last executing test programs:

1.327198539s ago: executing program 3 (id=267):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0xc5, 0x4, 0x40, "71be4b", 0x70c, 0x3}]}}}, 0x13)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCUDMATCHLEN(r0, 0x89e7, &(0x7f0000000440)={0x4b})
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$9p_virtio(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000080), 0x42, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=v'])
syz_usb_connect$midi(0x2, 0x31, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002000000084409010240000102030109021f0001010200050904000001010330fe09051203080029060804250100bb2fad8c72ab3eb3971eb89089963d9bc85eee"], &(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x0})

1.327096747s ago: executing program 1 (id=268):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3) (async)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x17, 0x56, 0xd23}, 0x18}}, 0x0) (async)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000200)={{{@in=@multicast1, @in=@empty}}, {{@in=@loopback}, 0x0, @in6=@private2}}, &(0x7f0000000300)=0xe8)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/comedi4\x00', 0x400, 0x0)
ioctl$COMEDI_LOCK(r4, 0x6405) (async)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f00000000c0)="bad004b81b59ef0f009e0d0066b9270200000f320fc75806660f38802c34462e0f01cf4d80ac060008baf80c66b8bc6e928666efbafc0c66ed", 0x39}], 0x1, 0x14, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.217120135s ago: executing program 1 (id=269):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x0)
ioctl$I2C_PEC(r0, 0x708, 0x40)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f0000000340)={0x1, 0x0, [{0xda0, 0x0, 0xffffffffbffffffd}]})
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f00000002c0)={0x1, 0x7, 0x8, &(0x7f0000000180)={0x5, "1d27f0db2e1f25eff995475188afe0ebe9bab69516a5e88a718dca33021b22b650"}})

1.149868015s ago: executing program 2 (id=270):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x1c3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000030000000000000000000000950000000000000079f5b7fd11442a56715dad06bbba942f32f295ca1a596fc58e1322fe7865d0cf64940f0968651ac9f93cf4427a55e77f89fe0d50f238055e9cc9f6d614f9547ea2c95c588bd1bfa15926abcea3c1ddbcf0a18580cb9c4e"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r1, r3, 0x25, 0x4, @val=@tcx={@void, @value=r1}}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r5=>0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@getae={0x40, 0x1f, 0x1, 0x70bd27, 0x25dfdbfe, {{@in6=@remote, 0x4d6, 0x2, 0x6c}, @in=@loopback, 0x2, 0x3500}}, 0x40}, 0x1, 0x0, 0x0, 0x5}, 0x40040)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000000)={0xd2f0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x1fffffd, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x7, 0xa}, {0xfff3}}}, 0x59}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)={0x20, 0x43, 0x107, 0x70bd25, 0x25dfdbfc, {0x2, 0x7c}, [@nested={0x4, 0x145}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x1c}]}]}, 0x20}}, 0xc000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x1c3) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000030000000000000000000000950000000000000079f5b7fd11442a56715dad06bbba942f32f295ca1a596fc58e1322fe7865d0cf64940f0968651ac9f93cf4427a55e77f89fe0d50f238055e9cc9f6d614f9547ea2c95c588bd1bfa15926abcea3c1ddbcf0a18580cb9c4e"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00'}) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r1, r3, 0x25, 0x4, @val=@tcx={@void, @value=r1}}, 0x1c) (async)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[], 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@getae={0x40, 0x1f, 0x1, 0x70bd27, 0x25dfdbfe, {{@in6=@remote, 0x4d6, 0x2, 0x6c}, @in=@loopback, 0x2, 0x3500}}, 0x40}, 0x1, 0x0, 0x0, 0x5}, 0x40040) (async)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000000)={0xd2f0}) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x1fffffd, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x7, 0xa}, {0xfff3}}}, 0x59}}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)={0x20, 0x43, 0x107, 0x70bd25, 0x25dfdbfc, {0x2, 0x7c}, [@nested={0x4, 0x145}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x1c}]}]}, 0x20}}, 0xc000) (async)

1.059824228s ago: executing program 1 (id=271):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x390, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xc8, 0x128, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x10000007}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'tunl0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x168, 0x1d0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0, 0xf4}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r4, 0x4610, &(0x7f00000000c0)={0x1})
ioctl$FBIOPUT_CON2FBMAP(r4, 0x4610, &(0x7f0000000000)={0x1, 0x1})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r5)
sendmsg$IEEE802154_LIST_IFACE(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)={0x20, r6, 0x1, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x24000000)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
ioctl$SNDRV_PCM_IOCTL_READI_FRAMES(0xffffffffffffffff, 0x80184151, &(0x7f00000001c0)={0x0, &(0x7f0000000140)="44bcd8f4bd14dc910848d2b209f44d8fe74fb88bdb91ad3d8250315e3b157f8b16b2f7a087e71a7c55673aeb21cf86623af24b3a5c5717366af30bdbf9a620a1ec89", 0x42})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x54, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20, 0x34080}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x28}}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x5}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x54}}, 0x804)
ioctl$FBIOPUT_CON2FBMAP(r4, 0x4610, &(0x7f00000002c0)={0x13, 0x2})

960.514461ms ago: executing program 2 (id=272):
r0 = socket$inet(0x2, 0x1, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) (async, rerun: 32)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) (rerun: 32)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0xc, &(0x7f00000013c0)=ANY=[@ANYBLOB="180200001000000000000000000000001801000020696c2500000000002020207b2af8ff00000000bfa100000000000007010000f8ffffffb702000008000040b7030000000000008500000006000000870000000000000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0xd2, &(0x7f0000000140)=""/210}, 0x90) (async)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000280)='bridge0\x00', 0x10) (async)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)={0x5, [0x2a7, 0xffff, 0x2b, 0x6, 0x3]}, &(0x7f00000000c0)=0xe)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10) (async)
r2 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup, r1, 0x5, 0x2000, 0x0, @value=r2}, 0x20) (async)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

958.864857ms ago: executing program 2 (id=274):
openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
tkill(r0, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), &(0x7f00000002c0)=""/187}, 0x20) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r4) (rerun: 32)
sendmsg$IEEE802154_ADD_IFACE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000fcdbdf252100000009001f00706879320000000005002000000000000a0001"], 0x34}, 0x1, 0x0, 0x0, 0x20000080}, 0x4000000)

797.955342ms ago: executing program 1 (id=276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_ONE_REG(r2, 0x4048aecb, &(0x7f0000000040)=@riscv64_sbi_sta={0x803000000a000001, 0x0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0xf, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = request_key(&(0x7f00000002c0)='ceph\x00', &(0x7f0000000900)={'syz', 0x0}, &(0x7f0000000440)='l\x038\xa3\xd9n\x9fq\x13\x1b\xb6CI7JA\x9a_\x01\f\xc1\xedi6V4\xef~*m\x1d-\xd1P\x94\xa9>\x05\x96~c&\x1bB\r\xf6O8\xf2{\xbdJ\x05o;\xcb\xe1\xe8 \xb4\xfe\xd1\xdd\x0e8;\x95W\x9e~1\x06\x00\x00\x00\x9b\xa6\x03\xa4\xec\xda\xf2\x02\xb7U\xb9N\xdeN#\xa4%\xf3P\xdb\xff2\xc7a\xad\xbc\x1a\xe4\xc7E`\xb4o\x9f\xe2\x85\xff\xc5\x83b\xf1\a\xeaM\x06m\x1c\x7f\xe1\xfc\x00\x00\x00\x00\x00\x00', 0x0)
request_key(&(0x7f00000005c0)='user\x00', &(0x7f0000000680)={'syz', 0x0}, 0x0, r4)
futex(&(0x7f0000000040)=0x1, 0x8, 0x1, 0x0, 0x0, 0x1)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x0, 0x0, 0x5e, 0x200000000000, 0x100000000000006})
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f00000001c0)={@host, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r5, 0x7a4, &(0x7f0000000540)={{@local, 0x2}, 0x0, 0x3, 0xfffffffd, 0x40})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r7 = ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece)
r8 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441)
ioctl$CEC_S_MODE(r8, 0x40046109, &(0x7f0000000100)=0x22)
r9 = syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x20000)
ioctl$CEC_S_MODE(r9, 0x40046109, &(0x7f0000000240)=0x82)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000100)={0xa, 0x4e20, 0x4, @mcast2, 0x200}, 0x1c)
listen(r10, 0x2)

638.221419ms ago: executing program 1 (id=279):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap$dsp(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4, 0x100010, r1, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000140)="67650f79841e5400000066b8010000000f01d966b80c0000000f23c80f21f86635040020000f23f86582040fbad004b80000ef3e7503b892000f00d866b80500000066b9000000000f01c10f01cfbaf80c66b8cce3448d66efbafc0cec", 0x5d}], 0x1, 0x14, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r3, &(0x7f0000002540)={0x2020}, 0x2020)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x304fd171, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2}, 0x50)
fcntl$setflags(r4, 0x2, 0x1)
write$RDMA_USER_CM_CMD_GET_EVENT(r3, &(0x7f0000000400)={0xc, 0x8, 0xfa00, {&(0x7f0000000280)}}, 0x10)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

583.228398ms ago: executing program 2 (id=282):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}, [@ldst={0x6, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0xffffff33}, 0x48)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="20000000161411"], 0x20}}, 0x0)
ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000080)={0x1, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x10005, 0x804, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffc}, 0x48)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
r2 = socket(0x2, 0x2, 0x1)
bind$unix(r2, &(0x7f0000000000)=@abs, 0x6e)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x123f41, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
write$binfmt_aout(r3, &(0x7f0000000280)=ANY=[], 0xff2e)
ioctl$TCFLSH(r3, 0x540b, 0x1)
r4 = socket(0x2, 0x2, 0x1)
bind$unix(r4, &(0x7f0000000000)=@abs, 0x6e)
r5 = socket(0x2, 0x2, 0x1)
bind$unix(r5, &(0x7f0000000000)=@abs, 0x6e)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/icmp\x00')
preadv(r6, &(0x7f0000000700)=[{&(0x7f0000000640)=""/165, 0xa5}], 0x1, 0x180, 0x9)
getrandom(&(0x7f0000000040)=""/8, 0x8, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0))

