last executing test programs:

7m37.127143781s ago: executing program 0 (id=4488):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f0000000940)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000822bd7000fddbdf250c0000000c0001800800080007000000380002800800030001"], 0x58}, 0x1, 0x0, 0x0, 0x20000080}, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500000000000800124000000001050004000000000011000300686173683a69"], 0x60}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m36.785497964s ago: executing program 0 (id=4493):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x0, 0x168, 0x9, 0x11000000, 0xb, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x108, 0x150, 0x0, {0x0, 0x28e}, [@common=@inet=@ipcomp={{0x30}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)

7m36.695718704s ago: executing program 0 (id=4496):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f0000000940)=ANY=[], 0x58}, 0x1, 0x0, 0x0, 0x20000080}, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500000000000800124000000001050004000000000011000300686173683a6970"], 0x60}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000280)=0xffffffffffffffff, 0x4)
sendfile(r4, r2, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

7m36.566693529s ago: executing program 0 (id=4502):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000040)={0x11, 0x0, 0x6c})
read$FUSE(r0, &(0x7f00000057c0)={0x2020}, 0x2020)

7m36.468119819s ago: executing program 0 (id=4503):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x161200, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8}) (async)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x2, 0x0) (async)
waitid(0x0, 0x0, 0x0, 0x2, 0x0)
tkill(r4, 0x13)
writev(r3, &(0x7f0000000800)=[{&(0x7f0000000280)='2', 0x1}], 0x1)
ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000140)=0x5)
fcntl$notify(r2, 0x402, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r3, 0x4068aea3, &(0x7f0000000180)={0xbc, 0x0, 0x6}) (async)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r3, 0x4068aea3, &(0x7f0000000180)={0xbc, 0x0, 0x6})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)

7m36.266025379s ago: executing program 0 (id=4506):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f0000000940)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000822bd7000fddbdf250c0000000c0001800800080007000000380002800800030001"], 0x58}, 0x1, 0x0, 0x0, 0x20000080}, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500000000000800124000000001050004000000000011000300686173683a6970"], 0x60}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m29.415730216s ago: executing program 3 (id=4604):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, 0x0)
read$FUSE(r0, &(0x7f00000057c0)={0x2020}, 0x2020)

7m29.348109716s ago: executing program 3 (id=4605):
mkdir(&(0x7f0000000000)='./file0\x00', 0x16a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1a8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x200001000fff)

7m29.297274205s ago: executing program 3 (id=4607):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f0000000940)=ANY=[@ANYBLOB='X\x00\x00', @ANYRES16=0x0, @ANYBLOB="000822bd7000fddbdf250c0000000c0001800800080007000000380002800800030001"], 0x58}, 0x1, 0x0, 0x0, 0x20000080}, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500000000000800124000000001050004000000000011000300686173683a6970"], 0x60}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836c", 0xf90}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m26.800196702s ago: executing program 3 (id=4613):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x64, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2800000001000000000000005e1affd5020000000900"], 0x7c}}, 0x4000) (async)
mount$overlay(0x0, 0x0, 0x0, 0x800, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) (async)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000040)=@nat={'nat\x00', 0x670, 0x5, 0x468, 0x0, 0x190, 0xffffffff, 0x0, 0x230, 0x3d0, 0x3d0, 0xffffffff, 0x3d0, 0x3d0, 0x5, 0x0, {[{{@ip={@dev={0xac, 0x14, 0x14, 0x32}, @local, 0xff0000ff, 0xffffff00, 'veth1_to_bridge\x00', 'wg1\x00', {}, {}, 0x16}, 0x0, 0x158, 0x190, 0x48, {}, [@common=@ttl={{0x28}, {0x2, 0x4}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@remote, [0xff, 0xffffffff], @ipv4=@private=0xa010102, [0x0, 0xffffff00, 0xff000000, 0xffffffff], @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0xff000000, 0xff, 0xff000000, 0xff], @ipv4=@local, [0xffffffff, 0x0, 0xff], 0x4c8, 0x1, 0x87, 0x4e1b, 0x4e23, 0x4e24, 0x4e21, 0x814, 0x20c0}, 0x80, 0x2}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x5, @rand_addr=0x64010100, @local, @port=0x4e21, @port=0x4e21}}}}, {{@ip={@multicast1, @rand_addr=0x64010101, 0xff, 0xff000000, 'veth1_to_bridge\x00', 'ip6erspan0\x00', {0xff}, {}, 0x11, 0x2, 0x78}, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xfffc, 0xd, 0x1}, {0x2, 0x4, 0x3}, 0x1000, 0x5}}}, {{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x2, @loopback, @empty, @icmp_id=0x68, @port=0x4e22}}}}, {{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@icmp={{0x28}, {0xe, "1542", 0x1}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x0, 0x0, 0x6, 0x0, 0x6, 0x2], 0x6, 0x4}, {0x3, [0x5, 0x0, 0x1, 0x2, 0x0, 0x2], 0x0, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4c8) (async)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) (async, rerun: 32)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x2e}], 0x1}, 0x4006) (rerun: 32)

7m26.717472883s ago: executing program 3 (id=4634):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fbdbdf2512000000080008000100000008000900010000800c00018008000100", @ANYRES32=r4, @ANYBLOB="e459854a581eb902000000"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r5, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x7, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5a, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x89d2, 0x8, 0x20004c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xd, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x40, 0x5, 0x2f, 0x10, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x0, 0xb, 0x4, 0x20009, 0x8, 0x9, 0x9, 0x4a, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x7e, 0x7, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0x0, 0x2000bf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0xffffff49, 0x2004, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x4, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xfffffffe, 0x80000003, 0x9, 0x1, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xffffffff, 0x5, 0x5, 0x8, 0x30b1d693, 0x5, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0xb)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0xb, 0x70bd26, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x3}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x1, 0x0, 0xc, 0x1}}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0xf5}}}}]}]}, 0x68}}, 0x40000)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r7, 0x401c5820, &(0x7f0000000080)={0x8})
r8 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$SG_SET_DEBUG(r8, 0x227e, &(0x7f0000000080)=0x1)

7m26.716572361s ago: executing program 3 (id=4635):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x19, 0x14, "ffb3d741dd17c1ac0d38ef0200000000000000000000000000000000000000000000000000fe00", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xffffffffffffbffe, 0x53e]}})
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000019100)={0x0, 0x0, 0x0, 0x4, 0x2af, 0x0, 0x9, 0x16, 0x19, "8975301576b0cf0900245518580ce0c8bf604cca41f31c108938fcfa393edb69e0bcff0f0000000000000900000000000000d0f08e8ad896ba67a00973defa00", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee41b80000827cc7d24fdc26f2395d702020000e4b8fb1703e47463b969e4", "ca1bf5ff2b4a000000000000008218040000db00", [0xc, 0xfffffffffffffffd]})
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf)

7m21.152826406s ago: executing program 32 (id=4506):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000700)={&(0x7f0000000940)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000822bd7000fddbdf250c0000000c0001800800080007000000380002800800030001"], 0x58}, 0x1, 0x0, 0x0, 0x20000080}, 0x4)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000206010100000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500000000000800124000000001050004000000000011000300686173683a6970"], 0x60}}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m0.042359275s ago: executing program 33 (id=4635):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x19, 0x14, "ffb3d741dd17c1ac0d38ef0200000000000000000000000000000000000000000000000000fe00", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xffffffffffffbffe, 0x53e]}})
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000019100)={0x0, 0x0, 0x0, 0x4, 0x2af, 0x0, 0x9, 0x16, 0x19, "8975301576b0cf0900245518580ce0c8bf604cca41f31c108938fcfa393edb69e0bcff0f0000000000000900000000000000d0f08e8ad896ba67a00973defa00", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee41b80000827cc7d24fdc26f2395d702020000e4b8fb1703e47463b969e4", "ca1bf5ff2b4a000000000000008218040000db00", [0xc, 0xfffffffffffffffd]})
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf)

5m9.556139278s ago: executing program 4 (id=6334):
creat(&(0x7f0000000200)='./file1\x00', 0x16e)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x56fa9599})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0xeda7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x10, 0x0, 0x0, 0x2004cb, 0x3, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2ab, 0x2000000000003ff, 0x2], 0xd000, 0x200306})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x971})
ioctl$KVM_RUN(r2, 0xae80, 0x40000)

5m9.316579332s ago: executing program 4 (id=6344):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c0000001500010028bd7000fcdbdf25e0000001000000000000000000000001fc0000000000000000000000000000014e2300004e2100090a0020a06c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b56b6e00010000000a0010006a"], 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x0)

5m9.31385716s ago: executing program 4 (id=6346):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x56fa9599})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0xeda7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x10, 0x0, 0x0, 0x2004cb, 0x3, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2ab, 0x2000000000003ff, 0x2], 0xd000, 0x200306})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m9.139454321s ago: executing program 4 (id=6353):
r0 = socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f0000000040)='.\x00', 0x2)
r2 = fcntl$getown(r0, 0x9)
ptrace(0x4207, r2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r4, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000cc0)={{r6}, &(0x7f00000007c0), &(0x7f0000000c80)=r3}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x80, 0x24, 0x220, 0x70bd21, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_QUANTUM={0x8, 0x3, 0x9}]}}, @qdisc_kind_options=@q_fq_pie={{0xb}, {0x2c, 0x2, [@TCA_FQ_PIE_ECN={0x8}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x8}, @TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8}, @TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}, @TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x2e}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0xf7}}, @TCA_RATE={0x6, 0x5, {0x81, 0x1}}]}, 0x80}}, 0x4048000)

5m9.076022499s ago: executing program 4 (id=6356):
r0 = socket$key(0xf, 0x3, 0x2)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043c07"], 0xa)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000034000000000080012000007a18208"], 0x50}}, 0x0)

5m8.8061207s ago: executing program 4 (id=6360):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x10)
r1 = accept(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000006c0)="b3915f8983bae828d57feab88cd891d5025016d22e12d69a920c7d5be9513c8cb2", 0x21}], 0x1, &(0x7f0000000880)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4000890}, 0x2)
recvmmsg$unix(r1, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000004c0)=""/207, 0xcf}], 0x1, 0x0, 0x300}}], 0x1, 0x12020, 0x0)

5m8.717538006s ago: executing program 34 (id=6360):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x10)
r1 = accept(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000006c0)="b3915f8983bae828d57feab88cd891d5025016d22e12d69a920c7d5be9513c8cb2", 0x21}], 0x1, &(0x7f0000000880)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4000890}, 0x2)
recvmmsg$unix(r1, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000004c0)=""/207, 0xcf}], 0x1, 0x0, 0x300}}], 0x1, 0x12020, 0x0)

1m42.457115248s ago: executing program 1 (id=9986):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0904000000fff50000000200fffe0900020073797a32000000000900010073797a30000000001800048014000180090001006d617371"], 0x6c}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)

1m42.457007243s ago: executing program 1 (id=9987):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r1, &(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x0)

1m42.37189254s ago: executing program 1 (id=9988):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x0, 0x168, 0x9, 0x0, 0xb, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x108, 0x150, 0x0, {0xc00000000000000, 0x28e}, [@common=@inet=@ipcomp={{0x30}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)

1m42.371748696s ago: executing program 1 (id=9989):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x11}, 0x2000a004)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e21, 0x3, 'rr\x00', 0x1, 0x10000004, 0x8}, 0x2c)
r2 = socket$kcm(0xa, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev, 0xfffffffc}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

1m42.294424827s ago: executing program 1 (id=9990):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {0x0}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_RENAME(r2, 0x0, 0x0)
syz_open_dev$vcsa(0x0, 0x3, 0x200000)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1m42.293823301s ago: executing program 1 (id=9991):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x30, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
sendfile(r1, r0, &(0x7f0000000180)=0x58, 0x3fffff)

1m26.222991163s ago: executing program 35 (id=9991):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x30, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
sendfile(r1, r0, &(0x7f0000000180)=0x58, 0x3fffff)

55.730230127s ago: executing program 6 (id=10558):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f00000000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000009c0)='mem_connect\x00', r0}, 0x18) (async)
openat$dir(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
madvise(&(0x7f0000fe8000/0x2000)=nil, 0x2000, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000340)={0x0, 0x2, 0x4, {0x1, @win={{}, 0x0, 0x6, 0x0, 0x0, 0x0}}, 0x8000}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000007c0)={'dvmrp0\x00', 0x112})

55.398351954s ago: executing program 6 (id=10561):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e04, @dev={0xac, 0x14, 0x14, 0x59}}, 0x10)
shutdown(r0, 0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x40000)

55.398208571s ago: executing program 6 (id=10562):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01040000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000030000000180a0101000b000000000000010000000900020073797a30000000f30800010073797a30"], 0xb8}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$netlink(r3, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000880)={0x10, 0x11, 0x1}, 0x10}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r4=>0x0})
ioctl$VIDIOC_ENUMOUTPUT(r3, 0xc0485630, &(0x7f0000000240)={0x6, "ca7ffe6398279198e1f6da1cb092ea88397c4471091369a109341d5af59fc0a9", 0x1, 0x50d, 0xf, 0x100000, 0x4})
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="08062bbd7000ffdbdf251100000005003300020000000500300001000000080031000100000008000600", @ANYRES32=r4, @ANYBLOB="2ed1e5ccfe5f47a4080032000e0000000a000900000000000000080005002900000000004af797ab8dc45476febbaa1227748921003bf872f94a20a902faa6aab983feda17e19858701af1e858a8a626883113e504c7b667cfa0a3cc27b57434f6c103bdb11daa851db3e91eac253b9886c4094984d621a448ff0ebe80afa85c875306273b9f2973871a4408f195acc62a85336bc55de54bd1558fc254c784d8d6a603db5b2508723602830b340bf34b4b253e9e75236964b202c8d622b29049fb2666219bb531a488025d50c2d8f85eb4018f286f2450f97ecaf3085bb14717a038d92e16ac4afa70dee46db0d1c4400571b89977ad5f4d6fc194e75e150b5cd29a81a0ce444041ace26ee3efa47ab13c311cc0740d"], 0x58}, 0x1, 0x0, 0x0, 0x40010}, 0x4000)

55.310992875s ago: executing program 6 (id=10563):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x36, 0x1, 0x2, 0x25dfdbff, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0) (async)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x36, 0x1, 0x2, 0x25dfdbff, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)={{0x14, 0x10, 0x1, 0x0, 0x2000000}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="58000000020605000000000000000000000000030c000300686173683a6970000900020073797a320000000005000400000000000500050002000000050001000600000014000780080006400000000208000c"], 0x58}}, 0x20000000)

55.309214282s ago: executing program 6 (id=10565):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x300)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1000}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1e}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_USERDATA={0x5, 0xd, 0x1, 0x0, "91"}]}], {0x14, 0x10}}, 0x8c}}, 0x0)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000005c00), r1)
sendmsg$IEEE802154_SET_MACPARAMS(r1, &(0x7f0000005d00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005c40)={0x20, r3, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x84c)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe0b, 0x0, 0x0, 0x0, 0x800000}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x54}}]}, &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newlink={0x38, 0x10, 0x403, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x428a4, 0x2000}, [@IFLA_VF_PORTS={0x4}, @IFLA_IFNAME={0x14, 0x3, 'bridge0\x00'}]}, 0x38}}, 0x20048000)

55.169801105s ago: executing program 6 (id=10568):
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x955a, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r2, {0x3}, {0xffff, 0xe}}}, 0x24}}, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r0, 0xc0305615, &(0x7f0000000080)={0x0, {0x4, 0x200}})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e", 0x24}], 0x1}, 0x0)
socket(0x40000000015, 0x5, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/tcp_syncookies\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e21, 0x3, 'rr\x00', 0x1, 0x10000004, 0x8}, 0x2c)
socket$inet_sctp(0x2, 0x1, 0x84)

31.539462503s ago: executing program 36 (id=10568):
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x955a, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r2, {0x3}, {0xffff, 0xe}}}, 0x24}}, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r0, 0xc0305615, &(0x7f0000000080)={0x0, {0x4, 0x200}})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e", 0x24}], 0x1}, 0x0)
socket(0x40000000015, 0x5, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/tcp_syncookies\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e21, 0x3, 'rr\x00', 0x1, 0x10000004, 0x8}, 0x2c)
socket$inet_sctp(0x2, 0x1, 0x84)

3.677744831s ago: executing program 2 (id=11111):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1e0000006700000008000000ad00000008680100", @ANYRES32=0x1, @ANYBLOB="8100"/20, @ANYBLOB="b1458ebf1667e0183e653c1b9cda856539d04425e5dbcb339c4435c98287b967f7dfb5923c3af9f2f84d7df80d4746646827befd3be47f754917d439272b5902e56388b58683b36e4d5b0767dae682e19d030be0b3a42ac5806446d9ea2891642b026a692cebe728cb8e069f8130f09f17ecf2887a75209963a94fe29620a2dc9c9a3b22adc0544d0bca03fcebc6f71de192fbef29c07386", @ANYRES32, @ANYBLOB="0300000003000000040000000500"/24, @ANYRES32=r0, @ANYBLOB="09307d6a0e148981ad707c8109465f716c65be6e8570487e585dcd7d60c83a6c4c8361062446f4f5bc5c58562c"], 0x50) (async)
mount$overlay(0x0, 0x0, 0x0, 0x800, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0) (async)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) (async)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async)
futex(&(0x7f00000040c0), 0x6, 0x0, 0x0, 0x0, 0x0) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
futex(&(0x7f00000040c0), 0x87, 0x0, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x3438a}, [@IFLA_GSO_MAX_SIZE={0x8, 0x29, 0xd13d}, @IFLA_IFNAME={0x14, 0x3, 'batadv_slave_0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x884}, 0x4004004)

3.677427967s ago: executing program 2 (id=11112):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000008c0), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xc200040, 0x0, 0x8, 0x0, 0x1ff, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008900)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bcd4681f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b2c1ec000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x20, 0x0, 0xf098, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, 0x0, 0x0)

3.025537513s ago: executing program 8 (id=11119):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
r0 = socket(0x25, 0x4, 0xfffffab7)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
dup3(r0, r1, 0x80000)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010044bd7000fedbdf255c00000008000300", @ANYRES32=r5, @ANYBLOB='\b\x00k\x00<\x00\x00\x00'], 0x24}, 0x1, 0x0, 0x0, 0x48851}, 0x800)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/56, 0x304000, 0x0, 0x0, 0x3}, 0x20)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00')
creat(&(0x7f0000000080)='./file0\x00', 0x140)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x3, 0x180, 0x2, 0x10, 0xf1, 0x100000001, 0x1, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbd9], 0xffff1001, 0x43100})
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x2000004, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x7, 0x8000000009, 0x803, 0x0, 0x9], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x3, 0x0, 0x1, 0x5, 0x75, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x4, 0x6, 0x5, 0x7f, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xf000, 0xd000, 0xf, 0x3, 0x16, 0x87, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x0, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x18227000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x42, 0x70}, {0xdddd0000, 0xa000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x91}, {0xeeee0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]})
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000400)}], 0x1}}], 0x1, 0x119e75c40673edef)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.843986463s ago: executing program 8 (id=11120):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000007c0), 0xffffffffffffffff)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000010c0)='hybla', 0x5)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @sack_perm, @window={0x3, 0x3, 0x401}, @window], 0x63)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000890}, 0x0)
read$FUSE(r0, &(0x7f0000002240)={0x2020}, 0x2020)
writev(r0, &(0x7f0000002140)=[{&(0x7f0000000040)='T01\n', 0x4}, {&(0x7f0000000080)="37c80900001200000000c3", 0xb}], 0x2)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$ARCH_GET_GS(0x1e, r4, &(0x7f0000000100), 0x1004)
openat(r0, &(0x7f0000000100)='./file1\x00', 0x204840, 0x1ff)
mount$nfs(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nofsc'])
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
prctl$PR_SET_KEEPCAPS(0x59616d61, 0x1ffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f000000c300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x24, 0x3, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x49}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x7f6}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xbc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x14, 0x14, 0x601, 0x0, 0x0, {0x2b, 0xfa}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

1.80754045s ago: executing program 8 (id=11134):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'dh\x00', 0x1, 0x4, 0x6d}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x80000})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc08c5332, &(0x7f0000000400)={{0x40, 0x3}, 0x0, 0x4, 0x88, {}, 0x0, 0xffff})
dup(0xffffffffffffffff)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x30040043}, 0x240008c4)

1.195825554s ago: executing program 8 (id=11146):
r0 = socket$kcm(0x2, 0x2, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x2, 0x9}, {0x10000002, 0x0, 0x0, 0xc}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
syz_emit_ethernet(0x46, &(0x7f0000000100)=ANY=[], 0x0)
r3 = socket(0x10, 0x2, 0x0)
write(r3, &(0x7f0000000100)="240000001e005f9514f9f407faac470002000000010000000000080008000100000000ff", 0x24)
recvmsg$unix(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r4, 0x10)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001940)='{', 0xffc1}], 0x1}, 0x80d1)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x180008, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
chdir(&(0x7f0000000080)='./file0\x00')
setpgid(r7, r7)
setpgid(0x0, r7)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x800000, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x8802, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x30, r8, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x3}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
recvmmsg(r5, &(0x7f00000002c0), 0x220, 0x100, 0x0)
recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000002200)=""/4096, 0xffc0}], 0x1}, 0x40)

897.449025ms ago: executing program 7 (id=11150):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x2c, 0x7, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

834.534462ms ago: executing program 7 (id=11152):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c0000001500010028bd7000fcdbdf25e000000100000000000000000e000000fc0000000000000000000000000000014e2300004e2100090a0020a06c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b56b6e00010000000a0010006a"], 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x0)

774.96487ms ago: executing program 7 (id=11154):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e04, @dev={0xac, 0x14, 0x14, 0x59}}, 0x10)
shutdown(r1, 0x1)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x40000142, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x28, 0x7, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_RULE_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

