last executing test programs:

6.643973142s ago: executing program 0 (id=256):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x300, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)
r2 = syz_open_dev$ptys(0xc, 0x3, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r5, 0xc028ae92, &(0x7f0000000000)={0x6})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioctl$TCXONC(r0, 0x540a, 0x1)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
r7 = syz_open_dev$dri(&(0x7f0000000040), 0x34c0, 0x48080)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r7, 0xc01064bd, &(0x7f0000000100)={&(0x7f0000000580)="88322d13657882f45af2a7b7633ea3a2d3f75c64ae64fec685816cfb8de91cbd982d9ab3ceda0801dfd913f00fbeba13649b00ebfd1082fc947c14e0b1262a3d291b6e0d225d8d0cd98c2fbbbea759d82de55aa597b83e8468bb7b00399632eaac1b7b3f362a95899bbd1877d49b9848d924280202b6926f37a912c57be2d3061e32816135f6eda866af99846e91720acf8ab1358381989e892ee6114561627f68f9d772a304d466f5eeb89aa30b14216835efe8b785d5fa9c4b4e50897edd5567becdba3e9b0f1b5ee6d52f8861fc5cba953356eead59605b71e07f8c363286000000000000000000000000225a48ba011aad9a3bab93e15a197c881592f8b48e1b88cc1d2269143102466ce85e05d8d7e9f7995198a8a8c7c861c5ad93b14b7707fc437566ae60705296eb00c2a0c8159a02b860858c45004980699501c860bd3b902fe44400"/353, 0x161, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000003c0)={r8, 0x9d, &(0x7f0000000300)=""/157})
ioctl$UFFDIO_WRITEPROTECT(r6, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0xf758c000)
keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x0})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000880)=0x3)

6.044007382s ago: executing program 0 (id=258):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff000000bfa300000000000007030000f0ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d010000000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000e1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8cc658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ad539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c97888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5a444a41bac326ddea7d7b9c90d44f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2a4d39b43878b6ef26ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee92ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93b71db0a2366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00000000000000000000009a8329eb97567787ff28dd96c8e0f9e3c84394afc8f83dc6c6c813fafed61cdd6117092562837a3fa3fc388ab57429a9ecc4fddb0f0a7e4a1415d82d8bac999696d9130e36fc86df796a72559c523fae90d0b742d09cd2edf652c67aa62742e9ce0ff5283f627b622a83576f57d0899e0da8483f9dc296"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd64}, 0x48)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000340), r0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0x8c, r6, 0x300, 0x70bd2b, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x8}, {0xc, 0x90, 0x10000}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x5}, {0xc, 0x90, 0x4}}]}, 0x8c}}, 0x40)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
timer_create(0x3, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{}, {0x0, 0x989680}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="ffff00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c00028008000500ffffffff"], 0x3c}}, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x0, 0x1})
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x40, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
r11 = socket$nl_route(0x10, 0x3, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r12 = socket(0x1, 0x803, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r13}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x4c}}, 0x0)

5.552863303s ago: executing program 0 (id=259):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
socket$netlink(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r4, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r5, 0x0, 0x0, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000067c0), 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000854}, 0x40)
sendmmsg$inet6(r3, &(0x7f0000019680), 0x0, 0x20004855)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})

2.723931185s ago: executing program 0 (id=282):
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd1, 0xa0, 0x5e, 0x20, 0xccd, 0x102, 0x890e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x54, 0x40, 0x1, "", [{{0x9, 0x4, 0xbc, 0x80, 0x0, 0xc, 0xf1, 0xc7, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = syz_open_dev$I2C(&(0x7f00000000c0), 0xc, 0x88000)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000000)={&(0x7f0000000840)})

2.573621182s ago: executing program 3 (id=284):
setreuid(0xee01, 0xee01)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x38, 0x1403, 0x1, 0x0, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'xfrm0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4040034}, 0xc802)
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143142, 0x103)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x2)
dup3(r0, r3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f14000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64364f56e24e6d2105bd901128c7e0ec82770c8204a1deeed415561752f708ccfbd80b2bd6c72652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec865e160000000000004c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed425454b9a70cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200"/2759], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0xfcf1540037e28fdc)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000000100)={{0x70000, 0x30000, 0x0, 0x2, 0x2, 0x10, 0x3, 0x7, 0x0, 0x8, 0x9}, {0xe000, 0x10000, 0xc, 0x0, 0x22, 0x0, 0xfd, 0x0, 0x7, 0xff}, {0xb000, 0x8080000, 0xc, 0x0, 0x27, 0xc4, 0x0, 0x0, 0x8, 0xfd, 0x44, 0x3}, {0x4000, 0x33331000, 0x18592cbc7c573fc6, 0x9, 0x1, 0x9, 0x9, 0x7, 0x8, 0xf, 0x4}, {0x80a0000, 0xeeee8000, 0xb, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f, 0x6}, {0xb000, 0x0, 0x9, 0x76, 0x2, 0x1, 0x2, 0x80, 0x0, 0xff, 0x6}, {0xeeee8000, 0xeeee0000, 0x3, 0x4, 0x6, 0x0, 0xa1, 0x2, 0x0, 0x0, 0x4}, {0x2, 0x50000, 0xc, 0x3, 0x9, 0x7, 0x9, 0x40, 0x26, 0x0, 0x0, 0xf}, {0x80a0000, 0x8cc}, {0x60000, 0xfffc}, 0xddfdffc3, 0x0, 0x0, 0x110, 0xe, 0xf801, 0xb000, [0x80000004, 0x0, 0x10000, 0xfffffffffffdffff]})
r8 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001140)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000d00)=@nat={'nat\x00', 0x1b, 0x5, 0x3b0, 0x0, 0x1c8, 0xffffffff, 0xd8, 0x0, 0x318, 0x318, 0xffffffff, 0x318, 0x318, 0x5, &(0x7f0000000040), {[{{@uncond, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}, {0x922, 0x359, 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xb, @dev={0xac, 0x14, 0x14, 0x2c}, @broadcast, @icmp_id=0x64, @port=0x4e24}}}}, {{@ip={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0x0, 'veth1\x00', 'bridge0\x00', {}, {}, 0x29, 0x2, 0xa}, 0x0, 0xb8, 0xf0, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "c6c9", 0x1}}, @common=@socket0={{0x20}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0xd, @multicast2, @multicast1, @port=0x4e21, @port=0x4e21}}}}, {{@ip={@empty, @remote, 0x1feffff00, 0xffffffff, 'macvlan0\x00', 'macsec0\x00', {0xff}, {0xff}, 0x21, 0x1, 0x4}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @icmp_id=0x67, @port=0x4e20}}}}, {{@ip={@loopback, @rand_addr=0x64010100, 0xffffff00, 0xffffff00, 'veth0_to_bridge\x00', 'veth0_to_batadv\x00', {0xff}, {}, 0x11, 0x0, 0x20}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @rand_addr=0x64010100, @remote, @gre_key=0x10, @port=0x4e21}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x410)

2.523995607s ago: executing program 3 (id=285):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x8840, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x8)
setsockopt$inet6_int(r3, 0x29, 0x100000000001f, &(0x7f0000000180)=0x1, 0x4) (async)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={<r4=>0x0, 0x7, 0x3, 0xb25c}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000100)={r4, 0x249, 0x5}, 0x8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r5, &(0x7f0000000c80)={0x2, 0x4e21, @local}, 0x10) (async)
sendto$inet(r5, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x8012, 0x0, 0xfffffffffffffe2d) (async)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000040)=0x1, 0x4) (async, rerun: 64)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) (rerun: 64)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r6=>0x0) (async)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) (async, rerun: 64)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (rerun: 64)
timer_settime(r6, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) (async)
ioctl$CDROMMULTISESSION(r2, 0x5323, 0x0) (async)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000480)={0x8, 0x0, r1})

2.377510518s ago: executing program 3 (id=287):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "f19f00", 0x0, 0x0, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0x80}}]}]}}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$pppl2tp(0x18, 0x1, 0x1)
close(0x3)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) (async)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x18, r6, 0x2, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8800}, 0x44040)
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd705399dbf6df00000000080001008000000008000300", @ANYRES32=r4, @ANYBLOB="0c009900ff070000740000001400040073797a6b616c6c6572300000000000000800050004000000"], 0x4c}, 0x1, 0x0, 0x0, 0x49}, 0x2400c003) (async)
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd705399dbf6df00000000080001008000000008000300", @ANYRES32=r4, @ANYBLOB="0c009900ff070000740000001400040073797a6b616c6c6572300000000000000800050004000000"], 0x4c}, 0x1, 0x0, 0x0, 0x49}, 0x2400c003)

2.293812871s ago: executing program 3 (id=289):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfffffffc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r1, &(0x7f00000045c0)={0x0, 0x0, &(0x7f0000004580)={&(0x7f0000004500)={0x18, r2, 0x833, 0x70bd25, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r3)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r4, 0x7, 0x60, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x4040)

2.214088959s ago: executing program 3 (id=290):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
socket$netlink(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r4, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r5, 0x0, 0x0, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000067c0), 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000854}, 0x40)
sendmmsg$inet6(r3, &(0x7f0000019680), 0x0, 0x20004855)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})

2.073801485s ago: executing program 2 (id=291):
fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440), 0x0, 0x0)

2.073344418s ago: executing program 2 (id=292):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
dup3(r1, r0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000005400010026bdf0010000000007000000", @ANYRES32, @ANYBLOB="0b000100"], 0x38}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000000)={0x1408}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f00000000c0)={0x8, r3}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb}, &(0x7f0000000000))
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0xffffff63)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x20}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f", 0x70, 0x840, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x006'], 0x48)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001400)=[{0x0}, {&(0x7f0000000d00)}, {&(0x7f0000000fc0)="c6eae69212ba50dd664af774c32d3427", 0x10}, {0x0}], 0x4, &(0x7f00000014c0)}}], 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0205647, &(0x7f0000000940)={0xf010000, @vbi={0x0, 0x9, 0x6, 0x32435750, [0x1, 0x4bf], [0x1, 0x2], 0x13a}})
bind$alg(r6, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3000000040000701fefeffff00000000017c0000040042801400018006000600800a000008001300", @ANYRES32=0x0, @ANYBLOB="4ad8398d080000"], 0xff2f}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r7 = accept4(r6, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)

1.844168669s ago: executing program 2 (id=293):
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000000)=[@ioring_restriction_register_op], 0x1)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_settings={0x7, 0x7f, @fr_pvc=0x0}})
ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000)) (async)
ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000))
syz_io_uring_setup(0x31c0, &(0x7f0000000180)={0x0, 0xc7ca, 0x40, 0x2, 0x1bc}, &(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000000))

1.784176039s ago: executing program 2 (id=295):
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r0 = socket(0x2d, 0x2, 0x0)
bind$xdp(r0, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0x3e}, 0x10)
close(0x3)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x30, 0x0, &(0x7f00000000c0)=[@acquire, @clear_death={0x400c630f, 0x2}, @request_death={0x400c630e, 0x1}, @decrefs={0x40046307, 0x10002}], 0xa, 0x0, &(0x7f0000000180)="5481ade1be03fafa4c8c"})
r2 = dup3(r1, 0xffffffffffffffff, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
recvmmsg$unix(r5, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000010101ac14140c0008a47a000000b786060000000200004e214e2204519078089cc7e80394125a"], 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_handle={0x77682a85, 0x100a, 0x1}, @flat=@handle={0x73682a85, 0x10a, 0x2}, @flat=@weak_binder={0x77622a85, 0x1, 0x2}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

1.534162798s ago: executing program 0 (id=298):
r0 = socket(0x11, 0x3, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=<r2=>0x0)
bind$nfc_llcp(r1, &(0x7f00000001c0)={0x27, r2, 0x0, 0x2, 0x0, 0x49, "c46e9fd1a84b7fa0bf2cca6beb9363a680b652a86bcf56a1b9ca5386103a5ccbe47b7b9aa6d8d701a3ba00000000b97800001022f987617c318500", 0x3a}, 0x60)
getsockopt$inet_buf(r1, 0x118, 0x1, 0x0, &(0x7f00000003c0))
sendmmsg(r0, &(0x7f0000000000)=[{{&(0x7f0000000640)=@qipcrtr={0x2a, 0x5, 0x7fff}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000040)="d479183d7d98d181a4b5f3e38100", 0xe}], 0x1}}], 0x1, 0x24044015)
getsockopt$inet_buf(r0, 0x0, 0x11, &(0x7f00000000c0)=""/41, &(0x7f0000000100)=0x29)

1.453811947s ago: executing program 0 (id=299):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
dup3(r0, r0, 0x0)
mmap$binder(&(0x7f000028d000/0x9000)=nil, 0x9000, 0x1, 0x11, r0, 0x7289)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
socket$netlink(0x10, 0x3, 0x1)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r3, 0x0, 0x0, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000067c0), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000854}, 0x40)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002140)=ANY=[])
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})

893.206653ms ago: executing program 2 (id=303):
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @initdev={0xac, 0x1e, 0x0, 0x0}}, "341517c1b7df60c7"}}}}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x560, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x3a0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_virt_wifi\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x5}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x5c0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) (async)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x2, 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="baa000ecf30f09670fc7aa00000100b800008ee80fc71e7f9d0fc71c0f2b1866b9800000c00f326635000400000f30f30faee1f30f1efb", 0x37}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) (async)
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000100)=0x5)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) (async)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) (async)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) (async)
r7 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r7, 0x10f, 0x84, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371c00000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)

593.771827ms ago: executing program 2 (id=306):
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd1, 0xa0, 0x5e, 0x20, 0xccd, 0x102, 0x890e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x54, 0x40, 0x1, "", [{{0x9, 0x4, 0xbc, 0x80, 0x0, 0xc, 0xf1, 0xc7, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = syz_open_dev$I2C(&(0x7f00000000c0), 0xc, 0x88000)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000000)={&(0x7f0000000840)=[{0x1a00, 0x800, 0x0, 0x0}], 0x1})

164.063448ms ago: executing program 3 (id=308):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
modify_ldt$read_default(0x2, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
socket$netlink(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r4, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000067c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002140)=ANY=[])
sendmmsg$inet6(r3, &(0x7f0000019680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20004855)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})

163.54949ms ago: executing program 1 (id=310):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000003d)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x1010408, &(0x7f00000002c0)={[{@huge_within_size}]})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$XFS_IOC_BULKSTAT(r1, 0x8040587f, &(0x7f0000000580)={{0x3, 0x4, 0xe07, 0x1000, 0xffffffff}, &(0x7f0000000340)=[{}, {}, {}]})
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r7=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r7], 0x1c}}, 0x4008054)
fcntl$setsig(r0, 0xa, 0x21)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x40184152, &(0x7f0000000a00)={0x0, &(0x7f00000009c0)=[&(0x7f0000000040)="09ebf0cd094a5f0a05343bc309ecbf3adb6a4030317bc6a900eef33746b5f7e8ee78ab4c9c7020b26281e6f490f907ba5bed119a88d7b71ca6ea596d6849d46a929419bbf56390174627451ed2cee232ea815a25edbc77d6107b2622f2173f67e5b9448267c623302d99374319a43b32918973c60d25", &(0x7f0000000600)="c590bbbf820a11dc9b7d6a8c40e664b5a1cb6bb55636e4419811d43e0e6e6c6a4b7d6e8f045a15c18988d3fbe0c19624b9d562af4d22e74cbd9dc677fd1c7464ac41f2527447cf0dc01325af9bc483db2647f8f06283dd95602f5952b7b745bcbaf777881f3ef4326bbb63d9b3d37679ec8b08f542278ee4e2ac953dcc6bfec1ba403630e516d060f787e26c830f2404fa96", &(0x7f00000006c0)="574368bc9e06f1cb2a4324a072e8fa67a318de622baca025429aa92e31c035e92973b81fc5997aedde03dc4d675f6424ee99dfe0b55d8b61a0100070f327d3174a63825bb5c72cb1083f3b0b045372bf36c23b1943018e490a1400f01e18b5f24613c61f832ccee82bb7ad1186424998ad5a85eb42d850a55b24", &(0x7f0000000740)="c0e6bf72c24fffca90d71cc1801540ac223f89db5c8b3a5d7cb116097db6d888c89522cfc5affb80bccd0077ff2ec1e4060e7012eb94710556757b67fe57ba43df1d0558904d9e47df46483be8bb7494df1cd1266c43a419b850a0847e45b68017847eb28e1653c4667f600f24db9fa555550380e13cd08054618c84460d2d23280f34ba7451601329048df74df10fec0c6af8a528318183b657e1d46f5253bd7fd46db946bf0c7d9d97cbf87795574023dfdec0123a67bb4988fb0374044e9c4825881e36c9b90df6f0b68e0955fa41f5198a8e534f72", &(0x7f0000000840)="8cbb0d7377ce0d4031fa122c7c4a757c54f3", &(0x7f0000000880)="2764cdacdb358b726b209def9a8d389305173b505308479785cab007c2010f98393f09ba29045668babff3683408a85b5f7ff022bcc6dde55f4b3828ec1af8ddfb7bdfd58ab57ff37ee883f030a4996505feab49a3a4750737137cf0c5fac3e87502612717352bca09d4202cadf18a87df493653b56804557857c7be0cefcac3240f1bde9374189e26c04740f733deb10255a277ebcd9fda96f7517d01e9f24f20759d5603c7346486c3c4c811d3743907dc6eedd53b8860dad66e0f27902949ca469e1261ecb17a7056506b417263205f3665076ca5f5e6fcf816f3fac52e4484cd2d3b597e2e509b7a7a00da9203ec0f5b7071", &(0x7f0000000980)="ed791b893ccfdfade65fc875e34ad9"], 0x4})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)

