last executing test programs:

16.298089767s ago: executing program 0 (id=1801):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r1 = socket$tipc(0x1e, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socket$inet_tcp(0x2, 0x1, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x20010, 0xffffffffffffffff, 0x200000)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x5)
r5 = dup(r4)
ioctl$SIOCSIFHWADDR(r5, 0x8926, &(0x7f0000002640)={'team_slave_0\x00', @random="76f64c34b99d"})
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x41}, 0x3}}, 0x10)
listen(r1, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
accept4(0xffffffffffffffff, &(0x7f0000000180)=@xdp, &(0x7f0000000140)=0x80, 0x80000)
connect$bt_rfcomm(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x9}, 0xa)

13.189213583s ago: executing program 0 (id=1810):
syz_io_uring_setup(0x49c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x72, 0xa, 0x0, 0xffc4, 0x1, 0x71, 0x10, 0x97}}, &(0x7f0000000480)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000000))
r2 = socket(0xa, 0x3, 0x3a)
r3 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x1}, 0x1c)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x4, @empty, 0x101}, 0x1c)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty, 0x40}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4]}}, 0x5c)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000000)=0x10fc4c16dadd9937, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x15031, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, 0x0, 0x40008)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYRES64=r1], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r5}, 0x10)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
io_setup(0x7be, &(0x7f0000001380))

11.794070552s ago: executing program 2 (id=1812):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
r2 = syz_open_dev$vim2m(0x0, 0x4, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000040)={0xb, 0x1, 0x2, "f819ebf45608e255b61c5deb3eb574d486d27e0600000000040000000006f100"})
close(r1)
socket$igmp(0x2, 0x3, 0x2)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\b\x00\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x20002004)
ioctl$SIOCSIFHWADDR(r1, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
ioctl$SIOCSIFHWADDR(r1, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@allocspi={0xf8, 0x16, 0x1, 0x70bd27, 0x0, {{{@in6=@mcast1, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x80, 0xa0}, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, 0x0, 0x33}, @in6=@empty, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff1, 0x3}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x796}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x1a0b1}}, 0xf8}}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x14, 0x0, &(0x7f0000000040)=[@increfs_done={0x40106308, 0x2}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x18, 0x0, &(0x7f0000000100)=[@release={0x40046306, 0x2}, @request_death={0x400c630e, 0x2}], 0xb, 0x0, &(0x7f00000001c0)="08edca0614105cfa58380e"})
socket$inet_smc(0x2b, 0x1, 0x0)

11.716931167s ago: executing program 4 (id=1813):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d", 0x13)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0x7fff, 0x1}, 0x6)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffec0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
fcntl$notify(r4, 0x402, 0x6)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, 0x0, 0x0)

10.636426113s ago: executing program 0 (id=1814):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x64040, 0xd0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb, 0x7ff, 0x8, 0x0, 0x3}, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c07, 0x6, 0x0, 0x100000})
epoll_create(0x101)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x18557f, 0x0)
socket$inet(0x2, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f00000005c0)={0x1, 0x0, [{0xd, 0x1, 0x7, 0x100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = gettid()
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001a140100000000000000000008000300000000000800", @ANYRES8=r7], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
socket$nl_netfilter(0x10, 0x3, 0xc)

10.426189399s ago: executing program 1 (id=1816):
accept4$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @local}, 0x0, 0x800)
r0 = socket$kcm(0x10, 0x2, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x446102)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(0xffffffffffffffff, 0x40045402, &(0x7f0000000140)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/anycast6\x00')
r5 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$IMADDTIMER(r5, 0x80044940, &(0x7f0000000380)=0x14)
ioctl$IMADDTIMER(r5, 0x80044940, &(0x7f00000000c0)=0x32)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000001800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x5, 0x10, &(0x7f0000000480)=ANY=[@ANYRESHEX=r4, @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000800000085000000aa00000095"], 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
read$msr(r6, &(0x7f0000002000)=""/102400, 0x19000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000f20000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000040a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)

10.4229491s ago: executing program 2 (id=1817):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)
bind$alg(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r5 = timerfd_create(0x0, 0x0)
r6 = syz_io_uring_setup(0x58f7, 0x0, &(0x7f0000000180), &(0x7f0000000240))
timerfd_settime(r5, 0x3, &(0x7f0000000840)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
io_uring_enter(r6, 0x1f82, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000cfc000/0x2000)=nil, 0x2000, 0x17)
accept4(r3, 0x0, 0x0, 0x80800)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)

9.526105827s ago: executing program 1 (id=1819):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
r3 = epoll_create(0x2)
setfsgid(0xee00)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
pread64(r5, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x3000200a})
sendto$inet6(r1, &(0x7f00000004c0)="4747135f6fc2e0d41231cb53d9200128da8c2299af14b35b05219d463b6bc7b36d9626a6ff517591f014fb5fee2cd82055aa05a8cf03ef2635ba467a92ac0cbf3dafaffff6008ae6dd78da314d7ec7c3f89a91afc0dd4abfeb5270f4198e5d310ccdae130cccd7314b0065121c375d81ccc78032a86ff9514531e98fbe151254d48a85e2fc5703d1a3bd7328d1bb4a17ef1177a31518c1229a1077cb96f3df95e27f5fc4882b5fb39ad7b9c1201b08513d02dede7eed54511ed663faba48a329490854d2a4ec9db6b96c4e5c7afb9d8236b4a7eb91d3f28b6cdf348c5e344b2076bedc8f3685ede7e260d96fb46bd0f3fc604fdb", 0xf4, 0x408a1, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
syz_io_uring_setup(0x110, 0x0, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x80000)
fstat(r2, 0x0)

9.50004043s ago: executing program 4 (id=1820):
socket$key(0xf, 0x3, 0x2)
r0 = socket$kcm(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x6000000)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000240), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000100))
r6 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r6, 0x80045017, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'})

7.893936325s ago: executing program 4 (id=1822):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
socket$l2tp6(0xa, 0x2, 0x73)
clock_adjtime(0x0, &(0x7f0000000100)={0x362, 0x7, 0x0, 0x8000000000000001, 0x48c, 0x5, 0xd, 0x424, 0x2, 0xffffffffffffffff, 0xf423f, 0xfffffffffffffff9, 0x7, 0x2, 0x1000000081, 0x5, 0x2, 0x6, 0x2, 0x9220000000000000, 0x3, 0x1, 0x80000001, 0x0, 0x5, 0x7})
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
mmap(&(0x7f00002c6000/0x1000)=nil, 0x1000, 0x1000002, 0x13, r2, 0x20000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r3, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0)
remap_file_pages(&(0x7f0000799000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x40000)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r5, &(0x7f0000000280), 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r5, 0x65, 0x2, &(0x7f0000000080)=0x8, 0x4)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x2c, r4, 0x200, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x44000)
syz_open_dev$video(0x0, 0x8, 0x0)

7.380535254s ago: executing program 2 (id=1823):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x101}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001bc0)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff3, 0x8}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x20044000)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ipvlan1\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="6c0000001000390400"/20, @ANYRES32=r5, @ANYRES64=<r6=>r0], 0x6c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
timer_create(0x9, 0x0, &(0x7f0000bbdffc))
sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001e00010a00000000000000a42d"], 0x14}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000240))
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r11 = dup3(r10, r9, 0x0)
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r12, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r12, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f0000002800)={0x44, 0x0, &(0x7f0000002680)=[@transaction={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x1500, 0x0})
bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @empty, 0x7}, 0x1c)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB="101300002d00090036bd70000100000004000000cb011180c708605d8a0c9549f671af21be3edd7313f3b3cefa172a8aae2f295cc72b60b2", @ANYRES8=r6], 0x1310}, 0x1, 0x0, 0x0, 0x20000004}, 0x84)
socket$packet(0x11, 0x3, 0x300)

6.315395287s ago: executing program 0 (id=1825):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket(0x1, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000180), &(0x7f00000000c0)=@udp6=r2, 0x1}, 0x20)
bind$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000001580)=[{{&(0x7f0000000180)=@generic, 0x80, 0x0, 0x0, &(0x7f0000000900)=""/114, 0x72}, 0x3}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000980)=""/177, 0xb1}, {&(0x7f0000000a40)=""/209, 0xd1}, {&(0x7f0000000cc0)=""/253, 0xfd}, {&(0x7f0000000dc0)=""/111, 0x6f}, {&(0x7f00000016c0)=""/4096, 0x1000}, {&(0x7f0000000e40)=""/168, 0xa8}], 0x6}, 0xd0000}, {{&(0x7f0000000f80)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000001000)=""/185, 0xb9}, {&(0x7f00000010c0)=""/233, 0xe9}, {&(0x7f00000011c0)=""/191, 0xbf}], 0x3, &(0x7f0000001280)=""/210, 0xd2}, 0x7}, {{&(0x7f0000001380)=@l2tp6={0xa, 0x0, 0x0, @empty}, 0x80, &(0x7f0000000240)=[{&(0x7f0000001400)=""/174, 0xae}, {&(0x7f00000014c0)=""/86, 0x56}], 0x2, &(0x7f0000001540)=""/16, 0x10}, 0x170}], 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r4 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r5 = openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff)
close(r5)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
r6 = openat$binfmt(0xffffffffffffff9c, r4, 0x2, 0x0)
close(r6)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, r4, &(0x7f00000004c0)={[&(0x7f0000000000)='\x00', &(0x7f00000003c0)=')!}\x00']}, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sync_file_range(r0, 0xffffffffffffa525, 0x7, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r8, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

6.314467774s ago: executing program 2 (id=1826):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect(r0, &(0x7f0000000280)=@hci={0x1f, 0x2, 0x3}, 0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000ddffff94"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getxattr(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', '/dev/rfkill\x00'}, &(0x7f0000000440)=""/95, 0xfffffffffffffd4b)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r4, 0x1, 0x70bd28, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockname$inet(r5, 0x0, &(0x7f0000000080))
r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r6, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)

5.802807209s ago: executing program 1 (id=1827):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
socket$l2tp6(0xa, 0x2, 0x73)
clock_adjtime(0x0, &(0x7f0000000100)={0x362, 0x7, 0x0, 0x8000000000000001, 0x48c, 0x5, 0xd, 0x424, 0x2, 0xffffffffffffffff, 0xf423f, 0xfffffffffffffff9, 0x7, 0x2, 0x1000000081, 0x5, 0x2, 0x6, 0x2, 0x9220000000000000, 0x3, 0x1, 0x80000001, 0x0, 0x5, 0x7})
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
mmap(&(0x7f00002c6000/0x1000)=nil, 0x1000, 0x1000002, 0x13, r2, 0x20000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r3, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0)
remap_file_pages(&(0x7f0000799000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x40000)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r5, &(0x7f0000000280), 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r5, 0x65, 0x2, &(0x7f0000000080)=0x8, 0x4)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x2c, r4, 0x200, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x44000)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)

5.029968804s ago: executing program 4 (id=1828):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000300000000000000000000027000000222f00002500feff040000009d00000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x78)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x0, 0x0, 0x0, 0x90}]}}, &(0x7f0000000040)=""/193, 0x26, 0xc1, 0x1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001300)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e640500000000007502faff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000032000000b70000000000002995000000000000001da5ad3548ebb63d18db6a1c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6d5b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa387a8077927a1ad367c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f20002b35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8c367d1bfd1aea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82dc568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000000000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac6f09c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccf5e882602897a85bf8523d891080593d831d758deb4f2c7e49c6d6b35d8fd92601c8500febb0c5fe0be294bf6bbbecad444695277a9e3992a354492513b43091d161c7c7cdbbe44e8e83b4cf333238a52f214b278c6485236ea880db2f113f6381187679a4620d6149808b0af024b3b3e6ba99b4b15ca"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x143}, 0x48)
mount$tmpfs(0x0, &(0x7f0000001880)='.\x00', &(0x7f00000018c0), 0x1, &(0x7f0000000040)={[{@nr_blocks={'nr_blocks', 0x3d, [0x6d]}}, {@nr_inodes={'nr_inodes', 0x3d, [0x37]}}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000f00)=ANY=[@ANYBLOB="18000000200000000000000000000000850000009d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xf, 0x7ff, 0x7, 0x7, 0x1, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x5}, 0x50)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r3, r4}, 0xc)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0xa140)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r5, 0xc0a85352, &(0x7f0000000340)={{0x2, 0xc0}, 'port0\x00', 0xc, 0x20000, 0x6, 0x816, 0x60, 0x983, 0x5, 0x0, 0x3, 0x4})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000003000000050000000200000c020000000000000000000000000000000c0000000094be0773000000005f00"], &(0x7f0000000500)=""/210, 0x3f, 0xd2, 0x2, 0x2}, 0x28)
fanotify_init(0xf00, 0x0)
r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x6d6b, 0x480)
ioctl$VIDIOC_QUERYMENU(r6, 0xc008561c, &(0x7f0000000000)={0x980900, 0x81, @value=0x327})
openat$null(0xffffffffffffff9c, 0x0, 0x6040, 0x0)
getpid()
socket$nl_route(0x10, 0x3, 0x0)

4.089428818s ago: executing program 4 (id=1830):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f00000004c0)={0x0, 0xfffc, &(0x7f0000000480)={&(0x7f0000000200)=ANY=[@ANYBLOB="ec000000210001002dbd7000fedbdf25fe880000000000000000000000000101ac1414bb0000000000000000000000004e240002000700010a0080a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="af6b6e00010000009c0011001901010000000000000000000000000020010000000000000000000000000001ac14143e0000000000c8b10000000000ac1414bb00000000000000000000000032fcff00073500000a00020000000000000000000000020000000000ac1e01010000000000000000000000000a010102000000000000000000000000fe80000000000000000000000000002f33"], 0xec}}, 0x20000000)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, 0x0, &(0x7f0000000080))
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYBLOB="7fff0000000000002800128009000100766c61", @ANYRES32], 0x50}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001880)=ANY=[@ANYBLOB="500000001000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000004000008000500", @ANYRES32=r10], 0x50}}, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00'})

4.047118961s ago: executing program 3 (id=1831):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$read(0xb, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/pid\x00')
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup(0xffffffffffffffff)
syz_open_procfs(0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, 0x0)
syz_emit_ethernet(0x1d9, &(0x7f00000004c0)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}, @remote, @val={@void, {0x8100, 0x2, 0x0, 0x3}}, {@mpls_mc={0x8848, {[], @ipv4=@gre={{0x1a, 0x4, 0x1, 0x3b, 0x1c7, 0x65, 0x0, 0x5, 0x2f, 0x0, @empty, @private=0xa010100, {[@rr={0x7, 0x7, 0x74, [@local]}, @cipso={0x86, 0x46, 0x0, [{0x7, 0xf, "2a5ee681784acc017c4201fb7f"}, {0x0, 0xb, "26dfdea150feafb8db"}, {0x6, 0x2}, {0x2, 0x3, "c7"}, {0x7, 0xc, "b67c4a77563851051d9e"}, {0x0, 0xf, "4af14c80cd9f8029855016dd6a"}, {0x5, 0x6, "a019e8f1"}]}, @ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x95, 0x3, [], "d3ea43c41e441c00207302eb92dce92e5ee71cbcfe2cd09c9d187973bc0f4c8931b211fc7c6ac9a3d290a347ff0ab047c6712b2a83d88f5c2c014ef02ef1d861c8e922ff5e7ff86020c6c68abcea7042bd0ddb51a389e4cfbaa7c516324c87f0800681572eecbcc732e9053715f5eb09764adf3e55183457caa65b975a8671769c99e92e53f3421dadb600f19dcbf6c47ea185a429"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [0xbec, 0x7f], "a53ca95850e635a83992dc36c27a867dfd14fb1faffde4"}, {0x1, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x2, {{0x4, 0x1, 0xfe, 0x0, 0x0, 0x1, 0x6, 0x6}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x1, {{0x4, 0x2, 0x94, 0x1, 0x0, 0x2, 0x5, 0x9}, 0x2, {0xffff, 0x80, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1}}}, {0x8, 0x6558, 0x4, "e45a166f2573771f486ee2b8e1ed8c51dd6a5723b86e697a0f30a7cafdf8fcead9581a27eaaae816beb938bcd10e8d5e669b34f4e0ce5ccd73e3ddd51a5f1ea6a2cf9d952e8753837cbc8b97d0ef4185de85e6696243cb6c23d689ed02eb0b0018711220cd656a90539f22"}}}}}}}, 0x0)
r1 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
mq_timedreceive(r1, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