489.850818ms ago: executing program 2 (id=284):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
recvmmsg(r1, &(0x7f0000004480)=[{{0x0, 0x0, 0x0}, 0xf0ad}], 0x1, 0x2000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000040)=@e={0xff, 0x0, 0x0, 0x0, @generic=0x7})
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020300091b0000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a00000000000000fe8000000000000000000000000000bb00000000000000000400040000000000000000000000000000000000000000000000000000000000020001000000000000000000000000ff05000500000000000a00000000000000fe8896380000000000000001000000010000000000000000030007000000000002004e24ac14141f0000000000000000020013"], 0xd8}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r8, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
r11 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r11, 0x6, 0x0, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x1, 0x0, 0x4, 0x100003, 0xfffffffc, 0x2f276b7, 0x14}]})
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r13 = fsmount(r11, 0x0, 0x0)
r14 = openat(r13, &(0x7f0000000280)='.\x00', 0x2000, 0x0)
open_by_handle_at(r14, &(0x7f0000000000)=ANY=[@ANYBLOB="08000000010002"], 0x0)
r15 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r15, 0x1, &(0x7f0000000180)='user\x00N\xac]\x86\x8a\xa3\x7f\x00', &(0x7f0000000140), 0x0)
r16 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r16, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r10, {0x3, 0xd}, {0x3}, {0x3, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x40004}, 0x40004)

489.43929ms ago: executing program 1 (id=285):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x304012, &(0x7f00000004c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESOCT=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680b72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780808002e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x1, 0x7, 0xfffffffffffff3ce, 0x100, 0x0, {0x42, 0x0, 0xb, 0xfff9, 0x0, 0x1, 0x0, 0xfffff7ff, 0x120, 0x2000, 0xab, r2, r3, 0x501, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
rt_sigprocmask(0x0, &(0x7f0000000040)={[0x456]}, &(0x7f0000000080), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x20, 0x0, @val=@perf_event={0xffffffffffff0c23}}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)={0x54, r6, 0x1, 0xffffffff, 0x0, {0x26}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x10001}, {0xc, 0x90, 0x1ff}}]}, 0x54}}, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r4, 0x40806685, &(0x7f0000000340)={0x1, 0x2, 0x1000, 0x33, &(0x7f0000000140)="5659908a41d1e3a0354382f2f3916328b056cd4c8903d399ccf9a4dba6dd3b941c8e594a79628bcee4f99d3575fdafb84d2bdb", 0x0, 0x0, 0x0})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0xfeffff, 0xa40, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
prctl$PR_SET_SECUREBITS(0x1c, 0x2)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r8, 0x80084d17, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0})

400.353653ms ago: executing program 0 (id=286):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000002e0001002abd70000000000008000000", @ANYRES32, @ANYBLOB="0b00e880976b6408686030000500018099"], 0x2c}], 0x1}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@ipv4_newrule={0x38, 0x20, 0x1, 0x70bd29, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_GENERIC_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x1}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x1}]}, 0x38}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

399.92757ms ago: executing program 2 (id=287):
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000640)={0x1f, 0x6, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xd, 0x1}, 0xe)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="90010000", @ANYRES16=0x0, @ANYBLOB="100029bd7000fedbdf250300000008000200030000005800088024000780080005002e17d57308000600c400000008000500e783e33c08000600cb0000002400078008000500f0d4a02c08000500e695512708000500d9bb375a08000500f4cc09530c00078008000600400000001c0108801400078008000600ad00000008000500ece366594c00078008000600be0000000800050084a7605d08000600e600200008000600a6000000080005000daca41d0800060029000000080005002808ea65080006003a000000080005007b633a170c00078008000500e11c4a154400078008000500e3e9556008000500d3b78739080006005b00000008000600f100000008000500ff54ae530800050049b11e6c080005001a3806410800050006baf57d44000780080006008200000008000500872b0f380800060048000000080005008c390a7f08000500bc99167d08000500bc4a4e70430006001d00000008000600f800000024000780080006002d00000008000600b5000000080005009da9ac470800060098000000"], 0x190}, 0x1, 0x0, 0x0, 0x8000}, 0x20004000)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000740)=ANY=[@ANYBLOB="2c000000eb53b6db8b896bb70de3c9858104822054b818857f66ea591e225927e56d4e17ad6c4e359237add4dcc07a93dd159f7f8631f2863160ebb43ac86c6577e8bd8d6c36cdf0e32d5c5481d98fb429979de63e3b", @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000400078008000100000000000c000200ff7f000000000000"], 0x2c}}, 0x20000000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x20, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0x6}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x5761, 0x0)
setreuid(0x0, 0xee01)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000004000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x28, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x2, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0xfc)
r8 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0x1bf58, 0x10000, 0x2, 0x2d0}, &(0x7f0000000440), &(0x7f0000000400), &(0x7f0000000000))
io_uring_enter(r8, 0x7b1d, 0xe93c, 0xc, 0x0, 0x0)
io_uring_register$IORING_REGISTER_NAPI(r8, 0x1b, &(0x7f00000000c0)={0x5, 0x6}, 0x1)
write$P9_RRENAME(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x15, 0x1}, 0x7)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000002500010125bd7000fdffffff550000000800030047"], 0x1c}, 0x1, 0x0, 0x0, 0x4048957}, 0x28040)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4048957}, 0x28040)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fbdbdf250200000000000000000006d1967ea0a49800fcad26e26a642e03c559220e55db48b386898af584c90bcf6853636a2189c74edb7535b31a57348c103ade6065a99cf26a40866c8c9caaf8f337c0a13616d946bef2dbe200601cce2c0c28f1e97e8bdcd328a9c4f2523ca5cc8986df28664f240ce3cb10c343d9d5d6ee012764b63131cc4324cb221ae556cfc4656667f876773e1d0ae51c1a19bca29eae31caaf06c9553c71c4a7d585024e27a9e851e5b292c4"], 0x1c}, 0x1, 0x0, 0x0, 0x20000011}, 0x4000810)

399.577938ms ago: executing program 0 (id=288):
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x8180, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
read$nci(r0, &(0x7f0000000100)=""/109, 0x6d)

319.178395ms ago: executing program 0 (id=289):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0xe, 0x2800)
ioctl$EVIOCGABS20(r0, 0x80184520, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000040)={'erspan0\x00', <r2=>0x0, 0x1, 0x80, 0x100, 0x200, {{0x1f, 0x4, 0x3, 0x9, 0x7c, 0x65, 0x0, 0xf8, 0x4, 0x0, @multicast2, @local, {[@rr={0x7, 0x1f, 0x92, [@empty, @empty, @empty, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}, @timestamp={0x44, 0x20, 0xe5, 0x0, 0x9, [0x80000000, 0x80, 0xc5, 0x9, 0x80000001, 0x7, 0x82]}, @lsrr={0x83, 0x27, 0x6, [@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @dev={0xac, 0x14, 0x14, 0x1a}, @local, @multicast2, @empty, @local, @private=0xa010100, @multicast2]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000240)={'syztnl0\x00', &(0x7f0000000140)={'sit0\x00', <r3=>r2, 0x1, 0x20, 0x1a0, 0xfffffffa, {{0x2d, 0x4, 0x1, 0x39, 0xb4, 0x68, 0x0, 0x9, 0x4, 0x0, @multicast1, @loopback, {[@timestamp_addr={0x44, 0xc, 0x35, 0x1, 0x1, [{@local, 0x9d8b}]}, @timestamp={0x44, 0x14, 0x19, 0x0, 0x3, [0x7, 0x3, 0x800, 0x5]}, @timestamp_prespec={0x44, 0xc, 0x2f, 0x3, 0x9, [{@multicast2, 0x9}]}, @timestamp_addr={0x44, 0x3c, 0x53, 0x1, 0x9, [{@local, 0xc}, {@loopback, 0x8}, {@loopback, 0x4bb}, {@multicast1, 0x1}, {@multicast1}, {@multicast2, 0x9}, {@loopback, 0x8}]}, @ssrr={0x89, 0x13, 0x9, [@rand_addr=0x64010101, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @lsrr={0x83, 0x23, 0xbf, [@multicast2, @broadcast, @dev={0xac, 0x14, 0x14, 0x37}, @loopback, @dev={0xac, 0x14, 0x14, 0x1c}, @local, @empty, @rand_addr=0x64010100]}]}}}}})
r4 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000280), 0x290000, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x4, 0x10000, 0xa8, 0x14001, 0x1, 0x8000, '\x00', r3, 0xffffffffffffffff, 0x1, 0x0, 0x2, 0x1}, 0x50)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$SNDRV_PCM_IOCTL_DELAY(r4, 0x80084121, &(0x7f0000000600))
r8 = dup(r7)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x18, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @map_fd={0x18, 0x4, 0x1, 0x0, r5}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000400)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x13, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x2, 0x7, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000004c0)=[r8, 0x1, r1], &(0x7f0000000500)=[{0x3, 0x2, 0x5, 0x6}, {0x5, 0x2, 0x10, 0x2}], 0x10, 0xc}, 0x94)

199.524312ms ago: executing program 3 (id=290):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_INGRESS={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, 0x0, 0x108}}], 0x2, 0xc040)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd0600ffdbdb252100000020000300", @ANYRES32=r6, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}}, 0x28000)
r7 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(r7, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, r4, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@getroute={0x14, 0x1a, 0x400, 0x70bd25, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r8 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f00000003c0)={@local, 0xff, 0x0, 0xff, 0xe, 0x6, 0x8}, 0x20)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="01000000"], 0x38}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x402, 0x3ff, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r9}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r9, &(0x7f0000000340)="a9", &(0x7f0000000200)=""/31}, 0x20)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="90020000", @ANYRES16=r10, @ANYBLOB="010000000000fedbdf250300000034000380080001000b00000008000300810000000800020007000000080003000b000000080001000800000008000200090000001c0009800800010004000000080002000400000008000100ff0700003c000180080003000800000014000280080003000500000008000100020000000d0001007564703a73797a31000000000000030002000000080003000700000064000680080001000a00000004000200040002004d0003002a5f4ede084a7f1dedefe70900000000000000db6f3af7d469d2deebd05d15eb9dbe29ca9ad9b8a0a857d8f3704ec8bed08fb72a0b873f45022b711a675314d333aab3c3e62acdc160000000ac0001001500010069623a76657468305f6d6163767461700000000044000400200001000a004e2400000008ff02000000000000000000000000000100000100200002000a004e2000000006fc010000000000000000000000000000190000001c000280080001000e000000080001000600000008000400b3b8ffff08000300ff0f00000d0001007564703a73"], 0x290}}, 0x0)