64.101838ms ago: executing program 1 (id=311):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f00000003c0)={&(0x7f0000000200)={0x24, @none={0x0, 0xffff}}, 0x14, &(0x7f0000000380)={&(0x7f0000000280)="694f932e0f76ffeba249349c8885314497f0795d5aeb37cda4dae32b8a1011ea6824d8ded66a38998015cb01c3595cb76b5bf897a9ddc35a560575570e8b5ddcbf835289bbec1a5936fddf5644ba385dbddd192316a4fc010c8b471dd250ab1c168e10aa57e9ca81e425c86b313b4bf02292a37b2c6dbaadcdd5d1ceca66ae16", 0x80}}, 0x4002044)
recvmmsg(r0, &(0x7f0000005d40)=[{{&(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000002840)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/221, 0xdd}, {&(0x7f0000001500)=""/241, 0xf1}, {&(0x7f0000001600)=""/229, 0xe5}, {&(0x7f0000001700)=""/4096, 0x1000}, {&(0x7f0000002700)=""/244, 0xf4}, {&(0x7f0000002800)=""/30, 0x1e}], 0x7, &(0x7f00000028c0)=""/5, 0x5}}, {{&(0x7f0000002900)=@nfc, 0x80, &(0x7f0000003b40)=[{&(0x7f0000002980)=""/215, 0xd7}, {&(0x7f0000002a80)=""/191, 0xbf}, {&(0x7f0000002b40)=""/4096, 0x1000}], 0x3, &(0x7f0000003b80)=""/249, 0xf9}, 0x401}, {{&(0x7f0000003c80)=@un=@abs, 0x80, &(0x7f0000004340)=[{&(0x7f0000003d00)=""/114, 0x72}, {&(0x7f0000003d80)=""/191, 0xbf}, {&(0x7f0000003e40)=""/183, 0xb7}, {&(0x7f0000003f00)=""/227, 0xe3}, {&(0x7f0000004000)=""/203, 0xcb}, {&(0x7f0000004100)=""/137, 0x89}, {&(0x7f00000041c0)=""/169, 0xa9}, {&(0x7f0000004280)=""/190, 0xbe}], 0x8}, 0x18}, {{&(0x7f00000043c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000004940)=[{&(0x7f0000004440)}, {&(0x7f0000004480)=""/175, 0xaf}, {&(0x7f0000004540)=""/2, 0x2}, {&(0x7f0000004580)=""/183, 0xb7}, {&(0x7f0000004640)=""/193, 0xc1}, {&(0x7f0000004740)=""/255, 0xff}, {&(0x7f0000004840)=""/242, 0xf2}], 0x7, &(0x7f00000049c0)=""/4096, 0x1000}, 0x5}, {{&(0x7f00000059c0)=@nfc, 0x80, &(0x7f0000005bc0)=[{&(0x7f0000005a40)=""/237, 0xed}, {&(0x7f0000005b40)=""/82, 0x52}], 0x2, &(0x7f0000005c00)}, 0x8}, {{&(0x7f0000005c40)=@l2tp6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000005d00)=[{&(0x7f0000005cc0)=""/28, 0x1c}], 0x1}, 0x6}], 0x6, 0x3, &(0x7f0000005ec0)={0x77359400})

63.768231ms ago: executing program 1 (id=312):
r0 = syz_open_dev$I2C(&(0x7f0000001000), 0x33, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
munlockall() (async, rerun: 64)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) (async, rerun: 64)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000340)=0x800) (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='clear_refs\x00')
write$binfmt_format(r2, &(0x7f0000000300)='1\x00', 0x2) (async)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/psched\x00')
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="ba8294b5cafad6fdba8263232b71c1a72e06d8d3472eef3a5747fdda1cf9feb88f290db3aba7d2f8fedde3cfe0cfac351856ca9a3038ac7a3513756adf53196fe38fb3adb58284bb52b2eb172dbec063fa3d9b6e5c45591a76a4e92f2eceeb4a880ddbb98492423e3430f6b1bba219b2577a24a75f3bafea88e593b999413c351e8ed8d307af2f3b90341076c03b1e88b90a5c2041488ac282bb5414706002bcba5c1a460b03408840e959852445353d7af2bb9cb0ccc49266a88276", @ANYRES16=r4, @ANYBLOB="000227bd7000fcdbdf25120000000c009900020000002e000000150013003616928284cc89250386e09b6060068b160000000600b500dc05000006001a01040000000800a400010000000c004300ff0f00007c0900000600120007000000060014010d0000000a00060008021100000000000800a400030000000600100005020000"], 0x88}, 0x1, 0x0, 0x0, 0x41}, 0x800)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f00000010c0)={0x1, 0xf7, 0x2, &(0x7f0000001040)={0x0, "fa6f394d6eec98aaf370535ac95977c05edbebb84734f1da4145d7dbc01de97db4"}}) (async)
r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r5, 0x6804, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async, rerun: 32)
r7 = socket(0x10, 0x803, 0x0) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0) (async)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xc, 0xa}, {0x0, 0x9}, {0xffff, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8848}, @TCA_FLOWER_KEY_MPLS_OPTS={0x18, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0xfffffffffffffe94, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL={0x8, 0x5, {0xfff, 0x0, 0x1}}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x5}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
close(0x3)

63.420945ms ago: executing program 1 (id=313):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r0, 0x400c4d0f, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000000)=0x7, 0x4) (async)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x71, 0x141301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x2fe, 0x3ff, 0x0, 0x0, 0x0})

1.650175ms ago: executing program 1 (id=314):
fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

0s ago: executing program 1 (id=315):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040), 0x0, 0x200408c0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x800000}, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="4c0100001800010000000000000000001d0100001500030000000000000000008ca5be073cff296e020000001e010600010400fd0171ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c005c8d586b2a88d81866930fca15c8a95d29e5b2ea000055fcf23623ce580cb4c405e6e10dab9e9d3981c6e6bc277ce12ae8712919b664a2fefc997b6555b2"], 0x14c}}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0, 0x0, 0x4000}, 0x44040)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[], 0x34c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async)
accept4(r0, 0x0, 0x0, 0x800) (async)
sendmmsg$alg(r1, &(0x7f0000000040), 0x0, 0x200408c0) (async)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x800000}, 0x6e) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="4c0100001800010000000000000000001d0100001500030000000000000000008ca5be073cff296e020000001e010600010400fd0171ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c005c8d586b2a88d81866930fca15c8a95d29e5b2ea000055fcf23623ce580cb4c405e6e10dab9e9d3981c6e6bc277ce12ae8712919b664a2fefc997b6555b2"], 0x14c}}, 0x0) (async)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0) (async)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0, 0x0, 0x4000}, 0x44040) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[], 0x34c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)

kernel console output (not intermixed with test programs):