3.271172479s ago: executing program 3 (id=1832):
syz_open_dev$video(&(0x7f0000000040), 0x9, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001b00)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x4000)
r2 = socket$kcm(0x2, 0x2, 0x73)
socket(0x10, 0x803, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000001c0), r3)
sendmsg$NLBL_CALIPSO_C_ADD(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000b80)=ANY=[@ANYBLOB="24000004", @ANYRES16=r4, @ANYBLOB="2b0000000000000000000100000008000200020000000800010000000000"], 0x24}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x1f00, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef437000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)
sendmsg$inet(r2, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000340)}, 0x900000000040195)
finit_module(0xffffffffffffffff, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x1002, 0x0)
creat(0x0, 0x0)
open(0x0, 0x2002, 0x100)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x8400, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x200040, 0x0, 0x0, 0x0, 0xc49, 0x0, 0x0, 0x0, 0x1}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, 0x0, 0xa4c81, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000d0000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080003400000000c2c0000000b0a01010000000000000000070000000900020073797a31000000000900010073797a30"], 0xc0}}, 0x0)

2.771855018s ago: executing program 4 (id=1833):
r0 = socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x20d00, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000440)=@abs, 0x6e)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
exit(0x9)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
unshare(0x2c020400)
syz_io_uring_setup(0x15f5, &(0x7f0000000380)={0x0, 0x6485, 0x8, 0x0, 0x28, 0x0, r3}, &(0x7f0000000280)=<r4=>0x0, &(0x7f0000000240)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, 0x0)
fsopen(&(0x7f0000000000)='ocfs2\x00', 0x1)
sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f0000000400)=0x7)
openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8e1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)

2.643671808s ago: executing program 2 (id=1834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xfffffe83}, {0x0}], 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)
bind$alg(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r5 = timerfd_create(0x0, 0x0)
r6 = syz_io_uring_setup(0x58f7, 0x0, &(0x7f0000000180), &(0x7f0000000240))
timerfd_settime(r5, 0x3, &(0x7f0000000840)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
io_uring_enter(r6, 0x1f82, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000cfc000/0x2000)=nil, 0x2000, 0x17)
accept4(r3, 0x0, 0x0, 0x80800)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)

2.618826077s ago: executing program 3 (id=1835):
socket$key(0xf, 0x3, 0x2)
r0 = socket$kcm(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x6000000)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000240), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000100))
r6 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r6, 0x80045017, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
r8 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r8, 0xc0884113, &(0x7f0000000240)={0x1, 0x0, 0x200, 0xfffe, 0x2, 0x8, 0x200000000000002f, 0x200, 0x1, 0x2c, 0xffffffff, 0x2})
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r7, 0xc06c4124, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00'})

2.596694979s ago: executing program 1 (id=1836):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xfffffe83}, {0x0}], 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x2)
bind$alg(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r6 = timerfd_create(0x0, 0x0)
r7 = syz_io_uring_setup(0x58f7, 0x0, &(0x7f0000000180), &(0x7f0000000240))
timerfd_settime(r6, 0x3, &(0x7f0000000840)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
io_uring_enter(r7, 0x1f82, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
accept4(r3, 0x0, 0x0, 0x80800)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)

2.560310214s ago: executing program 0 (id=1837):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
bind$can_j1939(r2, 0x0, 0x0)
r3 = epoll_create(0x2)
setfsgid(0xee00)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
pread64(r5, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080)={0x3000200a})
sendto$inet6(r1, &(0x7f00000004c0)="4747135f6fc2e0d41231cb53d9200128da8c2299af14b35b05219d463b6bc7b36d9626a6ff517591f014fb5fee2cd82055aa05a8cf03ef2635ba467a92ac0cbf3dafaffff6008ae6dd78da314d7ec7c3f89a91afc0dd4abfeb5270f4198e5d310ccdae130cccd7314b0065121c375d81ccc78032a86ff9514531e98fbe151254d48a85e2fc5703d1a3bd7328d1bb4a17ef1177a31518c1229a1077cb96f3df95e27f5fc4882b5fb39ad7b9c1201b08513d02dede7eed54511ed663faba48a329490854d2a4ec9db6b96c4e5c7afb9d8236b4a7eb91d3f28b6cdf348c5e344b2076bedc8f3685ede7e260d96fb46bd0f3fc604fdb", 0xf4, 0x408a1, 0x0, 0x0)
sendmsg$nl_xfrm(r2, 0x0, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
syz_io_uring_setup(0x110, 0x0, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
accept4$nfc_llcp(r2, &(0x7f0000000380), 0x0, 0x80000)
fstat(0xffffffffffffffff, 0x0)

1.436791696s ago: executing program 3 (id=1838):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x101}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001bc0)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff3, 0x8}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x20044000)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ipvlan1\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="6c0000001000390400"/20, @ANYRES32=r5, @ANYRES64=r0], 0x6c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
timer_create(0x9, 0x0, &(0x7f0000bbdffc))
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001e00010a00000000000000a42d"], 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000240))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r8 = dup3(0xffffffffffffffff, r7, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r9, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000002800)={0x44, 0x0, &(0x7f0000002680)=[@transaction={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x1500, 0x0})
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @empty, 0x7}, 0x1c)
socket$packet(0x11, 0x3, 0x300)

1.13043785s ago: executing program 2 (id=1839):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000016000000b70300000000fff48500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
r8 = fcntl$dupfd(r6, 0x406, r6)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, 0x0)
ioctl$MON_IOCQ_URB_LEN(r7, 0x9201)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x0, 0x3, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_devices(r9, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018"], &(0x7f00000001c0)=""/257, 0x2a, 0x101, 0x6}, 0x28)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
bind$rose(r0, &(0x7f0000000040)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x40)

966.547742ms ago: executing program 3 (id=1840):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000040)="1002d7d957c9dc8dda937c7b61567297207adb3029e20544ec044c2fbb6bf865c9331165cb94d9fcb78cb57f9b40b11393c0030046c2e390f91dbd9ddf7accf1295f9abfb2b534ba", 0x0, 0x48)
r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001640), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x800000000000002, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r6, 0x29, 0x44, 0x0, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r6, 0x29, 0x41, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
sendmsg$nl_xfrm(r5, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003580), 0x0, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000340)='fd\x00')
getdents64(r7, &(0x7f0000001f00)=""/4111, 0x100f)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r8, 0x0, 0xa86, 0x0)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0585611, &(0x7f0000001680)={0x0, 0x9, 0x0, "d8ef5d46bab9d328096ff00a9956801adfee37d04bd2a343af577962d8428ccd", 0x38303553})

921.917361ms ago: executing program 1 (id=1841):
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0681000000ba8b0ad775b31b", 0xe, 0xfffffffffffffffc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000300)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$evdev(&(0x7f0000000240), 0x1ff, 0x20480)
ioctl$EVIOCSABS20(r4, 0x401845e0, &(0x7f00000003c0)={0x70569d2d, 0x4, 0x3, 0x8, 0x1, 0x144})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000100)={0x4, <r8=>r6})
ioctl$DMA_BUF_SET_NAME_A(r8, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r8, 0xc0086202, &(0x7f0000000080)=0x2)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20000800}, 0x41)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r1)
setsockopt$EBT_SO_SET_COUNTERS(r8, 0x0, 0x81, 0x0, 0x0)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r9, 0x8, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40840}, 0x1)
syz_emit_ethernet(0x9e, &(0x7f0000000300)={@local, @random="4fe815cb37e6", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x1, 0x0, '\x00'/100}}}}}}, 0x0)

126.461049ms ago: executing program 0 (id=1842):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$read(0xb, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/pid\x00')
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup(0xffffffffffffffff)
syz_open_procfs(0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, 0x0)
syz_emit_ethernet(0x1c9, &(0x7f00000004c0)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}, @remote, @val={@void, {0x8100, 0x2, 0x0, 0x3}}, {@mpls_mc={0x8848, {[], @ipv4=@gre={{0x16, 0x4, 0x1, 0x3b, 0x1b7, 0x65, 0x0, 0x5, 0x2f, 0x0, @empty, @private=0xa010100, {[@rr={0x7, 0x7, 0x74, [@local]}, @cipso={0x86, 0x38, 0x0, [{0x0, 0xc, "26dfdea150feafb8db3e"}, {0x6, 0x2}, {0x2, 0x3, "c7"}, {0x7, 0xc, "b67c4a77563851051d9e"}, {0x0, 0xf, "4af14c80cd9f8029855016dd6a"}, {0x5, 0x6, "a019e8f1"}]}, @ra={0x94, 0x4}]}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x95, 0x3, [], "d3ea43c41e441c00207302eb92dce92e5ee71cbcfe2cd09c9d187973bc0f4c8931b211fc7c6ac9a3d290a347ff0ab047c6712b2a83d88f5c2c014ef02ef1d861c8e922ff5e7ff86020c6c68abcea7042bd0ddb51a389e4cfbaa7c516324c87f0800681572eecbcc732e9053715f5eb09764adf3e55183457caa65b975a8671769c99e92e53f3421dadb600f19dcbf6c47ea185a429"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [0xbec, 0x7f], "a53ca95850e635a83992dc36c27a867dfd14fb1faffde4"}, {0x1, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x2, {{0x4, 0x1, 0xfe, 0x0, 0x0, 0x1, 0x6, 0x6}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x1, {{0x4, 0x2, 0x94, 0x1, 0x0, 0x2, 0x5, 0x9}, 0x2, {0xffff, 0x80, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1}}}, {0x8, 0x6558, 0x4, "e45a166f2573771f486ee2b8e1ed8c51dd6a5723b86e697a0f30a7cafdf8fcead9581a27eaaae816beb938bcd10e8d5e669b34f4e0ce5ccd73e3ddd51a5f1ea6a2cf9d952e8753837cbc8b97d0ef4185de85e6696243cb6c23d689ed02eb0b0018711220cd656a90539f22"}}}}}}}, 0x0)
r1 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
mq_timedreceive(r1, &(0x7f0000000880)=""/202, 0x8f, 0x200000000004, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

93.920059ms ago: executing program 1 (id=1843):
socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x1c8, 0x12)
dup(0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r4, 0x0, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e24, 0x0, @loopback, 0x7}, 0x1c)
fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000180)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0xffffffff85000014, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r5, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents(r7, 0x0, 0x18)

0s ago: executing program 3 (id=1844):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcf)
setsockopt$ax25_int(r3, 0x101, 0x1, &(0x7f0000000700)=0xcf7, 0x4)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000200)={0xeeef0000, 0x100000})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x8, 0x8, 0x0, 0x3}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r8, 0x8982, &(0x7f0000000000)={0x7, 'vlan0\x00', {0x7}, 0x6})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x4, &(0x7f0000000040)=[{0x1, 0x3, 0x5, 0x4}, {0x8, 0x9, 0x15, 0x1}, {0x0, 0x0, 0x6, 0x1001}, {0xd7d, 0x9, 0xff, 0x92c}]})
socket$can_j1939(0x1d, 0x2, 0x7)

kernel console output (not intermixed with test programs):