774.66066ms ago: executing program 7 (id=11155):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'dh\x00', 0x1, 0x4, 0x6d}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x80000})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc08c5332, &(0x7f0000000400)={{0x40, 0x3}, 0x0, 0x4, 0x88, {}, 0x0, 0xffff})
dup(0xffffffffffffffff)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x30040043}, 0x240008c4)

628.127553ms ago: executing program 5 (id=11156):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000040)={0x0, 0x1, 0x14, 0x7, 0x200, &(0x7f0000003c40)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000810472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478948016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575965be3dc3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc962116c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

555.999285ms ago: executing program 5 (id=11157):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r2, 0x4068aea3, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0xe6e5a000, 0x2000, 0x3, 0xf1, 0x5, 0x81, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0x9000, 0xb, 0x4f, 0x2, 0x7, 0x19, 0x1, 0x81, 0x0, 0x6, 0x5}, {0x8000000, 0x9000, 0xc, 0x5, 0x3, 0x46, 0x2, 0xd, 0x6, 0x6, 0x8, 0x1}, {0x54000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0xeeef0000, 0x0, 0x4, 0x6, 0x3, 0x24, 0x1, 0xff, 0x4, 0x90, 0x1, 0x9}, {0x8000000, 0x4000, 0x0, 0x8, 0x3, 0x0, 0x0, 0xb, 0x9, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40010000, 0x0, 0x80a0000, 0x300, 0x1, 0x2100, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000004c0)={{0x2, 0xe000, 0xa, 0x2, 0x2, 0x2, 0x10, 0xbd, 0x7f, 0x4, 0x4, 0x7}, {0xffff1000, 0x10000, 0x3, 0x2, 0x6, 0x7f, 0x2, 0xf9, 0x5, 0x3, 0x6, 0x9}, {0x6000, 0x25000, 0x9, 0xc, 0x5, 0xff, 0x4, 0x5, 0x8, 0x94, 0x80, 0x2}, {0xb000, 0xeeee8000, 0x9, 0x8, 0x6, 0xeb, 0x23, 0x9, 0x7, 0x1a, 0xf1, 0xd}, {0xeeee8000, 0x200000, 0xb, 0x0, 0x8, 0x2, 0x22, 0xd3, 0xf7, 0x2, 0xa, 0x8}, {0xdddd1000, 0xdddd1000, 0x9, 0xff, 0xc, 0xa, 0x2, 0x6, 0x9, 0x5, 0x0, 0x9}, {0x1, 0x100000, 0x7, 0xb, 0x5, 0x2, 0x1, 0x3, 0x0, 0xb0, 0x1, 0x8c}, {0x6000, 0x26000, 0x0, 0x1, 0xb, 0x20, 0x9, 0x8, 0x40, 0x50, 0x2, 0x8}, {0x4000, 0xa}, {0x58000, 0xe}, 0x100000000, 0x0, 0x3000, 0x6202, 0x0, 0x0, 0xffffffff, [0x6, 0x8, 0x3, 0x95]})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x700, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x3, 0x14, 0x6a, 0x0, 0x0, 0x4, 0x0, @broadcast, @multicast1}}}})
setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000001740)=0x64, 0x1)

348.15373ms ago: executing program 5 (id=11158):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000001080)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x4}}}}}}}}, 0x0)

333.42985ms ago: executing program 5 (id=11159):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
io_setup(0x8, &(0x7f0000000b40)=<r2=>0x0)
io_pgetevents(r2, 0x6, 0x6, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}], &(0x7f00000006c0), 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000001080)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x4}}}}}}}}, 0x0)

330.289671ms ago: executing program 2 (id=11160):
openat$comedi(0xffffff9c, &(0x7f0000000440)='/dev/comedi0\x00', 0x101001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x200005, @empty, 0xa09c}, {0xa, 0x4e21, 0x2, @mcast1, 0x9}, r2, 0x7ffe}}, 0x48)
writev(r0, 0x0, 0x0)

278.356363ms ago: executing program 2 (id=11161):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000000)=0xb)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
setreuid(0x0, 0xee01)
fchdir(r3)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r4, 0x4048aecb, &(0x7f0000000040)=@arm64_ccsidr={0x6020000000110009, &(0x7f0000000300)=0xd8})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

245.47259ms ago: executing program 8 (id=11162):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000001080)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x4}}}}}}}}, 0x0) (fail_nth: 3)

160.303339ms ago: executing program 8 (id=11163):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000023c0), 0x2, 0x0)
r1 = memfd_create(&(0x7f00000012c0)='\\*$,!\x00', 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0xc1105511, &(0x7f0000000040)={0xc, 0x0, 0x40, 0xd, 'syz1\x00', 0x4000000})
ioctl$BLKFLSBUF(r2, 0x1261, &(0x7f0000000100)=0x1000)
lseek(r1, 0x9, 0x1)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)={0x56fa9599})
syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty=0xe000, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0xe000, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0xeda7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x10, 0x0, 0x0, 0x2004cb, 0x3, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2ab, 0x2000000000003ff, 0x2], 0xd000, 0x200306})
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="010000000300000004000000ff07000001"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e3793dba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007df3a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff18e0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5000000008d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6d49cba517b0563c14fcd6ba38ef32bc48a00643416d7e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a203c991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0xfffffffffffffd8a, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r6}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x401, r6, 0x0, 0x100000000000000}, 0x38) (fail_nth: 91)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
setsockopt$inet_udp_int(r7, 0x11, 0x65, &(0x7f0000000680)=0x6, 0x4)
sendmmsg$inet(r7, &(0x7f0000000600)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

158.781256ms ago: executing program 7 (id=11164):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000000)=0x200, 0x4)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x800)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000080)={"b6ddf1ff", 0xfff3, 0x8, 0x1, 0x8, 0x3ff, "800f24ee0b61488aa379287f1a86e5", "b03023b2", "58381a11", "a4f6c95b", ["1c5f8fe7c4645f44b0815fc8", "f71933bdf622d4d55637365c", "3d04a7dba8ac5cba34b4b561", "dcc2e752a7dea316e903da46"]})
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000100)=0xfffffffe)
r2 = syz_open_dev$cec(&(0x7f0000000140), 0x0, 0xb0003)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_ABORT_SCAN(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r4, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x0, 0x6f}}}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x810}, 0x841)
ioctl$BTRFS_IOC_SPACE_INFO(r2, 0xc0109414, &(0x7f0000000300)={0xa4c, 0x8, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
ioctl$AUTOFS_IOC_PROTOVER(r3, 0x80049363, &(0x7f000000fa40))
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f000000fac0), r3)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r3, &(0x7f0000010140)={&(0x7f000000fa80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000010100)={&(0x7f000000fb00)={0x5dc, r6, 0x2, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1000, 0x80}}}}, [@NL80211_ATTR_TX_RATES={0x114, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x7ff, 0x2, 0x8, 0x8, 0xef, 0x0, 0x6]}}]}, @NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x14, 0x1, [0xc, 0xc, 0x48, 0x21, 0x30, 0x16, 0xc, 0xc, 0x18, 0x3, 0x36, 0x56, 0x35, 0x6c, 0x1b, 0x3]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x17, 0x2, [{0x0, 0x8}, {0x0, 0x3}, {0x5, 0x8}, {0x2, 0x6}, {0x1, 0x8}, {0x0, 0x5}, {0x6, 0x1}, {0x0, 0x6}, {0x1, 0x7}, {0x1, 0x9}, {0x5, 0x7}, {0x6, 0x3}, {0x2, 0x9}, {0x1, 0x6}, {0x0, 0x8}, {0x1, 0x4}, {0x6, 0x7}, {0x3, 0x6}, {0x6, 0x6}]}]}, @NL80211_BAND_5GHZ={0x70, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff, 0x353, 0x400, 0x200, 0x100, 0x4, 0x101, 0xa84b]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x4, 0x4, 0x30, 0x24, 0x12, 0x24, 0x60, 0x60, 0x1b, 0x6c, 0x60, 0x6, 0x30, 0x69, 0x1, 0x6c, 0x1, 0x4, 0x60, 0x1, 0x36, 0x16, 0x4, 0x5]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x24, 0x9, 0x16, 0x1b, 0x1b, 0x24, 0x4, 0xb, 0x16, 0xc, 0x48, 0x12, 0x36, 0x30, 0x30, 0x16, 0x24, 0x12, 0xc, 0x30, 0x1b, 0x1]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xa, 0x0, 0xa, 0x5, 0x4, 0x7, 0x6, 0x37]}}, @NL80211_TXRATE_HE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x1a8, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xb4, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xea, 0x4, 0x0, 0x3c1, 0x3, 0xabde, 0x9, 0x7]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x40, 0x9, 0xf0, 0x7, 0x22, 0x9, 0x18]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff, 0x97e3, 0x3, 0x7, 0xa, 0x0, 0x401, 0xe]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x46, 0x2, [{0x4, 0xa}, {0x4, 0x7}, {0x7, 0x2}, {0x1, 0x6}, {0x1, 0x2}, {0x0, 0xa}, {0x4}, {0x0, 0x7}, {0x7, 0xa}, {0x1, 0x4}, {0x5, 0x3}, {0x1}, {0x6, 0x9}, {0x3, 0xa}, {0x7, 0x8}, {0x2, 0x7}, {0x7, 0x9}, {0x7, 0x6}, {0x7}, {0x5, 0x4}, {0x3, 0x7}, {0x5, 0x8}, {0x0, 0x2}, {0x2, 0x2}, {0x6, 0x3}, {0x4}, {0x0, 0x8}, {0x0, 0x7}, {0x6, 0x3}, {0x5, 0x3}, {0x2, 0x3}, {0x5, 0x5}, {0x0, 0x5}, {0x2, 0x4}, {0x7, 0x8}, {0x6}, {0x6, 0x4}, {0x3, 0xa}, {0x7, 0x9}, {0x4, 0x3}, {0x1, 0x1}, {0x2, 0x4}, {0x1, 0x7}, {0x0, 0xa}, {0x3, 0x3}, {0x0, 0xa}, {0x7}, {0x7, 0xa}, {0x6, 0x2}, {0x6, 0x5}, {0x1, 0x2}, {0x0, 0x1}, {0x1, 0xa}, {0x4, 0x9}, {0x5, 0x4}, {0x1, 0x6}, {0x5, 0x3}, {0x7, 0x8}, {0x1, 0x1}, {}, {0x1, 0x6}, {0x2}, {0x1, 0x6}, {0x3, 0x8}, {0x4, 0xa}, {0x4, 0x3}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xfeff, 0x3, 0x6, 0x5, 0x5, 0x100, 0x7]}}]}, @NL80211_BAND_6GHZ={0x30, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x9, 0x1, [0x5, 0x0, 0x48, 0x1f, 0x6c]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x2, 0xc, 0x4, 0x16, 0x60, 0x6, 0x9, 0x1b, 0x18, 0x1b, 0x4, 0x16, 0x60, 0x60, 0x1, 0x48, 0xc, 0x12, 0x48, 0x4, 0x6, 0x48, 0x16, 0x5, 0xb, 0x13, 0x6c, 0x24]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x2, 0x0, 0x4, 0xd1, 0xa62, 0x5, 0x6]}}]}, @NL80211_BAND_5GHZ={0x84, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x401, 0x8f, 0x7, 0x1, 0x7, 0x9, 0x7ff, 0x8]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x7, 0xf, 0x6, 0x2, 0x7fff, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0xf, 0x1, [0x1, 0x9, 0x5, 0x12, 0xb, 0x18, 0x6c, 0x18, 0xc, 0x6, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x5, 0x7, 0x5, 0x9, 0x58, 0xe]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x9, 0x3, 0x9, 0x9, 0x1000, 0x8, 0x1]}}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x10, 0x2, [{0x6, 0x6}, {0x7, 0x9}, {0x0, 0x8}, {0x0, 0x5}, {0x0, 0x8}, {0x4, 0x5}, {0x6, 0x9}, {0x0, 0x4}, {0x3, 0x3}, {0x0, 0x9}, {0x6, 0x2}, {0x1, 0x9}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0x184, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x8, 0x2, 0x1, 0x8000, 0x3, 0x3, 0x7fff]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x2c, 0x2, [{0x5, 0x4}, {0x4, 0x8}, {0x2}, {0x1, 0x8}, {0x0, 0x2}, {0x1, 0x3}, {0x1, 0x8}, {0x4, 0xa}, {0x4, 0xa}, {0x5, 0x8}, {0x0, 0x6}, {0x4, 0x4}, {0x0, 0x1}, {0x4, 0xa}, {0x6, 0x6}, {0x2, 0x7}, {0x6, 0x1}, {0x7, 0x1}, {0x0, 0x8}, {0x5}, {0x1, 0x6}, {0x2, 0x6}, {0x4, 0x6}, {0x0, 0x2}, {0x2, 0x6}, {0x0, 0x7}, {0x6}, {0x1, 0xa}, {0x7, 0x9}, {0x2, 0x8}, {0x6, 0xa}, {0x3, 0x7}, {0x6, 0x4}, {0x4, 0x5}, {0x5, 0x5}, {0x2, 0x2}, {0x2}, {0x1, 0x5}, {0x5, 0x5}, {0x4, 0x3}]}, @NL80211_TXRATE_HT={0x48, 0x2, [{0x0, 0x4}, {0x5, 0x6}, {0x2, 0x6}, {0x3, 0x4}, {0x2, 0xa}, {0x3, 0x2}, {0x3, 0x1}, {0x4, 0x4}, {0x5, 0x4}, {0x4}, {0x5, 0x1}, {0x1, 0xa}, {0x0, 0x7}, {0x0, 0x6}, {0x0, 0xa}, {0x2, 0x9}, {0x1, 0x3}, {0x0, 0x8}, {0x0, 0x3}, {0x7, 0x4}, {0x1, 0x3}, {0x3}, {0x0, 0x5}, {0x6, 0x5}, {0x4, 0xa}, {0x6, 0x9}, {0x5, 0x1}, {0x0, 0x9}, {0x7, 0x6}, {0x2, 0x6}, {0x7, 0x9}, {0x3, 0x6}, {0x6, 0x8}, {0x7, 0x7}, {0x0, 0x7}, {0x0, 0x2}, {0x4, 0x7}, {0x4, 0x5}, {0x0, 0x2}, {0x5, 0x7}, {0x1, 0x8}, {0x4, 0x9}, {0x5, 0x6}, {0x2, 0xa}, {0x3}, {0x2, 0x7}, {0x0, 0x3}, {0x4, 0x1}, {0x2, 0x9}, {0x0, 0x4}, {0x1, 0x5}, {0x6, 0x3}, {0x0, 0x4}, {0x0, 0x7}, {0x2, 0x5}, {0x1}, {0x6}, {0x1, 0x4}, {0x4, 0xa}, {0x2, 0x5}, {0x1, 0x2}, {0x4, 0x6}, {0x2, 0x3}, {0x1, 0x8}, {0x3, 0x9}, {0x6, 0x1}, {0x2, 0x5}, {0x6, 0x6}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x36, 0x4, 0x12, 0x36, 0xb, 0x1, 0x60, 0x60, 0x0]}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0xc, 0x2, [{0x1, 0x7}, {0x7, 0x2}, {0x1, 0x4}, {0x4, 0x8}, {0x3, 0x8}, {0x3, 0x5}, {0x1, 0x8}, {0x4, 0x5}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x2, 0x7}, {0x0, 0x7}, {0x7, 0x7}, {0x7}, {0x5, 0x4}, {0x1, 0x5}, {0x7, 0x8}, {0x7, 0x4}, {0x1, 0x3}, {0x1, 0x1}, {}, {0x1, 0x2}, {0x1, 0x6}, {0x7, 0x2}, {0x3, 0x6}, {0x2, 0x1}, {0x3, 0x7}, {0x7, 0x6}, {0x3, 0x9}, {0x6, 0xa}, {0x1, 0x4}, {0x5, 0x4}, {0x7, 0x7}, {0x0, 0x3}, {0x6, 0x5}, {0x0, 0x7}, {0x5, 0x1}, {0x1, 0x5}, {0x2, 0x7}, {0x3, 0xa}, {0x7, 0x6}, {0x1, 0x8}, {0x4}, {0x0, 0x9}, {0x3, 0x5}, {0x6, 0x9}, {0x7}, {0x1, 0x2}, {0x3}, {0x0, 0x6}, {0x2, 0x2}, {0x0, 0x8}, {0x5, 0x3}, {0x5, 0xa}, {0x7, 0x1}, {0x7, 0x1}, {0x1, 0x1}, {0x4, 0xa}, {0x5, 0x5}, {0x4, 0x1}, {0x0, 0x6}, {0x5, 0x1}, {0x0, 0x1}, {0x4}, {0x1, 0x5}, {0x5}, {0x7, 0x4}, {0x4, 0x2}, {0x4, 0x9}, {0x4, 0x1}, {0x4, 0xa}, {0x6, 0x2}, {0x7, 0x9}, {0x5, 0x4}, {0x2, 0x8}, {0x3, 0x3}, {0x2, 0x4}, {0x2, 0x4}, {0x3, 0x3}, {0x7, 0x4}, {0x6, 0x5}, {0x1, 0x3}, {0x0, 0xa}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0xb, 0x6, 0x12, 0xc, 0x24, 0x4, 0x6c, 0xc05abb4a98ed0f84, 0x6, 0x1b, 0x6c, 0x18, 0x5, 0x6, 0x5, 0x2, 0x3, 0x4, 0x6c, 0x6, 0x5, 0x18, 0x1, 0x18, 0x60, 0x3, 0x48, 0xf57c3e4ccb4d1222, 0xc, 0x1b]}]}, @NL80211_BAND_60GHZ={0x30, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3ff, 0x5, 0x700, 0x4, 0x8, 0x8, 0x6, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xd8, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x88, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xd, 0x1, [0xc, 0x9, 0x16, 0x36, 0x16, 0x42, 0x2, 0xc, 0x36]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x8, 0x2, 0x8, 0x4, 0x401, 0xfff8, 0xfff]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xd, 0x2, 0x88, 0x3b54, 0xfffe, 0x2, 0x0, 0x101]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x4, 0x60, 0x16, 0x6, 0xc, 0x2, 0x6c, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x10, 0xb, 0x2, 0x512, 0x5, 0x2, 0x12cb]}}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x6, 0x7}, {0x5, 0x8}, {0x4, 0x7}, {0x6}, {0x4, 0x1}, {0x0, 0x2}, {0x0, 0xa}, {0x1, 0x9}, {}, {0x2, 0x2}, {0x3, 0x8}]}, @NL80211_TXRATE_HT={0x8, 0x2, [{0x1, 0x5}, {0x7, 0x7}, {0x2, 0x6}, {0x1, 0x1}]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_5GHZ={0x4c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xb8, 0xf1, 0xffff, 0x0, 0x3, 0x7fff, 0x1000, 0x401]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x6, 0x0, 0x3, 0x4, 0x4, 0x7ff, 0x100]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_ATTR_TX_RATES={0xa4, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x6, 0x1, [0x16, 0x29]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xfffb, 0x0, 0xcf79, 0x4, 0x9, 0xff, 0x800, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x17, 0x2, [{0x5, 0x9}, {0x7, 0x7}, {0x2, 0x2}, {0x6, 0x1}, {0x1, 0x5}, {0x4, 0x3}, {0x1, 0x4}, {0x4}, {0x7, 0x7}, {0x2, 0xa}, {0x7}, {0x4, 0x7}, {0x4, 0x9}, {0x3, 0x8}, {0x1, 0x9}, {0x1}, {0x2, 0x2}, {0x4, 0x8}, {0x3, 0x5}]}, @NL80211_TXRATE_HT={0x48, 0x2, [{0x7, 0x8}, {0x3, 0x5}, {0x0, 0x5}, {0x0, 0x8}, {0x6, 0x6}, {0x1}, {0x1, 0x2}, {0x3, 0x2}, {0x1, 0x1}, {0x3, 0x3}, {0x3, 0x1}, {0x6, 0x2}, {0x0, 0x7}, {0x4, 0x2}, {0x1, 0x5}, {0x2, 0xa}, {0x2, 0x6}, {0x0, 0x1}, {0x6, 0x2}, {0x7}, {0x3, 0x9}, {0x1, 0x1}, {0x0, 0x9}, {0x2, 0x8}, {0x5, 0x9}, {0x3, 0x1}, {0x3, 0x9}, {0x2}, {0x4, 0x1}, {0x7, 0x9}, {0x1, 0x2}, {0x1, 0x1}, {0x1}, {0x3, 0x5}, {0x7, 0x7}, {0x1}, {0x3, 0x7}, {0x1}, {0x7}, {0x3, 0x3}, {0x1, 0x6}, {0x0, 0x1}, {0x0, 0x1}, {0x6, 0x5}, {0x6, 0xa}, {0x7, 0x2}, {0x3, 0x5}, {0x3, 0x3}, {0x0, 0x6}, {0x4, 0x8}, {0x3, 0xa}, {0x6, 0x1}, {0x2, 0x9}, {0x4, 0x4}, {0x0, 0x3}, {0x1, 0x8}, {0x0, 0x9}, {0x1, 0x2}, {0x7, 0x6}, {0x0, 0xa}, {0x5, 0x6}, {0x7, 0x4}, {0x3, 0xa}, {0x2, 0x1}, {0x0, 0xa}, {0x1}, {0x0, 0x2}, {0x1, 0x3}]}]}]}]}, 0x5dc}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$CEC_ADAP_G_PHYS_ADDR(r2, 0x80026101, &(0x7f0000010180))
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000010200)={0x7, &(0x7f00000101c0)=[{0x7b6, 0x0, 0x1, 0x4}, {0x3, 0x0, 0xb5, 0x9}, {0x2, 0x4, 0x4}, {0x1, 0x8, 0x5, 0x7}, {0x7, 0x0, 0xab, 0xa7b8}, {0x7, 0xf8, 0x4}, {0xa00, 0x15, 0x4, 0x7}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000010240)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r7, 0x40182103, &(0x7f00000102c0)={r8, 0x2, r3, 0xf})
r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000010300), 0x4)
write(r9, &(0x7f0000010340)="a90fd83c57d0d85248d74b3bd89aa1ed806a7b788adc96bf094dd707b9b931d290f5ff1a526912abc9b07e08841b7d99ff199646fe8c1f64eb258805a88080e7a3917bdd006991d7198676c902f501fefc60f172fa5bcb9a77566dcaf7ab16d3fda0ecd02b93743a8ccbf1265b0dd41e14087ab360837afd9a5ce109cacb4df791254419e99b44eb1b48a39bc53d875c14fb2cb07e84c0a8a7223bd78fbef0571c9100c9a69a52109a9fdd169b19a6bc9588b61b97bf461055a88c9317b1262e133dee4172cf862130d835406b4d7072d030988d2214f359f0c3b10a81aac6889c8e14a2d6706cf335d1", 0xea)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000010440)={"38e121fd", 0x6, 0x6, 0x4, 0x3, 0x0, "66df21bf95c2cea895b4695ac5fb7f", "ac511b71", "f01f48e9", "3b0b3016", ["2c54deb59df5fc7a88d658fa", "6f51cbe9eb3de2b171893fbf", "65ca02d6f11707e6e3bc2a6d", "2d43b7c70d3b05c6c0c2fe30"]})
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f00000105c0)={&(0x7f00000104c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000010580)={&(0x7f0000010500)={0x4c, 0x0, 0x8, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x26}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x18}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44401}, 0x2000c005)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000010640), r3)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000010700)={&(0x7f0000010600)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000106c0)={&(0x7f0000010680)={0x3c, r10, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7fffffff}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xed47}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4010)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000010780), r3)
sendmsg$TIPC_NL_LINK_SET(r9, &(0x7f0000010840)={&(0x7f0000010740)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000010800)={&(0x7f00000107c0)={0x14, r11, 0x4, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x0)
r12 = openat2$dir(0xffffffffffffff9c, &(0x7f0000010880)='./file0\x00', &(0x7f00000108c0)={0x284000, 0x100, 0x1}, 0x18)
mkdirat(r12, &(0x7f0000010900)='./file0\x00', 0x100)
r13 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_elf64(r13, &(0x7f0000010940)={{0x7f, 0x45, 0x4c, 0x46, 0x10, 0x2, 0x2, 0x8, 0x6, 0x2, 0x3, 0x1ff, 0x0, 0x40, 0x209, 0x9, 0xe, 0x38, 0x1, 0xf, 0x2, 0x3}, [{0x5, 0xe6, 0x10, 0x4, 0x4, 0x8000000000000000, 0x6, 0xd}], "45b05d91d70bccaec1278389875e1f43c409b33661ed2408bd4e2f70912e745f81bb6d6c2960d7e572919d2d4f0af972c75d111849d4621883aa6f87d2b57a63a06e46353a8162ba46823b4098e515c8764b1e86dc07c6087ea3df24b00e6399a8530749ca2152366287d52deaa48089212f8615801821cbdd5c0084b7f67cd0a593a9775dd46425e2f067e502abd15cd7267895", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xb0c)

