533][ T40] audit: type=1400 audit(2000524691.968:36209): avc: denied { read } for pid=26582 comm="syz.5.6291" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 654.311290][ T40] audit: type=1400 audit(2000524691.968:36210): avc: denied { open } for pid=26582 comm="syz.5.6291" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 654.327011][ T40] audit: type=1400 audit(2000524691.978:36211): avc: denied { create } for pid=26582 comm="syz.5.6291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 654.337086][ T40] audit: type=1400 audit(2000524691.978:36212): avc: denied { ioctl } for pid=26582 comm="syz.5.6291" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 654.348649][ T40] audit: type=1400 audit(2000524691.987:36213): avc: denied { ioctl } for pid=26582 comm="syz.5.6291" path="socket:[132268]" dev="sockfs" ino=132268 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 654.360494][ T40] audit: type=1400 audit(2000524691.987:36214): avc: denied { read } for pid=26582 comm="syz.5.6291" dev="nsfs" ino=4026532959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 654.411018][ T12] team0 (unregistering): Port device team_slave_1 removed [ 654.440280][ T12] team0 (unregistering): Port device team_slave_0 removed [ 654.823271][ T836] usb 13-1: new high-speed USB device number 29 using dummy_hcd [ 654.854936][T26463] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 654.860054][T26463] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 654.863186][T26463] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 654.867714][T26463] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 654.870793][T26463] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 654.875927][T26463] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 654.879479][T26463] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 654.892440][T26463] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 654.955130][T26616] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6297'. [ 654.990257][T26463] 8021q: adding VLAN 0 to HW filter on device bond0 [ 655.006917][ T836] usb 13-1: Using ep0 maxpacket: 8 [ 655.007774][T26463] 8021q: adding VLAN 0 to HW filter on device team0 [ 655.011151][ T836] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 655.017052][ T836] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 655.021210][ T836] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.035086][ T836] usb 13-1: config 0 descriptor?? [ 655.057298][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state [ 655.060746][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 655.070998][ T12] IPVS: stop unused estimator thread 0... [ 655.081656][ T9545] bridge0: port 2(bridge_slave_1) entered blocking state [ 655.084828][ T9545] bridge0: port 2(bridge_slave_1) entered forwarding state [ 655.261773][ T836] iowarrior 13-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 655.312603][T26631] Invalid argument reading file caps for ./file0 [ 655.377794][T26463] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 655.442978][ T9] usb 10-1: new high-speed USB device number 72 using dummy_hcd [ 655.482857][ T836] usb 13-1: USB disconnect, device number 29 [ 655.567172][T26463] veth0_vlan: entered promiscuous mode [ 655.575708][T26463] veth1_vlan: entered promiscuous mode [ 655.595409][T26463] veth0_macvtap: entered promiscuous mode [ 655.601385][T26463] veth1_macvtap: entered promiscuous mode [ 655.606750][ T9] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 655.610784][ T9] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 655.614236][ T9] usb 10-1: config 0 interface 0 has no altsetting 0 [ 655.616011][T26463] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 655.618484][ T9] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 655.622947][ T9] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 655.625922][ T9] usb 10-1: Product: syz [ 655.627355][ T9] usb 10-1: Manufacturer: syz [ 655.627985][T26463] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 655.628900][ T9] usb 10-1: SerialNumber: syz [ 655.635518][ T9] usb 10-1: config 0 descriptor?? [ 655.640903][ T9] hub 10-1:0.0: bad descriptor, ignoring hub [ 655.644014][ T9] hub 10-1:0.0: probe with driver hub failed with error -5 [ 655.646311][ T9545] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.648239][ T9] usb 10-1: selecting invalid altsetting 0 [ 655.650117][ T9545] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.661258][ T9545] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.664539][ T9545] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.788352][ T9545] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 655.794813][ T9545] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 655.816328][ T1250] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 655.820152][ T1250] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 655.838495][ T5298] Bluetooth: hci2: command tx timeout [ 655.966837][ T6029] usb 10-1: USB disconnect, device number 72 [ 656.127240][T26666] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6307'. [ 656.578925][T26697] tmpfs: Unknown parameter 'nr_i' [ 656.699464][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 656.702965][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 656.984622][ T836] usb 12-1: new high-speed USB device number 57 using dummy_hcd [ 657.164028][ T836] usb 12-1: Using ep0 maxpacket: 8 [ 657.169076][ T836] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 657.173476][ T836] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 657.178404][ T836] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 657.182788][ T836] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 657.189308][ T836] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 657.193526][ T836] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.418944][ T836] usb 12-1: GET_CAPABILITIES returned 0 [ 657.421419][ T836] usbtmc 12-1:16.0: can't read capabilities [ 657.859021][ T6029] usb 12-1: USB disconnect, device number 57 [ 658.061470][ T5298] Bluetooth: hci2: command tx timeout [ 658.369912][T26740] bond2: Unable to set down delay as MII monitoring is disabled [ 658.375356][T26740] bond2 (unregistering): Released all slaves [ 658.413582][T26742] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6327'. [ 658.928934][T26774] netlink: 'syz.7.6336': attribute type 39 has an invalid length. [ 659.221430][T26789] FAULT_INJECTION: forcing a failure. [ 659.221430][T26789] name failslab, interval 1, probability 0, space 0, times 0 [ 659.233092][T26789] CPU: 0 UID: 0 PID: 26789 Comm: syz.5.6341 Tainted: G L syzkaller #0 PREEMPT(full) [ 659.233130][T26789] Tainted: [L]=SOFTLOCKUP [ 659.233138][T26789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 659.233152][T26789] Call Trace: [ 659.233161][T26789] [ 659.233171][T26789] dump_stack_lvl+0x100/0x190 [ 659.233202][T26789] should_fail_ex.cold+0x5/0xa [ 659.233234][T26789] ? tomoyo_realpath_from_path+0xb6/0x690 [ 659.233264][T26789] should_failslab+0xc2/0x120 [ 659.233297][T26789] __kmalloc_noprof+0xe0/0x850 [ 659.233324][T26789] ? kfree+0x1dd/0x6c0 [ 659.233351][T26789] tomoyo_realpath_from_path+0xb6/0x690 [ 659.233385][T26789] tomoyo_path_number_perm+0x23c/0x580 [ 659.233408][T26789] ? tomoyo_path_number_perm+0x22e/0x580 [ 659.233434][T26789] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 659.233517][T26789] ? find_held_lock+0x2b/0x80 [ 659.233549][T26789] ? __fget_files+0x215/0x3d0 [ 659.233569][T26789] ? hook_file_ioctl_common+0x149/0x410 [ 659.233599][T26789] ? __fget_files+0x215/0x3d0 [ 659.233652][T26789] ? __fget_files+0x21f/0x3d0 [ 659.233678][T26789] security_file_ioctl+0xd3/0x230 [ 659.233728][T26789] __x64_sys_ioctl+0xb7/0x210 [ 659.233761][T26789] do_syscall_64+0x10b/0xf80 [ 659.233781][T26789] ? clear_bhb_loop+0x40/0x90 [ 659.233810][T26789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.233832][T26789] RIP: 0033:0x7f8a8419c819 [ 659.233850][T26789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 659.233871][T26789] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 659.233893][T26789] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 659.233908][T26789] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 659.233921][T26789] RBP: 00007f8a84f95090 R08: 0000000000000000 R09: 0000000000000000 [ 659.233934][T26789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 659.233947][T26789] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 659.233979][T26789] [ 659.234011][T26789] ERROR: Out of memory at tomoyo_realpath_from_path. [ 659.342552][ T40] kauditd_printk_skb: 233 callbacks suppressed [ 659.342574][ T40] audit: type=1400 audit(2000524696.684:36448): avc: denied { ioctl } for pid=26788 comm="syz.5.6341" path="/149/file0/file0" dev="fuse" ino=64 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 659.344029][T26789] 0x000000010001-0x000000010007 : "" [ 659.369828][T26789] ftl_cs: FTL header corrupt! [ 659.416830][ T40] audit: type=1400 audit(2000524696.749:36449): avc: denied { unmount } for pid=24435 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 659.434070][ T40] audit: type=1400 audit(2000524696.768:36450): avc: denied { read write } for pid=24435 comm="syz-executor" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 659.462541][ T40] audit: type=1400 audit(2000524696.787:36451): avc: denied { open } for pid=24435 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 659.479440][ T40] audit: type=1400 audit(2000524696.787:36452): avc: denied { ioctl } for pid=24435 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 659.490170][ T40] audit: type=1400 audit(2000524696.824:36453): avc: denied { prog_load } for pid=26795 comm="syz.5.6343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 659.535307][ T40] audit: type=1400 audit(2000524696.862:36454): avc: denied { create } for pid=26797 comm="syz.5.6344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 659.548217][ T40] audit: type=1400 audit(2000524696.862:36455): avc: denied { bind } for pid=26797 comm="syz.5.6344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 659.555740][ T40] audit: type=1400 audit(2000524696.862:36456): avc: denied { create } for pid=26797 comm="syz.5.6344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 659.563649][ T40] audit: type=1400 audit(2000524696.862:36457): avc: denied { ioctl } for pid=26797 comm="syz.5.6344" path="socket:[133418]" dev="sockfs" ino=133418 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 659.623050][T26802] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6345'. [ 