199.311978ms ago: executing program 3 (id=291):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x48)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300000004000000040000000af80d0000000000e44a1f3631b7374cfc0cbffaa9c1438c2673df49679103bc5f43d8058ac302888cefe484bab7bb17de0a080bb5e25ad888e0f929bfe10ff27703874d64a293d59f3d7ce27c0a75dba281f4716d09797c5dd018ce643595dfa5613c3bc887800fcda6e37584c1ebead0a15e9e9da202f0f26b3d7d7b8898fe4734ff9455a3503b8973a608de75cfb9288f3048214103e2937270e33bcd967cac4a7c2916f912399e04a7ac1a1f214a6a048285a21b89702b9b880c61658e81e217e88b0e5c217ba34fd98cf99bd8c100"/241, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r1}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x18, 0xb, &(0x7f00000003c0)=ANY=[@ANYRES16=r0, @ANYRES32=r1, @ANYRES32=r1], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYRES64=r2, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000001000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', <r3=>0x0})
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040f0301c800"], 0x6)

198.997126ms ago: executing program 0 (id=292):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x2, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x121403, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40081271, &(0x7f0000000980)=0x4000) (async)
tee(r1, r0, 0x10001, 0xf) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) (async, rerun: 64)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) (rerun: 64)
fdatasync(r4) (async, rerun: 32)
sendmsg$DEVLINK_CMD_TRAP_GET(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x4c, r3, 0x400, 0x70bd2a, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x1c}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000006) (rerun: 32)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000280)="919620aaf48db0c10cc1926dace972f1c015ce623407a3704d3aea80af6e372663abe9db") (async)
mount(&(0x7f00000001c0)=@nullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000c00)='cramfs\x00', 0x4418, 0x0)

119.023867ms ago: executing program 3 (id=293):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000010280)=ANY=[@ANYBLOB="58000000100001042bbd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="fab0817d9cb1f31a24001280110001006272696467655f736c617665000000000c00058005001c0001000000140003006272696467655f736c6176655f3000"], 0x58}, 0x1, 0x0, 0x0, 0x240400c4}, 0x0) (async, rerun: 64)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff) (rerun: 64)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0x80045301, &(0x7f0000000180)) (async)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4001000010000100feffffff00010000fe880000000000000000000000000001fe8000000000000000000000000000bb000100014e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000101000004d46c000000ff020000000000000000000000000001000000000000000092010000000000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff0300000000000000000000000000000000000080ffffffff1f00000000000000feffffffffffffff02000000fcffffff000000002abd700000350000020001002000000000000000480003006465666c6174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000c0033000000"], 0x140}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000002080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000004c0000000e0001006e657464657673696d0000000f0002006e657464657673696d300400"/58], 0x40}}, 0x0)

118.879902ms ago: executing program 0 (id=294):
r0 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0x22)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000001440)=0x82)
bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x5, 0x10001, 0x7fff, 0x202, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x200000, 0x34}, 0x50)

50.093152ms ago: executing program 3 (id=295):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f)
ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r1, 0x400448e6, &(0x7f00000000c0)="d3")
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$KVM_RESET_DIRTY_RINGS(0xffffffffffffffff, 0xaec7)
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r2, 0x8, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x7ff}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x48891)
ioctl$sock_bt_hci(r1, 0x400448e7, &(0x7f0000000240))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
keyctl$clear(0x3, 0xfffffffffffffffd)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x2d8, 0x110, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @remote, [0xff, 0xff000000, 0x0, 0xffffff00], [0xff000000, 0xff, 0xff], 'wg2\x00', 'geneve1\x00', {}, {}, 0x29, 0x10, 0x0, 0x1c}, 0x0, 0xd0, 0x110, 0x60030000, {0x0, 0xff000000}, [@common=@unspec=@cgroup0={{0x28}, {0xfffffe01}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x5, 0x5, {0xd457}}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0x6, 0x2}, {0x1, 0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x20041)

49.93034ms ago: executing program 0 (id=296):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x4000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0500000001000000026c00004100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\t\x00'/28], 0x48)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000e90000/0x2000)=nil, 0x2000, 0x2082c0fe0847596b)
move_pages(0x0, 0x1, &(0x7f0000000540)=[&(0x7f0000d73000/0x4000)=nil], 0x0, &(0x7f00000003c0), 0x2)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r0], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'macvlan1\x00', <r7=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="4400000010000104fcfffffffbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0315000004000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6], 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

0s ago: executing program 3 (id=297):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x3454, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c020000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000003000000000a0000205e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000800000000000000000000000000000700000000000000000000000000000000000000000000000300000000000000070000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000084010500ac1414bb000000000000000000000000000000006c00000000000000ac141408000000000000000000000000000000000000560000000000fdffffff01000000fc020000000000000000000000000000000000003200000000000000fe8000000000000000000000000000bb0235000000000000000002000000000000000000ff010000000000000000000000000001000000003c00000002000000ac1414440000000000000000000000000000000001030000000000000000000000000000ff020000000000000000000000000001000004d33c00000002000000ffffffff0000000000000000000000f98675888413"], 0x23c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001400030400000000000000000a3f0000", @ANYRES32=r3, @ANYBLOB="14000200ff2300000000000000180000000000000000000045e140f709730c5324b6c4080008000e04279a8a3689b9794c253af4e338885316caf72a7ee442583b336ce9c36aa6cfc9c92399fed00b7fd432225c31f5175cedf7845f7f4dcd09f1159f0904f171bbe70cea49b3ce5fa0f3e31f88dd61d3467e60a1775e141ae656c1ee44aa9fba82293230a34f14a0b390b87d9371860b8860176d01ebbc9612a7202b45156a4700062325607a523654a253a4db786dccb14409671512d4021cde77201bf312cee81e08f0c41d305387510000000000041adea5f832bc78d46f7ab39d0cfd1091ac98606a1a8ad65c154de2cb5df56df9f55dbfbb2ebef8a6e87c17d1fcfe3ea9f5afb45026efe930eb9da9eecd1d2abd094d01220e9ab7e2d08d21737dd157b5a21498f4745d2b1fdc5ef66e98cdd3eb4f3abbb656a5fa764d9171dde3081144bb"], 0x48}, 0x1, 0x0, 0x0, 0xb1d37d98e43881f6}, 0x0)