158.574107ms ago: executing program 5 (id=11165):
timer_create(0x7, 0x0, &(0x7f0000000740))
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xc8)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

85.67937ms ago: executing program 2 (id=11166):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r1, &(0x7f00000003c0)=[{&(0x7f0000000000)="7706", 0x2}, {0x0}, {0x0}, {&(0x7f0000000300)}], 0x4, 0x0, 0x7f)

84.412304ms ago: executing program 5 (id=11167):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000340), 0x80000, 0x0)
ioctl$CDROMEJECT_SW(r1, 0x5323, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000000)={0x3, 0x3}, 0x0)
pipe2(0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket(0x1e, 0x5, 0x0)
listen(r3, 0x2000)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0xd, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x200004}, 0x1c)
sendto$inet6(r7, &(0x7f00000002c0)="96145a57a34fe123d9c0d265f384cbbcffda38af0189de6d4e8a514eff2bdf8cdf6d1de07d0f13598cc709000000000000002e02301c372bcf06440b07f7b91684abf04b52fafd1b8e", 0x49, 0x44, &(0x7f0000000200)={0xa, 0x4e23, 0xffffffff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c)
shutdown(r7, 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x2}, 0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000003c0)='./binderfs2/binder0\x00', 0x801, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x138b, 0x3})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x5c, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x20}]}, 0x5c}, 0x1, 0x0, 0x0, 0x404c451}, 0x8000)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e00000010000000000000000000000000000000174684941c32d8dfbb73317a2058a0001000000000000000000000000000a00000000", @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="00000000000000000000000000004000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000440005"], 0xfc}}, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000004c0)={0x14, 0x0, &(0x7f0000000500)=[@increfs_done={0x40106308, 0x1, 0xfc}], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs2/binder1\x00', 0x2, 0x0)

83.808921ms ago: executing program 7 (id=11168):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x56fa9599})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0xeda7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x10, 0x0, 0x0, 0x2004cb, 0x3, 0x100000000000000, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2ab, 0x2000000000003ff, 0x2], 0xd000, 0x200306})
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x971})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 53)

0s ago: executing program 2 (id=11169):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000008c0), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xc200040, 0x0, 0x8, 0x0, 0x1ff, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008900)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bcd4681f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b2c1ec000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x20, 0x0, 0xf098, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, &(0x7f0000000140)=[{&(0x7f00000000c0)="3f914a51007da1592d17906c2a147286d366", 0x12}], 0x1)

kernel console output (not intermixed with test programs):