659.634523][T26802] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6345'. [ 659.638739][T26802] openvswitch: netlink: Flow key attr not present in new flow. [ 659.651876][T26802] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6345'. [ 659.802103][T26817] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 659.808860][T26817] netlink: 'syz.8.6351': attribute type 1 has an invalid length. [ 659.812611][T26817] netlink: 'syz.8.6351': attribute type 3 has an invalid length. [ 659.817682][T26817] netlink: 224 bytes leftover after parsing attributes in process `syz.8.6351'. [ 659.836034][T26817] netlink: 208240 bytes leftover after parsing attributes in process `syz.8.6351'. [ 659.911902][T26817] hfs: can't find a HFS filesystem on dev sr0 [ 660.030739][T26817] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 660.095478][T26842] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6359'. [ 660.104360][T26842] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6359'. [ 660.108870][T26842] openvswitch: netlink: Flow key attr not present in new flow. [ 660.118006][T26842] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6359'. [ 660.284677][ T5298] Bluetooth: hci2: command tx timeout [ 660.291547][T26861] 0x000000010001-0x000000010007 : "" [ 660.304685][T26861] ftl_cs: FTL header corrupt! [ 660.392281][T26869] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6367'. [ 660.434076][ T58] usb 12-1: new high-speed USB device number 58 using dummy_hcd [ 660.434688][T26869] netlink: 'syz.8.6367': attribute type 4 has an invalid length. [ 660.567305][T26883] openvswitch: netlink: Flow key attr not present in new flow. [ 660.606362][ T58] usb 12-1: Using ep0 maxpacket: 8 [ 660.610514][ T58] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 660.616121][ T58] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 660.620118][ T58] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.626878][ T58] usb 12-1: config 0 descriptor?? [ 660.705366][T26879] md: could not open device unknown-block(0,0). [ 660.710058][T26879] md: error, md_import_device() returned -6 [ 660.789868][T26891] sg_write: data in/out 1560121193/167 bytes for SCSI command 0xd5-- guessing data in; [ 660.789868][T26891] program syz.8.6375 not setting count and/or reply_len properly [ 660.855929][ T58] iowarrior 12-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 661.070489][ T836] usb 12-1: USB disconnect, device number 58 [ 661.187157][T26914] FAULT_INJECTION: forcing a failure. [ 661.187157][T26914] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 661.193225][T26914] CPU: 1 UID: 0 PID: 26914 Comm: syz.8.6383 Tainted: G L syzkaller #0 PREEMPT(full) [ 661.193254][T26914] Tainted: [L]=SOFTLOCKUP [ 661.193260][T26914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 661.193271][T26914] Call Trace: [ 661.193279][T26914] [ 661.193287][T26914] dump_stack_lvl+0x100/0x190 [ 661.193318][T26914] should_fail_ex.cold+0x5/0xa [ 661.193346][T26914] _copy_from_user+0x2e/0xd0 [ 661.193375][T26914] mtdchar_ioctl+0x1648/0x1fd0 [ 661.193547][T26914] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 661.193566][T26914] ? lock_acquire+0x1b1/0x370 [ 661.193595][T26914] ? trace_contention_end+0x122/0x170 [ 661.193655][T26914] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 661.193674][T26914] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 661.193701][T26914] ? __pfx___mutex_lock+0x10/0x10 [ 661.193741][T26914] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 661.193756][T26914] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 661.193776][T26914] __x64_sys_ioctl+0x18e/0x210 [ 661.193803][T26914] do_syscall_64+0x10b/0xf80 [ 661.193821][T26914] ? clear_bhb_loop+0x40/0x90 [ 661.193844][T26914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.193924][T26914] RIP: 0033:0x7fa67239c819 [ 661.193946][T26914] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 661.193964][T26914] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 661.193984][T26914] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 661.193994][T26914] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 661.194003][T26914] RBP: 00007fa673327090 R08: 0000000000000000 R09: 0000000000000000 [ 661.194013][T26914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 661.194022][T26914] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 661.194056][T26914] [ 661.776548][T26948] FAULT_INJECTION: forcing a failure. [ 661.776548][T26948] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 661.781694][T26948] CPU: 1 UID: 0 PID: 26948 Comm: syz.5.6393 Tainted: G L syzkaller #0 PREEMPT(full) [ 661.781716][T26948] Tainted: [L]=SOFTLOCKUP [ 661.781721][T26948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 661.781732][T26948] Call Trace: [ 661.781740][T26948] [ 661.781747][T26948] dump_stack_lvl+0x100/0x190 [ 661.781778][T26948] should_fail_ex.cold+0x5/0xa [ 661.781813][T26948] _copy_from_user+0x2e/0xd0 [ 661.781841][T26948] mtdchar_blkpg_ioctl+0xd7/0x250 [ 661.781874][T26948] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 661.781925][T26948] mtdchar_ioctl+0x1670/0x1fd0 [ 661.781947][T26948] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 661.781965][T26948] ? lock_acquire+0x1b1/0x370 [ 661.781991][T26948] ? trace_contention_end+0x122/0x170 [ 661.782016][T26948] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 661.782036][T26948] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 661.782062][T26948] ? __pfx___mutex_lock+0x10/0x10 [ 661.782097][T26948] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 661.782111][T26948] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 661.782129][T26948] __x64_sys_ioctl+0x18e/0x210 [ 661.782153][T26948] do_syscall_64+0x10b/0xf80 [ 661.782170][T26948] ? clear_bhb_loop+0x40/0x90 [ 661.782189][T26948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.782209][T26948] RIP: 0033:0x7f8a8419c819 [ 661.782226][T26948] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 661.782243][T26948] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 661.782259][T26948] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 661.782271][T26948] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 661.782280][T26948] RBP: 00007f8a84f95090 R08: 0000000000000000 R09: 0000000000000000 [ 661.782290][T26948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 661.782300][T26948] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 661.782326][T26948] [ 661.982508][T26958] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 661.992974][ T836] usb 13-1: new high-speed USB device number 30 using dummy_hcd [ 662.008448][T26964] openvswitch: netlink: IPv4 tunnel dst address is zero [ 662.013827][T26964] program syz.5.6397 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 662.111611][T26970] openvswitch: netlink: Missing valid actions attribute. [ 662.111643][T26970] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 662.122907][ T6010] IPVS: starting estimator thread 0... [ 662.137909][T26967] openvswitch: netlink: Invalid VLAN frame [ 662.167209][ T836] usb 13-1: Using ep0 maxpacket: 8 [ 662.170269][ T836] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 662.170294][ T836] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 662.170310][ T836] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 662.170325][ T836] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 662.170350][ T836] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 662.170365][ T836] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 662.240290][T26971] IPVS: using max 41 ests per chain, 98400 per kthread [ 662.395280][ T836] usb 13-1: GET_CAPABILITIES returned 0 [ 662.397578][ T836] usbtmc 13-1:16.0: can't read capabilities [ 662.616802][ T836] usb 13-1: USB disconnect, device number 30 [ 663.305618][T26975] openvswitch: netlink: Flow key attr not present in new flow. [ 663.672408][ T836] usb 13-1: new high-speed USB device number 31 using dummy_hcd [ 663.832798][ T836] usb 13-1: Using ep0 maxpacket: 8 [ 663.836893][ T836] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 663.841601][ T836] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 663.845712][ T836] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 663.851630][ T836] usb 13-1: config 0 descriptor?? [ 664.074485][ T836] iowarrior 13-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 664.292208][ T10] usb 13-1: USB disconnect, device number 31 [ 664.921132][T26983] __nla_validate_parse: 9 callbacks suppressed [ 664.921152][T26983] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6404'. [ 664.964626][ T40] kauditd_printk_skb: 206 callbacks suppressed [ 664.964649][ T40] audit: type=1400 audit(2000524701.942:36664): avc: denied { mount } for pid=26984 comm="syz.8.6405" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 664.965135][T26950] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 665.038301][T26985] FAULT_INJECTION: forcing a failure. [ 665.038301][T26985] name failslab, interval 1, probability 0, space 0, times 0 [ 665.042874][T26985] CPU: 0 UID: 0 PID: 26985 Comm: syz.8.6405 Tainted: G L syzkaller #0 PREEMPT(full) [ 665.042894][T26985] Tainted: [L]=SOFTLOCKUP [ 665.042898][T26985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 665.042905][T26985] Call Trace: [ 665.042909][T26985] [ 665.042914][T26985] dump_stack_lvl+0x100/0x190 [ 665.042936][T26985] should_fail_ex.cold+0x5/0xa [ 665.042954][T26985] should_failslab+0xc2/0x120 [ 665.042975][T26985] __kmalloc_cache_noprof+0x7a/0x6f0 [ 665.042990][T26985] ? allocate_partition+0x190/0x2a0 [ 665.043012][T26985] allocate_partition+0x190/0x2a0 [ 665.043031][T26985] ? cred_has_capability.isra.0+0x186/0x300 [ 665.043052][T26985] mtd_add_partition+0x1bc/0x660 [ 665.043077][T26985] ? __pfx_mtd_add_partition+0x10/0x10 [ 665.043096][T26985] ? __might_fault+0xc5/0x140 [ 665.043112][T26985] ? __might_fault+0xc5/0x140 [ 665.043133][T26985] mtdchar_blkpg_ioctl+0x207/0x250 [ 665.043153][T26985] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 665.043185][T26985] mtdchar_ioctl+0x1670/0x1fd0 [ 665.043200][T26985] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 665.043212][T26985] ? lock_acquire+0x1b1/0x370 [ 665.043231][T26985] ? trace_contention_end+0x122/0x170 [ 665.043248][T26985] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 665.043261][T26985] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 665.043280][T26985] ? __pfx___mutex_lock+0x10/0x10 [ 665.043304][T26985] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 665.043315][T26985] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 