last executing test programs:

1m50.174708567s ago: executing program 3 (id=2360):
times(&(0x7f0000000000))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@int=0x4, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10)

1m50.17455656s ago: executing program 3 (id=2361):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) (fail_nth: 3)

1m50.043805891s ago: executing program 3 (id=2365):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000300)={'syztnl2\x00', <r2=>0x0, 0x2f, 0x7, 0xe, 0x5, 0x37, @empty, @local, 0x10, 0x8000, 0x7, 0x9}})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
ioctl$TUNSETOFFLOAD(r6, 0x400454d0, 0x1)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r4, &(0x7f0000001400)=ANY=[@ANYBLOB="0a0088a8aaaaaaaaaaaaaaaaaaaaaaaa88a82c008100360086dd67"], 0x4a)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000cc0)={"7274e50eee14ce6ae036ca19e0dd4aba0daed5610ea15854edf0730f6a827fa12266b2aa61df773db79c8f5055a94c8082f8f744bfc204b8280bcb95b82477178d418bc6320f4523125e2609e3d186cea8d48e8da2024930c4d907b2a613022cc9b4250be60a484db51c2b2b769f70a5dd456ea414edc0c679392df3851c1a33e3be6fdf38487db86610217b36487a72de8dd194d87a82ec2bd243d536cd09f434b8bd12e33d86596cf47f0bd1f2a623e3b5f8709215ce26c88991b8fcd998889a37e3537fa7b3a81e12c821dfcacb5faa6c73b6e8cca130994737383205149bc61dc7890daa9dfff27808f7e2b10f78589152fd7aae3a4bf8db96c1039626cf6793b49ecd908d3ec96dfda262a154ccfeb78207b4fdb2b68e16f189ae22210278844380f8d7fd6633e53d0320fe1fff182779d6d2dce4b28eacb129da1689834ffb861bf795addef9274b0b4d5bb36d4f0828ac56eb8e68c4bef6a00588344d4af78d9011ece1a75018c61f6172938e8356fde38eb50e5c11d7968c81ed4b1e386e27b2a8bbfbf686742b1c943f498d19b8be6e7b1987c40f16ac036dd70de7ef43e1e2f042a0bf57227b6ee198970226a663eda4e917263998b08e6ab08ef3c72f9cec04d2e0fc97ed8506eaba1cb396c10752231c7e6d0672896155e2fbac5ac4cbb00449a5d52348c807a687377c7ffcecd29efe244f5a28a3d1bea340bf7841736e1fb882b7c90fe21ef8f1fec314a16b4e84505e5d8c3b785fd645b84f8d84c0e8bcbfe368995a117402415ba8b6ca8869aca9e8204d85a8a415988acc105ed0c3f038a9f29564e1e786a48add05d2812fe576c6da27dee31e48aa5b26e1351617c024566f9e8fd7d67d4f4242fc20599b316941cf97c32731a1e114b5f536015fc206f3c5f8a028eb35ce6ecd1630b3e774ac7323025209e4410b57d7cea47ef07ec03c9a22361f8fd4f3a6b5bb7ed184e5397264985fd52182e3c560b74cb149f8ec37cc4365c3272eda566c3936d4b0d9c5995a35c4e10b2305ee007205a13f9aa1d5e47e27edbfaad055da3a2b58a42a8736d0a8661dffd4af7b6c353c0fcf0f25589043d93374c365c6247471b20584eddf4a405ac8def7917a99fbf7f5ebf638f87d70545c5829a2a463bb013aa8b55df07cafd092447a16dd21c67e53961349a9da99567c8a562511e35e625b4a722a84a1ce2c26e47eac73f170b9704ebf72b59048258045c09d7659dd633dca1573dae485901885f99f52bac73fa051732fd075b4d5c7482fc0e02cdc6f0cd33ba7b88172aaca0202be51bec99d4caa7d228b6d4b4d5e5640f478a6dff751d5db0c28015818d725180841f0ad480fe271c6e0c27c5f7e3694167249b7b52f40fe064948a4d9f1451579f98fdb60e87c6bd4bb1fce61e1754b6c9207b830741c582265e5fb2a2b5b97b7b744"})
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@getqdisc={0x28, 0x26, 0x10, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xffff, 0xc}, {0xfff2, 0xfff1}, {0x0, 0xfff3}}, [{0x4}]}, 0x28}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000600)}], 0x1, 0x0, 0x480}, 0x0, 0x50, 0x1})
keyctl$update(0x2, 0x0, 0x0, 0x0)
r7 = syz_io_uring_setup(0x266d, &(0x7f0000000100)={0x0, 0xb53b, 0x800, 0x2, 0x5cc}, &(0x7f0000000280)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffa, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x11, 0x0, 0xffffffffffffffff, 0x0, r7})
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_int(r10, 0x0, 0x33, &(0x7f0000000080)=0x8000, 0x4)
listen(r10, 0x6)
io_uring_enter(r7, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r11=>0x0})
syz_emit_ethernet(0x76, &(0x7f0000000140)={@broadcast, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0x40, 0x3c, 0x0, @rand_addr=' \x01\x00', @mcast2, {[@hopopts={0x0, 0x4, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}]}], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x28}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newqdisc={0x138, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x108, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e01798d28b6d63cf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236743acd06103cd77bd07f2df5989ee40e409b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ffcf44f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990f7acfdb8216ea52f604b9f12033688caa4b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d6"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x240400d0}, 0x24008004)

1m46.878115664s ago: executing program 3 (id=2376):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)

1m46.87791805s ago: executing program 3 (id=2377):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0x9)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000080)={0x8})
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x20000140)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000d88000/0x1000)=nil, &(0x7f00007f2000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
pipe(&(0x7f0000000080))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24058041)
r5 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
write$nci(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="610304087b02040912c90e2fba6bad80f032148548fcee0e28fdc801"], 0x1c)

1m46.028312132s ago: executing program 3 (id=2380):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)

1m30.225170125s ago: executing program 32 (id=2380):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)

1.302734601s ago: executing program 4 (id=3799):
r0 = syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f0000000200)={0x0, "63ff8791919a5b70f918110cd2e1f7fbd15ec7918e806deb14c0f82379b49307", 0x3, 0x1, 0x3, 0xcd5, 0x4, 0x4, 0x400, 0x4})
socket$inet6(0x2d, 0x2, 0x0)

1.287052553s ago: executing program 4 (id=3801):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xb6, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xa8, 0x0, 0x0, 0xfb, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x23, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @loopback, @local, {[@cipso={0x86, 0x70, 0xffffffffffffffff, [{0x0, 0xe, "08c82ce8da6ee06cb8dd9452"}, {0x5, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x2}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x6, 0xa, "0000000000800000"}, {0x7, 0x11, "73bc23f9ffffffa30900a301c84600"}, {0x0, 0x11, "c8f46976e79ea788f03d9d3205927e"}]}, @cipso={0x86, 0x6, 0x20}]}}}}}}}, 0x0)

1.242512297s ago: executing program 4 (id=3802):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000440)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000300)=0x1)
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYRESOCT=r0, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="110401e9907800000002040040000204ff0f02041000fe10f9891fe473259594daf85bbc93db030fba5378689a376df813a4d2a33f000000"], 0x58)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000400)=ANY=[], 0x118)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x13, r0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000340)={0x0, 0x9, 0x6, 0x0, 0x0, 0x3, 0x0, 0x6, 0x1000, 0x2, 0x40, 0x2})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'\x00', 0x8000})
r3 = dup(r1)
ioctl$FS_IOC_SETFLAGS(r3, 0x40081271, &(0x7f0000000040)=0x10000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r3, 0x2c93a000)
symlinkat(&(0x7f0000002740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00')
r4 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0xdcb8, 0x40, 0x1, 0xc}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x77, 0x29c780})
io_uring_enter(r4, 0x3518, 0xaddf, 0x359ae44343a22ffa, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r7, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$int_in(r7, 0x5452, &(0x7f0000000240)=0x3)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x19, &(0x7f00000004c0), 0x4)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0xfffe}, 0x1c)
r9 = fcntl$dupfd(r8, 0x0, r8)
getsockopt$inet6_int(r9, 0x29, 0x1, 0x0, &(0x7f0000001180))
write$cgroup_subtree(r9, &(0x7f00000000c0)=ANY=[@ANYRES64=r8, @ANYRESOCT=r6], 0x33)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000294000/0x2000)=nil)

911.298786ms ago: executing program 1 (id=3815):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000840)={&(0x7f0000000000)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x18, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@private]}]}}}], 0x18}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x2d, 0x1, 0x0, "1c13ebdaf2f20d55806ba058e8edb1439bfcc1000000efffffffffffffff00", 0x56544943})
io_uring_register$IORING_REGISTER_RING_FDS(0xffffffffffffffff, 0x14, &(0x7f0000001280)=[{0x3, 0x1, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/30, 0xffffffffffffff49}, {&(0x7f00000000c0)=""/219, 0xdb}, {&(0x7f0000000280)=""/4096, 0x1000}], &(0x7f0000000200)}], 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9, 0x0, 0x5, 0x0, 0xfffffffd, 0x2000000}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x51}})

812.98975ms ago: executing program 1 (id=3816):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
close(r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x6, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000ffffff80e500020000000000c500fcff000000008500feffd100000095"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='percpu_alloc_percpu\x00', r0, 0x0, 0x10}, 0x18)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xe5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

812.590893ms ago: executing program 0 (id=3817):
ptrace(0x10, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = syz_io_uring_setup(0x10d4, &(0x7f0000000000)={0x0, 0x7f36, 0x0, 0x0, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000100)={'batadv0\x00', &(0x7f0000000000)=@ethtool_test={0x1a, 0x0, 0x5}})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000041a99f3e77a7ccb4a5cabf1200008ede00000005df8687edb369e32ec176cdf6c0c4dd1d75cd9a825f48b53537103ab551a1001ba5511e1086c81cd3d00a5435e1"], 0x48)
mmap(&(0x7f00005b1000/0x4000)=nil, 0x4000, 0x0, 0x21011, r6, 0x800000)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@ipv6_newrule={0x58, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x20, 0x40, 0x0, 0x0, 0x0, 0x7}, [@FIB_RULE_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth0_to_bridge\x00'}, @FIB_RULE_POLICY=@FRA_IIFNAME={0x14, 0x3, 'veth1_vlan\x00'}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x17}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24040804}, 0x0)
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x1380, 0x0, 0x4, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x44, 0x2f, 0x0, @private=0xa010100, @multicast1}}}})
fsetxattr$security_ima(r4, &(0x7f0000000000), &(0x7f0000000140)=ANY=[@ANYBLOB="03000000000ab20005ca8528b6b7"], 0xe, 0x2)

742.234384ms ago: executing program 0 (id=3818):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x80003, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x0, 0x26}, 0x28)

741.843724ms ago: executing program 0 (id=3820):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=@migrate={0x138, 0x21, 0x1, 0x0, 0x1, {{@in, @in6=@remote}}, [@migrate={0xe8, 0x11, [{@in=@multicast1, @in=@local, @in=@local, @in=@broadcast, 0x3c, 0x4, 0x0, 0x3505, 0xa, 0x2}, {@in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, @in6=@empty, 0x6c, 0x1, 0x0, 0x3506, 0x2, 0x2}, {@in=@empty, @in=@private=0xa010100, @in6=@remote, @in6=@mcast2, 0x33, 0x2, 0x0, 0x0, 0xa, 0xa}]}]}, 0x138}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbb, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xad, 0x0, 0x0, 0xfb, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x24, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @loopback, @local, {[@cipso={0x86, 0x74, 0xffffffffffffffff, [{0x0, 0xe, "08c82ce8da6ee06cb8dd9452"}, {0x5, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x6, 0xa, "0000000000800000"}, {0x7, 0xe, "73bc23f9ffffffa30900a301"}, {0x0, 0x11, "c8f46976e79ea788f03d9d3205927e"}]}, @cipso={0x86, 0x6, 0x20}]}}, "b8"}}}}}, 0x0)

692.981741ms ago: executing program 0 (id=3821):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83b23dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c11160fb20b1c581e7b0915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab3aa32f948c06b59b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2abd18cae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e26d0a5752813bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a7237841cef384b22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c74f0e2a9bf62ffec6459db40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced84680900000000000000d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d2782a70cf44ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d767671414c99d4894edff8249dc1e3428d2129369ee1b85af1eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038deb359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d40973109644fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f77abb21338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e155f455010b0cb578af7dc7d5e87d4cd376444e2de02f47c61e8e84ff828de453f3489460fd83210e95307e676e1fb4d5865c0ca177a4c7fbb4e62b4450900576b2b5cc7f819abd0f885cc4806f47ffbff01000054f5a2d3875e46000000000000e734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329a18cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481ed51a6359cade91fd645c6d924f36a86bf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf817becd9e5a225d67521d1128eac7d80a6225c3e2f0932223bfbf69ff861f4394836ddf128d6d19079e64336e09000000c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661fdcfa68f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b98a8bf6c747d9a1cc500bb892c3a16ff10feea20bdac89afb758cfa10000000000000000000000000200000000000000ed713df0c59e38928511a64845f1b21ed03369719fa905909d8ce35b42761c46d040e53a0a227e9cecd4d414231baa4894a13763ea5de7a52e61a588babaf5da9a28f477e032400938116cb294447898039724881de3ba3dd5e5e115b58d438b17ad11bf1b1f1ed057d89ec46b2b9bb434e9187a728d1136333958469b22d2126664b5299cc3167ac9a4d501638b978e1c692da5261dae5c9d13065b8ed8b358e7273dfa1e9a8dc1d16aa1edd0c274dedb7cd7e4753c152b4e0e3d124e561420587b9b00ab68c32d6b397c5e7cc4e803e6b6e8ed547e2875372023d111e64cd9ee3635888ecbc7352fd60f348456d74e9e7c09ee202dd09524ecfd3d8c836c0a13a9a45a7e2cec88fa2710ee35c9ed1b824fe4fe68849eee41b5e335aeec0f27053b3a07a001ffe29c5cc3a0ccdcc74330c2a995378d225495c5a543519d952c96da9257f47acc29c48d48b22b1f502b9d743d352de56efbb1b15158c4f0107ba5b3394d4cad4f0a1d31f694d0f559e7f82682775ec7569eeb7ef643dbcbafc4c1c5cbb0ad02dd2a69c5f2b5350049a817b546cf734a746a1cc147a6050bd16598e8e3a5c3515d0edc23e66bbdc6c117559357f49c59208af1162ba1d6667e3ab6bb1696c32dc3bcb2c8ab30d28265ff55c8a80c8e3ce29b2f576ea686d351a8cdb808739ed1a7022fb6e4e834593279c791085e49d1b8124adaf0010790e72ef2035e3da7ebb117c1a032a7378d5c62bb1a4e212618113bbd688091273028a44abfe09067e22fda361d6769d1f44bb06ca0cb9a14a54a8ba0dcb5445c4b368bd1dcce7500"/2356], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37}, 0x94)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000002000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x1}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r4, 0xe0, &(0x7f0000004880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x5, 0x0, 0x8, 0x94d430193590d839, 0x0}}, 0x10)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500))
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000000)="0a000000010001", 0x7)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)={@fallback=r1, r1, 0x2f}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000140)="b9ff03076044238cb89e14f0080047", 0x0, 0x105, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
recvmmsg(r5, &(0x7f0000005c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12121, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_xfrm(0x10, 0x3, 0x6)

692.665832ms ago: executing program 0 (id=3822):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000012c0)='stack\x00')
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSGCAUSE(r2, 0x89e0, &(0x7f0000000000))
bind$alg(r1, &(0x7f0000000680)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha1\x00'}, 0x58)
r3 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r4, 0x40045542, &(0x7f0000000b00))
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
read$FUSE(r0, &(0x7f0000001300)={0x2020}, 0x2020)
ioctl$VIDIOC_S_EDID(r0, 0xc0285629, &(0x7f0000000640)={0x0, 0x80000000, 0x0, '\x00', &(0x7f0000000600)=0x1})
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x1c, 0x52, 0x1, 0x0, 0x4, {0x2}, [@typed={0x8, 0x1, 0x0, 0x0, @binary="feffffff"}]}, 0x1c}}, 0x0)
ioctl$SIOCRSSCAUSE(r5, 0x89e1, &(0x7f0000000700)=0x6)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000009000/0x18000)=nil, &(0x7f00000002c0)=[@text16={0x10, &(0x7f0000000000)="66b9800000c00f326635000800000f300fc71b3e26f2ce0f29a17ae1660f73fc1e0f0967d0b600000000baf80c66b85077308466efbafc0cecd8f366b9010900000f32", 0x43}], 0x1, 0x66, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d03, 0x0, 0x1}]})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000500)={0x7, 0x0, [{0xfec00000, 0x36, &(0x7f0000000000)=""/54}, {0x1, 0xdb, &(0x7f0000000040)=""/219}, {0xffff1000, 0xed, &(0x7f0000000140)=""/237}, {0x7000, 0xf9, &(0x7f0000000240)=""/249}, {0x80a0000, 0x70, &(0x7f0000000340)=""/112}, {0xffffffff, 0x89, &(0x7f00000003c0)=""/137}, {0x60000, 0x52, &(0x7f0000000480)=""/82}]})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r10)
sendmsg$NL80211_CMD_GET_WIPHY(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)={0x20, r11, 0x301, 0x0, 0x0, {{}, {@void, @void, @val={0xc, 0x99, {0x2, 0x29}}}}}, 0x20}}, 0x40)
setsockopt$TIPC_SRC_DROPPABLE(r9, 0x10f, 0x8a, &(0x7f00000000c0), 0x4)
r12 = syz_clone(0x2b02000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r12)
ptrace$pokeuser(0x6, r12, 0x388, 0x2590f58a)

648.638154ms ago: executing program 1 (id=3824):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) (async)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020) (async)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x34}}, 0x0) (async)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000001c0)={r3, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, <r5=>0x0], &(0x7f0000000040), 0x3, r4})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r4], &(0x7f0000000200), &(0x7f0000000300)=[r5], &(0x7f0000000340)}) (async)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0xa0031718561b10dc, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)

572.789899ms ago: executing program 1 (id=3825):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x141000, 0x0)
pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4000)
write$P9_RSETATTR(r1, &(0x7f0000000200)={0x7, 0x1b, 0x1}, 0x7)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x16c)
renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x4)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000080)={0xc8, 0x6, 0x1, 0x5, 0x3fe})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f0000000180)="10030600e0ff020004004788aa96a13b", 0x10, 0x4000000, &(0x7f0000000080)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000140))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x7, 0x3, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r6}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x4, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x32b, 0x28000}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @bond={{0x9}, {0x8, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_IP_TARGET={0x4}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000b0, 0x0, 0x5}, {0x400000b1, 0x0, 0x200000005}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

572.087983ms ago: executing program 0 (id=3827):
r0 = socket$inet(0x2, 0x4, 0x6551)
getsockopt$sock_buf(r0, 0x6, 0x23, &(0x7f0000003340)=""/4096, &(0x7f0000000380)=0x1000)
r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000b40)=ANY=[@ANYBLOB="1201000000000010580413500000000000010902240001000050000904000081030000000921faff000122a00009058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000540)={0x8, &(0x7f00000002c0)={0x40, 0x23, 0xa0, {0xa0, 0xc, "82a0b506d18388d96a8860aad541520a4843319eabc3da3490ea5a227cf7ec2cea9a503e5d05b0775fd90119fd6c1a82a53552ac1d979939df30db2e596c69486dd650ef60ec5f4c8fc6dce9541d5fff27832e7ab4f8f940758f968e0adf2e647631969f52696b2633b31446e1f0f933bb5c7ad293068ccd90733cd032b878b9c017c67f7fe76826b4e7be5031d6961dd1809a28eba8d68c148302e435ae"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x600)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000140)=[0xc022d, 0x1a2])
r3 = syz_open_dev$mouse(&(0x7f0000000000), 0x3, 0x10881)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r3, &(0x7f0000000040)="b76637945b525edf490469e34b3d7cd4818748098436b6f0425ddef8a91a2eae335f2889d8d3b3c628511c00c0d06aa51d05370e87b0e322a2fdc3ad0e4fb1fa526a9928470d26c0bc8871eb4205a3ca77b61eaa6321d5cd46b1f8a54ab5b98f55ee1635f98521eb3bfab8b9132c8d68907944718b749ab79450ccfc528f81ef14e5149e2e3df8104d07a57f2b4346270529c8fc0bb276e4277ff0dc284ebb17", &(0x7f00000003c0)=""/4096, 0x4}, 0x20)