"syz.3.1103" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  661.134939][T11087] 9pnet_fd: Insufficient options for proto=fd
[  661.154202][T11087] lo speed is unknown, defaulting to 1000
[  661.160439][T11087] lo speed is unknown, defaulting to 1000
[  661.173658][T11087] lo speed is unknown, defaulting to 1000
[  661.198762][T11087] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  661.248704][T11087] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  661.461466][T11087] lo speed is unknown, defaulting to 1000
[  661.468154][T11087] lo speed is unknown, defaulting to 1000
[  661.474569][T11087] lo speed is unknown, defaulting to 1000
[  661.481106][T11087] lo speed is unknown, defaulting to 1000
[  661.487577][T11087] lo speed is unknown, defaulting to 1000
[  661.493985][T11087] lo speed is unknown, defaulting to 1000
[  661.548298][   T30] audit: type=1400 audit(2000000257.703:1741): avc:  denied  { create } for  pid=11082 comm="syz.1.1104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  661.666984][   T30] audit: type=1400 audit(2000000257.713:1742): avc:  denied  { ioctl } for  pid=11082 comm="syz.1.1104" path="socket:[28219]" dev="sockfs" ino=28219 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  661.806006][T11089] xt_TCPMSS: Only works on TCP SYN packets
[  663.389577][T11113] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1110'.
[  663.743283][T11113] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  663.752307][T11113] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  663.761052][T11113] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  663.769751][T11113] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  664.281026][   T30] audit: type=1400 audit(2000000260.543:1743): avc:  denied  { recv } for  pid=11116 comm="syz.2.1112" saddr=10.128.0.169 src=37958 daddr=10.128.0.146 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  664.629694][T11113] vxlan0: entered promiscuous mode
[  664.787724][   T30] audit: type=1400 audit(2000000261.393:1744): avc:  denied  { setopt } for  pid=11121 comm="syz.2.1113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  665.770677][   T30] audit: type=1400 audit(2000000261.393:1745): avc:  denied  { connect } for  pid=11121 comm="syz.2.1113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  666.009090][T11137] netlink: 'syz.4.1114': attribute type 10 has an invalid length.
[  666.017229][T11137] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.024500][T11137] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.045489][T11137] trusted_key: encrypted_key: insufficient parameters specified
[  666.055152][   T30] audit: type=1400 audit(2000000262.613:1746): avc:  denied  { write } for  pid=11133 comm="syz.4.1114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  666.428960][T11144] xt_TCPMSS: Only works on TCP SYN packets
[  667.037761][   T30] audit: type=1400 audit(2000000263.643:1747): avc:  denied  { bind } for  pid=11139 comm="syz.2.1116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  667.355758][T11151] openvswitch: netlink: VXLAN extension message has 22 unknown bytes.
[  667.761570][   T30] audit: type=1326 audit(2000000264.363:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  667.871162][   T30] audit: type=1326 audit(2000000264.363:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  668.054547][   T30] audit: type=1326 audit(2000000264.363:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  668.574508][   T30] audit: type=1326 audit(2000000264.363:1751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  668.670628][   T30] audit: type=1326 audit(2000000264.363:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  668.742601][   T30] audit: type=1326 audit(2000000264.363:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  668.921963][T11163] overlayfs: failed to resolve './file1': -2
[  668.926909][T11165] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1121'.
[  668.934970][   T30] audit: type=1326 audit(2000000264.363:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11146 comm="syz.3.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  672.005442][T11192] xt_TCPMSS: Only works on TCP SYN packets
[  673.484798][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  673.484815][   T30] audit: type=1400 audit(2000000273.074:1769): avc:  denied  { getopt } for  pid=11202 comm="syz.0.1133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  674.230348][T11216] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  674.244563][T11216] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  675.083445][   T30] audit: type=1400 audit(2000000274.684:1770): avc:  denied  { map } for  pid=11222 comm="syz.0.1137" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  675.108239][   T30] audit: type=1400 audit(2000000274.684:1771): avc:  denied  { execute } for  pid=11222 comm="syz.0.1137" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  677.514122][T11243] xt_TCPMSS: Only works on TCP SYN packets
[  683.301963][T11294] 9pnet_fd: Insufficient options for proto=fd
[  683.407304][T11296] overlayfs: failed to clone upperpath
[  683.712608][T11297] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  683.719272][T11297] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  683.813007][T11297] vhci_hcd vhci_hcd.0: Device attached
[  683.817823][T11303] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(13)
[  683.825081][T11303] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  683.853899][T11303] vhci_hcd vhci_hcd.0: Device attached
[  684.170663][ T5962] vhci_hcd: vhci_device speed not set
[  684.234766][ T5962] usb 33-1: new full-speed USB device number 6 using vhci_hcd
[  684.267181][T11304] vhci_hcd: connection closed
[  684.267359][   T65] vhci_hcd: stop threads
[  684.276387][   T65] vhci_hcd: release socket
[  684.281053][   T65] vhci_hcd: disconnect device
[  684.286180][T11301] vhci_hcd: connection reset by peer
[  684.299027][   T65] vhci_hcd: stop threads
[  684.315074][   T65] vhci_hcd: release socket
[  684.324155][   T65] vhci_hcd: disconnect device
[  685.307136][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  685.313521][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  686.227989][T11327] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  686.239449][T11327] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  686.518209][T11332] xt_TCPMSS: Only works on TCP SYN packets
[  687.473059][   T30] audit: type=1400 audit(2000000287.074:1772): avc:  denied  { ioctl } for  pid=11328 comm="syz.2.1158" path="socket:[28642]" dev="sockfs" ino=28642 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  689.850356][ T5962] vhci_hcd: vhci_device speed not set
[  690.608967][T11375] xt_TCPMSS: Only works on TCP SYN packets
[  691.834851][   T30] audit: type=1400 audit(2000000291.074:1773): avc:  denied  { connect } for  pid=11376 comm="syz.1.1172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  691.930527][   T30] audit: type=1400 audit(2000000291.144:1774): avc:  denied  { firmware_load } for  pid=11376 comm="syz.1.1172" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  692.043215][T11381] syz.1.1172 (11381) used greatest stack depth: 17784 bytes left
[  692.519460][T11392] netlink: 'syz.2.1173': attribute type 10 has an invalid length.
[  692.530845][T11392] trusted_key: encrypted_key: insufficient parameters specified
[  693.404770][   T30] audit: type=1400 audit(2000000292.844:1775): avc:  denied  { execute } for  pid=11396 comm="syz.3.1175" dev="hugetlbfs" ino=29738 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  693.684968][   T30] audit: type=1400 audit(2000000292.854:1776): avc:  denied  { execute_no_trans } for  pid=11396 comm="syz.3.1175" path=2F6D656D66643A5B0BDB58AE5B1AA9202864656C6574656429 dev="hugetlbfs" ino=29738 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  694.112260][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1176'.
[  694.121261][T11403] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1176'.
[  694.130397][T11403] netlink: 'syz.3.1176': attribute type 6 has an invalid length.
[  695.208460][   T30] audit: type=1400 audit(2000000294.404:1777): avc:  denied  { mount } for  pid=11404 comm="syz.2.1177" name="/" dev="autofs" ino=28757 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  695.307855][T11411] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  695.316839][T11411] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  695.739763][T11419] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1181'.
[  695.838491][T11420] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1181'.
[  697.454628][T11433] xt_TCPMSS: Only works on TCP SYN packets
[  702.390531][T11468] 9pnet_fd: Insufficient options for proto=fd
[  702.411176][T11468] siw: device registration error -23
[  703.503460][T11477] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1195'.
[  704.170874][T11482] xt_TCPMSS: Only works on TCP SYN packets
[  704.551389][T11484] overlayfs: missing 'lowerdir'
[  706.257418][T11500] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  707.221744][   T30] audit: type=1400 audit(2000000306.694:1778): avc:  denied  { shutdown } for  pid=11501 comm="syz.1.1203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  710.960534][T11541] netlink: 'syz.3.1213': attribute type 2 has an invalid length.
[  711.033488][   T30] audit: type=1400 audit(2000000310.604:1779): avc:  denied  { name_bind } for  pid=11538 comm="syz.3.1213" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  711.861871][T11547] overlayfs: failed to clone upperpath
[  713.932746][T11574] No control pipe specified
[  713.941413][T11574] xt_nfacct: accounting object `syz1' does not exists
[  714.707732][T11574] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  714.726274][   T30] audit: type=1400 audit(2000000313.774:1780): avc:  denied  { write } for  pid=11569 comm="syz.0.1220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  714.837877][T11572] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1221'.
[  715.929152][T11588] xt_TCPMSS: Only works on TCP SYN packets
[  718.989144][T11615] 9pnet_fd: Insufficient options for proto=fd
[  719.794624][T11615] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  719.801321][T11615] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  719.822255][T11615] vhci_hcd vhci_hcd.0: Device attached
[  719.869447][T11615] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(12)
[  719.876123][T11615] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  719.950000][T11615] vhci_hcd vhci_hcd.0: Device attached
[  720.049772][  T836] vhci_hcd: vhci_device speed not set
[  720.124868][  T836] usb 35-1: new high-speed USB device number 3 using vhci_hcd
[  720.304212][T11634] wg1 speed is unknown, defaulting to 1000
[  720.679803][T11634] lo speed is unknown, defaulting to 1000
[  721.621646][T11626] vhci_hcd: connection closed
[  721.628695][T11623] vhci_hcd: connection reset by peer
[  721.845252][T11644] openvswitch: netlink: IP tunnel dst address not specified
[  721.997470][ T3506] vhci_hcd: stop threads
[  722.003781][ T3506] vhci_hcd: release socket
[  722.012454][ T3506] vhci_hcd: disconnect device
[  722.041712][ T3506] vhci_hcd: stop threads
[  722.066306][ T3506] vhci_hcd: release socket
[  722.078222][ T3506] vhci_hcd: disconnect device
[  723.716922][T11666] overlayfs: failed to resolve './file0': -2
[  724.029810][   T30] audit: type=1326 audit(2000000323.624:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  724.626951][   T30] audit: type=1326 audit(2000000323.624:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  724.693489][   T30] audit: type=1326 audit(2000000323.624:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  724.877451][   T30] audit: type=1326 audit(2000000323.624:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  725.010193][   T30] audit: type=1326 audit(2000000323.624:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  725.086053][   T30] audit: type=1326 audit(2000000323.624:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  725.745068][   T30] audit: type=1326 audit(2000000323.624:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  725.806681][   T30] audit: type=1326 audit(2000000323.624:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  725.836762][   T30] audit: type=1326 audit(2000000323.624:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  725.877985][   T30] audit: type=1326 audit(2000000323.624:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11665 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  726.724836][  T836] vhci_hcd: vhci_device speed not set
[  727.853697][T11711] 9pnet_fd: Insufficient options for proto=fd
[  727.873535][T11711] siw: device registration error -23
[  730.141650][T11728] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1257'.
[  730.164491][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  730.164508][   T30] audit: type=1400 audit(2000000329.764:1796): avc:  denied  { call } for  pid=11727 comm="syz.0.1257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  731.715382][T11741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1259'.
[  731.857254][   T30] audit: type=1400 audit(2000000331.344:1797): avc:  denied  { listen } for  pid=11732 comm="syz.1.1259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  732.138172][T11753] xt_TCPMSS: Only works on TCP SYN packets
[  733.691400][T11767] 9pnet_fd: Insufficient options for proto=fd
[  733.884865][T11767] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  733.891424][T11767] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  733.899159][T11767] vhci_hcd vhci_hcd.0: Device attached
[  733.904931][T11771] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(12)
[  733.911556][T11771] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  733.984768][T11771] vhci_hcd vhci_hcd.0: Device attached
[  734.364811][  T836] vhci_hcd: vhci_device speed not set
[  734.415953][T11769] vhci_hcd: connection closed
[  734.416325][ T1007] vhci_hcd: stop threads
[  734.426455][T11772] vhci_hcd: connection closed
[  734.544605][ T1007] vhci_hcd: release socket
[  734.572274][ T1007] vhci_hcd: disconnect device
[  734.584886][  T836] usb 37-1: new high-speed USB device number 3 using vhci_hcd
[  734.610020][ T1007] vhci_hcd: stop threads
[  734.633883][ T1007] vhci_hcd: release socket
[  734.654440][ T1007] vhci_hcd: disconnect device
[  734.870949][T11783] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1271'.
[  736.409416][   T30] audit: type=1400 audit(2000000335.724:1798): avc:  denied  { mount } for  pid=11788 comm="syz.4.1274" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  736.544856][   T30] audit: type=1400 audit(2000000336.034:1799): avc:  denied  { unmount } for  pid=5826 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  737.076574][T11809] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1275'.
[  737.558862][T11820] x_tables: ip_tables: osf match: only valid for protocol 6
[  737.585917][T11820] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  738.200877][T11827] xt_TCPMSS: Only works on TCP SYN packets
[  738.630493][   T30] audit: type=1400 audit(2000000338.184:1800): avc:  denied  { mount } for  pid=11814 comm="syz.0.1279" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  738.715032][   T30] audit: type=1400 audit(2000000338.184:1801): avc:  denied  { remount } for  pid=11814 comm="syz.0.1279" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  738.868562][T11830] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1281'.
[  739.023254][   T30] audit: type=1400 audit(2000000338.194:1802): avc:  denied  { listen } for  pid=11814 comm="syz.0.1279" lport=48073 faddr=::ffff:172.20.255.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  739.079238][T11834] netlink: 'syz.4.1280': attribute type 10 has an invalid length.
[  739.112736][   T30] audit: type=1400 audit(2000000338.194:1803): avc:  denied  { write } for  pid=11814 comm="syz.0.1279" lport=48073 faddr=::ffff:172.20.255.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  739.198718][   T30] audit: type=1400 audit(2000000338.194:1804): avc:  denied  { setopt } for  pid=11814 comm="syz.0.1279" lport=48073 faddr=::ffff:172.20.255.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  739.368225][T11840] 9pnet_fd: Insufficient options for proto=fd
[  739.560717][T11841] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(12)
[  739.567332][T11841] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  739.638966][T11841] vhci_hcd vhci_hcd.0: Device attached
[  739.706836][  T836] vhci_hcd: vhci_device speed not set
[  739.775444][T11840] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  739.782014][T11840] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  739.925030][ T5962] usb 35-2: new low-speed USB device number 4 using vhci_hcd
[  739.965635][T11840] vhci_hcd vhci_hcd.0: Device attached
[  740.037689][   T30] audit: type=1400 audit(2000000339.644:1805): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  740.179484][T11843] vhci_hcd: connection closed
[  740.184187][T11844] vhci_hcd: connection reset by peer
[  740.204906][ T3506] vhci_hcd: stop threads
[  740.209310][ T3506] vhci_hcd: release socket
[  740.213842][ T3506] vhci_hcd: disconnect device
[  740.262174][ T3506] vhci_hcd: stop threads
[  740.272902][ T3506] vhci_hcd: release socket
[  740.971214][   T30] audit: type=1400 audit(2000000339.894:1806): avc:  denied  { read write } for  pid=11851 comm="syz.0.1285" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  740.995792][ T3506] vhci_hcd: disconnect device
[  741.105033][   T30] audit: type=1400 audit(2000000339.894:1807): avc:  denied  { open } for  pid=11851 comm="syz.0.1285" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  742.109806][   T30] audit: type=1400 audit(2000000341.704:1808): avc:  denied  { mounton } for  pid=11858 comm="syz.4.1286" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  742.134000][    C0] vkms_vblank_simulate: vblank timer overrun
[  742.144504][T11862] syz.4.1286: attempt to access beyond end of device
[  742.144504][T11862] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  742.158905][T11862] syz.4.1286: attempt to access beyond end of device
[  742.158905][T11862] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  742.173563][T11862] Mount JFS Failure: -5
[  742.996790][   T30] audit: type=1400 audit(2000000342.364:1809): avc:  denied  { execute_no_trans } for  pid=11863 comm="syz.0.1288" path=2F6D656D66643A5B0BDB58AE5B1AA9202864656C6574656429 dev="tmpfs" ino=274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  743.585719][T11875] 9pnet_fd: Insufficient options for proto=fd
[  743.903904][T11883] xt_TCPMSS: Only works on TCP SYN packets