ed USB device number 2 using dummy_hcd
[  173.011934][ T6721] Cannot find del_set index 1 as target
[  173.134678][ T6048] usb 6-1: Using ep0 maxpacket: 16
[  173.142755][ T6048] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  173.160878][ T6048] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  173.166778][ T6048] usb 6-1: Product: syz
[  173.171034][ T6048] usb 6-1: Manufacturer: syz
[  173.173059][ T6048] usb 6-1: SerialNumber: syz
[  173.184030][ T6048] usb 6-1: config 0 descriptor??
[  173.396161][ T6649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.402982][ T6649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.416940][ T1033] usb 6-1: USB disconnect, device number 2
[  174.109284][ T6750] raw_sendmsg: syz.3.180 forgot to set AF_INET. Fix it!
[  174.377910][ T6753] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  174.383119][ T6753] overlayfs: overlapping lowerdir path
[  175.862048][ T6768] bond1: entered promiscuous mode
[  176.126322][ T6774] loop5: detected capacity change from 0 to 7
[  176.145969][ T6774] Dev loop5: unable to read RDB block 7
[  176.163510][ T6774]  loop5: AHDI p1 p2 p3
[  176.165381][ T6774] loop5: partition table partially beyond EOD, truncated
[  176.178100][ T6774] loop5: p1 start 1601398130 is beyond EOD, truncated
[  176.188902][ T6774] loop5: p2 start 1702059890 is beyond EOD, truncated
[  176.268603][ T6777] ip6erspan0: entered promiscuous mode
[  176.299877][ T6777] netlink: 212356 bytes leftover after parsing attributes in process `syz.2.189'.
[  176.428652][   T41] kauditd_printk_skb: 10 callbacks suppressed
[  176.428667][   T41] audit: type=1400 audit(1776627546.711:304): avc:  denied  { name_bind } for  pid=6781 comm="syz.0.191" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  176.762824][ T6790] netlink: 24 bytes leftover after parsing attributes in process `syz.2.192'.
[  176.771250][ T6790] netlink: 24 bytes leftover after parsing attributes in process `syz.2.192'.
[  176.808947][ T6790] exFAT-fs (nbd2): unable to read boot sector
[  176.914909][ T6790] exFAT-fs (nbd2): failed to read boot sector
[  176.917375][ T6790] exFAT-fs (nbd2): failed to recognize exfat type
[  177.003071][ T6793] futex_wake_op: syz.2.193 tries to shift op by -1; fix this program
[  177.393947][   T41] audit: type=1400 audit(1776627547.681:305): avc:  denied  { ioctl } for  pid=6795 comm="syz.2.194" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 ioctlcmd=0xaf12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  177.443538][   T34] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  177.449775][   T41] audit: type=1400 audit(1776627547.731:306): avc:  denied  { append } for  pid=6795 comm="syz.2.194" name="cec2" dev="devtmpfs" ino=986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  177.534762][ T6798] kvm: requested 117333 ns i8254 timer period limited to 200000 ns
[  177.556940][ T6798] kvm: requested 144152 ns i8254 timer period limited to 200000 ns
[  177.562095][ T6798] kvm: requested 191923 ns i8254 timer period limited to 200000 ns
[  177.580800][ T6635] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  177.630103][ T6798] kvm: requested 24304 ns i8254 timer period limited to 200000 ns
[  177.654490][ T6798] kvm: requested 10895 ns i8254 timer period limited to 200000 ns
[  177.658381][ T6798] kvm: requested 104761 ns i8254 timer period limited to 200000 ns
[  177.662378][ T6798] kvm: requested 103085 ns i8254 timer period limited to 200000 ns
[  177.666206][ T6798] kvm: requested 74590 ns i8254 timer period limited to 200000 ns
[  177.669953][ T6798] kvm: requested 185219 ns i8254 timer period limited to 200000 ns
[  177.675083][ T6798] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  177.709624][ T6635] CPU: 2 UID: 0 PID: 6635 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  177.709644][ T6635] Tainted: [L]=SOFTLOCKUP
[  177.709648][ T6635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  177.709654][ T6635] Call Trace:
[  177.709659][ T6635]  <TASK>
[  177.709664][ T6635]  dump_stack_lvl+0x100/0x190
[  177.709686][ T6635]  dump_header+0xfb/0x606
[  177.709699][ T6635]  oom_kill_process.cold+0xd/0x330
[  177.709712][ T6635]  out_of_memory+0x340/0x14f0
[  177.709794][ T6635]  ? __pfx_out_of_memory+0x10/0x10
[  177.709812][ T6635]  mem_cgroup_out_of_memory+0xc6/0x130
[  177.709883][ T6635]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  177.709896][ T6635]  ? find_held_lock+0x2b/0x80
[  177.709971][ T6635]  ? do_raw_spin_unlock+0x145/0x1e0
[  177.709992][ T6635]  ? _raw_spin_unlock+0x28/0x50
[  177.710013][ T6635]  try_charge_memcg+0x6e5/0xdf0
[  177.710036][ T6635]  ? __pfx_try_charge_memcg+0x10/0x10
[  177.710052][ T6635]  ? find_held_lock+0x2b/0x80
[  177.710068][ T6635]  ? rcu_read_unlock+0x17/0x60
[  177.710078][ T6635]  ? rcu_read_unlock+0x17/0x60
[  177.710093][ T6635]  charge_memcg+0xa6/0x280
[  177.710103][ T6635]  __mem_cgroup_charge+0x2b/0x1e0
[  177.710117][ T6635]  shmem_alloc_and_add_folio+0x451/0xd40
[  177.710211][ T6635]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  177.710227][ T6635]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  177.710246][ T6635]  shmem_get_folio_gfp+0x6ab/0x1900
[  177.710268][ T6635]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  177.710287][ T6635]  shmem_write_begin+0x1a4/0x420
[  177.710304][ T6635]  ? __pfx_shmem_write_begin+0x10/0x10
[  177.710320][ T6635]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  177.710332][ T6635]  ? lockdep_hardirqs_on+0x78/0x100
[  177.710348][ T6635]  generic_perform_write+0x292/0xa40
[  177.710367][ T6635]  ? __pfx_generic_perform_write+0x10/0x10
[  177.710383][ T6635]  ? file_update_time_flags+0x373/0x500
[  177.710400][ T6635]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  177.710410][ T6635]  shmem_file_write_iter+0x10e/0x140
[  177.710422][ T6635]  __kernel_write_iter+0x2ac/0x920
[  177.710456][ T6635]  ? __pfx___kernel_write_iter+0x10/0x10
[  177.710472][ T6635]  ? __up_read+0x2c1/0x6e0
[  177.710488][ T6635]  ? dump_user_range+0x65e/0xad0
[  177.710564][ T6635]  dump_user_range+0x3f9/0xad0
[  177.710590][ T6635]  ? __pfx_dump_user_range+0x10/0x10
[  177.710623][ T6635]  ? __pfx_writenote+0x10/0x10
[  177.710646][ T6635]  elf_core_dump+0x2d5f/0x3d10
[  177.710669][ T6635]  ? __pfx_elf_core_dump+0x10/0x10
[  177.710685][ T6635]  ? kasan_save_stack+0x3f/0x50
[  177.710701][ T6635]  ? kasan_save_stack+0x30/0x50
[  177.710715][ T6635]  ? __kasan_kmalloc+0xaa/0xb0
[  177.710741][ T6635]  ? __kvmalloc_node_noprof+0x360/0xa00
[  177.710816][ T6635]  ? vfs_coredump+0x22db/0x5770
[  177.710831][ T6635]  ? asm_exc_page_fault+0x26/0x30
[  177.710844][ T6635]  ? 0xffffffffff600000
[  177.710875][ T6635]  ? vfs_coredump+0x29a0/0x5770
[  177.710888][ T6635]  vfs_coredump+0x29a0/0x5770
[  177.710908][ T6635]  ? __pfx_vfs_coredump+0x10/0x10
[  177.710923][ T6635]  ? __lock_acquire+0x4a5/0x2630
[  177.710942][ T6635]  ? lock_acquire+0x1b1/0x370
[  177.710960][ T6635]  ? is_bpf_text_address+0x8a/0x1a0
[  177.711029][ T6635]  ? bpf_ksym_find+0x128/0x1c0
[  177.711048][ T6635]  ? __kernel_text_address+0xd/0x30
[  177.711062][ T6635]  ? unwind_get_return_address+0x59/0xa0
[  177.711133][ T6635]  ? arch_stack_walk+0xa6/0xf0
[  177.711167][ T6635]  ? __sigqueue_free+0xbe/0x2a0
[  177.711178][ T6635]  ? stack_trace_save+0x8e/0xc0
[  177.711189][ T6635]  ? __pfx_stack_trace_save+0x10/0x10
[  177.711200][ T6635]  ? stack_depot_save_flags+0x27/0x9d0
[  177.711420][ T6635]  ? __lock_acquire+0x4a5/0x2630
[  177.711456][ T6635]  ? proc_coredump_connector+0x2d3/0x4f0
[  177.711662][ T6635]  ? __pfx_proc_coredump_connector+0x10/0x10
[  177.711680][ T6635]  ? rcu_is_watching+0x12/0xc0
[  177.711699][ T6635]  get_signal+0x1f2a/0x21e0
[  177.711720][ T6635]  ? __pfx_get_signal+0x10/0x10
[  177.711739][ T6635]  arch_do_signal_or_restart+0x91/0x7a0
[  177.711757][ T6635]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  177.711779][ T6635]  ? rcu_is_watching+0x12/0xc0
[  177.711796][ T6635]  irqentry_exit+0x403/0x790
[  177.711812][ T6635]  asm_exc_page_fault+0x26/0x30
[  177.711822][ T6635] RIP: 0033:0x7f973dd9c819
[  177.711836][ T6635] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  177.711841][ T6635] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  177.711850][ T6635] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  177.711856][ T6635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  177.711862][ T6635] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  177.711868][ T6635] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  177.711873][ T6635] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  177.711887][ T6635]  </TASK>
[  177.874427][ T6635] memory: usage 307200kB, limit 307200kB, failcnt 15326
[  177.876637][ T6635] memory+swap: usage 404552kB, limit 9007199254740988kB, failcnt 0
[  177.879713][ T6635] kmem: usage 4260kB, limit 9007199254740988kB, failcnt 0
[  177.882049][ T6635] Memory cgroup stats for /syz3:
[  177.882182][ T6635] cache 310124544
[  177.885002][ T6635] rss 40960
[  177.886027][ T6635] rss_huge 0
[  177.887071][ T6635] shmem 310120448
[  177.888261][ T6635] mapped_file 0
[  177.889369][ T6635] dirty 0
[  177.890331][ T6635] writeback 0
[  177.891398][ T6635] workingset_refault_anon 7
[  177.892847][ T6635] workingset_refault_file 203
[  177.894573][ T6635] swap 99688448
[  177.895761][ T6635] swapcached 99778560
[  177.897361][ T6635] pgpgin 104669
[  177.898709][ T6635] pgpgout 28934
[  177.900146][ T6635] pgfault 11635
[  177.901587][ T6635] pgmajfault 2
[  177.902978][ T6635] inactive_anon 6397952
[  177.904646][ T6635] active_anon 303808512
[  177.905972][ T6635] inactive_file 4096
[  177.907408][ T6635] active_file 0
[  177.908813][ T6635] unevictable 0
[  177.910146][ T6635] hierarchical_memory_limit 314572800
[  177.911852][ T6635] hierarchical_memsw_limit 9223372036854771712
[  177.914308][ T6635] total_cache 310124544
[  177.915987][ T6635] total_rss 40960
[  177.917399][ T6635] total_rss_huge 0
[  177.918893][ T6635] total_shmem 310120448
[  177.920471][ T6635] total_mapped_file 0
[  177.922087][ T6635] total_dirty 0
[  177.923573][ T6635] total_writeback 0
[  177.925020][ T6635] total_workingset_refault_anon 7
[  177.926889][ T6635] total_workingset_refault_file 203
[  177.928909][ T6635] total_swap 99688448
[  177.930472][ T6635] total_swapcached 99778560
[  177.932133][ T6635] total_pgpgin 104669
[  177.933610][ T6635] total_pgpgout 28934
[  177.935175][ T6635] total_pgfault 11635
[  177.936513][ T6635] total_pgmajfault 2
[  177.937812][ T6635] total_inactive_anon 6397952
[  177.939369][ T6635] total_active_anon 303808512
[  177.941144][ T6635] total_inactive_file 4096
[  177.942635][ T6635] total_active_file 0
[  177.944148][ T6635] total_unevictable 0
[  177.945381][ T6635] anon_cost 0
[  177.946460][ T6635] file_cost 0
[  177.947672][ T6635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6615,uid=0
[  177.954444][ T6635] Memory cgroup out of memory: Killed process 6615 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:29840kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:1000
[  178.073113][ T6619] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  178.117457][ T6619] CPU: 3 UID: 0 PID: 6619 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  178.117476][ T6619] Tainted: [L]=SOFTLOCKUP
[  178.117480][ T6619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  178.117486][ T6619] Call Trace:
[  178.117491][ T6619]  <TASK>
[  178.117495][ T6619]  dump_stack_lvl+0x100/0x190
[  178.117527][ T6619]  dump_header+0xfb/0x606
[  178.117542][ T6619]  oom_kill_process.cold+0xd/0x330
[  178.117555][ T6619]  out_of_memory+0x340/0x14f0
[  178.117575][ T6619]  ? __pfx_out_of_memory+0x10/0x10
[  178.117593][ T6619]  mem_cgroup_out_of_memory+0xc6/0x130
[  178.117608][ T6619]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  178.117621][ T6619]  ? find_held_lock+0x2b/0x80
[  178.117642][ T6619]  ? do_raw_spin_unlock+0x145/0x1e0
[  178.117657][ T6619]  ? _raw_spin_unlock+0x28/0x50
[  178.117671][ T6619]  try_charge_memcg+0x6e5/0xdf0
[  178.117685][ T6619]  ? __pfx_try_charge_memcg+0x10/0x10
[  178.117696][ T6619]  ? find_held_lock+0x2b/0x80
[  178.117711][ T6619]  ? rcu_read_unlock+0x17/0x60
[  178.117722][ T6619]  ? rcu_read_unlock+0x17/0x60
[  178.117737][ T6619]  charge_memcg+0xa6/0x280
[  178.117747][ T6619]  __mem_cgroup_charge+0x2b/0x1e0
[  178.117760][ T6619]  shmem_alloc_and_add_folio+0x451/0xd40
[  178.117780][ T6619]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  178.117796][ T6619]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  178.117815][ T6619]  shmem_get_folio_gfp+0x6ab/0x1900
[  178.117834][ T6619]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  178.117853][ T6619]  shmem_write_begin+0x1a4/0x420
[  178.117870][ T6619]  ? __pfx_shmem_write_begin+0x10/0x10
[  178.117886][ T6619]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  178.117897][ T6619]  ? lockdep_hardirqs_on+0x78/0x100
[  178.117913][ T6619]  generic_perform_write+0x292/0xa40
[  178.117932][ T6619]  ? __pfx_generic_perform_write+0x10/0x10
[  178.117948][ T6619]  ? file_update_time_flags+0x373/0x500
[  178.117965][ T6619]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  178.117975][ T6619]  shmem_file_write_iter+0x10e/0x140
[  178.117987][ T6619]  __kernel_write_iter+0x2ac/0x920
[  178.118005][ T6619]  ? __pfx___kernel_write_iter+0x10/0x10
[  178.118021][ T6619]  ? __up_read+0x2c1/0x6e0
[  178.118037][ T6619]  ? dump_user_range+0x65e/0xad0
[  178.118052][ T6619]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  178.118065][ T6619]  dump_user_range+0x3f9/0xad0
[  178.118083][ T6619]  ? __pfx_dump_user_range+0x10/0x10
[  178.118102][ T6619]  ? __pfx_writenote+0x10/0x10
[  178.118120][ T6619]  elf_core_dump+0x2d5f/0x3d10
[  178.118143][ T6619]  ? __pfx_elf_core_dump+0x10/0x10
[  178.118158][ T6619]  ? kasan_save_stack+0x3f/0x50
[  178.118173][ T6619]  ? kasan_save_stack+0x30/0x50
[  178.118187][ T6619]  ? __kasan_kmalloc+0xaa/0xb0
[  178.118201][ T6619]  ? __kvmalloc_node_noprof+0x360/0xa00
[  178.118216][ T6619]  ? vfs_coredump+0x22db/0x5770
[  178.118231][ T6619]  ? asm_exc_page_fault+0x26/0x30
[  178.118243][ T6619]  ? 0xffffffffff600000
[  178.118279][ T6619]  ? vfs_coredump+0x29a0/0x5770
[  178.118292][ T6619]  vfs_coredump+0x29a0/0x5770
[  178.118312][ T6619]  ? __pfx_vfs_coredump+0x10/0x10
[  178.118327][ T6619]  ? __lock_acquire+0x4a5/0x2630
[  178.118345][ T6619]  ? lock_acquire+0x1b1/0x370
[  178.118363][ T6619]  ? is_bpf_text_address+0x8a/0x1a0
[  178.118377][ T6619]  ? bpf_ksym_find+0x128/0x1c0
[  178.118396][ T6619]  ? __kernel_text_address+0xd/0x30
[  178.118409][ T6619]  ? unwind_get_return_address+0x59/0xa0
[  178.118426][ T6619]  ? arch_stack_walk+0xa6/0xf0
[  178.118445][ T6619]  ? __sigqueue_free+0xbe/0x2a0
[  178.118457][ T6619]  ? stack_trace_save+0x8e/0xc0
[  178.118467][ T6619]  ? __pfx_stack_trace_save+0x10/0x10
[  178.118477][ T6619]  ? stack_depot_save_flags+0x27/0x9d0
[  178.118491][ T6619]  ? __lock_acquire+0x4a5/0x2630
[  178.118525][ T6619]  ? proc_coredump_connector+0x2d3/0x4f0
[  178.118542][ T6619]  ? __pfx_proc_coredump_connector+0x10/0x10
[  178.118561][ T6619]  ? rcu_is_watching+0x12/0xc0
[  178.118579][ T6619]  get_signal+0x1f2a/0x21e0
[  178.118600][ T6619]  ? __pfx_get_signal+0x10/0x10
[  178.118618][ T6619]  arch_do_signal_or_restart+0x91/0x7a0
[  178.118637][ T6619]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  178.118658][ T6619]  ? rcu_is_watching+0x12/0xc0
[  178.118675][ T6619]  irqentry_exit+0x403/0x790
[  178.118690][ T6619]  asm_exc_page_fault+0x26/0x30
[  178.118701][ T6619] RIP: 0033:0x7f973dd9c819
[  178.118713][ T6619] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  178.118719][ T6619] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  178.118727][ T6619] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  178.118733][ T6619] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  178.118739][ T6619] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  178.118745][ T6619] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  178.118751][ T6619] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  178.118764][ T6619]  </TASK>
[  178.118910][ T6619] memory: usage 307200kB, limit 307200kB, failcnt 15619
[  178.223884][   T41] audit: type=1400 audit(1776627548.511:307): avc:  denied  { ioctl } for  pid=6805 comm="syz.0.198" path="socket:[12253]" dev="sockfs" ino=12253 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  178.224314][ T6619] memory+swap: usage 404552kB, limit 9007199254740988kB, failcnt 0
[  178.256816][   T41] audit: type=1400 audit(1776627548.541:308): avc:  denied  { ioctl } for  pid=6804 comm="syz.2.197" path="socket:[12254]" dev="sockfs" ino=12254 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  178.259307][ T6619] kmem: usage 4256kB, limit 9007199254740988kB, failcnt 0
[  178.259317][ T6619] Memory cgroup stats for /syz3:
[  178.303143][ T6619] cache 291479552
[  178.307563][ T6619] rss 40960
[  178.312173][ T6619] rss_huge 0
[  178.313320][ T6619] shmem 291475456
[  178.314864][ T6619] mapped_file 0
[  178.316030][ T6619] dirty 0
[  178.317028][ T6619] writeback 0
[  178.318109][ T6619] workingset_refault_anon 7
[  178.320570][ T6619] workingset_refault_file 203
[  178.322987][ T6619] swap 91078656
[  178.324937][ T6619] swapcached 100134912
[  178.326583][ T6619] pgpgin 105083
[  178.328044][ T6619] pgpgout 33900
[  178.329434][ T6619] pgfault 11661
[  178.330846][ T6619] pgmajfault 2
[  178.332215][ T6619] inactive_anon 160854016
[  178.335853][ T6619] active_anon 130535424
[  178.337724][ T6619] inactive_file 0
[  178.339323][ T6619] active_file 4096
[  178.340946][ T6619] unevictable 0
[  178.342472][ T6619] hierarchical_memory_limit 314572800
[  178.349512][ T6619] hierarchical_memsw_limit 9223372036854771712
[  178.352286][ T6619] total_cache 291479552