1] lowmem_reserve[]: 0 0 0 0 0
[  794.157435][T19251] Node 0 DMA: 1*4kB (U) 2*8kB (U) 0*16kB 2*32kB (U) 2*64kB (U) 2*128kB (U) 0*256kB 1*512kB (U) 2*1024kB (U) 2*2048kB (UM) 0*4096kB = 7124kB
[  794.162090][T19251] Node 0 DMA32: 2256*4kB (UME) 2161*8kB (UME) 3411*16kB (UME) 492*32kB (UME) 129*64kB (UME) 77*128kB (UME) 37*256kB (UME) 14*512kB (UM) 6*1024kB (UM) 2*2048kB (M) 0*4096kB = 141624kB
[  794.170219][T19251] Node 1 Normal: 27*4kB (UME) 40*8kB (UME) 49*16kB (UME) 104*32kB (UME) 99*64kB (UME) 46*128kB (UME) 32*256kB (UE) 34*512kB (UM) 27*1024kB (UE) 23*2048kB (UM) 324*4096kB (UM) = 1444220kB
[  794.176251][T19251] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  794.179536][T19251] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  794.182501][T19251] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  794.187063][T19251] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  794.190085][T19251] 88439 total pagecache pages
[  794.191632][T19251] 0 pages in swap cache
[  794.193055][T19251] Free swap  = 124996kB
[  794.194894][T19251] Total swap = 124996kB
[  794.196384][T19251] 1048443 pages RAM
[  794.197579][T19251] 0 pages HighMem/MovableOnly
[  794.199106][T19251] 282812 pages reserved
[  794.200484][T19251] 0 pages cma reserved
[  794.273752][T19282] SELinux:  policydb magic number 0x11c does not match expected magic number 0xf97cff8c
[  794.277907][T19282] SELinux: failed to load policy
[  794.654701][T19325] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10749'.
[  794.787229][T19329] create_pit_timer: 3 callbacks suppressed
[  794.787239][T19329] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  794.796938][T19329] FAULT_INJECTION: forcing a failure.
[  794.796938][T19329] name failslab, interval 1, probability 0, space 0, times 0
[  794.801005][T19329] CPU: 3 UID: 0 PID: 19329 Comm: syz.7.10750 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  794.801038][T19329] Tainted: [L]=SOFTLOCKUP
[  794.801043][T19329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  794.801050][T19329] Call Trace:
[  794.801056][T19329]  <TASK>
[  794.801063][T19329]  dump_stack_lvl+0x16c/0x1f0
[  794.801085][T19329]  should_fail_ex+0x512/0x640
[  794.801099][T19329]  ? kmem_cache_alloc_noprof+0x62/0x770
[  794.801112][T19329]  should_failslab+0xc2/0x120
[  794.801127][T19329]  kmem_cache_alloc_noprof+0x83/0x770
[  794.801139][T19329]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  794.801157][T19329]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  794.801178][T19329]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  794.801200][T19329]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  794.801227][T19329]  ? _raw_spin_unlock+0x28/0x50
[  794.801244][T19329]  mmu_topup_memory_caches+0x25/0x170
[  794.801260][T19329]  kvm_mmu_load+0xd6/0x2390
[  794.801273][T19329]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  794.801296][T19329]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  794.801319][T19329]  ? vmx_get_rflags+0x100/0x420
[  794.801335][T19329]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  794.801352][T19329]  ? __pfx_kvm_mmu_load+0x10/0x10
[  794.801364][T19329]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  794.801383][T19329]  ? kvm_check_and_inject_events+0x63d/0x1050
[  794.801401][T19329]  vcpu_run+0x39d2/0x5a80
[  794.801421][T19329]  ? __pfx_vcpu_run+0x10/0x10
[  794.801439][T19329]  ? rcu_is_watching+0x12/0xc0
[  794.801453][T19329]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  794.801466][T19329]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  794.801484][T19329]  kvm_vcpu_ioctl+0x76d/0x16d0
[  794.801503][T19329]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  794.801521][T19329]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  794.801535][T19329]  ? do_vfs_ioctl+0x128/0x14f0
[  794.801564][T19329]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  794.801577][T19329]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  794.801600][T19329]  ? hook_file_ioctl_common+0x144/0x410
[  794.801618][T19329]  ? selinux_file_ioctl+0x180/0x270
[  794.801635][T19329]  ? selinux_file_ioctl+0xb4/0x270
[  794.801653][T19329]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  794.801671][T19329]  __x64_sys_ioctl+0x18e/0x210
[  794.801685][T19329]  do_syscall_64+0xcd/0xf80
[  794.801728][T19329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.801741][T19329] RIP: 0033:0x7f5cc298f7c9
[  794.801751][T19329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.801762][T19329] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  794.801774][T19329] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  794.801781][T19329] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  794.801787][T19329] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  794.801794][T19329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  794.801800][T19329] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  794.801815][T19329]  </TASK>
[  794.934246][T19329] picdev_read: 5 callbacks suppressed
[  794.934307][T19329] kvm: pic: non byte read
[  794.939121][T19329] kvm: pic: non byte read
[  794.941662][T19329] kvm: pic: non byte read
[  794.944766][T19329] kvm: pic: non byte read
[  794.947181][T19329] kvm: pic: level sensitive irq not supported
[  794.947466][T19329] kvm: pic: non byte read
[  795.225758][T19355] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  795.232869][T19355] FAULT_INJECTION: forcing a failure.
[  795.232869][T19355] name failslab, interval 1, probability 0, space 0, times 0
[  795.239520][T19355] CPU: 3 UID: 0 PID: 19355 Comm: syz.2.10755 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  795.239538][T19355] Tainted: [L]=SOFTLOCKUP
[  795.239542][T19355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  795.239549][T19355] Call Trace:
[  795.239561][T19355]  <TASK>
[  795.239566][T19355]  dump_stack_lvl+0x16c/0x1f0
[  795.239629][T19355]  should_fail_ex+0x512/0x640
[  795.239650][T19355]  ? kmem_cache_alloc_noprof+0x62/0x770
[  795.239664][T19355]  should_failslab+0xc2/0x120
[  795.239679][T19355]  kmem_cache_alloc_noprof+0x83/0x770
[  795.239690][T19355]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  795.239708][T19355]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  795.239729][T19355]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  795.239748][T19355]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  795.239771][T19355]  ? _raw_spin_unlock+0x28/0x50
[  795.239789][T19355]  mmu_topup_memory_caches+0x25/0x170
[  795.239804][T19355]  kvm_mmu_load+0xd6/0x2390
[  795.239817][T19355]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  795.239834][T19355]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  795.239850][T19355]  ? vmx_get_rflags+0x100/0x420
[  795.239866][T19355]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  795.239882][T19355]  ? __pfx_kvm_mmu_load+0x10/0x10
[  795.239894][T19355]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  795.239913][T19355]  ? kvm_check_and_inject_events+0x63d/0x1050
[  795.239930][T19355]  vcpu_run+0x39d2/0x5a80
[  795.239950][T19355]  ? __pfx_vcpu_run+0x10/0x10
[  795.239968][T19355]  ? rcu_is_watching+0x12/0xc0
[  795.239982][T19355]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  795.239995][T19355]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  795.240017][T19355]  kvm_vcpu_ioctl+0x76d/0x16d0
[  795.240036][T19355]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  795.240054][T19355]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  795.240069][T19355]  ? do_vfs_ioctl+0x128/0x14f0
[  795.240082][T19355]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  795.240094][T19355]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  795.240119][T19355]  ? hook_file_ioctl_common+0x144/0x410
[  795.240137][T19355]  ? selinux_file_ioctl+0x180/0x270
[  795.240154][T19355]  ? selinux_file_ioctl+0xb4/0x270
[  795.240172][T19355]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  795.240190][T19355]  __x64_sys_ioctl+0x18e/0x210
[  795.240204][T19355]  do_syscall_64+0xcd/0xf80
[  795.240222][T19355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.240234][T19355] RIP: 0033:0x7f5e2bd8f7c9
[  795.240243][T19355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.240256][T19355] RSP: 002b:00007f5e2cb8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  795.240273][T19355] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8f7c9
[  795.240284][T19355] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  795.240294][T19355] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  795.240307][T19355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  795.240318][T19355] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  795.240345][T19355]  </TASK>
[  795.243082][T19355] kvm: pic: non byte read
[  795.354781][T19355] kvm: pic: single mode not supported
[  795.354793][T19355] kvm: pic: level sensitive irq not supported
[  795.357170][T19355] kvm: pic: non byte read
[  795.362339][T19355] kvm: pic: non byte read
[  795.366360][T19355] kvm: pic: non byte read
[  795.368855][T19355] kvm: pic: level sensitive irq not supported
[  795.369153][T19355] kvm: pic: non byte read
[  795.398305][T19362] fuse: Unknown parameter 'group_i00000000000000000000'
[  795.436820][T19306] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  795.460439][T19366] Device name not specified.
[  795.460439][T19366] 
[  795.554116][T19372] SELinux: failed to load policy
[  795.623959][T19384] netlink: 48 bytes leftover after parsing attributes in process `syz.7.10764'.
[  795.753442][T19409] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10768'.
[  795.754285][T19406] fuse: Unknown parameter 'group_id00000000000000000000'
[  795.756970][T19378] kvm: requested 180190 ns i8254 timer period limited to 200000 ns
[  795.762426][T19378] kvm: requested 56990 ns i8254 timer period limited to 200000 ns
[  795.766475][T19378] kvm: requested 148342 ns i8254 timer period limited to 200000 ns
[  795.774732][T19378] kvm: requested 167619 ns i8254 timer period limited to 200000 ns
[  795.792899][T19378] kvm: requested 188571 ns i8254 timer period limited to 200000 ns
[  795.797362][T19378] kvm: requested 165942 ns i8254 timer period limited to 200000 ns
[  795.799492][T19378] kvm: requested 77942 ns i8254 timer period limited to 200000 ns
[  795.801656][T19378] kvm: requested 102247 ns i8254 timer period limited to 200000 ns
[  795.890823][T19417] fuse: Bad value for 'fd'
[  795.949563][   T34] usb 7-1: new high-speed USB device number 76 using dummy_hcd
[  796.001496][T19424] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10771'.
[  796.092589][T19436] loop5: detected capacity change from 0 to 7
[  796.100908][T28094] Dev loop5: unable to read RDB block 7
[  796.103027][T28094]  loop5: unable to read partition table
[  796.104974][T28094] loop5: partition table beyond EOD, truncated
[  796.115611][T19436] Dev loop5: unable to read RDB block 7
[  796.117973][T19436]  loop5: unable to read partition table
[  796.119988][T19436] loop5: partition table beyond EOD, truncated
[  796.126058][T19436] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  796.133662][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  796.136387][   T34] usb 7-1: can't read configurations, error -61
[  796.281655][ T5951] Bluetooth: hci1: command tx timeout
[  796.302411][   T34] usb 7-1: new high-speed USB device number 77 using dummy_hcd
[  796.384641][T19478] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10782'.
[  796.413100][T19472] FAULT_INJECTION: forcing a failure.
[  796.413100][T19472] name failslab, interval 1, probability 0, space 0, times 0
[  796.418343][T19472] CPU: 0 UID: 0 PID: 19472 Comm: syz.8.10781 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  796.418373][T19472] Tainted: [L]=SOFTLOCKUP
[  796.418395][T19472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  796.418405][T19472] Call Trace:
[  796.418413][T19472]  <TASK>
[  796.418420][T19472]  dump_stack_lvl+0x16c/0x1f0
[  796.418449][T19472]  should_fail_ex+0x512/0x640
[  796.418468][T19472]  ? kmem_cache_alloc_noprof+0x62/0x770
[  796.418487][T19472]  should_failslab+0xc2/0x120
[  796.418510][T19472]  kmem_cache_alloc_noprof+0x83/0x770
[  796.418526][T19472]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  796.418552][T19472]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  796.418583][T19472]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  796.418609][T19472]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  796.418637][T19472]  ? _raw_spin_unlock+0x28/0x50
[  796.418663][T19472]  mmu_topup_memory_caches+0x25/0x170
[  796.418685][T19472]  kvm_mmu_load+0xd6/0x2390
[  796.418705][T19472]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  796.418729][T19472]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  796.418753][T19472]  ? vmx_get_rflags+0x100/0x420
[  796.418775][T19472]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  796.418799][T19472]  ? __pfx_kvm_mmu_load+0x10/0x10
[  796.418817][T19472]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  796.418844][T19472]  ? kvm_check_and_inject_events+0x63d/0x1050
[  796.418869][T19472]  vcpu_run+0x39d2/0x5a80
[  796.418900][T19472]  ? __pfx_vcpu_run+0x10/0x10
[  796.418929][T19472]  ? rcu_is_watching+0x12/0xc0
[  796.418949][T19472]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  796.418968][T19472]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  796.418996][T19472]  kvm_vcpu_ioctl+0x76d/0x16d0
[  796.419025][T19472]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  796.419056][T19472]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  796.419078][T19472]  ? do_vfs_ioctl+0x128/0x14f0
[  796.419097][T19472]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  796.419116][T19472]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  796.419152][T19472]  ? hook_file_ioctl_common+0x144/0x410
[  796.419178][T19472]  ? selinux_file_ioctl+0x180/0x270
[  796.419203][T19472]  ? selinux_file_ioctl+0xb4/0x270
[  796.419229][T19472]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  796.419255][T19472]  __x64_sys_ioctl+0x18e/0x210
[  796.419275][T19472]  do_syscall_64+0xcd/0xf80
[  796.419301][T19472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.419318][T19472] RIP: 0033:0x7fd439b8f7c9
[  796.419333][T19472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  796.419349][T19472] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  796.419367][T19472] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  796.419378][T19472] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  796.419388][T19472] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  796.419399][T19472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  796.419409][T19472] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  796.419433][T19472]  </TASK>
[  796.541868][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  796.544113][   T34] usb 7-1: can't read configurations, error -61
[  796.546202][   T34] usb usb7-port1: attempt power cycle
[  796.550858][T19472] kvm: pic: level sensitive irq not supported
[  796.619891][T19480] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  796.839025][T19538] loop5: detected capacity change from 0 to 7
[  796.847575][T28094] Dev loop5: unable to read RDB block 7
[  796.855236][T28094]  loop5: unable to read partition table
[  796.857165][T28094] loop5: partition table beyond EOD, truncated
[  796.872347][T19538] Dev loop5: unable to read RDB block 7
[  796.874197][T19538]  loop5: unable to read partition table
[  796.876071][T19538] loop5: partition table beyond EOD, truncated
[  796.878224][T19538] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  796.901191][   T34] usb 7-1: new high-speed USB device number 78 using dummy_hcd
[  796.947089][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  796.950331][   T34] usb 7-1: can't read configurations, error -61
[  796.973958][T19555] FAULT_INJECTION: forcing a failure.
[  796.973958][T19555] name failslab, interval 1, probability 0, space 0, times 0
[  796.980776][T19555] CPU: 1 UID: 0 PID: 19555 Comm: syz.8.10790 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  796.980797][T19555] Tainted: [L]=SOFTLOCKUP
[  796.980801][T19555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  796.980809][T19555] Call Trace:
[  796.980813][T19555]  <TASK>
[  796.980818][T19555]  dump_stack_lvl+0x16c/0x1f0
[  796.980841][T19555]  should_fail_ex+0x512/0x640
[  796.980857][T19555]  should_failslab+0xc2/0x120
[  796.980872][T19555]  __kmalloc_node_track_caller_noprof+0xec/0x930
[  796.980887][T19555]  ? sidtab_sid2str_get+0x17a/0x680
[  796.980903][T19555]  ? kmemdup_noprof+0x29/0x60
[  796.980914][T19555]  kmemdup_noprof+0x29/0x60
[  796.980925][T19555]  sidtab_sid2str_get+0x17a/0x680
[  796.980938][T19555]  sidtab_entry_to_string+0x33/0x110
[  796.980958][T19555]  security_sid_to_context_core+0x35c/0x640
[  796.980978][T19555]  avc_audit_post_callback+0x109/0x8c0
[  796.980991][T19555]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  796.981005][T19555]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  796.981022][T19555]  ? skb_put+0x138/0x1b0
[  796.981041][T19555]  ? audit_log_n_string+0x253/0x550
[  796.981057][T19555]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  796.981069][T19555]  common_lsm_audit+0x24e/0x300
[  796.981081][T19555]  ? __pfx_common_lsm_audit+0x10/0x10
[  796.981092][T19555]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  796.981108][T19555]  ? avc_update_node.isra.0+0x522/0xbc0
[  796.981123][T19555]  slow_avc_audit+0x186/0x210
[  796.981137][T19555]  ? __pfx_slow_avc_audit+0x10/0x10
[  796.981152][T19555]  ? avc_denied+0x14a/0x190
[  796.981166][T19555]  ? avc_has_perm_noaudit+0x306/0x3b0
[  796.981182][T19555]  avc_has_perm+0x1b5/0x1f0
[  796.981196][T19555]  ? __pfx_avc_has_perm+0x10/0x10
[  796.981211][T19555]  ? lock_acquire+0x179/0x330
[  796.981228][T19555]  sel_write_load+0x1b7/0x590
[  796.981244][T19555]  ? __pfx_sel_write_load+0x10/0x10
[  796.981263][T19555]  ? __pfx_sel_write_load+0x10/0x10
[  796.981278][T19555]  vfs_write+0x2a0/0x11d0
[  796.981293][T19555]  ? __pfx___mutex_lock+0x10/0x10
[  796.981305][T19555]  ? __pfx_vfs_write+0x10/0x10
[  796.981323][T19555]  ? __fget_files+0x20e/0x3c0
[  796.981342][T19555]  ksys_write+0x12a/0x250
[  796.981356][T19555]  ? __pfx_ksys_write+0x10/0x10
[  796.981374][T19555]  do_syscall_64+0xcd/0xf80
[  796.981393][T19555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.981404][T19555] RIP: 0033:0x7fd439b8f7c9
[  796.981415][T19555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  796.981426][T19555] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  796.981437][T19555] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  796.981445][T19555] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  796.981451][T19555] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  796.981458][T19555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  796.981464][T19555] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  796.981480][T19555]  </TASK>
[  796.982343][T19555] SELinux: failed to load policy
[  797.093856][   T34] usb 7-1: new high-speed USB device number 79 using dummy_hcd
[  797.117617][   T34] usb 7-1: unable to read config index 0 descriptor/start: -61
[  797.120009][   T34] usb 7-1: can't read configurations, error -61
[  797.123115][   T34] usb usb7-port1: unable to enumerate USB device
[  797.170547][ T5991] IPVS: starting estimator thread 0...
[  797.205220][T19579] loop3: detected capacity change from 0 to 7
[  797.211493][T19579] Dev loop3: unable to read RDB block 7
[  797.213407][T19579]  loop3: unable to read partition table
[  797.215424][T19579] loop3: partition table beyond EOD, truncated
[  797.217718][T19579] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[  797.277146][T19575] IPVS: using max 44 ests per chain, 105600 per kthread
[  797.803112][T19607] loop5: detected capacity change from 0 to 7
[  797.813786][T19607] Dev loop5: unable to read RDB block 7
[  797.817127][T19607]  loop5: unable to read partition table
[  797.819605][T19607] loop5: partition table beyond EOD, truncated
[  797.822671][T19607] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  797.835415][ T5342] Dev loop5: unable to read RDB block 7
[  797.837137][ T5342]  loop5: unable to read partition table
[  797.838953][ T5342] loop5: partition table beyond EOD, truncated
[  797.842766][T19613] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10801'.
[  797.882866][ T5342] Dev loop5: unable to read RDB block 7
[  797.884746][ T5342]  loop5: unable to read partition table
[  797.888114][ T5342] loop5: partition table beyond EOD, truncated
[  798.023626][T19633] FAULT_INJECTION: forcing a failure.
[  798.023626][T19633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  798.027837][   T40] kauditd_printk_skb: 440 callbacks suppressed
[  798.027847][   T40] audit: type=1400 audit(1765283415.467:43451): avc:  denied  { create } for  pid=19637 comm="syz.8.10808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  798.039935][T19633] CPU: 3 UID: 0 PID: 19633 Comm: syz.7.10806 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  798.039962][T19633] Tainted: [L]=SOFTLOCKUP
[  798.039967][T19633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  798.039977][T19633] Call Trace:
[  798.039984][T19633]  <TASK>
[  798.039998][T19633]  dump_stack_lvl+0x16c/0x1f0
[  798.040026][T19633]  should_fail_ex+0x512/0x640
[  798.040048][T19633]  _copy_from_user+0x2e/0xd0
[  798.040065][T19633]  generic_map_delete_batch+0x586/0xa90
[  798.040093][T19633]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  798.040118][T19633]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  798.040141][T19633]  bpf_map_do_batch+0x4b3/0x680
[  798.040161][T19633]  __sys_bpf+0x15ca/0x4980
[  798.040190][T19633]  ? __pfx___sys_bpf+0x10/0x10
[  798.040213][T19633]  ? find_held_lock+0x2b/0x80
[  798.040249][T19633]  ? find_held_lock+0x2b/0x80
[  798.040281][T19633]  ? __mutex_unlock_slowpath+0x161/0x790
[  798.040320][T19633]  ? fput+0x70/0xf0
[  798.040344][T19633]  ? ksys_write+0x1ac/0x250
[  798.040363][T19633]  ? __pfx_ksys_write+0x10/0x10
[  798.040390][T19633]  __x64_sys_bpf+0x78/0xc0
[  798.040415][T19633]  ? lockdep_hardirqs_on+0x7c/0x110
[  798.040442][T19633]  do_syscall_64+0xcd/0xf80
[  798.040472][T19633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.040491][T19633] RIP: 0033:0x7f5cc298f7c9
[  798.040508][T19633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  798.040526][T19633] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  798.040545][T19633] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  798.040557][T19633] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 000000000000001b
[  798.040569][T19633] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  798.040580][T19633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  798.040591][T19633] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  798.040618][T19633]  </TASK>
[  798.080767][   T40] audit: type=1400 audit(1765283415.523:43452): avc:  denied  { execmem } for  pid=19647 comm="syz.8.10809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  798.134738][   T40] audit: type=1400 audit(1765283415.551:43453): avc:  denied  { recv } for  pid=40 comm="kauditd" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=53376 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  798.305185][   T40] audit: type=1400 audit(1765283415.738:43454): avc:  denied  { mount } for  pid=19659 comm="syz.5.10811" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  798.349316][T19665] Cannot find set identified by id 0 to match
[  798.413162][T19671] loop5: detected capacity change from 0 to 7
[  798.426312][T19671] Dev loop5: unable to read RDB block 7
[  798.428154][T19671]  loop5: unable to read partition table
[  798.432146][T19671] loop5: partition table beyond EOD, truncated
[  798.434424][T19671] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  798.443165][   T40] audit: type=1400 audit(1765283415.860:43455): avc:  denied  { create } for  pid=19669 comm="syz.8.10816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  798.454713][   T40] audit: type=1400 audit(1765283415.860:43456): avc:  denied  { ioctl } for  pid=19669 comm="syz.8.10816" path="socket:[448160]" dev="sockfs" ino=448160 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  798.463494][   T40] audit: type=1400 audit(1765283415.860:43457): avc:  denied  { read write } for  pid=19672 comm="syz.5.10815" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  798.471051][   T40] audit: type=1400 audit(1765283415.860:43458): avc:  denied  { open } for  pid=19672 comm="syz.5.10815" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  798.479012][   T40] audit: type=1400 audit(1765283415.888:43459): avc:  denied  { sys_module } for  pid=19669 comm="syz.8.10816" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  798.486123][   T40] audit: type=1400 audit(1765283415.888:43460): avc:  denied  { module_request } for  pid=19669 comm="syz.8.10816" kmod="syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  798.565252][T19696] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10820'.
[  798.631832][T19699] SELinux: failed to load policy
[  798.762963][T19728] fuse: Bad value for 'fd'
[  798.916340][T19750] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10831'.
[  799.104472][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  799.117196][T19779] loop5: detected capacity change from 0 to 7