0s ago: executing program 3 (id=298):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000380)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021a40300001e0a05010000000000000000070000070900020073797a31000000000900010073797a300000000078030380740300800800034000000002680301"], 0x428}}, 0x40088)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x15, r4, r5, 0xfffffffdffffffff)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x400caed0, &(0x7f0000000400)={0x2, 0x0, @ioapic={0xffffffff, 0xb, 0x8, 0x9, 0x0, [{0xc, 0xe, 0x5, '\x00', 0x4}, {0xf, 0x0, 0x4, '\x00', 0x4}, {0xff, 0x7, 0xf, '\x00', 0x7f}, {0x8, 0x9f, 0x2, '\x00', 0x9}, {0x1, 0x0, 0x0, '\x00', 0x80}, {0x1, 0x8, 0x7f, '\x00', 0x7f}, {0x9, 0x0, 0xd1, '\x00', 0x4}, {0x9, 0x1, 0x49}, {0xb8, 0x5e, 0x4, '\x00', 0x33}, {0x7, 0x3, 0x7f, '\x00', 0x4}, {0x8, 0x2, 0xfc, '\x00', 0xff}, {0x5, 0xb, 0xc4, '\x00', 0x4}, {0x40, 0x3, 0x4, '\x00', 0x9}, {0x5, 0x1}, {0xfd, 0x9, 0xc5, '\x00', 0x4}, {0x9, 0xc, 0x48, '\x00', 0x9}, {0x2, 0xc, 0x0, '\x00', 0xe}, {0x7, 0x6, 0x1b, '\x00', 0x2}, {0x4, 0x4, 0x3, '\x00', 0x4}, {0x42, 0x4e, 0x5, '\x00', 0x4}, {0xf0, 0x1, 0x7, '\x00', 0x1}, {0x78, 0x81, 0x5d, '\x00', 0x8}, {0xf, 0x10, 0xdb, '\x00', 0x5}, {0x7f, 0x63, 0x5, '\x00', 0x3}]}})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
write$P9_RSTATu(r8, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x5000000, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000001000000018000180140002007665746830000000000000000f00000005000d"], 0x34}}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), r1)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:24910' (ED25519) to the list of known hosts.
[   55.612581][   T40] kauditd_printk_skb: 15 callbacks suppressed
[   55.612593][   T40] audit: type=1400 audit(1778622477.785:138): avc:  denied  { name_bind } for  pid=5720 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   55.652358][   T40] audit: type=1400 audit(1778622477.825:139): avc:  denied  { execute } for  pid=5721 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   55.660973][   T40] audit: type=1400 audit(1778622477.825:140): avc:  denied  { execute_no_trans } for  pid=5721 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   58.245758][   T40] audit: type=1400 audit(1778622480.415:141): avc:  denied  { mounton } for  pid=5721 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   58.255459][   T40] audit: type=1400 audit(1778622480.425:142): avc:  denied  { mount } for  pid=5721 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   58.258146][ T5721] cgroup: Unknown subsys name 'net'
[   58.266737][   T40] audit: type=1400 audit(1778622480.435:143): avc:  denied  { unmount } for  pid=5721 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   58.424909][ T5721] cgroup: Unknown subsys name 'cpuset'
[   58.430208][ T5721] cgroup: Unknown subsys name 'rlimit'
[   58.626391][   T40] audit: type=1400 audit(1778622480.795:144): avc:  denied  { setattr } for  pid=5721 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   58.634204][   T40] audit: type=1400 audit(1778622480.795:145): avc:  denied  { create } for  pid=5721 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   58.642226][   T40] audit: type=1400 audit(1778622480.795:146): avc:  denied  { write } for  pid=5721 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   58.648766][   T40] audit: type=1400 audit(1778622480.795:147): avc:  denied  { read } for  pid=5721 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   58.686841][ T5725] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   59.499868][ T5721] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   64.188839][   T40] kauditd_printk_skb: 10 callbacks suppressed
[   64.188851][   T40] audit: type=1400 audit(1778622486.355:158): avc:  denied  { execmem } for  pid=5730 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   64.384034][   T40] audit: type=1400 audit(1778622486.555:159): avc:  denied  { create } for  pid=5734 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   64.396727][   T40] audit: type=1400 audit(1778622486.555:160): avc:  denied  { read write } for  pid=5734 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   64.404344][   T40] audit: type=1400 audit(1778622486.555:161): avc:  denied  { open } for  pid=5734 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   64.410525][ T5737] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   64.419249][   T40] audit: type=1400 audit(1778622486.555:162): avc:  denied  { ioctl } for  pid=5734 comm="syz-executor" path="socket:[5849]" dev="sockfs" ino=5849 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   64.420195][ T5738] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   64.432716][ T5738] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   64.436474][ T5744] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   64.441232][ T5738] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   64.442183][ T5744] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   64.443456][ T5745] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   64.444241][ T5745] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   64.448097][ T5744] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   64.450252][ T5745] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   64.453347][ T5744] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   64.457046][ T5749] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   64.457188][ T5745] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   64.457733][ T5745] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   64.460273][ T5745] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   64.462790][   T40] audit: type=1400 audit(1778622486.625:163): avc:  denied  { read } for  pid=5736 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   64.462873][ T5749] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   64.464836][ T5745] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   64.469815][   T40] audit: type=1400 audit(1778622486.635:164): avc:  denied  { open } for  pid=5736 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   64.474646][ T5745] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   64.482697][   T40] audit: type=1400 audit(1778622486.635:165): avc:  denied  { mounton } for  pid=5736 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   64.489027][ T5745] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   64.492536][   T40] audit: type=1400 audit(1778622486.645:166): avc:  denied  { module_request } for  pid=5736 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   64.498501][ T5745] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   64.506779][   T40] audit: type=1400 audit(1778622486.675:167): avc:  denied  { sys_module } for  pid=5736 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   64.937650][ T5734] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.940638][ T5734] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.943613][ T5734] bridge_slave_0: entered allmulticast mode
[   64.946835][ T5734] bridge_slave_0: entered promiscuous mode
[   64.950963][ T5734] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.953709][ T5734] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.955989][ T5734] bridge_slave_1: entered allmulticast mode
[   64.958628][ T5734] bridge_slave_1: entered promiscuous mode
[   64.995959][ T5734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.005437][ T5734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.045205][ T5734] team0: Port device team_slave_0 added
[   65.049385][ T5734] team0: Port device team_slave_1 added
[   65.113453][ T5734] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.115871][ T5734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.124335][ T5734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.129328][ T5734] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.131602][ T5734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.139214][ T5734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.209670][ T5734] hsr_slave_0: entered promiscuous mode
[   65.212482][ T5734] hsr_slave_1: entered promiscuous mode
[   65.234953][ T5736] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.237394][ T5736] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.239861][ T5736] bridge_slave_0: entered allmulticast mode
[   65.243887][ T5736] bridge_slave_0: entered promiscuous mode
[   65.247761][ T5736] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.250310][ T5736] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.252913][ T5736] bridge_slave_1: entered allmulticast mode
[   65.255852][ T5736] bridge_slave_1: entered promiscuous mode
[   65.345426][ T5736] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.356786][ T5736] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.386558][ T5747] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.389634][ T5747] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.392693][ T5747] bridge_slave_0: entered allmulticast mode
[   65.396495][ T5747] bridge_slave_0: entered promiscuous mode
[   65.425916][ T5747] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.428798][ T5747] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.431571][ T5747] bridge_slave_1: entered allmulticast mode
[   65.434376][ T5747] bridge_slave_1: entered promiscuous mode
[   65.466444][ T5736] team0: Port device team_slave_0 added
[   65.468571][ T5741] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.471567][ T5741] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.474869][ T5741] bridge_slave_0: entered allmulticast mode
[   65.478681][ T5741] bridge_slave_0: entered promiscuous mode
[   65.483212][ T5741] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.487016][ T5741] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.490998][ T5741] bridge_slave_1: entered allmulticast mode
[   65.495125][ T5741] bridge_slave_1: entered promiscuous mode
[   65.525691][ T5747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.531532][ T5736] team0: Port device team_slave_1 added
[   65.557731][ T5747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.580269][ T5741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.594075][ T5736] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.597172][ T5736] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.608277][ T5736] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.622308][ T5741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.635514][ T5736] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.638503][ T5736] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.650303][ T5736] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.667342][ T5747] team0: Port device team_slave_0 added
[   65.683189][ T5747] team0: Port device team_slave_1 added
[   65.698025][ T5741] team0: Port device team_slave_0 added
[   65.709094][ T5741] team0: Port device team_slave_1 added
[   65.722387][ T5747] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.725048][ T5747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.736046][ T5747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.741872][ T5747] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.744397][ T5747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.753689][ T5747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.797949][ T5741] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.800251][ T5741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.809533][ T5741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.818955][ T5741] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.821557][ T5741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   65.829723][ T5741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.837210][ T5736] hsr_slave_0: entered promiscuous mode
[   65.839392][ T5736] hsr_slave_1: entered promiscuous mode
[   65.841687][ T5736] debugfs: 'hsr0' already exists in 'hsr'
[   65.843578][ T5736] Cannot create hsr debugfs directory
[   65.871148][ T5747] hsr_slave_0: entered promiscuous mode
[   65.875303][ T5747] hsr_slave_1: entered promiscuous mode
[   65.877557][ T5747] debugfs: 'hsr0' already exists in 'hsr'
[   65.879480][ T5747] Cannot create hsr debugfs directory
[   65.951087][ T5741] hsr_slave_0: entered promiscuous mode
[   65.954265][ T5741] hsr_slave_1: entered promiscuous mode