[  178.355104][ T6619] total_rss 40960
[  178.356830][ T6619] total_rss_huge 0
[  178.358582][ T6619] total_shmem 291475456
[  178.360495][ T6619] total_mapped_file 0
[  178.362314][ T6619] total_dirty 0
[  178.364521][ T6619] total_writeback 0
[  178.366292][ T6619] total_workingset_refault_anon 7
[  178.368623][ T6619] total_workingset_refault_file 203
[  178.370940][ T6619] total_swap 91078656
[  178.372780][ T6619] total_swapcached 100134912
[  178.375445][ T6619] total_pgpgin 105083
[  178.377629][ T6619] total_pgpgout 33900
[  178.379413][ T6619] total_pgfault 11661
[  178.379507][ T6806] ucma_write: process 167 (syz.2.197) changed security contexts after opening file descriptor, this is not allowed.
[  178.381205][ T6619] total_pgmajfault 2
[  178.388598][ T6619] total_inactive_anon 160854016
[  178.390869][ T6619] total_active_anon 130535424
[  178.393110][ T6619] total_inactive_file 0
[  178.395251][ T6619] total_active_file 4096
[  178.398115][ T6619] total_unevictable 0
[  178.400318][ T6619] anon_cost 0
[  178.402045][ T6619] file_cost 0
[  178.404456][ T6619] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6616,uid=0
[  178.413916][ T6619] Memory cgroup out of memory: Killed process 6616 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:25400kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[  178.480302][ T6618] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  178.497682][ T6618] CPU: 2 UID: 0 PID: 6618 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  178.497711][ T6618] Tainted: [L]=SOFTLOCKUP
[  178.497717][ T6618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  178.497728][ T6618] Call Trace:
[  178.497734][ T6618]  <TASK>
[  178.497742][ T6618]  dump_stack_lvl+0x100/0x190
[  178.497772][ T6618]  dump_header+0xfb/0x606
[  178.497794][ T6618]  oom_kill_process.cold+0xd/0x330
[  178.497816][ T6618]  out_of_memory+0x340/0x14f0
[  178.497849][ T6618]  ? __pfx_out_of_memory+0x10/0x10
[  178.497879][ T6618]  mem_cgroup_out_of_memory+0xc6/0x130
[  178.497903][ T6618]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  178.497925][ T6618]  ? find_held_lock+0x2b/0x80
[  178.497956][ T6618]  ? do_raw_spin_unlock+0x145/0x1e0
[  178.497981][ T6618]  ? _raw_spin_unlock+0x28/0x50
[  178.498005][ T6618]  try_charge_memcg+0x6e5/0xdf0
[  178.498027][ T6618]  ? __pfx_try_charge_memcg+0x10/0x10
[  178.498044][ T6618]  ? find_held_lock+0x2b/0x80
[  178.498066][ T6618]  ? rcu_read_unlock+0x17/0x60
[  178.498079][ T6618]  ? rcu_read_unlock+0x17/0x60
[  178.498099][ T6618]  charge_memcg+0xa6/0x280
[  178.498112][ T6618]  __mem_cgroup_charge+0x2b/0x1e0
[  178.498129][ T6618]  shmem_alloc_and_add_folio+0x451/0xd40
[  178.498156][ T6618]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  178.498180][ T6618]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  178.498212][ T6618]  shmem_get_folio_gfp+0x6ab/0x1900
[  178.498241][ T6618]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  178.498278][ T6618]  shmem_write_begin+0x1a4/0x420
[  178.498306][ T6618]  ? __pfx_shmem_write_begin+0x10/0x10
[  178.498332][ T6618]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  178.498351][ T6618]  ? lockdep_hardirqs_on+0x78/0x100
[  178.498377][ T6618]  generic_perform_write+0x292/0xa40
[  178.498409][ T6618]  ? __pfx_generic_perform_write+0x10/0x10
[  178.498434][ T6618]  ? file_update_time_flags+0x373/0x500
[  178.498461][ T6618]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  178.498477][ T6618]  shmem_file_write_iter+0x10e/0x140
[  178.498495][ T6618]  __kernel_write_iter+0x2ac/0x920
[  178.498524][ T6618]  ? __pfx___kernel_write_iter+0x10/0x10
[  178.498550][ T6618]  ? __up_read+0x2c1/0x6e0
[  178.498575][ T6618]  ? dump_user_range+0x65e/0xad0
[  178.498605][ T6618]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  178.498700][ T6618]  dump_user_range+0x3f9/0xad0
[  178.498729][ T6618]  ? __pfx_dump_user_range+0x10/0x10
[  178.498758][ T6618]  ? __pfx_writenote+0x10/0x10
[  178.498787][ T6618]  elf_core_dump+0x2d5f/0x3d10
[  178.498824][ T6618]  ? __pfx_elf_core_dump+0x10/0x10
[  178.498849][ T6618]  ? kasan_save_stack+0x3f/0x50
[  178.498873][ T6618]  ? kasan_save_stack+0x30/0x50
[  178.498896][ T6618]  ? __kasan_kmalloc+0xaa/0xb0
[  178.498919][ T6618]  ? __kvmalloc_node_noprof+0x360/0xa00
[  178.498945][ T6618]  ? vfs_coredump+0x22db/0x5770
[  178.498966][ T6618]  ? asm_exc_page_fault+0x26/0x30
[  178.498987][ T6618]  ? 0xffffffffff600000
[  178.499043][ T6618]  ? vfs_coredump+0x29a0/0x5770
[  178.499065][ T6618]  vfs_coredump+0x29a0/0x5770
[  178.499097][ T6618]  ? __pfx_vfs_coredump+0x10/0x10
[  178.499122][ T6618]  ? __lock_acquire+0x4a5/0x2630
[  178.499154][ T6618]  ? lock_acquire+0x1b1/0x370
[  178.499185][ T6618]  ? is_bpf_text_address+0x8a/0x1a0
[  178.499208][ T6618]  ? bpf_ksym_find+0x128/0x1c0
[  178.499240][ T6618]  ? __kernel_text_address+0xd/0x30
[  178.499263][ T6618]  ? unwind_get_return_address+0x59/0xa0
[  178.499290][ T6618]  ? arch_stack_walk+0xa6/0xf0
[  178.499324][ T6618]  ? __sigqueue_free+0xbe/0x2a0
[  178.499342][ T6618]  ? stack_trace_save+0x8e/0xc0
[  178.499359][ T6618]  ? __pfx_stack_trace_save+0x10/0x10
[  178.499377][ T6618]  ? stack_depot_save_flags+0x27/0x9d0
[  178.499400][ T6618]  ? __lock_acquire+0x4a5/0x2630
[  178.499463][ T6618]  ? proc_coredump_connector+0x2d3/0x4f0
[  178.499491][ T6618]  ? __pfx_proc_coredump_connector+0x10/0x10
[  178.499519][ T6618]  ? rcu_is_watching+0x12/0xc0
[  178.499551][ T6618]  get_signal+0x1f2a/0x21e0
[  178.499591][ T6618]  ? __pfx_get_signal+0x10/0x10
[  178.499624][ T6618]  arch_do_signal_or_restart+0x91/0x7a0
[  178.499653][ T6618]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  178.499682][ T6618]  ? rcu_is_watching+0x12/0xc0
[  178.499704][ T6618]  irqentry_exit+0x403/0x790
[  178.499725][ T6618]  asm_exc_page_fault+0x26/0x30
[  178.499739][ T6618] RIP: 0033:0x7f973dd9c819
[  178.499758][ T6618] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  178.499764][ T6618] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  178.499776][ T6618] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  178.499810][ T6618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  178.499819][ T6618] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  178.499829][ T6618] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  178.499839][ T6618] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  178.499863][ T6618]  </TASK>
[  178.743654][ T6618] memory: usage 307200kB, limit 307200kB, failcnt 17245
[  178.752021][ T6618] memory+swap: usage 403992kB, limit 9007199254740988kB, failcnt 0
[  178.769552][ T6618] kmem: usage 4164kB, limit 9007199254740988kB, failcnt 0
[  178.782796][ T6618] Memory cgroup stats for /syz3:
[  178.782919][ T6618] cache 310198272
[  178.794843][ T6618] rss 49152
[  178.806891][ T6618] rss_huge 0
[  178.808176][ T6618] shmem 309039104
[  178.827593][ T6816] netlink: 20 bytes leftover after parsing attributes in process `syz.2.199'.
[  178.831224][ T6817] netlink: 20 bytes leftover after parsing attributes in process `syz.2.199'.
[  178.837834][ T6618] mapped_file 0
[  178.839104][ T6618] dirty 0
[  178.892508][ T6618] writeback 0
[  178.894256][ T6618] workingset_refault_anon 8
[  178.923501][ T6618] workingset_refault_file 203
[  178.926998][ T6618] swap 99115008
[  178.934666][ T6618] swapcached 110587904
[  178.938943][ T6618] pgpgin 114317
[  179.004953][ T6618] pgpgout 38558
[  179.021376][ T6618] pgfault 12226
[  179.024201][ T6618] pgmajfault 7
[  179.025581][ T6618] inactive_anon 99561472
[  179.027004][ T6618] active_anon 208490496
[  179.028432][ T6618] inactive_file 421888
[  179.029769][ T6618] active_file 331776
[  179.031065][ T6618] unevictable 0
[  179.032282][ T6618] hierarchical_memory_limit 314572800
[  179.034414][ T6618] hierarchical_memsw_limit 9223372036854771712
[  179.036418][ T6618] total_cache 310198272
[  179.037795][ T6618] total_rss 49152
[  179.039059][ T6618] total_rss_huge 0
[  179.040367][ T6618] total_shmem 309039104
[  179.041761][ T6618] total_mapped_file 0
[  179.043089][ T6618] total_dirty 0
[  179.060245][ T6618] total_writeback 0
[  179.061549][ T6618] total_workingset_refault_anon 8
[  179.066173][ T6618] total_workingset_refault_file 203
[  179.067971][ T6618] total_swap 99115008
[  179.069333][ T6618] total_swapcached 110587904
[  179.071088][ T6618] total_pgpgin 114317
[  179.090969][ T6618] total_pgpgout 38558
[  179.096278][ T6618] total_pgfault 12226
[  179.099763][ T6618] total_pgmajfault 7
[  179.101816][ T6618] total_inactive_anon 99561472
[  179.109230][ T6826] netlink: 28 bytes leftover after parsing attributes in process `syz.0.202'.
[  179.116519][ T6618] total_active_anon 208490496
[  179.118095][ T6618] total_inactive_file 421888
[  179.122949][ T6618] total_active_file 331776
[  179.126884][   T41] audit: type=1400 audit(1776627549.411:309): avc:  denied  { create } for  pid=6825 comm="syz.0.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  179.130675][ T6618] total_unevictable 0
[  179.136038][   T41] audit: type=1400 audit(1776627549.411:310): avc:  denied  { write } for  pid=6825 comm="syz.0.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  179.145128][   T41] audit: type=1400 audit(1776627549.411:311): avc:  denied  { ioctl } for  pid=6825 comm="syz.0.202" path="socket:[15441]" dev="sockfs" ino=15441 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  179.206707][ T6618] anon_cost 0
[  179.207827][ T6618] file_cost 0
[  179.208908][ T6618] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6612,uid=0
[  179.219010][ T6618] Memory cgroup out of memory: Killed process 6612 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:26040kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[  179.552761][ T6847] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  179.785903][   T41] audit: type=1400 audit(1776627550.061:312): avc:  denied  { listen } for  pid=6852 comm="syz.1.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  179.910518][ T6622] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  180.026337][ T6622] CPU: 0 UID: 0 PID: 6622 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  180.026356][ T6622] Tainted: [L]=SOFTLOCKUP
[  180.026360][ T6622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  180.026366][ T6622] Call Trace:
[  180.026370][ T6622]  <TASK>
[  180.026375][ T6622]  dump_stack_lvl+0x100/0x190
[  180.026394][ T6622]  dump_header+0xfb/0x606
[  180.026407][ T6622]  oom_kill_process.cold+0xd/0x330
[  180.026420][ T6622]  out_of_memory+0x340/0x14f0
[  180.026440][ T6622]  ? __pfx_out_of_memory+0x10/0x10
[  180.026458][ T6622]  mem_cgroup_out_of_memory+0xc6/0x130
[  180.026473][ T6622]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  180.026486][ T6622]  ? find_held_lock+0x2b/0x80
[  180.026505][ T6622]  ? do_raw_spin_unlock+0x145/0x1e0
[  180.026520][ T6622]  ? _raw_spin_unlock+0x28/0x50
[  180.026535][ T6622]  try_charge_memcg+0x6e5/0xdf0
[  180.026549][ T6622]  ? __pfx_try_charge_memcg+0x10/0x10
[  180.026559][ T6622]  ? find_held_lock+0x2b/0x80
[  180.026575][ T6622]  ? rcu_read_unlock+0x17/0x60
[  180.026585][ T6622]  ? rcu_read_unlock+0x17/0x60
[  180.026601][ T6622]  charge_memcg+0xa6/0x280
[  180.026611][ T6622]  __mem_cgroup_charge+0x2b/0x1e0
[  180.026623][ T6622]  shmem_alloc_and_add_folio+0x451/0xd40
[  180.026643][ T6622]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  180.026659][ T6622]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  180.026678][ T6622]  shmem_get_folio_gfp+0x6ab/0x1900
[  180.026696][ T6622]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  180.026712][ T6622]  ? timestamp_truncate+0x22e/0x2f0
[  180.026727][ T6622]  shmem_write_begin+0x1a4/0x420
[  180.026744][ T6622]  ? __pfx_shmem_write_begin+0x10/0x10
[  180.026758][ T6622]  ? rcu_is_watching+0x12/0xc0
[  180.026774][ T6622]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  180.026788][ T6622]  generic_perform_write+0x292/0xa40
[  180.026806][ T6622]  ? __pfx_generic_perform_write+0x10/0x10
[  180.026819][ T6622]  ? __mark_inode_dirty+0x55c/0x1720
[  180.026909][ T6622]  ? mnt_put_write_access_file+0x4e/0x100
[  180.026921][ T6622]  ? file_update_time_flags+0x373/0x500
[  180.026937][ T6622]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  180.026947][ T6622]  shmem_file_write_iter+0x10e/0x140
[  180.026959][ T6622]  __kernel_write_iter+0x2ac/0x920
[  180.026976][ T6622]  ? __pfx___kernel_write_iter+0x10/0x10
[  180.026996][ T6622]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  180.027009][ T6622]  dump_user_range+0x3f9/0xad0
[  180.027027][ T6622]  ? __pfx_dump_user_range+0x10/0x10
[  180.027046][ T6622]  ? __pfx_writenote+0x10/0x10
[  180.027064][ T6622]  elf_core_dump+0x2d5f/0x3d10
[  180.027087][ T6622]  ? __pfx_elf_core_dump+0x10/0x10
[  180.027102][ T6622]  ? kasan_save_stack+0x3f/0x50
[  180.027117][ T6622]  ? kasan_save_stack+0x30/0x50
[  180.027132][ T6622]  ? __kasan_kmalloc+0xaa/0xb0
[  180.027146][ T6622]  ? __kvmalloc_node_noprof+0x360/0xa00
[  180.027161][ T6622]  ? vfs_coredump+0x22db/0x5770
[  180.027175][ T6622]  ? asm_exc_page_fault+0x26/0x30
[  180.027188][ T6622]  ? 0xffffffffff600000
[  180.027218][ T6622]  ? vfs_coredump+0x29a0/0x5770
[  180.027231][ T6622]  vfs_coredump+0x29a0/0x5770
[  180.027251][ T6622]  ? __pfx_vfs_coredump+0x10/0x10
[  180.027265][ T6622]  ? __lock_acquire+0x4a5/0x2630
[  180.027283][ T6622]  ? lock_acquire+0x1b1/0x370
[  180.027305][ T6622]  ? is_bpf_text_address+0x8a/0x1a0
[  180.027320][ T6622]  ? bpf_ksym_find+0x128/0x1c0
[  180.027338][ T6622]  ? __kernel_text_address+0xd/0x30
[  180.027352][ T6622]  ? unwind_get_return_address+0x59/0xa0
[  180.027369][ T6622]  ? arch_stack_walk+0xa6/0xf0
[  180.027388][ T6622]  ? __sigqueue_free+0xbe/0x2a0
[  180.027399][ T6622]  ? stack_trace_save+0x8e/0xc0
[  180.027410][ T6622]  ? __pfx_stack_trace_save+0x10/0x10
[  180.027420][ T6622]  ? stack_depot_save_flags+0x27/0x9d0
[  180.027434][ T6622]  ? __lock_acquire+0x4a5/0x2630
[  180.027468][ T6622]  ? proc_coredump_connector+0x2d3/0x4f0
[  180.027485][ T6622]  ? __pfx_proc_coredump_connector+0x10/0x10
[  180.027503][ T6622]  ? rcu_is_watching+0x12/0xc0
[  180.027520][ T6622]  get_signal+0x1f2a/0x21e0
[  180.027540][ T6622]  ? __pfx_get_signal+0x10/0x10
[  180.027559][ T6622]  arch_do_signal_or_restart+0x91/0x7a0
[  180.027577][ T6622]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  180.027598][ T6622]  ? rcu_is_watching+0x12/0xc0
[  180.027614][ T6622]  irqentry_exit+0x403/0x790
[  180.027630][ T6622]  asm_exc_page_fault+0x26/0x30
[  180.027640][ T6622] RIP: 0033:0x7f973dd9c819
[  180.027654][ T6622] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  180.027659][ T6622] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  180.027668][ T6622] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  180.027674][ T6622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  180.027680][ T6622] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  180.027685][ T6622] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  180.027691][ T6622] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  180.027705][ T6622]  </TASK>
[  180.027710][ T6622] memory: usage 307200kB, limit 307200kB, failcnt 19487
[  180.043486][ T6050] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  180.252945][ T6622] memory+swap: usage 401348kB, limit 9007199254740988kB, failcnt 0
[  180.300461][ T6622] kmem: usage 4072kB, limit 9007199254740988kB, failcnt 0
[  180.343045][ T6622] Memory cgroup stats for /syz3:
[  180.343124][ T6622] cache 310296576
[  180.343620][ T6050] usb 6-1: Using ep0 maxpacket: 8
[  180.350127][ T6050] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  180.352396][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  180.355853][ T6050] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  180.359173][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  180.363047][ T6050] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  180.365246][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  180.368693][ T6050] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  180.372746][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  180.373526][ T6622] rss 40960
[  180.376787][ T6050] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  180.379442][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  180.382582][ T6050] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  180.386205][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  180.391756][ T6050] usb 6-1: string descriptor 0 read error: -22
[  180.393670][ T6050] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  180.396644][ T6050] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.403465][ T6622] rss_huge 0
[  180.404617][ T6622] shmem 310194176
[  180.404865][ T6050] adutux 6-1:168.0: interrupt endpoints not found
[  180.441376][ T6622] mapped_file 0
[  180.442588][ T6622] dirty 0
[  180.518027][ T6622] writeback 0
[  180.519163][ T6622] workingset_refault_anon 9
[  180.553448][ T6622] workingset_refault_file 229
[  180.555052][ T6622] swap 99061760
[  180.563479][ T6622] swapcached 119959552
[  180.564786][ T6622] pgpgin 121085
[  180.568283][ T6622] pgpgout 45301
[  180.569474][ T6622] pgfault 12637
[  180.600021][ T6622] pgmajfault 10
[  180.601180][ T6622] inactive_anon 33107968
[  180.643279][   T41] audit: type=1400 audit(1776627550.921:314): avc:  denied  { ioctl } for  pid=6852 comm="syz.1.211" path="socket:[14430]" dev="sockfs" ino=14430 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  180.643464][ T6622] active_anon 277020672
[  180.743480][ T6622] inactive_file 102400
[  180.744867][ T6622] active_file 0
[  180.770527][ T6622] unevictable 0
[  180.771701][ T6622] hierarchical_memory_limit 314572800
[  180.808105][ T6622] hierarchical_memsw_limit 9223372036854771712
[  180.810094][ T6622] total_cache 310296576
[  180.823189][ T2309] usb 6-1: USB disconnect, device number 3