[  744.453358][T11875] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(13)
[  744.460018][T11875] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  744.468252][T11875] vhci_hcd vhci_hcd.0: Device attached
[  744.524105][   T30] audit: type=1326 audit(2000000344.044:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  744.622304][T11870] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  744.628953][T11870] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  744.653985][T11870] vhci_hcd vhci_hcd.0: Device attached
[  744.666666][   T30] audit: type=1326 audit(2000000344.044:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  744.729022][T11886] vhci_hcd: connection closed
[  744.729258][ T1105] vhci_hcd: stop threads
[  744.750562][ T1105] vhci_hcd: release socket
[  744.841964][T11888] vhci_hcd: connection closed
[  744.842539][   T30] audit: type=1326 audit(2000000344.044:1812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  744.899770][   T30] audit: type=1326 audit(2000000344.044:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  744.921792][ T1105] vhci_hcd: disconnect device
[  745.392645][T11889] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  745.402506][   T30] audit: type=1326 audit(2000000344.044:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  745.427407][   T30] audit: type=1326 audit(2000000344.044:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  745.451788][    C0] vkms_vblank_simulate: vblank timer overrun
[  745.512967][   T30] audit: type=1326 audit(2000000344.044:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  745.536449][    C0] vkms_vblank_simulate: vblank timer overrun
[  745.655018][ T1105] vhci_hcd: stop threads
[  745.669927][ T1105] vhci_hcd: release socket
[  745.801095][   T30] audit: type=1326 audit(2000000344.044:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11871 comm="syz.3.1290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadb918e9a9 code=0x7ffc0000
[  745.801186][ T1105] vhci_hcd: disconnect device
[  746.366070][ T5962] vhci_hcd: vhci_device speed not set
[  747.225017][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  747.231455][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  749.470864][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  749.470889][   T30] audit: type=1400 audit(2000000349.074:1830): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  749.963437][T11942] Invalid source name
[  749.967578][T11942] UBIFS error (pid: 11942): cannot open "./file0", error -22
[  749.971352][T11942] binder: 11936:11942 ioctl 40046210 0 returned -14
[  749.989124][T11942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1305'.
[  750.777928][   T30] audit: type=1400 audit(2000000349.564:1831): avc:  denied  { create } for  pid=11936 comm="syz.0.1305" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  750.798939][   T30] audit: type=1400 audit(2000000349.564:1832): avc:  denied  { mounton } for  pid=11936 comm="syz.0.1305" path="/257/file0" dev="tmpfs" ino=1464 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  750.909248][T11942] team_slave_1 (unregistering): left promiscuous mode
[  750.917156][T11942] team_slave_1 (unregistering): left allmulticast mode
[  750.926068][T11942] team0: Port device team_slave_1 removed
[  751.044345][   T30] audit: type=1400 audit(2000000349.714:1833): avc:  denied  { connect } for  pid=11940 comm="syz.3.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  751.598216][   T30] audit: type=1400 audit(2000000349.724:1834): avc:  denied  { setopt } for  pid=11940 comm="syz.3.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  751.624859][   T30] audit: type=1400 audit(2000000349.724:1835): avc:  denied  { read } for  pid=11940 comm="syz.3.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  751.891341][T11959] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1312'.
[  752.026583][T11960] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1312'.
[  752.336653][T11956] overlayfs: failed to clone upperpath
[  755.089881][T11987] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  755.312732][T11990] wg1 speed is unknown, defaulting to 1000
[  755.651950][   T30] audit: type=1400 audit(2000000354.784:1836): avc:  denied  { create } for  pid=11983 comm="syz.1.1318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  755.674565][T11987] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  755.699788][T11990] lo speed is unknown, defaulting to 1000
[  755.781912][T11994] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  755.795371][T11987] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  755.890434][   T30] audit: type=1400 audit(2000000354.834:1837): avc:  denied  { sys_admin } for  pid=11983 comm="syz.1.1318" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  756.017591][T11994] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  756.050936][T11987] vhci_hcd vhci_hcd.0: pdev(0) rhport(5) sockfd(17)
[  756.057574][T11987] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  756.077518][T11987] vhci_hcd vhci_hcd.0: Device attached
[  756.136425][T11987] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  756.244478][T12002] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  756.794835][ T5962] usb 33-6: new high-speed USB device number 7 using vhci_hcd
[  756.809526][   T30] audit: type=1326 audit(2000000356.414:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  756.857110][T11987] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(22)
[  756.863741][T11987] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  757.024916][T11986] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  757.025339][T11987] vhci_hcd vhci_hcd.0: Device attached
[  757.049279][   T30] audit: type=1326 audit(2000000356.414:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  757.100306][T12006] vhci_hcd: connection closed
[  757.105786][T12011] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  757.120532][T12011] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  757.131442][T12011] netlink: 'syz.1.1324': attribute type 3 has an invalid length.
[  757.139275][T12011] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1324'.
[  757.153452][T11998] vhci_hcd: connection reset by peer
[  757.170071][   T30] audit: type=1326 audit(2000000356.444:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  757.832877][ T1105] vhci_hcd: stop threads
[  757.854927][ T1105] vhci_hcd: release socket
[  757.873563][ T1105] vhci_hcd: disconnect device
[  757.877140][   T30] audit: type=1326 audit(2000000356.444:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  758.031982][ T1105] vhci_hcd: stop threads
[  758.044762][ T1105] vhci_hcd: release socket
[  758.056269][ T1105] vhci_hcd: disconnect device
[  758.378425][   T30] audit: type=1326 audit(2000000356.444:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  758.454269][   T30] audit: type=1326 audit(2000000356.444:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  759.066174][   T30] audit: type=1326 audit(2000000356.444:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  759.668203][   T30] audit: type=1326 audit(2000000356.444:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11995 comm="syz.1.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa888d8e9a9 code=0x7ffc0000
[  761.935764][ T5962] vhci_hcd: vhci_device speed not set
[  762.166950][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  762.166962][   T30] audit: type=1326 audit(2000000360.778:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  762.281566][   T30] audit: type=1326 audit(2000000360.778:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  762.345022][   T30] audit: type=1326 audit(2000000360.818:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  763.703416][   T30] audit: type=1326 audit(2000000360.818:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  763.974942][   T30] audit: type=1326 audit(2000000360.818:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  764.087655][   T30] audit: type=1326 audit(2000000360.818:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  764.160560][   T30] audit: type=1326 audit(2000000360.818:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  764.724770][   T30] audit: type=1326 audit(2000000360.818:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  766.009259][   T30] audit: type=1326 audit(2000000360.818:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  766.033240][   T30] audit: type=1326 audit(2000000360.818:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12057 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  767.499237][T12112] overlayfs: failed to clone upperpath
[  767.695870][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  767.695882][   T30] audit: type=1400 audit(2000000366.308:1878): avc:  denied  { write } for  pid=12114 comm="syz.0.1347" name="sg0" dev="devtmpfs" ino=752 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  768.364568][T12122] siw: device registration error -23
[  771.007072][T12137] netlink: 'syz.3.1352': attribute type 20 has an invalid length.
[  773.602293][T12160] tipc: Enabling of bearer <eth:vlan0> rejected, already enabled
[  773.619991][T12160] siw: device registration error -23
[  774.411560][   T30] audit: type=1400 audit(2000000376.020:1879): avc:  denied  { ioctl } for  pid=12166 comm="syz.3.1360" path="socket:[31181]" dev="sockfs" ino=31181 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  776.229470][T12182] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  778.589905][   T30] audit: type=1400 audit(2000000380.200:1880): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  779.676801][T12218] tmpfs: Bad value for 'mpol'
[  781.924577][T12239] xt_TCPMSS: Only works on TCP SYN packets
[  792.141167][   T30] audit: type=1326 audit(2000000393.750:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  792.673127][   T30] audit: type=1326 audit(2000000393.780:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  794.724933][   T30] audit: type=1326 audit(2000000393.780:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  794.749466][   T30] audit: type=1326 audit(2000000393.820:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  794.773712][   T30] audit: type=1326 audit(2000000393.820:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  794.797545][   T30] audit: type=1326 audit(2000000393.960:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  795.359325][   T30] audit: type=1326 audit(2000000393.960:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  795.383016][   T30] audit: type=1326 audit(2000000393.960:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  795.407178][   T30] audit: type=1326 audit(2000000393.970:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  795.484130][T12335] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1402'.
[  795.511630][   T30] audit: type=1326 audit(2000000393.970:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12322 comm="syz.0.1398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  795.616801][T12335] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1402'.
[  795.780024][T12347] overlayfs: failed to clone upperpath
[  797.956398][T12367] netlink: 'syz.0.1409': attribute type 20 has an invalid length.
[  798.085520][T12367] dvmrp17: entered allmulticast mode
[  800.688283][T12385] overlayfs: failed to resolve './file0': -2
[  800.796906][T12385] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[  805.861842][T12413] ALSA: mixer_oss: invalid OSS volume ''
[  807.485185][T12437] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1427'.
[  807.737173][T12440] No control pipe specified
[  807.743664][T12440] xt_nfacct: accounting object `syz1' does not exists
[  808.188223][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  808.197079][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  808.708911][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  808.708929][   T30] audit: type=1400 audit(2000000410.320:1910): avc:  denied  { write } for  pid=12451 comm="syz.1.1432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  808.746847][T12458] overlayfs: failed to clone upperpath
[  809.320210][   T30] audit: type=1400 audit(2000000410.860:1911): avc:  denied  { write } for  pid=12459 comm="syz.2.1434" path="socket:[32705]" dev="sockfs" ino=32705 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  809.996394][  T836] libceph: connect (1)[c::]:6789 error -101
[  810.003497][   T30] audit: type=1400 audit(2000000411.600:1912): avc:  denied  { setopt } for  pid=12459 comm="syz.2.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  810.006942][  T836] libceph: mon0 (1)[c::]:6789 connect error
[  810.175147][T12467] ceph: No mds server is up or the cluster is laggy
[  810.193342][   T30] audit: type=1400 audit(2000000411.800:1913): avc:  denied  { getopt } for  pid=12459 comm="syz.2.1434" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  810.734055][T12481] 8021q: VLANs not supported on ipvlan1
[  810.946346][   T30] audit: type=1804 audit(2000000412.440:1914): pid=12481 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1438" name="/newroot/276/file0" dev="tmpfs" ino=1592 res=1 errno=0
[  811.092326][T12478] [U] 
[  811.222235][T12485] vivid-007: =================  START STATUS  =================
[  811.231151][T12485] vivid-007: Enable Output Cropping: true
[  811.237273][T12485] vivid-007: Enable Output Composing: true
[  811.243189][T12485] vivid-007: Enable Output Scaler: true
[  811.248861][T12485] vivid-007: Tx RGB Quantization Range: Automatic
[  811.255492][T12485] vivid-007: Transmit Mode: HDMI
[  811.260539][T12485] vivid-007: Hotplug Present: 0x00000000
[  811.266323][T12485] vivid-007: RxSense Present: 0x00000000
[  811.272240][T12485] vivid-007: EDID Present: 0x00000000
[  811.357733][T12485] vivid-007: ==================  END STATUS  ==================
[  812.968845][   T30] audit: type=1400 audit(2000000414.570:1915): avc:  denied  { ioctl } for  pid=12494 comm="syz.0.1443" path="socket:[32829]" dev="sockfs" ino=32829 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  813.300563][T12511] random: crng reseeded on system resumption
[  814.214856][   T30] audit: type=1400 audit(2000000414.840:1916): avc:  denied  { bind } for  pid=12502 comm="syz.1.1444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  814.763664][T12525] overlayfs: failed to clone lowerpath
[  817.964272][T12552] netlink: 'syz.1.1456': attribute type 20 has an invalid length.
[  817.982800][T12552] dvmrp17: entered allmulticast mode
[  818.180334][T12559] netlink: 'syz.3.1458': attribute type 8 has an invalid length.
[  818.294156][T12561] ksmbd: Unknown IPC event: 3, ignore.
[  818.375794][T12561] usb usb8: usbfs: process 12561 (syz.4.1457) did not claim interface 0 before use
[  821.987235][T12599] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  821.996894][T12599] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12599 comm=syz.0.1466
[  823.476848][T12611] siw: device registration error -23
[  824.163514][ T1616] lo speed is unknown, defaulting to 1000
[  824.888236][T12623] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1473'.
[  825.184350][T12627] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1475'.
[  825.196852][T12627] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1475'.
[  825.208793][T12627] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  825.243330][T12627] CPU: 0 UID: 0 PID: 12627 Comm: syz.1.1475 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  825.243361][T12627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  825.243371][T12627] Call Trace:
[  825.243378][T12627]  <TASK>
[  825.243386][T12627]  dump_stack_lvl+0x16c/0x1f0
[  825.243415][T12627]  sysfs_warn_dup+0x7f/0xa0
[  825.243437][T12627]  sysfs_do_create_link_sd+0x124/0x140
[  825.243463][T12627]  sysfs_create_link+0x61/0xc0
[  825.243483][T12627]  device_add+0x62c/0x1a70
[  825.243512][T12627]  ? __pfx_device_add+0x10/0x10
[  825.243539][T12627]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  825.243569][T12627]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  825.243600][T12627]  wiphy_register+0x1c9c/0x2850
[  825.243627][T12627]  ? netdev_run_todo+0x864/0x1320
[  825.243650][T12627]  ? __dev_printk+0x260/0x270
[  825.243675][T12627]  ? __pfx_wiphy_register+0x10/0x10
[  825.243716][T12627]  ieee80211_register_hw+0x24ac/0x4140
[  825.243752][T12627]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  825.243789][T12627]  ? find_held_lock+0x2b/0x80
[  825.243814][T12627]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  825.243837][T12627]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  825.243864][T12627]  ? __hrtimer_setup+0x176/0x280
[  825.243888][T12627]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  825.243925][T12627]  ? trace_kmalloc+0x2b/0xd0
[  825.243945][T12627]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  825.243965][T12627]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  825.243990][T12627]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  825.244012][T12627]  ? __asan_memcpy+0x3c/0x60
[  825.244043][T12627]  hwsim_new_radio_nl+0xb51/0x12c0
[  825.244069][T12627]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  825.244100][T12627]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  825.244130][T12627]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  825.244167][T12627]  genl_family_rcv_msg_doit+0x206/0x2f0
[  825.244198][T12627]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  825.244245][T12627]  ? bpf_lsm_capable+0x9/0x10
[  825.244270][T12627]  ? security_capable+0x7e/0x260
[  825.244300][T12627]  ? ns_capable+0xd7/0x110
[  825.244324][T12627]  genl_rcv_msg+0x55c/0x800
[  825.244340][T12627]  ? __pfx_genl_rcv_msg+0x10/0x10
[  825.244354][T12627]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  825.244379][T12627]  netlink_rcv_skb+0x155/0x420
[  825.244399][T12627]  ? __pfx_genl_rcv_msg+0x10/0x10
[  825.244413][T12627]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  825.244442][T12627]  ? netlink_deliver_tap+0x1ae/0xd30
[  825.244465][T12627]  genl_rcv+0x28/0x40
[  825.244484][T12627]  netlink_unicast+0x58d/0x850
[  825.244507][T12627]  ? __pfx_netlink_unicast+0x10/0x10
[  825.244525][T12627]  ? __build_skb_around+0x278/0x3b0
[  825.244553][T12627]  netlink_sendmsg+0x8d1/0xdd0
[  825.244577][T12627]  ? __pfx_netlink_sendmsg+0x10/0x10
[  825.244605][T12627]  ____sys_sendmsg+0xa98/0xc70
[  825.244634][T12627]  ? copy_msghdr_from_user+0x10a/0x160
[  825.244653][T12627]  ? __pfx_____sys_sendmsg+0x10/0x10
[  825.244683][T12627]  ? __pfx_futex_wake_mark+0x10/0x10
[  825.244708][T12627]  ___sys_sendmsg+0x134/0x1d0
[  825.244726][T12627]  ? futex_private_hash_put+0x176/0x300