[  799.122387][T19775] FAULT_INJECTION: forcing a failure.
[  799.122387][T19775] name failslab, interval 1, probability 0, space 0, times 0
[  799.123898][T19779] Dev loop5: unable to read RDB block 7
[  799.128097][T19775] CPU: 3 UID: 0 PID: 19775 Comm: syz.8.10836 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  799.128124][T19775] Tainted: [L]=SOFTLOCKUP
[  799.128130][T19775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  799.128140][T19775] Call Trace:
[  799.128147][T19775]  <TASK>
[  799.128155][T19775]  dump_stack_lvl+0x16c/0x1f0
[  799.128191][T19775]  should_fail_ex+0x512/0x640
[  799.128210][T19775]  ? kmem_cache_alloc_noprof+0x62/0x770
[  799.128243][T19775]  should_failslab+0xc2/0x120
[  799.128265][T19775]  kmem_cache_alloc_noprof+0x83/0x770
[  799.128281][T19775]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  799.128309][T19775]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  799.128345][T19775]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  799.128371][T19775]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  799.128398][T19775]  ? _raw_spin_unlock+0x28/0x50
[  799.128422][T19775]  mmu_topup_memory_caches+0x25/0x170
[  799.128443][T19775]  kvm_mmu_load+0xd6/0x2390
[  799.128464][T19775]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  799.128492][T19775]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  799.128518][T19775]  ? vmx_get_rflags+0x100/0x420
[  799.128539][T19775]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  799.128562][T19775]  ? __pfx_kvm_mmu_load+0x10/0x10
[  799.128579][T19775]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  799.128605][T19775]  ? kvm_check_and_inject_events+0x63d/0x1050
[  799.128635][T19775]  vcpu_run+0x39d2/0x5a80
[  799.128673][T19775]  ? __pfx_vcpu_run+0x10/0x10
[  799.128700][T19775]  ? rcu_is_watching+0x12/0xc0
[  799.128719][T19775]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  799.128737][T19775]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  799.128763][T19775]  kvm_vcpu_ioctl+0x76d/0x16d0
[  799.128796][T19775]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  799.128824][T19775]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  799.128843][T19775]  ? do_vfs_ioctl+0x128/0x14f0
[  799.128861][T19775]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  799.128879][T19775]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  799.128913][T19775]  ? hook_file_ioctl_common+0x144/0x410
[  799.128944][T19775]  ? selinux_file_ioctl+0x180/0x270
[  799.128971][T19775]  ? selinux_file_ioctl+0xb4/0x270
[  799.128997][T19775]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  799.129021][T19775]  __x64_sys_ioctl+0x18e/0x210
[  799.129041][T19775]  do_syscall_64+0xcd/0xf80
[  799.129066][T19775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.129086][T19775] RIP: 0033:0x7fd439b8f7c9
[  799.129104][T19775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.129122][T19775] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  799.129138][T19775] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  799.129149][T19775] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  799.129159][T19775] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  799.129169][T19775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  799.129179][T19775] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  799.129202][T19775]  </TASK>
[  799.144665][T19775] kvm: pic: level sensitive irq not supported
[  799.146719][T19779]  loop5: unable to read partition table
[  799.171581][T19783] fuse: Bad value for 'fd'
[  799.178954][T19779] loop5: partition table beyond EOD, truncated
[  799.179055][T19779] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  799.402202][T19795] FAULT_INJECTION: forcing a failure.
[  799.402202][T19795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  799.407271][T19795] CPU: 0 UID: 0 PID: 19795 Comm: syz.2.10840 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  799.407291][T19795] Tainted: [L]=SOFTLOCKUP
[  799.407294][T19795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  799.407302][T19795] Call Trace:
[  799.407307][T19795]  <TASK>
[  799.407311][T19795]  dump_stack_lvl+0x16c/0x1f0
[  799.407332][T19795]  should_fail_ex+0x512/0x640
[  799.407348][T19795]  _copy_from_user+0x2e/0xd0
[  799.407374][T19795]  generic_map_delete_batch+0x586/0xa90
[  799.407393][T19795]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  799.407411][T19795]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  799.407439][T19795]  bpf_map_do_batch+0x4b3/0x680
[  799.407454][T19795]  __sys_bpf+0x15ca/0x4980
[  799.407471][T19795]  ? __pfx___sys_bpf+0x10/0x10
[  799.407487][T19795]  ? find_held_lock+0x2b/0x80
[  799.407507][T19795]  ? find_held_lock+0x2b/0x80
[  799.407527][T19795]  ? __mutex_unlock_slowpath+0x161/0x790
[  799.407553][T19795]  ? fput+0x70/0xf0
[  799.407569][T19795]  ? ksys_write+0x1ac/0x250
[  799.407582][T19795]  ? __pfx_ksys_write+0x10/0x10
[  799.407598][T19795]  __x64_sys_bpf+0x78/0xc0
[  799.407614][T19795]  ? lockdep_hardirqs_on+0x7c/0x110
[  799.407631][T19795]  do_syscall_64+0xcd/0xf80
[  799.407649][T19795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.407660][T19795] RIP: 0033:0x7f5e2bd8f7c9
[  799.407670][T19795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.407681][T19795] RSP: 002b:00007f5e2cb8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  799.407692][T19795] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8f7c9
[  799.407699][T19795] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 000000000000001b
[  799.407706][T19795] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  799.407712][T19795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  799.407719][T19795] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  799.407733][T19795]  </TASK>
[  799.546862][T19813] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10843'.
[  799.683085][ T5991] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  799.855440][ T5991] usb 13-1: config 0 has no interfaces?
[  799.862053][ T5991] usb 13-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  799.866141][ T5991] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  799.868721][ T5991] usb 13-1: Product: syz
[  799.870142][ T5991] usb 13-1: Manufacturer: syz
[  799.871577][ T5991] usb 13-1: SerialNumber: syz
[  799.890628][ T5991] usb 13-1: config 0 descriptor??
[  800.042511][T19836] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  800.045428][T19836] SELinux: failed to load policy
[  800.063592][T19865] loop5: detected capacity change from 0 to 7
[  800.073568][T19865] Dev loop5: unable to read RDB block 7
[  800.075968][T19865]  loop5: unable to read partition table
[  800.087767][T19865] loop5: partition table beyond EOD, truncated
[  800.090449][T19865] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  800.114966][ T5991] usb 13-1: USB disconnect, device number 2
[  800.219392][T19886] create_pit_timer: 30 callbacks suppressed
[  800.219407][T19886] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  800.228010][T19886] FAULT_INJECTION: forcing a failure.
[  800.228010][T19886] name failslab, interval 1, probability 0, space 0, times 0
[  800.232483][T19886] CPU: 0 UID: 0 PID: 19886 Comm: syz.5.10855 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  800.232503][T19886] Tainted: [L]=SOFTLOCKUP
[  800.232507][T19886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  800.232514][T19886] Call Trace:
[  800.232519][T19886]  <TASK>
[  800.232524][T19886]  dump_stack_lvl+0x16c/0x1f0
[  800.232545][T19886]  should_fail_ex+0x512/0x640
[  800.232559][T19886]  ? kmem_cache_alloc_noprof+0x62/0x770
[  800.232572][T19886]  should_failslab+0xc2/0x120
[  800.232588][T19886]  kmem_cache_alloc_noprof+0x83/0x770
[  800.232599][T19886]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  800.232630][T19886]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  800.232661][T19886]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  800.232691][T19886]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  800.232723][T19886]  ? _raw_spin_unlock+0x28/0x50
[  800.232756][T19886]  mmu_topup_memory_caches+0x25/0x170
[  800.232780][T19886]  kvm_mmu_load+0xd6/0x2390
[  800.232802][T19886]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  800.232830][T19886]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  800.232857][T19886]  ? vmx_get_rflags+0x100/0x420
[  800.232880][T19886]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  800.232905][T19886]  ? __pfx_kvm_mmu_load+0x10/0x10
[  800.232925][T19886]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  800.232956][T19886]  ? kvm_check_and_inject_events+0x63d/0x1050
[  800.232985][T19886]  vcpu_run+0x39d2/0x5a80
[  800.233018][T19886]  ? __pfx_vcpu_run+0x10/0x10
[  800.233052][T19886]  ? rcu_is_watching+0x12/0xc0
[  800.233074][T19886]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  800.233096][T19886]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  800.233127][T19886]  kvm_vcpu_ioctl+0x76d/0x16d0
[  800.233159][T19886]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  800.233188][T19886]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  800.233213][T19886]  ? do_vfs_ioctl+0x128/0x14f0
[  800.233235][T19886]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  800.233256][T19886]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  800.233296][T19886]  ? hook_file_ioctl_common+0x144/0x410
[  800.233326][T19886]  ? selinux_file_ioctl+0x180/0x270
[  800.233354][T19886]  ? selinux_file_ioctl+0xb4/0x270
[  800.233384][T19886]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  800.233414][T19886]  __x64_sys_ioctl+0x18e/0x210
[  800.233437][T19886]  do_syscall_64+0xcd/0xf80
[  800.233467][T19886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.233487][T19886] RIP: 0033:0x7f7d00b8f7c9
[  800.233504][T19886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  800.233522][T19886] RSP: 002b:00007f7d01ae8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  800.233540][T19886] RAX: ffffffffffffffda RBX: 00007f7d00de5fa0 RCX: 00007f7d00b8f7c9
[  800.233553][T19886] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  800.233564][T19886] RBP: 00007f7d01ae8090 R08: 0000000000000000 R09: 0000000000000000
[  800.233575][T19886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  800.233586][T19886] R13: 00007f7d00de6038 R14: 00007f7d00de5fa0 R15: 00007ffe02948a68
[  800.233613][T19886]  </TASK>
[  800.350643][T19886] picdev_read: 10 callbacks suppressed
[  800.350703][T19886] kvm: pic: non byte read
[  800.360761][T19886] kvm: pic: non byte read
[  800.365882][T19886] kvm: pic: non byte read
[  800.368457][T19886] kvm: pic: non byte read
[  800.371054][T19886] kvm: pic: level sensitive irq not supported
[  800.371334][T19886] kvm: pic: non byte read
[  800.409169][T19899] fuse: Bad value for 'fd'
[  800.436913][T19904] autofs4:pid:19904:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(40960.1), cmd(0xc0189374)
[  800.441816][T19904] autofs4:pid:19904:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374)
[  800.676431][T19925] FAULT_INJECTION: forcing a failure.
[  800.676431][T19925] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  800.680924][T19925] CPU: 0 UID: 0 PID: 19925 Comm: syz.7.10867 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  800.680943][T19925] Tainted: [L]=SOFTLOCKUP
[  800.680947][T19925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  800.680954][T19925] Call Trace:
[  800.680959][T19925]  <TASK>
[  800.680965][T19925]  dump_stack_lvl+0x16c/0x1f0
[  800.680987][T19925]  should_fail_ex+0x512/0x640
[  800.681003][T19925]  should_fail_alloc_page+0xe7/0x130
[  800.681021][T19925]  prepare_alloc_pages+0x401/0x670
[  800.681039][T19925]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  800.681054][T19925]  ? find_held_lock+0x2b/0x80
[  800.681073][T19925]  ? is_bpf_text_address+0x8a/0x1a0
[  800.681086][T19925]  ? bpf_ksym_find+0x127/0x1c0
[  800.681102][T19925]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  800.681114][T19925]  ? kernel_text_address+0x8d/0x100
[  800.681129][T19925]  ? __kernel_text_address+0xd/0x40
[  800.681143][T19925]  ? unwind_get_return_address+0x59/0xa0
[  800.681165][T19925]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  800.681179][T19925]  ? policy_nodemask+0xea/0x4e0
[  800.681195][T19925]  alloc_pages_mpol+0x1fb/0x550
[  800.681210][T19925]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  800.681224][T19925]  ? kasan_save_stack+0x42/0x60
[  800.681236][T19925]  ? kasan_save_track+0x14/0x30
[  800.681248][T19925]  ? __kasan_kmalloc+0xaa/0xb0
[  800.681258][T19925]  ? __get_vm_area_node+0x101/0x330
[  800.681276][T19925]  alloc_pages_noprof+0x131/0x390
[  800.681291][T19925]  get_free_pages_noprof+0x10/0xb0
[  800.681304][T19925]  __kasan_populate_vmalloc+0xa0/0x220
[  800.681319][T19925]  alloc_vmap_area+0x98d/0x2a50
[  800.681339][T19925]  ? __pfx_alloc_vmap_area+0x10/0x10
[  800.681357][T19925]  __get_vm_area_node+0x1ca/0x330
[  800.681375][T19925]  __vmalloc_node_range_noprof+0x247/0x16b0
[  800.681391][T19925]  ? sel_write_load+0x22f/0x590
[  800.681407][T19925]  ? slow_avc_audit+0x18b/0x210
[  800.681421][T19925]  ? __pfx_slow_avc_audit+0x10/0x10
[  800.681435][T19925]  ? sel_write_load+0x22f/0x590
[  800.681451][T19925]  ? avc_has_perm_noaudit+0x306/0x3b0
[  800.681465][T19925]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  800.681483][T19925]  ? avc_has_perm+0x1c0/0x1f0
[  800.681507][T19925]  ? avc_has_perm+0x144/0x1f0
[  800.681521][T19925]  ? __pfx_avc_has_perm+0x10/0x10
[  800.681535][T19925]  ? sel_write_load+0x22f/0x590
[  800.681549][T19925]  __vmalloc_node_noprof+0xad/0xf0
[  800.681565][T19925]  ? sel_write_load+0x22f/0x590
[  800.681581][T19925]  sel_write_load+0x22f/0x590
[  800.681596][T19925]  ? __pfx_sel_write_load+0x10/0x10
[  800.681614][T19925]  ? __pfx_sel_write_load+0x10/0x10
[  800.681629][T19925]  vfs_write+0x2a0/0x11d0
[  800.681666][T19925]  ? __pfx___mutex_lock+0x10/0x10
[  800.681684][T19925]  ? __pfx_vfs_write+0x10/0x10
[  800.681701][T19925]  ? __fget_files+0x20e/0x3c0
[  800.681721][T19925]  ksys_write+0x12a/0x250
[  800.681735][T19925]  ? __pfx_ksys_write+0x10/0x10
[  800.681752][T19925]  do_syscall_64+0xcd/0xf80
[  800.681771][T19925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.681782][T19925] RIP: 0033:0x7f5cc298f7c9
[  800.681792][T19925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  800.681803][T19925] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  800.681814][T19925] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  800.681821][T19925] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  800.681828][T19925] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  800.681834][T19925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  800.681841][T19925] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  800.681855][T19925]  </TASK>
[  800.804178][T19929] Cannot find set identified by id 0 to match
[  800.938100][T19943] SELinux: failed to load policy
[  800.949421][T19947] input: syz1 as /devices/virtual/input/input46
[  801.021864][T19960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10875'.
[  801.278529][T19987] fuse: Bad value for 'fd'
[  801.854144][T20029] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  801.866473][T20029] FAULT_INJECTION: forcing a failure.
[  801.866473][T20029] name failslab, interval 1, probability 0, space 0, times 0
[  801.871857][T20029] CPU: 1 UID: 0 PID: 20029 Comm: syz.7.10892 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  801.871890][T20029] Tainted: [L]=SOFTLOCKUP
[  801.871896][T20029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  801.871921][T20029] Call Trace:
[  801.871928][T20029]  <TASK>
[  801.871934][T20029]  dump_stack_lvl+0x16c/0x1f0
[  801.871964][T20029]  should_fail_ex+0x512/0x640
[  801.871983][T20029]  ? kmem_cache_alloc_noprof+0x62/0x770
[  801.872004][T20029]  should_failslab+0xc2/0x120
[  801.872025][T20029]  kmem_cache_alloc_noprof+0x83/0x770
[  801.872036][T20029]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  801.872054][T20029]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  801.872075][T20029]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  801.872093][T20029]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  801.872113][T20029]  ? _raw_spin_unlock+0x28/0x50
[  801.872131][T20029]  mmu_topup_memory_caches+0x25/0x170
[  801.872146][T20029]  kvm_mmu_load+0xd6/0x2390
[  801.872159][T20029]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  801.872176][T20029]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  801.872193][T20029]  ? vmx_get_rflags+0x100/0x420
[  801.872208][T20029]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  801.872225][T20029]  ? __pfx_kvm_mmu_load+0x10/0x10
[  801.872237][T20029]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  801.872259][T20029]  ? kvm_check_and_inject_events+0x63d/0x1050
[  801.872282][T20029]  vcpu_run+0x39d2/0x5a80
[  801.872302][T20029]  ? __pfx_vcpu_run+0x10/0x10
[  801.872321][T20029]  ? rcu_is_watching+0x12/0xc0
[  801.872334][T20029]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  801.872354][T20029]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  801.872382][T20029]  kvm_vcpu_ioctl+0x76d/0x16d0
[  801.872404][T20029]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  801.872422][T20029]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  801.872436][T20029]  ? do_vfs_ioctl+0x128/0x14f0
[  801.872454][T20029]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  801.872474][T20029]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  801.872507][T20029]  ? hook_file_ioctl_common+0x144/0x410
[  801.872534][T20029]  ? selinux_file_ioctl+0x180/0x270
[  801.872557][T20029]  ? selinux_file_ioctl+0xb4/0x270
[  801.872577][T20029]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  801.872604][T20029]  __x64_sys_ioctl+0x18e/0x210
[  801.872624][T20029]  do_syscall_64+0xcd/0xf80
[  801.872651][T20029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.872668][T20029] RIP: 0033:0x7f5cc298f7c9
[  801.872683][T20029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  801.872695][T20029] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  801.872712][T20029] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  801.872723][T20029] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  801.872733][T20029] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  801.872743][T20029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  801.872753][T20029] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  801.872776][T20029]  </TASK>
[  801.995002][T20029] kvm: pic: non byte read
[  801.998485][T20029] kvm: pic: non byte read
[  802.002116][T20029] kvm: pic: non byte read
[  802.005804][T20029] kvm: pic: non byte read
[  802.008454][T20029] kvm: pic: level sensitive irq not supported
[  802.008839][T20029] kvm: pic: non byte read
[  802.085733][T20053] SELinux: failed to load policy
[  802.136454][T20066] Cannot find del_set index 2 as target
[  802.177553][T20069] fuse: Invalid rootmode
[  802.181450][T20073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10902'.
[  802.193072][T20073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10902'.
[  802.216619][T20077] bridge2: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  802.409544][T20114] FAULT_INJECTION: forcing a failure.
[  802.409544][T20114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.413728][T20114] CPU: 3 UID: 0 PID: 20114 Comm: syz.8.10910 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  802.413747][T20114] Tainted: [L]=SOFTLOCKUP
[  802.413752][T20114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  802.413759][T20114] Call Trace:
[  802.413764][T20114]  <TASK>
[  802.413770][T20114]  dump_stack_lvl+0x16c/0x1f0
[  802.413791][T20114]  should_fail_ex+0x512/0x640
[  802.413807][T20114]  _copy_from_user+0x2e/0xd0
[  802.413820][T20114]  copy_msghdr_from_user+0x98/0x160
[  802.413836][T20114]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  802.413857][T20114]  ___sys_sendmsg+0xfe/0x1d0
[  802.413882][T20114]  ? __pfx____sys_sendmsg+0x10/0x10
[  802.413911][T20114]  __sys_sendmsg+0x16d/0x220
[  802.413926][T20114]  ? __pfx___sys_sendmsg+0x10/0x10
[  802.413946][T20114]  ? fput+0x70/0xf0
[  802.413965][T20114]  do_syscall_64+0xcd/0xf80
[  802.413988][T20114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.414000][T20114] RIP: 0033:0x7fd439b8f7c9
[  802.414010][T20114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.414021][T20114] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  802.414033][T20114] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  802.414040][T20114] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  802.414047][T20114] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  802.414054][T20114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.414060][T20114] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  802.414074][T20114]  </TASK>
[  802.571656][T20129] fuse: Invalid rootmode
[  802.682030][T20149] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=20149 comm=syz.8.10917
[  802.851124][T20169] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  802.858711][T20169] FAULT_INJECTION: forcing a failure.
[  802.858711][T20169] name failslab, interval 1, probability 0, space 0, times 0
[  802.864079][T20169] CPU: 0 UID: 0 PID: 20169 Comm: syz.8.10922 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  802.864110][T20169] Tainted: [L]=SOFTLOCKUP
[  802.864117][T20169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  802.864129][T20169] Call Trace:
[  802.864138][T20169]  <TASK>
[  802.864147][T20169]  dump_stack_lvl+0x16c/0x1f0
[  802.864195][T20169]  should_fail_ex+0x512/0x640
[  802.864217][T20169]  ? kmem_cache_alloc_noprof+0x62/0x770
[  802.864239][T20169]  should_failslab+0xc2/0x120
[  802.864264][T20169]  kmem_cache_alloc_noprof+0x83/0x770
[  802.864281][T20169]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  802.864310][T20169]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  802.864345][T20169]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  802.864375][T20169]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  802.864408][T20169]  ? _raw_spin_unlock+0x28/0x50
[  802.864436][T20169]  mmu_topup_memory_caches+0x25/0x170
[  802.864464][T20169]  kvm_mmu_load+0xd6/0x2390
[  802.864487][T20169]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  802.864515][T20169]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  802.864542][T20169]  ? vmx_get_rflags+0x100/0x420
[  802.864568][T20169]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  802.864595][T20169]  ? __pfx_kvm_mmu_load+0x10/0x10
[  802.864615][T20169]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  802.864645][T20169]  ? kvm_check_and_inject_events+0x63d/0x1050
[  802.864674][T20169]  vcpu_run+0x39d2/0x5a80
[  802.864710][T20169]  ? __pfx_vcpu_run+0x10/0x10
[  802.864742][T20169]  ? rcu_is_watching+0x12/0xc0
[  802.864765][T20169]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  802.864787][T20169]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  802.864816][T20169]  kvm_vcpu_ioctl+0x76d/0x16d0
[  802.864847][T20169]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  802.864878][T20169]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  802.864901][T20169]  ? do_vfs_ioctl+0x128/0x14f0
[  802.864923][T20169]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  802.864943][T20169]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  802.864982][T20169]  ? hook_file_ioctl_common+0x144/0x410
[  802.865011][T20169]  ? selinux_file_ioctl+0x180/0x270
[  802.865038][T20169]  ? selinux_file_ioctl+0xb4/0x270
[  802.865068][T20169]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  802.865095][T20169]  __x64_sys_ioctl+0x18e/0x210
[  802.865115][T20169]  do_syscall_64+0xcd/0xf80
[  802.865144][T20169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.865162][T20169] RIP: 0033:0x7fd439b8f7c9
[  802.865177][T20169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.865194][T20169] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  802.865212][T20169] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  802.865224][T20169] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  802.865235][T20169] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  802.865247][T20169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  802.865257][T20169] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  802.865284][T20169]  </TASK>
[  802.945769][T20176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10923'.
[  802.953431][T20169] kvm: pic: single mode not supported
[  802.994721][T20169] kvm: pic: level sensitive irq not supported
[  803.002655][T20169] kvm: pic: level sensitive irq not supported
[  803.152811][T20192] fuse: Bad value for 'rootmode'
[  803.315052][T20209] FAULT_INJECTION: forcing a failure.
[  803.315052][T20209] name failslab, interval 1, probability 0, space 0, times 0
[  803.322941][T20209] CPU: 2 UID: 0 PID: 20209 Comm: syz.2.10931 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  803.322970][T20209] Tainted: [L]=SOFTLOCKUP
[  803.322976][T20209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  803.322986][T20209] Call Trace:
[  803.322993][T20209]  <TASK>
[  803.323000][T20209]  dump_stack_lvl+0x16c/0x1f0
[  803.323054][T20209]  should_fail_ex+0x512/0x640
[  803.323099][T20209]  ? __kmalloc_node_noprof+0xcd/0x930
[  803.323124][T20209]  should_failslab+0xc2/0x120