[  180.840332][ T6622] total_rss 40960
[  180.841498][ T6622] total_rss_huge 0
[  180.866452][ T6622] total_shmem 310194176
[  180.868288][ T6622] total_mapped_file 0
[  180.881740][ T6622] total_dirty 0
[  180.886569][ T6622] total_writeback 0
[  180.896243][ T6622] total_workingset_refault_anon 9
[  180.906505][ T6622] total_workingset_refault_file 229
[  180.915027][ T6622] total_swap 99061760
[  180.916854][ T6622] total_swapcached 119959552
[  180.933701][ T6622] total_pgpgin 121085
[  180.935061][ T6622] total_pgpgout 45301
[  180.953465][ T6622] total_pgfault 12637
[  180.954824][ T6622] total_pgmajfault 10
[  180.968511][ T6622] total_inactive_anon 131428352
[  180.970304][ T6622] total_active_anon 178700288
[  180.989394][ T6622] total_inactive_file 102400
[  180.990949][ T6622] total_active_file 0
[  181.004380][ T6622] total_unevictable 0
[  181.005807][ T6622] anon_cost 0
[  181.025265][ T6622] file_cost 0
[  181.026444][ T6622] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6622,uid=0
[  181.075764][ T6622] Memory cgroup out of memory: Killed process 6622 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:24632kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[  181.180188][ T6633] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  181.233838][ T6633] CPU: 2 UID: 0 PID: 6633 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  181.233858][ T6633] Tainted: [L]=SOFTLOCKUP
[  181.233862][ T6633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  181.233868][ T6633] Call Trace:
[  181.233872][ T6633]  <TASK>
[  181.233876][ T6633]  dump_stack_lvl+0x100/0x190
[  181.233895][ T6633]  dump_header+0xfb/0x606
[  181.233908][ T6633]  oom_kill_process.cold+0xd/0x330
[  181.233921][ T6633]  out_of_memory+0x340/0x14f0
[  181.233942][ T6633]  ? __pfx_out_of_memory+0x10/0x10
[  181.233961][ T6633]  mem_cgroup_out_of_memory+0xc6/0x130
[  181.233976][ T6633]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  181.233989][ T6633]  ? find_held_lock+0x2b/0x80
[  181.234008][ T6633]  ? do_raw_spin_unlock+0x145/0x1e0
[  181.234044][ T6633]  ? _raw_spin_unlock+0x28/0x50
[  181.234065][ T6633]  try_charge_memcg+0x6e5/0xdf0
[  181.234090][ T6633]  ? __pfx_try_charge_memcg+0x10/0x10
[  181.234106][ T6633]  ? find_held_lock+0x2b/0x80
[  181.234123][ T6633]  ? rcu_read_unlock+0x17/0x60
[  181.234134][ T6633]  ? rcu_read_unlock+0x17/0x60
[  181.234149][ T6633]  charge_memcg+0xa6/0x280
[  181.234159][ T6633]  __mem_cgroup_charge+0x2b/0x1e0
[  181.234172][ T6633]  shmem_alloc_and_add_folio+0x451/0xd40
[  181.234191][ T6633]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  181.234207][ T6633]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  181.234226][ T6633]  shmem_get_folio_gfp+0x6ab/0x1900
[  181.234244][ T6633]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  181.234263][ T6633]  shmem_write_begin+0x1a4/0x420
[  181.234285][ T6633]  ? __pfx_shmem_write_begin+0x10/0x10
[  181.234301][ T6633]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  181.234313][ T6633]  ? lockdep_hardirqs_on+0x78/0x100
[  181.234328][ T6633]  generic_perform_write+0x292/0xa40
[  181.234349][ T6633]  ? __pfx_generic_perform_write+0x10/0x10
[  181.234365][ T6633]  ? file_update_time_flags+0x373/0x500
[  181.234384][ T6633]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  181.234394][ T6633]  shmem_file_write_iter+0x10e/0x140
[  181.234406][ T6633]  __kernel_write_iter+0x2ac/0x920
[  181.234424][ T6633]  ? __pfx___kernel_write_iter+0x10/0x10
[  181.234441][ T6633]  ? __up_read+0x2c1/0x6e0
[  181.234456][ T6633]  ? dump_user_range+0x65e/0xad0
[  181.234472][ T6633]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  181.234486][ T6633]  dump_user_range+0x3f9/0xad0
[  181.234503][ T6633]  ? __pfx_dump_user_range+0x10/0x10
[  181.234522][ T6633]  ? __pfx_writenote+0x10/0x10
[  181.234540][ T6633]  elf_core_dump+0x2d5f/0x3d10
[  181.234564][ T6633]  ? __pfx_elf_core_dump+0x10/0x10
[  181.234579][ T6633]  ? kasan_save_stack+0x3f/0x50
[  181.234594][ T6633]  ? kasan_save_stack+0x30/0x50
[  181.234609][ T6633]  ? __kasan_kmalloc+0xaa/0xb0
[  181.234623][ T6633]  ? __kvmalloc_node_noprof+0x360/0xa00
[  181.234638][ T6633]  ? vfs_coredump+0x22db/0x5770
[  181.234653][ T6633]  ? asm_exc_page_fault+0x26/0x30
[  181.234665][ T6633]  ? 0xffffffffff600000
[  181.234696][ T6633]  ? vfs_coredump+0x29a0/0x5770
[  181.234709][ T6633]  vfs_coredump+0x29a0/0x5770
[  181.234729][ T6633]  ? __pfx_vfs_coredump+0x10/0x10
[  181.234744][ T6633]  ? __lock_acquire+0x4a5/0x2630
[  181.234762][ T6633]  ? lock_acquire+0x1b1/0x370
[  181.234780][ T6633]  ? is_bpf_text_address+0x8a/0x1a0
[  181.234795][ T6633]  ? bpf_ksym_find+0x128/0x1c0
[  181.234813][ T6633]  ? __kernel_text_address+0xd/0x30
[  181.234827][ T6633]  ? unwind_get_return_address+0x59/0xa0
[  181.234844][ T6633]  ? arch_stack_walk+0xa6/0xf0
[  181.234865][ T6633]  ? __sigqueue_free+0xbe/0x2a0
[  181.234876][ T6633]  ? stack_trace_save+0x8e/0xc0
[  181.234887][ T6633]  ? __pfx_stack_trace_save+0x10/0x10
[  181.234897][ T6633]  ? stack_depot_save_flags+0x27/0x9d0
[  181.234911][ T6633]  ? __lock_acquire+0x4a5/0x2630
[  181.234946][ T6633]  ? proc_coredump_connector+0x2d3/0x4f0
[  181.234963][ T6633]  ? __pfx_proc_coredump_connector+0x10/0x10
[  181.234981][ T6633]  ? rcu_is_watching+0x12/0xc0
[  181.234999][ T6633]  get_signal+0x1f2a/0x21e0
[  181.235019][ T6633]  ? __pfx_get_signal+0x10/0x10
[  181.235037][ T6633]  arch_do_signal_or_restart+0x91/0x7a0
[  181.235055][ T6633]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  181.235076][ T6633]  ? rcu_is_watching+0x12/0xc0
[  181.235093][ T6633]  irqentry_exit+0x403/0x790
[  181.235109][ T6633]  asm_exc_page_fault+0x26/0x30
[  181.235119][ T6633] RIP: 0033:0x7f973dd9c819
[  181.235133][ T6633] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  181.235138][ T6633] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  181.235147][ T6633] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  181.235153][ T6633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  181.235159][ T6633] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  181.235165][ T6633] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  181.235172][ T6633] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  181.235185][ T6633]  </TASK>
[  181.235211][ T6633] memory: usage 307200kB, limit 307200kB, failcnt 21150
[  181.397584][ T6633] memory+swap: usage 403852kB, limit 9007199254740988kB, failcnt 0
[  181.400777][ T6633] kmem: usage 4068kB, limit 9007199254740988kB, failcnt 0
[  181.403273][ T6633] Memory cgroup stats for /syz3:
[  181.403361][ T6633] cache 310288384
[  181.406574][ T6633] rss 36864
[  181.407562][ T6633] rss_huge 0
[  181.408594][ T6633] shmem 310284288
[  181.409742][ T6633] mapped_file 0
[  181.410823][ T6633] dirty 0
[  181.411756][ T6633] writeback 0
[  181.412817][ T6633] workingset_refault_anon 9
[  181.414429][ T6633] workingset_refault_file 335
[  181.415866][ T6633] swap 99057664
[  181.416989][ T6633] swapcached 125014016
[  181.418285][ T6633] pgpgin 127010
[  181.420076][ T6633] pgpgout 51229
[  181.421175][ T6633] pgfault 13003
[  181.423114][ T6633] pgmajfault 11
[  181.429870][ T6633] inactive_anon 188456960
[  181.433062][ T6633] active_anon 121675776
[  181.437250][ T6633] inactive_file 0
[  181.439653][ T6633] active_file 4096
[  181.441962][ T6633] unevictable 0
[  181.444278][ T6633] hierarchical_memory_limit 314572800
[  181.450413][ T6633] hierarchical_memsw_limit 9223372036854771712
[  181.457090][ T6633] total_cache 310288384
[  181.463094][ T6633] total_rss 36864
[  181.465288][ T6633] total_rss_huge 0
[  181.467377][ T6633] total_shmem 310284288
[  181.469608][ T6633] total_mapped_file 0
[  181.471173][ T6633] total_dirty 0
[  181.472402][ T6633] total_writeback 0
[  181.474443][ T6633] total_workingset_refault_anon 9
[  181.476471][ T6633] total_workingset_refault_file 335
[  181.480257][ T6633] total_swap 99057664
[  181.481779][ T6633] total_swapcached 125014016
[  181.483363][ T6633] total_pgpgin 127010
[  181.486224][ T6633] total_pgpgout 51229
[  181.487848][ T6633] total_pgfault 13003
[  181.489221][ T6633] total_pgmajfault 11
[  181.490505][ T6633] total_inactive_anon 188456960
[  181.492062][ T6633] total_active_anon 121675776
[  181.494274][ T6633] total_inactive_file 0
[  181.495598][ T6633] total_active_file 4096
[  181.496969][ T6633] total_unevictable 0
[  181.498213][ T6633] anon_cost 0
[  181.499272][ T6633] file_cost 0
[  181.500380][ T6633] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.182,pid=6754,uid=0
[  181.505468][ T6633] Memory cgroup out of memory: OOM victim 6754 (syz.3.182) is already exiting. Skip killing the task
[  181.570251][ T6619] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  181.603346][ T6858] netlink: 40 bytes leftover after parsing attributes in process `syz.1.212'.
[  181.637460][ T6619] CPU: 1 UID: 0 PID: 6619 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  181.637480][ T6619] Tainted: [L]=SOFTLOCKUP
[  181.637484][ T6619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  181.637490][ T6619] Call Trace:
[  181.637495][ T6619]  <TASK>
[  181.637500][ T6619]  dump_stack_lvl+0x100/0x190
[  181.637520][ T6619]  dump_header+0xfb/0x606
[  181.637533][ T6619]  oom_kill_process.cold+0xd/0x330
[  181.637546][ T6619]  out_of_memory+0x340/0x14f0
[  181.637566][ T6619]  ? __pfx_out_of_memory+0x10/0x10
[  181.637613][ T6619]  mem_cgroup_out_of_memory+0xc6/0x130
[  181.637628][ T6619]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  181.637642][ T6619]  ? find_held_lock+0x2b/0x80
[  181.637661][ T6619]  ? do_raw_spin_unlock+0x145/0x1e0
[  181.637677][ T6619]  ? _raw_spin_unlock+0x28/0x50
[  181.637691][ T6619]  try_charge_memcg+0x6e5/0xdf0
[  181.637706][ T6619]  ? __pfx_try_charge_memcg+0x10/0x10
[  181.637716][ T6619]  ? find_held_lock+0x2b/0x80
[  181.637732][ T6619]  ? rcu_read_unlock+0x17/0x60
[  181.637742][ T6619]  ? rcu_read_unlock+0x17/0x60
[  181.637757][ T6619]  charge_memcg+0xa6/0x280
[  181.637767][ T6619]  __mem_cgroup_charge+0x2b/0x1e0
[  181.637780][ T6619]  shmem_alloc_and_add_folio+0x451/0xd40
[  181.637800][ T6619]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  181.637817][ T6619]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  181.637835][ T6619]  shmem_get_folio_gfp+0x6ab/0x1900
[  181.637854][ T6619]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  181.637870][ T6619]  ? timestamp_truncate+0x22e/0x2f0
[  181.637885][ T6619]  shmem_write_begin+0x1a4/0x420
[  181.637905][ T6619]  ? __pfx_shmem_write_begin+0x10/0x10
[  181.637920][ T6619]  ? rcu_is_watching+0x12/0xc0
[  181.637936][ T6619]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  181.637950][ T6619]  generic_perform_write+0x292/0xa40
[  181.637969][ T6619]  ? __pfx_generic_perform_write+0x10/0x10
[  181.637982][ T6619]  ? __mark_inode_dirty+0x55c/0x1720
[  181.638000][ T6619]  ? mnt_put_write_access_file+0x4e/0x100
[  181.638013][ T6619]  ? file_update_time_flags+0x373/0x500
[  181.638028][ T6619]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  181.638039][ T6619]  shmem_file_write_iter+0x10e/0x140
[  181.638051][ T6619]  __kernel_write_iter+0x2ac/0x920
[  181.638069][ T6619]  ? __pfx___kernel_write_iter+0x10/0x10
[  181.638085][ T6619]  ? __up_read+0x2c1/0x6e0
[  181.638100][ T6619]  ? dump_user_range+0x65e/0xad0
[  181.638118][ T6619]  dump_user_range+0x3f9/0xad0
[  181.638136][ T6619]  ? __pfx_dump_user_range+0x10/0x10
[  181.638155][ T6619]  ? __pfx_writenote+0x10/0x10
[  181.638173][ T6619]  elf_core_dump+0x2d5f/0x3d10
[  181.638195][ T6619]  ? __pfx_elf_core_dump+0x10/0x10
[  181.638211][ T6619]  ? kasan_save_stack+0x3f/0x50
[  181.638226][ T6619]  ? kasan_save_stack+0x30/0x50
[  181.638240][ T6619]  ? __kasan_kmalloc+0xaa/0xb0
[  181.638257][ T6619]  ? __kvmalloc_node_noprof+0x360/0xa00
[  181.638273][ T6619]  ? vfs_coredump+0x22db/0x5770
[  181.638287][ T6619]  ? asm_exc_page_fault+0x26/0x30
[  181.638303][ T6619]  ? 0xffffffffff600000
[  181.638360][ T6619]  ? vfs_coredump+0x29a0/0x5770
[  181.638373][ T6619]  vfs_coredump+0x29a0/0x5770
[  181.638393][ T6619]  ? __pfx_vfs_coredump+0x10/0x10
[  181.638408][ T6619]  ? __lock_acquire+0x4a5/0x2630
[  181.638426][ T6619]  ? lock_acquire+0x1b1/0x370
[  181.638444][ T6619]  ? is_bpf_text_address+0x8a/0x1a0
[  181.638459][ T6619]  ? bpf_ksym_find+0x128/0x1c0
[  181.638477][ T6619]  ? __kernel_text_address+0xd/0x30
[  181.638490][ T6619]  ? unwind_get_return_address+0x59/0xa0
[  181.638507][ T6619]  ? arch_stack_walk+0xa6/0xf0
[  181.638527][ T6619]  ? __sigqueue_free+0xbe/0x2a0
[  181.638538][ T6619]  ? stack_trace_save+0x8e/0xc0
[  181.638549][ T6619]  ? __pfx_stack_trace_save+0x10/0x10
[  181.638559][ T6619]  ? stack_depot_save_flags+0x27/0x9d0
[  181.638573][ T6619]  ? __lock_acquire+0x4a5/0x2630
[  181.638607][ T6619]  ? proc_coredump_connector+0x2d3/0x4f0
[  181.638624][ T6619]  ? __pfx_proc_coredump_connector+0x10/0x10
[  181.638643][ T6619]  ? rcu_is_watching+0x12/0xc0
[  181.638660][ T6619]  get_signal+0x1f2a/0x21e0
[  181.638680][ T6619]  ? __pfx_get_signal+0x10/0x10
[  181.638699][ T6619]  arch_do_signal_or_restart+0x91/0x7a0
[  181.638717][ T6619]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  181.638738][ T6619]  ? rcu_is_watching+0x12/0xc0
[  181.638755][ T6619]  irqentry_exit+0x403/0x790
[  181.638771][ T6619]  asm_exc_page_fault+0x26/0x30
[  181.638782][ T6619] RIP: 0033:0x7f973dd9c819
[  181.638796][ T6619] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  181.638801][ T6619] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  181.638809][ T6619] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  181.638816][ T6619] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  181.638822][ T6619] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  181.638828][ T6619] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  181.638834][ T6619] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  181.638866][ T6619]  </TASK>
[  181.638872][ T6619] memory: usage 306124kB, limit 307200kB, failcnt 21893
[  181.661752][   T41] kauditd_printk_skb: 1 callbacks suppressed
[  181.661764][   T41] audit: type=1400 audit(1776627551.941:315): avc:  denied  { mount } for  pid=6857 comm="syz.1.212" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  181.915083][ T6619] memory+swap: usage 399884kB, limit 9007199254740988kB, failcnt 0
[  181.953174][ T6619] kmem: usage 3972kB, limit 9007199254740988kB, failcnt 0
[  181.983122][   T41] audit: type=1400 audit(1776627552.261:316): avc:  denied  { read } for  pid=6865 comm="syz.1.215" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  181.986664][ T6619] Memory cgroup stats for 
[  181.997790][   T41] audit: type=1400 audit(1776627552.261:317): avc:  denied  { open } for  pid=6865 comm="syz.1.215" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  182.010536][   T41] audit: type=1400 audit(1776627552.281:318): avc:  denied  { ioctl } for  pid=6865 comm="syz.1.215" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  182.060796][ T6619] /syz3:
[  182.060859][ T6619] cache 310349824
[  182.076236][ T6619] rss 131072
[  182.077316][ T6619] rss_huge 0
[  182.078354][ T6619] shmem 310157312
[  182.106944][ T6619] mapped_file 0
[  182.122162][ T6619] dirty 0
[  182.123131][ T6619] writeback 0
[  182.148101][ T6619] workingset_refault_anon 10
[  182.149640][ T6619] workingset_refault_file 413
[  182.164345][ T6619] swap 99090432
[  182.165492][ T6619] swapcached 136060928
[  182.177338][ T6619] pgpgin 133521
[  182.181189][ T6619] pgpgout 57710
[  182.186713][ T6619] pgfault 13491
[  182.187881][ T6619] pgmajfault 20
[  182.196746][ T6619] inactive_anon 138166272
[  182.198147][ T6619] active_anon 171114496
[  182.205332][ T6619] inactive_file 94208
[  182.206646][ T6619] active_file 0
[  182.207758][ T6619] unevictable 0
[  182.208938][ T6619] hierarchical_memory_limit 314572800
[  182.210596][ T6619] hierarchical_memsw_limit 9223372036854771712
[  182.212514][ T6619] total_cache 310349824
[  182.215522][ T6619] total_rss 131072
[  182.216798][ T6619] total_rss_huge 0
[  182.218017][ T6619] total_shmem 310157312
[  182.219331][ T6619] total_mapped_file 0
[  182.220595][ T6619] total_dirty 0
[  182.221695][ T6619] total_writeback 0
[  182.222921][ T6619] total_workingset_refault_anon 10
[  182.225019][ T6619] total_workingset_refault_file 413
[  182.226757][ T6619] total_swap 99090432
[  182.228035][ T6619] total_swapcached 136060928
[  182.229559][ T6619] total_pgpgin 133521
[  182.230842][ T6619] total_pgpgout 57710
[  182.232155][ T6619] total_pgfault 13491
[  182.236600][ T6619] total_pgmajfault 20
[  182.239480][ T6619] total_inactive_anon 138166272
[  182.241008][ T6619] total_active_anon 171114496
[  182.242542][ T6619] total_inactive_file 94208
[  182.244638][ T6619] total_active_file 0
[  182.245974][ T6619] total_unevictable 0
[  182.248182][ T6619] anon_cost 0
[  182.249287][ T6619] file_cost 0
[  182.250510][ T6619] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6620,uid=0
[  182.256810][ T6619] Memory cgroup out of memory: Killed process 6620 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:22392kB, shmem-rss:0kB, UID:0 pgtables:60kB oom_score_adj:1000
[  182.265684][   T29] hid (null): global environment stack underflow
[  182.275738][   T29] hid-generic 616F:20C2607D:F72986D9.0003: global environment stack underflow
[  182.280573][   T29] hid-generic 616F:20C2607D:F72986D9.0003: item 0 1 1 11 parsing failed
[  182.280632][ T6619] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  182.286256][   T29] hid-generic 616F:20C2607D:F72986D9.0003: probe with driver hid-generic failed with error -22
[  182.291100][ T6619] CPU: 3 UID: 0 PID: 6619 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  182.291117][ T6619] Tainted: [L]=SOFTLOCKUP
[  182.291120][ T6619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  182.291127][ T6619] Call Trace:
[  182.291131][ T6619]  <TASK>
[  182.291135][ T6619]  dump_stack_lvl+0x100/0x190
[  182.291154][ T6619]  dump_header+0xfb/0x606
[  182.291167][ T6619]  oom_kill_process.cold+0xd/0x330
[  182.291180][ T6619]  out_of_memory+0x340/0x14f0
[  182.291199][ T6619]  ? __pfx_out_of_memory+0x10/0x10
[  182.291218][ T6619]  mem_cgroup_out_of_memory+0xc6/0x130
[  182.291233][ T6619]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  182.291246][ T6619]  ? find_held_lock+0x2b/0x80
[  182.291272][ T6619]  ? do_raw_spin_unlock+0x145/0x1e0
[  182.291288][ T6619]  ? _raw_spin_unlock+0x28/0x50
[  182.291303][ T6619]  try_charge_memcg+0x6e5/0xdf0
[  182.291317][ T6619]  ? __pfx_try_charge_memcg+0x10/0x10
[  182.291327][ T6619]  ? find_held_lock+0x2b/0x80
[  182.291343][ T6619]  ? rcu_read_unlock+0x17/0x60
[  182.291353][ T6619]  ? rcu_read_unlock+0x17/0x60
[  182.291368][ T6619]  charge_memcg+0xa6/0x280
[  182.291378][ T6619]  __mem_cgroup_charge+0x2b/0x1e0
[  182.291391][ T6619]  shmem_alloc_and_add_folio+0x451/0xd40
[  182.291411][ T6619]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  182.291428][ T6619]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  182.291446][ T6619]  shmem_get_folio_gfp+0x6ab/0x1900
[  182.291465][ T6619]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  182.291481][ T6619]  ? timestamp_truncate+0x22e/0x2f0
[  182.291496][ T6619]  shmem_write_begin+0x1a4/0x420
[  182.291513][ T6619]  ? __pfx_shmem_write_begin+0x10/0x10
[  182.291528][ T6619]  ? rcu_is_watching+0x12/0xc0
[  182.291545][ T6619]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  182.291559][ T6619]  generic_perform_write+0x292/0xa40
[  182.291578][ T6619]  ? __pfx_generic_perform_write+0x10/0x10
[  182.291591][ T6619]  ? __mark_inode_dirty+0x55c/0x1720
[  182.291610][ T6619]  ? mnt_put_write_access_file+0x4e/0x100
[  182.291623][ T6619]  ? file_update_time_flags+0x373/0x500
[  182.291638][ T6619]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  182.291649][ T6619]  shmem_file_write_iter+0x10e/0x140
[  182.291661][ T6619]  __kernel_write_iter+0x2ac/0x920
[  182.291679][ T6619]  ? __pfx___kernel_write_iter+0x10/0x10
[  182.291695][ T6619]  ? __up_read+0x2c1/0x6e0
[  182.291711][ T6619]  ? dump_user_range+0x65e/0xad0
[  182.291743][ T6619]  dump_user_range+0x3f9/0xad0
[  182.291761][ T6619]  ? __pfx_dump_user_range+0x10/0x10
[  182.291780][ T6619]  ? __pfx_writenote+0x10/0x10
[  182.291799][ T6619]  elf_core_dump+0x2d5f/0x3d10
[  182.291823][ T6619]  ? __pfx_elf_core_dump+0x10/0x10
[  182.291843][ T6619]  ? kasan_save_stack+0x3f/0x50
[  182.291864][ T6619]  ? kasan_save_stack+0x30/0x50
[  182.291883][ T6619]  ? __kasan_kmalloc+0xaa/0xb0
[  182.291902][ T6619]  ? __kvmalloc_node_noprof+0x360/0xa00
[  182.291921][ T6619]  ? vfs_coredump+0x22db/0x5770
[  182.291955][ T6619]  ? asm_exc_page_fault+0x26/0x30
[  182.291968][ T6619]  ? 0xffffffffff600000
[  182.291999][ T6619]  ? vfs_coredump+0x29a0/0x5770
[  182.292013][ T6619]  vfs_coredump+0x29a0/0x5770
[  182.292033][ T6619]  ? __pfx_vfs_coredump+0x10/0x10
[  182.292048][ T6619]  ? __lock_acquire+0x4a5/0x2630
[  182.292066][ T6619]  ? lock_acquire+0x1b1/0x370
[  182.292084][ T6619]  ? is_bpf_text_address+0x8a/0x1a0
[  182.292098][ T6619]  ? bpf_ksym_find+0x128/0x1c0
[  182.292116][ T6619]  ? __kernel_text_address+0xd/0x30
[  182.292130][ T6619]  ? unwind_get_return_address+0x59/0xa0
[  182.292147][ T6619]  ? arch_stack_walk+0xa6/0xf0
[  182.292167][ T6619]  ? __sigqueue_free+0xbe/0x2a0
[  182.292178][ T6619]  ? stack_trace_save+0x8e/0xc0
[  182.292189][ T6619]  ? __pfx_stack_trace_save+0x10/0x10
[  182.292199][ T6619]  ? stack_depot_save_flags+0x27/0x9d0
[  182.292213][ T6619]  ? __lock_acquire+0x4a5/0x2630
[  182.292248][ T6619]  ? proc_coredump_connector+0x2d3/0x4f0
[  182.292269][ T6619]  ? __pfx_proc_coredump_connector+0x10/0x10
[  182.292287][ T6619]  ? rcu_is_watching+0x12/0xc0
[  182.292305][ T6619]  get_signal+0x1f2a/0x21e0
[  182.292326][ T6619]  ? __pfx_get_signal+0x10/0x10
[  182.292345][ T6619]  arch_do_signal_or_restart+0x91/0x7a0
[  182.292362][ T6619]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  182.292384][ T6619]  ? rcu_is_watching+0x12/0xc0
[  182.292401][ T6619]  irqentry_exit+0x403/0x790
[  182.292417][ T6619]  asm_exc_page_fault+0x26/0x30
[  182.292427][ T6619] RIP: 0033:0x7f973dd9c819
[  182.292441][ T6619] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  182.292446][ T6619] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  182.292455][ T6619] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  182.292461][ T6619] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  182.292467][ T6619] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  182.292473][ T6619] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  182.292479][ T6619] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  182.292493][ T6619]  </TASK>
[  182.292520][ T6619] memory: usage 307200kB, limit 307200kB, failcnt 22499
[  182.446730][ T6619] memory+swap: usage 394480kB, limit 9007199254740988kB, failcnt 0
[  182.449702][ T6619] kmem: usage 3964kB, limit 9007199254740988kB, failcnt 0
[  182.452390][ T6619] Memory cgroup stats for /syz3:
[  182.452480][ T6619] cache 304168960
[  182.455954][ T6619] rss 131072
[  182.457179][ T6619] rss_huge 0
[  182.458201][ T6619] shmem 304168960
[  182.459395][ T6619] mapped_file 0
[  182.460487][ T6619] dirty 0
[  182.461407][ T6619] writeback 0
[  182.462464][ T6619] workingset_refault_anon 10
[  182.464311][ T6619] workingset_refault_file 413
[  182.465840][ T6619] swap 94089216
[  182.467097][ T6619] swapcached 136056832
[  182.468419][ T6619] pgpgin 134402
[  182.469524][ T6619] pgpgout 60101
[  182.470583][ T6619] pgfault 13546
[  182.471759][ T6619] pgmajfault 20
[  182.473223][ T6619] inactive_anon 144494592
[  182.474655][ T6619] active_anon 159739904
[  182.475917][ T6619] inactive_file 0
[  182.477088][ T6619] active_file 0
[  182.478178][ T6619] unevictable 0
[  182.479283][ T6619] hierarchical_memory_limit 314572800
[  182.483591][ T6619] hierarchical_memsw_limit 9223372036854771712
[  182.487334][ T6619] total_cache 304168960
[  182.489002][ T6619] total_rss 131072
[  182.490265][ T6619] total_rss_huge 0
[  182.491619][ T6619] total_shmem 304168960
[  182.493139][ T6619] total_mapped_file 0
[  182.494242][ T6877] xt_l2tp: invalid flags combination: 8
[  182.494837][ T6619] total_dirty 0
[  182.497449][ T6619] total_writeback 0
[  182.498832][ T6619] total_workingset_refault_anon 10
[  182.500583][ T6619] total_workingset_refault_file 413
[  182.502213][ T6619] total_swap 94089216
[  182.503600][ T6619] total_swapcached 136056832
[  182.505029][ T6619] total_pgpgin 134402
[  182.506371][ T6619] total_pgpgout 60101
[  182.507707][ T6619] total_pgfault 13546
[  182.510665][ T6619] total_pgmajfault 20
[  182.514808][ T6619] total_inactive_anon 144494592
[  182.516353][ T6619] total_active_anon 159739904
[  182.517856][ T6619] total_inactive_file 0
[  182.519142][ T6619] total_active_file 0
[  182.520611][ T6619] total_unevictable 0
[  182.521894][ T6619] anon_cost 0
[  182.522989][ T6619] file_cost 0
[  182.524134][ T6619] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6625,uid=0
[  182.529994][ T6619] Memory cgroup out of memory: Killed process 6625 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:24760kB, shmem-rss:0kB, UID:0 pgtables:64kB oom_score_adj:1000
[  182.601021][ T6879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.221'.
[  182.608744][   T41] audit: type=1400 audit(1776627552.891:319): avc:  denied  { connect } for  pid=6878 comm="syz.2.221" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  182.660556][ T6886] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  182.662633][ T6886] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  182.670132][ T6886] vhci_hcd vhci_hcd.0: Device attached
[  182.684153][ T6887] vhci_hcd: cannot find the pending unlink 65535
[  182.694765][ T6635] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  182.701754][ T6887] vhci_hcd: connection closed
[  182.702179][  T189] vhci_hcd vhci_hcd.2: stop threads
[  182.705958][  T189] vhci_hcd vhci_hcd.2: release socket
[  182.707613][  T189] vhci_hcd vhci_hcd.2: disconnect device
[  182.716154][ T6635] CPU: 1 UID: 0 PID: 6635 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  182.716171][ T6635] Tainted: [L]=SOFTLOCKUP
[  182.716175][ T6635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  182.716182][ T6635] Call Trace:
[  182.716186][ T6635]  <TASK>
[  182.716191][ T6635]  dump_stack_lvl+0x100/0x190
[  182.716210][ T6635]  dump_header+0xfb/0x606
[  182.716223][ T6635]  oom_kill_process.cold+0xd/0x330
[  182.716236][ T6635]  out_of_memory+0x340/0x14f0
[  182.716256][ T6635]  ? __pfx_out_of_memory+0x10/0x10
[  182.716274][ T6635]  mem_cgroup_out_of_memory+0xc6/0x130
[  182.716289][ T6635]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  182.716302][ T6635]  ? find_held_lock+0x2b/0x80
[  182.716327][ T6635]  ? do_raw_spin_unlock+0x145/0x1e0
[  182.716343][ T6635]  ? _raw_spin_unlock+0x28/0x50
[  182.716357][ T6635]  try_charge_memcg+0x6e5/0xdf0
[  182.716371][ T6635]  ? __pfx_try_charge_memcg+0x10/0x10
[  182.716381][ T6635]  ? find_held_lock+0x2b/0x80
[  182.716397][ T6635]  ? rcu_read_unlock+0x17/0x60
[  182.716407][ T6635]  ? rcu_read_unlock+0x17/0x60
[  182.716422][ T6635]  charge_memcg+0xa6/0x280
[  182.716432][ T6635]  __mem_cgroup_charge+0x2b/0x1e0
[  182.716445][ T6635]  shmem_alloc_and_add_folio+0x451/0xd40
[  182.716465][ T6635]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  182.716481][ T6635]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  182.716500][ T6635]  shmem_get_folio_gfp+0x6ab/0x1900
[  182.716518][ T6635]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  182.716537][ T6635]  shmem_write_begin+0x1a4/0x420
[  182.716554][ T6635]  ? __pfx_shmem_write_begin+0x10/0x10
[  182.716570][ T6635]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  182.716581][ T6635]  ? lockdep_hardirqs_on+0x78/0x100
[  182.716597][ T6635]  generic_perform_write+0x292/0xa40
[  182.716616][ T6635]  ? __pfx_generic_perform_write+0x10/0x10
[  182.716632][ T6635]  ? file_update_time_flags+0x373/0x500
[  182.716649][ T6635]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  182.716660][ T6635]  shmem_file_write_iter+0x10e/0x140
[  182.716671][ T6635]  __kernel_write_iter+0x2ac/0x920
[  182.716689][ T6635]  ? __pfx___kernel_write_iter+0x10/0x10
[  182.716705][ T6635]  ? __up_read+0x2c1/0x6e0
[  182.716720][ T6635]  ? dump_user_range+0x65e/0xad0
[  182.716739][ T6635]  dump_user_range+0x3f9/0xad0
[  182.716756][ T6635]  ? __pfx_dump_user_range+0x10/0x10
[  182.716775][ T6635]  ? __pfx_writenote+0x10/0x10
[  182.716793][ T6635]  elf_core_dump+0x2d5f/0x3d10
[  182.716816][ T6635]  ? __pfx_elf_core_dump+0x10/0x10
[  182.716831][ T6635]  ? kasan_save_stack+0x3f/0x50
[  182.716846][ T6635]  ? kasan_save_stack+0x30/0x50
[  182.716861][ T6635]  ? __kasan_kmalloc+0xaa/0xb0
[  182.716875][ T6635]  ? __kvmalloc_node_noprof+0x360/0xa00
[  182.716890][ T6635]  ? vfs_coredump+0x22db/0x5770
[  182.716904][ T6635]  ? asm_exc_page_fault+0x26/0x30
[  182.716916][ T6635]  ? 0xffffffffff600000
[  182.716945][ T6635]  ? vfs_coredump+0x29a0/0x5770
[  182.716959][ T6635]  vfs_coredump+0x29a0/0x5770
[  182.716978][ T6635]  ? __pfx_vfs_coredump+0x10/0x10
[  182.716993][ T6635]  ? __lock_acquire+0x4a5/0x2630
[  182.717010][ T6635]  ? lock_acquire+0x1b1/0x370
[  182.717028][ T6635]  ? is_bpf_text_address+0x8a/0x1a0
[  182.717042][ T6635]  ? bpf_ksym_find+0x128/0x1c0
[  182.717059][ T6635]  ? __kernel_text_address+0xd/0x30
[  182.717073][ T6635]  ? unwind_get_return_address+0x59/0xa0
[  182.717089][ T6635]  ? arch_stack_walk+0xa6/0xf0
[  182.717107][ T6635]  ? __sigqueue_free+0xbe/0x2a0
[  182.717118][ T6635]  ? stack_trace_save+0x8e/0xc0
[  182.717129][ T6635]  ? __pfx_stack_trace_save+0x10/0x10
[  182.717139][ T6635]  ? stack_depot_save_flags+0x27/0x9d0
[  182.717153][ T6635]  ? __lock_acquire+0x4a5/0x2630
[  182.717187][ T6635]  ? proc_coredump_connector+0x2d3/0x4f0
[  182.717203][ T6635]  ? __pfx_proc_coredump_connector+0x10/0x10
[  182.717221][ T6635]  ? rcu_is_watching+0x12/0xc0
[  182.717240][ T6635]  get_signal+0x1f2a/0x21e0
[  182.717260][ T6635]  ? __pfx_get_signal+0x10/0x10
[  182.717279][ T6635]  arch_do_signal_or_restart+0x91/0x7a0
[  182.717296][ T6635]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  182.717317][ T6635]  ? rcu_is_watching+0x12/0xc0
[  182.717336][ T6635]  irqentry_exit+0x403/0x790
[  182.717352][ T6635]  asm_exc_page_fault+0x26/0x30
[  182.717362][ T6635] RIP: 0033:0x7f973dd9c819
[  182.717375][ T6635] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  182.717380][ T6635] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  182.717389][ T6635] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  182.717395][ T6635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  182.717401][ T6635] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  182.717407][ T6635] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  182.717413][ T6635] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  182.717426][ T6635]  </TASK>
[  182.717430][ T6635] memory: usage 307028kB, limit 307200kB, failcnt 23659
[  182.926281][   T41] audit: type=1400 audit(1776627553.211:320): avc:  denied  { allowed } for  pid=6890 comm="syz.0.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  182.954185][ T6635] memory+swap: usage 403968kB, limit 9007199254740988kB, failcnt 0
[  182.972821][ T6635] kmem: usage 3952kB, limit 9007199254740988kB, failcnt 0
[  182.998824][ T6635] Memory cgroup stats for /syz3:
[  182.998899][ T6635] cache 309997568
[  183.017919][ T6635] rss 192512
[  183.019019][ T6635] rss_huge 0
[  183.032308][ T6635] shmem 309997568
[  183.040876][ T6635] mapped_file 0
[  183.058359][ T6635] dirty 0
[  183.059608][ T6635] writeback 0
[  183.087196][ T6635] workingset_refault_anon 10
[  183.089260][ T6635] workingset_refault_file 414
[  183.118335][ T6635] swap 98955264
[  183.119525][ T6635] swapcached 145944576
[  183.121092][ T6635] pgpgin 142351
[  183.122226][ T6635] pgpgout 66588
[  183.124059][ T6635] pgfault 14103
[  183.125227][ T6635] pgmajfault 26
[  183.126427][ T6635] inactive_anon 147345408
[  183.127825][ T6635] active_anon 162836480
[  183.129240][ T6635] inactive_file 0
[  183.130431][ T6635] active_file 0
[  183.131583][ T6635] unevictable 0
[  183.132849][ T6635] hierarchical_memory_limit 314572800
[  183.135085][ T6635] hierarchical_memsw_limit 9223372036854771712
[  183.137603][ T6635] total_cache 309997568
[  183.139121][ T6635] total_rss 192512
[  183.140436][ T6635] total_rss_huge 0
[  183.141661][ T6635] total_shmem 309997568
[  183.143004][ T6635] total_mapped_file 0
[  183.145304][ T6635] total_dirty 0
[  183.146599][ T6635] total_writeback 0
[  183.148042][ T6635] total_workingset_refault_anon 10
[  183.150121][ T6635] total_workingset_refault_file 414
[  183.152206][ T6635] total_swap 98955264
[  183.155989][ T6635] total_swapcached 145944576
[  183.157640][ T6635] total_pgpgin 142351
[  183.169187][ T6635] total_pgpgout 66588
[  183.170806][ T6635] total_pgfault 14103
[  183.178888][ T6635] total_pgmajfault 26
[  183.183573][ T6635] total_inactive_anon 147345408
[  183.190690][ T6635] total_active_anon 162836480
[  183.192651][ T6635] total_inactive_file 0
[  183.238538][ T6635] total_active_file 0
[  183.240085][ T6635] total_unevictable 0
[  183.243573][   T29] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  183.280075][ T6635] anon_cost 0
[  183.281312][ T6635] file_cost 0
[  183.312931][ T6635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6623,uid=0
[  183.342996][   T41] audit: type=1800 audit(1776627553.621:321): pid=6895 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.225" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  183.379356][ T6635] Memory cgroup out of memory: Killed process 6623 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:28536kB, shmem-rss:0kB, UID:0 pgtables:72kB oom_score_adj:1000
[  183.414366][   T29] usb 5-1: Using ep0 maxpacket: 32
[  183.416166][ T6897] sg_write: data in/out 16777180/10 bytes for SCSI command 0x0-- guessing data in;
[  183.416166][ T6897]    program syz.2.226 not setting count and/or reply_len properly
[  183.425492][   T29] usb 5-1: unable to get BOS descriptor or descriptor too short
[  183.429292][   T29] usb 5-1: config 8 has an invalid interface number: 188 but max is 0
[  183.432034][   T29] usb 5-1: config 8 has no interface number 0
[  183.434445][   T29] usb 5-1: config 8 interface 188 has no altsetting 0
[  183.443621][ T6633] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  183.455981][   T29] usb 5-1: string descriptor 0 read error: -22
[  183.458601][   T29] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  183.461717][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.472336][   T41] audit: type=1400 audit(1776627553.751:322): avc:  denied  { mounton } for  pid=6896 comm="syz.2.226" path="/61/bus" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  183.478367][   T29] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  183.497308][   T29] dw2102: su3000_power_ctrl: 1, initialized 0
[  183.500239][ T6633] CPU: 3 UID: 0 PID: 6633 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  183.500260][ T6633] Tainted: [L]=SOFTLOCKUP
[  183.500264][ T6633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  183.500270][ T6633] Call Trace:
[  183.500275][ T6633]  <TASK>
[  183.500280][ T6633]  dump_stack_lvl+0x100/0x190
[  183.500298][ T6633]  dump_header+0xfb/0x606
[  183.500312][ T6633]  oom_kill_process.cold+0xd/0x330
[  183.500325][ T6633]  out_of_memory+0x340/0x14f0
[  183.500345][ T6633]  ? __pfx_out_of_memory+0x10/0x10
[  183.500364][ T6633]  mem_cgroup_out_of_memory+0xc6/0x130
[  183.500379][ T6633]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  183.500392][ T6633]  ? find_held_lock+0x2b/0x80