570.775359ms ago: executing program 1 (id=3829):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=@migrate={0x138, 0x21, 0x1, 0x0, 0x1, {{@in, @in6=@remote}}, [@migrate={0xe8, 0x11, [{@in=@multicast1, @in=@local, @in=@local, @in=@broadcast, 0x3c, 0x4, 0x0, 0x3505, 0xa, 0x2}, {@in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, @in6=@empty, 0x6c, 0x1, 0x0, 0x3506, 0x2, 0x2}, {@in=@empty, @in=@private=0xa010100, @in6=@remote, @in6=@mcast2, 0x33, 0x2, 0x0, 0x0, 0xa, 0xa}]}]}, 0x138}}, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbb, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xad, 0x0, 0x0, 0xfb, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x24, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @loopback, @local, {[@cipso={0x86, 0x74, 0xffffffffffffffff, [{0x0, 0xe, "08c82ce8da6ee06cb8dd9452"}, {0x5, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x6, 0xa, "0000000000800000"}, {0x7, 0xe, "73bc23f9ffffffa30900a301"}, {0x0, 0x11, "c8f46976e79ea788f03d9d3205927e"}]}, @cipso={0x86, 0x6, 0x20}]}}, "b8"}}}}}, 0x0)

301.807693ms ago: executing program 4 (id=3837):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x843}, 0x44040)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a00110000060a0b04000000020000000002000000d4100480240001800b000100736f636b6574000014000280080002400000000308000140000000029c1001800a0001006d617463680000008c1002800a00010073746174650000000b000100726563656e7400005b000300240de55c7e19ba2d0bda197b61b75aabe0fd70b0ca4560ab2d0e8be38a624695253dfa6cae8799305bda20cf62b6ed9bc1ca5801aed8faacc5e04170c1c59b912dca41565911a6497e1e2de3ede03d056202fa53366947000800024000000000080002400000000004100300237a7f1371d167825283c76bea4a6935cf874876782d54ffb7c7c0551f89e8346def38843bf25a9c896ee3dd20184bd8e2103b725c8c120a90e9dc253aa1faf928de44aaafa7871de19b3bfc9beae44b2cf63b027f358363d769fbabd235e851182c2f2a2a8832891d5594fd6ab0006e49e3dc77e7aeefcc7f00b3ee600e935ffc91e359aebf3266ae56ed3f0284ed1fb960a2e4d77d006ed6d084e4aa3fae17452253ddd30ba894d0e97f27c8827fc72eb89c8677fb79edd412e0999e7c1d1c3437bba1876cf039620c2620506e884a3209d69bafd2095d9121f42dadc3562032f96d6b130e320d26dd5882a3d3e948202d89cb9f70a78922993a430730fabe6dae9b45dc4a9b8e7dcd9ea35c46afdaa8ea2928eec7985cffaa0d51bae69a8de7cc3638fa4f85431f7e5c78d8d77949f134719b2df72bc5b1fedf1cf2d03af0dd7cbcfd624f5c8309d2e0800f3d5f420a9c7ef09a747efbfcdd20a7d1d9672a0a319e56cbf15679d7f1533beb654b02e85d4fb1873ab3c2d023b5795afbfb60f01c40b919484f988ab1593196f63bf0a13f5ea20ca122709ff045733dfe0341b9a6c14d7e09af703848ed7d6ed5b622deafeb219b4e8039a85c976f851053b67d9fa15b70341eaaaf1467cbd5ddf5557d83930e291655c8a902263f67dac5c7c2ec7da95d5042df89e84501130a416fdb5f0547858e6fea67d2be55f3549e2fa8cc5b985682fb0acfb7bf783e74de81589d097566acac527c188f68fb5ef488d555af096a5f885ef891d8d7931140ab33304b5466de3d658025e15f732c0de391cb801c3a9d7817a19d4689451b67e7a12a394eee8b3fcd88f6b050bbc4fd83bc8ab0f0c101f6d17ec3490af13a0e37b153a716831ff10e40974773c5d499b8f221e28ba3e1d73d30b401d692a6d4dd702c8e9c462c53df8266d794d391f063cfe5e90e4994be040cdaece15d21492f37f4a84182026d86da33f3c0b35727ce4f0ed916aacdd89d8e3c590220867e9d9a5a16880960019daa6203c8da683df1e661dc41ce5b7d031e974129c354f97f2865d055265dbf18b00ecdef41c12186912e3dd8532e2340d3e7f986d8721ccde74552d294d070d01cb0515ef45c9012b9143f91e156e60f5ea338dfd683a82792acf05edc73bc1a7fecbe859aea3272a4a19c5e6299eb6342d9a885335d742e111b971f8de2269bb1dce04eba40dad5953c7016988a1abc9b26990c966b9fa56de6b29fb75a5ef67c8b1504f18bc8f503e78ba2660863108d9d0f204a3f1e8bed63bd0f82cea7883b0fd0f3a7cc96b1592c29f0eca3b05cb263e6e7d232d4fa004ed68382c790bae22c81bdbac44c5461d54a7432d87b44782e6fdf25fe59102b9fbf61515e8fa8c144b6b3fe1be66ebada1430d159f98b4f04949abe1558de304503e9e3f0cc1cf3640a7e27c696b226e9b24e5ed5cef7609d8c3bc5f7e300367d50d826d467cb9c6b577f962c299a6c89a0c207b27a1fe4847b263be9b10e964c2269a7371e901184e2a0ba9c4b6a130f554eaf1e534603c4eed190db5a0ed2a9e822edd2835336002e9bd9d18c1dfa6cb3eea288ecf65271541fc398c232729fb2d6c245dd96d42a8f956a8bf474fb1def1cfe40b857875462a9153137fb264f3cf280a36ee3366efd834c5822af576d7ff7acfbe649258299160f0eb437db937b187c2b70385362b4a2abcfb69185b13e988579990e7e2b3773f8c9fcfda709ebce9423e7bcdbbfa134b3bfb74b310e2a6342289bc05dc21b4859d2f9569b48775a5d24397cf22699672baf7927c31a534c7ea1f5d8f7e04567a071f6cda7cf2a3451cc5ca82a545e3f93edc6330f1094faa5fe71f507f66e780514cac4f48311a922094f2582e84c558f78db986f728ef0c5243b3d2752aea6f5b41b73cfe3647cac6e360355d1b43092b162eb3c0f813b501112563a2f87070ef69f73624c3f47be135808a6a4cf487b53ab7b46b230932da9543b390d0a661913b38621eb7ccc90bb5b384346dafd9347a4dc9cc3ae9e8b6b06b1bcdef331e0c08734caee8d0dd9d296982506d15357eae349744ca914a396e80b5fed6e4b0d4a7523773750f6f2e470159a932f28ffc0bfffe533ac52d7f734745aebdfec74d24aa4aeef1dac32eab1d6d02eb6c214f0845383c43963fd0d81ebdfd90d6b9affa979759a9dd6140e5cd705799d002cecc557a3f2435d0dcc10d4d69a34843decfdf2d2ce71e55835a73339beaa6c94eb83849e09b3e3031c959e2a17820b6be7570cdd735c71e192412ea132d1d66c8b67425d8232c3517a6597a1e10d792776b299698de7a80fb8dcafc292af1e3338900bfc020f46f939323d8c21ca0a322d6241c8691cd8ca4c3a66c01caec402647ec695763a2beae4025efc32176ad9ed55768585e59b700ebf3db2eb7acd036cdd82a07ddc2f95c5c9e809792594ec191c56e926226c59802dbc35ef82d9d601bf704167544f37ab3bf86afd3c455936bce54f21252cf545db6be2576e2b449781a1122ee6c9a81833d6586944c6d1c82760e6ffddb68f6d46d44d937bb83b50902e2bb432234fae1ddb033cec96c928ea6c618fc0d881f489ec9478cfe843f5372f00fd32b40ef3f505f65406033f8d421ecc166310073c9887c4c37eadbae40f1b2631bfda13d66b380fe799724763590e1188b6838fae2390ebff20a066eeaac1a9fe878da781aee4a5300bb433fdfc848f0eac3250485eb525d87759830dc5d1b4575ae2fd058961b96ec2a3791ed84eaafaf2e69920e7572fb162aa1b3cd9928607c036ac8364f96d39f389c3a2e040cfdfc59a43eece6f8cd8c1a1e8979563091ab94f16aebb67ca3f569bec8a88e05cbd33e50b92e37f3e44fad08dfe1259a9fdc0b098fcf7984ad6894eeccccb4c8f9f3bc09c3eb058dc29bd9cb0b5129cac8f13804c7779a6c1bcdf8803b17408667baa2507c0c3b76e3265eb568928d09f0de198cfb668e3d8746443ba8d99e61e1da9649ebfcac533ac171bf3c3e0c6e30679611d88277860d12f19ad635e85b5c307d4e870ae70b1ade7c65e0dbafc0155e5c350a083fa2a20835e8c64e07c901be4e0c34fb4e8a24f9d9fa0b7819b8d42f1af4ee5e789cca8e3e241db19a24410c93c743e342a948a452e2fe06135d0dcbe4461feb788383d2b8a21ced5431f6eb0d0ef8933278c1c5826c153aedd42de26bed3752c5a9157e3f3ce4ad95ecd25f2849c50147b83780458006b501e5797e81dca0df0e0b156aed4bde27498de8f9830be5739a984c4a38cbbca4e6cca6bcfd1856527b9d202beaab6cd0cfcc2cffc6d007933ae954395b68ac321b56fbbcbe1d042b82eb5ab78bf22136e77f2c53ad6deab214b3b469fa9da3c2eac1505e6517cd296232f7873e9e41b23c6c5c0bc08cf645c750cdc8a6b693e928939e7e75682054bb1ad9d43b1ef497a1c8cc22d67b8d98c1772f908c753c493e079c2cff2d4b854aa3ca853dc2de3d64eb1f153f9ece76cac4d4b559ec751f63fd404eadc12df7743122dfc8c9288ef72bd86604ef2858fa38859dd9178cb907f41a7fc58529d6dd95897d18b23bdd83decef117707322b523308b16601941b8db52707f08a25b2ceea451c7d77d8b9fb18497d813db16420911401ca109675fba09fc645b42351a6e3774d662e9b0a1d4b8f0612c054d5b39293a4a6414b3115167c1f121cbce0feeeebdf824012a47e72a2a1d674b3c2f672b07b05bd346c1874b275d2d2d5436b21c4958c75a588be4b51c583902d2b724dec14239ef6b7d056d841087f480a1e31eb648e1cde46f905e40cee1746bdbae412899a3a171a1a296e5afd1d20bc648bd73dc254edaab2fe23276eb29e7e875754c347a00da9b9542b527181145fcd7d7c65030125d6ab03dbd8d34dc04f28f1faf45b9a4d85f0c8a34ab0ef767fbac30cb769f65848219a2587bfa707851029f5377242a4596680de9f5f5cefbbf7fa17ebf2411a37609d7e647c2ebe5046582f744c5ed90d89d8d78edf80f53a9d5dbc9e2298e6da95695170b5cfe74adec23b9d0fbadc784cfc724eda88ecaf660b758773f01baafe3b0801bb6231386477f344dfed9030fb155ac06be46594744c218439e831cd4aa70de3332a0b7fc730c5505056c31153291a224be8b7e7fd750b97caf1aaf27a9f53464282b3f7a062c7a1ef523d93b6b5d0c6dd31cf7472665cd1abada98e0cdf634438a83f6bf8ab2b8017ff8399c0b7e575a34048c1adffca3da863c3d46f7a103322d5de896ba908e7cf4194ae1093ea325ad99972fdc634abe3a5156912b2f50a028a7c8ef2b3cbd30b2e8a39c1e46a185b77fcb2c2b87cd2645518f20a58d3d78b47c99b094350b5b343385a0b64885b765ba602627455bc06d54d4bca10382681650f99c3f63b4e17ed29651b3c65a9c2523cc0a37693c7c1cd931a653c0de9550db33fe26fbcdc89070ba8602643f98be014ff23a99471bcb7a78b494593dcfe1d498525884deb94d05d2c6dea6e5397567cb2623f7e2b7fec60e15de2302de29fbe6b799119b1d81622c009f7be6562fe63b2e68c4149e102f6bc055957a73a91f3c5e722e2618ee01ac203be5436170eebaa8cbd41b8f5bd8741e5117d6805d16bbb0e9a14eedc9e1b932b48bb19b36adffdba560e9703ad888eb4f49fd849a09653561050cfe6fabf2f92800df2272346e11ac9f08e27f8d93c38e50bd8cbfaf68409167cc47272ffd24735ab44599fa6961985a853b7d81ae35de63c5ba837abcef35c68b157535a3d146e5be915f7e4ca5ccfaea54570354a0041c42451c9d84ce999ad06096526f99a43db6d4644c8ab3afa5baf1ea43e6c45df8abf274a305a58521de0d095c5316321d3735cf357e6e3e22770847baaf396be5a23227ea15b749edd8ee65b65adddd0310ab5cf4f2476ee198ca1f3c021fb12f879c79337c729dad021377233f2d16019c28b9f25671208a71b49c0ad646a11a18861238db3db510d920eb9cfda6a0033c851bdb868311a31dedf869196337e8efd9c6762805f81f7fee941403e4385bb7d0a181409bab2e2fc030089cb0ff5c5459b668e3f8d454a088eab9299f31d5baf1914bba384d454242836466f4c5769cd1a3829113f216d77954c872a764818963441a9a89528084b576cbc6df009785e739285d77d28a2b9d3cfaaf72e6b5a209c4d7c9a05666b115b225830516d1a67b40fe0d1ee8ab00ef356fe49d0cd3a011acd4c92cead0f23b51de190419c4854d86c8d1add1e313e5dade1c62ffb671c765f3f44d108659e5b7976caeaeaba8717690f319433caa294ad9c20473f0b8359dc925a71be4b8dd9dffe7d37653c17e0d5254bf05ff33ceba7ed1b4ed86439dfded5f0f35a7d8c7f6f9a2dbd9b2d16680f2831fa4bcb0af402479a8df1e3f1fc0019480ca1cbd900dffe46979a2cf50efdddfb2c9c1470dc97528d8a632bdc5486111bfccefd3fc615ec77aa7186618085d0ca3e98c330c343ca72b708711d37f935e4684eb971241dda3b1f16216137cb9500b8e5f7ef46169b4eedfdfca081ba739fa16eb7cab2ac0be2dd3a44251a92d286b1822bde835bf49f66fcb274075aa5f95797de67e70d395c2f0c29e339c59c40ef375f6677105bf5fe9c855d4cbd36e9ea8bc376ae93f8e207f420b9e64eac28dd7e0e6f048273100dc55700cce014492cefe2e946d219e100d2fe32cd8a37eaad8e9e1b239e10629f0bd8990b37bb082e17cf77b7959b83d9a9fc87b880394a8fd0e864e8e41d77fd100001800b00010064796e73657400000900010073797a30000000000900020073797a32"], 0x1128}}, 0x20000000)

301.396921ms ago: executing program 2 (id=3838):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
sendto$packet(r2, 0x0, 0xfffffffffffffed4, 0x10004844, &(0x7f00000000c0)={0x11, 0x19, 0x0, 0x1, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
syz_clone3(&(0x7f0000000380)={0x12800180, 0x0, 0x0, 0x0, {0x16}, 0x0, 0x0, 0x0, &(0x7f0000000340)=[0x0], 0x1}, 0x58)

300.931821ms ago: executing program 4 (id=3839):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000006c0), 0x80000, 0x0)
ioctl$FBIOPAN_DISPLAY(r1, 0x4606, &(0x7f0000000700)={0x80, 0x2000, 0x2000, 0x478b27d189243d75, 0x6, 0x7, 0x10, 0x1, {0x40, 0x2}, {0x0, 0xc, 0x1}, {0x0, 0x6, 0x1}, {0x8, 0x400}, 0x1, 0x1, 0xcf, 0x1ff, 0x0, 0x4, 0x5, 0x200, 0xa740000, 0x10000, 0x1, 0x6, 0x21, 0x100, 0x3, 0x3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="460a0000000000007910b8000000000095"], &(0x7f0000000480)='syzkaller\x00'}, 0x90)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000004, 0x13, r2, 0x100000000)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @private=0xa010102}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket(0x29, 0x2, 0xf)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}, @TCA_FQ_PLIMIT={0x8, 0x1, 0x8e81}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_QUANTUM={0x8, 0xf}]}}]}, 0x78}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$inet_int(r7, 0x0, 0x32, 0x0, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={<r8=>0x0, 0x1}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000140)={r8, 0x4, 0x7, 0xfffffff8, 0x80, 0x74747cf8}, &(0x7f0000000180)=0x14)

232.152ms ago: executing program 2 (id=3840):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) (async)
r3 = openat$cgroup_procs(r1, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000000c0), 0x12) (async)
pread64(r3, &(0x7f0000002840)=""/4096, 0x1000, 0x4) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x2, &(0x7f0000000240)=[{0x6, 0x0, 0x3, 0x7fff0001}, {0x7, 0x8, 0x3e, 0x81}]}) (async)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_pidfd_open(r5, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000180), 0x2, 0x0)
poll(&(0x7f0000000100)=[{r6, 0x2058}], 0x1, 0xfffffc01)
r7 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000002740)={0x53, 0xfffffffffffffffe, 0x6, 0x32, @buffer={0x29, 0x0, 0x0}, &(0x7f0000000140)="8507426513cb", 0x0, 0x6, 0x10004, 0xffffffff, 0x0}) (async)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000010651fbe347b322b00000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

231.731964ms ago: executing program 4 (id=3841):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, 0x0, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000180)={'pcl818\x00', [0x5c22, 0x3, 0x1, 0x0, 0xffff, 0x7, 0xc, 0x7, 0x5, 0x800, 0x6b5e, 0x2, 0x3d, 0x403, 0x6, 0xc, 0x1, 0x1a449, 0x3, 0x40400003, 0x89, 0x7fff, 0xb27, 0x5, 0x7fff, 0x8, 0x2, 0x8, 0x8, 0x1]})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000340)={0xf7, 0x0, 0x8, 0x0, <r3=>0x0}, &(0x7f0000000380)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000400)={r3, 0x0, 0xec55}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r2, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f00000003c0)="05", 0x1}], 0x1, 0x23f, 0x7, 0xa)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYBLOB="100804000000000008001b", @ANYRES32=r0], 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYBLOB="ff"], 0x8)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x1, &(0x7f00000000c0), 0x4)
sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000300)="98", 0x1}], 0x1, &(0x7f0000000900)=ANY=[@ANYBLOB="14000000000000002900000034000000f9ffffff000000001400000000000000290000000b0000000010000100000000380000000000000029000000370000003303000000000000000100c20400000009c910ff01000000000000000000000000000100000000002800"], 0x90}}], 0x1, 0x40)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
read$FUSE(r6, &(0x7f00000016c0)={0x2020}, 0x2020)
sendmsg$NL80211_CMD_SET_MPATH(r6, 0x0, 0x4000000)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, 0xfffffffffffffffc, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r7, &(0x7f0000000280)={0x11, 0x19, 0x0, 0x1, 0xf8, 0x6, @multicast}, 0x14)

229.637449ms ago: executing program 2 (id=3842):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbf, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb1, 0x0, 0x0, 0xfb, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @loopback, @local, {[@cipso={0x86, 0x77, 0xffffffffffffffff, [{0x0, 0xe, "08c82ce8da6ee06cb8dd9452"}, {0x5, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x6, 0xa, "0000000000800000"}, {0x7, 0x11, "73bc23f9ffffffa30900a301c84600"}, {0x0, 0x11, "c8f46976e79ea788f03d9d3205927e"}]}, @cipso={0x86, 0x6, 0x20}]}}, "b8"}}}}}, 0x0)