665.043328][T26985] __x64_sys_ioctl+0x18e/0x210 [ 665.043347][T26985] do_syscall_64+0x10b/0xf80 [ 665.043358][T26985] ? clear_bhb_loop+0x40/0x90 [ 665.043374][T26985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.043386][T26985] RIP: 0033:0x7fa67239c819 [ 665.043397][T26985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 665.043409][T26985] RSP: 002b:00007fa673327028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.043421][T26985] RAX: ffffffffffffffda RBX: 00007fa672615fa0 RCX: 00007fa67239c819 [ 665.043429][T26985] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 665.043436][T26985] RBP: 00007fa673327090 R08: 0000000000000000 R09: 0000000000000000 [ 665.043444][T26985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.043451][T26985] R13: 00007fa672616038 R14: 00007fa672615fa0 R15: 00007ffd4c79c6a8 [ 665.043466][T26985] [ 665.043480][T26985] memory allocation error while creating partitions for "mtdram test device" [ 665.066148][ T40] audit: type=1400 audit(2000524702.036:36665): avc: denied { mount } for pid=26987 comm="syz.5.6408" name="/" dev="9p" ino=81264693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 665.162058][ T40] audit: type=1400 audit(2000524702.064:36666): avc: denied { unmount } for pid=24285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 665.170322][ T40] audit: type=1400 audit(2000524702.064:36667): avc: denied { read } for pid=26987 comm="syz.5.6408" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 665.180385][ T40] audit: type=1400 audit(2000524702.064:36668): avc: denied { open } for pid=26987 comm="syz.5.6408" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 665.190892][ T40] audit: type=1400 audit(2000524702.064:36669): avc: denied { ioctl } for pid=26987 comm="syz.5.6408" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 665.201805][ T40] audit: type=1400 audit(2000524702.064:36670): avc: denied { set_context_mgr } for pid=26987 comm="syz.5.6408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 665.210531][ T40] audit: type=1400 audit(2000524702.064:36671): avc: denied { write } for pid=26987 comm="syz.5.6408" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 665.220721][ T40] audit: type=1400 audit(2000524702.064:36672): avc: denied { add_name } for pid=26987 comm="syz.5.6408" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 665.229451][ T40] audit: type=1400 audit(2000524702.064:36673): avc: denied { create } for pid=26987 comm="syz.5.6408" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 665.298700][T26992] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6409'. [ 665.302628][T26992] openvswitch: netlink: Flow key attr not present in new flow. [ 665.309802][T26992] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6409'. [ 665.491377][T27010] loop5: detected capacity change from 0 to 1 [ 665.495966][T27010] Dev loop5: unable to read RDB block 1 [ 665.497833][T27010] loop5: unable to read partition table [ 665.502890][T27010] loop5: partition table beyond EOD, truncated [ 665.508107][T27010] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 665.535854][T27024] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(4) [ 665.538871][T27024] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 665.550068][T27020] 0x000000010001-0x000000010007 : "" [ 665.553994][T27024] vhci_hcd vhci_hcd.0: Device attached [ 665.560961][T27020] ftl_cs: FTL header corrupt! [ 665.655341][T27032] binder: 27022:27032 ioctl c020f509 2000000002c0 returned -22 [ 665.659293][T27032] binder: 27022:27032 ioctl c0306201 200000000080 returned -14 [ 665.663392][T27032] CIFS mount error: No usable UNC path provided in device string! [ 665.663392][T27032] [ 665.667411][T27032] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 665.731921][T27033] binder: 27022:27033 ioctl c0306201 2000000003c0 returned -14 [ 665.842737][T27035] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6422'. [ 665.846284][T27035] openvswitch: netlink: Flow key attr not present in new flow. [ 665.854600][T27035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6422'. [ 665.865282][ T836] usb 52-1: SetAddress Request (2) to port 0 [ 665.873027][ T836] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd [ 665.944409][T27038] sp0: Synchronizing with TNC [ 666.069314][T27045] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6426'. [ 666.127234][T27045] bond3: entered promiscuous mode [ 666.129897][T27045] bond3: entered allmulticast mode [ 666.277826][T27054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27054 comm=syz.8.6429 [ 666.394782][T27056] 0x000000010001-0x000000010007 : "" [ 666.408836][T27056] ftl_cs: FTL header corrupt! [ 666.433832][T27025] vhci_hcd: connection reset by peer [ 666.441886][ T9545] vhci_hcd vhci_hcd.7: stop threads [ 666.443972][ T9545] vhci_hcd vhci_hcd.7: release socket [ 666.446161][ T9545] vhci_hcd vhci_hcd.7: disconnect device [ 666.538134][T27062] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6432'. [ 666.543233][T27062] openvswitch: netlink: Flow key attr not present in new flow. [ 666.558168][T27062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6432'. [ 667.118234][T27085] netlink: 'syz.7.6441': attribute type 8 has an invalid length. [ 