[   65.957134][ T5741] debugfs: 'hsr0' already exists in 'hsr'
[   65.958989][ T5741] Cannot create hsr debugfs directory
[   65.984648][ T5734] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.994817][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.030257][ T5734] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.037215][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.068102][ T5734] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.075077][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.095952][ T5734] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.102741][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.235362][ T5736] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   66.240288][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.247180][ T5736] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   66.251042][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.254647][ T5736] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   66.258295][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.267784][ T5736] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   66.272825][ T5736] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.318938][ T5747] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   66.324727][ T5747] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.328098][ T5747] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   66.333057][ T5747] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.337674][ T5747] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   66.344519][ T5747] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.349257][ T5734] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.355071][ T5747] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.361826][ T5747] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.403366][ T5734] 8021q: adding VLAN 0 to HW filter on device team0
[   66.422056][  T165] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.425248][  T165] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.441089][ T5741] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   66.446244][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   66.456010][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.458317][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.463515][ T5741] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   66.468269][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   66.471278][ T5741] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   66.472219][ T5738] Bluetooth: hci1: command tx timeout
[   66.477594][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   66.480311][ T5741] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   66.481450][ T5738] Bluetooth: hci0: command tx timeout
[   66.486949][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   66.541766][ T5736] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.551447][ T5738] Bluetooth: hci3: command tx timeout
[   66.561608][ T5738] Bluetooth: hci2: command tx timeout
[   66.566326][ T5736] 8021q: adding VLAN 0 to HW filter on device team0
[   66.589947][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.592365][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.606005][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.608375][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.618476][ T5747] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.662806][ T5747] 8021q: adding VLAN 0 to HW filter on device team0
[   66.676908][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.679564][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.698417][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.700872][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.716546][ T5741] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.740246][ T5741] 8021q: adding VLAN 0 to HW filter on device team0
[   66.748437][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.750880][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.765556][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.768541][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.828326][ T5734] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.873390][ T5734] veth0_vlan: entered promiscuous mode
[   66.887511][ T5734] veth1_vlan: entered promiscuous mode
[   66.917647][ T5734] veth0_macvtap: entered promiscuous mode
[   66.924471][ T5734] veth1_macvtap: entered promiscuous mode
[   66.934608][ T5736] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.945797][ T5734] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.957972][ T5734] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.978966][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.982753][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.989140][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.996424][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.039590][ T5736] veth0_vlan: entered promiscuous mode
[   67.060818][ T5736] veth1_vlan: entered promiscuous mode
[   67.079131][ T5747] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.085327][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.085449][ T5741] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.088291][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.114330][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.119435][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.142726][ T5736] veth0_macvtap: entered promiscuous mode
[   67.147247][ T5747] veth0_vlan: entered promiscuous mode
[   67.153788][ T5747] veth1_vlan: entered promiscuous mode
[   67.160440][ T5734] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   67.160903][ T5736] veth1_macvtap: entered promiscuous mode
[   67.185477][ T5741] veth0_vlan: entered promiscuous mode
[   67.193688][ T5741] veth1_vlan: entered promiscuous mode
[   67.200256][ T5736] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.204816][ T5747] veth0_macvtap: entered promiscuous mode
[   67.213709][ T5736] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.221056][ T5747] veth1_macvtap: entered promiscuous mode
[   67.226020][   T60] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.235025][   T60] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.247825][ T1161] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.251043][ T1161] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.259757][ T5741] veth0_macvtap: entered promiscuous mode
[   67.265299][ T5741] veth1_macvtap: entered promiscuous mode
[   67.274944][ T5747] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.294823][ T5747] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.310598][ T5741] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.315288][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.320128][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.323627][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.329512][ T5741] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.333256][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.352438][ T1167] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.352815][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.357914][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.365696][ T1167] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.369338][ T1167] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.401496][ T1167] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.435874][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.439850][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.463472][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.467237][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.488536][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.492800][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.514907][ T1161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.521273][ T1161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.532589][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.535130][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.651472][ T5898] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   67.749328][ T5911] overlayfs: overlapping lowerdir path
[   67.754864][ T5911] overlayfs: overlapping lowerdir path
[   67.820334][ T5918] IPVS: set_ctl: invalid protocol: 22 224.0.0.1:20009
[   67.857744][ T5922] tmpfs: Cannot change global quota limit on remount
[   67.893217][ T5924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13'.
[   67.896387][ T5924] netem: unknown loss type 13
[   67.898034][ T5924] netem: change failed
[   67.898597][ T5929] capability: warning: `syz.2.15' uses deprecated v2 capabilities in a way that may be insecure
[   67.905360][ T5929] cgroup: Setting release_agent not allowed
[   68.221504][   T29] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[   68.273189][ T5944] netlink: 36 bytes leftover after parsing attributes in process `syz.3.18'.
[   68.284773][ T5950] netlink: 36 bytes leftover after parsing attributes in process `syz.0.19'.
[   68.325316][ T5952] netlink: 20 bytes leftover after parsing attributes in process `syz.0.20'.
[   68.337251][ T5952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20'.
[   68.355243][ T5954] EXT4-fs (nbd3): unable to read superblock
[   68.375652][   T29] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[   68.381863][   T29] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[   68.389994][   T29] usb 6-1: config 0 interface 0 has no altsetting 0
[   68.395610][   T29] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   68.399263][   T29] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   68.404806][   T29] usb 6-1: Product: syz
[   68.407874][   T29] usb 6-1: Manufacturer: syz
[   68.410041][   T29] usb 6-1: SerialNumber: syz
[   68.417279][   T29] usb 6-1: config 0 descriptor??
[   68.425282][   T29] hub 6-1:0.0: bad descriptor, ignoring hub
[   68.428217][   T29] hub 6-1:0.0: probe with driver hub failed with error -5
[   68.436006][   T29] usb 6-1: selecting invalid altsetting 0
[   68.551718][ T5745] Bluetooth: hci1: command tx timeout
[   68.551893][ T5737] Bluetooth: hci0: command tx timeout
[   68.631894][ T5737] Bluetooth: hci2: command tx timeout
[   68.632920][ T5745] Bluetooth: hci3: command tx timeout
[   68.646028][ T5937] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[   68.702002][ T5984] netlink: 'syz.0.28': attribute type 1 has an invalid length.
[   68.704386][ T5984] netlink: 56 bytes leftover after parsing attributes in process `syz.0.28'.
[   68.799754][ T5990] bridge_slave_0: left allmulticast mode
[   68.803934][ T5990] bridge_slave_0: left promiscuous mode
[   68.804478][ T5834] usb 6-1: USB disconnect, device number 2
[   68.809202][ T5990] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.819072][ T5990] bridge_slave_1: left allmulticast mode
[   68.825182][ T5990] bridge_slave_1: left promiscuous mode
[   68.827757][ T5990] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.843850][ T5990] bond0: (slave bond_slave_0): Releasing backup interface
[   68.853598][ T5990] bond0: (slave bond_slave_1): Releasing backup interface
[   68.875373][ T5990] team0: Port device team_slave_0 removed
[   68.879435][ T5990] team0: Port device team_slave_1 removed
[   68.883084][ T5990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.885819][ T5990] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.889662][ T5990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.892858][ T5990] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.897332][ T5990] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   68.908818][ T5996] team0: Mode changed to "activebackup"
[   69.091443][   T34] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   69.252048][   T34] usb 5-1: Using ep0 maxpacket: 32
[   69.255758][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   69.259450][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   69.264650][   T34] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   69.269131][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.279885][   T34] usb 5-1: config 0 descriptor??
[   69.290505][   T40] kauditd_printk_skb: 100 callbacks suppressed