152.849064ms ago: executing program 2 (id=3843):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000380)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000005c0), 0x53)
r2 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@xdp, &(0x7f0000000100)=0x80, 0xc0000)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r3, 0x20, 0x2, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x8000000)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='xfs\x00', 0x0, &(0x7f0000000140)='grpquota')

152.623889ms ago: executing program 2 (id=3844):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$packet(0x11, 0x2, 0x300)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f00000025c0), 0x2, 0x0)
write$UHID_DESTROY(r1, &(0x7f0000002600), 0x4)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf4e)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000300)="00c617283b4ad36d7391dc8e31fba443eecdb9c3171ca7208828f6d8ff0b9a648f9fdc467044b283c054b59ead98ac1f3842d636d13e714438bebd6141412abcffdc2cf7202891045fecf123d6f20b337b37509e70387924f7f551ef23ab32351284058299856fb4d38098b32e934805f287e88356a1d9ddde440ae02f908c1c4cbf909157a690304c55dfd7144b97fb2ab8475fbc484b68aa7e05de8329d7ad8d49365fc6328a23a3e1b098aca2b769112ee7f7b18c4324079f49bc0fa5ef42c4f1e60a64b69277fd4a10c3bce4d0bb90011d402d6641908e84d71bae8353b76a7fa5766cb572026058"}], 0x1000000000000045)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r2 = socket(0x15, 0x80005, 0x0)
getsockopt(r2, 0x200000000114, 0x2718, 0x0, &(0x7f00000000c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x7, 0x4, &(0x7f0000000080)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xae}]}, &(0x7f0000000040)='GPL\x00', 0x5}, 0x90)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8917, &(0x7f0000000000)={'veth0_to_bond\x00', {0x2, 0x4e24, @rand_addr=0xac14141d}})
pipe(&(0x7f0000000000))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1800000040000703fcffffff00000100037c000004"], 0x18}, 0x1, 0x0, 0x0, 0x4008011}, 0xc000)
r5 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000100)={'sit0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2e}}})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x8000, 0xffffffffffffffff, 0x9322, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f0000000400)={0x3ff, 0x0, 0x20, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)
getsockopt$IP_SET_OP_VERSION(r2, 0x1, 0x53, &(0x7f0000000240), &(0x7f0000000280)=0x8)

72.304325ms ago: executing program 2 (id=3845):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000ec0)=@mangle={'mangle\x00', 0x64, 0x6, 0x5e0, 0x0, 0x0, 0x2e0, 0x0, 0x440, 0x510, 0x510, 0x510, 0x510, 0x510, 0x6, 0x0, {[{{@ipv6={@empty, @local, [0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00], [0xffffffff, 0xff000000, 0xff, 0xff000000], 'bridge_slave_0\x00', 'dummy0\x00', {0xff}, {}, 0x84, 0x5, 0x6, 0x4c}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0xfffc, 0x5}}}, {{@ipv6={@mcast2, @private2, [0xff, 0xffffff00, 0x0, 0xffffff00], [0xff000000, 0xff, 0x0, 0xffffff00], 'macvtap0\x00', 'pimreg\x00', {0xff}, {0xff}, 0x88, 0x6, 0x6, 0x4}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@udplite={{0x30}, {[0x4e21, 0x4e23], [0x4e23, 0x4e20], 0x2}}]}, @common=@unspec=@MARK={0x28}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x3a}, [0x0, 0xffffff00, 0x0, 0xff000000], [0xffffff00, 0x0, 0xff, 0xffffffff], 'rose0\x00', 'batadv_slave_0\x00', {}, {}, 0x0, 0xc1, 0x5}, 0x0, 0x120, 0x160, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}, {0x0, 0x3, 0x0, [0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x6, 0x84, 0x0, 0x0, 0x0, 0x4]}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x10, 0x10001, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e21}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x2b}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xffffff00, 0xee5f356c6f495b18, 0x100fffe00, 0xff], [0x0, 0xff, 0xffffff00, 0xffffff00], 'veth1_macvtap\x00', 'dummy0\x00', {}, {}, 0x1d, 0x6, 0x4, 0x19}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x640)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0xb2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
sendmsg(r0, &(0x7f0000000840)={&(0x7f0000000000)=@pppoe={0x18, 0x0, {0x2, @remote, 'hsr0\x00'}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000080)="d8f2b72155cb109e8d2e476bd805f268652dbf7a7f05df570e734723008c9804d783eb0f149b8047d4932a654ce0b1c84a1b102356889c6aafe7895c7141b3b93b3c932d936317d7923351ff3f41e6d4ef5533c84487c960d3e6d559823376251bb0a1b81ccfea90c2332051e1a9dcd5d828b64cfad7662f7a65b7949c08fae7a729a314ce377179a8c103631a5b21be8e1342aecbd36633bec29c5a26c6d5ad6e28a18755ddb15d769e90aadfb6e7c0364226fdcfbc1e635587d448d87b416259e9ccb3c91cd980a3b3b8b97a024093308209f0b447371667b02f2a4c3951bbc2400da097e32480532101ca5888aaa3fcb31bceddf8", 0xf6}], 0x1, &(0x7f00000001c0)=[{0xe0, 0x109, 0x1, "d6203cab9b2c6fcbadfae3e23bb1102877c4fe79f52199ed5b5bb40fa11f19536ce12146804f0b04925b79052782906912dd5db92a3d2ba841121d521b289e7b0467feeb64a6e7300f1606b2df26b78351456970bc8cf0c8ed15002619952e8028e77a55a3f203d237866dffe873292637f6847081ead0ee8e4d82034e2a37b536aa112153d01037827c7015eac5395660315cdab344d0cd334f328359ec9b3e53c6b6b87ccb01dc463e326a0fa581dd4f96738b0f8debfb9625703a656b2995399b9c3b48d67609eda594"}, {0x108, 0x10a, 0x4, "a4767809f9f704e3f37d68941277af9659b1f4e8fb860e84daf50ac7ccb5a8ab2be8537e9828d27e6b753bcad6abd08eb19429ed521fba402d891b7db43b2024af9dcbf91107c58c052e4de9661ef14cdccbe1e246d7d8f6c82a851fb7800c7ca5a01a5e35867cdc30403b08a4eb09fd71764e5c8d8745d9f9c185f56dc60fddd2fd8bd2ded9d91d5608fdebd45ba1f308698c4754a8ff2ec6d263173a26d3c41e71d66c5e393ad276cb441515363a6eff4b4d693a5a0bbf477cd13b5a6da9c42f2a50265867e9c449336ce695d00c74360772af1f6383da90168c63a15a5e7ab45786c0473afa1f80034e43ad3ddc3f0246"}, {0xc0, 0x117, 0x5, "8e0aa6f5a07cccac980d09ad2731c45613d1c7a41463058b4ca8c3d849263c2a316c9d756b06201c8a82dceb35386ba85877945e93eb1e95a495f78f9ccfcbc39f1e834bd014ee13ba06e8d71aae2ccf366eb6236542ce4d0202bc0cc41c95fe18906b2b9d988e21efe66ebb1b487da62082d99527489cce7a0464751e32e913f3f7e1e879d010102764a8818494edf5c11bc0f3c00dae9cfa559dd7964c2997d82fb75503a989a59ac18a207546"}, {0x78, 0x108, 0x5, "d57016978ba00970bd564857c01a73ebe53fc20aaaab23b96b6a83af760f5008aaa9ac533405bf5cae83e60d9b509ca12f484afd2f33098f35d8e0cc7a9dcbafe67e307f8f02ee1f313b8a5f4350704a42581fa132559cc6e61087160a8a410602f93e6587db75"}, {0xe0, 0x114, 0x0, "a06f7990c5f23d0678abd0e07baca2fad9184f7745c657a3ee9d0499f857482bde3194cae5a642cc8cc317715308e74f2fbda0f2afbd9a7c7f605b99dd4cc84507e5af8a2cb0a875c727c4dc918189a8fd6b49b1250f4a5bc92e047e7ac734f64d82d0eb5afdbfbec386927da2bd622fe2a5d60aa011a230e13f70918c07c0a3bfe2a206e4358fb6ca7c9421e58bcf7c72b8524bfa65d8ef284927ece4a42aee514d47d8c7a9ae5bc654b9cd0f7701732a19bbcb2fa1907f7b4756ad01e12ee183c7035b32f194b850"}, {0x28, 0x103, 0x0, "cf934a44b6099cff3e500929e92151a74b"}, {0x10, 0x108, 0xd}, {0xe8, 0x116, 0x5, "b6415bb1996debbd8799f3c10b6430bb57019a1d70034d7bff901d29939765f25f28663cf3dcf5f99953c5887395802e9f4bac8579bdbbef32608094344c738163933dffa1f458dce5d1b605d16b432475be9f68987108df2ed5c657e115133d93cafdae0b0c85e9a1821dce67c1f028c1f09d106bcaeedc1f9fb61d9cde420e56a66bb6776918babf84376f4710e605a4b360da0ac25fcca7bf9be34e2021f51a2daf077ab6eb2ed39ac8a1865ac8bd717089b31e2e52c66c79c1da9ca53caecd89dd1f9f651cac9e50b92462ac406f08645c9d"}, {0xd8, 0x118, 0x7, "70a67a9700cd31b3d44fec58f10266113856664532b8df9a00b9dd485444d45a9dc36ba51e7ca0eb6858c11240bdfc60b83f4ac691635b421a3ff18d59506f8e4a3e56a79d3b4cb84e4bab3299ac5e6c78326dfcf31622720c74889b41e4baaf20e071f0bbf7c7d2dd5c2188fd467a44d48a8ceed444019a33be64c0464b29178c3d4ce30e3f3239e18270f4c8045e59c0e31d0f769fa9e524d460e6487472555ef5c1ba47e53b4afb83a60446f8ea29a15980a9af5305a726b8ac6f41d2ebc771419f"}, {0x80, 0x10f, 0x3, "44591648e6d2acae38b0782134dff9a912fd4f88cd3ceb37beaa6bb123b1c67781995f2bcf2b7047404f810bf2b63f625b5544ecb001946b1d419c6722614284157f944004c75f23cf49a36b269ae6bdc9f28e5b5f434bea5ca631e84791a4f102a09aae57917a1c1ff0ca052423f1"}], 0x678}, 0x28000044)

70.434438ms ago: executing program 1 (id=3846):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x1, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1c05}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x3}]}}}]}, 0x4c}}, 0x12)
write$dsp(r2, &(0x7f0000000080)="99", 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/pid_for_children\x00')
r4 = socket$rds(0x15, 0x5, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x40000162, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1)
poll(&(0x7f0000000040)=[{r0, 0x610b}], 0x1, 0x8)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(0xffffffffffffffff, 0x8010671f, &(0x7f0000000040)={&(0x7f0000000000)=""/25, 0x19})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@bridge_newneigh={0x1b, 0x1c, 0x401, 0x70bd28, 0x25dfdc00, {0x7, 0x0, 0x0, 0x0, 0x40, 0xe4, 0x9}, [@NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040040)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)=@newsa={0x138, 0x10, 0x1, 0x8000000, 0x0, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {}, {}, {0x10, 0xd29}, 0x0, 0x0, 0x2, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}}, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000240), 0x0, 0x2)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r8=>r7, {0x80000001}}, './file0\x00'})
r9 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000200)={0x40002000})

0s ago: executing program 33 (id=3846):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x1, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1c05}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x3}]}}}]}, 0x4c}}, 0x12)
write$dsp(r2, &(0x7f0000000080)="99", 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/pid_for_children\x00')
r4 = socket$rds(0x15, 0x5, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x40000162, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1)
poll(&(0x7f0000000040)=[{r0, 0x610b}], 0x1, 0x8)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(0xffffffffffffffff, 0x8010671f, &(0x7f0000000040)={&(0x7f0000000000)=""/25, 0x19})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@bridge_newneigh={0x1b, 0x1c, 0x401, 0x70bd28, 0x25dfdc00, {0x7, 0x0, 0x0, 0x0, 0x40, 0xe4, 0x9}, [@NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040040)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)=@newsa={0x138, 0x10, 0x1, 0x8000000, 0x0, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {}, {}, {0x10, 0xd29}, 0x0, 0x0, 0x2, 0x1}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}}, 0x0)
r7 = syz_open_dev$radio(&(0x7f0000000240), 0x0, 0x2)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r8=>r7, {0x80000001}}, './file0\x00'})
r9 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000200)={0x40002000})

kernel console output (not intermixed with test programs):