667.121067][T27085] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6441'. [ 667.129172][T27085] bond0: entered promiscuous mode [ 667.131827][T27085] gretap0: entered promiscuous mode [ 667.134439][T27085] hsr1: entered promiscuous mode [ 667.327589][ T58] usb 13-1: new full-speed USB device number 32 using dummy_hcd [ 667.466689][ T58] usb 13-1: device descriptor read/64, error -71 [ 667.723418][ T58] usb 13-1: new full-speed USB device number 33 using dummy_hcd [ 667.883341][ T58] usb 13-1: device descriptor read/64, error -71 [ 668.001353][ T58] usb usb13-port1: attempt power cycle [ 668.374861][ T58] usb 13-1: new full-speed USB device number 34 using dummy_hcd [ 668.397249][ T58] usb 13-1: device descriptor read/8, error -71 [ 668.650605][T27010] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 668.652767][ T58] usb 13-1: new full-speed USB device number 35 using dummy_hcd [ 668.676939][ T58] usb 13-1: device descriptor read/8, error -71 [ 668.700921][T27091] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6443'. [ 668.707491][T27091] openvswitch: netlink: Flow key attr not present in new flow. [ 668.793775][ T58] usb usb13-port1: unable to enumerate USB device [ 669.032916][T27098] FAULT_INJECTION: forcing a failure. [ 669.032916][T27098] name failslab, interval 1, probability 0, space 0, times 0 [ 669.038254][T27098] CPU: 1 UID: 0 PID: 27098 Comm: syz.5.6444 Tainted: G L syzkaller #0 PREEMPT(full) [ 669.038285][T27098] Tainted: [L]=SOFTLOCKUP [ 669.038292][T27098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 669.038302][T27098] Call Trace: [ 669.038311][T27098] [ 669.038320][T27098] dump_stack_lvl+0x100/0x190 [ 669.038351][T27098] should_fail_ex.cold+0x5/0xa [ 669.038380][T27098] should_failslab+0xc2/0x120 [ 669.038409][T27098] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 669.038436][T27098] ? sidtab_sid2str_get+0x17a/0x670 [ 669.038469][T27098] kmemdup_noprof+0x29/0x60 [ 669.038497][T27098] sidtab_sid2str_get+0x17a/0x670 [ 669.038526][T27098] security_sid_to_context_core+0x35a/0x6d0 [ 669.038550][T27098] ? avc_audit_post_callback+0x115/0x900 [ 669.038579][T27098] avc_audit_post_callback+0x1aa/0x900 [ 669.038608][T27098] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 669.038633][T27098] ? skb_put+0x138/0x180 [ 669.038660][T27098] ? audit_log_n_string+0x256/0x550 [ 669.038697][T27098] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 669.038723][T27098] common_lsm_audit+0x23f/0x2b0 [ 669.038748][T27098] ? __pfx_common_lsm_audit+0x10/0x10 [ 669.038770][T27098] ? find_held_lock+0x2b/0x80 [ 669.038807][T27098] ? rcu_is_watching+0x12/0xc0 [ 669.038837][T27098] slow_avc_audit+0x186/0x210 [ 669.038865][T27098] ? __pfx_slow_avc_audit+0x10/0x10 [ 669.038898][T27098] ? find_held_lock+0x2b/0x80 [ 669.038923][T27098] ? avc_has_extended_perms+0x33a/0x1080 [ 669.038951][T27098] ? avc_has_extended_perms+0x33a/0x1080 [ 669.038985][T27098] avc_has_extended_perms+0x9b7/0x1080 [ 669.039023][T27098] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 669.039058][T27098] ? kasan_quarantine_put+0x104/0x240 [ 669.039086][T27098] ? find_held_lock+0x2b/0x80 [ 669.039122][T27098] ? tomoyo_path_number_perm+0x188/0x580 [ 669.039166][T27098] ioctl_has_perm.constprop.0.isra.0+0x376/0x540 [ 669.039199][T27098] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 669.039234][T27098] ? __fget_files+0x215/0x3d0 [ 669.039255][T27098] ? hook_file_ioctl_common+0x149/0x410 [ 669.039293][T27098] ? selinux_file_ioctl+0x13b/0x290 [ 669.039313][T27098] selinux_file_ioctl+0x13b/0x290 [ 669.039336][T27098] security_file_ioctl+0xfb/0x230 [ 669.039364][T27098] __x64_sys_ioctl+0xb7/0x210 [ 669.039396][T27098] do_syscall_64+0x10b/0xf80 [ 669.039417][T27098] ? clear_bhb_loop+0x40/0x90 [ 669.039443][T27098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.039465][T27098] RIP: 0033:0x7f8a8419c819 [ 669.039481][T27098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 669.039499][T27098] RSP: 002b:00007f8a84f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 669.039518][T27098] RAX: ffffffffffffffda RBX: 00007f8a84415fa0 RCX: 00007f8a8419c819 [ 669.039531][T27098] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 669.039544][T27098] RBP: 00007f8a84f95090 R08: 0000000000000000 R09: 0000000000000000 [ 669.039555][T27098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 669.039567][T27098] R13: 00007f8a84416038 R14: 00007f8a84415fa0 R15: 00007ffedd4cc048 [ 669.039593][T27098] [ 669.039742][T27098] 0x000000010001-0x000000010007 : "" [ 669.189621][T27098] ftl_cs: FTL header corrupt! [ 669.516350][T27107] dvmrp6: entered allmulticast mode [ 669.648034][T27115] openvswitch: netlink: Flow key attr not present in new flow. [ 670.019970][T27128] 0x000000010001-0x000000010007 : "" [ 670.022237][T27128] FAULT_INJECTION: forcing a failure. [ 670.022237][T27128] name failslab, interval 1, probability 0, space 0, times 0 [ 670.027031][T27128] CPU: 2 UID: 0 PID: 27128 Comm: syz.4.6457 Tainted: G L syzkaller #0 PREEMPT(full) [ 670.027055][T27128] Tainted: [L]=SOFTLOCKUP [ 670.027060][T27128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 670.027069][T27128] Call Trace: [ 670.027076][T27128] [ 670.027082][T27128] dump_stack_lvl+0x100/0x190 [ 670.027106][T27128] should_fail_ex.cold+0x5/0xa [ 