[   69.290519][   T40] audit: type=1400 audit(1778622491.455:268): avc:  denied  { setopt } for  pid=6008 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.418671][   T40] audit: type=1400 audit(1778622491.585:269): avc:  denied  { map } for  pid=6011 comm="syz.2.36" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   69.436546][   T40] audit: type=1400 audit(1778622491.585:270): avc:  denied  { execute } for  pid=6011 comm="syz.2.36" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   69.448473][   T40] audit: type=1400 audit(1778622491.615:271): avc:  denied  { append } for  pid=6011 comm="syz.2.36" name="cec0" dev="devtmpfs" ino=973 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   69.470882][ T6012] ªªªªªª: renamed from vlan0 (while UP)
[   69.483865][   T40] audit: type=1400 audit(1778622491.655:272): avc:  denied  { read } for  pid=6011 comm="syz.2.36" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   69.494283][   T40] audit: type=1400 audit(1778622491.655:273): avc:  denied  { open } for  pid=6011 comm="syz.2.36" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   69.503114][   T40] audit: type=1400 audit(1778622491.655:274): avc:  denied  { write } for  pid=6008 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.509696][   T40] audit: type=1400 audit(1778622491.655:275): avc:  denied  { connect } for  pid=6008 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.517103][   T40] audit: type=1400 audit(1778622491.655:276): avc:  denied  { create } for  pid=6008 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   69.523728][   T40] audit: type=1400 audit(1778622491.655:277): avc:  denied  { setopt } for  pid=6008 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   69.639683][ T6018] overlay: Unknown parameter 'fsname'
[   69.705818][   T34] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[   69.750464][ T6022] =======================================================
[   69.750464][ T6022] WARNING: The mand mount option has been deprecated and
[qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xa0000)
   69.750464][ T6022]          and is ignored by this kernel. Remove the mand
[   69.750464][ T6022]          option from the mount to silence this warning.
[   69.750464][ T6022] =======================================================
[   69.769379][ T5745] Bluetooth: hci1: unexpected event 0x0f length: 3 < 4
[   69.803777][ T6024] xt_hashlimit: size too large, truncated to 1048576
[   69.833831][ T1131] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[   69.836316][ T1131] ata1: failed to read log page 10h (errno=-5)
[   69.839919][ T1131] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0
[   69.845698][ T1131] ata1.00: irq_stat 0x41000008
[   69.847859][ T1131] ata1.00: failed command: READ FPDMA QUEUED
[   69.850510][ T1131] ata1.00: cmd 60/00:70:9e:8b:03/05:00:00:00:00/40 tag 14 ncq dma 655360 in
[   69.850510][ T1131]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[   69.854351][ T6026] netlink: 'syz.2.39': attribute type 21 has an invalid length.
[   69.859097][ T1131] ata1.00: status: { DRDY }
[   69.860104][ T6026] IPv6: NLM_F_CREATE should be specified when creating new route
[   69.860253][ T6026] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   69.862594][ T1131] ata1.00: error: { ABRT }
[   69.865681][ T6026] IPv6: NLM_F_CREATE should be set when creating new route
[   69.872976][ T6026] IPv6: NLM_F_CREATE should be set when creating new route
[   69.875302][ T6026] IPv6: NLM_F_CREATE should be set when creating new route
[   69.877769][ T1131] ata1.00: configured for UDMA/100
[   69.883571][ T1131] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[   69.887649][ T1131] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] 
[   69.890846][ T1131] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information
[   69.894359][ T1131] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 03 8b 9e 00 05 00 00
[   69.897611][ T1131] I/O error, dev sda, sector 232350 op 0x0:(READ) flags 0x80700 phys_seg 10 prio class 2
[   69.898045][ T6026] netlink: 'syz.2.39': attribute type 21 has an invalid length.
[   69.901696][ T1131] ata1: EH complete
[   69.909144][ T6026] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   69.966492][ T6028] cgroup: name respecified
[   69.974053][ T5995] sctp: [Deprecated]: syz.0.32 (pid 5995) Use of int in max_burst socket option.
[   69.974053][ T5995] Use struct sctp_assoc_value instead
[   69.981403][ T6024] warning: `syz.2.39' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   69.982743][   T34] usb 5-1: USB disconnect, device number 2
[   69.986518][ T6024] overlay: Bad value for 'uuid'
[   70.079528][ T6036] netlink: 32 bytes leftover after parsing attributes in process `syz.1.43'.
[   70.084545][ T6036] netlink: 32 bytes leftover after parsing attributes in process `syz.1.43'.
[   70.087702][ T6036] Zero length message leads to an empty skb
[   70.175458][ T6034] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.178724][ T6034] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.189527][ T6034] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.194628][ T6034] batman_adv: batadv0: Removing interface: batadv_slave_1
[   70.307034][ T6055] netlink: 152868 bytes leftover after parsing attributes in process `syz.1.48'.
[   70.395004][ T6057] netlink: 4 bytes leftover after parsing attributes in process `syz.2.49'.
[   70.405857][ T6057] bridge0: port 1(macvlan2) entered blocking state
[   70.408384][ T6057] bridge0: port 1(macvlan2) entered disabled state
[   70.410750][ T6057] macvlan2: entered allmulticast mode
[   70.415198][ T6057] macvlan2: left allmulticast mode
[   70.524944][ T6060] syz.0.50 uses obsolete (PF_INET,SOCK_PACKET)
[   70.631468][ T5745] Bluetooth: hci0: command tx timeout
[   70.711956][ T5737] Bluetooth: hci3: command 0x040f tx timeout
[   70.714047][ T5745] Bluetooth: hci2: command tx timeout
[   70.829520][ T6075] tipc: MTU too low for tipc bearer
[   70.915627][ T5738] Bluetooth: hci1: unexpected event 0x0f length: 3 < 4
[   71.162055][ T6088] binder: 6087:6088 ioctl c0306201 200000000540 returned -22
[   71.174033][ T6088] trusted_key: encrypted_key: insufficient parameters specified
[   71.803266][ T6108] netlink: 'syz.2.67': attribute type 4 has an invalid length.
[   71.884262][ T5738] Bluetooth: hci2: unexpected event 0x0f length: 3 < 4
[   72.198806][ T6121] netlink: 'syz.3.72': attribute type 1 has an invalid length.
[   72.205689][ T6121] virt_wifi0: entered promiscuous mode
[   72.208036][ T6121] virt_wifi0: entered allmulticast mode
[   72.258403][ T6122] netlink: 'syz.1.71': attribute type 88 has an invalid length.
[   72.322543][ T5738] Bluetooth: hci1: command tx timeout
[   72.711555][ T5738] Bluetooth: hci0: command tx timeout
[   72.756393][ T6136] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   72.760221][ T6136] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   72.792048][ T5738] Bluetooth: hci3: command 0x040f tx timeout
[   72.792257][ T5737] Bluetooth: hci2: command tx timeout
[   72.804844][ T6137] vivid-007: =================  START STATUS  =================
[   72.808979][ T6137] vivid-007: Enable Output Cropping: true grabbed
[   72.812513][ T6137] vivid-007: Enable Output Composing: true grabbed
[   72.815491][ T6137] vivid-007: Enable Output Scaler: true grabbed
[   72.817529][ T6137] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[   72.820409][ T6137] vivid-007: Transmit Mode: HDMI grabbed
[   72.823063][ T6137] vivid-007: Hotplug Present: 0x00000000
[   72.825411][ T6137] vivid-007: RxSense Present: 0x00000000
[   72.827854][ T6137] vivid-007: EDID Present: 0x00000000
[   72.830246][ T6137] vivid-007: ==================  END STATUS  ==================
[   72.837792][ T6136] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ0x0000000000000005'
[   73.368905][ T6146] tmpfs: Bad value for 'mpol'
[   73.959813][ T6188] evm: overlay not supported
[   74.000721][ T6193] __nla_validate_parse: 4 callbacks suppressed
[   74.000737][ T6193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.93'.
[   74.181663][ T6210] netlink: 36 bytes leftover after parsing attributes in process `syz.1.97'.
[   74.188510][ T6210] netlink: 36 bytes leftover after parsing attributes in process `syz.1.97'.
[   74.192507][ T6210] netlink: 16 bytes leftover after parsing attributes in process `syz.1.97'.
[   74.196479][ T6210] netlink: 36 bytes leftover after parsing attributes in process `syz.1.97'.
[   74.245755][ T6214] netlink: 'syz.1.98': attribute type 6 has an invalid length.
[   74.258727][ T6214] netlink: 'syz.1.98': attribute type 4 has an invalid length.
[   74.262001][ T6214] netlink: 17 bytes leftover after parsing attributes in process `syz.1.98'.
[   74.287609][ T6216] process 'syz.3.99' launched './file0' with NULL argv: empty string added
[   74.292567][   T40] kauditd_printk_skb: 74 callbacks suppressed
[   74.292577][   T40] audit: type=1400 audit(1778622496.455:352): avc:  denied  { execute_no_trans } for  pid=6215 comm="syz.3.99" path="/21/file0" dev="tmpfs" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   74.299592][ T6216] netlink: 20 bytes leftover after parsing attributes in process `syz.3.99'.
[   74.384152][   T40] audit: type=1400 audit(1778622496.555:353): avc:  denied  { write } for  pid=6194 comm="syz.0.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   74.391716][   T40] audit: type=1400 audit(1778622496.555:354): avc:  denied  { nlmsg_write } for  pid=6194 comm="syz.0.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   74.457963][ T6226] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[   74.462231][   T40] audit: type=1400 audit(1778622496.635:355): avc:  denied  { mount } for  pid=6225 comm="syz.3.101" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   74.543831][   T40] audit: type=1400 audit(1778622496.715:356): avc:  denied  { connect } for  pid=6227 comm="syz.3.102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   74.632771][   T40] audit: type=1400 audit(1778622496.805:357): avc:  denied  { create } for  pid=6232 comm="syz.3.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   74.636083][ T6233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.104'.
[   74.640794][   T40] audit: type=1400 audit(1778622496.805:358): avc:  denied  { ioctl } for  pid=6232 comm="syz.3.104" path="socket:[13534]" dev="sockfs" ino=13534 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   74.873486][ T5737] Bluetooth: hci3: command 0x040f tx timeout
[   74.903370][   T40] audit: type=1400 audit(1778622497.075:359): avc:  denied  { mount } for  pid=6238 comm="syz.2.107" name="/" dev="rpc_pipefs" ino=13546 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[   74.950625][   T40] audit: type=1400 audit(1778622497.115:360): avc:  denied  { read } for  pid=6246 comm="syz.3.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   74.969127][   T40] audit: type=1400 audit(1778622497.135:361): avc:  denied  { read write } for  pid=5734 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   75.020311][ T6255] ISOFS: Unable to identify CD-ROM format.
[   75.076952][    C0] sd 0:0:0:0: [sda] tag#30 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[   75.080270][    C0] sd 0:0:0:0: [sda] tag#30 CDB: Test Unit Ready 
[   75.112591][ T5737] Bluetooth: hci2: unexpected event 0x0f length: 3 < 4
[   75.182865][ T6272] netlink: 'syz.1.117': attribute type 1 has an invalid length.
[   75.222937][ T6272] 8021q: adding VLAN 0 to HW filter on device bond1
[   75.248998][ T6272] vlan2: entered allmulticast mode
[   75.251280][ T6272] macsec0: entered allmulticast mode
[   75.253378][ T6272] veth1_macvtap: entered allmulticast mode
[   75.256469][ T6272] bond1: (slave vlan2): Error -34 calling dev_set_mtu
[   75.748012][ T5737] Bluetooth: hci1: unexpected event 0x0f length: 3 < 4
[   75.985734][ T6314] syzkaller0: refused to change device tx_queue_len
[   76.034300][ T6316] netlink: 4 bytes leftover after parsing attributes in process `syz.1.132'.
[   76.063975][ T6316] IPVS: length: 18 != 47710216
[   76.124256][ T5737] Bluetooth: hci3: unexpected event 0x0f length: 3 < 4
[   76.186153][ T6329] netlink: 'syz.2.135': attribute type 13 has an invalid length.
[   76.190372][ T6329] Bluetooth: MGMT ver 1.23
[   76.234913][ T6335] team0: Device xfrm1 is up. Set it down before adding it as a team port
[   76.235269][ T1435] ieee802154 phy0 wpan0: encryption failed: -22