[  825.244753][T12627]  ? __pfx____sys_sendmsg+0x10/0x10
[  825.244772][T12627]  ? __lock_acquire+0x622/0x1c90
[  825.244828][T12627]  __sys_sendmsg+0x16d/0x220
[  825.244846][T12627]  ? __pfx___sys_sendmsg+0x10/0x10
[  825.244862][T12627]  ? __x64_sys_futex+0x1e0/0x4c0
[  825.244889][T12627]  do_syscall_64+0xcd/0x4c0
[  825.244908][T12627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.244923][T12627] RIP: 0033:0x7fa888d8e9a9
[  825.244937][T12627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  825.244951][T12627] RSP: 002b:00007fa889b74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  825.244966][T12627] RAX: ffffffffffffffda RBX: 00007fa888fb5fa0 RCX: 00007fa888d8e9a9
[  825.244980][T12627] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  825.244989][T12627] RBP: 00007fa888e10d69 R08: 0000000000000000 R09: 0000000000000000
[  825.245001][T12627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  825.245009][T12627] R13: 0000000000000000 R14: 00007fa888fb5fa0 R15: 00007ffc5e942438
[  825.245029][T12627]  </TASK>
[  827.713877][T12649] xt_TCPMSS: Only works on TCP SYN packets
[  829.633973][T12667] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1486'.
[  830.275865][T12673] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1488'.
[  830.289938][T12673] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1488'.
[  830.336600][T12673] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²' already exists in 'ieee80211'
[  832.031033][T12699] overlayfs: failed to clone lowerpath
[  832.049506][   T30] audit: type=1400 audit(2000000433.637:1917): avc:  denied  { mount } for  pid=12695 comm="syz.3.1495" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  832.128854][T12703] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1494'.
[  832.138127][T12703] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1494'.
[  832.147506][T12703] netlink: 'syz.1.1494': attribute type 6 has an invalid length.
[  832.188201][T12704] veth0: entered promiscuous mode
[  832.941133][T12713] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1498'.
[  833.351243][   T30] audit: type=1400 audit(2000000434.739:1918): avc:  denied  { name_connect } for  pid=12710 comm="syz.4.1497" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  834.924495][T12703] veth0: left promiscuous mode
[  835.072454][   T30] audit: type=1400 audit(2000000436.669:1919): avc:  denied  { map } for  pid=12723 comm="syz.3.1501" path="socket:[33212]" dev="sockfs" ino=33212 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  835.120228][   T30] audit: type=1400 audit(2000000436.669:1920): avc:  denied  { read } for  pid=12723 comm="syz.3.1501" path="socket:[33212]" dev="sockfs" ino=33212 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  835.528205][   T30] audit: type=1804 audit(2000000436.959:1921): pid=12731 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.1504" name="/newroot/290/file0" dev="tmpfs" ino=1681 res=1 errno=0
[  835.661716][T12737] xt_TCPMSS: Only works on TCP SYN packets
[  836.146883][T12727] [U] 
[  836.986026][T12746] bridge0: port 3(team0) entered disabled state
[  836.992644][T12746] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.999933][T12746] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.022963][T12746] bridge0: entered promiscuous mode
[  837.033705][T12746] bridge0: entered allmulticast mode
[  837.079031][T12750] bridge0: port 3(team0) entered blocking state
[  837.085457][T12750] bridge0: port 3(team0) entered forwarding state
[  837.092090][T12750] bridge0: port 2(bridge_slave_1) entered blocking state
[  837.099221][T12750] bridge0: port 2(bridge_slave_1) entered forwarding state
[  837.106642][T12750] bridge0: port 1(bridge_slave_0) entered blocking state
[  837.113854][T12750] bridge0: port 1(bridge_slave_0) entered forwarding state
[  837.759051][T12757] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1510'.
[  838.320046][   T30] audit: type=1400 audit(2000000439.579:1922): avc:  denied  { bind } for  pid=12752 comm="syz.4.1508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  841.384793][T12782] Bluetooth: hci5: Frame reassembly failed (-84)
[  841.397321][T12782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1514'.
[  841.406406][T12782] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1514'.
[  841.415529][T12782] netlink: 'syz.0.1514': attribute type 6 has an invalid length.
[  841.436068][T12782] veth0: entered promiscuous mode
[  841.621998][ T3506] Bluetooth: hci5: Frame reassembly failed (-84)
[  843.491091][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  843.712638][T12781] veth0: left promiscuous mode
[  843.719321][ T9567] Bluetooth: hci5: command 0x1003 tx timeout
[  848.314751][   T30] audit: type=1400 audit(2000000449.829:1923): avc:  denied  { name_connect } for  pid=12837 comm="syz.1.1530" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  848.386958][T12846] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1530'.
[  849.280554][T12850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1531'.
[  850.828315][   T30] audit: type=1400 audit(2000000451.819:1924): avc:  denied  { listen } for  pid=12857 comm="syz.2.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  851.487590][   T30] audit: type=1400 audit(2000000453.099:1925): avc:  denied  { ioctl } for  pid=12865 comm="syz.2.1536" path="socket:[34381]" dev="sockfs" ino=34381 ioctlcmd=0x7210 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  853.884652][   T30] audit: type=1326 audit(2000000455.419:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.352276][   T30] audit: type=1326 audit(2000000455.419:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.376245][   T30] audit: type=1326 audit(2000000455.419:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.400408][   T30] audit: type=1326 audit(2000000455.419:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.424324][   T30] audit: type=1326 audit(2000000455.419:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.448565][   T30] audit: type=1326 audit(2000000455.419:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.472145][   T30] audit: type=1326 audit(2000000455.419:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.502712][   T30] audit: type=1326 audit(2000000455.419:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  854.631693][   T30] audit: type=1326 audit(2000000455.419:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  855.129829][   T30] audit: type=1326 audit(2000000455.429:1935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  856.735613][T12914] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1546'.
[  860.529024][T12946] wg1 speed is unknown, defaulting to 1000
[  861.199478][T12946] lo speed is unknown, defaulting to 1000
[  861.583193][T12956] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1558'.
[  861.818716][T12958] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[  863.173396][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  863.173416][   T30] audit: type=1400 audit(2000000464.719:1947): avc:  denied  { watch watch_reads } for  pid=12960 comm="syz.1.1559" path="pipe:[19320]" dev="pipefs" ino=19320 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  865.693675][   T30] audit: type=1400 audit(2000000467.299:1948): avc:  denied  { write } for  pid=12992 comm="syz.0.1567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  867.004118][T13004] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1571'.
[  867.081141][T13006] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1570'.
[  867.090151][T13006] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1570'.
[  867.127612][T13006] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  867.136389][T13006] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  867.145128][T13006] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  867.154166][T13006] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  867.168809][T13006] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1570'.
[  867.177780][T13006] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1570'.
[  868.496269][   T30] audit: type=1400 audit(2000000470.069:1949): avc:  denied  { create } for  pid=13014 comm="syz.3.1574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  868.545994][T13025] delete_channel: no stack
[  870.422650][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  870.434890][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  872.068181][T11313] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  872.080432][   T30] audit: type=1400 audit(2000000473.659:1950): avc:  denied  { read write } for  pid=13042 comm="syz.2.1580" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  872.736628][   T30] audit: type=1400 audit(2000000473.659:1951): avc:  denied  { open } for  pid=13042 comm="syz.2.1580" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  872.838460][T11313] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  873.835439][   T30] audit: type=1400 audit(2000000474.989:1952): avc:  denied  { mount } for  pid=13063 comm="syz.3.1586" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  874.527294][T13074] overlayfs: failed to clone upperpath
[  876.203619][T13092] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1590'.
[  876.716980][T13092] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1590'.
[  876.739796][T13092] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²' already exists in 'ieee80211'
[  877.280581][T13103] Bluetooth: hci5: Frame reassembly failed (-84)
[  877.290384][T13103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1593'.
[  877.299449][T13103] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1593'.
[  877.308616][T13103] netlink: 'syz.4.1593': attribute type 6 has an invalid length.
[  877.356898][T13104] veth0: entered promiscuous mode
[  877.420303][   T65] Bluetooth: hci5: Frame reassembly failed (-84)
[  877.580937][T13105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1594'.
[  877.601495][T13105] sit0: Master is either lo or non-ether device
[  877.613816][T13105] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1594'.
[  879.567504][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  880.158516][   T30] audit: type=1400 audit(2000000481.430:1953): avc:  denied  { watch } for  pid=13110 comm="syz.1.1596" path="/162/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  880.205831][T13103] veth0: left promiscuous mode
[  880.347618][   T30] audit: type=1400 audit(2000000481.430:1954): avc:  denied  { watch_sb watch_reads } for  pid=13110 comm="syz.1.1596" path="/162/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  880.708826][   T30] audit: type=1400 audit(2000000481.910:1955): avc:  denied  { getopt } for  pid=13117 comm="syz.0.1599" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  881.035286][T13133] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  881.057063][T13133] siw: device registration error -23
[  885.303229][T13175] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  885.313438][   T30] audit: type=1400 audit(2000000486.930:1956): avc:  denied  { write } for  pid=13152 comm="syz.4.1605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  886.382352][T13185] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1611'.
[  886.391325][T13185] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1611'.
[  886.400322][T13185] netlink: 'syz.2.1611': attribute type 6 has an invalid length.
[  886.421378][T13185] veth0: entered promiscuous mode
[  889.001800][T13184] veth0: left promiscuous mode
[  891.473223][   T30] audit: type=1400 audit(2000000493.010:1957): avc:  denied  { getopt } for  pid=13234 comm="syz.0.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  892.950222][T13259] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  895.067482][T13286] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1644'.
[  896.499262][T13304] mkiss: ax0: crc mode is auto.
[  896.942117][T13311] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1640'.
[  898.268164][T13318] ubi31: attaching mtd0
[  898.274563][T13318] ubi31: scanning is finished
[  898.279396][T13318] ubi31: empty MTD device detected
[  899.654932][T13318] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  899.662561][T13318] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  899.669912][T13318] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  899.677036][T13318] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  899.684516][T13318] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  899.691435][T13318] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  899.699704][T13318] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3443582102
[  899.709948][T13318] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  899.721412][T13329] ubi31: background thread "ubi_bgt31d" started, PID 13329
[  900.055761][   T30] audit: type=1400 audit(2000000501.540:1958): avc:  denied  { read } for  pid=13331 comm="syz.2.1647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  900.274426][   T30] audit: type=1400 audit(2000000501.880:1959): avc:  denied  { connect } for  pid=13332 comm="syz.0.1646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  902.384656][T13346] netlink: 'syz.1.1651': attribute type 20 has an invalid length.
[  902.407808][T13348] netlink: 'syz.3.1649': attribute type 10 has an invalid length.
[  902.415971][T13348] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1649'.
[  902.425313][T13348] dummy0: entered promiscuous mode
[  902.432194][T13348] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  902.699065][T13361] bad cache= option: no%e
[  902.699065][T13361] 
[  902.705711][T13361] CIFS: VFS: bad cache= option: no%e
[  903.982778][T13372] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1656'.
[  906.651348][T13408] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1665'.
[  906.880484][T13411] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1667'.
[  906.947238][T13411] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1667'.
[  906.990710][T13411] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²' already exists in 'ieee80211'
[  911.304239][   T30] audit: type=1400 audit(2000000512.896:1960): avc:  denied  { getopt } for  pid=13471 comm="syz.1.1680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  913.272841][T13501] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1687'.
[  913.320779][T13501] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1687'.
[  913.358944][T13501] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  913.463101][T13501] CPU: 0 UID: 0 PID: 13501 Comm: syz.1.1687 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  913.463132][T13501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  913.463144][T13501] Call Trace:
[  913.463149][T13501]  <TASK>
[  913.463157][T13501]  dump_stack_lvl+0x16c/0x1f0
[  913.463188][T13501]  sysfs_warn_dup+0x7f/0xa0
[  913.463212][T13501]  sysfs_do_create_link_sd+0x124/0x140
[  913.463237][T13501]  sysfs_create_link+0x61/0xc0
[  913.463260][T13501]  device_add+0x62c/0x1a70
[  913.463301][T13501]  ? __pfx_device_add+0x10/0x10
[  913.463327][T13501]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  913.463353][T13501]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  913.463386][T13501]  wiphy_register+0x1c9c/0x2850
[  913.463415][T13501]  ? netdev_run_todo+0x864/0x1320
[  913.463442][T13501]  ? __dev_printk+0x260/0x270
[  913.463468][T13501]  ? __pfx_wiphy_register+0x10/0x10
[  913.463510][T13501]  ieee80211_register_hw+0x24ac/0x4140
[  913.463548][T13501]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  913.463578][T13501]  ? find_held_lock+0x2b/0x80
[  913.463603][T13501]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  913.463627][T13501]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  913.463653][T13501]  ? __hrtimer_setup+0x176/0x280
[  913.463676][T13501]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  913.463714][T13501]  ? trace_kmalloc+0x2b/0xd0
[  913.463734][T13501]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  913.463754][T13501]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  913.463775][T13501]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  913.463798][T13501]  ? __asan_memcpy+0x3c/0x60
[  913.463832][T13501]  hwsim_new_radio_nl+0xb51/0x12c0
[  913.463859][T13501]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  913.463891][T13501]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  913.463921][T13501]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  913.463957][T13501]  genl_family_rcv_msg_doit+0x206/0x2f0
[  913.463987][T13501]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  913.464018][T13501]  ? bpf_lsm_capable+0x9/0x10
[  913.464037][T13501]  ? security_capable+0x7e/0x260
[  913.464060][T13501]  ? ns_capable+0xd7/0x110
[  913.464078][T13501]  genl_rcv_msg+0x55c/0x800
[  913.464094][T13501]  ? __pfx_genl_rcv_msg+0x10/0x10
[  913.464108][T13501]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  913.464133][T13501]  netlink_rcv_skb+0x155/0x420
[  913.464153][T13501]  ? __pfx_genl_rcv_msg+0x10/0x10
[  913.464168][T13501]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  913.464198][T13501]  ? netlink_deliver_tap+0x1ae/0xd30
[  913.464220][T13501]  genl_rcv+0x28/0x40
[  913.464240][T13501]  netlink_unicast+0x58d/0x850
[  913.464264][T13501]  ? __pfx_netlink_unicast+0x10/0x10
[  913.464282][T13501]  ? __build_skb_around+0x278/0x3b0
[  913.464318][T13501]  netlink_sendmsg+0x8d1/0xdd0
[  913.464343][T13501]  ? __pfx_netlink_sendmsg+0x10/0x10
[  913.464371][T13501]  ____sys_sendmsg+0xa98/0xc70
[  913.464395][T13501]  ? copy_msghdr_from_user+0x10a/0x160
[  913.464414][T13501]  ? __pfx_____sys_sendmsg+0x10/0x10
[  913.464449][T13501]  ___sys_sendmsg+0x134/0x1d0
[  913.464465][T13501]  ? futex_private_hash_put+0x176/0x300
[  913.464490][T13501]  ? __pfx____sys_sendmsg+0x10/0x10
[  913.464507][T13501]  ? __lock_acquire+0x622/0x1c90
[  913.464558][T13501]  __sys_sendmsg+0x16d/0x220
[  913.464580][T13501]  ? __pfx___sys_sendmsg+0x10/0x10
[  913.464598][T13501]  ? __x64_sys_futex+0x1e0/0x4c0
[  913.464628][T13501]  do_syscall_64+0xcd/0x4c0
[  913.464650][T13501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.464669][T13501] RIP: 0033:0x7fa888d8e9a9
[  913.464684][T13501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  913.464698][T13501] RSP: 002b:00007fa889b74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  913.464714][T13501] RAX: ffffffffffffffda RBX: 00007fa888fb5fa0 RCX: 00007fa888d8e9a9
[  913.464723][T13501] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  913.464732][T13501] RBP: 00007fa888e10d69 R08: 0000000000000000 R09: 0000000000000000
[  913.464740][T13501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  913.464748][T13501] R13: 0000000000000000 R14: 00007fa888fb5fa0 R15: 00007ffc5e942438