670.027129][T27128] should_failslab+0xc2/0x120 [ 670.027153][T27128] __kmalloc_cache_noprof+0x7a/0x6f0 [ 670.027170][T27128] ? device_add+0xd3a/0x1920 [ 670.027356][T27128] ? __pfx___debug_object_init+0x10/0x10 [ 670.027377][T27128] ? do_raw_spin_lock+0x128/0x260 [ 670.027401][T27128] device_add+0xd3a/0x1920 [ 670.027415][T27128] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 670.027431][T27128] ? lockdep_init_map_type+0x5c/0x250 [ 670.027449][T27128] ? __pfx_device_add+0x10/0x10 [ 670.027462][T27128] ? lockdep_init_map_type+0x5c/0x250 [ 670.027480][T27128] ? __init_waitqueue_head+0xca/0x150 [ 670.027506][T27128] add_mtd_device+0x928/0x17a0 [ 670.027532][T27128] ? __pfx_add_mtd_device+0x10/0x10 [ 670.027556][T27128] mtd_add_partition+0x30a/0x660 [ 670.027580][T27128] ? __pfx_mtd_add_partition+0x10/0x10 [ 670.027601][T27128] ? __might_fault+0xc5/0x140 [ 670.027619][T27128] ? __might_fault+0xc5/0x140 [ 670.027644][T27128] mtdchar_blkpg_ioctl+0x207/0x250 [ 670.027668][T27128] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 670.027706][T27128] mtdchar_ioctl+0x1670/0x1fd0 [ 670.027724][T27128] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 670.027740][T27128] ? lock_acquire+0x1b1/0x370 [ 670.027760][T27128] ? trace_contention_end+0x122/0x170 [ 670.027781][T27128] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 670.027796][T27128] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 670.027818][T27128] ? __pfx___mutex_lock+0x10/0x10 [ 670.027843][T27128] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 670.027854][T27128] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 670.027868][T27128] __x64_sys_ioctl+0x18e/0x210 [ 670.027886][T27128] do_syscall_64+0x10b/0xf80 [ 670.027898][T27128] ? clear_bhb_loop+0x40/0x90 [ 670.027913][T27128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.027926][T27128] RIP: 0033:0x7f16fbb9c819 [ 670.027938][T27128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.027950][T27128] RSP: 002b:00007f16fcb35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.027963][T27128] RAX: ffffffffffffffda RBX: 00007f16fbe15fa0 RCX: 00007f16fbb9c819 [ 670.027971][T27128] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 670.027982][T27128] RBP: 00007f16fcb35090 R08: 0000000000000000 R09: 0000000000000000 [ 670.027989][T27128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.027996][T27128] R13: 00007f16fbe16038 R14: 00007f16fbe15fa0 R15: 00007fff7c0666b8 [ 670.028019][T27128] [ 670.029651][T27128] ------------[ cut here ]------------ [ 670.131118][T27128] !list_empty(&mtd->part.node) [ 670.131129][T27128] WARNING: drivers/mtd/mtdpart.c:37 at release_mtd_partition+0x71/0x90, CPU#2: syz.4.6457/27128 [ 670.135979][T27128] Modules linked in: [ 670.138248][T27128] CPU: 2 UID: 0 PID: 27128 Comm: syz.4.6457 Tainted: G L syzkaller #0 PREEMPT(full) [ 670.142119][T27128] Tainted: [L]=SOFTLOCKUP [ 670.143672][T27128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 670.146949][T27128] RIP: 0010:release_mtd_partition+0x71/0x90 [ 670.149009][T27128] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f f6 d9 fb 48 89 df 5b 5d e9 95 f6 d9 fb e8 10 08 79 fb 90 <0f> 0b 90 eb c2 e8 25 b9 e5 fb eb db 48 89 ef e8 1b b9 e5 fb eb a5 [ 670.155623][T27128] RSP: 0018:ffffc90005777818 EFLAGS: 00010293 [ 670.158003][T27128] RAX: 0000000000000000 RBX: ffff888059730000 RCX: ffffffff8b90b0c7 [ 670.161552][T27128] RDX: ffff88803a234a00 RSI: ffffffff868fccf0 RDI: ffff888059730000 [ 670.164160][T27128] RBP: ffff8880597306a0 R08: 0000000000000001 R09: 0000000000000001 [ 670.166677][T27128] R10: 000000000000000b R11: 0000000000000000 R12: 0000000000000000 [ 670.169559][T27128] R13: dffffc0000000000 R14: ffff8880277ffba0 R15: 0000000000000000 [ 670.172666][T27128] FS: 00007f16fcb356c0(0000) GS:ffff8880d64f8000(0000) knlGS:0000000000000000 [ 670.175687][T27128] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 670.178047][T27128] CR2: 0000200000000280 CR3: 0000000012ef5000 CR4: 0000000000352ef0 [ 670.180956][T27128] Call Trace: [ 670.182065][T27128] [ 670.183075][T27128] mtd_release+0xa0/0xd0 [ 670.184508][T27128] ? __pfx_mtd_release+0x10/0x10 [ 670.186066][T27128] device_release+0xd2/0x270 [ 670.187584][T27128] kobject_put+0x1f7/0x640 [ 670.189229][T27128] put_device+0x1f/0x30 [ 670.190811][T27128] add_mtd_device+0xbd7/0x17a0 [ 670.193101][T27128] ? __pfx_add_mtd_device+0x10/0x10 [ 670.195477][T27128] mtd_add_partition+0x30a/0x660 [ 670.197086][T27128] ? __pfx_mtd_add_partition+0x10/0x10 [ 670.198843][T27128] ? __might_fault+0xc5/0x140 [ 670.200394][T27128] ? __might_fault+0xc5/0x140 [ 670.201923][T27128] mtdchar_blkpg_ioctl+0x207/0x250 [ 670.203756][T27128] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 670.205567][T27128] mtdchar_ioctl+0x1670/0x1fd0 [ 670.207121][T27128] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 670.209327][T27128] ? lock_acquire+0x1b1/0x370 [ 670.211233][T27128] ? trace_contention_end+0x122/0x170 [ 670.213448][T27128] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 670.215321][T27128] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 670.216955][T27128] ? __pfx___mutex_lock+0x10/0x10 [ 670.218635][T27128] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 670.220314][T27128] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 