[   76.240764][ T1435] ieee802154 phy1 wpan1: encryption failed: -22
[   76.300658][ T6345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.140'.
[   76.345766][ T6350] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[   76.358631][ T6356] binder: BINDER_SET_CONTEXT_MGR already set
[   76.370222][ T6356] binder: 6352:6356 ioctl 4018620d 2000000002c0 returned -16
[   76.370410][ T6355] binder: 6352:6355 unknown command 0
[   76.375904][ T6355] binder: 6352:6355 ioctl c0306201 200000000080 returned -22
[   76.377585][ T5737] Bluetooth: hci2: unexpected event 0x0f length: 3 < 4
[   76.513068][   T24] libceph: connect (1)[c::]:6789 error -101
[   76.516891][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   76.611917][ T6383] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   76.616728][ T6383] block device autoloading is deprecated and will be removed.
[   76.685792][ T5737] Bluetooth: hci2: unexpected event 0x0f length: 3 < 4
[   76.749996][ T5825] IPVS: starting estimator thread 0...
[   76.754055][ T6403] IPVS: sed: FWM 3 0x00000003 - no destination available
[   76.769655][ T6403] trusted_key: syz.3.157 sent an empty control message without MSG_MORE.
[   76.782555][   T24] libceph: connect (1)[c::]:6789 error -101
[   76.788394][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   76.843083][ T6404] IPVS: using max 45 ests per chain, 108000 per kthread
[   77.025261][ T6414] xt_socket: unknown flags 0xc
[   77.267820][ T6433] could not allocate digest TFM handle rmd128
[   77.303266][ T6439] netlink: 'syz.0.169': attribute type 2 has an invalid length.
[   77.308236][ T6374] ceph: No mds server is up or the cluster is laggy
[   77.309102][ T6441] netlink: 'syz.0.169': attribute type 2 has an invalid length.
[   77.313075][   T24] libceph: connect (1)[c::]:6789 error -101
[   77.316548][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   78.056205][ T6490] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048)
[   78.069297][ T6490] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   78.074838][ T6490] SELinux: failed to load policy
[   78.096563][ T5737] Bluetooth: hci3: unexpected event for opcode 0x203b
[   78.099840][ T6492] netlink: 'syz.2.183': attribute type 7 has an invalid length.
[   78.099844][ T6493] netlink: 'syz.2.183': attribute type 7 has an invalid length.
[   78.103363][ T6492] netlink: 'syz.2.183': attribute type 13 has an invalid length.
[   78.106605][ T6493] netlink: 'syz.2.183': attribute type 13 has an invalid length.
[   78.221228][ T6505] bridge1: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[   78.245960][ T6508] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   78.256037][ T6508] CIFS mount error: No usable UNC path provided in device string!
[   78.256037][ T6508] 
[   78.259836][ T6508] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   78.355190][ T6510] kvm: kvm [6509]: vcpu6, guest rIP: 0x9139 Unhandled WRMSR(0xc1) = 0xe50000000000
[   78.359571][ T6510] kvm: kvm [6509]: vcpu6, guest rIP: 0x9139 Unhandled WRMSR(0xc2) = 0xe50000000000
[   78.360982][ T6515] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[   78.508299][ T5737] Bluetooth: hci3: unknown advertising packet type: 0x82
[   78.508328][ T5737] Bluetooth: hci3: Malformed LE Event: 0x02
[   78.628925][ T6524] 8021q: adding VLAN 0 to HW filter on device bond1
[   79.126061][ T6538] 9p: Bad value for 'rfdno'
[   79.421191][   T40] kauditd_printk_skb: 59 callbacks suppressed
[   79.421202][   T40] audit: type=1400 audit(1778622501.585:421): avc:  denied  { setopt } for  pid=6556 comm="syz.2.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   79.430279][   T40] audit: type=1400 audit(1778622501.595:422): avc:  denied  { read } for  pid=6556 comm="syz.2.203" path="socket:[14262]" dev="sockfs" ino=14262 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   79.447607][   T40] audit: type=1400 audit(1778622501.615:423): avc:  denied  { getopt } for  pid=6560 comm="syz.1.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   79.514619][   T40] audit: type=1400 audit(1778622501.685:424): avc:  denied  { watch watch_reads } for  pid=6564 comm="syz.3.205" path="/58" dev="tmpfs" ino=326 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   79.590633][ T5737] Bluetooth: hci3: unexpected event 0x0f length: 3 < 4
[   79.645901][   T40] audit: type=1400 audit(1778622501.815:425): avc:  denied  { connect } for  pid=6582 comm="syz.1.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   79.650525][ T6583] tmpfs: Bad value for 'mpol'
[   79.660838][ T6583] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   79.689284][ T6589] validate_nla: 1 callbacks suppressed
[   79.689296][ T6589] netlink: 'syz.2.210': attribute type 1 has an invalid length.
[   79.709536][ T6589] bond2: entered promiscuous mode
[   79.712377][ T6589] 8021q: adding VLAN 0 to HW filter on device bond2
[   79.716835][ T6581] __nla_validate_parse: 14 callbacks suppressed
[   79.716844][ T6581] netlink: 3 bytes leftover after parsing attributes in process `syz.2.210'.
[   79.717947][ T6592] pim6reg: entered allmulticast mode
[   79.739297][ T6581] bond2: (slave bridge2): making interface the new active one
[   79.742634][ T6581] bridge2: entered promiscuous mode
[   79.745444][ T6581] bond2: (slave bridge2): Enslaving as an active interface with an up link
[   79.748353][ T6592] pim6reg: left allmulticast mode
[   79.760638][ T6581] netlink: 8 bytes leftover after parsing attributes in process `syz.2.210'.
[   79.763942][ T6581] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=71 sclass=netlink_route_socket pid=6581 comm=syz.2.210
[   79.777772][   T40] audit: type=1400 audit(1778622501.945:426): avc:  denied  { map } for  pid=6590 comm="syz.1.213" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   79.786817][ T6597] binder: BINDER_SET_CONTEXT_MGR already set
[   79.789306][   T40] audit: type=1400 audit(1778622501.955:427): avc:  denied  { read } for  pid=6595 comm="syz.3.215" name="usbmon3" dev="devtmpfs" ino=746 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   79.789331][   T40] audit: type=1400 audit(1778622501.955:428): avc:  denied  { open } for  pid=6595 comm="syz.3.215" path="/dev/usbmon3" dev="devtmpfs" ino=746 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   79.789350][   T40] audit: type=1400 audit(1778622501.955:429): avc:  denied  { ioctl } for  pid=6595 comm="syz.3.215" path="/dev/usbmon3" dev="devtmpfs" ino=746 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   79.799090][ T6597] binder: 6590:6597 ioctl 4018620d 200000004a80 returned -16
[   79.820556][ T6589] netlink: 28 bytes leftover after parsing attributes in process `syz.2.210'.
[   79.823837][ T6589] netlink: 28 bytes leftover after parsing attributes in process `syz.2.210'.
[   79.830489][ T6581] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[   79.835149][ T6581] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   79.840179][   T40] audit: type=1400 audit(1778622502.005:430): avc:  denied  { write } for  pid=6595 comm="syz.3.215" name="001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   79.919140][ T5737] Bluetooth: hci1: unexpected event 0x0f length: 3 < 4
[   79.931140][ T6603] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   79.934096][ T6603] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   79.948543][ T6603] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   79.967211][ T6603] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   79.971987][ T6603] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   79.976736][ T6603] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   79.985824][ T6603] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   79.988564][ T6603] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   79.995072][ T6603] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   79.999584][ T6603] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   80.002926][ T6603] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   80.025519][ T6603] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   80.055845][ T6617] CIFS mount error: No usable UNC path provided in device string!
[   80.055845][ T6617] 
[   80.059126][ T6617] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   80.096611][ T6619] netlink: 4 bytes leftover after parsing attributes in process `syz.1.222'.
[   80.126097][ T6621] nbd: socks must be embedded in a SOCK_ITEM attr
[   80.260129][ T6630] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.227'.
[   80.264879][ T6630] ocfs2: Unknown parameter 'usrquo]a'
[   80.267499][ T6630] 9pnet_fd: p9_fd_create_tcp (6630): problem binding to privport
[   80.475516][ T6644] sg_read: process 159 (syz.1.232) changed security contexts after opening file descriptor, this is not allowed.
[   80.544986][ T6650] netlink: 20 bytes leftover after parsing attributes in process `syz.1.234'.
[   80.595999][ T6652] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   80.624066][ T6652] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[   80.628469][ T6652] overlayfs: failed to look up (tracing) for ino (-66)
[   80.655748][ T6658] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.238'.
[   80.748277][ T6666] ¾x9ÿ: renamed from bridge_slave_0 (while UP)
[   81.112033][ T5737] Bluetooth: hci2: unexpected event 0x0f length: 3 < 4
[   81.182921][ T6695] IPVS: Error connecting to the multicast addr
[   81.216651][ T6712] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   81.221233][ T6712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.255'.
[   81.224739][ T6712] netlink: 48 bytes leftover after parsing attributes in process `syz.3.255'.
[   81.492628][ T6750] 9p: Could not find request transport: v
[   81.739101][ T6761] netlink: del zone limit has 4 unknown bytes
[   81.742251][ T5848] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[   81.885606][ T6771] netlink: 'syz.1.271': attribute type 1 has an invalid length.
[   81.894130][ T5848] usb 8-1: not running at top speed; connect to a high speed hub
[   81.895366][ T6771] 8021q: adding VLAN 0 to HW filter on device bond2
[   81.896607][ T5848] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2
[   81.898242][ T5848] usb 8-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40
[   81.898261][ T5848] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.898271][ T5848] usb 8-1: Product: syz
[   81.898278][ T5848] usb 8-1: Manufacturer: syz
[   81.898285][ T5848] usb 8-1: SerialNumber: syz
[   81.908227][ T6765] bond2: (slave gretap1): making interface the new active one
[   81.909469][ T6765] bond2: (slave gretap1): Enslaving as an active interface with an up link
[   81.993454][ T5737] Bluetooth: hci2: command 0x0c1a tx timeout
[   81.993499][ T5737] Bluetooth: hci0: command 0x0c1a tx timeout
[   81.993544][ T5738] Bluetooth: hci1: command 0x0c1a tx timeout
[   82.071465][ T5737] Bluetooth: hci3: command 0x040f tx timeout
[   82.114967][ T5848] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   82.117513][ T5848] usb 8-1: MIDIStreaming interface descriptor not found
[   82.136306][ T6792] cgroup: Need name or subsystem set
[   82.139403][ T6792] netlink: 'syz.0.278': attribute type 1 has an invalid length.
[   82.153574][ T6792] 8021q: adding VLAN 0 to HW filter on device bond1
[   82.156280][ T5848] usb 8-1: USB disconnect, device number 2
[   82.186808][ T6792] bond1: (slave gretap1): making interface the new active one
[   82.192556][ T6792] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   82.215384][ T5743] udevd[5743]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   82.635809][ T6835] netlink: 'syz.3.290': attribute type 3 has an invalid length.
[   82.640313][ T6835] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[   82.646687][ T6835] tipc: Started in network mode
[   82.648474][ T6835] tipc: Node identity ff020000000000000000000000000001, cluster identity 4711
[   82.651218][ T6835] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   82.691701][ T5737] Bluetooth: hci2: unexpected event 0x0f length: 3 < 4
[   82.704209][ T6843] nbd: must specify an index to disconnect
[   82.709605][ T6842] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[   82.715088][ T6842] cramfs: block size(16384) > page size(4096) not supported by filesystem
[   82.720473][ T6842] cramfs: wrong magic
[   82.973972][ T6858] ------------[ cut here ]------------