[  913.464768][T13501]  </TASK>
[  914.215031][T13523] hub 6-0:1.0: USB hub found
[  914.224893][T13523] hub 6-0:1.0: 1 port detected
[  914.612217][   T30] audit: type=1400 audit(2000000516.216:1961): avc:  denied  { accept } for  pid=13481 comm="syz.4.1682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  914.665462][T13512] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1685'.
[  915.340365][T13490] mkiss: ax0: crc mode is auto.
[  916.379626][T13560] netlink: 'syz.1.1695': attribute type 20 has an invalid length.
[  918.736031][T13584] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1699'.
[  918.998393][T13590] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1701'.
[  919.032237][T13590] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.1701'.
[  919.120692][T13590] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²' already exists in 'ieee80211'
[  922.481561][T13617] siw: device registration error -23
[  923.109760][T13622] netlink: 'syz.3.1710': attribute type 20 has an invalid length.
[  923.152877][T13623] netlink: 'syz.4.1709': attribute type 20 has an invalid length.
[  923.540466][   T30] audit: type=1326 audit(2000000525.134:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  923.764860][   T30] audit: type=1326 audit(2000000525.134:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  923.807044][T13630] fuse: Bad value for 'fd'
[  923.816731][T13630] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1711'.
[  923.967847][ T5962] libceph: connect (1)[c::]:6789 error -101
[  923.983618][   T30] audit: type=1326 audit(2000000525.134:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  924.483948][ T5962] libceph: mon0 (1)[c::]:6789 connect error
[  924.494241][   T30] audit: type=1326 audit(2000000525.134:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  924.528719][   T30] audit: type=1326 audit(2000000525.134:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  924.564850][T13631] ceph: No mds server is up or the cluster is laggy
[  924.571121][   T30] audit: type=1326 audit(2000000525.134:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  924.734855][   T30] audit: type=1326 audit(2000000525.134:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  924.758759][   T30] audit: type=1326 audit(2000000525.144:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  925.616531][   T30] audit: type=1326 audit(2000000525.144:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  926.383823][   T30] audit: type=1326 audit(2000000525.144:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13612 comm="syz.0.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  927.771747][T13673] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1723'.
[  927.851328][T13673] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1723'.
[  927.867488][T13673] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  927.878309][T13673] CPU: 0 UID: 0 PID: 13673 Comm: syz.0.1723 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  927.878327][T13673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  927.878336][T13673] Call Trace:
[  927.878341][T13673]  <TASK>
[  927.878346][T13673]  dump_stack_lvl+0x16c/0x1f0
[  927.878367][T13673]  sysfs_warn_dup+0x7f/0xa0
[  927.878382][T13673]  sysfs_do_create_link_sd+0x124/0x140
[  927.878398][T13673]  sysfs_create_link+0x61/0xc0
[  927.878413][T13673]  device_add+0x62c/0x1a70
[  927.878433][T13673]  ? __pfx_device_add+0x10/0x10
[  927.878448][T13673]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  927.878466][T13673]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  927.878484][T13673]  wiphy_register+0x1c9c/0x2850
[  927.878500][T13673]  ? netdev_run_todo+0x864/0x1320
[  927.878516][T13673]  ? __dev_printk+0x260/0x270
[  927.878531][T13673]  ? __pfx_wiphy_register+0x10/0x10
[  927.878554][T13673]  ieee80211_register_hw+0x24ac/0x4140
[  927.878576][T13673]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  927.878594][T13673]  ? find_held_lock+0x2b/0x80
[  927.878608][T13673]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  927.878622][T13673]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  927.878641][T13673]  ? __hrtimer_setup+0x176/0x280
[  927.878655][T13673]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  927.878677][T13673]  ? trace_kmalloc+0x2b/0xd0
[  927.878689][T13673]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  927.878701][T13673]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  927.878714][T13673]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  927.878727][T13673]  ? __asan_memcpy+0x3c/0x60
[  927.878745][T13673]  hwsim_new_radio_nl+0xb51/0x12c0
[  927.878760][T13673]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  927.878783][T13673]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  927.878811][T13673]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  927.878840][T13673]  genl_family_rcv_msg_doit+0x206/0x2f0
[  927.878858][T13673]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  927.878881][T13673]  ? bpf_lsm_capable+0x9/0x10
[  927.878896][T13673]  ? security_capable+0x7e/0x260
[  927.878914][T13673]  ? ns_capable+0xd7/0x110
[  927.878938][T13673]  genl_rcv_msg+0x55c/0x800
[  927.878950][T13673]  ? __pfx_genl_rcv_msg+0x10/0x10
[  927.878962][T13673]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  927.878982][T13673]  netlink_rcv_skb+0x155/0x420
[  927.879003][T13673]  ? __pfx_genl_rcv_msg+0x10/0x10
[  927.879014][T13673]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  927.879039][T13673]  ? netlink_deliver_tap+0x1ae/0xd30
[  927.879057][T13673]  genl_rcv+0x28/0x40
[  927.879073][T13673]  netlink_unicast+0x58d/0x850
[  927.879092][T13673]  ? __pfx_netlink_unicast+0x10/0x10
[  927.879106][T13673]  ? __build_skb_around+0x278/0x3b0
[  927.879128][T13673]  netlink_sendmsg+0x8d1/0xdd0
[  927.879146][T13673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  927.879166][T13673]  ____sys_sendmsg+0xa98/0xc70
[  927.879184][T13673]  ? copy_msghdr_from_user+0x10a/0x160
[  927.879197][T13673]  ? __pfx_____sys_sendmsg+0x10/0x10
[  927.879216][T13673]  ? __pfx_futex_wake_mark+0x10/0x10
[  927.879231][T13673]  ___sys_sendmsg+0x134/0x1d0
[  927.879244][T13673]  ? futex_private_hash_put+0x176/0x300
[  927.879260][T13673]  ? __pfx____sys_sendmsg+0x10/0x10
[  927.879272][T13673]  ? __lock_acquire+0x622/0x1c90
[  927.879308][T13673]  __sys_sendmsg+0x16d/0x220
[  927.879322][T13673]  ? __pfx___sys_sendmsg+0x10/0x10
[  927.879335][T13673]  ? __x64_sys_futex+0x1e0/0x4c0
[  927.879353][T13673]  do_syscall_64+0xcd/0x4c0
[  927.879368][T13673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.879380][T13673] RIP: 0033:0x7f2ed818e9a9
[  927.879391][T13673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.879401][T13673] RSP: 002b:00007f2ed9010038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  927.879413][T13673] RAX: ffffffffffffffda RBX: 00007f2ed83b5fa0 RCX: 00007f2ed818e9a9
[  927.879422][T13673] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  927.879429][T13673] RBP: 00007f2ed8210d69 R08: 0000000000000000 R09: 0000000000000000
[  927.879435][T13673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  927.879441][T13673] R13: 0000000000000000 R14: 00007f2ed83b5fa0 R15: 00007ffffe40ef58
[  927.879456][T13673]  </TASK>
[  928.789026][T13691] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1730'.
[  928.801375][T13691] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1730'.
[  928.937846][T13695] siw: device registration error -23
[  929.374300][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  929.660773][T13696] wg1 speed is unknown, defaulting to 1000
[  929.698386][   T30] audit: type=1400 audit(2000000530.974:1982): avc:  denied  { read } for  pid=13686 comm="syz.4.1728" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  929.724348][T13691] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  929.758157][T13691] CPU: 0 UID: 0 PID: 13691 Comm: syz.3.1730 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  929.758188][T13691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  929.758199][T13691] Call Trace:
[  929.758207][T13691]  <TASK>
[  929.758214][T13691]  dump_stack_lvl+0x16c/0x1f0
[  929.758242][T13691]  sysfs_warn_dup+0x7f/0xa0
[  929.758266][T13691]  sysfs_do_create_link_sd+0x124/0x140
[  929.758292][T13691]  sysfs_create_link+0x61/0xc0
[  929.758314][T13691]  device_add+0x62c/0x1a70
[  929.758346][T13691]  ? __pfx_device_add+0x10/0x10
[  929.758371][T13691]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  929.758396][T13691]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  929.758427][T13691]  wiphy_register+0x1c9c/0x2850
[  929.758454][T13691]  ? netdev_run_todo+0x864/0x1320
[  929.758479][T13691]  ? __dev_printk+0x260/0x270
[  929.758504][T13691]  ? __pfx_wiphy_register+0x10/0x10
[  929.758545][T13691]  ieee80211_register_hw+0x24ac/0x4140
[  929.758582][T13691]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  929.758612][T13691]  ? find_held_lock+0x2b/0x80
[  929.758635][T13691]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  929.758658][T13691]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  929.758686][T13691]  ? __hrtimer_setup+0x176/0x280
[  929.758709][T13691]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  929.758746][T13691]  ? trace_kmalloc+0x2b/0xd0
[  929.758765][T13691]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  929.758785][T13691]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  929.758805][T13691]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  929.758827][T13691]  ? __asan_memcpy+0x3c/0x60
[  929.758858][T13691]  hwsim_new_radio_nl+0xb51/0x12c0
[  929.758883][T13691]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  929.758923][T13691]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  929.758950][T13691]  genl_family_rcv_msg_doit+0x206/0x2f0
[  929.758985][T13691]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  929.759025][T13691]  ? bpf_lsm_capable+0x9/0x10
[  929.759050][T13691]  ? security_capable+0x7e/0x260
[  929.759078][T13691]  ? ns_capable+0xd7/0x110
[  929.759101][T13691]  genl_rcv_msg+0x55c/0x800
[  929.759121][T13691]  ? __pfx_genl_rcv_msg+0x10/0x10
[  929.759138][T13691]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  929.759163][T13691]  ? __lock_acquire+0x622/0x1c90
[  929.759198][T13691]  netlink_rcv_skb+0x155/0x420
[  929.759223][T13691]  ? __pfx_genl_rcv_msg+0x10/0x10
[  929.759241][T13691]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  929.759279][T13691]  ? netlink_deliver_tap+0x1ae/0xd30
[  929.759303][T13691]  ? is_vmalloc_addr+0x86/0xa0
[  929.759323][T13691]  genl_rcv+0x28/0x40
[  929.759349][T13691]  netlink_unicast+0x58d/0x850
[  929.759379][T13691]  ? __pfx_netlink_unicast+0x10/0x10
[  929.759402][T13691]  ? __build_skb_around+0x278/0x3b0
[  929.759439][T13691]  netlink_sendmsg+0x8d1/0xdd0
[  929.759470][T13691]  ? __pfx_netlink_sendmsg+0x10/0x10
[  929.759507][T13691]  ____sys_sendmsg+0xa98/0xc70
[  929.759532][T13691]  ? copy_msghdr_from_user+0x10a/0x160
[  929.759551][T13691]  ? __pfx_____sys_sendmsg+0x10/0x10
[  929.759588][T13691]  ___sys_sendmsg+0x134/0x1d0
[  929.759607][T13691]  ? futex_private_hash_put+0x176/0x300
[  929.759636][T13691]  ? __pfx____sys_sendmsg+0x10/0x10
[  929.759655][T13691]  ? __lock_acquire+0x622/0x1c90
[  929.759719][T13691]  __sys_sendmsg+0x16d/0x220
[  929.759741][T13691]  ? __pfx___sys_sendmsg+0x10/0x10
[  929.759763][T13691]  ? __x64_sys_futex+0x1e0/0x4c0
[  929.759797][T13691]  do_syscall_64+0xcd/0x4c0
[  929.759821][T13691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.759841][T13691] RIP: 0033:0x7fadb918e9a9
[  929.759856][T13691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  929.759873][T13691] RSP: 002b:00007fadba054038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  929.759891][T13691] RAX: ffffffffffffffda RBX: 00007fadb93b5fa0 RCX: 00007fadb918e9a9
[  929.759903][T13691] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  929.759920][T13691] RBP: 00007fadb9210d69 R08: 0000000000000000 R09: 0000000000000000
[  929.759931][T13691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  929.759942][T13691] R13: 0000000000000000 R14: 00007fadb93b5fa0 R15: 00007ffe19ad9ad8
[  929.759969][T13691]  </TASK>
[  929.804660][   T30] audit: type=1400 audit(2000000530.974:1983): avc:  denied  { open } for  pid=13686 comm="syz.4.1728" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  930.599253][   T30] audit: type=1400 audit(2000000530.984:1984): avc:  denied  { ioctl } for  pid=13686 comm="syz.4.1728" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  930.677622][   T30] audit: type=1326 audit(2000000531.844:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13686 comm="syz.4.1728" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x0
[  931.076502][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  931.082973][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  931.660114][T13713] overlayfs: failed to clone upperpath
[  932.106958][T13696] lo speed is unknown, defaulting to 1000
[  932.419895][T13721] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1736'.
[  932.499683][T13721] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1736'.
[  932.597822][T13721] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  932.644746][T13721] CPU: 1 UID: 0 PID: 13721 Comm: syz.0.1736 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  932.644766][T13721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  932.644773][T13721] Call Trace:
[  932.644777][T13721]  <TASK>
[  932.644783][T13721]  dump_stack_lvl+0x16c/0x1f0
[  932.644803][T13721]  sysfs_warn_dup+0x7f/0xa0
[  932.644818][T13721]  sysfs_do_create_link_sd+0x124/0x140
[  932.644834][T13721]  sysfs_create_link+0x61/0xc0
[  932.644848][T13721]  device_add+0x62c/0x1a70
[  932.644868][T13721]  ? __pfx_device_add+0x10/0x10
[  932.644884][T13721]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  932.644899][T13721]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  932.644917][T13721]  wiphy_register+0x1c9c/0x2850
[  932.644933][T13721]  ? netdev_run_todo+0x864/0x1320
[  932.644954][T13721]  ? __dev_printk+0x260/0x270
[  932.644970][T13721]  ? __pfx_wiphy_register+0x10/0x10
[  932.644995][T13721]  ieee80211_register_hw+0x24ac/0x4140
[  932.645019][T13721]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  932.645041][T13721]  ? find_held_lock+0x2b/0x80
[  932.645056][T13721]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  932.645071][T13721]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  932.645089][T13721]  ? __hrtimer_setup+0x176/0x280
[  932.645103][T13721]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  932.645124][T13721]  ? trace_kmalloc+0x2b/0xd0
[  932.645136][T13721]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  932.645148][T13721]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  932.645160][T13721]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  932.645174][T13721]  ? __asan_memcpy+0x3c/0x60
[  932.645191][T13721]  hwsim_new_radio_nl+0xb51/0x12c0
[  932.645206][T13721]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  932.645224][T13721]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  932.645243][T13721]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  932.645264][T13721]  genl_family_rcv_msg_doit+0x206/0x2f0
[  932.645283][T13721]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  932.645305][T13721]  ? bpf_lsm_capable+0x9/0x10
[  932.645320][T13721]  ? security_capable+0x7e/0x260
[  932.645337][T13721]  ? ns_capable+0xd7/0x110
[  932.645352][T13721]  genl_rcv_msg+0x55c/0x800
[  932.645363][T13721]  ? __pfx_genl_rcv_msg+0x10/0x10
[  932.645374][T13721]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  932.645392][T13721]  netlink_rcv_skb+0x155/0x420
[  932.645408][T13721]  ? __pfx_genl_rcv_msg+0x10/0x10
[  932.645419][T13721]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  932.645441][T13721]  ? netlink_deliver_tap+0x1ae/0xd30
[  932.645459][T13721]  genl_rcv+0x28/0x40
[  932.645475][T13721]  netlink_unicast+0x58d/0x850
[  932.645492][T13721]  ? __pfx_netlink_unicast+0x10/0x10
[  932.645506][T13721]  ? __build_skb_around+0x278/0x3b0
[  932.645528][T13721]  netlink_sendmsg+0x8d1/0xdd0
[  932.645546][T13721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  932.645567][T13721]  ____sys_sendmsg+0xa98/0xc70
[  932.645584][T13721]  ? copy_msghdr_from_user+0x10a/0x160
[  932.645597][T13721]  ? __pfx_____sys_sendmsg+0x10/0x10
[  932.645617][T13721]  ? __pfx_futex_wake_mark+0x10/0x10
[  932.645632][T13721]  ___sys_sendmsg+0x134/0x1d0
[  932.645644][T13721]  ? futex_private_hash_put+0x176/0x300
[  932.645661][T13721]  ? __pfx____sys_sendmsg+0x10/0x10
[  932.645673][T13721]  ? __lock_acquire+0x622/0x1c90
[  932.645708][T13721]  __sys_sendmsg+0x16d/0x220
[  932.645721][T13721]  ? __pfx___sys_sendmsg+0x10/0x10
[  932.645734][T13721]  ? __x64_sys_futex+0x1e0/0x4c0
[  932.645752][T13721]  do_syscall_64+0xcd/0x4c0
[  932.645767][T13721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  932.645779][T13721] RIP: 0033:0x7f2ed818e9a9
[  932.645789][T13721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  932.645800][T13721] RSP: 002b:00007f2ed9010038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  932.645811][T13721] RAX: ffffffffffffffda RBX: 00007f2ed83b5fa0 RCX: 00007f2ed818e9a9
[  932.645818][T13721] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  932.645825][T13721] RBP: 00007f2ed8210d69 R08: 0000000000000000 R09: 0000000000000000
[  932.645831][T13721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  932.645837][T13721] R13: 0000000000000000 R14: 00007f2ed83b5fa0 R15: 00007ffffe40ef58
[  932.645852][T13721]  </TASK>
[  933.524423][T13736] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1743'.
[  933.584736][T13736] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1743'.
[  933.636379][T13736] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  934.702239][   T30] audit: type=1326 audit(2000000535.344:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  934.715498][T13736] CPU: 1 UID: 0 PID: 13736 Comm: syz.3.1743 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  934.715528][T13736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  934.715538][T13736] Call Trace:
[  934.715545][T13736]  <TASK>
[  934.715552][T13736]  dump_stack_lvl+0x16c/0x1f0
[  934.715578][T13736]  sysfs_warn_dup+0x7f/0xa0
[  934.715597][T13736]  sysfs_do_create_link_sd+0x124/0x140
[  934.715620][T13736]  sysfs_create_link+0x61/0xc0
[  934.715640][T13736]  device_add+0x62c/0x1a70
[  934.715668][T13736]  ? __pfx_device_add+0x10/0x10