[  183.500412][ T6633]  ? do_raw_spin_unlock+0x145/0x1e0
[  183.500428][ T6633]  ? _raw_spin_unlock+0x28/0x50
[  183.500442][ T6633]  try_charge_memcg+0x6e5/0xdf0
[  183.500456][ T6633]  ? __pfx_try_charge_memcg+0x10/0x10
[  183.500466][ T6633]  ? find_held_lock+0x2b/0x80
[  183.500482][ T6633]  ? rcu_read_unlock+0x17/0x60
[  183.500506][ T6633]  ? rcu_read_unlock+0x17/0x60
[  183.500521][ T6633]  charge_memcg+0xa6/0x280
[  183.500531][ T6633]  __mem_cgroup_charge+0x2b/0x1e0
[  183.500544][ T6633]  shmem_alloc_and_add_folio+0x451/0xd40
[  183.500564][ T6633]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  183.500581][ T6633]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  183.500600][ T6633]  shmem_get_folio_gfp+0x6ab/0x1900
[  183.500618][ T6633]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  183.500638][ T6633]  shmem_write_begin+0x1a4/0x420
[  183.500655][ T6633]  ? __pfx_shmem_write_begin+0x10/0x10
[  183.500671][ T6633]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  183.500683][ T6633]  ? lockdep_hardirqs_on+0x78/0x100
[  183.500699][ T6633]  generic_perform_write+0x292/0xa40
[  183.500718][ T6633]  ? __pfx_generic_perform_write+0x10/0x10
[  183.500734][ T6633]  ? file_update_time_flags+0x373/0x500
[  183.500750][ T6633]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  183.500761][ T6633]  shmem_file_write_iter+0x10e/0x140
[  183.500773][ T6633]  __kernel_write_iter+0x2ac/0x920
[  183.500791][ T6633]  ? __pfx___kernel_write_iter+0x10/0x10
[  183.500807][ T6633]  ? __up_read+0x2c1/0x6e0
[  183.500823][ T6633]  ? dump_user_range+0x65e/0xad0
[  183.500838][ T6633]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  183.500852][ T6633]  dump_user_range+0x3f9/0xad0
[  183.500870][ T6633]  ? __pfx_dump_user_range+0x10/0x10
[  183.500889][ T6633]  ? __pfx_writenote+0x10/0x10
[  183.500908][ T6633]  elf_core_dump+0x2d5f/0x3d10
[  183.500931][ T6633]  ? __pfx_elf_core_dump+0x10/0x10
[  183.500946][ T6633]  ? kasan_save_stack+0x3f/0x50
[  183.500963][ T6633]  ? kasan_save_stack+0x30/0x50
[  183.500977][ T6633]  ? __kasan_kmalloc+0xaa/0xb0
[  183.500991][ T6633]  ? __kvmalloc_node_noprof+0x360/0xa00
[  183.501007][ T6633]  ? vfs_coredump+0x22db/0x5770
[  183.501021][ T6633]  ? asm_exc_page_fault+0x26/0x30
[  183.501034][ T6633]  ? 0xffffffffff600000
[  183.501065][ T6633]  ? vfs_coredump+0x29a0/0x5770
[  183.501078][ T6633]  vfs_coredump+0x29a0/0x5770
[  183.501098][ T6633]  ? __pfx_vfs_coredump+0x10/0x10
[  183.501113][ T6633]  ? __lock_acquire+0x4a5/0x2630
[  183.501132][ T6633]  ? lock_acquire+0x1b1/0x370
[  183.501150][ T6633]  ? is_bpf_text_address+0x8a/0x1a0
[  183.501164][ T6633]  ? bpf_ksym_find+0x128/0x1c0
[  183.501182][ T6633]  ? __kernel_text_address+0xd/0x30
[  183.501196][ T6633]  ? unwind_get_return_address+0x59/0xa0
[  183.501213][ T6633]  ? arch_stack_walk+0xa6/0xf0
[  183.501233][ T6633]  ? __sigqueue_free+0xbe/0x2a0
[  183.501244][ T6633]  ? stack_trace_save+0x8e/0xc0
[  183.501259][ T6633]  ? __pfx_stack_trace_save+0x10/0x10
[  183.501269][ T6633]  ? stack_depot_save_flags+0x27/0x9d0
[  183.501283][ T6633]  ? __lock_acquire+0x4a5/0x2630
[  183.501318][ T6633]  ? proc_coredump_connector+0x2d3/0x4f0
[  183.501335][ T6633]  ? __pfx_proc_coredump_connector+0x10/0x10
[  183.501353][ T6633]  ? rcu_is_watching+0x12/0xc0
[  183.501372][ T6633]  get_signal+0x1f2a/0x21e0
[  183.501392][ T6633]  ? __pfx_get_signal+0x10/0x10
[  183.501411][ T6633]  arch_do_signal_or_restart+0x91/0x7a0
[  183.501429][ T6633]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  183.501450][ T6633]  ? rcu_is_watching+0x12/0xc0
[  183.501467][ T6633]  irqentry_exit+0x403/0x790
[  183.501483][ T6633]  asm_exc_page_fault+0x26/0x30
[  183.501493][ T6633] RIP: 0033:0x7f973dd9c819
[  183.501506][ T6633] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  183.501511][ T6633] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  183.501520][ T6633] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  183.501526][ T6633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  183.501532][ T6633] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  183.501538][ T6633] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  183.501544][ T6633] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  183.501558][ T6633]  </TASK>
[  183.501574][ T6633] memory: usage 307200kB, limit 307200kB, failcnt 27722
[  183.504033][   T29] dvb-usb: bulk message failed: -22 (2/0)
[  183.519802][ T6902] binder: 6901:6902 ioctl c0306201 0 returned -14
[  183.545908][   T29] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  183.575676][ T6633] memory+swap: usage 403952kB, limit 9007199254740988kB, failcnt 0
[  183.616236][   T29] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  183.669605][ T6633] kmem: usage 3864kB, limit 9007199254740988kB, failcnt 0
[  183.696692][   T29] usb 5-1: media controller created
[  183.698431][   T29] dvb-usb: bulk message failed: -22 (6/0)
[  183.700259][   T29] dw2102: i2c transfer failed.
[  183.702014][   T29] dvb-usb: bulk message failed: -22 (6/0)
[  183.704077][   T29] dw2102: i2c transfer failed.
[  183.705641][   T29] dvb-usb: bulk message failed: -22 (6/0)
[  183.707598][   T29] dw2102: i2c transfer failed.
[  183.709167][   T29] dvb-usb: bulk message failed: -22 (6/0)
[  183.710966][   T29] dw2102: i2c transfer failed.
[  183.712510][   T29] dvb-usb: bulk message failed: -22 (6/0)
[  183.713486][ T6633] Memory cgroup stats for /syz3:
[  183.714358][   T29] dw2102: i2c transfer failed.
[  183.715850][ T6633] cache 309739520
[  183.715942][   T29] dvb-usb: bulk message failed: -22 (6/0)
[  183.720506][   T29] dw2102: i2c transfer failed.
[  183.722012][   T29] dvb-usb: MAC address: 02:02:02:02:02:02
[  183.728747][   T29] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  183.734680][ T6633] rss 192512
[  183.735737][ T6633] rss_huge 0
[  183.736831][ T6633] shmem 309739520
[  183.746662][   T29] dvb-usb: bulk message failed: -22 (3/0)
[  183.748585][   T29] dw2102: command 0x0e transfer failed.
[  183.750297][   T29] dvb-usb: bulk message failed: -22 (3/0)
[  183.752083][   T29] dw2102: command 0x0e transfer failed.
[  183.771509][ T6633] mapped_file 0
[  183.772654][ T6633] dirty 0
[  183.823454][ T6633] writeback 0
[  183.824568][ T6633] workingset_refault_anon 10
[  183.826047][ T6633] workingset_refault_file 414
[  183.827520][ T6633] swap 99094528
[  183.828643][ T6633] swapcached 149676032
[  183.829925][ T6633] pgpgin 147782
[  183.831038][ T6633] pgpgout 72107
[  183.832176][ T6633] pgfault 14447
[  183.833297][ T6633] pgmajfault 26
[  183.875872][ T6633] inactive_anon 189952000
[  183.877290][ T6633] active_anon 119025664
[  183.895790][ T6633] inactive_file 0
[  183.896988][ T6633] active_file 0
[  183.917162][ T6633] unevictable 0
[  183.918301][ T6633] hierarchical_memory_limit 314572800
[  183.938478][ T6633] hierarchical_memsw_limit 9223372036854771712
[  183.940422][ T6633] total_cache 309739520
[  183.984993][ T6633] total_rss 192512
[  183.986271][ T6633] total_rss_huge 0
[  184.010103][ T6633] total_shmem 309739520
[  184.011471][ T6633] total_mapped_file 0
[  184.034305][ T6633] total_dirty 0
[  184.035448][ T6633] total_writeback 0
[  184.063656][ T6633] total_workingset_refault_anon 10
[  184.073511][   T29] dvb-usb: bulk message failed: -22 (3/0)
[  184.075372][   T29] dw2102: command 0x0e transfer failed.
[  184.077203][   T29] dvb-usb: bulk message failed: -22 (3/0)
[  184.079036][   T29] dw2102: command 0x0e transfer failed.
[  184.080824][   T29] dvb-usb: bulk message failed: -22 (1/0)
[  184.082637][   T29] dw2102: command 0x51 transfer failed.
[  184.085352][ T6633] total_workingset_refault_file 414
[  184.087477][ T6633] total_swap 99094528
[  184.106197][ T6633] total_swapcached 149676032
[  184.122822][   T29] DVB: Unable to find symbol ds3000_attach()
[  184.124783][   T29] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  184.143646][ T6633] total_pgpgin 147782
[  184.144961][ T6633] total_pgpgout 72107
[  184.154761][ T6633] total_pgfault 14447
[  184.156113][ T6633] total_pgmajfault 26
[  184.171727][ T6633] total_inactive_anon 189952000
[  184.174359][   T29] rc_core: IR keymap rc-su3000 not found
[  184.176188][   T29] Registered IR keymap rc-empty
[  184.179212][   T29] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  184.180034][ T6633] total_active_anon 119025664
[  184.200737][   T29] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input9
[  184.206963][   T29] dvb-usb: schedule remote query interval to 150 msecs.
[  184.213485][   T29] dw2102: su3000_power_ctrl: 0, initialized 1
[  184.218587][   T29] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  184.222456][   T29] usb 5-1: USB disconnect, device number 5
[  184.225070][ T6633] total_inactive_file 0
[  184.226409][ T6633] total_active_file 0
[  184.230052][ T6633] total_unevictable 0
[  184.237834][ T6633] anon_cost 0
[  184.239074][ T6633] file_cost 0
[  184.240391][ T6633] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6627,uid=0
[  184.245500][ T6633] Memory cgroup out of memory: Killed process 6627 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:31608kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  184.260659][ T6624] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  184.274506][ T6624] CPU: 1 UID: 0 PID: 6624 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  184.274523][ T6624] Tainted: [L]=SOFTLOCKUP
[  184.274527][ T6624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  184.274533][ T6624] Call Trace:
[  184.274538][ T6624]  <TASK>
[  184.274542][ T6624]  dump_stack_lvl+0x100/0x190
[  184.274562][ T6624]  dump_header+0xfb/0x606
[  184.274575][ T6624]  oom_kill_process.cold+0xd/0x330
[  184.274588][ T6624]  out_of_memory+0x340/0x14f0
[  184.274607][ T6624]  ? __pfx_out_of_memory+0x10/0x10
[  184.274626][ T6624]  mem_cgroup_out_of_memory+0xc6/0x130
[  184.274642][ T6624]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  184.274655][ T6624]  ? find_held_lock+0x2b/0x80
[  184.274675][ T6624]  ? do_raw_spin_unlock+0x145/0x1e0
[  184.274690][ T6624]  ? _raw_spin_unlock+0x28/0x50
[  184.274705][ T6624]  try_charge_memcg+0x6e5/0xdf0
[  184.274718][ T6624]  ? __pfx_try_charge_memcg+0x10/0x10
[  184.274729][ T6624]  ? find_held_lock+0x2b/0x80
[  184.274744][ T6624]  ? rcu_read_unlock+0x17/0x60
[  184.274755][ T6624]  ? rcu_read_unlock+0x17/0x60
[  184.274769][ T6624]  charge_memcg+0xa6/0x280
[  184.274780][ T6624]  __mem_cgroup_charge+0x2b/0x1e0
[  184.274793][ T6624]  shmem_alloc_and_add_folio+0x451/0xd40
[  184.274812][ T6624]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  184.274829][ T6624]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  184.274847][ T6624]  shmem_get_folio_gfp+0x6ab/0x1900
[  184.274866][ T6624]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  184.274884][ T6624]  shmem_write_begin+0x1a4/0x420
[  184.274901][ T6624]  ? __pfx_shmem_write_begin+0x10/0x10
[  184.274918][ T6624]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  184.274929][ T6624]  ? lockdep_hardirqs_on+0x78/0x100
[  184.274945][ T6624]  generic_perform_write+0x292/0xa40
[  184.274964][ T6624]  ? __pfx_generic_perform_write+0x10/0x10
[  184.274980][ T6624]  ? file_update_time_flags+0x373/0x500
[  184.274996][ T6624]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  184.275007][ T6624]  shmem_file_write_iter+0x10e/0x140
[  184.275018][ T6624]  __kernel_write_iter+0x2ac/0x920
[  184.275036][ T6624]  ? __pfx___kernel_write_iter+0x10/0x10
[  184.275052][ T6624]  ? __up_read+0x2c1/0x6e0
[  184.275068][ T6624]  ? dump_user_range+0x65e/0xad0
[  184.275086][ T6624]  dump_user_range+0x3f9/0xad0
[  184.275103][ T6624]  ? __pfx_dump_user_range+0x10/0x10
[  184.275121][ T6624]  ? __pfx_writenote+0x10/0x10
[  184.275140][ T6624]  elf_core_dump+0x2d5f/0x3d10
[  184.275162][ T6624]  ? __pfx_elf_core_dump+0x10/0x10
[  184.275178][ T6624]  ? kasan_save_stack+0x3f/0x50
[  184.275193][ T6624]  ? kasan_save_stack+0x30/0x50
[  184.275207][ T6624]  ? __kasan_kmalloc+0xaa/0xb0
[  184.275221][ T6624]  ? __kvmalloc_node_noprof+0x360/0xa00
[  184.275237][ T6624]  ? vfs_coredump+0x22db/0x5770
[  184.275251][ T6624]  ? asm_exc_page_fault+0x26/0x30
[  184.275263][ T6624]  ? 0xffffffffff600000
[  184.275297][ T6624]  ? vfs_coredump+0x29a0/0x5770
[  184.275310][ T6624]  vfs_coredump+0x29a0/0x5770
[  184.275330][ T6624]  ? __pfx_vfs_coredump+0x10/0x10
[  184.275345][ T6624]  ? __lock_acquire+0x4a5/0x2630
[  184.275362][ T6624]  ? lock_acquire+0x1b1/0x370
[  184.275380][ T6624]  ? is_bpf_text_address+0x8a/0x1a0
[  184.275394][ T6624]  ? bpf_ksym_find+0x128/0x1c0
[  184.275412][ T6624]  ? __kernel_text_address+0xd/0x30
[  184.275426][ T6624]  ? unwind_get_return_address+0x59/0xa0
[  184.275442][ T6624]  ? arch_stack_walk+0xa6/0xf0
[  184.275461][ T6624]  ? __sigqueue_free+0xbe/0x2a0
[  184.275472][ T6624]  ? stack_trace_save+0x8e/0xc0
[  184.275483][ T6624]  ? __pfx_stack_trace_save+0x10/0x10
[  184.275493][ T6624]  ? stack_depot_save_flags+0x27/0x9d0
[  184.275508][ T6624]  ? __lock_acquire+0x4a5/0x2630
[  184.275541][ T6624]  ? proc_coredump_connector+0x2d3/0x4f0
[  184.275558][ T6624]  ? __pfx_proc_coredump_connector+0x10/0x10
[  184.275576][ T6624]  ? rcu_is_watching+0x12/0xc0
[  184.275595][ T6624]  get_signal+0x1f2a/0x21e0
[  184.275615][ T6624]  ? __pfx_get_signal+0x10/0x10
[  184.275634][ T6624]  arch_do_signal_or_restart+0x91/0x7a0
[  184.275651][ T6624]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  184.275672][ T6624]  ? rcu_is_watching+0x12/0xc0
[  184.275689][ T6624]  irqentry_exit+0x403/0x790
[  184.275704][ T6624]  asm_exc_page_fault+0x26/0x30
[  184.275714][ T6624] RIP: 0033:0x7f973dd9c819
[  184.275727][ T6624] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  184.275732][ T6624] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  184.275742][ T6624] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  184.275748][ T6624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  184.275754][ T6624] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  184.275760][ T6624] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  184.275766][ T6624] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  184.275779][ T6624]  </TASK>
[  184.275783][ T6624] memory: usage 306684kB, limit 307200kB, failcnt 29824
[  184.446618][   T29] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  184.477624][ T6624] memory+swap: usage 399536kB, limit 9007199254740988kB, failcnt 0
[  184.497815][ T6624] kmem: usage 3804kB, limit 9007199254740988kB, failcnt 0
[  184.520177][ T6624] Memory cgroup stats for /syz3:
[  184.520291][ T6624] cache 309772288
[  184.538602][ T6624] rss 192512
[  184.545972][ T6624] rss_huge 0
[  184.555469][ T6624] shmem 309772288
[  184.559594][ T6624] mapped_file 0
[  184.560937][ T6624] dirty 0
[  184.568230][ T6624] writeback 0
[  184.569631][ T6624] workingset_refault_anon 10
[  184.582311][ T6624] workingset_refault_file 414
[  184.592422][ T6624] swap 97673216
[  184.602621][ T6624] swapcached 157593600
[  184.613759][ T6624] pgpgin 158241
[  184.630623][ T6624] pgpgout 82558
[  184.639022][ T6624] pgfault 15101
[  184.652021][ T6624] pgmajfault 26
[  184.658748][ T6624] inactive_anon 158482432
[  184.668508][ T6624] active_anon 151396352
[  184.676607][ T6624] inactive_file 0
[  184.686073][ T6624] active_file 0
[  184.690734][ T6624] unevictable 0
[  184.697303][ T6624] hierarchical_memory_limit 314572800
[  184.707355][ T6624] hierarchical_memsw_limit 9223372036854771712
[  184.719112][ T6624] total_cache 309772288
[  184.730521][ T6624] total_rss 192512
[  184.737124][ T6624] total_rss_huge 0
[  184.741991][ T6624] total_shmem 309772288
[  184.750060][ T6624] total_mapped_file 0
[  184.760264][ T6624] total_dirty 0
[  184.765248][ T6624] total_writeback 0
[  184.766681][ T6624] total_workingset_refault_anon 10
[  184.792486][ T6624] total_workingset_refault_file 414
[  184.797441][ T6624] total_swap 97673216
[  184.808297][ T6624] total_swapcached 157593600
[  184.809728][ T6624] total_pgpgin 158241
[  184.823374][ T6624] total_pgpgout 82558
[  184.830987][ T6624] total_pgfault 15101
[  184.843554][ T6624] total_pgmajfault 26
[  184.844876][ T6624] total_inactive_anon 158482432
[  184.853148][ T6624] total_active_anon 151396352
[  184.863466][ T6624] total_inactive_file 0
[  184.866684][ T6624] total_active_file 0
[  184.867967][ T6624] total_unevictable 0
[  184.869277][ T6624] anon_cost 0
[  184.878789][ T6624] file_cost 0
[  184.879847][ T6624] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6610,uid=0
[  184.906627][ T6624] Memory cgroup out of memory: Killed process 6610 (syz.3.177) total-vm:49268kB, anon-rss:0kB, file-rss:32248kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  185.016141][ T6922] netlink: 'syz.2.231': attribute type 1 has an invalid length.
[  185.453503][   T41] audit: type=1400 audit(1776627555.721:323): avc:  denied  { write } for  pid=6923 comm="syz.2.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  185.461126][   T41] audit: type=1400 audit(1776627555.721:324): avc:  denied  { read } for  pid=6923 comm="syz.2.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  186.201196][ T6902] FAULT_INJECTION: forcing a failure.
[  186.201196][ T6902] name failslab, interval 1, probability 0, space 0, times 1
[  186.209204][ T6902] CPU: 1 UID: 0 PID: 6902 Comm: syz.1.227 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  186.209222][ T6902] Tainted: [L]=SOFTLOCKUP
[  186.209226][ T6902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  186.209232][ T6902] Call Trace:
[  186.209237][ T6902]  <TASK>
[  186.209241][ T6902]  dump_stack_lvl+0x100/0x190
[  186.209264][ T6902]  should_fail_ex.cold+0x5/0xa
[  186.209281][ T6902]  ? tomoyo_realpath_from_path+0xb6/0x690
[  186.209345][ T6902]  should_failslab+0xc2/0x120
[  186.209356][ T6902]  __kmalloc_noprof+0xe0/0x850