[  803.323149][T20209]  __kmalloc_node_noprof+0xee/0x930
[  803.323169][T20209]  ? __get_vm_area_node+0x1dc/0x330
[  803.323193][T20209]  ? __vmalloc_node_range_noprof+0x405/0x16b0
[  803.323226][T20209]  ? __vmalloc_node_range_noprof+0x405/0x16b0
[  803.323252][T20209]  __vmalloc_node_range_noprof+0x405/0x16b0
[  803.323280][T20209]  ? slow_avc_audit+0x18b/0x210
[  803.323307][T20209]  ? sel_write_load+0x22f/0x590
[  803.323336][T20209]  ? avc_has_perm_noaudit+0x306/0x3b0
[  803.323358][T20209]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  803.323388][T20209]  ? avc_has_perm+0x1c0/0x1f0
[  803.323408][T20209]  ? avc_has_perm+0x144/0x1f0
[  803.323431][T20209]  ? __pfx_avc_has_perm+0x10/0x10
[  803.323454][T20209]  ? sel_write_load+0x22f/0x590
[  803.323478][T20209]  __vmalloc_node_noprof+0xad/0xf0
[  803.323505][T20209]  ? sel_write_load+0x22f/0x590
[  803.323533][T20209]  sel_write_load+0x22f/0x590
[  803.323558][T20209]  ? __pfx_sel_write_load+0x10/0x10
[  803.323590][T20209]  ? __pfx_sel_write_load+0x10/0x10
[  803.323613][T20209]  vfs_write+0x2a0/0x11d0
[  803.323635][T20209]  ? __pfx___mutex_lock+0x10/0x10
[  803.323655][T20209]  ? __pfx_vfs_write+0x10/0x10
[  803.323685][T20209]  ? __fget_files+0x20e/0x3c0
[  803.323719][T20209]  ksys_write+0x12a/0x250
[  803.323742][T20209]  ? __pfx_ksys_write+0x10/0x10
[  803.323772][T20209]  do_syscall_64+0xcd/0xf80
[  803.323803][T20209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.323823][T20209] RIP: 0033:0x7f5e2bd8f7c9
[  803.323838][T20209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.323855][T20209] RSP: 002b:00007f5e2cb8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  803.323880][T20209] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8f7c9
[  803.323892][T20209] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  803.323905][T20209] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  803.323916][T20209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.323928][T20209] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  803.323955][T20209]  </TASK>
[  803.441739][   T40] kauditd_printk_skb: 315 callbacks suppressed
[  803.441751][   T40] audit: type=1400 audit(1765283420.536:43774): avc:  denied  { write } for  pid=20210 comm="syz.8.10930" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  803.452904][   T40] audit: type=1400 audit(1765283420.545:43775): avc:  denied  { open } for  pid=20210 comm="syz.8.10930" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  803.499048][   T40] audit: type=1400 audit(1765283420.592:43776): avc:  denied  { create } for  pid=20222 comm="syz.8.10934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  803.524043][   T40] audit: type=1400 audit(1765283420.611:43777): avc:  denied  { create } for  pid=20223 comm="syz.5.10935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  803.531085][   T40] audit: type=1400 audit(1765283420.611:43778): avc:  denied  { write } for  pid=20223 comm="syz.5.10935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  803.538642][   T40] audit: type=1400 audit(1765283420.611:43779): avc:  denied  { read } for  pid=20223 comm="syz.5.10935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  803.545532][   T40] audit: type=1400 audit(1765283420.620:43780): avc:  denied  { recv } for  pid=33 comm="ksoftirqd/3" saddr=127.0.0.1 src=53376 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  803.553424][   T40] audit: type=1400 audit(1765283420.620:43781): avc:  denied  { ioctl } for  pid=20223 comm="syz.5.10935" path="net:[4026533008]" dev="nsfs" ino=4026533008 ioctlcmd=0x640b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  803.588489][   T40] audit: type=1400 audit(1765283420.676:43782): avc:  denied  { write } for  pid=20232 comm="syz.2.10937" name="comedi0" dev="devtmpfs" ino=1302 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  803.600179][   T40] audit: type=1400 audit(1765283420.676:43783): avc:  denied  { open } for  pid=20232 comm="syz.2.10937" path="/dev/comedi0" dev="devtmpfs" ino=1302 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  803.609178][T20224] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  803.629989][T20224] FAULT_INJECTION: forcing a failure.
[  803.629989][T20224] name failslab, interval 1, probability 0, space 0, times 0
[  803.634923][T20224] CPU: 0 UID: 0 PID: 20224 Comm: syz.8.10934 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  803.634950][T20224] Tainted: [L]=SOFTLOCKUP
[  803.634956][T20224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  803.634968][T20224] Call Trace:
[  803.634975][T20224]  <TASK>
[  803.634982][T20224]  dump_stack_lvl+0x16c/0x1f0
[  803.635015][T20224]  should_fail_ex+0x512/0x640
[  803.635037][T20224]  ? kmem_cache_alloc_noprof+0x62/0x770
[  803.635059][T20224]  should_failslab+0xc2/0x120
[  803.635098][T20224]  kmem_cache_alloc_noprof+0x83/0x770
[  803.635115][T20224]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  803.635142][T20224]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  803.635175][T20224]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  803.635204][T20224]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  803.635236][T20224]  ? _raw_spin_unlock+0x28/0x50
[  803.635261][T20224]  mmu_topup_memory_caches+0x25/0x170
[  803.635284][T20224]  kvm_mmu_load+0xd6/0x2390
[  803.635306][T20224]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  803.635333][T20224]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  803.635361][T20224]  ? vmx_get_rflags+0x100/0x420
[  803.635387][T20224]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  803.635413][T20224]  ? __pfx_kvm_mmu_load+0x10/0x10
[  803.635432][T20224]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  803.635462][T20224]  ? kvm_check_and_inject_events+0x63d/0x1050
[  803.635489][T20224]  vcpu_run+0x39d2/0x5a80
[  803.635521][T20224]  ? __pfx_vcpu_run+0x10/0x10
[  803.635552][T20224]  ? rcu_is_watching+0x12/0xc0
[  803.635573][T20224]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  803.635595][T20224]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  803.635630][T20224]  kvm_vcpu_ioctl+0x76d/0x16d0
[  803.635657][T20224]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  803.635683][T20224]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  803.635705][T20224]  ? do_vfs_ioctl+0x128/0x14f0
[  803.635725][T20224]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  803.635746][T20224]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  803.635784][T20224]  ? hook_file_ioctl_common+0x144/0x410
[  803.635812][T20224]  ? selinux_file_ioctl+0x180/0x270
[  803.635840][T20224]  ? selinux_file_ioctl+0xb4/0x270
[  803.635869][T20224]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  803.635898][T20224]  __x64_sys_ioctl+0x18e/0x210
[  803.635921][T20224]  do_syscall_64+0xcd/0xf80
[  803.635950][T20224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.635967][T20224] RIP: 0033:0x7fd439b8f7c9
[  803.635982][T20224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.635998][T20224] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  803.636017][T20224] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  803.636029][T20224] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  803.636039][T20224] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  803.636049][T20224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.636059][T20224] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  803.636084][T20224]  </TASK>
[  803.754715][T20224] kvm: pic: level sensitive irq not supported
[  803.953195][T20250] SELinux:  policydb magic number 0x73663266 does not match expected magic number 0xf97cff8c
[  803.959258][T20250] SELinux: failed to load policy
[  804.553521][T20283] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20283 comm=syz.2.10947
[  804.564970][T20283] netlink: 'syz.2.10947': attribute type 1 has an invalid length.
[  804.601113][T20283] bond2: (slave bridge7): making interface the new active one
[  804.605066][T20283] bond2: (slave bridge7): Enslaving as an active interface with an up link
[  804.785444][T20345] fuse: Unknown parameter 'use00000000000000000000'
[  805.040686][T20369] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  805.053083][T20369] FAULT_INJECTION: forcing a failure.
[  805.053083][T20369] name failslab, interval 1, probability 0, space 0, times 0
[  805.057451][T20369] CPU: 3 UID: 0 PID: 20369 Comm: syz.8.10960 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  805.057469][T20369] Tainted: [L]=SOFTLOCKUP
[  805.057485][T20369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  805.057494][T20369] Call Trace:
[  805.057499][T20369]  <TASK>
[  805.057504][T20369]  dump_stack_lvl+0x16c/0x1f0
[  805.057526][T20369]  should_fail_ex+0x512/0x640
[  805.057539][T20369]  ? kmem_cache_alloc_noprof+0x62/0x770
[  805.057553][T20369]  should_failslab+0xc2/0x120
[  805.057568][T20369]  kmem_cache_alloc_noprof+0x83/0x770
[  805.057579][T20369]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  805.057597][T20369]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  805.057646][T20369]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  805.057664][T20369]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  805.057684][T20369]  ? _raw_spin_unlock+0x28/0x50
[  805.057706][T20369]  mmu_topup_memory_caches+0x25/0x170
[  805.057722][T20369]  kvm_mmu_load+0xd6/0x2390
[  805.057735][T20369]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  805.057752][T20369]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  805.057769][T20369]  ? vmx_get_rflags+0x100/0x420
[  805.057785][T20369]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  805.057801][T20369]  ? __pfx_kvm_mmu_load+0x10/0x10
[  805.057813][T20369]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  805.057832][T20369]  ? kvm_check_and_inject_events+0x63d/0x1050
[  805.057849][T20369]  vcpu_run+0x39d2/0x5a80
[  805.057870][T20369]  ? __pfx_vcpu_run+0x10/0x10
[  805.057888][T20369]  ? rcu_is_watching+0x12/0xc0
[  805.057902][T20369]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  805.057915][T20369]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  805.057933][T20369]  kvm_vcpu_ioctl+0x76d/0x16d0
[  805.057952][T20369]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  805.057972][T20369]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  805.057987][T20369]  ? do_vfs_ioctl+0x128/0x14f0
[  805.058000][T20369]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  805.058012][T20369]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  805.058037][T20369]  ? hook_file_ioctl_common+0x144/0x410
[  805.058055][T20369]  ? selinux_file_ioctl+0x180/0x270
[  805.058072][T20369]  ? selinux_file_ioctl+0xb4/0x270
[  805.058091][T20369]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  805.058108][T20369]  __x64_sys_ioctl+0x18e/0x210
[  805.058122][T20369]  do_syscall_64+0xcd/0xf80
[  805.058141][T20369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.058152][T20369] RIP: 0033:0x7fd439b8f7c9
[  805.058162][T20369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  805.058173][T20369] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  805.058184][T20369] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  805.058192][T20369] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  805.058198][T20369] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  805.058205][T20369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  805.058212][T20369] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  805.058227][T20369]  </TASK>
[  805.182973][T20369] kvm: pic: single mode not supported
[  805.182987][T20369] kvm: pic: level sensitive irq not supported
[  805.189525][T20369] kvm: pic: level sensitive irq not supported
[  805.335069][T20390] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  805.357119][T20396] fuse: Bad value for 'group_id'
[  805.358707][T20396] fuse: Bad value for 'group_id'
[  805.390246][T20390] FAULT_INJECTION: forcing a failure.
[  805.390246][T20390] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  805.395712][T20390] CPU: 0 UID: 0 PID: 20390 Comm: syz.7.10964 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  805.395758][T20390] Tainted: [L]=SOFTLOCKUP
[  805.395764][T20390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  805.395775][T20390] Call Trace:
[  805.395792][T20390]  <TASK>
[  805.395800][T20390]  dump_stack_lvl+0x16c/0x1f0
[  805.395848][T20390]  should_fail_ex+0x512/0x640
[  805.395894][T20390]  _copy_from_user+0x2e/0xd0
[  805.395914][T20390]  generic_map_delete_batch+0x586/0xa90
[  805.395945][T20390]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  805.395973][T20390]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  805.395997][T20390]  bpf_map_do_batch+0x4b3/0x680
[  805.396019][T20390]  __sys_bpf+0x15ca/0x4980
[  805.396048][T20390]  ? __pfx___sys_bpf+0x10/0x10
[  805.396070][T20390]  ? find_held_lock+0x2b/0x80
[  805.396101][T20390]  ? find_held_lock+0x2b/0x80
[  805.396131][T20390]  ? __mutex_unlock_slowpath+0x161/0x790
[  805.396171][T20390]  ? fput+0x70/0xf0
[  805.396198][T20390]  ? ksys_write+0x1ac/0x250
[  805.396218][T20390]  ? __pfx_ksys_write+0x10/0x10
[  805.396243][T20390]  __x64_sys_bpf+0x78/0xc0
[  805.396281][T20390]  ? lockdep_hardirqs_on+0x7c/0x110
[  805.396308][T20390]  do_syscall_64+0xcd/0xf80
[  805.396335][T20390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.396353][T20390] RIP: 0033:0x7f5cc298f7c9
[  805.396368][T20390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  805.396385][T20390] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  805.396403][T20390] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  805.396411][T20390] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 000000000000001b
[  805.396418][T20390] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  805.396425][T20390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  805.396431][T20390] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  805.396447][T20390]  </TASK>
[  805.735061][T20417] Cannot find set identified by id 0 to match
[  805.772699][T20424] netlink: 'syz.8.10973': attribute type 1 has an invalid length.
[  805.786975][T20422] SELinux:  policydb magic number 0xffffffff does not match expected magic number 0xf97cff8c
[  805.796838][T20422] SELinux: failed to load policy
[  805.805951][T20424] bond1: entered promiscuous mode
[  805.809204][T20424] 8021q: adding VLAN 0 to HW filter on device bond1
[  805.816728][T20424] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10973'.
[  805.820023][T20424] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10973'.
[  805.822674][T20424] netlink: 24 bytes leftover after parsing attributes in process `syz.8.10973'.
[  805.838093][T20424] bond1: (slave bridge1): making interface the new active one
[  805.842119][T20424] bridge1: entered promiscuous mode
[  805.844777][T20424] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  806.326711][T20505] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  806.330190][T20505] SELinux: failed to load policy
[  806.569455][T20535] fuse: Unknown parameter 'user_i00000000000000000000'
[  806.675833][T20557] loop5: detected capacity change from 0 to 7
[  806.683481][T20557] Dev loop5: unable to read RDB block 7
[  806.687815][T20557]  loop5: unable to read partition table
[  806.690124][T20557] loop5: partition table beyond EOD, truncated
[  806.692670][T20557] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  806.878884][T20563] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  806.882522][T20563] SELinux: failed to load policy
[  806.923342][T20580] fuse: Unknown parameter 'user_i00000000000000000000'
[  807.052250][T20590] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  807.060992][T20590] FAULT_INJECTION: forcing a failure.
[  807.060992][T20590] name failslab, interval 1, probability 0, space 0, times 0
[  807.065338][T20590] CPU: 2 UID: 0 PID: 20590 Comm: syz.8.11005 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  807.065357][T20590] Tainted: [L]=SOFTLOCKUP
[  807.065361][T20590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  807.065368][T20590] Call Trace:
[  807.065384][T20590]  <TASK>
[  807.065391][T20590]  dump_stack_lvl+0x16c/0x1f0
[  807.065413][T20590]  should_fail_ex+0x512/0x640
[  807.065427][T20590]  ? kmem_cache_alloc_noprof+0x62/0x770
[  807.065441][T20590]  should_failslab+0xc2/0x120
[  807.065456][T20590]  kmem_cache_alloc_noprof+0x83/0x770
[  807.065467][T20590]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  807.065485][T20590]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  807.065507][T20590]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  807.065525][T20590]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  807.065544][T20590]  ? _raw_spin_unlock+0x28/0x50
[  807.065561][T20590]  mmu_topup_memory_caches+0x25/0x170
[  807.065578][T20590]  kvm_mmu_load+0xd6/0x2390
[  807.065615][T20590]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  807.065634][T20590]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  807.065650][T20590]  ? vmx_get_rflags+0x100/0x420
[  807.065670][T20590]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  807.065687][T20590]  ? __pfx_kvm_mmu_load+0x10/0x10
[  807.065698][T20590]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  807.065717][T20590]  ? kvm_check_and_inject_events+0x63d/0x1050
[  807.065734][T20590]  vcpu_run+0x39d2/0x5a80
[  807.065754][T20590]  ? __pfx_vcpu_run+0x10/0x10
[  807.065773][T20590]  ? rcu_is_watching+0x12/0xc0
[  807.065786][T20590]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  807.065800][T20590]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  807.065818][T20590]  kvm_vcpu_ioctl+0x76d/0x16d0
[  807.065837][T20590]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  807.065854][T20590]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  807.065869][T20590]  ? do_vfs_ioctl+0x128/0x14f0
[  807.065882][T20590]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  807.065894][T20590]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  807.065919][T20590]  ? hook_file_ioctl_common+0x144/0x410
[  807.065937][T20590]  ? selinux_file_ioctl+0x180/0x270
[  807.065954][T20590]  ? selinux_file_ioctl+0xb4/0x270
[  807.065972][T20590]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  807.065990][T20590]  __x64_sys_ioctl+0x18e/0x210
[  807.066003][T20590]  do_syscall_64+0xcd/0xf80
[  807.066021][T20590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  807.066033][T20590] RIP: 0033:0x7fd439b8f7c9
[  807.066043][T20590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  807.066053][T20590] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  807.066064][T20590] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  807.066072][T20590] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  807.066078][T20590] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  807.066085][T20590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  807.066091][T20590] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  807.066106][T20590]  </TASK>
[  807.068925][T20590] picdev_read: 15 callbacks suppressed
[  807.068936][T20590] kvm: pic: non byte read
[  807.181367][T20590] kvm: pic: single mode not supported
[  807.181384][T20590] kvm: pic: level sensitive irq not supported
[  807.183874][T20590] kvm: pic: non byte read
[  807.190824][T20590] kvm: pic: non byte read
[  807.195387][T20590] kvm: pic: non byte read
[  807.198460][T20590] kvm: pic: level sensitive irq not supported
[  807.198901][T20590] kvm: pic: non byte read
[  807.307245][T20617] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  807.348189][T20621] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  807.378291][T20621] FAULT_INJECTION: forcing a failure.
[  807.378291][T20621] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  807.383347][T20621] CPU: 0 UID: 0 PID: 20621 Comm: syz.5.11012 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  807.383366][T20621] Tainted: [L]=SOFTLOCKUP
[  807.383370][T20621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  807.383377][T20621] Call Trace:
[  807.383382][T20621]  <TASK>
[  807.383386][T20621]  dump_stack_lvl+0x16c/0x1f0
[  807.383408][T20621]  should_fail_ex+0x512/0x640
[  807.383424][T20621]  _copy_from_user+0x2e/0xd0
[  807.383437][T20621]  generic_map_delete_batch+0x586/0xa90
[  807.383456][T20621]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  807.383474][T20621]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  807.383490][T20621]  bpf_map_do_batch+0x4b3/0x680
[  807.383515][T20621]  __sys_bpf+0x15ca/0x4980
[  807.383534][T20621]  ? __pfx___sys_bpf+0x10/0x10
[  807.383549][T20621]  ? find_held_lock+0x2b/0x80
[  807.383569][T20621]  ? find_held_lock+0x2b/0x80
[  807.383589][T20621]  ? __mutex_unlock_slowpath+0x161/0x790
[  807.383619][T20621]  ? fput+0x70/0xf0
[  807.383636][T20621]  ? ksys_write+0x1ac/0x250
[  807.383650][T20621]  ? __pfx_ksys_write+0x10/0x10
[  807.383666][T20621]  __x64_sys_bpf+0x78/0xc0
[  807.383682][T20621]  ? lockdep_hardirqs_on+0x7c/0x110
[  807.383699][T20621]  do_syscall_64+0xcd/0xf80
[  807.383717][T20621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  807.383728][T20621] RIP: 0033:0x7f7d00b8f7c9
[  807.383739][T20621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  807.383750][T20621] RSP: 002b:00007f7d01ae8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  807.383762][T20621] RAX: ffffffffffffffda RBX: 00007f7d00de5fa0 RCX: 00007f7d00b8f7c9
[  807.383769][T20621] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 000000000000001b
[  807.383776][T20621] RBP: 00007f7d01ae8090 R08: 0000000000000000 R09: 0000000000000000
[  807.383782][T20621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  807.383789][T20621] R13: 00007f7d00de6038 R14: 00007f7d00de5fa0 R15: 00007ffe02948a68
[  807.383803][T20621]  </TASK>
[  807.467499][T20634] Cannot find del_set index 2 as target
[  807.705808][T20656] loop5: detected capacity change from 0 to 7
[  807.716453][T20656] Dev loop5: unable to read RDB block 7
[  807.718958][T20656]  loop5: unable to read partition table
[  807.720947][T20656] loop5: partition table beyond EOD, truncated
[  807.724149][T20656] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  807.767191][T20662] FAULT_INJECTION: forcing a failure.
[  807.767191][T20662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  807.772364][T20662] CPU: 0 UID: 0 PID: 20662 Comm: syz.5.11029 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  807.772393][T20662] Tainted: [L]=SOFTLOCKUP
[  807.772400][T20662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  807.772427][T20662] Call Trace:
[  807.772435][T20662]  <TASK>
[  807.772443][T20662]  dump_stack_lvl+0x16c/0x1f0
[  807.772475][T20662]  should_fail_ex+0x512/0x640
[  807.772500][T20662]  _copy_from_iter+0x2a4/0x16c0
[  807.772524][T20662]  ? __alloc_skb+0x220/0x410
[  807.772544][T20662]  ? __alloc_skb+0x35d/0x410
[  807.772564][T20662]  ? __pfx__copy_from_iter+0x10/0x10
[  807.772585][T20662]  ? netlink_autobind.isra.0+0x158/0x370
[  807.772622][T20662]  netlink_sendmsg+0x820/0xdd0
[  807.772660][T20662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  807.772696][T20662]  ____sys_sendmsg+0xa5d/0xc30
[  807.772726][T20662]  ? copy_msghdr_from_user+0x10a/0x160
[  807.772750][T20662]  ? __pfx_____sys_sendmsg+0x10/0x10
[  807.772791][T20662]  ___sys_sendmsg+0x134/0x1d0
[  807.772815][T20662]  ? __pfx____sys_sendmsg+0x10/0x10
[  807.772870][T20662]  __sys_sendmsg+0x16d/0x220
[  807.772894][T20662]  ? __pfx___sys_sendmsg+0x10/0x10
[  807.772934][T20662]  do_syscall_64+0xcd/0xf80
[  807.772965][T20662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  807.772985][T20662] RIP: 0033:0x7f7d00b8f7c9
[  807.773000][T20662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  807.773018][T20662] RSP: 002b:00007f7d01ae8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  807.773038][T20662] RAX: ffffffffffffffda RBX: 00007f7d00de5fa0 RCX: 00007f7d00b8f7c9
[  807.773050][T20662] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  807.773061][T20662] RBP: 00007f7d01ae8090 R08: 0000000000000000 R09: 0000000000000000
[  807.773073][T20662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  807.773084][T20662] R13: 00007f7d00de6038 R14: 00007f7d00de5fa0 R15: 00007ffe02948a68
[  807.773110][T20662]  </TASK>
[  807.807684][ T5991] usb 7-1: new high-speed USB device number 80 using dummy_hcd
[  808.023016][ T5991] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  808.025321][ T5991] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 109, changing to 7
[  808.028911][ T5991] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 33022, setting to 1024
[  808.033539][ T5991] usb 7-1: config 0 interface 0 has no altsetting 0
[  808.043372][ T5991] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  808.046297][ T5991] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  808.048816][ T5991] usb 7-1: Product: syz
[  808.050216][ T5991] usb 7-1: Manufacturer: syz
[  808.051563][ T5991] usb 7-1: SerialNumber: syz
[  808.066879][ T5991] usb 7-1: config 0 descriptor??
[  808.070155][ T5991] hub 7-1:0.0: bad descriptor, ignoring hub
[  808.071777][ T5991] hub 7-1:0.0: probe with driver hub failed with error -5
[  808.095436][ T5991] usb 7-1: selecting invalid altsetting 0
[  808.116184][T20683] fuse: Unknown parameter 'user_id00000000000000000000'
[  808.250932][T20703] loop5: detected capacity change from 0 to 7
[  808.261142][T28094] Dev loop5: unable to read RDB block 7