670.222216][T27128] __x64_sys_ioctl+0x18e/0x210 [ 670.223862][T27128] do_syscall_64+0x10b/0xf80 [ 670.225423][T27128] ? clear_bhb_loop+0x40/0x90 [ 670.227056][T27128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.229188][T27128] RIP: 0033:0x7f16fbb9c819 [ 670.230852][T27128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.237861][T27128] RSP: 002b:00007f16fcb35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.240626][T27128] RAX: ffffffffffffffda RBX: 00007f16fbe15fa0 RCX: 00007f16fbb9c819 [ 670.243515][T27128] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 670.246378][T27128] RBP: 00007f16fcb35090 R08: 0000000000000000 R09: 0000000000000000 [ 670.249205][T27128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.251759][T27128] R13: 00007f16fbe16038 R14: 00007f16fbe15fa0 R15: 00007fff7c0666b8 [ 670.254427][T27128] [ 670.255509][T27128] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 670.258221][T27128] CPU: 2 UID: 0 PID: 27128 Comm: syz.4.6457 Tainted: G L syzkaller #0 PREEMPT(full) [ 670.261913][T27128] Tainted: [L]=SOFTLOCKUP [ 670.263343][T27128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 670.266531][T27128] Call Trace: [ 670.267666][T27128] [ 670.268705][T27128] dump_stack_lvl+0x100/0x190 [ 670.270604][T27128] vpanic+0x552/0x970 [ 670.272174][T27128] ? __pfx_vpanic+0x10/0x10 [ 670.273963][T27128] panic+0xd1/0xe0 [ 670.275412][T27128] ? __pfx_panic+0x10/0x10 [ 670.276867][T27128] ? check_panic_on_warn+0x1f/0x90 [ 670.278532][T27128] check_panic_on_warn.cold+0x19/0x34 [ 670.280283][T27128] ? release_mtd_partition+0x71/0x90 [ 670.282028][T27128] __warn.cold+0x191/0x328 [ 670.283598][T27128] __report_bug+0x296/0x3d0 [ 670.285200][T27128] ? release_mtd_partition+0x71/0x90 [ 670.287034][T27128] ? __pfx___report_bug+0x10/0x10 [ 670.289106][T27128] ? delete_node+0x20a/0x8f0 [ 670.290728][T27128] ? release_mtd_partition+0x71/0x90 [ 670.292512][T27128] report_bug+0xb2/0x220 [ 670.293947][T27128] ? release_mtd_partition+0x71/0x90 [ 670.295638][T27128] handle_bug+0x16a/0x2a0 [ 670.297068][T27128] exc_invalid_op+0x17/0x50 [ 670.298593][T27128] asm_exc_invalid_op+0x1a/0x20 [ 670.300368][T27128] RIP: 0010:release_mtd_partition+0x71/0x90 [ 670.302604][T27128] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f f6 d9 fb 48 89 df 5b 5d e9 95 f6 d9 fb e8 10 08 79 fb 90 <0f> 0b 90 eb c2 e8 25 b9 e5 fb eb db 48 89 ef e8 1b b9 e5 fb eb a5 [ 670.308959][T27128] RSP: 0018:ffffc90005777818 EFLAGS: 00010293 [ 670.311045][T27128] RAX: 0000000000000000 RBX: ffff888059730000 RCX: ffffffff8b90b0c7 [ 670.313923][T27128] RDX: ffff88803a234a00 RSI: ffffffff868fccf0 RDI: ffff888059730000 [ 670.317604][T27128] RBP: ffff8880597306a0 R08: 0000000000000001 R09: 0000000000000001 [ 670.320329][T27128] R10: 000000000000000b R11: 0000000000000000 R12: 0000000000000000 [ 670.322911][T27128] R13: dffffc0000000000 R14: ffff8880277ffba0 R15: 0000000000000000 [ 670.325430][T27128] ? delete_node+0x417/0x8f0 [ 670.326947][T27128] ? release_mtd_partition+0x70/0x90 [ 670.329228][T27128] ? release_mtd_partition+0x70/0x90 [ 670.331246][T27128] mtd_release+0xa0/0xd0 [ 670.332807][T27128] ? __pfx_mtd_release+0x10/0x10 [ 670.334493][T27128] device_release+0xd2/0x270 [ 670.335977][T27128] kobject_put+0x1f7/0x640 [ 670.337441][T27128] put_device+0x1f/0x30 [ 670.338797][T27128] add_mtd_device+0xbd7/0x17a0 [ 670.340425][T27128] ? __pfx_add_mtd_device+0x10/0x10 [ 670.342418][T27128] mtd_add_partition+0x30a/0x660 [ 670.344304][T27128] ? __pfx_mtd_add_partition+0x10/0x10 [ 670.346163][T27128] ? __might_fault+0xc5/0x140 [ 670.347705][T27128] ? __might_fault+0xc5/0x140 [ 670.349210][T27128] mtdchar_blkpg_ioctl+0x207/0x250 [ 670.350846][T27128] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 670.352807][T27128] mtdchar_ioctl+0x1670/0x1fd0 [ 670.354848][T27128] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 670.356728][T27128] ? lock_acquire+0x1b1/0x370 [ 670.358383][T27128] ? trace_contention_end+0x122/0x170 [ 670.360182][T27128] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 670.361951][T27128] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 670.363572][T27128] ? __pfx___mutex_lock+0x10/0x10 [ 670.365224][T27128] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 670.367077][T27128] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 670.369549][T27128] __x64_sys_ioctl+0x18e/0x210 [ 670.371511][T27128] do_syscall_64+0x10b/0xf80 [ 670.373251][T27128] ? clear_bhb_loop+0x40/0x90 [ 670.374860][T27128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.376760][T27128] RIP: 0033:0x7f16fbb9c819 [ 670.378210][T27128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.384676][T27128] RSP: 002b:00007f16fcb35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.387576][T27128] RAX: ffffffffffffffda RBX: 00007f16fbe15fa0 RCX: 00007f16fbb9c819 [ 670.390112][T27128] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000004 [ 670.392686][T27128] RBP: 00007f16fcb35090 R08: 0000000000000000 R09: 0000000000000000 [ 670.395835][T27128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.398585][T27128] R13: 00007f16fbe16038 R14: 00007f16fbe15fa0 R15: 00007fff7c0666b8 [ 670.401378][T27128] [ 670.403257][T27128] Kernel Offset: disabled [ 670.404658][T27128] Rebooting in 86400 seconds..