ig 1 interface 0 altsetting 4 endpoint 0x1 has invalid maxpacket 1032, setting to 64
[  209.344130][  T838] usb 9-1: config 1 interface 0 altsetting 4 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  209.347577][  T838] usb 9-1: config 1 interface 0 has no altsetting 0
[  209.353018][  T838] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  209.356853][  T838] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.360005][  T838] usb 9-1: Product: ᓃ괪匤Ⲵ㭢墿䊭᧗睠虳̀䰹먚쐰亏虌吲ꇂ乥ꕗ鼴쬵䀼ै㲫롳䦬ဇ耧皾ٜ⭈⥮㱢銂ᤄ垉웕☡䂜칉︢趌驨㺒ሶ涁봓陋螡킙錐ᬃ쎎䮟⮕瀭ꏅ礌铄꿰善齻齃홓흷ꥇ꿜ᕞ̿㷣倌
[  209.369949][  T838] usb 9-1: Manufacturer: 䫌ﾡ鯈Ⰿ냝䪹ꇷ讅￰趕䱲鈃輪璄䲳㔰駢照쑏鈸쓥֌૔焓샧岠
[  209.374380][  T838] usb 9-1: SerialNumber: о
[  209.379480][T13569] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  209.384781][T13569] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  209.589644][T13582] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  210.007621][   T55] usb 7-1: USB disconnect, device number 5
[  210.203620][T13612] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  210.776136][T13626] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=13626 comm=syz.1.2881
[  210.992607][T13633] __nla_validate_parse: 8 callbacks suppressed
[  210.992626][T13633] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2884'.
[  211.000243][T13633] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2884'.
[  211.045175][T13637] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=13637 comm=syz.0.2886
[  211.115722][T13642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2888'.
[  211.193957][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  211.193971][   T40] audit: type=1800 audit(1769005919.209:585): pid=13646 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.2889" name="file0" dev="tmpfs" ino=382 res=0 errno=0
[  211.209666][   T40] audit: type=1804 audit(1769005919.219:586): pid=13646 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2889" name="/newroot/70/file0" dev="tmpfs" ino=382 res=1 errno=0
[  211.425996][T13659] netlink: 'syz.1.2895': attribute type 31 has an invalid length.
[  211.431268][T13659] af_packet: tpacket_rcv: packet too big, clamped from 5293 to 3952. macoff=96
[  211.467049][T13663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2897'.
[  211.482412][T13663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2897'.
[  211.538154][T13666] fuse: Unknown parameter 'f�0x0000000000000003'
[  211.574759][   T40] audit: type=1400 audit(1769005919.589:587): avc:  denied  { listen } for  pid=13667 comm="syz.1.2899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  211.584408][   T40] audit: type=1400 audit(1769005919.589:588): avc:  denied  { accept } for  pid=13667 comm="syz.1.2899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  211.655713][T13671] netlink: 'syz.2.2900': attribute type 1 has an invalid length.
[  211.953626][  T838] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 4 proto 1 vid 0x0525 pid 0xA4A8
[  211.959429][  T838] usb 9-1: USB disconnect, device number 2
[  211.963948][  T838] usblp0: removed
[  212.396204][T13698] binder: 13697:13698 ioctl c0306201 200000000240 returned -14
[  212.397655][T13700] (syz.2.2910,13700,0):ocfs2_get_sector:1714 ERROR: status = -5
[  212.402067][T13700] (syz.2.2910,13700,2):ocfs2_sb_probe:753 ERROR: status = -5
[  212.404474][T13700] (syz.2.2910,13700,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  212.407233][T13700] (syz.2.2910,13700,2):ocfs2_fill_super:1177 ERROR: status = -5
[  212.526951][T13712] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2915'.
[  212.568119][T13715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2916'.
[  212.579049][T13715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2916'.
[  212.606523][T13717] netlink: 'syz.2.2917': attribute type 1 has an invalid length.
[  212.610740][T13717] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2917'.
[  212.615346][T13717] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2917'.
[  212.630513][T13718] IPVS: length: 255 != 24
[  212.726602][T13725] tipc: Can't bind to reserved service type 2
[  212.901335][T13736] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13736 comm=syz.1.2924
[  212.907694][T13736] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=60 sclass=netlink_tcpdiag_socket pid=13736 comm=syz.1.2924
[  213.038187][T13752] sctp: [Deprecated]: syz.1.2930 (pid 13752) Use of struct sctp_assoc_value in delayed_ack socket option.
[  213.038187][T13752] Use struct sctp_sack_info instead
[  213.044591][   T40] audit: type=1400 audit(1769005921.059:589): avc:  denied  { write } for  pid=13751 comm="syz.1.2930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  213.212773][T13767] binder: BC_ACQUIRE_RESULT not supported
[  213.215181][T13767] binder: 13766:13767 ioctl c0306201 2000000001c0 returned -22
[  213.461903][  T838] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  213.466572][T13787] bridge2: entered promiscuous mode
[  213.611865][  T838] usb 9-1: Using ep0 maxpacket: 8
[  213.614832][  T838] usb 9-1: config 0 interface 0 has no altsetting 0
[  213.617116][  T838] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  213.620044][  T838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.623866][  T838] usb 9-1: config 0 descriptor??
[  214.034874][  T838] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  214.240567][T13767] netlink: 'syz.4.2935': attribute type 7 has an invalid length.
[  214.243189][T13767] netlink: 'syz.4.2935': attribute type 8 has an invalid length.
[  214.257023][  T838] usb 9-1: USB disconnect, device number 3
[  214.465630][   T40] audit: type=1400 audit(1769005922.479:590): avc:  denied  { getopt } for  pid=13792 comm="syz.1.2945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  214.466105][T13793] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  214.475080][T13793] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  214.569568][   T40] audit: type=1800 audit(1769005922.579:591): pid=13797 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2946" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  214.902860][T13814] FAULT_INJECTION: forcing a failure.
[  214.902860][T13814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.907028][T13814] CPU: 3 UID: 0 PID: 13814 Comm: syz.2.2952 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.907049][T13814] Tainted: [L]=SOFTLOCKUP
[  214.907053][T13814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.907060][T13814] Call Trace:
[  214.907065][T13814]  <TASK>
[  214.907070][T13814]  dump_stack_lvl+0x16c/0x1f0
[  214.907108][T13814]  should_fail_ex+0x512/0x640
[  214.907127][T13814]  _copy_from_user+0x2e/0xd0
[  214.907146][T13814]  ax25_setsockopt+0x521/0x1220
[  214.907161][T13814]  ? __pfx_ax25_setsockopt+0x10/0x10
[  214.907178][T13814]  ? selinux_socket_setsockopt+0x6a/0x80
[  214.907192][T13814]  ? __pfx_ax25_setsockopt+0x10/0x10
[  214.907206][T13814]  do_sock_setsockopt+0xf3/0x1d0
[  214.907224][T13814]  __sys_setsockopt+0x1a0/0x230
[  214.907239][T13814]  __x64_sys_setsockopt+0xbd/0x160
[  214.907251][T13814]  ? do_syscall_64+0x91/0xf80
[  214.907290][T13814]  ? lockdep_hardirqs_on+0x7c/0x110
[  214.907305][T13814]  do_syscall_64+0xcd/0xf80
[  214.907322][T13814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.907346][T13814] RIP: 0033:0x7f492618f7c9
[  214.907356][T13814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.907367][T13814] RSP: 002b:00007f4927021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  214.907378][T13814] RAX: ffffffffffffffda RBX: 00007f49263e5fa0 RCX: 00007f492618f7c9
[  214.907385][T13814] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000004
[  214.907392][T13814] RBP: 00007f4927021090 R08: 0000000000000010 R09: 0000000000000000
[  214.907398][T13814] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.907404][T13814] R13: 00007f49263e6038 R14: 00007f49263e5fa0 R15: 00007fff53b93268
[  214.907419][T13814]  </TASK>
[  214.995063][T13816] netlink: 'syz.4.2953': attribute type 1 has an invalid length.
[  215.019427][T13816] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  215.025715][T13816] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  215.069787][T13825] gretap1: entered promiscuous mode
[  215.073186][T13825] bond1: (slave gretap1): making interface the new active one
[  215.075788][T13825] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  215.105756][T13816] macvlan2: entered promiscuous mode
[  215.107531][T13816] macvlan2: entered allmulticast mode
[  215.109722][T13816] bond1: entered promiscuous mode
[  215.111925][T13816] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  215.115904][T13816] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  215.121470][T13816] bond1: left promiscuous mode
[  215.242915][T13835] netlink: 'syz.4.2960': attribute type 1 has an invalid length.
[  215.246172][T13835] NCSI netlink: No device for ifindex 0
[  215.287802][T13842] sp0: Synchronizing with TNC
[  215.739524][T13863] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  215.751472][T13863] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  215.950005][T13873] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  216.231881][   T53] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  216.233106][T13842] [U] �
[  216.359502][T13885] FAULT_INJECTION: forcing a failure.
[  216.359502][T13885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.365695][T13885] CPU: 0 UID: 0 PID: 13885 Comm: syz.2.2979 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  216.365726][T13885] Tainted: [L]=SOFTLOCKUP
[  216.365732][T13885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.365743][T13885] Call Trace:
[  216.365750][T13885]  <TASK>
[  216.365762][T13885]  dump_stack_lvl+0x16c/0x1f0
[  216.365815][T13885]  should_fail_ex+0x512/0x640
[  216.365843][T13885]  _copy_to_user+0x32/0xd0
[  216.365873][T13885]  simple_read_from_buffer+0xcb/0x170
[  216.365901][T13885]  proc_fail_nth_read+0x197/0x240
[  216.365922][T13885]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.365944][T13885]  ? rw_verify_area+0xcf/0x6c0
[  216.365964][T13885]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.365983][T13885]  vfs_read+0x1e4/0xcf0
[  216.366007][T13885]  ? __pfx___mutex_lock+0x10/0x10
[  216.366036][T13885]  ? __pfx_vfs_read+0x10/0x10
[  216.366066][T13885]  ? __fget_files+0x20e/0x3c0
[  216.366100][T13885]  ksys_read+0x12a/0x250
[  216.366122][T13885]  ? __pfx_ksys_read+0x10/0x10
[  216.366153][T13885]  do_syscall_64+0xcd/0xf80
[  216.366181][T13885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.366200][T13885] RIP: 0033:0x7f492618e1dc
[  216.366214][T13885] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  216.366231][T13885] RSP: 002b:00007f4927021030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  216.366249][T13885] RAX: ffffffffffffffda RBX: 00007f49263e5fa0 RCX: 00007f492618e1dc
[  216.366260][T13885] RDX: 000000000000000f RSI: 00007f49270210a0 RDI: 0000000000000003
[  216.366271][T13885] RBP: 00007f4927021090 R08: 0000000000000000 R09: 0000000000000000
[  216.366281][T13885] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.366292][T13885] R13: 00007f49263e6038 R14: 00007f49263e5fa0 R15: 00007fff53b93268
[  216.366320][T13885]  </TASK>
[  216.410325][   T53] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  216.454511][T13887] netlink: 'syz.2.2980': attribute type 1 has an invalid length.
[  216.455928][   T53] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.460988][   T53] usb 9-1: Product: syz
[  216.462394][   T53] usb 9-1: Manufacturer: syz
[  216.463892][   T53] usb 9-1: SerialNumber: syz
[  216.468484][   T53] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  216.472472][T13887] bond1: entered promiscuous mode
[  216.474943][T13887] 8021q: adding VLAN 0 to HW filter on device bond1
[  216.489105][  T959] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  216.495672][T13887] 8021q: adding VLAN 0 to HW filter on device bond1
[  216.498313][T13887] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  216.501642][T13887] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  216.507611][T13887] bond1: (slave vxcan3): making interface the new active one
[  216.510027][T13887] vxcan3: entered promiscuous mode
[  216.513362][T13887] vxcan3: left promiscuous mode
[  216.696439][T13876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  216.700149][T13876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  216.873207][T13895] kAFS: unparsable volume name
[  216.944102][T13905] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  216.963422][ T8144] usb 9-1: USB disconnect, device number 4
[  217.088075][   T40] audit: type=1400 audit(1769005925.099:592): avc:  denied  { setopt } for  pid=13920 comm="syz.2.2995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  217.096681][T13921] __nla_validate_parse: 14 callbacks suppressed
[  217.096693][T13921] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2995'.
[  217.106735][T13923] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.2996'.
[  217.147420][T13925] netlink: 'syz.0.2997': attribute type 13 has an invalid length.
[  217.210346][T13925] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.214222][T13925] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.237346][T13928] QAT: failed to copy from user.
[  217.286178][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2999'.
[  217.309271][T13925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.320552][T13925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.471842][ T1146] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.475834][ T1146] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.482434][ T1146] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.485766][ T1146] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.490903][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2999'.
[  217.508266][T13935] usb usb8: usbfs: process 13935 (syz.0.3000) did not claim interface 0 before use
[  217.523453][  T959] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  217.526245][  T959] ath9k_htc: Failed to initialize the device
[  217.529792][ T8144] usb 9-1: ath9k_htc: USB layer deinitialized
[  217.965010][T13960] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3007'.
[  218.031263][T13965] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  218.078451][T13969] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3011'.
[  218.133895][T13973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3013'.
[  218.157571][T13973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3013'.
[  218.192981][   T40] audit: type=1400 audit(1769005926.209:593): avc:  denied  { listen } for  pid=13978 comm="syz.4.3017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  218.221669][T13983] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3018'.
[  218.267574][T13988] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  218.328313][   T40] audit: type=1400 audit(218.266:594): avc:  denied  { accept } for  pid=13991 comm="syz.1.3022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  218.448920][   T40] audit: type=1400 audit(218.386:595): avc:  denied  { setopt } for  pid=13997 comm="syz.2.3025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  218.466526][   T40] audit: type=1400 audit(218.406:596): avc:  denied  { listen } for  pid=13997 comm="syz.2.3025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  218.593948][T14002] kvm: pic: non byte write
[  218.608926][   T40] audit: type=1400 audit(218.546:597): avc:  denied  { view } for  pid=14012 comm="syz.1.3031" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  218.812140][T14036] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3039'.
[  218.852663][T14039] 9pnet_virtio: no channels available for device syz
[  218.977386][T14050] netlink: 'syz.0.3044': attribute type 39 has an invalid length.
[  219.136634][T14061] bridge10: entered promiscuous mode
[  219.139146][T14061] bridge10: entered allmulticast mode
[  219.199491][T14067] 8021q: adding VLAN 0 to HW filter on device bond1
[  219.218201][T14067] bond1: (slave ip6gretap1): making interface the new active one
[  219.221517][T14067] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  219.387051][ T1473] IPVS: starting estimator thread 0...
[  219.494586][T14088] IPVS: using max 44 ests per chain, 105600 per kthread
[  219.672594][   T40] audit: type=1400 audit(219.606:598): avc:  denied  { ioctl } for  pid=14101 comm="syz.4.3062" path="/dev/usbmon9" dev="devtmpfs" ino=765 ioctlcmd=0x9208 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  219.838712][   T40] audit: type=1400 audit(219.776:599): avc:  denied  { append } for  pid=14115 comm="syz.2.3067" name="001" dev="devtmpfs" ino=755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  219.887419][T14123] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  221.418593][T14142] netlink: 'syz.2.3073': attribute type 1 has an invalid length.
[  221.673232][T14142] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  221.682108][ T5953] Bluetooth: hci4: command 0x0405 tx timeout
[  221.923643][T14135] FAULT_INJECTION: forcing a failure.
[  221.923643][T14135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.928115][T14135] CPU: 0 UID: 0 PID: 14135 Comm: syz.4.3074 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  221.928142][T14135] Tainted: [L]=SOFTLOCKUP
[  221.928148][T14135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.928158][T14135] Call Trace:
[  221.928165][T14135]  <TASK>
[  221.928171][T14135]  dump_stack_lvl+0x16c/0x1f0
[  221.928199][T14135]  should_fail_ex+0x512/0x640
[  221.928219][T14135]  _copy_from_user+0x2e/0xd0
[  221.928246][T14135]  __sys_bpf+0x248/0x4980
[  221.928280][T14135]  ? __pfx___sys_bpf+0x10/0x10
[  221.928302][T14135]  ? find_held_lock+0x2b/0x80
[  221.928332][T14135]  ? find_held_lock+0x2b/0x80
[  221.928364][T14135]  ? __mutex_unlock_slowpath+0x161/0x790
[  221.928402][T14135]  ? fput+0x70/0xf0
[  221.928417][T14135]  ? ksys_write+0x1ac/0x250
[  221.928438][T14135]  ? __pfx_ksys_write+0x10/0x10
[  221.928463][T14135]  __x64_sys_bpf+0x78/0xc0
[  221.928487][T14135]  ? lockdep_hardirqs_on+0x7c/0x110
[  221.928509][T14135]  do_syscall_64+0xcd/0xf80
[  221.928534][T14135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.928552][T14135] RIP: 0033:0x7fab42d8f7c9
[  221.928566][T14135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.928581][T14135] RSP: 002b:00007fab43c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  221.928597][T14135] RAX: ffffffffffffffda RBX: 00007fab42fe5fa0 RCX: 00007fab42d8f7c9
[  221.928608][T14135] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  221.928617][T14135] RBP: 00007fab43c4e090 R08: 0000000000000000 R09: 0000000000000000
[  221.928627][T14135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.928637][T14135] R13: 00007fab42fe6038 R14: 00007fab42fe5fa0 R15: 00007ffe6ec94b78
[  221.928661][T14135]  </TASK>
[  222.228350][T14173] __nla_validate_parse: 13 callbacks suppressed
[  222.228371][T14173] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3088'.
[  222.231089][T14174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3089'.
[  222.241691][T14174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3089'.
[  223.388844][T14184] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  224.024929][T14182] FAULT_INJECTION: forcing a failure.
[  224.024929][T14182] name failslab, interval 1, probability 0, space 0, times 0
[  224.030262][T14182] CPU: 0 UID: 0 PID: 14182 Comm: syz.2.3092 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  224.030292][T14182] Tainted: [L]=SOFTLOCKUP
[  224.030298][T14182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.030310][T14182] Call Trace:
[  224.030328][T14182]  <TASK>
[  224.030336][T14182]  dump_stack_lvl+0x16c/0x1f0
[  224.030366][T14182]  should_fail_ex+0x512/0x640
[  224.030383][T14182]  ? __kmalloc_cache_node_noprof+0x62/0x830
[  224.030409][T14182]  should_failslab+0xc2/0x120
[  224.030433][T14182]  __kmalloc_cache_node_noprof+0x83/0x830
[  224.030457][T14182]  ? __get_vm_area_node+0x101/0x330
[  224.030489][T14182]  ? __pfx___might_resched+0x10/0x10
[  224.030510][T14182]  ? __get_vm_area_node+0x101/0x330
[  224.030534][T14182]  __get_vm_area_node+0x101/0x330
[  224.030564][T14182]  __vmalloc_node_range_noprof+0x247/0x16b0
[  224.030593][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.030622][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.030649][T14182]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  224.030675][T14182]  ? find_held_lock+0x2b/0x80
[  224.030703][T14182]  ? avc_has_perm_noaudit+0x117/0x3b0
[  224.030726][T14182]  ? avc_has_perm_noaudit+0x149/0x3b0
[  224.030746][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.030764][T14182]  __vmalloc_node_noprof+0xad/0xf0
[  224.030786][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.030808][T14182]  __vmalloc_noprof+0xa3/0x120
[  224.030833][T14182]  ? __pfx___vmalloc_noprof+0x10/0x10
[  224.030859][T14182]  ? rcu_is_watching+0x12/0xc0
[  224.030878][T14182]  ? cap_capable+0x10d/0x3f0
[  224.030899][T14182]  bpf_prog_alloc_no_stats+0x58/0x610
[  224.030917][T14182]  ? security_capable+0x7e/0x260
[  224.030938][T14182]  bpf_prog_alloc+0x3b/0x230
[  224.030955][T14182]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  224.030977][T14182]  bpf_prog_load+0x1a57/0x2cc0
[  224.031010][T14182]  ? __pfx_bpf_prog_load+0x10/0x10
[  224.031054][T14182]  ? avc_has_perm_noaudit+0x149/0x3b0
[  224.031077][T14182]  ? avc_has_perm+0x144/0x1f0
[  224.031113][T14182]  ? selinux_bpf+0xdd/0x130
[  224.031131][T14182]  ? bpf_lsm_bpf+0x9/0x10
[  224.031154][T14182]  __sys_bpf+0x3e72/0x4980
[  224.031207][T14182]  ? __pfx___sys_bpf+0x10/0x10
[  224.031234][T14182]  ? find_held_lock+0x2b/0x80
[  224.031268][T14182]  ? find_held_lock+0x2b/0x80
[  224.031302][T14182]  ? __mutex_unlock_slowpath+0x161/0x790
[  224.031347][T14182]  ? fput+0x70/0xf0
[  224.031364][T14182]  ? ksys_write+0x1ac/0x250
[  224.031387][T14182]  ? __pfx_ksys_write+0x10/0x10
[  224.031412][T14182]  __x64_sys_bpf+0x78/0xc0
[  224.031436][T14182]  ? lockdep_hardirqs_on+0x7c/0x110
[  224.031466][T14182]  do_syscall_64+0xcd/0xf80
[  224.031494][T14182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.031512][T14182] RIP: 0033:0x7f492618f7c9
[  224.031527][T14182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.031544][T14182] RSP: 002b:00007f4927021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.031561][T14182] RAX: ffffffffffffffda RBX: 00007f49263e5fa0 RCX: 00007f492618f7c9
[  224.031572][T14182] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  224.031606][T14182] RBP: 00007f4927021090 R08: 0000000000000000 R09: 0000000000000000
[  224.031616][T14182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.031626][T14182] R13: 00007f49263e6038 R14: 00007f49263e5fa0 R15: 00007fff53b93268
[  224.031652][T14182]  </TASK>
[  224.162755][T14182] syz.2.3092: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  224.167842][T14182] CPU: 0 UID: 0 PID: 14182 Comm: syz.2.3092 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  224.167862][T14182] Tainted: [L]=SOFTLOCKUP
[  224.167866][T14182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.167872][T14182] Call Trace:
[  224.167889][T14182]  <TASK>