[  808.263396][T28094]  loop5: unable to read partition table
[  808.265547][T28094] loop5: partition table beyond EOD, truncated
[  808.278611][T20703] Dev loop5: unable to read RDB block 7
[  808.280667][T20703]  loop5: unable to read partition table
[  808.282908][T20703] loop5: partition table beyond EOD, truncated
[  808.286512][T20703] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  808.374057][T20715] tipc: Started in network mode
[  808.376635][T20715] tipc: Node identity 56003b5266e4, cluster identity 4711
[  808.379092][T20715] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  808.407001][   T29] usb 7-1: USB disconnect, device number 80
[  808.492442][T20715] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  808.495523][T20716] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  808.564865][T20715] tipc: Resetting bearer <eth:syzkaller0>
[  808.684844][   T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  809.183390][   T40] kauditd_printk_skb: 307 callbacks suppressed
[  809.183408][   T40] audit: type=1400 audit(1765283425.904:44091): avc:  denied  { create } for  pid=20761 comm="syz.2.11036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  809.193720][   T40] audit: type=1400 audit(1765283425.904:44092): avc:  denied  { write } for  pid=20761 comm="syz.2.11036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  809.210693][   T40] audit: type=1400 audit(1765283425.904:44093): avc:  denied  { prog_load } for  pid=20761 comm="syz.2.11036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  809.217460][   T40] audit: type=1400 audit(1765283425.904:44094): avc:  denied  { prog_run } for  pid=20761 comm="syz.2.11036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  809.220116][T20764] SELinux: failed to load policy
[  809.224074][   T40] audit: type=1400 audit(1765283425.932:44095): avc:  denied  { load_policy } for  pid=20763 comm="syz.5.11037" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  809.342291][   T40] audit: type=1400 audit(1765283426.054:44096): avc:  denied  { append } for  pid=20771 comm="syz.5.11039" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  809.350052][T20772] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  809.353135][T20772] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  809.356694][   T40] audit: type=1400 audit(1765283426.063:44097): avc:  denied  { read write } for  pid=20771 comm="syz.5.11039" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  809.367828][   T40] audit: type=1400 audit(1765283426.063:44098): avc:  denied  { open } for  pid=20771 comm="syz.5.11039" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  809.378033][   T40] audit: type=1400 audit(1765283426.063:44099): avc:  denied  { mounton } for  pid=20771 comm="syz.5.11039" path="/389/file0" dev="tmpfs" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  809.391980][   T40] audit: type=1400 audit(1765283426.063:44100): avc:  denied  { mount } for  pid=20771 comm="syz.5.11039" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  809.436502][T20775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  809.613199][T20784] loop5: detected capacity change from 0 to 7
[  809.622306][T28094] Dev loop5: unable to read RDB block 7
[  809.624374][T28094]  loop5: unable to read partition table
[  809.626373][T28094] loop5: partition table beyond EOD, truncated
[  809.643260][T20784] Dev loop5: unable to read RDB block 7
[  809.645368][T20784]  loop5: unable to read partition table
[  809.654421][T20784] loop5: partition table beyond EOD, truncated
[  809.663511][T20784] loop_reread_partitions: partition scan of loop5 (�������g�C�j̖�P=��!MX���	���%��`�搘ȵ4FLQk݊5) failed (rc=-5)
[  810.354942][T20803] FAULT_INJECTION: forcing a failure.
[  810.354942][T20803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  810.363174][T20803] CPU: 2 UID: 0 PID: 20803 Comm: syz.5.11046 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  810.363193][T20803] Tainted: [L]=SOFTLOCKUP
[  810.363197][T20803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  810.363204][T20803] Call Trace:
[  810.363209][T20803]  <TASK>
[  810.363214][T20803]  dump_stack_lvl+0x16c/0x1f0
[  810.363237][T20803]  should_fail_ex+0x512/0x640
[  810.363252][T20803]  _copy_to_user+0x32/0xd0
[  810.363266][T20803]  simple_read_from_buffer+0xcb/0x170
[  810.363282][T20803]  proc_fail_nth_read+0x197/0x240
[  810.363295][T20803]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  810.363307][T20803]  ? rw_verify_area+0xcf/0x6c0
[  810.363320][T20803]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  810.363331][T20803]  vfs_read+0x1e4/0xcf0
[  810.363345][T20803]  ? __pfx___mutex_lock+0x10/0x10
[  810.363357][T20803]  ? __pfx_vfs_read+0x10/0x10
[  810.363374][T20803]  ? __fget_files+0x20e/0x3c0
[  810.363388][T20803]  ? _raw_spin_unlock+0x40/0x50
[  810.363407][T20803]  ksys_read+0x12a/0x250
[  810.363420][T20803]  ? __pfx_ksys_read+0x10/0x10
[  810.363437][T20803]  do_syscall_64+0xcd/0xf80
[  810.363455][T20803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.363467][T20803] RIP: 0033:0x7f7d00b8e1dc
[  810.363477][T20803] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  810.363488][T20803] RSP: 002b:00007f7d01ae8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  810.363499][T20803] RAX: ffffffffffffffda RBX: 00007f7d00de5fa0 RCX: 00007f7d00b8e1dc
[  810.363506][T20803] RDX: 000000000000000f RSI: 00007f7d01ae80a0 RDI: 0000000000000003
[  810.363513][T20803] RBP: 00007f7d01ae8090 R08: 0000000000000000 R09: 0000000000000000
[  810.363520][T20803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  810.363526][T20803] R13: 00007f7d00de6038 R14: 00007f7d00de5fa0 R15: 00007ffe02948a68
[  810.363541][T20803]  </TASK>
[  810.609804][T20715] tipc: Disabling bearer <eth:syzkaller0>
[  810.615941][   T29] tipc: Node number set to 820263762
[  810.663977][T20822] FAULT_INJECTION: forcing a failure.
[  810.663977][T20822] name failslab, interval 1, probability 0, space 0, times 0
[  810.667944][T20822] CPU: 3 UID: 0 PID: 20822 Comm: syz.7.11049 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  810.667963][T20822] Tainted: [L]=SOFTLOCKUP
[  810.667967][T20822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  810.667974][T20822] Call Trace:
[  810.667979][T20822]  <TASK>
[  810.667986][T20822]  dump_stack_lvl+0x16c/0x1f0
[  810.668007][T20822]  should_fail_ex+0x512/0x640
[  810.668020][T20822]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  810.668035][T20822]  should_failslab+0xc2/0x120
[  810.668052][T20822]  kmem_cache_alloc_noprof+0x83/0x770
[  810.668065][T20822]  ? skb_clone+0x190/0x3f0
[  810.668082][T20822]  ? skb_clone+0x190/0x3f0
[  810.668095][T20822]  skb_clone+0x190/0x3f0
[  810.668109][T20822]  netlink_deliver_tap+0xabd/0xd30
[  810.668129][T20822]  netlink_unicast+0x64c/0x870
[  810.668147][T20822]  ? __pfx_netlink_unicast+0x10/0x10
[  810.668169][T20822]  netlink_sendmsg+0x8c8/0xdd0
[  810.668188][T20822]  ? __pfx_netlink_sendmsg+0x10/0x10
[  810.668210][T20822]  ____sys_sendmsg+0xa5d/0xc30
[  810.668229][T20822]  ? copy_msghdr_from_user+0x10a/0x160
[  810.668249][T20822]  ? __pfx_____sys_sendmsg+0x10/0x10
[  810.668273][T20822]  ___sys_sendmsg+0x134/0x1d0
[  810.668288][T20822]  ? __pfx____sys_sendmsg+0x10/0x10
[  810.668320][T20822]  __sys_sendmsg+0x16d/0x220
[  810.668341][T20822]  ? __pfx___sys_sendmsg+0x10/0x10
[  810.668372][T20822]  ? fput+0x70/0xf0
[  810.668403][T20822]  do_syscall_64+0xcd/0xf80
[  810.668433][T20822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.668448][T20822] RIP: 0033:0x7f5cc298f7c9
[  810.668458][T20822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  810.668469][T20822] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  810.668481][T20822] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  810.668489][T20822] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  810.668496][T20822] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  810.668503][T20822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  810.668509][T20822] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  810.668523][T20822]  </TASK>
[  811.017436][T20843] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  811.022513][T20843] overlayfs: failed to set xattr on upper
[  811.025002][T20843] overlayfs: ...falling back to redirect_dir=nofollow.
[  811.028039][T20843] overlayfs: ...falling back to index=off.
[  811.030581][T20843] overlayfs: ...falling back to uuid=null.
[  811.033359][T20843] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  811.310924][T20859] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11059'.
[  811.524605][T20866] netlink: 'syz.5.11060': attribute type 16 has an invalid length.
[  811.528696][T20866] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.11060'.
[  811.658323][T20881] fuse: Unknown parameter 'grou00000000000000000000'
[  811.915924][T20904] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  811.920330][T20904] FAULT_INJECTION: forcing a failure.
[  811.920330][T20904] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  811.925035][T20904] CPU: 3 UID: 0 PID: 20904 Comm: syz.2.11067 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  811.925063][T20904] Tainted: [L]=SOFTLOCKUP
[  811.925070][T20904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  811.925080][T20904] Call Trace:
[  811.925084][T20904]  <TASK>
[  811.925089][T20904]  dump_stack_lvl+0x16c/0x1f0
[  811.925125][T20904]  should_fail_ex+0x512/0x640
[  811.925142][T20904]  should_fail_alloc_page+0xe7/0x130
[  811.925159][T20904]  prepare_alloc_pages+0x401/0x670
[  811.925175][T20904]  ? stack_depot_save_flags+0x29/0x9b0
[  811.925189][T20904]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  811.925202][T20904]  ? kasan_save_stack+0x33/0x60
[  811.925215][T20904]  ? kasan_save_track+0x14/0x30
[  811.925226][T20904]  ? __kasan_kmalloc+0xaa/0xb0
[  811.925237][T20904]  ? __kvmalloc_node_noprof+0x3ac/0xa40
[  811.925250][T20904]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  811.925269][T20904]  ? mmu_topup_memory_caches+0xbc/0x170
[  811.925282][T20904]  ? kvm_mmu_load+0xd6/0x2390
[  811.925293][T20904]  ? vcpu_run+0x39d2/0x5a80
[  811.925305][T20904]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  811.925319][T20904]  ? kvm_vcpu_ioctl+0x76d/0x16d0
[  811.925334][T20904]  ? __x64_sys_ioctl+0x18e/0x210
[  811.925346][T20904]  ? do_syscall_64+0xcd/0xf80
[  811.925362][T20904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.925376][T20904]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  811.925396][T20904]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  811.925411][T20904]  ? policy_nodemask+0xea/0x4e0
[  811.925427][T20904]  alloc_pages_mpol+0x1fb/0x550
[  811.925442][T20904]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  811.925457][T20904]  ? __kvmalloc_node_noprof+0x3c9/0xa40
[  811.925470][T20904]  ? trace_kmem_cache_alloc+0x28/0xb0
[  811.925487][T20904]  alloc_pages_noprof+0x131/0x390
[  811.925502][T20904]  get_free_pages_noprof+0x10/0xb0
[  811.925515][T20904]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  811.925535][T20904]  ? _raw_spin_unlock+0x28/0x50
[  811.925583][T20904]  mmu_topup_memory_caches+0xbc/0x170
[  811.925598][T20904]  kvm_mmu_load+0xd6/0x2390
[  811.925610][T20904]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  811.925627][T20904]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  811.925644][T20904]  ? vmx_get_rflags+0x100/0x420
[  811.925659][T20904]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  811.925676][T20904]  ? __pfx_kvm_mmu_load+0x10/0x10
[  811.925701][T20904]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  811.925720][T20904]  ? kvm_check_and_inject_events+0x63d/0x1050
[  811.925737][T20904]  vcpu_run+0x39d2/0x5a80
[  811.925756][T20904]  ? __pfx_vcpu_run+0x10/0x10
[  811.925775][T20904]  ? rcu_is_watching+0x12/0xc0
[  811.925788][T20904]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  811.925803][T20904]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  811.925821][T20904]  kvm_vcpu_ioctl+0x76d/0x16d0
[  811.925840][T20904]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  811.925857][T20904]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  811.925871][T20904]  ? do_vfs_ioctl+0x128/0x14f0
[  811.925883][T20904]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  811.925896][T20904]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  811.925919][T20904]  ? hook_file_ioctl_common+0x144/0x410
[  811.925937][T20904]  ? selinux_file_ioctl+0x180/0x270
[  811.925954][T20904]  ? selinux_file_ioctl+0xb4/0x270
[  811.925972][T20904]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  811.925990][T20904]  __x64_sys_ioctl+0x18e/0x210
[  811.926003][T20904]  do_syscall_64+0xcd/0xf80
[  811.926021][T20904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.926032][T20904] RIP: 0033:0x7f5e2bd8f7c9
[  811.926042][T20904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.926053][T20904] RSP: 002b:00007f5e2cb8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  811.926064][T20904] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8f7c9
[  811.926072][T20904] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  811.926078][T20904] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  811.926085][T20904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  811.926091][T20904] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  811.926111][T20904]  </TASK>
[  812.502079][T20944] fuse: Unknown parameter 'grou00000000000000000000'
[  812.779725][ T1954] usb 7-1: new high-speed USB device number 81 using dummy_hcd
[  812.925380][T20984] SELinux:  policydb magic number 0x78300003 does not match expected magic number 0xf97cff8c
[  812.929671][T20984] SELinux: failed to load policy
[  812.942950][ T1954] usb 7-1: config 0 has no interfaces?
[  812.948155][ T1954] usb 7-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  812.962406][ T1954] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.965751][ T1954] usb 7-1: Product: syz
[  812.972408][ T1954] usb 7-1: Manufacturer: syz
[  812.974428][ T1954] usb 7-1: SerialNumber: syz
[  812.983333][ T1954] usb 7-1: config 0 descriptor??
[  813.205265][T20948] Bluetooth: hci0: invalid length 0, exp 2 for type 11
[  813.212794][T23109] usb 7-1: USB disconnect, device number 81
[  813.238470][T21008] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11088'.
[  813.242024][ T2706] bond0: (slave bond_slave_0): interface is now down
[  813.246499][ T2706] bond0: (slave bond_slave_1): interface is now down
[  813.248904][ T2706] bond0: (slave wlan1): interface is now down
[  813.256524][ T2706] bond0: now running without any active interface!
[  813.541093][T21012] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  813.545003][T21012] SELinux: failed to load policy
[  813.821654][T21025] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  813.870942][T21025] FAULT_INJECTION: forcing a failure.
[  813.870942][T21025] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  813.875113][T21025] CPU: 0 UID: 0 PID: 21025 Comm: syz.2.11094 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  813.875132][T21025] Tainted: [L]=SOFTLOCKUP
[  813.875136][T21025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  813.875144][T21025] Call Trace:
[  813.875149][T21025]  <TASK>
[  813.875154][T21025]  dump_stack_lvl+0x16c/0x1f0
[  813.875177][T21025]  should_fail_ex+0x512/0x640
[  813.875192][T21025]  _copy_from_user+0x2e/0xd0
[  813.875206][T21025]  generic_map_delete_batch+0x586/0xa90
[  813.875225][T21025]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  813.875243][T21025]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  813.875259][T21025]  bpf_map_do_batch+0x4b3/0x680
[  813.875273][T21025]  __sys_bpf+0x15ca/0x4980
[  813.875291][T21025]  ? __pfx___sys_bpf+0x10/0x10
[  813.875306][T21025]  ? find_held_lock+0x2b/0x80
[  813.875326][T21025]  ? find_held_lock+0x2b/0x80
[  813.875346][T21025]  ? __mutex_unlock_slowpath+0x161/0x790
[  813.875371][T21025]  ? fput+0x70/0xf0
[  813.875388][T21025]  ? ksys_write+0x1ac/0x250
[  813.875402][T21025]  ? __pfx_ksys_write+0x10/0x10
[  813.875418][T21025]  __x64_sys_bpf+0x78/0xc0
[  813.875434][T21025]  ? lockdep_hardirqs_on+0x7c/0x110
[  813.875451][T21025]  do_syscall_64+0xcd/0xf80
[  813.875469][T21025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.875480][T21025] RIP: 0033:0x7f5e2bd8f7c9
[  813.875489][T21025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  813.875505][T21025] RSP: 002b:00007f5e2cb8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  813.875516][T21025] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8f7c9
[  813.875523][T21025] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 000000000000001b
[  813.875530][T21025] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  813.875537][T21025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  813.875544][T21025] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  813.875558][T21025]  </TASK>
[  814.623109][   T40] kauditd_printk_skb: 242 callbacks suppressed
[  814.623126][   T40] audit: type=1400 audit(1765283430.992:44343): avc:  denied  { create } for  pid=21090 comm="syz.5.11106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  814.632702][   T40] audit: type=1400 audit(1765283430.992:44344): avc:  denied  { read write } for  pid=21090 comm="syz.5.11106" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  814.640456][   T40] audit: type=1400 audit(1765283430.992:44345): avc:  denied  { open } for  pid=21090 comm="syz.5.11106" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  814.797319][T21095] FAULT_INJECTION: forcing a failure.
[  814.797319][T21095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  814.802190][T21095] CPU: 2 UID: 0 PID: 21095 Comm: syz.2.11107 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  814.802219][T21095] Tainted: [L]=SOFTLOCKUP
[  814.802225][T21095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  814.802236][T21095] Call Trace:
[  814.802255][T21095]  <TASK>
[  814.802262][T21095]  dump_stack_lvl+0x16c/0x1f0
[  814.802311][T21095]  should_fail_ex+0x512/0x640
[  814.802342][T21095]  _copy_to_user+0x32/0xd0
[  814.802362][T21095]  simple_read_from_buffer+0xcb/0x170
[  814.802388][T21095]  proc_fail_nth_read+0x197/0x240
[  814.802407][T21095]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  814.802427][T21095]  ? rw_verify_area+0xcf/0x6c0
[  814.802445][T21095]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  814.802463][T21095]  vfs_read+0x1e4/0xcf0
[  814.802484][T21095]  ? __pfx___mutex_lock+0x10/0x10
[  814.802502][T21095]  ? __pfx_vfs_read+0x10/0x10
[  814.802530][T21095]  ? __fget_files+0x20e/0x3c0
[  814.802559][T21095]  ksys_read+0x12a/0x250
[  814.802579][T21095]  ? __pfx_ksys_read+0x10/0x10
[  814.802606][T21095]  do_syscall_64+0xcd/0xf80
[  814.802634][T21095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.802652][T21095] RIP: 0033:0x7f5e2bd8e1dc
[  814.802665][T21095] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  814.802681][T21095] RSP: 002b:00007f5e2cb8d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  814.802698][T21095] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8e1dc
[  814.802709][T21095] RDX: 000000000000000f RSI: 00007f5e2cb8d0a0 RDI: 000000000000000b
[  814.802720][T21095] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  814.802730][T21095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.802740][T21095] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  814.802764][T21095]  </TASK>
[  814.894661][   T40] audit: type=1400 audit(1765283431.244:44346): avc:  denied  { name_bind } for  pid=21096 comm="syz.8.11108" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  814.901762][   T40] audit: type=1400 audit(1765283431.244:44347): avc:  denied  { node_bind } for  pid=21096 comm="syz.8.11108" saddr=224.0.0.2 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  814.909661][   T40] audit: type=1400 audit(1765283431.244:44348): avc:  denied  { read } for  pid=21096 comm="syz.8.11108" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  814.916769][   T40] audit: type=1400 audit(1765283431.244:44349): avc:  denied  { open } for  pid=21096 comm="syz.8.11108" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  814.917600][T21099] FAULT_INJECTION: forcing a failure.
[  814.917600][T21099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  814.924434][   T40] audit: type=1400 audit(1765283431.244:44350): avc:  denied  { ioctl } for  pid=21096 comm="syz.8.11108" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  814.930456][T21099] CPU: 3 UID: 0 PID: 21099 Comm: syz.2.11109 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  814.930484][T21099] Tainted: [L]=SOFTLOCKUP
[  814.930490][T21099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  814.930502][T21099] Call Trace:
[  814.930509][T21099]  <TASK>
[  814.930516][T21099]  dump_stack_lvl+0x16c/0x1f0
[  814.930548][T21099]  should_fail_ex+0x512/0x640
[  814.930572][T21099]  _copy_to_user+0x32/0xd0
[  814.930593][T21099]  simple_read_from_buffer+0xcb/0x170
[  814.930618][T21099]  proc_fail_nth_read+0x197/0x240
[  814.930637][T21099]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  814.930656][T21099]  ? rw_verify_area+0xcf/0x6c0
[  814.930675][T21099]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  814.930692][T21099]  vfs_read+0x1e4/0xcf0
[  814.930713][T21099]  ? __pfx___mutex_lock+0x10/0x10
[  814.930731][T21099]  ? __pfx_vfs_read+0x10/0x10
[  814.930757][T21099]  ? __fget_files+0x20e/0x3c0
[  814.930788][T21099]  ksys_read+0x12a/0x250
[  814.930808][T21099]  ? __pfx_ksys_read+0x10/0x10
[  814.930829][T21099]  ? fput+0x70/0xf0
[  814.930857][T21099]  do_syscall_64+0xcd/0xf80
[  814.930890][T21099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.930909][T21099] RIP: 0033:0x7f5e2bd8e1dc
[  814.930923][T21099] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  814.930940][T21099] RSP: 002b:00007f5e2cb8d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  814.930957][T21099] RAX: ffffffffffffffda RBX: 00007f5e2bfe5fa0 RCX: 00007f5e2bd8e1dc
[  814.930969][T21099] RDX: 000000000000000f RSI: 00007f5e2cb8d0a0 RDI: 0000000000000008
[  814.930979][T21099] RBP: 00007f5e2cb8d090 R08: 0000000000000000 R09: 0000000000000000
[  814.930990][T21099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.931001][T21099] R13: 00007f5e2bfe6038 R14: 00007f5e2bfe5fa0 R15: 00007ffe646905a8
[  814.931025][T21099]  </TASK>
[  814.999727][   T40] audit: type=1400 audit(1765283431.319:44351): avc:  denied  { write } for  pid=21096 comm="syz.8.11108" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  815.098957][T21115] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.11111'.
[  815.104442][T21114] batadv_slave_0: entered promiscuous mode
[  815.104543][   T40] audit: type=1400 audit(1765283431.441:44352): avc:  denied  { execmem } for  pid=21113 comm="syz.2.11111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  815.106325][T21114] batadv_slave_0: entered allmulticast mode
[  815.290436][T21128] FAULT_INJECTION: forcing a failure.
[  815.290436][T21128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  815.296363][T21128] CPU: 1 UID: 0 PID: 21128 Comm: syz.8.11114 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  815.296393][T21128] Tainted: [L]=SOFTLOCKUP
[  815.296399][T21128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  815.296411][T21128] Call Trace:
[  815.296418][T21128]  <TASK>
[  815.296427][T21128]  dump_stack_lvl+0x16c/0x1f0
[  815.296460][T21128]  should_fail_ex+0x512/0x640
[  815.296484][T21128]  _copy_from_user+0x2e/0xd0
[  815.296505][T21128]  ____sys_sendmsg+0x607/0xc30
[  815.296536][T21128]  ? __pfx_____sys_sendmsg+0x10/0x10
[  815.296569][T21128]  ? __pfx__kstrtoull+0x10/0x10
[  815.296599][T21128]  ___sys_sendmsg+0x134/0x1d0
[  815.296624][T21128]  ? __pfx____sys_sendmsg+0x10/0x10
[  815.296659][T21128]  ? find_held_lock+0x2b/0x80
[  815.296703][T21128]  __sys_sendmmsg+0x200/0x420
[  815.296729][T21128]  ? __pfx___sys_sendmmsg+0x10/0x10
[  815.296761][T21128]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  815.296801][T21128]  ? fput+0x70/0xf0
[  815.296829][T21128]  ? ksys_write+0x1ac/0x250
[  815.296856][T21128]  ? __pfx_ksys_write+0x10/0x10
[  815.296879][T21128]  __x64_sys_sendmmsg+0x9c/0x100
[  815.296900][T21128]  ? lockdep_hardirqs_on+0x7c/0x110
[  815.296925][T21128]  do_syscall_64+0xcd/0xf80
[  815.296952][T21128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.296969][T21128] RIP: 0033:0x7fd439b8f7c9
[  815.296984][T21128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.297001][T21128] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  815.297019][T21128] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  815.297030][T21128] RDX: 0000000000000027 RSI: 00002000000017c0 RDI: 0000000000000003
[  815.297040][T21128] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  815.297050][T21128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  815.297061][T21128] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  815.297086][T21128]  </TASK>
[  815.559844][T21139] fuse: Unknown parameter 'group_i00000000000000000000'
[  815.589401][T21136] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  815.592501][T21136] SELinux: failed to load policy
[  816.012648][T21160] nbd: must specify an index to disconnect
[  816.397477][T21185] fuse: Unknown parameter 'group_i00000000000000000000'
[  816.665226][T21193] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  816.668797][T21193] SELinux: failed to load policy