[   82.976285][ T6858] kvm_is_error_gpa(gpa) == kvm_is_error_hva(uhva)
[   82.976295][ T6858] WARNING: arch/x86/kvm/../../../virt/kvm/pfncache.c:267 at __kvm_gpc_refresh+0x1992/0x22c0, CPU#1: syz.3.298/6858
[   82.982570][ T6858] Modules linked in:
[   82.984522][ T6858] CPU: 1 UID: 0 PID: 6858 Comm: syz.3.298 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   82.989629][ T6858] Tainted: [L]=SOFTLOCKUP
[   82.991894][ T6858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   82.996361][ T6858] RIP: 0010:__kvm_gpc_refresh+0x1992/0x22c0
[   82.998947][ T6858] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 26 08 00 00 48 8b 04 24 31 db 48 8b a8 08 01 00 00 e9 cf f0 ff ff e8 4f ae 85 00 90 <0f> 0b 90 e9 92 f7 ff ff e8 41 ae 85 00 48 85 db 0f 84 e9 ed ff ff
[   83.005897][ T6858] RSP: 0018:ffffc90003a67250 EFLAGS: 00010287
[   83.008120][ T6858] RAX: 00000000000006e7 RBX: ffffffffffffffff RCX: ffffc90007ac4000
[   83.010687][ T6858] RDX: 0000000000080000 RSI: ffffffff8182f891 RDI: ffff88802b91a500
[   83.013368][ T6858] RBP: ffffffffffffff01 R08: 0000000000000000 R09: 0000000000000001
[   83.015971][ T6858] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888000000000
[   83.018766][ T6858] R13: ffff888000000001 R14: ffff888000000000 R15: ffffc90003a67468
[   83.021648][ T6858] FS:  00007f9c507926c0(0000) GS:ffff8880d6472000(0000) knlGS:0000000000000000
[   83.024774][ T6858] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   83.027144][ T6858] CR2: 000000110c2859db CR3: 000000002200f000 CR4: 0000000000352ef0
[   83.029797][ T6858] Call Trace:
[   83.030914][ T6858]  <TASK>
[   83.032158][ T6858]  ? find_held_lock+0x2b/0x80
[   83.033930][ T6858]  ? __pfx___mutex_lock+0x10/0x10
[   83.035604][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.037333][ T6858]  ? __pfx___kvm_gpc_refresh+0x10/0x10
[   83.039192][ T6858]  kvm_gpc_refresh+0xc9/0x170
[   83.040789][ T6858]  kvm_xen_set_evtchn.part.0+0x168/0x230
[   83.042790][ T6858]  ? kvm_xen_set_evtchn.part.0+0x153/0x230
[   83.044714][ T6858]  kvm_xen_hvm_evtchn_send+0x22f/0x290
[   83.046551][ T6858]  ? __pfx_kvm_xen_hvm_evtchn_send+0x10/0x10
[   83.048574][ T6858]  kvm_arch_vm_ioctl+0x13ac/0x18d0
[   83.050426][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.052230][ T6858]  ? arch_stack_walk+0xa6/0xf0
[   83.053806][ T6858]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[   83.055594][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.057278][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.058877][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.060500][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.062260][ T6858]  ? is_bpf_text_address+0x8a/0x1a0
[   83.063985][ T6858]  ? bpf_ksym_find+0x128/0x1c0
[   83.065877][ T6858]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   83.068224][ T6858]  ? is_bpf_text_address+0x94/0x1a0
[   83.069992][ T6858]  ? kernel_text_address+0x8d/0x100
[   83.071821][ T6858]  ? __pfx_widen_string+0x10/0x10
[   83.073486][ T6858]  ? __kernel_text_address+0xd/0x30
[   83.075218][ T6858]  ? unwind_get_return_address+0x59/0xa0
[   83.077108][ T6858]  ? arch_stack_walk+0xa6/0xf0
[   83.078736][ T6858]  ? tomoyo_path_number_perm+0x46d/0x580
[   83.080601][ T6858]  ? stack_trace_save+0x8e/0xc0
[   83.082292][ T6858]  ? __pfx_stack_trace_save+0x10/0x10
[   83.084053][ T6858]  ? stack_depot_save_flags+0x27/0x9d0
[   83.085877][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.087501][ T6858]  ? tomoyo_path_number_perm+0x46d/0x580
[   83.089313][ T6858]  ? kasan_save_stack+0x3f/0x50
[   83.090949][ T6858]  ? kasan_save_stack+0x30/0x50
[   83.092668][ T6858]  ? kasan_save_track+0x14/0x30
[   83.094396][ T6858]  ? kasan_save_free_info+0x3b/0x70
[   83.096066][ T6858]  kvm_vm_ioctl+0x1564/0x4050
[   83.097588][ T6858]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   83.099193][ T6858]  ? kasan_quarantine_put+0x104/0x240
[   83.100874][ T6858]  ? lockdep_hardirqs_on+0x78/0x100
[   83.102583][ T6858]  ? find_held_lock+0x2b/0x80
[   83.104083][ T6858]  ? tomoyo_path_number_perm+0x28f/0x580
[   83.105835][ T6858]  ? tomoyo_path_number_perm+0x28f/0x580
[   83.107585][ T6858]  ? tomoyo_path_number_perm+0x188/0x580
[   83.109337][ T6858]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   83.111197][ T6858]  ? futex_wake+0x1ad/0x530
[   83.113695][ T6858]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   83.115544][ T6858]  ? do_vfs_ioctl+0x226/0x13e0
[   83.117142][ T6858]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   83.118655][ T6858]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   83.120691][ T6858]  ? __fget_files+0x215/0x3d0
[   83.122583][ T6858]  ? hook_file_ioctl_common+0x149/0x410
[   83.124568][ T6858]  ? selinux_file_ioctl+0x13b/0x290
[   83.126314][ T6858]  ? selinux_file_ioctl+0xb6/0x290
[   83.127896][ T6858]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   83.129414][ T6858]  __x64_sys_ioctl+0x18e/0x210
[   83.130918][ T6858]  do_syscall_64+0x10b/0xf80
[   83.132432][ T6858]  ? clear_bhb_loop+0x40/0x90
[   83.133980][ T6858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.135851][ T6858] RIP: 0033:0x7f9c4f99ce59
[   83.137312][ T6858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   83.143319][ T6858] RSP: 002b:00007f9c50792028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.145917][ T6858] RAX: ffffffffffffffda RBX: 00007f9c4fc15fa0 RCX: 00007f9c4f99ce59
[   83.148445][ T6858] RDX: 0000200000000400 RSI: 00000000400caed0 RDI: 0000000000000006
[   83.150993][ T6858] RBP: 00007f9c4fa32d6f R08: 0000000000000000 R09: 0000000000000000
[   83.153531][ T6858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.156072][ T6858] R13: 00007f9c4fc16038 R14: 00007f9c4fc15fa0 R15: 00007ffef2158cd8
[   83.158639][ T6858]  </TASK>
[   83.159646][ T6858] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   83.161954][ T6858] CPU: 1 UID: 0 PID: 6858 Comm: syz.3.298 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   83.165286][ T6858] Tainted: [L]=SOFTLOCKUP
[   83.166664][ T6858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   83.169952][ T6858] Call Trace:
[   83.171031][ T6858]  <TASK>
[   83.171984][ T6858]  dump_stack_lvl+0x100/0x190
[   83.173568][ T6858]  vpanic+0x552/0x970
[   83.174851][ T6858]  ? __pfx_vpanic+0x10/0x10
[   83.176304][ T6858]  panic+0xd1/0xe0
[   83.177528][ T6858]  ? __pfx_panic+0x10/0x10
[   83.178952][ T6858]  check_panic_on_warn.cold+0x19/0x34
[   83.180868][ T6858]  ? __kvm_gpc_refresh+0x1992/0x22c0
[   83.182529][ T6858]  __warn.cold+0x191/0x328
[   83.183969][ T6858]  __report_bug+0x296/0x3d0
[   83.185457][ T6858]  ? __kvm_gpc_refresh+0x1992/0x22c0
[   83.187156][ T6858]  ? __pfx___report_bug+0x10/0x10
[   83.188782][ T6858]  ? lockdep_hardirqs_on+0x78/0x100
[   83.190478][ T6858]  ? irqentry_exit+0x24d/0x7e0
[   83.191968][ T6858]  ? __kvm_gpc_refresh+0x1992/0x22c0
[   83.193682][ T6858]  ? __kvm_gpc_refresh+0x1992/0x22c0
[   83.195373][ T6858]  report_bug+0xb2/0x220
[   83.196814][ T6858]  ? __kvm_gpc_refresh+0x1992/0x22c0
[   83.198650][ T6858]  handle_bug+0x16a/0x2a0
[   83.200055][ T6858]  exc_invalid_op+0x17/0x50
[   83.201671][ T6858]  asm_exc_invalid_op+0x1a/0x20
[   83.203286][ T6858] RIP: 0010:__kvm_gpc_refresh+0x1992/0x22c0
[   83.205191][ T6858] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 26 08 00 00 48 8b 04 24 31 db 48 8b a8 08 01 00 00 e9 cf f0 ff ff e8 4f ae 85 00 90 <0f> 0b 90 e9 92 f7 ff ff e8 41 ae 85 00 48 85 db 0f 84 e9 ed ff ff
[   83.211344][ T6858] RSP: 0018:ffffc90003a67250 EFLAGS: 00010287
[   83.213443][ T6858] RAX: 00000000000006e7 RBX: ffffffffffffffff RCX: ffffc90007ac4000
[   83.216037][ T6858] RDX: 0000000000080000 RSI: ffffffff8182f891 RDI: ffff88802b91a500
[   83.218608][ T6858] RBP: ffffffffffffff01 R08: 0000000000000000 R09: 0000000000000001
[   83.221137][ T6858] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888000000000
[   83.223684][ T6858] R13: ffff888000000001 R14: ffff888000000000 R15: ffffc90003a67468
[   83.226895][ T6858]  ? __kvm_gpc_refresh+0x1991/0x22c0
[   83.229220][ T6858]  ? find_held_lock+0x2b/0x80
[   83.231289][ T6858]  ? __pfx___mutex_lock+0x10/0x10
[   83.233477][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.235583][ T6858]  ? __pfx___kvm_gpc_refresh+0x10/0x10
[   83.237930][ T6858]  kvm_gpc_refresh+0xc9/0x170
[   83.239950][ T6858]  kvm_xen_set_evtchn.part.0+0x168/0x230
[   83.242078][ T6858]  ? kvm_xen_set_evtchn.part.0+0x153/0x230
[   83.243972][ T6858]  kvm_xen_hvm_evtchn_send+0x22f/0x290
[   83.246131][ T6858]  ? __pfx_kvm_xen_hvm_evtchn_send+0x10/0x10
[   83.248787][ T6858]  kvm_arch_vm_ioctl+0x13ac/0x18d0
[   83.251014][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.253158][ T6858]  ? arch_stack_walk+0xa6/0xf0
[   83.255227][ T6858]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[   83.257591][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.259723][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.261906][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.264041][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.266214][ T6858]  ? is_bpf_text_address+0x8a/0x1a0
[   83.268439][ T6858]  ? bpf_ksym_find+0x128/0x1c0
[   83.270489][ T6858]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   83.273131][ T6858]  ? is_bpf_text_address+0x94/0x1a0
[   83.275277][ T6858]  ? kernel_text_address+0x8d/0x100
[   83.277527][ T6858]  ? __pfx_widen_string+0x10/0x10
[   83.279705][ T6858]  ? __kernel_text_address+0xd/0x30
[   83.281978][ T6858]  ? unwind_get_return_address+0x59/0xa0
[   83.284386][ T6858]  ? arch_stack_walk+0xa6/0xf0
[   83.286470][ T6858]  ? tomoyo_path_number_perm+0x46d/0x580
[   83.288923][ T6858]  ? stack_trace_save+0x8e/0xc0
[   83.291076][ T6858]  ? __pfx_stack_trace_save+0x10/0x10
[   83.293379][ T6858]  ? stack_depot_save_flags+0x27/0x9d0
[   83.295469][ T6858]  ? __lock_acquire+0x4a5/0x2630
[   83.297627][ T6858]  ? tomoyo_path_number_perm+0x46d/0x580
[   83.300043][ T6858]  ? kasan_save_stack+0x3f/0x50
[   83.302158][ T6858]  ? kasan_save_stack+0x30/0x50
[   83.304323][ T6858]  ? kasan_save_track+0x14/0x30
[   83.306445][ T6858]  ? kasan_save_free_info+0x3b/0x70
[   83.308699][ T6858]  kvm_vm_ioctl+0x1564/0x4050
[   83.310698][ T6858]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   83.312362][ T6858]  ? kasan_quarantine_put+0x104/0x240
[   83.314244][ T6858]  ? lockdep_hardirqs_on+0x78/0x100
[   83.316484][ T6858]  ? find_held_lock+0x2b/0x80
[   83.318496][ T6858]  ? tomoyo_path_number_perm+0x28f/0x580
[   83.320912][ T6858]  ? tomoyo_path_number_perm+0x28f/0x580
[   83.323245][ T6858]  ? tomoyo_path_number_perm+0x188/0x580
[   83.325507][ T6858]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   83.327936][ T6858]  ? futex_wake+0x1ad/0x530
[   83.329923][ T6858]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   83.332472][ T6858]  ? do_vfs_ioctl+0x226/0x13e0
[   83.334562][ T6858]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   83.336715][ T6858]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   83.339660][ T6858]  ? __fget_files+0x215/0x3d0
[   83.341669][ T6858]  ? hook_file_ioctl_common+0x149/0x410
[   83.344032][ T6858]  ? selinux_file_ioctl+0x13b/0x290
[   83.346332][ T6858]  ? selinux_file_ioctl+0xb6/0x290
[   83.348533][ T6858]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   83.350721][ T6858]  __x64_sys_ioctl+0x18e/0x210
[   83.352757][ T6858]  do_syscall_64+0x10b/0xf80
[   83.354728][ T6858]  ? clear_bhb_loop+0x40/0x90
[   83.356754][ T6858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.358865][ T6858] RIP: 0033:0x7f9c4f99ce59
[   83.360347][ T6858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   83.367563][ T6858] RSP: 002b:00007f9c50792028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.370277][ T6858] RAX: ffffffffffffffda RBX: 00007f9c4fc15fa0 RCX: 00007f9c4f99ce59
[   83.372773][ T6858] RDX: 0000200000000400 RSI: 00000000400caed0 RDI: 0000000000000006
[   83.375253][ T6858] RBP: 00007f9c4fa32d6f R08: 0000000000000000 R09: 0000000000000000
[   83.377638][ T6858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.379832][ T6858] R13: 00007f9c4fc16038 R14: 00007f9c4fc15fa0 R15: 00007ffef2158cd8
[   83.382331][ T6858]  </TASK>
[   83.384020][ T6858] Kernel Offset: disabled
[   83.385422][ T6858] Rebooting in 86400 seconds..