[  224.167895][T14182]  dump_stack_lvl+0x16c/0x1f0
[  224.167916][T14182]  warn_alloc+0x248/0x3a0
[  224.167929][T14182]  ? __pfx_warn_alloc+0x10/0x10
[  224.167939][T14182]  ? trace_kmalloc+0x2b/0xb0
[  224.167953][T14182]  ? __kmalloc_cache_node_noprof+0x2ed/0x830
[  224.167971][T14182]  ? __kasan_kmalloc+0x8a/0xb0
[  224.167985][T14182]  ? __get_vm_area_node+0x208/0x330
[  224.168004][T14182]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  224.168025][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.168042][T14182]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  224.168058][T14182]  ? find_held_lock+0x2b/0x80
[  224.168076][T14182]  ? avc_has_perm_noaudit+0x117/0x3b0
[  224.168091][T14182]  ? avc_has_perm_noaudit+0x149/0x3b0
[  224.168103][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.168115][T14182]  __vmalloc_node_noprof+0xad/0xf0
[  224.168131][T14182]  ? bpf_prog_alloc_no_stats+0x58/0x610
[  224.168145][T14182]  __vmalloc_noprof+0xa3/0x120
[  224.168161][T14182]  ? __pfx___vmalloc_noprof+0x10/0x10
[  224.168179][T14182]  ? rcu_is_watching+0x12/0xc0
[  224.168190][T14182]  ? cap_capable+0x10d/0x3f0
[  224.168204][T14182]  bpf_prog_alloc_no_stats+0x58/0x610
[  224.168220][T14182]  ? security_capable+0x7e/0x260
[  224.168233][T14182]  bpf_prog_alloc+0x3b/0x230
[  224.168244][T14182]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  224.168258][T14182]  bpf_prog_load+0x1a57/0x2cc0
[  224.168278][T14182]  ? __pfx_bpf_prog_load+0x10/0x10
[  224.168295][T14182]  ? avc_has_perm_noaudit+0x149/0x3b0
[  224.168307][T14182]  ? avc_has_perm+0x144/0x1f0
[  224.168325][T14182]  ? selinux_bpf+0xdd/0x130
[  224.168336][T14182]  ? bpf_lsm_bpf+0x9/0x10
[  224.168350][T14182]  __sys_bpf+0x3e72/0x4980
[  224.168368][T14182]  ? __pfx___sys_bpf+0x10/0x10
[  224.168388][T14182]  ? find_held_lock+0x2b/0x80
[  224.168416][T14182]  ? find_held_lock+0x2b/0x80
[  224.168446][T14182]  ? __mutex_unlock_slowpath+0x161/0x790
[  224.168486][T14182]  ? fput+0x70/0xf0
[  224.168501][T14182]  ? ksys_write+0x1ac/0x250
[  224.168519][T14182]  ? __pfx_ksys_write+0x10/0x10
[  224.168543][T14182]  __x64_sys_bpf+0x78/0xc0
[  224.168565][T14182]  ? lockdep_hardirqs_on+0x7c/0x110
[  224.168589][T14182]  do_syscall_64+0xcd/0xf80
[  224.168613][T14182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.168624][T14182] RIP: 0033:0x7f492618f7c9
[  224.168634][T14182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.168644][T14182] RSP: 002b:00007f4927021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.168655][T14182] RAX: ffffffffffffffda RBX: 00007f49263e5fa0 RCX: 00007f492618f7c9
[  224.168662][T14182] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  224.168668][T14182] RBP: 00007f4927021090 R08: 0000000000000000 R09: 0000000000000000
[  224.168674][T14182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.168680][T14182] R13: 00007f49263e6038 R14: 00007f49263e5fa0 R15: 00007fff53b93268
[  224.168695][T14182]  </TASK>
[  224.168712][T14182] Mem-Info:
[  224.306718][T14182] active_anon:8343 inactive_anon:0 isolated_anon:0
[  224.306718][T14182]  active_file:7748 inactive_file:43089 isolated_file:0
[  224.306718][T14182]  unevictable:17188 dirty:409 writeback:0
[  224.306718][T14182]  slab_reclaimable:9778 slab_unreclaimable:142886
[  224.306718][T14182]  mapped:27905 shmem:5261 pagetables:1107
[  224.306718][T14182]  sec_pagetables:314 bounce:0
[  224.306718][T14182]  kernel_misc_reclaimable:0
[  224.306718][T14182]  free:366855 free_pcp:17741 free_cma:0
[  224.322583][T14182] Node 0 active_anon:33372kB inactive_anon:0kB active_file:29916kB inactive_file:172152kB unevictable:35616kB isolated(anon):0kB isolated(file):0kB mapped:70660kB dirty:1636kB writeback:0kB shmem:17508kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14688kB pagetables:4220kB sec_pagetables:1252kB all_unreclaimable? no Balloon:0kB
[  224.332704][T14182] Node 1 active_anon:0kB inactive_anon:0kB active_file:1076kB inactive_file:204kB unevictable:33136kB isolated(anon):0kB isolated(file):0kB mapped:40960kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:160kB pagetables:208kB sec_pagetables:4kB all_unreclaimable? no Balloon:0kB
[  224.342248][T14182] Node 0 DMA free:5796kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:304kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:40kB local_pcp:40kB free_cma:0kB
[  224.352407][T14182] lowmem_reserve[]: 0 1235 1235 1235 1235
[  224.354767][T14182] Node 0 DMA32 free:83752kB boost:0kB min:27548kB low:34432kB high:41316kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33372kB inactive_anon:0kB active_file:29916kB inactive_file:172152kB unevictable:35312kB writepending:1636kB zspages:0kB present:2080628kB managed:1265144kB mlocked:0kB bounce:0kB free_pcp:57604kB local_pcp:15748kB free_cma:0kB
[  224.365735][T14182] lowmem_reserve[]: 0 0 0 0 0
[  224.367289][T14182] Node 1 Normal free:1377872kB boost:0kB min:39692kB low:49612kB high:59532kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:1076kB inactive_file:204kB unevictable:33136kB writepending:0kB zspages:0kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:13312kB local_pcp:2852kB free_cma:0kB
[  224.377691][T14182] lowmem_reserve[]: 0 0 0 0 0
[  224.379246][T14182] Node 0 DMA: 7*4kB (UM) 9*8kB (UM) 4*16kB (UM) 6*32kB (UM) 3*64kB (M) 1*128kB (M) 2*256kB (M) 1*512kB (U) 2*1024kB (UM) 1*2048kB (U) 0*4096kB = 5796kB
[  224.384462][T14182] Node 0 DMA32: 230*4kB (U) 872*8kB (UE) 239*16kB (UE) 235*32kB (UE) 136*64kB (UME) 102*128kB (UME) 43*256kB (UME) 26*512kB (UM) 16*1024kB (M) 1*2048kB (U) 0*4096kB = 83752kB
[  224.389959][T14182] Node 1 Normal: 36*4kB (UME) 42*8kB (UME) 41*16kB (UME) 55*32kB (UME) 42*64kB (UME) 33*128kB (UME) 14*256kB (UME) 13*512kB (UME) 8*1024kB (UM) 7*2048kB (UM) 326*4096kB (UM) = 1377872kB
[  224.395982][T14182] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  224.399329][T14182] Node 0 hugepages_total=3 hugepages_free=0 hugepages_surp=1 hugepages_size=2048kB
[  224.402374][T14182] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  224.405341][T14182] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  224.408243][T14182] 71514 total pagecache pages
[  224.409735][T14182] 0 pages in swap cache
[  224.411098][T14182] Free swap  = 124996kB
[  224.412540][T14182] Total swap = 124996kB
[  224.413865][T14182] 1048443 pages RAM
[  224.415088][T14182] 0 pages HighMem/MovableOnly
[  224.416787][T14182] 282846 pages reserved
[  224.418202][T14182] 0 pages cma reserved
[  224.595439][   T40] audit: type=1400 audit(224.536:600): avc:  denied  { listen } for  pid=14203 comm="syz.4.3098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  224.711055][T14222] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  225.028868][T14242] smc: net device bond0 erased user defined pnetid SYZ0
[  225.088995][T14252] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  225.138535][T14248] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3113'.
[  225.297930][T14267] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3117'.
[  225.343332][T14269] netlink: 207952 bytes leftover after parsing attributes in process `syz.0.3118'.
[  225.405679][T14276] IPVS: set_ctl: invalid protocol: 51 172.20.20.187:20002
[  225.442950][T14281] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3124'.
[  225.446664][T14281] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3124'.
[  225.479981][T14286] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  225.490993][T14290] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  225.492778][T14289] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3126'.
[  225.514359][T14289] 
: renamed from bond0
[  225.523495][T14289] netlink: 'syz.0.3126': attribute type 1 has an invalid length.
[  225.526002][T14289] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3126'.
[  225.528768][T14289] netlink: 'syz.0.3126': attribute type 1 has an invalid length.
[  225.577110][T14299] 9pnet_fd: p9_fd_create_tcp (14299): problem binding to privport
[  225.631647][T14305] openvswitch: netlink: IP tunnel dst address not specified
[  225.644858][T14309] dns_resolver: Unsupported content type (234)
[  225.750643][   T40] audit: type=1400 audit(225.686:601): avc:  denied  { getopt } for  pid=14310 comm="syz.0.3134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  225.894477][   T40] audit: type=1400 audit(225.836:602): avc:  denied  { bind } for  pid=14325 comm="syz.0.3137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  225.978169][T14338] netlink: del zone limit has 4 unknown bytes
[  226.164129][T14341] netlink: 'syz.0.3141': attribute type 13 has an invalid length.
[  226.736772][   T40] audit: type=1804 audit(226.676:603): pid=14349 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.3143" name="/newroot/126/bus/bus" dev="overlay" ino=681 res=1 errno=0
[  226.746032][T14349] evm: overlay not supported
[  226.820082][T14357] trusted_key: encrypted_key: key user:syz not found
[  226.951937][   T53] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  227.035821][T14381] CUSE: unknown device info ""
[  227.037878][T14381] CUSE: zero length info key specified
[  227.055039][T14383] /dev/nullb0: Can't open blockdev
[  227.105702][   T53] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  227.109632][   T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.114316][   T53] usb 6-1: Product: syz
[  227.116057][   T53] usb 6-1: Manufacturer: syz
[  227.118014][   T53] usb 6-1: SerialNumber: syz
[  227.124786][   T53] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  227.140066][   T53] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  227.358425][T14343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.361661][T14343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  227.958138][ T8144] usb 6-1: USB disconnect, device number 2
[  228.296326][T14398] __nla_validate_parse: 2 callbacks suppressed
[  228.296339][T14398] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3159'.
[  228.321242][   T53] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  228.323851][   T53] ath9k_htc: Failed to initialize the device
[  228.327402][ T8144] usb 6-1: ath9k_htc: USB layer deinitialized
[  228.331243][T14400] veth1: entered promiscuous mode
[  228.333223][T14400] veth1: entered allmulticast mode
[  228.347700][T14390] binder: 14389:14390 ioctl 400c620e 2000000021c0 returned -22
[  228.351288][T14390] comedi comedi0: No channels found!
[  228.354817][T14390] loop5: detected capacity change from 0 to 4095
[  228.401703][   T40] audit: type=1400 audit(228.336:604): avc:  denied  { write } for  pid=14406 comm="syz.2.3162" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  228.473783][   T40] audit: type=1400 audit(228.416:605): avc:  denied  { read write } for  pid=14408 comm="syz.4.3163" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  228.487937][   T40] audit: type=1400 audit(228.416:606): avc:  denied  { open } for  pid=14408 comm="syz.4.3163" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  228.499858][   T40] audit: type=1400 audit(228.426:607): avc:  denied  { ioctl } for  pid=14408 comm="syz.4.3163" path="/dev/uhid" dev="devtmpfs" ino=1296 ioctlcmd=0x943c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  228.550518][T14416] sctp: [Deprecated]: syz.0.3166 (pid 14416) Use of struct sctp_assoc_value in delayed_ack socket option.
[  228.550518][T14416] Use struct sctp_sack_info instead
[  228.562396][   T40] audit: type=1326 audit(228.496:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14415 comm="syz.0.3166" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcd5898f7c9 code=0x0
[  228.585917][T14421] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3168'.
[  228.588431][   T40] audit: type=1400 audit(228.526:609): avc:  denied  { mount } for  pid=14417 comm="syz.4.3167" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  228.592770][T14418] overlayfs: upper fs does not support tmpfile.
[  228.652611][T14422] kernel read not supported for file /!selinuxselinux (pid: 14422 comm: syz.0.3166)
[  228.659397][T14422] libceph: resolve '4' (ret=-3): failed
[  228.661694][T14422] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pid=14422 comm=syz.0.3166
[  228.754419][T14427] macsec1: entered promiscuous mode
[  228.755990][T14427] macsec1: entered allmulticast mode
[  228.828679][T14431] IPVS: set_ctl: invalid protocol: 135 172.20.20.66:20003
[  228.843672][T14430] netlink: 'syz.1.3171': attribute type 6 has an invalid length.
[  228.847427][T14430] netlink: 'syz.1.3171': attribute type 6 has an invalid length.
[  229.189262][T14441] loop2: detected capacity change from 0 to 7
[  229.198254][T14441] Dev loop2: unable to read RDB block 7
[  229.203981][T14441]  loop2: AHDI p1 p2 p3
[  229.205803][T14441] loop2: partition table partially beyond EOD, truncated
[  229.208823][T14441] loop2: p1 start 1601398130 is beyond EOD, truncated
[  229.212372][T14441] loop2: p2 start 1702059890 is beyond EOD, truncated
[  229.386917][T14447] Failed to get privilege flags for destination (handle=0x2:0x0)
[  229.386990][T14448] Failed to get privilege flags for destination (handle=0x2:0x0)
[  229.422607][ T6150] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  229.429915][T14450] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3177'.
[  229.475553][T14452] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3178'.
[  229.551858][ T6150] usb 6-1: device descriptor read/64, error -71
[  229.664425][T14464] netlink: 260 bytes leftover after parsing attributes in process `syz.4.3182'.
[  229.670034][T14464] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3182'.
[  229.792063][ T6150] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  229.924433][ T6150] usb 6-1: device descriptor read/64, error -71
[  230.032204][ T6150] usb usb6-port1: attempt power cycle
[  230.371901][ T6150] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  230.403929][ T6150] usb 6-1: device descriptor read/8, error -71
[  230.560971][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  230.560982][   T40] audit: type=1400 audit(230.496:612): avc:  denied  { write } for  pid=14484 comm="syz.2.3189" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  230.635839][T14493] xt_CT: You must specify a L4 protocol and not use inversions on it
[  230.652900][ T6150] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  230.672332][ T6150] usb 6-1: device descriptor read/8, error -71
[  230.674776][T14497] vivid-000: disconnect
[  230.701403][T14496] vivid-000: reconnect
[  230.721109][T14502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3195'.
[  230.768543][T14509] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  230.794031][ T6150] usb usb6-port1: unable to enumerate USB device
[  230.865173][T14522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3201'.
[  230.877832][T14522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3201'.
[  231.069091][ T5953] Bluetooth: hci4: unexpected event for opcode 0x0c1b
[  231.125690][T14528] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3202'.
[  231.711856][T14540] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  232.665488][T14550] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  232.670709][T14550] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  233.093625][T14550] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  233.103698][T14550] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  233.105763][T14550] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  233.108603][T14550] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  233.111613][T14550] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  233.113815][T14550] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  233.118215][T14550] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  233.127628][T14572] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  233.195193][T14586] PKCS7: Unknown OID: [4] 5.25.43204.122
[  233.196972][T14586] PKCS7: Only support pkcs7_signedData type
[  233.217381][T14573] process 'memfd:-B�N4�Ey�ѧ�S�:)' started with executable stack
[  233.544554][T14607] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  233.579594][T14609] __nla_validate_parse: 6 callbacks suppressed
[  233.579606][T14609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3230'.
[  234.002830][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout
[  234.087860][T14603] FAULT_INJECTION: forcing a failure.
[  234.087860][T14603] name failslab, interval 1, probability 0, space 0, times 0
[  234.092067][T14603] CPU: 0 UID: 0 PID: 14603 Comm: syz.0.3227 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  234.092086][T14603] Tainted: [L]=SOFTLOCKUP
[  234.092090][T14603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.092096][T14603] Call Trace:
[  234.092101][T14603]  <TASK>
[  234.092105][T14603]  dump_stack_lvl+0x16c/0x1f0
[  234.092125][T14603]  should_fail_ex+0x512/0x640
[  234.092146][T14603]  ? __kmalloc_cache_noprof+0x5f/0x800
[  234.092158][T14603]  should_failslab+0xc2/0x120
[  234.092178][T14603]  __kmalloc_cache_noprof+0x80/0x800
[  234.092189][T14603]  ? bpf_prog_alloc_no_stats+0x122/0x610
[  234.092205][T14603]  ? bpf_prog_alloc_no_stats+0x122/0x610
[  234.092216][T14603]  bpf_prog_alloc_no_stats+0x122/0x610
[  234.092230][T14603]  bpf_prog_alloc+0x3b/0x230
[  234.092241][T14603]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.092256][T14603]  bpf_prog_load+0x1a57/0x2cc0
[  234.092275][T14603]  ? __pfx_bpf_prog_load+0x10/0x10
[  234.092292][T14603]  ? avc_has_perm_noaudit+0x149/0x3b0
[  234.092306][T14603]  ? avc_has_perm+0x144/0x1f0
[  234.092323][T14603]  ? selinux_bpf+0xdd/0x130
[  234.092334][T14603]  ? bpf_lsm_bpf+0x9/0x10
[  234.092347][T14603]  __sys_bpf+0x3e72/0x4980
[  234.092365][T14603]  ? __pfx___sys_bpf+0x10/0x10
[  234.092380][T14603]  ? find_held_lock+0x2b/0x80
[  234.092401][T14603]  ? find_held_lock+0x2b/0x80
[  234.092421][T14603]  ? __mutex_unlock_slowpath+0x161/0x790
[  234.092445][T14603]  ? fput+0x70/0xf0
[  234.092456][T14603]  ? ksys_write+0x1ac/0x250
[  234.092470][T14603]  ? __pfx_ksys_write+0x10/0x10
[  234.092486][T14603]  __x64_sys_bpf+0x78/0xc0
[  234.092502][T14603]  ? lockdep_hardirqs_on+0x7c/0x110
[  234.092518][T14603]  do_syscall_64+0xcd/0xf80
[  234.092534][T14603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.092546][T14603] RIP: 0033:0x7fcd5898f7c9
[  234.092555][T14603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.092566][T14603] RSP: 002b:00007fcd59853038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  234.092591][T14603] RAX: ffffffffffffffda RBX: 00007fcd58be5fa0 RCX: 00007fcd5898f7c9
[  234.092598][T14603] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  234.092604][T14603] RBP: 00007fcd59853090 R08: 0000000000000000 R09: 0000000000000000
[  234.092610][T14603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.092616][T14603] R13: 00007fcd58be6038 R14: 00007fcd58be5fa0 R15: 00007ffc1abad888
[  234.092631][T14603]  </TASK>
[  234.432184][T14621] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  234.434386][   T40] audit: type=1400 audit(524522.383:613): avc:  denied  { create } for  pid=14620 comm="syz.2.3234" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  234.441154][T14621] overlay: ./file0 is not a directory
[  234.466269][   T40] audit: type=1400 audit(524522.383:614): avc:  denied  { associate } for  pid=14620 comm="syz.2.3234" name="bus" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=2321202E2F6367726F75702F66696C6530616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161
[  234.496147][   T40] audit: type=1400 audit(524522.383:615): avc:  denied  { create } for  pid=14620 comm="syz.2.3234" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161
[  234.532049][   T40] audit: type=1400 audit(524522.383:616): avc:  denied  { write open } for  pid=14620 comm="syz.2.3234" path="/275/file0" dev="tmpfs" ino=1426 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161
[  234.567620][   T40] audit: type=1400 audit(524522.383:617): avc:  denied  { append } for  pid=14620 comm="syz.2.3234" name="file0" dev="tmpfs" ino=1426 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  234.603070][   T40] audit: type=1400 audit(524522.383:618): avc:  denied  { lock } for  pid=14620 comm="syz.2.3234" path="/275/file0" dev="tmpfs" ino=1426 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161
[  234.638257][   T40] audit: type=1400 audit(524522.383:619): avc:  denied  { mounton } for  pid=14620 comm="syz.2.3234" path="/275/bus" dev="tmpfs" ino=1425 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161
[  234.673556][T12013] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  234.856309][T12013] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  234.859474][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  234.863785][T12013] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  234.868607][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  234.873383][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  234.878950][T12013] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  234.881952][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  234.886744][T12013] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  234.891523][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  234.896080][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  234.900922][T12013] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  234.904140][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  234.908557][T12013] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  234.913411][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  234.917893][T12013] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  235.019949][   T40] audit: type=1400 audit(524522.962:620): avc:  denied  { rmdir } for  pid=11912 comm="syz-executor" name="file1" dev="tmpfs" ino=1427 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  235.020503][   T40] audit: type=1400 audit(524522.962:621): avc:  denied  { unlink } for  pid=11912 comm="syz-executor" name="file0" dev="tmpfs" ino=1426 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  235.064228][T14623] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3235'.
[  235.105733][T14623] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3235'.
[  235.115195][T14625] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3236'.
[  235.133385][ T5948] Bluetooth: hci4: command 0x0405 tx timeout
[  235.133407][ T5953] Bluetooth: hci0: command 0x0401 tx timeout
[  235.276166][T14629] ata1.00: invalid multi_count 1 ignored
[  235.335727][T14634] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  235.591606][T14650] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3245'.
[  235.667564][T14652] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3246'.
[  235.713170][T14652] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.3246'.
[  235.716539][T14652] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  235.962934][T14656] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3247'.
[  235.978472][T14656] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3247'.
[  236.083864][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  236.342435][ T5953] Bluetooth: hci4: adv larger than maximum supported