[  816.769868][T21206] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  816.777220][T21206] FAULT_INJECTION: forcing a failure.
[  816.777220][T21206] name failslab, interval 1, probability 0, space 0, times 0
[  816.782331][T21206] CPU: 1 UID: 0 PID: 21206 Comm: syz.7.11132 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  816.782351][T21206] Tainted: [L]=SOFTLOCKUP
[  816.782356][T21206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  816.782363][T21206] Call Trace:
[  816.782368][T21206]  <TASK>
[  816.782373][T21206]  dump_stack_lvl+0x16c/0x1f0
[  816.782395][T21206]  should_fail_ex+0x512/0x640
[  816.782408][T21206]  ? kmem_cache_alloc_noprof+0x62/0x770
[  816.782422][T21206]  should_failslab+0xc2/0x120
[  816.782438][T21206]  kmem_cache_alloc_noprof+0x83/0x770
[  816.782449][T21206]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  816.782467][T21206]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  816.782488][T21206]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  816.782506][T21206]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  816.782526][T21206]  ? _raw_spin_unlock+0x28/0x50
[  816.782543][T21206]  mmu_topup_memory_caches+0x25/0x170
[  816.782559][T21206]  kvm_mmu_load+0xd6/0x2390
[  816.782571][T21206]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  816.782588][T21206]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  816.782605][T21206]  ? vmx_get_rflags+0x100/0x420
[  816.782620][T21206]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  816.782637][T21206]  ? __pfx_kvm_mmu_load+0x10/0x10
[  816.782648][T21206]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  816.782668][T21206]  ? kvm_check_and_inject_events+0x63d/0x1050
[  816.782685][T21206]  vcpu_run+0x39d2/0x5a80
[  816.782704][T21206]  ? __pfx_vcpu_run+0x10/0x10
[  816.782723][T21206]  ? rcu_is_watching+0x12/0xc0
[  816.782736][T21206]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  816.782751][T21206]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  816.782769][T21206]  kvm_vcpu_ioctl+0x76d/0x16d0
[  816.782787][T21206]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  816.782805][T21206]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  816.782824][T21206]  ? do_vfs_ioctl+0x128/0x14f0
[  816.782837][T21206]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  816.782850][T21206]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  816.782875][T21206]  ? hook_file_ioctl_common+0x144/0x410
[  816.782892][T21206]  ? selinux_file_ioctl+0x180/0x270
[  816.782909][T21206]  ? selinux_file_ioctl+0xb4/0x270
[  816.782927][T21206]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  816.782945][T21206]  __x64_sys_ioctl+0x18e/0x210
[  816.782959][T21206]  do_syscall_64+0xcd/0xf80
[  816.782978][T21206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.782989][T21206] RIP: 0033:0x7f5cc298f7c9
[  816.782999][T21206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  816.783011][T21206] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  816.783023][T21206] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  816.783030][T21206] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  816.783036][T21206] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  816.783043][T21206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  816.783050][T21206] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  816.783064][T21206]  </TASK>
[  816.786061][T21206] kvm: pic: non byte read
[  816.798836][T21212] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11133'.
[  816.801777][T21206] kvm: pic: non byte read
[  816.802877][T21206] kvm: pic: non byte read
[  816.916865][T21206] kvm: pic: non byte read
[  816.919749][T21206] kvm: pic: level sensitive irq not supported
[  816.920022][T21206] kvm: pic: non byte read
[  817.150984][T21235] FAULT_INJECTION: forcing a failure.
[  817.150984][T21235] name failslab, interval 1, probability 0, space 0, times 0
[  817.157690][T21235] CPU: 2 UID: 0 PID: 21235 Comm: syz.7.11137 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  817.157710][T21235] Tainted: [L]=SOFTLOCKUP
[  817.157714][T21235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  817.157722][T21235] Call Trace:
[  817.157727][T21235]  <TASK>
[  817.157732][T21235]  dump_stack_lvl+0x16c/0x1f0
[  817.157755][T21235]  should_fail_ex+0x512/0x640
[  817.157768][T21235]  ? trace_fib_table_lookup+0x19f/0x200
[  817.157786][T21235]  should_failslab+0xc2/0x120
[  817.157802][T21235]  kmem_cache_alloc_noprof+0x83/0x770
[  817.157816][T21235]  ? dst_alloc+0x99/0x1a0
[  817.157831][T21235]  ? dst_alloc+0x99/0x1a0
[  817.157843][T21235]  dst_alloc+0x99/0x1a0
[  817.157856][T21235]  rt_dst_alloc+0x35/0x3a0
[  817.157869][T21235]  ip_route_output_key_hash_rcu+0x87a/0x28e0
[  817.157889][T21235]  ip_route_output_key_hash+0x10f/0x2b0
[  817.157903][T21235]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  817.157922][T21235]  ? find_held_lock+0x2b/0x80
[  817.157941][T21235]  ip_route_output_flow+0x27/0x150
[  817.157956][T21235]  udp_sendmsg+0x1af9/0x2870
[  817.157969][T21235]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  817.157989][T21235]  ? __pfx_udp_sendmsg+0x10/0x10
[  817.157998][T21235]  ? tomoyo_supervisor+0xb0c/0x13b0
[  817.158013][T21235]  ? vsnprintf+0x331/0x11e0
[  817.158031][T21235]  ? __pfx_vsnprintf+0x10/0x10
[  817.158051][T21235]  ? __lock_acquire+0x436/0x2890
[  817.158063][T21235]  ? look_up_lock_class+0x6b/0x130
[  817.158087][T21235]  udpv6_sendmsg+0x128f/0x2d30
[  817.158109][T21235]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  817.158127][T21235]  ? __lock_acquire+0x436/0x2890
[  817.158145][T21235]  ? reacquire_held_locks+0xcd/0x1f0
[  817.158164][T21235]  ? rcu_is_watching+0x12/0xc0
[  817.158175][T21235]  ? __local_bh_enable_ip+0xa4/0x120
[  817.158192][T21235]  ? lockdep_hardirqs_on+0x7c/0x110
[  817.158208][T21235]  ? inet_autobind+0x145/0x1a0
[  817.158219][T21235]  ? __local_bh_enable_ip+0xa4/0x120
[  817.158235][T21235]  ? inet_autobind+0x14a/0x1a0
[  817.158246][T21235]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  817.158262][T21235]  ? inet6_sendmsg+0x105/0x140
[  817.158278][T21235]  inet6_sendmsg+0x105/0x140
[  817.158295][T21235]  ____sys_sendmsg+0x705/0xc30
[  817.158315][T21235]  ? __pfx_____sys_sendmsg+0x10/0x10
[  817.158335][T21235]  ? __pfx__kstrtoull+0x10/0x10
[  817.158353][T21235]  ___sys_sendmsg+0x134/0x1d0
[  817.158369][T21235]  ? __pfx____sys_sendmsg+0x10/0x10
[  817.158390][T21235]  ? find_held_lock+0x2b/0x80
[  817.158414][T21235]  __sys_sendmmsg+0x200/0x420
[  817.158430][T21235]  ? __pfx___sys_sendmmsg+0x10/0x10
[  817.158449][T21235]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  817.158472][T21235]  ? fput+0x70/0xf0
[  817.158490][T21235]  ? ksys_write+0x1ac/0x250
[  817.158503][T21235]  ? __pfx_ksys_write+0x10/0x10
[  817.158519][T21235]  __x64_sys_sendmmsg+0x9c/0x100
[  817.158533][T21235]  ? lockdep_hardirqs_on+0x7c/0x110
[  817.158550][T21235]  do_syscall_64+0xcd/0xf80
[  817.158572][T21235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.158583][T21235] RIP: 0033:0x7f5cc298f7c9
[  817.158594][T21235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  817.158608][T21235] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  817.158626][T21235] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  817.158637][T21235] RDX: 0000000000000027 RSI: 00002000000017c0 RDI: 0000000000000003
[  817.158649][T21235] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  817.158660][T21235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.158671][T21235] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  817.158699][T21235]  </TASK>
[  817.502486][T21255] Cannot find set identified by id 0 to match
[  817.567021][T21249] SELinux:  policydb version 1402900228 does not match my version range 15-35
[  817.570051][T21249] SELinux: failed to load policy
[  817.737915][T21277] FAULT_INJECTION: forcing a failure.
[  817.737915][T21277] name failslab, interval 1, probability 0, space 0, times 0
[  817.745694][T21277] CPU: 0 UID: 0 PID: 21277 Comm: syz.5.11148 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  817.745724][T21277] Tainted: [L]=SOFTLOCKUP
[  817.745731][T21277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  817.745743][T21277] Call Trace:
[  817.745750][T21277]  <TASK>
[  817.745757][T21277]  dump_stack_lvl+0x16c/0x1f0
[  817.745791][T21277]  should_fail_ex+0x512/0x640
[  817.745819][T21277]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  817.745842][T21277]  should_failslab+0xc2/0x120
[  817.745866][T21277]  kmem_cache_alloc_node_noprof+0x86/0x800
[  817.745885][T21277]  ? __alloc_skb+0x156/0x410
[  817.745910][T21277]  ? __alloc_skb+0x156/0x410
[  817.745929][T21277]  __alloc_skb+0x156/0x410
[  817.745948][T21277]  ? __alloc_skb+0x35d/0x410
[  817.745967][T21277]  ? __pfx___alloc_skb+0x10/0x10
[  817.745989][T21277]  ? netlink_autobind.isra.0+0x158/0x370
[  817.746023][T21277]  netlink_alloc_large_skb+0x69/0x140
[  817.746053][T21277]  netlink_sendmsg+0x698/0xdd0
[  817.746085][T21277]  ? __pfx_netlink_sendmsg+0x10/0x10
[  817.746122][T21277]  ____sys_sendmsg+0xa5d/0xc30
[  817.746151][T21277]  ? copy_msghdr_from_user+0x10a/0x160
[  817.746175][T21277]  ? __pfx_____sys_sendmsg+0x10/0x10
[  817.746214][T21277]  ___sys_sendmsg+0x134/0x1d0
[  817.746239][T21277]  ? __pfx____sys_sendmsg+0x10/0x10
[  817.746293][T21277]  __sys_sendmsg+0x16d/0x220
[  817.746318][T21277]  ? __pfx___sys_sendmsg+0x10/0x10
[  817.746359][T21277]  do_syscall_64+0xcd/0xf80
[  817.746388][T21277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.746408][T21277] RIP: 0033:0x7f7d00b8f7c9
[  817.746423][T21277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  817.746441][T21277] RSP: 002b:00007f7d01ae8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  817.746459][T21277] RAX: ffffffffffffffda RBX: 00007f7d00de5fa0 RCX: 00007f7d00b8f7c9
[  817.746472][T21277] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[  817.746483][T21277] RBP: 00007f7d01ae8090 R08: 0000000000000000 R09: 0000000000000000
[  817.746494][T21277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.746504][T21277] R13: 00007f7d00de6038 R14: 00007f7d00de5fa0 R15: 00007ffe02948a68
[  817.746530][T21277]  </TASK>
[  818.684172][T21331] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  818.737110][T21331] FAULT_INJECTION: forcing a failure.
[  818.737110][T21331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  818.745520][T21331] CPU: 1 UID: 0 PID: 21331 Comm: syz.8.11163 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  818.745552][T21331] Tainted: [L]=SOFTLOCKUP
[  818.745559][T21331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  818.745579][T21331] Call Trace:
[  818.745586][T21331]  <TASK>
[  818.745594][T21331]  dump_stack_lvl+0x16c/0x1f0
[  818.745647][T21331]  should_fail_ex+0x512/0x640
[  818.745673][T21331]  _copy_from_user+0x2e/0xd0
[  818.745696][T21331]  generic_map_delete_batch+0x586/0xa90
[  818.745728][T21331]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  818.745758][T21331]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  818.745783][T21331]  bpf_map_do_batch+0x4b3/0x680
[  818.745807][T21331]  __sys_bpf+0x15ca/0x4980
[  818.745836][T21331]  ? __pfx___sys_bpf+0x10/0x10
[  818.745875][T21331]  ? find_held_lock+0x2b/0x80
[  818.745910][T21331]  ? find_held_lock+0x2b/0x80
[  818.745944][T21331]  ? __mutex_unlock_slowpath+0x161/0x790
[  818.745988][T21331]  ? fput+0x70/0xf0
[  818.746015][T21331]  ? ksys_write+0x1ac/0x250
[  818.746037][T21331]  ? __pfx_ksys_write+0x10/0x10
[  818.746064][T21331]  __x64_sys_bpf+0x78/0xc0
[  818.746090][T21331]  ? lockdep_hardirqs_on+0x7c/0x110
[  818.746117][T21331]  do_syscall_64+0xcd/0xf80
[  818.746147][T21331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.746166][T21331] RIP: 0033:0x7fd439b8f7c9
[  818.746181][T21331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  818.746198][T21331] RSP: 002b:00007fd43ab01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  818.746217][T21331] RAX: ffffffffffffffda RBX: 00007fd439de5fa0 RCX: 00007fd439b8f7c9
[  818.746230][T21331] RDX: 0000000000000038 RSI: 0000200000000040 RDI: 000000000000001b
[  818.746242][T21331] RBP: 00007fd43ab01090 R08: 0000000000000000 R09: 0000000000000000
[  818.746253][T21331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  818.746264][T21331] R13: 00007fd439de6038 R14: 00007fd439de5fa0 R15: 00007ffce59e07e8
[  818.746290][T21331]  </TASK>
[  818.772146][T21345] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  818.854608][T21345] FAULT_INJECTION: forcing a failure.
[  818.854608][T21345] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  818.859484][T21345] CPU: 2 UID: 0 PID: 21345 Comm: syz.7.11168 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  818.859504][T21345] Tainted: [L]=SOFTLOCKUP
[  818.859509][T21345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  818.859517][T21345] Call Trace:
[  818.859523][T21345]  <TASK>
[  818.859529][T21345]  dump_stack_lvl+0x16c/0x1f0
[  818.859551][T21345]  should_fail_ex+0x512/0x640
[  818.859567][T21345]  should_fail_alloc_page+0xe7/0x130
[  818.859584][T21345]  prepare_alloc_pages+0x401/0x670
[  818.859599][T21345]  ? rcu_is_watching+0x12/0xc0
[  818.859612][T21345]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  818.859625][T21345]  ? kasan_save_stack+0x33/0x60
[  818.859637][T21345]  ? kasan_save_track+0x14/0x30
[  818.859649][T21345]  ? __kasan_kmalloc+0xaa/0xb0
[  818.859660][T21345]  ? __kvmalloc_node_noprof+0x3ac/0xa40
[  818.859672][T21345]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  818.859690][T21345]  ? mmu_topup_memory_caches+0xbc/0x170
[  818.859704][T21345]  ? kvm_mmu_load+0xd6/0x2390
[  818.859714][T21345]  ? vcpu_run+0x39d2/0x5a80
[  818.859727][T21345]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  818.859740][T21345]  ? kvm_vcpu_ioctl+0x76d/0x16d0
[  818.859756][T21345]  ? do_syscall_64+0xcd/0xf80
[  818.859775][T21345]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  818.859792][T21345]  ? irqentry_exit+0x1dd/0x8c0
[  818.859817][T21345]  ? policy_nodemask+0x3c9/0x4e0
[  818.859832][T21345]  ? policy_nodemask+0xea/0x4e0
[  818.859845][T21345]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  818.859859][T21345]  ? policy_nodemask+0xea/0x4e0
[  818.859874][T21345]  alloc_pages_mpol+0x1fb/0x550
[  818.859890][T21345]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  818.859904][T21345]  ? __kvmalloc_node_noprof+0x3c9/0xa40
[  818.859917][T21345]  ? trace_kmem_cache_alloc+0x28/0xb0
[  818.859934][T21345]  alloc_pages_noprof+0x131/0x390
[  818.859949][T21345]  get_free_pages_noprof+0x10/0xb0
[  818.859962][T21345]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  818.859985][T21345]  mmu_topup_memory_caches+0xbc/0x170
[  818.859999][T21345]  kvm_mmu_load+0xd6/0x2390
[  818.860012][T21345]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  818.860029][T21345]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  818.860045][T21345]  ? vmx_get_rflags+0x100/0x420
[  818.860061][T21345]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  818.860078][T21345]  ? __pfx_kvm_mmu_load+0x10/0x10
[  818.860090][T21345]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  818.860109][T21345]  ? kvm_check_and_inject_events+0x63d/0x1050
[  818.860125][T21345]  vcpu_run+0x39d2/0x5a80
[  818.860145][T21345]  ? __pfx_vcpu_run+0x10/0x10
[  818.860164][T21345]  ? rcu_is_watching+0x12/0xc0
[  818.860176][T21345]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  818.860189][T21345]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[  818.860207][T21345]  kvm_vcpu_ioctl+0x76d/0x16d0
[  818.860226][T21345]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  818.860244][T21345]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  818.860257][T21345]  ? do_vfs_ioctl+0x128/0x14f0
[  818.860271][T21345]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  818.860284][T21345]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  818.860307][T21345]  ? hook_file_ioctl_common+0x144/0x410
[  818.860325][T21345]  ? selinux_file_ioctl+0x180/0x270
[  818.860342][T21345]  ? selinux_file_ioctl+0xb4/0x270
[  818.860360][T21345]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  818.860378][T21345]  __x64_sys_ioctl+0x18e/0x210
[  818.860392][T21345]  do_syscall_64+0xcd/0xf80
[  818.860410][T21345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.860422][T21345] RIP: 0033:0x7f5cc298f7c9
[  818.860432][T21345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  818.860443][T21345] RSP: 002b:00007f5cc0bee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  818.860454][T21345] RAX: ffffffffffffffda RBX: 00007f5cc2be5fa0 RCX: 00007f5cc298f7c9
[  818.860461][T21345] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  818.860468][T21345] RBP: 00007f5cc0bee090 R08: 0000000000000000 R09: 0000000000000000
[  818.860474][T21345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  818.860481][T21345] R13: 00007f5cc2be6038 R14: 00007f5cc2be5fa0 R15: 00007ffc478a4bc8
[  818.860496][T21345]  </TASK>
[  818.981380][   T34] ------------[ cut here ]------------
[  819.002753][T21339] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  819.002980][   T34] [CRTC:37:crtc-0] vblank wait timed out
[  819.019794][   T34] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1844 at 0x0, CPU#3: kworker/3:0/34
[  819.023251][   T34] Modules linked in:
[  819.026561][   T34] CPU: 3 UID: 0 PID: 34 Comm: kworker/3:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  819.031148][   T34] Tainted: [L]=SOFTLOCKUP
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  819.033005][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  819.038143][   T34] Workqueue: events drm_fb_helper_damage_work
[  819.040304][   T34] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x766/0x8c0
[  819.043354][   T34] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 3f 01 00 00 48 8d 3d f0 9b 3a 0b 8b b5 d8 00 00 00 <67> 48 0f b9 3a e9 ed fc ff ff e8 8b 66 67 fc e9 81 fe ff ff e8 b1
[  819.050901][   T34] RSP: 0018:ffffc900006df688 EFLAGS: 00010246
[  819.052921][   T34] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 1ffff11004e34023
[  819.056515][   T34] RDX: ffff8880264b9cc0 RSI: 0000000000000025 RDI: ffffffff909219c0
[  819.059267][   T34] RBP: ffff8880271a0040 R08: 0000000000000005 R09: 0000000000000000
[  819.062273][   T34] R10: 0000000000000000 R11: ffff88801e6bd4b0 R12: dffffc0000000000
[  819.065542][   T34] R13: ffff88802b42d300 R14: 0000000000000000 R15: 0000000000000000
[  819.068562][   T34] FS:  0000000000000000(0000) GS:ffff8880d6c07000(0000) knlGS:0000000000000000
[  819.071626][   T34] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  819.073861][   T34] CR2: 00007f5e2cb4af98 CR3: 00000000578af000 CR4: 0000000000352ef0
[  819.077324][   T34] Call Trace:
[  819.079194][   T34]  <TASK>
[  819.080568][   T34]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  819.083952][   T34]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  819.086489][   T34]  ? lockdep_hardirqs_on+0x7c/0x110
[  819.089232][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  819.092073][   T34]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[  819.095077][   T34]  drm_atomic_helper_commit_tail+0xaa/0xd0
[  819.097873][   T34]  commit_tail+0x334/0x410
[  819.100286][   T34]  drm_atomic_helper_commit+0x300/0x380
[  819.102775][   T34]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  819.105372][   T34]  drm_atomic_commit+0x234/0x300
[  819.107500][   T34]  ? __pfx_drm_atomic_commit+0x10/0x10
[  819.110207][   T34]  ? __pfx___drm_printfn_info+0x10/0x10
[  819.112869][   T34]  ? modeset_lock+0x114/0x6d0
[  819.114910][   T34]  drm_atomic_helper_dirtyfb+0x5fd/0x780
[  819.117354][   T34]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  819.120512][   T34]  ? do_raw_spin_lock+0x12c/0x2b0
[  819.122800][   T34]  ? find_held_lock+0x2b/0x80
[  819.125102][   T34]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  819.127767][   T34]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  819.130752][   T34]  drm_fb_helper_damage_work+0x2a2/0x5e0
[  819.133436][   T34]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  819.136269][   T34]  ? rcu_is_watching+0x12/0xc0
[  819.138406][   T34]  process_one_work+0x9ba/0x1b20
[  819.140508][   T34]  ? __pfx_fb_flashcursor+0x10/0x10
[  819.142852][   T34]  ? __pfx_process_one_work+0x10/0x10
[  819.145154][   T34]  ? assign_work+0x1a0/0x250
[  819.147203][   T34]  worker_thread+0x6c8/0xf10
[  819.149214][   T34]  ? __pfx_worker_thread+0x10/0x10
[  819.151426][   T34]  kthread+0x3c5/0x780
[  819.153261][   T34]  ? __pfx_kthread+0x10/0x10
[  819.154968][   T34]  ? rcu_is_watching+0x12/0xc0
[  819.156892][   T34]  ? __pfx_kthread+0x10/0x10
[  819.158836][   T34]  ret_from_fork+0x983/0xb10
[  819.160483][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  819.162242][   T34]  ? __switch_to+0x7af/0x10d0
[  819.163991][   T34]  ? __pfx_kthread+0x10/0x10
[  819.165766][   T34]  ret_from_fork_asm+0x1a/0x30
[  819.167695][   T34]  </TASK>
[  819.168888][   T34] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  819.171763][   T34] CPU: 3 UID: 0 PID: 34 Comm: kworker/3:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  819.175079][   T34] Tainted: [L]=SOFTLOCKUP
[  819.176485][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  819.179793][   T34] Workqueue: events drm_fb_helper_damage_work
[  819.181761][   T34] Call Trace:
[  819.182804][   T34]  <TASK>
[  819.183744][   T34]  dump_stack_lvl+0x3d/0x1f0
[  819.185186][   T34]  vpanic+0x640/0x6f0
[  819.186493][   T34]  panic+0xca/0xd0
[  819.187696][   T34]  ? __pfx_panic+0x10/0x10
[  819.189078][   T34]  ? check_panic_on_warn+0x1f/0xb0
[  819.190723][   T34]  check_panic_on_warn+0xab/0xb0
[  819.192290][   T34]  __warn+0x108/0x3c0
[  819.193701][   T34]  __report_bug+0x2a0/0x520
[  819.195184][   T34]  ? __pfx___report_bug+0x10/0x10
[  819.196763][   T34]  ? debug_object_free+0x295/0x550
[  819.198432][   T34]  ? lockdep_hardirqs_on+0x7c/0x110
[  819.200096][   T34]  report_bug_entry+0xb2/0x220
[  819.201624][   T34]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x766/0x8c0
[  819.203879][   T34]  handle_bug+0x18a/0x260
[  819.205215][   T34]  exc_invalid_op+0x17/0x50
[  819.206607][   T34]  asm_exc_invalid_op+0x1a/0x20
[  819.208134][   T34] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x766/0x8c0
[  819.210614][   T34] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 3f 01 00 00 48 8d 3d f0 9b 3a 0b 8b b5 d8 00 00 00 <67> 48 0f b9 3a e9 ed fc ff ff e8 8b 66 67 fc e9 81 fe ff ff e8 b1
[  819.216486][   T34] RSP: 0018:ffffc900006df688 EFLAGS: 00010246
[  819.218595][   T34] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 1ffff11004e34023
[  819.221107][   T34] RDX: ffff8880264b9cc0 RSI: 0000000000000025 RDI: ffffffff909219c0
[  819.223577][   T34] RBP: ffff8880271a0040 R08: 0000000000000005 R09: 0000000000000000
[  819.226053][   T34] R10: 0000000000000000 R11: ffff88801e6bd4b0 R12: dffffc0000000000
[  819.228453][   T34] R13: ffff88802b42d300 R14: 0000000000000000 R15: 0000000000000000
[  819.230950][   T34]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x70e/0x8c0
[  819.233163][   T34]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  819.235630][   T34]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  819.237774][   T34]  ? lockdep_hardirqs_on+0x7c/0x110
[  819.239660][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  819.241882][   T34]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[  819.244197][   T34]  drm_atomic_helper_commit_tail+0xaa/0xd0
[  819.246288][   T34]  commit_tail+0x334/0x410
[  819.247907][   T34]  drm_atomic_helper_commit+0x300/0x380
[  819.249873][   T34]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  819.252076][   T34]  drm_atomic_commit+0x234/0x300
[  819.253892][   T34]  ? __pfx_drm_atomic_commit+0x10/0x10
[  819.255860][   T34]  ? __pfx___drm_printfn_info+0x10/0x10
[  819.257822][   T34]  ? modeset_lock+0x114/0x6d0
[  819.259495][   T34]  drm_atomic_helper_dirtyfb+0x5fd/0x780
[  819.261558][   T34]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  819.263808][   T34]  ? do_raw_spin_lock+0x12c/0x2b0
[  819.265694][   T34]  ? find_held_lock+0x2b/0x80
[  819.267477][   T34]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  819.269699][   T34]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  819.271926][   T34]  drm_fb_helper_damage_work+0x2a2/0x5e0
[  819.273967][   T34]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  819.276189][   T34]  ? rcu_is_watching+0x12/0xc0
[  819.277953][   T34]  process_one_work+0x9ba/0x1b20
[  819.279798][   T34]  ? __pfx_fb_flashcursor+0x10/0x10
[  819.281780][   T34]  ? __pfx_process_one_work+0x10/0x10
[  819.283904][   T34]  ? assign_work+0x1a0/0x250
[  819.285374][   T34]  worker_thread+0x6c8/0xf10
[  819.286892][   T34]  ? __pfx_worker_thread+0x10/0x10
[  819.288708][   T34]  kthread+0x3c5/0x780
[  819.290059][   T34]  ? __pfx_kthread+0x10/0x10
[  819.291560][   T34]  ? rcu_is_watching+0x12/0xc0
[  819.293079][   T34]  ? __pfx_kthread+0x10/0x10
[  819.294566][   T34]  ret_from_fork+0x983/0xb10
[  819.295986][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  819.297811][   T34]  ? __switch_to+0x7af/0x10d0
[  819.299597][   T34]  ? __pfx_kthread+0x10/0x10
[  819.301659][   T34]  ret_from_fork_asm+0x1a/0x30
[  819.303765][   T34]  </TASK>
[  819.305905][   T34] Kernel Offset: disabled
[  819.307796][   T34] Rebooting in 86400 seconds..