[  934.715688][T13736]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  934.715712][T13736]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  934.715737][T13736]  wiphy_register+0x1c9c/0x2850
[  934.715759][T13736]  ? netdev_run_todo+0x864/0x1320
[  934.715779][T13736]  ? __dev_printk+0x260/0x270
[  934.715801][T13736]  ? __pfx_wiphy_register+0x10/0x10
[  934.715836][T13736]  ieee80211_register_hw+0x24ac/0x4140
[  934.715870][T13736]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  934.715897][T13736]  ? find_held_lock+0x2b/0x80
[  934.715918][T13736]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  934.715937][T13736]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  934.715960][T13736]  ? __hrtimer_setup+0x176/0x280
[  934.715980][T13736]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  934.716011][T13736]  ? trace_kmalloc+0x2b/0xd0
[  934.716027][T13736]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  934.716045][T13736]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  934.716062][T13736]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  934.716081][T13736]  ? __asan_memcpy+0x3c/0x60
[  934.716107][T13736]  hwsim_new_radio_nl+0xb51/0x12c0
[  934.716134][T13736]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  934.716161][T13736]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  934.716189][T13736]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  934.716221][T13736]  genl_family_rcv_msg_doit+0x206/0x2f0
[  934.716251][T13736]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  934.716286][T13736]  ? bpf_lsm_capable+0x9/0x10
[  934.716306][T13736]  ? security_capable+0x7e/0x260
[  934.716330][T13736]  ? ns_capable+0xd7/0x110
[  934.716351][T13736]  genl_rcv_msg+0x55c/0x800
[  934.716369][T13736]  ? __pfx_genl_rcv_msg+0x10/0x10
[  934.716384][T13736]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  934.716405][T13736]  ? __lock_acquire+0x622/0x1c90
[  934.716432][T13736]  netlink_rcv_skb+0x155/0x420
[  934.716454][T13736]  ? __pfx_genl_rcv_msg+0x10/0x10
[  934.716469][T13736]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  934.716501][T13736]  ? netlink_deliver_tap+0x1ae/0xd30
[  934.716521][T13736]  ? is_vmalloc_addr+0x86/0xa0
[  934.716538][T13736]  genl_rcv+0x28/0x40
[  934.716559][T13736]  netlink_unicast+0x58d/0x850
[  934.716585][T13736]  ? __pfx_netlink_unicast+0x10/0x10
[  934.716604][T13736]  ? __build_skb_around+0x278/0x3b0
[  934.716635][T13736]  netlink_sendmsg+0x8d1/0xdd0
[  934.716661][T13736]  ? __pfx_netlink_sendmsg+0x10/0x10
[  934.716691][T13736]  ____sys_sendmsg+0xa98/0xc70
[  934.716715][T13736]  ? copy_msghdr_from_user+0x10a/0x160
[  934.716734][T13736]  ? __pfx_____sys_sendmsg+0x10/0x10
[  934.716762][T13736]  ? __pfx_futex_wake_mark+0x10/0x10
[  934.716784][T13736]  ___sys_sendmsg+0x134/0x1d0
[  934.716801][T13736]  ? futex_private_hash_put+0x176/0x300
[  934.716825][T13736]  ? __pfx____sys_sendmsg+0x10/0x10
[  934.716842][T13736]  ? __lock_acquire+0x622/0x1c90
[  934.716895][T13736]  __sys_sendmsg+0x16d/0x220
[  934.716914][T13736]  ? __pfx___sys_sendmsg+0x10/0x10
[  934.716932][T13736]  ? __x64_sys_futex+0x1e0/0x4c0
[  934.716961][T13736]  do_syscall_64+0xcd/0x4c0
[  934.716982][T13736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  934.716998][T13736] RIP: 0033:0x7fadb918e9a9
[  934.717013][T13736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  934.717028][T13736] RSP: 002b:00007fadba054038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  934.717045][T13736] RAX: ffffffffffffffda RBX: 00007fadb93b5fa0 RCX: 00007fadb918e9a9
[  934.717055][T13736] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  934.717065][T13736] RBP: 00007fadb9210d69 R08: 0000000000000000 R09: 0000000000000000
[  934.717075][T13736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  934.717086][T13736] R13: 0000000000000000 R14: 00007fadb93b5fa0 R15: 00007ffe19ad9ad8
[  934.717110][T13736]  </TASK>
[  937.053634][   T30] audit: type=1326 audit(2000000535.344:1987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  937.165975][   T30] audit: type=1326 audit(2000000535.344:1988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  937.434893][   T30] audit: type=1326 audit(2000000535.344:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.213286][   T30] audit: type=1326 audit(2000000535.344:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.282648][   T30] audit: type=1326 audit(2000000535.344:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.336031][   T30] audit: type=1326 audit(2000000535.344:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.473261][   T30] audit: type=1326 audit(2000000535.344:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.575998][ T5962] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  938.587149][   T30] audit: type=1326 audit(2000000535.344:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.621243][   T30] audit: type=1326 audit(2000000535.344:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13737 comm="syz.0.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2ed818e9a9 code=0x7ffc0000
[  938.775219][ T5962] usb 3-1: Using ep0 maxpacket: 16
[  938.789593][T13781] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1754'.
[  938.790068][ T5962] usb 3-1: config 1 has an invalid interface number: 76 but max is 0
[  938.853918][ T5962] usb 3-1: config 1 has no interface number 0
[  938.856575][T13781] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.1754'.
[  938.869875][ T5962] usb 3-1: config 1 interface 76 has no altsetting 0
[  938.887407][ T5962] usb 3-1: New USB device found, idVendor=2692, idProduct=9005, bcdDevice=aa.0a
[  938.909519][ T5962] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  938.921941][T13781] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  939.018598][ T5962] usb 3-1: Product: syz
[  939.061177][ T5962] usb 3-1: Manufacturer: syz
[  939.074931][T13781] CPU: 1 UID: 0 PID: 13781 Comm: syz.4.1754 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  939.074953][T13781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  939.074961][T13781] Call Trace:
[  939.074966][T13781]  <TASK>
[  939.074970][T13781]  dump_stack_lvl+0x16c/0x1f0
[  939.074990][T13781]  sysfs_warn_dup+0x7f/0xa0
[  939.075006][T13781]  sysfs_do_create_link_sd+0x124/0x140
[  939.075023][T13781]  sysfs_create_link+0x61/0xc0
[  939.075041][T13781]  device_add+0x62c/0x1a70
[  939.075061][T13781]  ? __pfx_device_add+0x10/0x10
[  939.075077][T13781]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  939.075092][T13781]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  939.075119][T13781]  wiphy_register+0x1c9c/0x2850
[  939.075137][T13781]  ? netdev_run_todo+0x864/0x1320
[  939.075155][T13781]  ? __dev_printk+0x260/0x270
[  939.075171][T13781]  ? __pfx_wiphy_register+0x10/0x10
[  939.075197][T13781]  ieee80211_register_hw+0x24ac/0x4140
[  939.075221][T13781]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  939.075240][T13781]  ? find_held_lock+0x2b/0x80
[  939.075255][T13781]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  939.075269][T13781]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  939.075287][T13781]  ? __hrtimer_setup+0x176/0x280
[  939.075301][T13781]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  939.075321][T13781]  ? trace_kmalloc+0x2b/0xd0
[  939.075334][T13781]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  939.075346][T13781]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  939.075359][T13781]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  939.075372][T13781]  ? __asan_memcpy+0x3c/0x60
[  939.075390][T13781]  hwsim_new_radio_nl+0xb51/0x12c0
[  939.075405][T13781]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  939.075423][T13781]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  939.075442][T13781]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  939.075463][T13781]  genl_family_rcv_msg_doit+0x206/0x2f0
[  939.075482][T13781]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  939.075504][T13781]  ? bpf_lsm_capable+0x9/0x10
[  939.075519][T13781]  ? security_capable+0x7e/0x260
[  939.075537][T13781]  ? ns_capable+0xd7/0x110
[  939.075551][T13781]  genl_rcv_msg+0x55c/0x800
[  939.075564][T13781]  ? __pfx_genl_rcv_msg+0x10/0x10
[  939.075574][T13781]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  939.075592][T13781]  netlink_rcv_skb+0x155/0x420
[  939.075608][T13781]  ? __pfx_genl_rcv_msg+0x10/0x10
[  939.075619][T13781]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  939.075640][T13781]  ? netlink_deliver_tap+0x1ae/0xd30
[  939.075657][T13781]  genl_rcv+0x28/0x40
[  939.075673][T13781]  netlink_unicast+0x58d/0x850
[  939.075691][T13781]  ? __pfx_netlink_unicast+0x10/0x10
[  939.075706][T13781]  ? __build_skb_around+0x278/0x3b0
[  939.075727][T13781]  netlink_sendmsg+0x8d1/0xdd0
[  939.075745][T13781]  ? __pfx_netlink_sendmsg+0x10/0x10
[  939.075766][T13781]  ____sys_sendmsg+0xa98/0xc70
[  939.075783][T13781]  ? copy_msghdr_from_user+0x10a/0x160
[  939.075796][T13781]  ? __pfx_____sys_sendmsg+0x10/0x10
[  939.075819][T13781]  ___sys_sendmsg+0x134/0x1d0
[  939.075831][T13781]  ? futex_private_hash_put+0x176/0x300
[  939.075849][T13781]  ? __pfx____sys_sendmsg+0x10/0x10
[  939.075861][T13781]  ? __lock_acquire+0x622/0x1c90
[  939.075899][T13781]  __sys_sendmsg+0x16d/0x220
[  939.075913][T13781]  ? __pfx___sys_sendmsg+0x10/0x10
[  939.075926][T13781]  ? __x64_sys_futex+0x1e0/0x4c0
[  939.075945][T13781]  do_syscall_64+0xcd/0x4c0
[  939.075963][T13781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.075975][T13781] RIP: 0033:0x7f5dff18e9a9
[  939.075984][T13781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  939.075996][T13781] RSP: 002b:00007f5dfff80038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  939.076008][T13781] RAX: ffffffffffffffda RBX: 00007f5dff3b6080 RCX: 00007f5dff18e9a9
[  939.076017][T13781] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  939.076024][T13781] RBP: 00007f5dff210d69 R08: 0000000000000000 R09: 0000000000000000
[  939.076032][T13781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  939.076039][T13781] R13: 0000000000000000 R14: 00007f5dff3b6080 R15: 00007fff37d1e9e8
[  939.076055][T13781]  </TASK>
[  939.500561][ T5962] usb 3-1: SerialNumber: syz
[  939.550718][ T5962] option 3-1:1.76: GSM modem (1-port) converter detected
[  940.256740][T13801] Bluetooth: hci5: Frame reassembly failed (-84)
[  940.266101][T13801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1752'.
[  940.291089][T13801] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1752'.
[  940.393668][ T3506] Bluetooth: hci5: Frame reassembly failed (-84)
[  941.600267][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  941.600285][   T30] audit: type=1326 audit(2000000542.231:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.784682][   T30] audit: type=1326 audit(2000000542.231:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.828932][   T30] audit: type=1326 audit(2000000542.231:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.852995][   T30] audit: type=1326 audit(2000000542.231:2005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.876860][   T30] audit: type=1326 audit(2000000542.231:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.900820][   T30] audit: type=1326 audit(2000000542.231:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.934838][   T30] audit: type=1326 audit(2000000542.231:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.964870][   T30] audit: type=1326 audit(2000000542.231:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  941.991070][   T30] audit: type=1326 audit(2000000542.241:2010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  942.071942][   T30] audit: type=1326 audit(2000000542.241:2011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13796 comm="syz.4.1757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f5dff18e9a9 code=0x7ffc0000
[  942.484453][T13826] ip6erspan0: entered promiscuous mode
[  942.812383][ T5830] Bluetooth: hci5: command 0x1003 tx timeout
[  942.813367][ T9567] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  942.956290][   T24] usb 3-1: USB disconnect, device number 4
[  942.986753][   T24] option 3-1:1.76: device disconnected
[  943.025430][T13821] netlink: 'syz.4.1762': attribute type 21 has an invalid length.
[  943.033704][T13821] netlink: 'syz.4.1762': attribute type 6 has an invalid length.
[  943.041595][T13821] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1762'.
[  946.816570][T13866] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  946.837333][T13866] siw: device registration error -23
[  947.944888][T13871] xt_hashlimit: max too large, truncated to 1048576
[  947.952283][T13871] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  949.024135][T13890] netlink: 'syz.4.1775': attribute type 14 has an invalid length.
[  949.774196][T13897] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1778'.
[  949.861665][T13897] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1778'.
[  949.902364][T13897] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  950.091604][T13897] CPU: 0 UID: 0 PID: 13897 Comm: syz.3.1778 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  950.091639][T13897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  950.091652][T13897] Call Trace:
[  950.091658][T13897]  <TASK>
[  950.091666][T13897]  dump_stack_lvl+0x16c/0x1f0
[  950.091695][T13897]  sysfs_warn_dup+0x7f/0xa0
[  950.091718][T13897]  sysfs_do_create_link_sd+0x124/0x140
[  950.091743][T13897]  sysfs_create_link+0x61/0xc0
[  950.091765][T13897]  device_add+0x62c/0x1a70
[  950.091796][T13897]  ? __pfx_device_add+0x10/0x10
[  950.091840][T13897]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  950.091868][T13897]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  950.091900][T13897]  wiphy_register+0x1c9c/0x2850
[  950.091928][T13897]  ? netdev_run_todo+0x864/0x1320
[  950.091953][T13897]  ? __dev_printk+0x260/0x270
[  950.091979][T13897]  ? __pfx_wiphy_register+0x10/0x10
[  950.092021][T13897]  ieee80211_register_hw+0x24ac/0x4140
[  950.092057][T13897]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  950.092094][T13897]  ? mac80211_hwsim_new_radio+0x302c/0x54d0
[  950.092121][T13897]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  950.092158][T13897]  ? trace_kmalloc+0x2b/0xd0
[  950.092178][T13897]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  950.092199][T13897]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  950.092220][T13897]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  950.092242][T13897]  ? __asan_memcpy+0x3c/0x60
[  950.092274][T13897]  hwsim_new_radio_nl+0xb51/0x12c0
[  950.092299][T13897]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  950.092330][T13897]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  950.092366][T13897]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  950.092402][T13897]  genl_family_rcv_msg_doit+0x206/0x2f0
[  950.092435][T13897]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  950.092478][T13897]  ? bpf_lsm_capable+0x9/0x10
[  950.092503][T13897]  ? security_capable+0x7e/0x260
[  950.092532][T13897]  ? ns_capable+0xd7/0x110
[  950.092556][T13897]  genl_rcv_msg+0x55c/0x800
[  950.092576][T13897]  ? __pfx_genl_rcv_msg+0x10/0x10
[  950.092591][T13897]  ? __pfx___schedule+0x10/0x10
[  950.092610][T13897]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  950.092635][T13897]  ? mark_held_locks+0x49/0x80
[  950.092664][T13897]  netlink_rcv_skb+0x155/0x420
[  950.092691][T13897]  ? __pfx_genl_rcv_msg+0x10/0x10
[  950.092710][T13897]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  950.092734][T13897]  ? preempt_schedule_thunk+0x16/0x30
[  950.092794][T13897]  ? netlink_deliver_tap+0x1ae/0xd30
[  950.092826][T13897]  ? is_vmalloc_addr+0x86/0xa0
[  950.092847][T13897]  genl_rcv+0x28/0x40
[  950.092873][T13897]  netlink_unicast+0x58d/0x850
[  950.092904][T13897]  ? __pfx_netlink_unicast+0x10/0x10
[  950.092929][T13897]  ? __build_skb_around+0x278/0x3b0
[  950.092966][T13897]  netlink_sendmsg+0x8d1/0xdd0
[  950.092997][T13897]  ? __pfx_netlink_sendmsg+0x10/0x10
[  950.093034][T13897]  ____sys_sendmsg+0xa98/0xc70
[  950.093063][T13897]  ? copy_msghdr_from_user+0x10a/0x160
[  950.093084][T13897]  ? __pfx_____sys_sendmsg+0x10/0x10
[  950.093115][T13897]  ? __lock_acquire+0xb8a/0x1c90
[  950.093149][T13897]  ___sys_sendmsg+0x134/0x1d0
[  950.093173][T13897]  ? __pfx____sys_sendmsg+0x10/0x10
[  950.093231][T13897]  __sys_sendmsg+0x16d/0x220
[  950.093254][T13897]  ? __pfx___sys_sendmsg+0x10/0x10
[  950.093276][T13897]  ? __x64_sys_futex+0x1e0/0x4c0
[  950.093311][T13897]  do_syscall_64+0xcd/0x4c0
[  950.093336][T13897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.093355][T13897] RIP: 0033:0x7fadb918e9a9
[  950.093373][T13897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  950.093393][T13897] RSP: 002b:00007fadba054038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  950.093412][T13897] RAX: ffffffffffffffda RBX: 00007fadb93b5fa0 RCX: 00007fadb918e9a9
[  950.093424][T13897] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  950.093434][T13897] RBP: 00007fadb9210d69 R08: 0000000000000000 R09: 0000000000000000
[  950.093445][T13897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  950.093456][T13897] R13: 0000000000000000 R14: 00007fadb93b5fa0 R15: 00007ffe19ad9ad8
[  950.093481][T13897]  </TASK>
[  953.966447][T13930] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1785'.
[  954.103856][T13932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1785'.
[  961.014439][T13997] openvswitch: netlink: VXLAN extension message has 22 unknown bytes.
[  961.892046][T14001] mkiss: ax0: crc mode is auto.
[  961.973909][T14005] 9pnet_fd: Insufficient options for proto=fd
[  962.239077][T14007] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  962.245711][T14007] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  962.254832][T14009] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(13)
[  962.261440][T14009] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  962.474166][T14009] vhci_hcd vhci_hcd.0: Device attached
[  962.481240][T14007] vhci_hcd vhci_hcd.0: Device attached
[  963.030178][ T5962] vhci_hcd: vhci_device speed not set
[  963.094764][ T5962] usb 41-1: new full-speed USB device number 5 using vhci_hcd
[  963.748126][T14010] vhci_hcd: connection reset by peer
[  963.753556][T14013] vhci_hcd: connection closed
[  963.753854][ T3506] vhci_hcd: stop threads
[  963.774051][ T3506] vhci_hcd: release socket
[  963.803375][ T3506] vhci_hcd: disconnect device
[  963.826759][ T3506] vhci_hcd: stop threads
[  963.836782][ T3506] vhci_hcd: release socket
[  963.848159][T14028] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1811'.
[  963.867840][ T3506] vhci_hcd: disconnect device