[  236.344647][T14662] tipc: Enabling of bearer <ib:dvmrp1> rejected, failed to enable media
[  236.351996][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  236.352006][   T40] audit: type=1400 audit(524524.292:623): avc:  denied  { name_bind } for  pid=14661 comm="syz.0.3250" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  236.442666][T14675] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3254'.
[  236.503400][   T40] audit: type=1400 audit(524524.442:624): avc:  denied  { write } for  pid=14666 comm="syz.0.3251" path="socket:[50904]" dev="sockfs" ino=50904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  237.204364][ T5953] Bluetooth: hci0: command 0x0401 tx timeout
[  237.214331][ T5953] Bluetooth: hci4: command 0x0405 tx timeout
[  237.493464][T12013] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  237.496390][T12013] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.595727][T14679] FAULT_INJECTION: forcing a failure.
[  237.595727][T14679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.601919][T14679] CPU: 3 UID: 0 PID: 14679 Comm: syz.4.3255 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  237.601951][T14679] Tainted: [L]=SOFTLOCKUP
[  237.601957][T14679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  237.601968][T14679] Call Trace:
[  237.601976][T14679]  <TASK>
[  237.601984][T14679]  dump_stack_lvl+0x16c/0x1f0
[  237.602016][T14679]  should_fail_ex+0x512/0x640
[  237.602037][T14679]  strncpy_from_user+0x3b/0x2e0
[  237.602068][T14679]  bpf_prog_load+0x1eee/0x2cc0
[  237.602106][T14679]  ? __pfx_bpf_prog_load+0x10/0x10
[  237.602133][T14679]  ? avc_has_perm_noaudit+0x149/0x3b0
[  237.602156][T14679]  ? avc_has_perm+0x144/0x1f0
[  237.602188][T14679]  ? selinux_bpf+0xdd/0x130
[  237.602205][T14679]  ? bpf_lsm_bpf+0x9/0x10
[  237.602227][T14679]  __sys_bpf+0x3e72/0x4980
[  237.602257][T14679]  ? __pfx___sys_bpf+0x10/0x10
[  237.602281][T14679]  ? find_held_lock+0x2b/0x80
[  237.602316][T14679]  ? find_held_lock+0x2b/0x80
[  237.602349][T14679]  ? __mutex_unlock_slowpath+0x161/0x790
[  237.602392][T14679]  ? fput+0x70/0xf0
[  237.602408][T14679]  ? ksys_write+0x1ac/0x250
[  237.602430][T14679]  ? __pfx_ksys_write+0x10/0x10
[  237.602458][T14679]  __x64_sys_bpf+0x78/0xc0
[  237.602483][T14679]  ? lockdep_hardirqs_on+0x7c/0x110
[  237.602507][T14679]  do_syscall_64+0xcd/0xf80
[  237.602534][T14679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.602552][T14679] RIP: 0033:0x7fab42d8f7c9
[  237.602567][T14679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.602584][T14679] RSP: 002b:00007fab43c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  237.602602][T14679] RAX: ffffffffffffffda RBX: 00007fab42fe5fa0 RCX: 00007fab42d8f7c9
[  237.602613][T14679] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  237.602623][T14679] RBP: 00007fab43c4e090 R08: 0000000000000000 R09: 0000000000000000
[  237.602634][T14679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.602644][T14679] R13: 00007fab42fe6038 R14: 00007fab42fe5fa0 R15: 00007ffe6ec94b78
[  237.602671][T14679]  </TASK>
[  237.750927][T12013] usb 6-1: can't set config #168, error -71
[  237.755626][T12013] usb 6-1: USB disconnect, device number 7
[  237.892588][T14706] openvswitch: netlink: IPv6 tunnel dst address is zero
[  237.952151][T14713] netlink: 'syz.2.3268': attribute type 1 has an invalid length.
[  238.009450][T14713] 8021q: adding VLAN 0 to HW filter on device bond2
[  238.034011][T14717] bond2: (slave veth5): Enslaving as an active interface with a down link
[  238.050371][T14713] netlink: 'syz.2.3268': attribute type 10 has an invalid length.
[  238.052885][T14713] dummy0: entered promiscuous mode
[  238.175780][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  238.527538][   T54] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  238.676595][   T54] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  238.679983][   T54] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 1071, setting to 1024
[  238.683349][   T54] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  238.686208][   T54] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  238.688828][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.694274][T14713] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  238.700848][   T54] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  238.909133][   T55] usb 7-1: USB disconnect, device number 6
[  239.264708][T14732] FAULT_INJECTION: forcing a failure.
[  239.264708][T14732] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.305777][T14732] CPU: 0 UID: 0 PID: 14732 Comm: syz.4.3273 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  239.305797][T14732] Tainted: [L]=SOFTLOCKUP
[  239.305801][T14732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.305808][T14732] Call Trace:
[  239.305813][T14732]  <TASK>
[  239.305817][T14732]  dump_stack_lvl+0x16c/0x1f0
[  239.305839][T14732]  should_fail_ex+0x512/0x640
[  239.305853][T14732]  strncpy_from_user+0x3b/0x2e0
[  239.305873][T14732]  bpf_prog_load+0x1eee/0x2cc0
[  239.305894][T14732]  ? __pfx_bpf_prog_load+0x10/0x10
[  239.305912][T14732]  ? avc_has_perm_noaudit+0x149/0x3b0
[  239.305926][T14732]  ? avc_has_perm+0x144/0x1f0
[  239.305945][T14732]  ? selinux_bpf+0xdd/0x130
[  239.305956][T14732]  ? bpf_lsm_bpf+0x9/0x10
[  239.305971][T14732]  __sys_bpf+0x3e72/0x4980
[  239.305991][T14732]  ? __pfx___sys_bpf+0x10/0x10
[  239.306007][T14732]  ? find_held_lock+0x2b/0x80
[  239.306028][T14732]  ? find_held_lock+0x2b/0x80
[  239.306049][T14732]  ? __mutex_unlock_slowpath+0x161/0x790
[  239.306076][T14732]  ? fput+0x70/0xf0
[  239.306087][T14732]  ? ksys_write+0x1ac/0x250
[  239.306102][T14732]  ? __pfx_ksys_write+0x10/0x10
[  239.306119][T14732]  __x64_sys_bpf+0x78/0xc0
[  239.306137][T14732]  ? lockdep_hardirqs_on+0x7c/0x110
[  239.306154][T14732]  do_syscall_64+0xcd/0xf80
[  239.306172][T14732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.306184][T14732] RIP: 0033:0x7fab42d8f7c9
[  239.306194][T14732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.306205][T14732] RSP: 002b:00007fab43c4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  239.306217][T14732] RAX: ffffffffffffffda RBX: 00007fab42fe5fa0 RCX: 00007fab42d8f7c9
[  239.306224][T14732] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  239.306230][T14732] RBP: 00007fab43c4e090 R08: 0000000000000000 R09: 0000000000000000
[  239.306237][T14732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  239.306243][T14732] R13: 00007fab42fe6038 R14: 00007fab42fe5fa0 R15: 00007ffe6ec94b78
[  239.306259][T14732]  </TASK>
[  239.395474][ T5953] Bluetooth: hci4: command 0x0405 tx timeout
[  239.397511][ T5953] Bluetooth: hci0: command 0x0401 tx timeout
[  239.542333][T14749] __nla_validate_parse: 4 callbacks suppressed
[  239.542346][T14749] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3277'.
[  239.577641][T14754] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 4π!F���Vl�uc'f`�ކ�;��1�
[  239.599451][T14752] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  239.845860][   T54] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  239.995766][   T54] usb 9-1: Using ep0 maxpacket: 16
[  239.998784][   T54] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  240.003958][   T54] usb 9-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  240.006881][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.009329][   T54] usb 9-1: Product: syz
[  240.010251][T14781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3284'.
[  240.010620][   T54] usb 9-1: Manufacturer: syz
[  240.015804][   T54] usb 9-1: SerialNumber: syz
[  240.018651][   T54] usb 9-1: config 0 descriptor??
[  240.021275][   T54] hub 9-1:0.0: bad descriptor, ignoring hub
[  240.023198][   T54] hub 9-1:0.0: probe with driver hub failed with error -5
[  240.025228][T14781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3284'.
[  240.026990][   T54] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input23
[  241.334443][T14785] FAULT_INJECTION: forcing a failure.
[  241.334443][T14785] name failslab, interval 1, probability 0, space 0, times 0
[  241.338829][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.0.3286 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  241.338849][T14785] Tainted: [L]=SOFTLOCKUP
[  241.338852][T14785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  241.338860][T14785] Call Trace:
[  241.338863][T14785]  <TASK>
[  241.338868][T14785]  dump_stack_lvl+0x16c/0x1f0
[  241.338888][T14785]  should_fail_ex+0x512/0x640
[  241.338899][T14785]  ? __kmalloc_noprof+0xca/0x910
[  241.338911][T14785]  should_failslab+0xc2/0x120
[  241.338926][T14785]  __kmalloc_noprof+0xeb/0x910
[  241.338935][T14785]  ? find_held_lock+0x2b/0x80
[  241.338953][T14785]  ? lsm_blob_alloc+0x68/0x90
[  241.338967][T14785]  ? lsm_blob_alloc+0x68/0x90
[  241.338976][T14785]  ? __asan_memset+0x23/0x50
[  241.338986][T14785]  lsm_blob_alloc+0x68/0x90
[  241.338997][T14785]  security_bpf_prog_load+0x5d/0x2e0
[  241.339015][T14785]  bpf_prog_load+0x10f4/0x2cc0
[  241.339066][T14785]  ? __pfx_bpf_prog_load+0x10/0x10
[  241.339083][T14785]  ? avc_has_perm_noaudit+0x149/0x3b0
[  241.339097][T14785]  ? avc_has_perm+0x144/0x1f0
[  241.339115][T14785]  ? selinux_bpf+0xdd/0x130
[  241.339125][T14785]  ? bpf_lsm_bpf+0x9/0x10
[  241.339139][T14785]  __sys_bpf+0x3e72/0x4980
[  241.339157][T14785]  ? __pfx___sys_bpf+0x10/0x10
[  241.339173][T14785]  ? find_held_lock+0x2b/0x80
[  241.339192][T14785]  ? find_held_lock+0x2b/0x80
[  241.339212][T14785]  ? __mutex_unlock_slowpath+0x161/0x790
[  241.339248][T14785]  ? fput+0x70/0xf0
[  241.339260][T14785]  ? ksys_write+0x1ac/0x250
[  241.339275][T14785]  ? __pfx_ksys_write+0x10/0x10
[  241.339292][T14785]  __x64_sys_bpf+0x78/0xc0
[  241.339308][T14785]  ? lockdep_hardirqs_on+0x7c/0x110
[  241.339323][T14785]  do_syscall_64+0xcd/0xf80
[  241.339340][T14785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.339352][T14785] RIP: 0033:0x7fcd5898f7c9
[  241.339361][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.339372][T14785] RSP: 002b:00007fcd59853038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  241.339383][T14785] RAX: ffffffffffffffda RBX: 00007fcd58be5fa0 RCX: 00007fcd5898f7c9
[  241.339390][T14785] RDX: 0000000000000094 RSI: 00002000000003c0 RDI: 0000000000000005
[  241.339396][T14785] RBP: 00007fcd59853090 R08: 0000000000000000 R09: 0000000000000000
[  241.339402][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  241.339409][T14785] R13: 00007fcd58be6038 R14: 00007fcd58be5fa0 R15: 00007ffc1abad888
[  241.339423][T14785]  </TASK>
[  241.489623][   T40] audit: type=1400 audit(524529.429:625): avc:  denied  { read } for  pid=14787 comm="syz.2.3287" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  241.499968][T14791] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  241.500847][   T40] audit: type=1400 audit(524529.429:626): avc:  denied  { open } for  pid=14787 comm="syz.2.3287" path="/289/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  241.503777][T14791] block device autoloading is deprecated and will be removed.
[  241.510550][   T40] audit: type=1400 audit(524529.439:627): avc:  denied  { write } for  pid=14792 comm="syz.1.3288" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  241.523566][   T40] audit: type=1400 audit(524529.459:628): avc:  denied  { ioctl } for  pid=14787 comm="syz.2.3287" path="/289/file0/file0" dev="fuse" ino=0 ioctlcmd=0xaf7c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  241.528073][T14788] program syz.2.3287 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.607104][ T5987] usb 9-1: USB disconnect, device number 5
[  241.746690][ T8144] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  241.901991][ T8144] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  241.905814][ T8144] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.909835][ T8144] usb 5-1: Product: syz
[  241.911700][ T8144] usb 5-1: Manufacturer: syz
[  241.913693][ T8144] usb 5-1: SerialNumber: syz
[  241.921240][ T8144] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  241.934383][T12013] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  242.055061][T14804] Cannot find add_set index 65532 as target
[  242.557357][   T54] usb 5-1: USB disconnect, device number 3
[  242.837506][T14813] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3293'.
[  242.859272][T14813] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3293'.
[  242.899448][   T40] audit: type=1400 audit(524530.839:629): avc:  denied  { lock } for  pid=14817 comm="syz.2.3296" path="socket:[51141]" dev="sockfs" ino=51141 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  242.937656][T14819] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode
[  242.967348][T12013] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  242.969379][T14825] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  242.969798][T12013] ath9k_htc: Failed to initialize the device
[  242.987513][   T54] usb 5-1: ath9k_htc: USB layer deinitialized
[  244.393776][T14839] netlink: 'syz.0.3303': attribute type 1 has an invalid length.
[  244.396753][T14839] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3303'.
[  245.341390][T14859] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  245.597059][ T5948] Bluetooth: hci0: unexpected event for opcode 0x1405
[  245.597438][T14861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3309'.
[  245.603785][T14861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3309'.
[  245.779015][T14867] netlink: 'syz.4.3313': attribute type 3 has an invalid length.
[  245.796496][   T40] audit: type=1400 audit(524533.727:630): avc:  denied  { listen } for  pid=14874 comm="syz.1.3316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  245.831055][T14888] IPv6: NLM_F_CREATE should be specified when creating new route
[  246.004609][T14899] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  247.080212][T14907] sctp: [Deprecated]: syz.4.3326 (pid 14907) Use of struct sctp_assoc_value in delayed_ack socket option.
[  247.080212][T14907] Use struct sctp_sack_info instead
[  247.085400][T14907] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3326'.
[  247.149209][   T40] audit: type=1400 audit(524535.067:631): avc:  denied  { setopt } for  pid=14910 comm="syz.1.3327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  247.169496][T14919] netlink: 'syz.1.3331': attribute type 10 has an invalid length.
[  247.175057][T14919] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.179336][T14919] bridge_slave_1: left allmulticast mode
[  247.181555][   T40] audit: type=1400 audit(524535.117:632): avc:  denied  { mounton } for  pid=14911 comm="syz.0.3329" path="/bus" dev="ramfs" ino=51958 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  247.183204][T14912] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  247.188336][T14919] bridge_slave_1: left promiscuous mode
[  247.193027][T14919] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.194179][T14912] overlayfs: failed to set xattr on upper
[  247.197455][T14912] overlayfs: ...falling back to redirect_dir=nofollow.
[  247.202859][T14919] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  247.203575][T14912] overlayfs: ...falling back to index=off.
[  247.207594][T14912] overlayfs: ...falling back to uuid=null.
[  247.209476][T14912] overlayfs: ...falling back to xino=off.
[  247.211297][T14912] overlayfs: conflicting lowerdir path
[  247.223091][T14912] veth1: left promiscuous mode
[  247.224826][T14912] veth1: left allmulticast mode
[  247.249211][T14927] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  247.276791][T14921] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  247.279156][T14921] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  247.286090][T14921] vhci_hcd vhci_hcd.0: Device attached
[  247.288937][T14931] vhci_hcd: unknown pdu 1
[  247.297083][ T1206] vhci_hcd vhci_hcd.2: stop threads
[  247.299460][ T1206] vhci_hcd vhci_hcd.2: release socket
[  247.301074][ T1206] vhci_hcd vhci_hcd.2: disconnect device
[  247.393658][T14930] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3335'.
[  247.480757][T12013] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  247.641058][T12013] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  247.643774][T12013] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  247.646910][T12013] usb 5-1: config 0 interface 0 has no altsetting 0
[  247.651271][T12013] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  247.654190][T12013] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  247.656753][T12013] usb 5-1: Product: syz
[  247.658115][T12013] usb 5-1: Manufacturer: syz
[  247.659777][T12013] usb 5-1: SerialNumber: syz
[  247.662637][T12013] usb 5-1: config 0 descriptor??
[  247.665313][T12013] hub 5-1:0.0: bad descriptor, ignoring hub
[  247.667241][T12013] hub 5-1:0.0: probe with driver hub failed with error -5
[  247.671195][T12013] usb 5-1: selecting invalid altsetting 0
[  248.291445][T14912] usb 5-1: reset high-speed USB device number 4 using dummy_hcd
[  248.612669][T14912] usb 5-1: device firmware changed
[  248.632629][   T53] usb 5-1: USB disconnect, device number 4
[  248.656609][T14949] netlink: 'syz.4.3342': attribute type 1 has an invalid length.
[  248.675148][T14952] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  248.681190][T14949] 8021q: adding VLAN 0 to HW filter on device bond2
[  248.779952][   T53] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  248.823775][T14949] bond2: (slave veth5): Enslaving as an active interface with a down link
[  248.833090][T14953] vlan2: entered allmulticast mode
[  248.834758][T14953] veth1: entered allmulticast mode
[  248.836829][T14953] veth1: entered promiscuous mode
[  248.838761][T14953] veth1: left promiscuous mode
[  248.844567][T14953] bond2: (slave vlan2): making interface the new active one
[  248.848697][T14953] veth1: entered promiscuous mode
[  248.852855][T14953] vlan2: entered promiscuous mode
[  248.855053][T14953] bond2: (slave vlan2): Enslaving as an active interface with an up link
[  248.942796][   T53] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  248.945526][   T53] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  248.948756][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  248.953377][   T53] usb 5-1: string descriptor 0 read error: -22
[  248.955461][   T53] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  248.958553][   T53] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  248.963102][   T53] usb 5-1: config 0 descriptor??
[  248.970753][   T53] hub 5-1:0.0: bad descriptor, ignoring hub
[  248.972780][   T53] hub 5-1:0.0: probe with driver hub failed with error -5
[  248.978079][   T53] usb 5-1: selecting invalid altsetting 0
[  249.295205][T14983] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  249.300415][  T838] usb 5-1: USB disconnect, device number 5
[  249.320006][T14985] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3353'.
[  249.341224][T14985] ip6gre1: entered promiscuous mode
[  249.342774][T14985] ip6gre1: entered allmulticast mode
[  249.351636][   T61] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  249.354517][   T61] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  249.370481][  T838] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  249.391048][  T838] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  249.730681][  T838] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  249.744166][T15001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3357'.
[  249.747779][T15001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3357'.
[  249.784194][T15001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3357'.
[  249.789608][T15001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3357'.
[  249.846218][T15001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3357'.
[  249.859035][T15000] delete_channel: no stack
[  250.432903][ T5948] Bluetooth: hci4: Malformed LE Event: 0x02
[  250.650295][T15043] binder: BINDER_SET_CONTEXT_MGR already set
[  250.656567][T15043] binder: 15042:15043 ioctl 4018620d 2000000000c0 returned -16
[  250.659791][T15043] binder: BINDER_SET_CONTEXT_MGR already set
[  250.668708][T15043] binder: 15042:15043 ioctl 4018620d 2000000000c0 returned -16
[  250.808548][T15039] __nla_validate_parse: 1 callbacks suppressed
[  250.808559][T15039] netlink: 184 bytes leftover after parsing attributes in process `syz.1.3364'.
[  250.991351][  T838] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  251.125601][T15063] bond1: option mode: unable to set because the bond device has slaves
[  251.162523][  T838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.165914][  T838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.169360][  T838] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  251.173518][  T838] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  251.176409][  T838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.180245][  T838] usb 5-1: config 0 descriptor??
[  251.263859][T15077] /dev/nullb0: Can't open blockdev
[  251.267720][   T40] audit: type=1400 audit(524539.195:633): avc:  denied  { ioctl } for  pid=15076 comm="syz.2.3380" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  251.290769][T15075] 9pnet_virtio: no channels available for device syz
[  251.305136][T15077] /dev/nullb0: Can't open blockdev
[  251.305160][   T40] audit: type=1400 audit(524539.235:634): avc:  denied  { mounton } for  pid=15076 comm="syz.2.3380" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  251.392892][T15089] netlink: 'syz.2.3384': attribute type 1 has an invalid length.
[  251.413069][T15089] 8021q: adding VLAN 0 to HW filter on device bond3
[  251.434075][T15089] bond3: (slave geneve3): making interface the new active one
[  251.437416][T15089] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  251.461580][T15089] netlink: 240 bytes leftover after parsing attributes in process `syz.2.3384'.
[  251.518538][T15095] /dev/nullb0: Can't open blockdev
[  251.549879][T15097] netlink: 'syz.2.3387': attribute type 9 has an invalid length.
[  251.591057][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.593834][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.597171][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.600166][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.603205][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.606196][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.609227][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.612379][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.615518][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.618232][  T838] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  251.627664][  T838] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  251.726610][T15109] 9pnet_virtio: no channels available for device syz
[  251.765939][T15111] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3392'.
[  251.769134][T15111] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  252.387721][  T838] usb 5-1: USB disconnect, device number 6