[  964.234393][T14028] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1811'.
[  964.301046][T14028] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  964.528285][T14028] CPU: 1 UID: 0 PID: 14028 Comm: syz.2.1811 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  964.528309][T14028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  964.528316][T14028] Call Trace:
[  964.528321][T14028]  <TASK>
[  964.528327][T14028]  dump_stack_lvl+0x16c/0x1f0
[  964.528346][T14028]  sysfs_warn_dup+0x7f/0xa0
[  964.528362][T14028]  sysfs_do_create_link_sd+0x124/0x140
[  964.528377][T14028]  sysfs_create_link+0x61/0xc0
[  964.528390][T14028]  device_add+0x62c/0x1a70
[  964.528409][T14028]  ? __pfx_device_add+0x10/0x10
[  964.528424][T14028]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  964.528440][T14028]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  964.528458][T14028]  wiphy_register+0x1c9c/0x2850
[  964.528474][T14028]  ? netdev_run_todo+0x864/0x1320
[  964.528488][T14028]  ? __dev_printk+0x260/0x270
[  964.528503][T14028]  ? __pfx_wiphy_register+0x10/0x10
[  964.528526][T14028]  ieee80211_register_hw+0x24ac/0x4140
[  964.528547][T14028]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  964.528565][T14028]  ? find_held_lock+0x2b/0x80
[  964.528580][T14028]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  964.528594][T14028]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  964.528611][T14028]  ? __hrtimer_setup+0x176/0x280
[  964.528625][T14028]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  964.528646][T14028]  ? trace_kmalloc+0x2b/0xd0
[  964.528658][T14028]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  964.528670][T14028]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  964.528682][T14028]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  964.528696][T14028]  ? __asan_memcpy+0x3c/0x60
[  964.528714][T14028]  hwsim_new_radio_nl+0xb51/0x12c0
[  964.528730][T14028]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  964.528749][T14028]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  964.528768][T14028]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  964.528789][T14028]  genl_family_rcv_msg_doit+0x206/0x2f0
[  964.528807][T14028]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  964.528829][T14028]  ? bpf_lsm_capable+0x9/0x10
[  964.528843][T14028]  ? security_capable+0x7e/0x260
[  964.528861][T14028]  ? ns_capable+0xd7/0x110
[  964.528875][T14028]  genl_rcv_msg+0x55c/0x800
[  964.528887][T14028]  ? __pfx_genl_rcv_msg+0x10/0x10
[  964.528897][T14028]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  964.528916][T14028]  netlink_rcv_skb+0x155/0x420
[  964.528931][T14028]  ? __pfx_genl_rcv_msg+0x10/0x10
[  964.528941][T14028]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  964.528963][T14028]  ? netlink_deliver_tap+0x1ae/0xd30
[  964.528986][T14028]  genl_rcv+0x28/0x40
[  964.529002][T14028]  netlink_unicast+0x58d/0x850
[  964.529020][T14028]  ? __pfx_netlink_unicast+0x10/0x10
[  964.529035][T14028]  ? __build_skb_around+0x278/0x3b0
[  964.529058][T14028]  netlink_sendmsg+0x8d1/0xdd0
[  964.529078][T14028]  ? __pfx_netlink_sendmsg+0x10/0x10
[  964.529100][T14028]  ____sys_sendmsg+0xa98/0xc70
[  964.529118][T14028]  ? copy_msghdr_from_user+0x10a/0x160
[  964.529132][T14028]  ? __pfx_____sys_sendmsg+0x10/0x10
[  964.529150][T14028]  ? trace_sched_exit_tp+0xde/0x130
[  964.529166][T14028]  ? __schedule+0x11a4/0x5df0
[  964.529180][T14028]  ___sys_sendmsg+0x134/0x1d0
[  964.529192][T14028]  ? futex_private_hash_put+0x176/0x300
[  964.529209][T14028]  ? __pfx____sys_sendmsg+0x10/0x10
[  964.529221][T14028]  ? __lock_acquire+0x622/0x1c90
[  964.529256][T14028]  __sys_sendmsg+0x16d/0x220
[  964.529269][T14028]  ? __pfx___sys_sendmsg+0x10/0x10
[  964.529296][T14028]  do_syscall_64+0xcd/0x4c0
[  964.529311][T14028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  964.529322][T14028] RIP: 0033:0x7f8e3818e9a9
[  964.529332][T14028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  964.529343][T14028] RSP: 002b:00007f8e3907e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  964.529356][T14028] RAX: ffffffffffffffda RBX: 00007f8e383b5fa0 RCX: 00007f8e3818e9a9
[  964.529364][T14028] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  964.529371][T14028] RBP: 00007f8e38210d69 R08: 0000000000000000 R09: 0000000000000000
[  964.529377][T14028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  964.529384][T14028] R13: 0000000000000000 R14: 00007f8e383b5fa0 R15: 00007fff73abcf68
[  964.529398][T14028]  </TASK>
[  965.940488][T14044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1812'.
[  965.964049][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  965.964082][   T30] audit: type=1400 audit(2000000567.552:2019): avc:  denied  { nlmsg_read } for  pid=14041 comm="syz.2.1812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  966.759401][T14057] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1816'.
[  967.655379][T14066] overlayfs: failed to clone upperpath
[  968.285222][ T5962] vhci_hcd: vhci_device speed not set
[  968.962559][T14079] overlayfs: failed to resolve './file0': -2
[  969.061949][T14080] netdevsim netdevsim3 : renamed from netdevsim0 (while UP)
[  969.975722][T14090] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1823'.
[  970.001022][T14090] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1823'.
[  970.039067][T14090] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç+`²'
[  970.069177][T14090] CPU: 0 UID: 0 PID: 14090 Comm: syz.2.1823 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  970.069207][T14090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  970.069218][T14090] Call Trace:
[  970.069224][T14090]  <TASK>
[  970.069231][T14090]  dump_stack_lvl+0x16c/0x1f0
[  970.069261][T14090]  sysfs_warn_dup+0x7f/0xa0
[  970.069283][T14090]  sysfs_do_create_link_sd+0x124/0x140
[  970.069308][T14090]  sysfs_create_link+0x61/0xc0
[  970.069332][T14090]  device_add+0x62c/0x1a70
[  970.069363][T14090]  ? __pfx_device_add+0x10/0x10
[  970.069388][T14090]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  970.069414][T14090]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  970.069443][T14090]  wiphy_register+0x1c9c/0x2850
[  970.069469][T14090]  ? netdev_run_todo+0x864/0x1320
[  970.069493][T14090]  ? __dev_printk+0x260/0x270
[  970.069518][T14090]  ? __pfx_wiphy_register+0x10/0x10
[  970.069559][T14090]  ieee80211_register_hw+0x24ac/0x4140
[  970.069597][T14090]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  970.069627][T14090]  ? find_held_lock+0x2b/0x80
[  970.069653][T14090]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  970.069685][T14090]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  970.069717][T14090]  ? __hrtimer_setup+0x176/0x280
[  970.069742][T14090]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  970.069780][T14090]  ? trace_kmalloc+0x2b/0xd0
[  970.069800][T14090]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  970.069820][T14090]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  970.069841][T14090]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  970.069863][T14090]  ? __asan_memcpy+0x3c/0x60
[  970.069893][T14090]  hwsim_new_radio_nl+0xb51/0x12c0
[  970.069917][T14090]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  970.069947][T14090]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  970.069978][T14090]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  970.070014][T14090]  genl_family_rcv_msg_doit+0x206/0x2f0
[  970.070045][T14090]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  970.070083][T14090]  ? bpf_lsm_capable+0x9/0x10
[  970.070106][T14090]  ? security_capable+0x7e/0x260
[  970.070134][T14090]  ? ns_capable+0xd7/0x110
[  970.070157][T14090]  genl_rcv_msg+0x55c/0x800
[  970.070178][T14090]  ? __pfx_genl_rcv_msg+0x10/0x10
[  970.070195][T14090]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  970.070227][T14090]  netlink_rcv_skb+0x155/0x420
[  970.070253][T14090]  ? __pfx_genl_rcv_msg+0x10/0x10
[  970.070271][T14090]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  970.070309][T14090]  ? netlink_deliver_tap+0x1ae/0xd30
[  970.070338][T14090]  genl_rcv+0x28/0x40
[  970.070363][T14090]  netlink_unicast+0x58d/0x850
[  970.070392][T14090]  ? __pfx_netlink_unicast+0x10/0x10
[  970.070416][T14090]  ? __build_skb_around+0x278/0x3b0
[  970.070455][T14090]  netlink_sendmsg+0x8d1/0xdd0
[  970.070486][T14090]  ? __pfx_netlink_sendmsg+0x10/0x10
[  970.070522][T14090]  ____sys_sendmsg+0xa98/0xc70
[  970.070550][T14090]  ? copy_msghdr_from_user+0x10a/0x160
[  970.070572][T14090]  ? __pfx_____sys_sendmsg+0x10/0x10
[  970.070612][T14090]  ___sys_sendmsg+0x134/0x1d0
[  970.070632][T14090]  ? futex_private_hash_put+0x176/0x300
[  970.070660][T14090]  ? __pfx____sys_sendmsg+0x10/0x10
[  970.070685][T14090]  ? __lock_acquire+0x622/0x1c90
[  970.070748][T14090]  __sys_sendmsg+0x16d/0x220
[  970.070770][T14090]  ? __pfx___sys_sendmsg+0x10/0x10
[  970.070793][T14090]  ? __x64_sys_futex+0x1e0/0x4c0
[  970.070829][T14090]  do_syscall_64+0xcd/0x4c0
[  970.070856][T14090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.070875][T14090] RIP: 0033:0x7f8e3818e9a9
[  970.070890][T14090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  970.070908][T14090] RSP: 002b:00007f8e3907e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  970.070926][T14090] RAX: ffffffffffffffda RBX: 00007f8e383b5fa0 RCX: 00007f8e3818e9a9
[  970.070940][T14090] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000008
[  970.070952][T14090] RBP: 00007f8e38210d69 R08: 0000000000000000 R09: 0000000000000000
[  970.070964][T14090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  970.070975][T14090] R13: 0000000000000000 R14: 00007f8e383b5fa0 R15: 00007fff73abcf68
[  970.071002][T14090]  </TASK>
[  973.229399][T14127] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1830'.
[  973.849070][T14131] netlink: 'syz.3.1832': attribute type 10 has an invalid length.
[  973.857033][T14131] netlink: 55 bytes leftover after parsing attributes in process `syz.3.1832'.
[  975.617763][T14155] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1838'.
[  976.285552][T14163] PKCS7: Unknown OID: [5] (bad)
[  976.354787][   T30] audit: type=1400 audit(2000000577.954:2020): avc:  denied  { ioctl } for  pid=14159 comm="syz.3.1840" path="socket:[39095]" dev="sockfs" ino=39095 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  976.434926][T14163] PKCS7: Only support pkcs7_signedData type
[  977.845818][T14182] page: refcount:515 mapcount:0 mapping:ffff8880570e2590 index:0x0 pfn:0x41800
[  977.856066][T14182] head: order:9 mapcount:1 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  977.864574][T14182] aops:hugetlbfs_aops ino:98c9 dentry name(?):"anon_hugepage"
[  977.872238][T14182] flags: 0xfff00000000041(locked|head|node=0|zone=1|lastcpupid=0x7ff)
[  977.880435][T14182] page_type: f4(hugetlb)
[  977.884703][T14182] raw: 00fff00000000041 ffffea0001078008 ffffc9000fa6fd68 ffff8880570e2590
[  977.893317][T14182] raw: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[  977.901920][T14182] head: 00fff00000000041 ffffea0001078008 ffffc9000fa6fd68 ffff8880570e2590
[  977.910606][T14182] head: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[  977.919723][T14182] head: 00fff00000000009 ffffea0001060001 0000000000000000 0000000000000000
[  977.928427][T14182] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000200
[  977.937218][T14182] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[  977.944501][T14182] page_owner tracks the page as allocated
[  977.951367][T14182] page last allocated via order 9, migratetype Movable, gfp_mask 0x146cca(GFP_HIGHUSER_MOVABLE|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP), pid 13488, tgid 13481 (syz.4.1682), ts 915957716254, free_ts 911591252898
[  977.972129][T14182]  post_alloc_hook+0x1c0/0x230
[  977.976925][T14182]  get_page_from_freelist+0x1321/0x3890
[  977.983893][T14182]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  977.990303][T14182]  alloc_surplus_hugetlb_folio+0x1ad/0x4a0
[  977.996140][T14182]  alloc_hugetlb_folio+0xed4/0x1560
[  978.001341][T14182]  hugetlb_fault+0x2005/0x3070
[  978.006103][T14182]  handle_mm_fault+0xbfa/0xd10
[  978.010886][T14182]  do_user_addr_fault+0x7a6/0x1370
[  978.015993][T14182]  exc_page_fault+0x5c/0xb0
[  978.020477][T14182]  asm_exc_page_fault+0x26/0x30
[  978.025317][T14182] page last free pid 13466 tgid 13464 stack trace:
[  978.031807][T14182]  free_unref_folios+0xa65/0x1800
[  978.036825][T14182]  folios_put_refs+0x56f/0x740
[  978.041568][T14182]  free_pages_and_swap_cache+0x3f0/0x4a0
[  978.047204][T14182]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  978.053198][T14182]  tlb_flush_mmu+0xe9/0x5a0
[  978.057682][T14182]  unmap_page_range+0x2040/0x4350
[  978.062685][T14182]  unmap_single_vma.constprop.0+0x153/0x240
[  978.068601][T14182]  unmap_vmas+0x218/0x470
[  978.072938][T14182]  exit_mmap+0x1b9/0xb90
[  978.077253][T14182]  __mmput+0x12a/0x410
[  978.081306][T14182]  mmput+0x62/0x70
[  978.085010][T14182]  do_exit+0x7c4/0x2bd0
[  978.089150][T14182]  do_group_exit+0xd3/0x2a0
[  978.093651][T14182]  get_signal+0x2673/0x26d0
[  978.098139][T14182]  arch_do_signal_or_restart+0x8f/0x7d0
[  978.103683][T14182]  exit_to_user_mode_loop+0x84/0x110
[  978.109130][T14182] ------------[ cut here ]------------
[  978.114570][T14182] kernel BUG at mm/filemap.c:154!
[  978.119593][T14182] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  978.125998][T14182] CPU: 1 UID: 0 PID: 14182 Comm: syz.3.1844 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(full) 
[  978.137695][T14182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  978.147730][T14182] RIP: 0010:filemap_unaccount_folio+0xef/0x8c0
[  978.153870][T14182] Code: 87 fa c9 ff 89 ee 31 ff 4c 8d 6b 30 e8 ba f5 c9 ff 85 ed 7e 17 e8 71 fa c9 ff 48 c7 c6 40 09 b9 8b 48 89 df e8 d2 b8 11 00 90 <0f> 0b e8 5a fa c9 ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1
[  978.173454][T14182] RSP: 0018:ffffc9000faaf3d0 EFLAGS: 00010046
[  978.179495][T14182] RAX: 0000000000080000 RBX: ffffea0001060000 RCX: ffffc900115cf000
[  978.187440][T14182] RDX: 0000000000080000 RSI: ffffffff81f1ae8e RDI: ffff888035152884
[  978.195392][T14182] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  978.203427][T14182] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880570e2590
[  978.211558][T14182] R13: ffffea0001060030 R14: 0000000000000870 R15: ffffea0001060000
[  978.219602][T14182] FS:  00007fadb9fd06c0(0000) GS:ffff888124822000(0000) knlGS:0000000000000000
[  978.228513][T14182] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  978.235084][T14182] CR2: 000000110c3416a7 CR3: 0000000026fd0000 CR4: 00000000003526f0
[  978.243054][T14182] Call Trace:
[  978.246326][T14182]  <TASK>
[  978.249242][T14182]  filemap_remove_folio+0xf1/0x250
[  978.254343][T14182]  remove_inode_hugepages+0x74a/0xed0
[  978.259709][T14182]  ? __lock_acquire+0x622/0x1c90
[  978.264674][T14182]  ? __pfx_remove_inode_hugepages+0x10/0x10
[  978.270574][T14182]  ? up_write+0x1b2/0x520
[  978.274899][T14182]  hugetlbfs_fallocate+0xf3f/0x12e0
[  978.280074][T14182]  ? avc_has_perm_noaudit+0x149/0x3b0
[  978.285440][T14182]  ? avc_has_perm+0xc0/0x1f0
[  978.290028][T14182]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[  978.295738][T14182]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[  978.301354][T14182]  ? vfs_fallocate+0x595/0x10c0
[  978.306178][T14182]  vfs_fallocate+0x595/0x10c0
[  978.310832][T14182]  ? __pfx_vfs_fallocate+0x10/0x10
[  978.315929][T14182]  ? madvise_vma_behavior+0x222c/0x2420
[  978.321461][T14182]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  978.327402][T14182]  madvise_vma_behavior+0x21ca/0x2420
[  978.332782][T14182]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  978.338505][T14182]  ? __pfx_mas_prev+0x10/0x10
[  978.343182][T14182]  ? find_vma_prev+0xda/0x160
[  978.347859][T14182]  ? __pfx_find_vma_prev+0x10/0x10
[  978.352973][T14182]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  978.358785][T14182]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  978.364485][T14182]  madvise_walk_vmas+0x1ce/0x2c0
[  978.369401][T14182]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  978.374856][T14182]  madvise_do_behavior+0x15d/0x3f0
[  978.379967][T14182]  ? __pfx_madvise_do_behavior+0x10/0x10
[  978.385760][T14182]  do_madvise+0x161/0x230
[  978.390066][T14182]  ? __pfx_do_madvise+0x10/0x10
[  978.394915][T14182]  ? xfd_validate_state+0x61/0x180
[  978.400031][T14182]  __x64_sys_madvise+0xa9/0x110
[  978.404902][T14182]  ? lockdep_hardirqs_on+0x7c/0x110
[  978.410093][T14182]  do_syscall_64+0xcd/0x4c0
[  978.414582][T14182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.420468][T14182] RIP: 0033:0x7fadb918e9a9
[  978.424880][T14182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  978.444473][T14182] RSP: 002b:00007fadb9fd0038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  978.452867][T14182] RAX: ffffffffffffffda RBX: 00007fadb93b6320 RCX: 00007fadb918e9a9
[  978.460913][T14182] RDX: 0000000000000009 RSI: 0000000000600002 RDI: 0000200000000000
[  978.468859][T14182] RBP: 00007fadb9210d69 R08: 0000000000000000 R09: 0000000000000000
[  978.476816][T14182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  978.484761][T14182] R13: 0000000000000000 R14: 00007fadb93b6320 R15: 00007ffe19ad9ad8
[  978.492710][T14182]  </TASK>
[  978.495705][T14182] Modules linked in:
[  978.499580][T14182] ---[ end trace 0000000000000000 ]---
[  978.505024][T14182] RIP: 0010:filemap_unaccount_folio+0xef/0x8c0
[  978.511167][T14182] Code: 87 fa c9 ff 89 ee 31 ff 4c 8d 6b 30 e8 ba f5 c9 ff 85 ed 7e 17 e8 71 fa c9 ff 48 c7 c6 40 09 b9 8b 48 89 df e8 d2 b8 11 00 90 <0f> 0b e8 5a fa c9 ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1
[  978.530756][T14182] RSP: 0018:ffffc9000faaf3d0 EFLAGS: 00010046
[  978.536798][T14182] RAX: 0000000000080000 RBX: ffffea0001060000 RCX: ffffc900115cf000
[  978.544762][T14182] RDX: 0000000000080000 RSI: ffffffff81f1ae8e RDI: ffff888035152884
[  978.552709][T14182] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  978.560656][T14182] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880570e2590
[  978.568608][T14182] R13: ffffea0001060030 R14: 0000000000000870 R15: ffffea0001060000
[  978.576566][T14182] FS:  00007fadb9fd06c0(0000) GS:ffff888124822000(0000) knlGS:0000000000000000
[  978.585500][T14182] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  978.592096][T14182] CR2: 000000110c3416a7 CR3: 0000000026fd0000 CR4: 00000000003526f0
[  978.600150][T14182] Kernel panic - not syncing: Fatal exception
[  978.606402][T14182] Kernel Offset: disabled
[  978.610705][T14182] Rebooting in 86400 seconds..