[  252.517458][   T40] audit: type=1400 audit(524540.444:635): avc:  denied  { ioctl } for  pid=15128 comm="syz.4.3398" path="socket:[53205]" dev="sockfs" ino=53205 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  252.533034][   T40] audit: type=1400 audit(524540.444:636): avc:  denied  { lock } for  pid=15128 comm="syz.4.3398" path="socket:[53205]" dev="sockfs" ino=53205 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  252.572085][T15140] random: crng reseeded on system resumption
[  252.602716][   T40] audit: type=1400 audit(524540.534:637): avc:  denied  { remount } for  pid=15141 comm="syz.2.3401" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  252.602726][T15142] max out of range
[  252.684208][T15166] mkiss: ax0: crc mode is auto.
[  252.718619][T15178] nfs4: Unknown parameter '��������'
[  252.784807][   T40] audit: type=1804 audit(524540.704:638): pid=15142 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.3401" name="/newroot/329/file1" dev="fuse" ino=1 res=1 errno=0
[  253.072973][   T40] audit: type=1400 audit(524541.004:639): avc:  denied  { accept } for  pid=15231 comm="syz.0.3413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  253.199341][   T40] audit: type=1326 audit(524541.124:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15252 comm="syz.0.3420" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd5898f7c9 code=0x0
[  253.347536][   T40] audit: type=1400 audit(524541.274:641): avc:  denied  { connect } for  pid=15263 comm="syz.2.3425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  253.359211][T15270] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.361324][   T40] audit: type=1400 audit(524541.284:642): avc:  denied  { mounton } for  pid=15271 comm="syz.1.3427" path="/280/file0" dev="tmpfs" ino=1486 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  253.361608][T15270] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  253.374229][T15270] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  253.397354][   T40] audit: type=1400 audit(524541.324:643): avc:  denied  { search } for  pid=15276 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.403929][   T40] audit: type=1400 audit(524541.324:644): avc:  denied  { search } for  pid=15276 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=1897 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.420141][T15278] XFS (nbd1): SB validate failed with error -5.
[  253.488560][T15290] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3429'.
[  253.542292][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  253.561633][T15298] Invalid ELF header magic: != ELF
[  253.645590][T15308] binder: 15307:15308 unknown command 0
[  253.648335][T15308] binder: 15307:15308 ioctl c0306201 200000000080 returned -22
[  253.661597][T15308] binder: 15307:15308 ioctl c0306201 2000000003c0 returned -14
[  253.662325][T15309] binder: 15307:15309 ioctl 4008af04 200000000280 returned -22
[  253.820264][T15326] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3438'.
[  253.889917][T15324] syzkaller0: entered promiscuous mode
[  253.891790][T15324] syzkaller0: entered allmulticast mode
[  255.396480][T15335] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3441'.
[  256.598829][T15343] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3442'.
[  256.765805][T15359] cdrom: dropping to single frame dma
[  256.810809][T15372] netlink: 'syz.4.3452': attribute type 32 has an invalid length.
[  256.843979][T15378] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  256.846165][T15378] overlayfs: failed to set xattr on upper
[  256.847957][T15378] overlayfs: ...falling back to redirect_dir=nofollow.
[  256.850074][T15378] overlayfs: ...falling back to index=off.
[  256.851923][T15378] overlayfs: ...falling back to uuid=null.
[  256.882041][T15382] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  256.885863][T15382] overlayfs: failed to set xattr on upper
[  256.888318][T15382] overlayfs: ...falling back to redirect_dir=nofollow.
[  256.891428][T15382] overlayfs: ...falling back to index=off.
[  256.894259][T15382] overlayfs: ...falling back to uuid=null.
[  256.902825][T15385] IPv6: Can't replace route, no match found
[  256.985612][T15391] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  256.989166][T15391] IPv6: NLM_F_CREATE should be set when creating new route
[  257.107637][T15407] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  257.157023][T15414] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3469'.
[  257.191886][T15418] nfs: Unknown parameter 'lok'
[  257.241686][T15424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3474'.
[  257.246594][T15424] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3474'.
[  257.251056][T15426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3475'.
[  257.251690][T15424] netlink: 'syz.4.3474': attribute type 20 has an invalid length.
[  257.263061][T15424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3474'.
[  257.267522][T15424] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3474'.
[  257.272079][T15424] netlink: 'syz.4.3474': attribute type 20 has an invalid length.
[  257.280395][T15424] tipc: Started in network mode
[  257.282794][T15424] tipc: Node identity ac14140f, cluster identity 4711
[  257.286802][T15424] tipc: New replicast peer: 255.255.255.255
[  257.290335][T15424] tipc: Enabled bearer <udp:syz2>, priority 10
[  257.296022][T15424] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3474'.
[  257.301402][T15424] tipc: Disabling bearer <udp:syz2>
[  257.309435][T15424] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=15424 comm=syz.4.3474
[  257.327695][T15432] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  257.394222][T12013] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  257.472601][T15451] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3483'.
[  257.477357][T15451] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3483'.
[  257.546049][T12013] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  257.549495][T12013] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  257.552838][T12013] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  257.555695][T12013] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.561417][T15416] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  257.566376][T12013] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  257.833419][T12013] usb 5-1: USB disconnect, device number 7
[  257.894074][T15457] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  257.928674][T15459] tmpfs: Cannot change global quota limit on remount
[  257.937326][T15459] tmpfs: Unknown parameter '@'
[  257.941717][T15463] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  257.944885][T15463] SELinux: failed to load policy
[  258.214633][   T55] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  258.366423][   T55] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  258.369536][   T55] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.372597][   T55] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.376958][   T55] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  258.382931][   T55] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  258.385625][   T55] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  258.385797][T15484] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  258.387974][   T55] usb 7-1: Manufacturer: syz
[  258.389201][   T55] usb 7-1: config 0 descriptor??
[  258.496050][T15488] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2632736702 (84247574464 ns) > initial count (45397813568 ns). Using initial count to start timer.
[  258.601165][   T55] hid_parser_main: 5 callbacks suppressed
[  258.601177][   T55] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  258.608966][   T55] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  258.616416][  T838] usb 7-1: USB disconnect, device number 7
[  258.744274][T15520] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  258.747214][T15520] SELinux: failed to load policy
[  258.984096][T15552] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=46 sclass=netlink_audit_socket pid=15552 comm=syz.2.3515
[  258.984118][T15552] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=22 sclass=netlink_audit_socket pid=15552 comm=syz.2.3515
[  259.056511][T15560] 9pnet_virtio: no channels available for device syz
[  259.056951][T15560] 9pnet_virtio: no channels available for device syz
[  259.061690][T15560] 9pnet_virtio: no channels available for device syz
[  259.061865][T15560] 9pnet_virtio: no channels available for device syz
[  259.067243][T15560] 9pnet_virtio: no channels available for device syz
[  259.067475][T15560] 9pnet_virtio: no channels available for device syz
[  259.067644][T15560] 9pnet_virtio: no channels available for device syz
[  259.074238][T15560] 9pnet_virtio: no channels available for device syz
[  259.074409][T15560] 9pnet_virtio: no channels available for device syz
[  259.074573][T15560] 9pnet_virtio: no channels available for device syz
[  259.074746][T15560] 9pnet_virtio: no channels available for device syz
[  259.075004][T15560] 9pnet_virtio: no channels available for device syz
[  259.087046][T15560] 9pnet_virtio: no channels available for device syz
[  259.087227][T15560] 9pnet_virtio: no channels available for device syz
[  259.087395][T15560] 9pnet_virtio: no channels available for device syz
[  259.087569][T15560] 9pnet_virtio: no channels available for device syz
[  259.096468][T15560] 9pnet_virtio: no channels available for device syz
[  259.096644][T15560] 9pnet_virtio: no channels available for device syz
[  259.096810][T15560] 9pnet_virtio: no channels available for device syz
[  259.096980][T15560] 9pnet_virtio: no channels available for device syz
[  259.106931][T15560] 9pnet_virtio: no channels available for device syz
[  259.107106][T15560] 9pnet_virtio: no channels available for device syz
[  259.107273][T15560] 9pnet_virtio: no channels available for device syz
[  259.107460][T15560] 9pnet_virtio: no channels available for device syz
[  259.108061][T15560] 9pnet_virtio: no channels available for device syz
[  259.108231][T15560] 9pnet_virtio: no channels available for device syz
[  259.108425][T15560] 9pnet_virtio: no channels available for device syz
[  259.108596][T15560] 9pnet_virtio: no channels available for device syz
[  259.108771][T15560] 9pnet_virtio: no channels available for device syz
[  259.108943][T15560] 9pnet_virtio: no channels available for device syz
[  259.109117][T15560] 9pnet_virtio: no channels available for device syz
[  259.109299][T15560] 9pnet_virtio: no channels available for device syz
[  259.109464][T15560] 9pnet_virtio: no channels available for device syz
[  259.109632][T15560] 9pnet_virtio: no channels available for device syz
[  259.109795][T15560] 9pnet_virtio: no channels available for device syz
[  259.109970][T15560] 9pnet_virtio: no channels available for device syz
[  259.110137][T15560] 9pnet_virtio: no channels available for device syz
[  259.110313][T15560] 9pnet_virtio: no channels available for device syz
[  259.110491][T15560] 9pnet_virtio: no channels available for device syz
[  259.110656][T15560] 9pnet_virtio: no channels available for device syz
[  259.110843][T15560] 9pnet_virtio: no channels available for device syz
[  259.111072][T15560] 9pnet_virtio: no channels available for device syz
[  259.111254][T15560] 9pnet_virtio: no channels available for device syz
[  259.111418][T15560] 9pnet_virtio: no channels available for device syz
[  259.111587][T15560] 9pnet_virtio: no channels available for device syz
[  259.111769][T15560] 9pnet_virtio: no channels available for device syz
[  259.167973][T15560] 9pnet_virtio: no channels available for device syz
[  259.168143][T15560] 9pnet_virtio: no channels available for device syz
[  259.168320][T15560] 9pnet_virtio: no channels available for device syz
[  259.168484][T15560] 9pnet_virtio: no channels available for device syz
[  259.168672][T15560] 9pnet_virtio: no channels available for device syz
[  259.168837][T15560] 9pnet_virtio: no channels available for device syz
[  259.169028][T15560] 9pnet_virtio: no channels available for device syz
[  259.169212][T15560] 9pnet_virtio: no channels available for device syz
[  259.187001][T15560] 9pnet_virtio: no channels available for device syz
[  259.187175][T15560] 9pnet_virtio: no channels available for device syz
[  259.187339][T15560] 9pnet_virtio: no channels available for device syz
[  259.187546][T15560] 9pnet_virtio: no channels available for device syz
[  259.187727][T15560] 9pnet_virtio: no channels available for device syz
[  259.187895][T15560] 9pnet_virtio: no channels available for device syz
[  259.188065][T15560] 9pnet_virtio: no channels available for device syz
[  259.188231][T15560] 9pnet_virtio: no channels available for device syz
[  259.215296][T15560] 9pnet_virtio: no channels available for device syz
[  259.218129][T15560] 9pnet_virtio: no channels available for device syz
[  259.220575][T15560] 9pnet_virtio: no channels available for device syz
[  259.343255][T15582] sctp: [Deprecated]: syz.1.3519 (pid 15582) Use of struct sctp_assoc_value in delayed_ack socket option.
[  259.343255][T15582] Use struct sctp_sack_info instead
[  259.415197][T15558] cgroup: fork rejected by pids controller in /syz2
[  259.437013][T15595] 9p: Unknown Cache mode or invalid value fscache�(��C
�����3M1;&?��U@��=��e�ϵ�Ɔۯ�R_��p��?f��i�փĘ�+��l���=�	<���V#���Ǻ�۳w��P�\g*!�7�In�1�����<�PJ�_�R2$n_<y鮀�/Q?��/�����	4�f�٫k�}��t
[  259.833485][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  259.833497][   T40] audit: type=1400 audit(524547.761:659): avc:  denied  { map } for  pid=15632 comm="syz.0.3532" path="socket:[58582]" dev="sockfs" ino=58582 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  259.838516][T15635] netlink: 'syz.4.3533': attribute type 21 has an invalid length.
[  259.842451][   T40] audit: type=1400 audit(524547.761:660): avc:  denied  { read accept } for  pid=15632 comm="syz.0.3532" path="socket:[58582]" dev="sockfs" ino=58582 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  259.845966][T15635] netlink: 'syz.4.3533': attribute type 21 has an invalid length.
[  259.998408][T15658] hpfs: hpfs_map_sector(): read error
[  260.256075][T15150] vlan2: left promiscuous mode
[  261.071001][   T40] audit: type=1400 audit(524549.000:661): avc:  denied  { read } for  pid=15665 comm="syz.0.3544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  261.357141][   T40] audit: type=1400 audit(524549.290:662): avc:  denied  { map } for  pid=15702 comm="syz.0.3557" path="/dev/video4" dev="devtmpfs" ino=961 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  261.383788][T15704] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  261.386831][T15704] overlayfs: missing 'lowerdir'
[  261.398307][   T40] audit: type=1800 audit(524549.330:663): pid=15704 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.3557" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  261.408091][T15708] netlink: 'syz.4.3560': attribute type 83 has an invalid length.
[  261.414253][T15708] trusted_key: encrypted_key: insufficient parameters specified
[  261.856332][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  261.975219][T15752] __nla_validate_parse: 15 callbacks suppressed
[  261.975231][T15752] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3576'.
[  262.062637][T15690] orangefs_mount: mount request failed with -4
[  262.072362][T15756] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  262.133739][T15760] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3579'.
[  262.147705][T15760] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3579'.
[  262.355699][T15764] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3581'.
[  262.363104][T15765] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3581'.
[  262.500066][T15767] kvm: pic: non byte write
[  262.739773][T15779] tipc: Started in network mode
[  262.741479][T15779] tipc: Node identity ac1414aa, cluster identity 4711
[  262.744396][T15779] tipc: Enabled bearer <udp:s>, priority 10
[  262.853380][T15790] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  262.954400][T15793] kvm_intel: kvm [15791]: vcpu1024, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xba
[  263.001605][T15798] loop5: detected capacity change from 0 to 7
[  263.005093][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.008298][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.011338][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.014447][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.017918][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.021146][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.025020][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.028238][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.031026][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.034191][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.038200][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.042060][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.045660][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.049746][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.053694][T15798] ldm_validate_partition_table(): Disk read failed.
[  263.056857][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.060077][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.064042][    C2] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.067736][    C2] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.070566][    C3] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  263.073478][    C3] Buffer I/O error on dev loop5, logical block 0, async page read
[  263.076112][T15798] Dev loop5: unable to read RDB block 0
[  263.078817][T15798]  loop5: unable to read partition table
[  263.080883][T15798] loop5: partition table beyond EOD, truncated
[  263.082856][T15798] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  263.120208][T15805] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3594'.
[  263.137293][T15805] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3594'.
[  263.231482][   T40] audit: type=1400 audit(524551.159:664): avc:  denied  { read } for  pid=15806 comm="syz.4.3595" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  263.241489][   T40] audit: type=1400 audit(524551.159:665): avc:  denied  { open } for  pid=15806 comm="syz.4.3595" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  263.283667][   T40] audit: type=1400 audit(524551.209:666): avc:  denied  { ioctl } for  pid=15806 comm="syz.4.3595" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  263.449682][T15812] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  263.503188][T15821] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  263.713119][T15836] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3607'.
[  263.801874][T15837] could not allocate digest TFM handle cryptd(blake2b-160)
[  263.877126][T12598] tipc: Node number set to 2886997162
[  263.967481][ T1473] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  264.082716][T15877] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3616'.
[  264.108107][T15883] netlink: 'syz.1.3618': attribute type 2 has an invalid length.
[  264.112362][T15880] kvm: user requested TSC rate below hardware speed
[  264.130163][ T1473] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  264.132944][ T1473] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  264.136142][ T1473] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  264.139682][ T1473] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  264.143148][ T1473] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  264.149737][ T1473] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  264.152637][ T1473] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  264.155138][ T1473] usb 7-1: Product: syz
[  264.156473][ T1473] usb 7-1: Manufacturer: syz
[  264.161500][ T1473] cdc_wdm 7-1:1.0: skipping garbage
[  264.163219][ T1473] cdc_wdm 7-1:1.0: skipping garbage
[  264.167597][ T1473] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  264.169522][ T1473] cdc_wdm 7-1:1.0: Unknown control protocol
[  264.250963][T15889] netlink: 'syz.1.3620': attribute type 1 has an invalid length.
[  264.264869][T15889] bond3: entered promiscuous mode
[  264.266799][T15889] 8021q: adding VLAN 0 to HW filter on device bond3
[  264.282150][T15889] bond3: (slave bridge5): making interface the new active one
[  264.284613][T15889] bridge5: entered promiscuous mode
[  264.287210][T15889] bond3: (slave bridge5): Enslaving as an active interface with an up link
[  264.331432][T15895] bond4: ARP target 4.0.0.0 is already present
[  264.333556][T15895] bond4: option arp_ip_target: invalid value (4)
[  264.336933][T15895] bond4 (unregistering): Released all slaves
[  264.371312][  T838] usb 7-1: USB disconnect, device number 8
[  264.468369][T15905] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.3625'.
[  264.580859][T15921] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=59 sclass=netlink_tcpdiag_socket pid=15921 comm=syz.0.3631
[  264.585198][T15921] netlink: 'syz.0.3631': attribute type 142 has an invalid length.
[  264.630305][T15931] pim6reg9: entered allmulticast mode
[  264.673599][T15937] tmpfs: Unknown parameter ''
[  264.678850][T15939] 9pnet_virtio: no channels available for device syz
[  264.710849][   T40] audit: type=1400 audit(524552.638:667): avc:  denied  { connect } for  pid=15941 comm="syz.4.3639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  264.785950][T15949] program syz.4.3641 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  264.852400][T15957] Invalid source name
[  264.853811][T15957] UBIFS error (pid: 15957): cannot open "/dev/sg0", error -22
[  264.922103][T15963] bond3: Invalid ad_actor_system MAC address.
[  264.926623][T15963] bond3: option ad_actor_system: invalid value (255)
[  264.930364][T15963] bond3 (unregistering): Released all slaves
[  264.964229][T15967] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15967 comm=syz.4.3644
[  265.718519][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  266.269218][T15984] netlink: 'syz.2.3651': attribute type 18 has an invalid length.
[  266.273250][T15984] netlink: 'syz.2.3651': attribute type 18 has an invalid length.
[  266.348389][T15984] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  266.351646][T15984] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  266.427742][T16002] vivid-000: =================  START STATUS  =================
[  266.434691][T16002] vivid-000: Test Pattern: 75% Colorbar
[  266.437215][T16002] vivid-000: Fill Percentage of Frame: 100
[  266.440898][T16002] vivid-000: Horizontal Movement: No Movement
[  266.442834][T16002] vivid-000: Vertical Movement: No Movement
[  266.444711][T16002] vivid-000: OSD Text Mode: All
[  266.446473][T16002] vivid-000: Show Border: false
[  266.449225][T16002] vivid-000: Show Square: false
[  266.450826][T16002] vivid-000: Sensor Flipped Horizontally: false
[  266.452746][T16002] vivid-000: Sensor Flipped Vertically: false
[  266.454624][T16002] vivid-000: Insert SAV Code in Image: false
[  266.456690][T16002] vivid-000: Insert EAV Code in Image: false
[  266.459836][T16002] vivid-000: Insert Video Guard Band: false
[  266.461787][T16002] vivid-000: Reduced Framerate: false
[  266.463503][T16002] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  266.466826][T16002] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  266.477773][T16002] vivid-000: Enable Capture Cropping: true
[  266.479980][T16002] vivid-000: Enable Capture Composing: true
[  266.481861][T16002] vivid-000: Enable Capture Scaler: true
[  266.483638][T16002] vivid-000: Timestamp Source: End of Frame
[  266.485549][T16002] vivid-000: Colorspace: SMPTE 170M
[  266.485584][T16002] vivid-000: Transfer Function: Default
[  266.485596][T16002] vivid-000: Y'CbCr Encoding: Default
[  266.485609][T16002] vivid-000: HSV Encoding: Hue 0-179
[  266.491001][T16002] vivid-000: Quantization: Default
[  266.491016][T16002] vivid-000: Apply Alpha To Red Only: false
[  266.491028][T16002] vivid-000: Standard Aspect Ratio: 4x3
[  266.491041][T16002] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  266.491057][T16002] vivid-000: DV Timings: 640x480p59 inactive
[  266.491075][T16002] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  266.491089][T16002] vivid-000: Maximum EDID Blocks: 2
[  266.491102][T16002] vivid-000: Limited RGB Range (16-235): true
[  266.491114][T16002] vivid-000: Rx RGB Quantization Range: Automatic
[  266.491126][T16002] vivid-000: Power Present: 0x00000001
[  266.491139][T16002] tpg source WxH: 720x576 (R'G'B)
[  266.491264][T16002] tpg field: 4
[  266.491269][T16002] tpg crop: (0,8)/16x16
[  266.491277][T16002] tpg compose: (0,0)/16x9
[  266.491285][T16002] tpg colorspace: 1
[  266.491290][T16002] tpg transfer function: 0/0
[  266.491296][T16002] tpg quantization: 0/0
[  266.491302][T16002] tpg RGB range: 0/1
[  266.525554][T16002] vivid-000: ==================  END STATUS  ==================
[  266.552687][   T40] audit: type=1400 audit(524554.477:668): avc:  denied  { create } for  pid=16015 comm="syz.4.3662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=decnet_socket permissive=1
[  267.476952][   T40] audit: type=1400 audit(524555.367:669): avc:  denied  { setattr } for  pid=16027 comm="syz.4.3665" name="nbd4" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  267.699272][T16036] __nla_validate_parse: 6 callbacks suppressed
[  267.699284][T16036] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3667'.
[  267.804300][T16042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.816728][T16042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.039212][   T54] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  268.191054][   T54] usb 9-1: config 0 has an invalid interface number: 8 but max is 0
[  268.193598][   T54] usb 9-1: config 0 has no interface number 0
[  268.195699][   T54] usb 9-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  268.199917][   T54] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  268.203371][   T54] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  268.208220][   T54] usb 9-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  268.211423][   T54] usb 9-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  268.213958][   T54] usb 9-1: Product: syz
[  268.215302][   T54] usb 9-1: SerialNumber: syz
[  268.218180][   T54] usb 9-1: config 0 descriptor??
[  268.221764][   T54] cm109 9-1:0.8: invalid payload size 0, expected 4
[  268.225015][   T54] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.8/input/input26
[  268.431335][   T40] audit: type=1400 audit(524556.356:670): avc:  denied  { write } for  pid=16038 comm="syz.4.3668" name="file0" dev="tmpfs" ino=1276 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  268.431601][   T40] audit: type=1400 audit(524556.356:671): avc:  denied  { open } for  pid=16038 comm="syz.4.3668" path="/238/file0" dev="tmpfs" ino=1276 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  268.435842][T16043] overlay: ./file0 is not a directory
[  268.449188][   T40] audit: type=1400 audit(524556.356:672): avc:  denied  { ioctl } for  pid=16038 comm="syz.4.3668" path="/238/file0" dev="tmpfs" ino=1276 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  268.464686][    C2] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71
[  268.464869][T12013] usb 9-1: USB disconnect, device number 6
[  268.466958][    C2] cm109 9-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  268.474237][T12013] cm109 9-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  268.669573][T16057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3674'.
[  268.684569][T16057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3674'.
[  268.765801][T16068] openvswitch: netlink: Flow actions attr not present in new flow.
[  268.787196][T16064] input: syz1 as /devices/virtual/input/input27
[  268.837592][T16077] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  268.883598][   T40] audit: type=1400 audit(524556.806:673): avc:  denied  { write } for  pid=16082 comm="syz.1.3686" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  269.007658][T16092] netlink: 'syz.4.3690': attribute type 1 has an invalid length.
[  269.011757][T16092] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3690'.
[  269.051384][T16099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3692'.
[  269.070695][T16099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3692'.
[  269.179708][   T53] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  269.341434][   T53] usb 7-1: config 0 has no interfaces?
[  269.343789][   T53] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  269.347965][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.352773][   T53] usb 7-1: config 0 descriptor??
[  269.555312][T16125] /dev/sr0: Can't open blockdev
[  269.560857][T16088] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3688'.
[  269.561615][ T5948] Bluetooth: hci2: unexpected event for opcode 0x2042
[  269.565281][T16088] 9pnet_virtio: no channels available for device syz
[  269.573152][T16088] F2FS-fs (nbd2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  269.576599][T16088] F2FS-fs (nbd2): Can't find valid F2FS filesystem in 1th superblock
[  269.582183][T16088] F2FS-fs (nbd2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  269.585303][T16088] F2FS-fs (nbd2): Can't find valid F2FS filesystem in 2th superblock
[  269.592582][ T5948] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  269.593629][   T55] usb 7-1: USB disconnect, device number 9
[  269.664163][T16134] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3704'.
[  269.807714][   T40] audit: type=1400 audit(524557.726:674): avc:  denied  { map } for  pid=16141 comm="syz.1.3707" path="/dev/nvme-fabrics" dev="devtmpfs" ino=714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  269.875749][T16146] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16146 comm=syz.1.3709
[  269.917286][T16148] netlink: zone id is out of range
[  269.919075][T16148] netlink: zone id is out of range
[  269.921002][T16148] netlink: zone id is out of range
[  269.922608][T16150] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3711'.
[  269.925737][T16148] netlink: zone id is out of range
[  269.927568][T16148] netlink: zone id is out of range
[  269.929413][T16148] netlink: zone id is out of range
[  269.931355][T16148] netlink: zone id is out of range
[  269.946110][T16150] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  270.122715][T16162] input: syz1 as /devices/virtual/input/input28
[  270.197222][T16159] md: could not open device unknown-block(0,0).
[  270.199797][   T40] audit: type=1400 audit(524558.116:675): avc:  denied  { remount } for  pid=16160 comm="syz.1.3715" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  270.201014][T16159] md: md_import_device returned -6
[  270.256562][T16171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3718'.
[  270.283607][T16173] binder: BINDER_SET_CONTEXT_MGR already set
[  270.285472][T16173] binder: 16172:16173 ioctl 4018620d 200000000100 returned -16
[  270.334274][T16173] 8021q: VLANs not supported on ip6_vti0
[  270.423869][T16176] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  270.656092][T16202] macsec0: entered promiscuous mode
[  270.658338][T16202] macsec0: entered allmulticast mode
[  270.665872][T16204] syzkaller0: entered promiscuous mode
[  270.844266][   T40] audit: type=1400 audit(524558.765:676): avc:  denied  { connect } for  pid=16212 comm="syz.1.3734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  270.846811][T16215] vlan3: entered promiscuous mode
[  270.855345][T16215] bridge0: entered promiscuous mode
[  270.857822][T16217] netlink: 'syz.4.3733': attribute type 12 has an invalid length.
[  270.873218][T16215] bond3: entered promiscuous mode
[  270.875286][T16215] 8021q: adding VLAN 0 to HW filter on device bond3
[  270.894563][T16215] bond3: (slave sit2): refused to change device type
[  271.323802][T16250] overlayfs: missing 'workdir'
[  272.774310][T16278] __nla_validate_parse: 10 callbacks suppressed
[  272.774322][T16278] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3754'.
[  273.623350][ T5948] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  273.627708][ T5948] Bluetooth: hci2: Injecting HCI hardware error event
[  273.632203][ T5953] Bluetooth: hci2: hardware error 0x00
[  274.009241][   T40] audit: type=1404 audit(524561.924:677): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  274.034609][   T40] audit: type=1400 audit(524561.944:678): avc:  denied  { read write } for  pid=12621 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  274.042547][   T40] audit: type=1400 audit(524561.954:679): avc:  denied  { create } for  pid=16306 comm="syz.0.3767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  274.050034][   T40] audit: type=1400 audit(524561.964:680): avc:  denied  { write } for  pid=16302 comm="syz.2.3766" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  274.056306][   T40] audit: type=1400 audit(524561.964:681): avc:  denied  { read write } for  pid=12621 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  274.063642][   T40] audit: type=1400 audit(524561.984:682): avc:  denied  { create } for  pid=16309 comm="syz.0.3768" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  274.073442][   T40] audit: type=1400 audit(524561.994:683): avc:  denied  { read write } for  pid=12621 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  274.085382][   T40] audit: type=1400 audit(524562.004:684): avc:  denied  { create } for  pid=16312 comm="syz.0.3769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  274.103573][   T40] audit: type=1400 audit(524562.024:685): avc:  denied  { read write } for  pid=12621 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  274.119005][   T40] audit: type=1400 audit(524562.034:686): avc:  denied  { read } for  pid=16314 comm="syz.0.3770" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  274.417181][T16363] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3787'.
[  274.421045][T16363] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3787'.
[  274.426096][T16366] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3789'.
[  274.505935][T16382] bond3: option downdelay: invalid value (18446744073709551615)
[  274.508467][T16382] bond3: option downdelay: allowed values 0 - 2147483647
[  274.513010][T16382] bond3 (unregistering): Released all slaves
[  274.545653][T16389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3795'.
[  274.751243][T16417] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1281 sclass=netlink_route_socket pid=16417 comm=syz.1.3808
[  274.940079][T16436] net_ratelimit: 49 callbacks suppressed
[  274.940094][T16436] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  275.016017][T16426] syz.0.3811 (16426): drop_caches: 2
[  275.069599][T16443] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3817'.
[  275.606737][T16492] netlink: 'syz.4.3839': attribute type 15 has an invalid length.
[  275.713267][ T5953] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  276.728916][T15198] bridge_slave_1: left allmulticast mode
[  276.730773][T15198] bridge_slave_1: left promiscuous mode
[  276.732653][T15198] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.736858][T15198] bridge_slave_0: left allmulticast mode
[  276.738795][T15198] bridge_slave_0: left promiscuous mode
[  276.740676][T15198] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.666950][T15198] 
 (unregistering): (slave bond_slave_0): Releasing backup interface
[  277.672644][T15198] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.677990][T15198] 
 (unregistering): Released all slaves
[  277.686938][T15198] bond1 (unregistering): Released all slaves
[  277.698975][T15198] bond0 (unregistering): Released all slaves
[  277.707330][T15198] bond2 (unregistering): Released all slaves
[  278.006908][T15198] hsr_slave_0: left promiscuous mode
[  278.009154][T15198] hsr_slave_1: left promiscuous mode
[  278.011283][T15198] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.014051][T15198] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.231673][T15198] team0 (unregistering): Port device team_slave_1 removed
[  278.258487][T15198] team0 (unregistering): Port device team_slave_0 removed
[  278.504215][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  278.782856][T15198] IPVS: stop unused estimator thread 0...
[  291.311649][    C3] ------------[ cut here ]------------
[  291.314448][    C3] ODEBUG: free active (active state 0) object: ffff8880542e9c90 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150
[  291.319989][    C3] WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0, CPU#3: swapper/3/0
[  291.323998][    C3] Modules linked in:
[  291.326064][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  291.330441][    C3] Tainted: [L]=SOFTLOCKUP
[  291.332315][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.336760][    C3] RIP: 0010:debug_print_object+0x19b/0x2a0
[  291.339304][    C3] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d e2 12 dd 0b 41 56 48 8b 14 dd 60 c4 f2 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 dc c3 d3 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  291.347125][    C3] RSP: 0018:ffffc900006f8a08 EFLAGS: 00010246
[  291.349672][    C3] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  291.353062][    C3] RDX: ffffffff8bf2c3a0 RSI: ffffffff8bf2bf80 RDI: ffffffff90924d70
[  291.356425][    C3] RBP: 0000000000000001 R08: ffff8880542e9c90 R09: ffffffff8b906c80
[  291.359502][    C3] R10: ffffffff9088cdd7 R11: ffff88801ded8b30 R12: ffffffff8bf2bf80
[  291.362440][    C3] R13: ffffffff8b906cc0 R14: ffffffff8a6431a0 R15: ffffc900006f8b08
[  291.365488][    C3] FS:  0000000000000000(0000) GS:ffff8880d6bf1000(0000) knlGS:0000000000000000
[  291.368243][    C3] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  291.370362][    C3] CR2: 000020000005f000 CR3: 000000000e184000 CR4: 0000000000352ef0
[  291.373096][    C3] Call Trace:
[  291.374556][    C3]  <IRQ>
[  291.375835][    C3]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  291.377876][    C3]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  291.379770][    C3]  debug_check_no_obj_freed+0x4b7/0x600
[  291.381572][    C3]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  291.383930][    C3]  ? mark_held_locks+0x49/0x80
[  291.385811][    C3]  ? kasan_quarantine_put+0x10a/0x240
[  291.387792][    C3]  ? lockdep_hardirqs_on+0x7c/0x110
[  291.389513][    C3]  kfree+0x2d1/0x6e0
[  291.390851][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  291.392584][    C3]  ? rose_timer_expiry+0x53f/0x630
[  291.394217][    C3]  ? rose_timer_expiry+0x53f/0x630
[  291.396015][    C3]  rose_timer_expiry+0x53f/0x630
[  291.398026][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.400335][    C3]  call_timer_fn+0x19a/0x5a0
[  291.402243][    C3]  ? __pfx_call_timer_fn+0x10/0x10
[  291.404418][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.406705][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.408589][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.410388][    C3]  ? rcu_is_watching+0x12/0xc0
[  291.412413][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.414668][    C3]  __run_timers+0x74a/0xae0
[  291.416596][    C3]  ? __pfx___run_timers+0x10/0x10
[  291.418719][    C3]  run_timer_base+0x114/0x190
[  291.420725][    C3]  ? __pfx_run_timer_base+0x10/0x10
[  291.422894][    C3]  ? rcu_is_watching+0x12/0xc0
[  291.424692][    C3]  run_timer_softirq+0x1a/0x40
[  291.426472][    C3]  handle_softirqs+0x219/0x950
[  291.428667][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  291.431084][    C3]  __irq_exit_rcu+0x109/0x170
[  291.433109][    C3]  irq_exit_rcu+0x9/0x30
[  291.435062][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  291.437658][    C3]  </IRQ>
[  291.439076][    C3]  <TASK>
[  291.440500][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  291.443159][    C3] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  291.445636][    C3] Code: 16 5f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 13 89 11 00 fb f4 <e9> 4c 33 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  291.453924][    C3] RSP: 0018:ffffc90000197de8 EFLAGS: 00000286
[  291.456599][    C3] RAX: 00000000001fb4c5 RBX: 0000000000000003 RCX: ffffffff8b78d6d9
[  291.460078][    C3] RDX: 0000000000000000 RSI: ffffffff8dacf424 RDI: ffffffff8bf2b300
[  291.463419][    C3] RBP: ffffed1003bdb000 R08: 0000000000000001 R09: ffffed100d4e673d
[  291.466719][    C3] R10: ffff88806a7339eb R11: ffff88801ded8b30 R12: 0000000000000003
[  291.470099][    C3] R13: ffff88801ded8000 R14: ffffffff9088cdd0 R15: 0000000000000000
[  291.473514][    C3]  ? ct_kernel_exit+0x139/0x190
[  291.475645][    C3]  default_idle+0x13/0x20
[  291.477486][    C3]  default_idle_call+0x6c/0xb0
[  291.479533][    C3]  do_idle+0x38d/0x510
[  291.481355][    C3]  ? __pfx_do_idle+0x10/0x10
[  291.483324][    C3]  cpu_startup_entry+0x4f/0x60
[  291.484927][    C3]  start_secondary+0x21d/0x2d0
[  291.486486][    C3]  ? __pfx_start_secondary+0x10/0x10
[  291.488189][    C3]  common_startup_64+0x13e/0x148
[  291.489800][    C3]  </TASK>
[  291.490908][    C3] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  291.493242][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  291.496527][    C3] Tainted: [L]=SOFTLOCKUP
[  291.497900][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.501340][    C3] Call Trace:
[  291.502423][    C3]  <IRQ>
[  291.503366][    C3]  dump_stack_lvl+0x3d/0x1f0
[  291.504847][    C3]  vpanic+0x640/0x6f0
[  291.506134][    C3]  ? debug_print_object+0x18e/0x2a0
[  291.507840][    C3]  panic+0xca/0xd0
[  291.509101][    C3]  ? __pfx_panic+0x10/0x10
[  291.510706][    C3]  ? check_panic_on_warn+0x1f/0xb0
[  291.512341][    C3]  check_panic_on_warn+0xab/0xb0
[  291.513927][    C3]  __warn+0x108/0x3c0
[  291.515234][    C3]  __report_bug+0x2a0/0x520
[  291.516688][    C3]  ? debug_print_object+0x18e/0x2a0
[  291.518343][    C3]  ? __pfx___report_bug+0x10/0x10
[  291.519979][    C3]  ? stack_trace_save+0x8e/0xc0
[  291.521523][    C3]  report_bug_entry+0xe1/0x290
[  291.523077][    C3]  ? debug_print_object+0x19b/0x2a0
[  291.524737][    C3]  handle_bug+0x18a/0x260
[  291.526125][    C3]  exc_invalid_op+0x17/0x50
[  291.527588][    C3]  asm_exc_invalid_op+0x1a/0x20
[  291.529159][    C3] RIP: 0010:debug_print_object+0x19b/0x2a0
[  291.531026][    C3] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d e2 12 dd 0b 41 56 48 8b 14 dd 60 c4 f2 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 dc c3 d3 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  291.537070][    C3] RSP: 0018:ffffc900006f8a08 EFLAGS: 00010246
[  291.539033][    C3] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  291.541516][    C3] RDX: ffffffff8bf2c3a0 RSI: ffffffff8bf2bf80 RDI: ffffffff90924d70
[  291.544041][    C3] RBP: 0000000000000001 R08: ffff8880542e9c90 R09: ffffffff8b906c80
[  291.546882][    C3] R10: ffffffff9088cdd7 R11: ffff88801ded8b30 R12: ffffffff8bf2bf80
[  291.549459][    C3] R13: ffffffff8b906cc0 R14: ffffffff8a6431a0 R15: ffffc900006f8b08
[  291.551991][    C3]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  291.553800][    C3]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  291.555601][    C3]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  291.557592][    C3]  debug_check_no_obj_freed+0x4b7/0x600
[  291.559431][    C3]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  291.561375][    C3]  ? mark_held_locks+0x49/0x80
[  291.562930][    C3]  ? kasan_quarantine_put+0x10a/0x240
[  291.564636][    C3]  ? lockdep_hardirqs_on+0x7c/0x110
[  291.566302][    C3]  kfree+0x2d1/0x6e0
[  291.567583][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  291.569305][    C3]  ? rose_timer_expiry+0x53f/0x630
[  291.570922][    C3]  ? rose_timer_expiry+0x53f/0x630
[  291.572548][    C3]  rose_timer_expiry+0x53f/0x630
[  291.574276][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.576413][    C3]  call_timer_fn+0x19a/0x5a0
[  291.578452][    C3]  ? __pfx_call_timer_fn+0x10/0x10
[  291.580722][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.583106][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.585469][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.587862][    C3]  ? rcu_is_watching+0x12/0xc0
[  291.589976][    C3]  ? __pfx_rose_timer_expiry+0x10/0x10
[  291.592374][    C3]  __run_timers+0x74a/0xae0
[  291.594380][    C3]  ? __pfx___run_timers+0x10/0x10
[  291.596738][    C3]  run_timer_base+0x114/0x190
[  291.598305][    C3]  ? __pfx_run_timer_base+0x10/0x10
[  291.599996][    C3]  ? rcu_is_watching+0x12/0xc0
[  291.601526][    C3]  run_timer_softirq+0x1a/0x40
[  291.603077][    C3]  handle_softirqs+0x219/0x950
[  291.604607][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  291.606297][    C3]  __irq_exit_rcu+0x109/0x170
[  291.607815][    C3]  irq_exit_rcu+0x9/0x30
[  291.609467][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  291.611309][    C3]  </IRQ>
[  291.612266][    C3]  <TASK>
[  291.613226][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  291.615105][    C3] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  291.616881][    C3] Code: 16 5f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 13 89 11 00 fb f4 <e9> 4c 33 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  291.623057][    C3] RSP: 0018:ffffc90000197de8 EFLAGS: 00000286
[  291.624989][    C3] RAX: 00000000001fb4c5 RBX: 0000000000000003 RCX: ffffffff8b78d6d9
[  291.627715][    C3] RDX: 0000000000000000 RSI: ffffffff8dacf424 RDI: ffffffff8bf2b300
[  291.630198][    C3] RBP: ffffed1003bdb000 R08: 0000000000000001 R09: ffffed100d4e673d
[  291.632702][    C3] R10: ffff88806a7339eb R11: ffff88801ded8b30 R12: 0000000000000003
[  291.635190][    C3] R13: ffff88801ded8000 R14: ffffffff9088cdd0 R15: 0000000000000000
[  291.637664][    C3]  ? ct_kernel_exit+0x139/0x190
[  291.639233][    C3]  default_idle+0x13/0x20
[  291.640582][    C3]  default_idle_call+0x6c/0xb0
[  291.642116][    C3]  do_idle+0x38d/0x510
[  291.643584][    C3]  ? __pfx_do_idle+0x10/0x10
[  291.645118][    C3]  cpu_startup_entry+0x4f/0x60
[  291.646662][    C3]  start_secondary+0x21d/0x2d0
[  291.648190][    C3]  ? __pfx_start_secondary+0x10/0x10
[  291.649897][    C3]  common_startup_64+0x13e/0x148
[  291.651502][    C3]  </TASK>
[  291.653245][    C3] Kernel Offset: disabled
[  291.654648][    C3] Rebooting in 86400 seconds..