[  186.209371][ T6902]  ? kfree+0x1dd/0x6c0
[  186.209386][ T6902]  tomoyo_realpath_from_path+0xb6/0x690
[  186.209399][ T6902]  tomoyo_path_number_perm+0x23c/0x580
[  186.209414][ T6902]  ? tomoyo_path_number_perm+0x22e/0x580
[  186.209430][ T6902]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  186.209457][ T6902]  ? find_held_lock+0x2b/0x80
[  186.209474][ T6902]  ? __fget_files+0x215/0x3d0
[  186.209485][ T6902]  ? hook_file_ioctl_common+0x149/0x410
[  186.209497][ T6902]  ? __fget_files+0x215/0x3d0
[  186.209510][ T6902]  ? __fget_files+0x21f/0x3d0
[  186.209522][ T6902]  security_file_ioctl+0xd3/0x230
[  186.209540][ T6902]  __x64_sys_ioctl+0xb7/0x210
[  186.209557][ T6902]  do_syscall_64+0x10b/0xf80
[  186.209572][ T6902]  ? clear_bhb_loop+0x40/0x90
[  186.209585][ T6902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.209596][ T6902] RIP: 0033:0x7fd9c639c819
[  186.209606][ T6902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  186.209616][ T6902] RSP: 002b:00007fd9c71b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.209627][ T6902] RAX: ffffffffffffffda RBX: 00007fd9c6615fa0 RCX: 00007fd9c639c819
[  186.209634][ T6902] RDX: 0000200000004a80 RSI: 000000004018620d RDI: 0000000000000004
[  186.209640][ T6902] RBP: 00007fd9c71b5090 R08: 0000000000000000 R09: 0000000000000000
[  186.209646][ T6902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.209652][ T6902] R13: 00007fd9c6616038 R14: 00007fd9c6615fa0 R15: 00007ffd255125c8
[  186.209665][ T6902]  </TASK>
[  186.209670][ T6902] ERROR: Out of memory at tomoyo_realpath_from_path.
[  186.623537][ T6050] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  186.691948][ T6968] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  186.720243][   T41] kauditd_printk_skb: 2 callbacks suppressed
[  186.720259][   T41] audit: type=1400 audit(1776627557.001:327): avc:  denied  { connect } for  pid=6967 comm="syz.1.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  186.793511][ T6050] usb 5-1: Using ep0 maxpacket: 32
[  186.797372][ T6630] syz.3.177 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  186.799160][ T6050] usb 5-1: unable to get BOS descriptor or descriptor too short
[  186.804586][ T6050] usb 5-1: config 8 has an invalid interface number: 188 but max is 0
[  186.807245][ T6050] usb 5-1: config 8 has no interface number 0
[  186.809228][ T6050] usb 5-1: config 8 interface 188 has no altsetting 0
[  186.817625][ T6050] usb 5-1: string descriptor 0 read error: -22
[  186.819639][ T6050] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  186.824783][ T6050] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.831149][ T6050] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  186.831663][ T6630] CPU: 0 UID: 0 PID: 6630 Comm: syz.3.177 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  186.831680][ T6630] Tainted: [L]=SOFTLOCKUP
[  186.831684][ T6630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  186.831691][ T6630] Call Trace:
[  186.831695][ T6630]  <TASK>
[  186.831700][ T6630]  dump_stack_lvl+0x100/0x190
[  186.831719][ T6630]  dump_header+0xfb/0x606
[  186.831733][ T6630]  oom_kill_process.cold+0xd/0x330
[  186.831746][ T6630]  out_of_memory+0x340/0x14f0
[  186.831766][ T6630]  ? __pfx_out_of_memory+0x10/0x10
[  186.831784][ T6630]  mem_cgroup_out_of_memory+0xc6/0x130
[  186.831800][ T6630]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  186.831813][ T6630]  ? find_held_lock+0x2b/0x80
[  186.831832][ T6630]  ? do_raw_spin_unlock+0x145/0x1e0
[  186.831848][ T6630]  ? _raw_spin_unlock+0x28/0x50
[  186.831862][ T6630]  try_charge_memcg+0x6e5/0xdf0
[  186.831876][ T6630]  ? __pfx_try_charge_memcg+0x10/0x10
[  186.831886][ T6630]  ? find_held_lock+0x2b/0x80
[  186.831902][ T6630]  ? rcu_read_unlock+0x17/0x60
[  186.831933][ T6630]  ? rcu_read_unlock+0x17/0x60
[  186.831949][ T6630]  charge_memcg+0xa6/0x280
[  186.831959][ T6630]  __mem_cgroup_charge+0x2b/0x1e0
[  186.831973][ T6630]  shmem_alloc_and_add_folio+0x451/0xd40
[  186.831993][ T6630]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  186.832010][ T6630]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  186.832029][ T6630]  shmem_get_folio_gfp+0x6ab/0x1900
[  186.832047][ T6630]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  186.832064][ T6630]  ? timestamp_truncate+0x22e/0x2f0
[  186.832080][ T6630]  shmem_write_begin+0x1a4/0x420
[  186.832096][ T6630]  ? __pfx_shmem_write_begin+0x10/0x10
[  186.832111][ T6630]  ? rcu_is_watching+0x12/0xc0
[  186.832127][ T6630]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  186.832141][ T6630]  generic_perform_write+0x292/0xa40
[  186.832160][ T6630]  ? __pfx_generic_perform_write+0x10/0x10
[  186.832173][ T6630]  ? __mark_inode_dirty+0x55c/0x1720
[  186.832193][ T6630]  ? mnt_put_write_access_file+0x4e/0x100
[  186.832206][ T6630]  ? file_update_time_flags+0x373/0x500
[  186.832221][ T6630]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  186.832232][ T6630]  shmem_file_write_iter+0x10e/0x140
[  186.832244][ T6630]  __kernel_write_iter+0x2ac/0x920
[  186.832267][ T6630]  ? __pfx___kernel_write_iter+0x10/0x10
[  186.832283][ T6630]  ? __up_read+0x2c1/0x6e0
[  186.832299][ T6630]  ? dump_user_range+0x65e/0xad0
[  186.832318][ T6630]  dump_user_range+0x3f9/0xad0
[  186.832335][ T6630]  ? __pfx_dump_user_range+0x10/0x10
[  186.832354][ T6630]  ? __pfx_writenote+0x10/0x10
[  186.832373][ T6630]  elf_core_dump+0x2d5f/0x3d10
[  186.832396][ T6630]  ? __pfx_elf_core_dump+0x10/0x10
[  186.832411][ T6630]  ? kasan_save_stack+0x3f/0x50
[  186.832427][ T6630]  ? kasan_save_stack+0x30/0x50
[  186.832441][ T6630]  ? __kasan_kmalloc+0xaa/0xb0
[  186.832455][ T6630]  ? __kvmalloc_node_noprof+0x360/0xa00
[  186.832471][ T6630]  ? vfs_coredump+0x22db/0x5770
[  186.832485][ T6630]  ? asm_exc_page_fault+0x26/0x30
[  186.832497][ T6630]  ? 0xffffffffff600000
[  186.832528][ T6630]  ? vfs_coredump+0x29a0/0x5770
[  186.832541][ T6630]  vfs_coredump+0x29a0/0x5770
[  186.832561][ T6630]  ? __pfx_vfs_coredump+0x10/0x10
[  186.832576][ T6630]  ? __lock_acquire+0x4a5/0x2630
[  186.832594][ T6630]  ? lock_acquire+0x1b1/0x370
[  186.832612][ T6630]  ? is_bpf_text_address+0x8a/0x1a0
[  186.832626][ T6630]  ? bpf_ksym_find+0x128/0x1c0
[  186.832644][ T6630]  ? __kernel_text_address+0xd/0x30
[  186.832658][ T6630]  ? unwind_get_return_address+0x59/0xa0
[  186.832675][ T6630]  ? arch_stack_walk+0xa6/0xf0
[  186.832694][ T6630]  ? __sigqueue_free+0xbe/0x2a0
[  186.832706][ T6630]  ? stack_trace_save+0x8e/0xc0
[  186.832716][ T6630]  ? __pfx_stack_trace_save+0x10/0x10
[  186.832726][ T6630]  ? stack_depot_save_flags+0x27/0x9d0
[  186.832741][ T6630]  ? __lock_acquire+0x4a5/0x2630
[  186.832774][ T6630]  ? proc_coredump_connector+0x2d3/0x4f0
[  186.832792][ T6630]  ? __pfx_proc_coredump_connector+0x10/0x10
[  186.832810][ T6630]  ? rcu_is_watching+0x12/0xc0
[  186.832827][ T6630]  get_signal+0x1f2a/0x21e0
[  186.832848][ T6630]  ? __pfx_get_signal+0x10/0x10
[  186.832866][ T6630]  arch_do_signal_or_restart+0x91/0x7a0
[  186.832884][ T6630]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  186.832905][ T6630]  ? rcu_is_watching+0x12/0xc0
[  186.832922][ T6630]  irqentry_exit+0x403/0x790
[  186.832938][ T6630]  asm_exc_page_fault+0x26/0x30
[  186.832948][ T6630] RIP: 0033:0x7f973dd9c819
[  186.832961][ T6630] Code: Unable to access opcode bytes at 0x7f973dd9c7ef.
[  186.832966][ T6630] RSP: 002b:00007f973bfd4fd8 EFLAGS: 00010206
[  186.832975][ T6630] RAX: 0000000000000000 RBX: 00007f973e016090 RCX: 00007f973dd9c819
[  186.832981][ T6630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011
[  186.832987][ T6630] RBP: 00007f973de32c91 R08: 0000000000000000 R09: 0000000000000000
[  186.832993][ T6630] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  186.832999][ T6630] R13: 00007f973e016128 R14: 00007f973e016090 R15: 00007ffd216f6528
[  186.833012][ T6630]  </TASK>
[  186.833017][ T6630] memory: usage 306616kB, limit 307200kB, failcnt 36149
[  186.839766][ T6050] dw2102: su3000_power_ctrl: 1, initialized 0
[  186.852408][   T41] audit: type=1400 audit(1776627557.131:328): avc:  denied  { write } for  pid=6970 comm="syz.1.247" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  186.854741][ T6050] dvb-usb: bulk message failed: -22 (2/0)
[  186.861470][   T41] audit: type=1400 audit(1776627557.131:329): avc:  denied  { open } for  pid=6970 comm="syz.1.247" path="/69/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  186.870630][ T6050] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  186.882031][   T41] audit: type=1400 audit(1776627557.141:330): avc:  denied  { ioctl } for  pid=6970 comm="syz.1.247" path="/69/file0/file0" dev="fuse" ino=64 ioctlcmd=0x4d02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  186.885554][ T6050] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  186.886243][ T6971] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  186.888162][ T6050] usb 5-1: media controller created
[  186.889619][ T6971] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  186.891682][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  186.899067][ T6971] vhci_hcd vhci_hcd.0: Device attached
[  186.902684][ T6050] dw2102: i2c transfer failed.
[  186.932965][ T6630] memory+swap: usage 400608kB, limit 9007199254740988kB, failcnt 0
[  186.933198][ T6973] vhci_hcd: connection closed
[  186.936933][ T6630] kmem: usage 3360kB, limit 9007199254740988kB, failcnt 0
[  186.941566][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  186.944764][ T1153] vhci_hcd vhci_hcd.1: stop threads
[  186.946783][ T6050] dw2102: i2c transfer failed.
[  186.946798][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  186.946805][ T6050] dw2102: i2c transfer failed.
[  186.946811][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  186.946818][ T6050] dw2102: i2c transfer failed.
[  186.946823][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  186.946830][ T6050] dw2102: i2c transfer failed.
[  186.946835][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  186.946842][ T6050] dw2102: i2c transfer failed.
[  186.946846][ T6050] dvb-usb: MAC address: 02:02:02:02:02:02
[  186.953795][ T6050] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  186.955821][ T1153] vhci_hcd vhci_hcd.1: release socket
[  186.966285][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  186.972927][ T1153] vhci_hcd vhci_hcd.1: disconnect device
[  186.974379][ T6050] dw2102: command 0x0e transfer failed.
[  186.996365][ T6630] Memory cgroup stats for 
[  187.004808][ T6029] usb 7-1: new low-speed USB device number 5 using dummy_hcd
[  187.041830][ T6630] /syz3
[  187.053490][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  187.077933][ T6050] dw2102: command 0x0e transfer failed.
[  187.110509][ T6630] :
[  187.110591][ T6630] cache 288735232
[  187.112587][ T6630] rss 9859072
[  187.125940][ T6630] rss_huge 0
[  187.134149][ T6630] shmem 288735232
[  187.135373][ T6630] mapped_file 0
[  187.147528][ T6630] dirty 0
[  187.148563][ T6630] writeback 0
[  187.164811][ T6630] workingset_refault_anon 13
[  187.166386][ T6630] workingset_refault_file 415
[  187.191384][ T6630] swap 86319104
[  187.192555][ T6630] swapcached 207921152
[  187.210887][ T6630] pgpgin 212181
[  187.212059][ T6630] pgpgout 139235
[  187.217380][ T6966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.245'.
[  187.221368][ T6966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.245'.
[  187.224310][ T6966] netlink: 'syz.2.245': attribute type 4 has an invalid length.
[  187.229226][ T6630] pgfault 20993
[  187.230399][ T6630] pgmajfault 46
[  187.245243][ T6630] inactive_anon 243916800
[  187.246642][ T6630] active_anon 54480896
[  187.263495][ T6630] inactive_file 0
[  187.264814][ T6630] active_file 0
[  187.283517][ T6630] unevictable 0
[  187.284655][ T6630] hierarchical_memory_limit 314572800
[  187.311950][ T6630] hierarchical_memsw_limit 9223372036854771712
[  187.328207][ T6630] total_cache 288735232
[  187.329507][ T6630] total_rss 9859072
[  187.346388][ T6630] total_rss_huge 0
[  187.347662][ T6630] total_shmem 288735232
[  187.393521][ T6630] total_mapped_file 0
[  187.393595][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  187.394835][ T6630] total_dirty 0
[  187.394842][ T6630] total_writeback 0
[  187.394847][ T6630] total_workingset_refault_anon 13
[  187.394851][ T6630] total_workingset_refault_file 415
[  187.394856][ T6630] total_swap 86319104
[  187.394861][ T6630] total_swapcached 207921152
[  187.394866][ T6630] total_pgpgin 212181
[  187.394870][ T6630] total_pgpgout 139235
[  187.394874][ T6630] total_pgfault 20993
[  187.396665][ T6050] dw2102: command 0x0e transfer failed.
[  187.406361][ T6630] total_pgmajfault 46
[  187.406940][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  187.412341][ T6630] total_inactive_anon 243916800
[  187.412520][ T6050] dw2102: command 0x0e transfer failed.
[  187.417840][ T6050] dvb-usb: bulk message failed: -22 (1/0)
[  187.419279][ T6630] total_active_anon 54480896
[  187.419822][ T6050] dw2102: command 0x51 transfer failed.
[  187.433516][ T6630] total_inactive_file 0
[  187.435336][ T6630] total_active_file 0
[  187.454016][ T6630] total_unevictable 0
[  187.454082][ T6050] DVB: Unable to find symbol ds3000_attach()
[  187.455743][ T6630] anon_cost 0
[  187.455754][ T6630] file_cost 0
[  187.455762][ T6630] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=
[  187.457731][ T6050] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  187.513612][ T6050] rc_core: IR keymap rc-su3000 not found
[  187.515450][ T6050] Registered IR keymap rc-empty
[  187.518137][ T6050] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  187.522376][ T6050] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input10
[  187.525855][ T6979] binder: 6978:6979 ioctl c0306201 0 returned -14
[  187.529361][ T6050] dvb-usb: schedule remote query interval to 150 msecs.
[  187.532086][ T6050] dw2102: su3000_power_ctrl: 0, initialized 1
[  187.534409][ T6050] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  187.547428][ T6050] usb 5-1: USB disconnect, device number 6
[  187.601081][ T6630] /,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.177,pid=6618,uid=0
[  187.666153][ T6630] Memory cgroup out of memory: OOM victim 6618 (syz.3.177) is already exiting. Skip killing the task
[  187.696012][ T6050] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  187.767811][   T41] audit: type=1400 audit(1776627558.051:331): avc:  denied  { map } for  pid=6980 comm="syz.0.249" path="socket:[15624]" dev="sockfs" ino=15624 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  187.793672][   T41] audit: type=1400 audit(1776627558.051:332): avc:  denied  { read accept } for  pid=6980 comm="syz.0.249" path="socket:[15624]" dev="sockfs" ino=15624 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  188.031751][ T6991] netlink: 'syz.0.251': attribute type 13 has an invalid length.
[  188.036947][ T6991] netlink: 32 bytes leftover after parsing attributes in process `syz.0.251'.
[  188.238280][ T6996] =======================================================
[  188.238280][ T6996] WARNING: The mand mount option has been deprecated and
[  188.238280][ T6996]          and is ignored by this kernel. Remove the mand
[  188.238280][ T6996]          option from the mount to silence this warning.
[  188.238280][ T6996] =======================================================
[  188.261135][ T6996] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  188.274173][ T6996] romfs: unable to set blocksize
[  188.274173][ T6996] 
[  188.294406][   T41] audit: type=1400 audit(1776627558.581:333): avc:  denied  { ioctl } for  pid=6995 comm="syz.0.253" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 ioctlcmd=0x581f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  188.519146][ T6998] tmpfs: Bad value for 'mpol'
[  189.052265][   T41] audit: type=1400 audit(1776627559.331:334): avc:  denied  { ioctl } for  pid=7002 comm="syz.0.256" path="/dev/ptyq5" dev="devtmpfs" ino=132 ioctlcmd=0x540a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  189.133503][   T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  189.293501][   T10] usb 8-1: Using ep0 maxpacket: 32
[  189.297114][   T10] usb 8-1: unable to get BOS descriptor or descriptor too short
[  189.301629][   T10] usb 8-1: config 8 has an invalid interface number: 188 but max is 0
[  189.306635][   T10] usb 8-1: config 8 has no interface number 0
[  189.308706][   T10] usb 8-1: config 8 interface 188 has no altsetting 0
[  189.313656][   T10] usb 8-1: string descriptor 0 read error: -22
[  189.315743][   T10] usb 8-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  189.323718][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.340210][   T10] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  189.342826][   T10] dw2102: su3000_power_ctrl: 1, initialized 0
[  189.345912][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  189.359725][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  189.363104][   T10] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  189.368071][   T10] usb 8-1: media controller created
[  189.369932][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  189.373633][   T10] dw2102: i2c transfer failed.
[  189.375382][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  189.380454][   T10] dw2102: i2c transfer failed.
[  189.382001][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  189.386419][   T10] dw2102: i2c transfer failed.
[  189.387962][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  189.391953][   T10] dw2102: i2c transfer failed.
[  189.394574][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  189.398806][   T10] dw2102: i2c transfer failed.
[  189.400482][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  189.402254][   T10] dw2102: i2c transfer failed.
[  189.404138][ T7008] netlink: 'syz.0.258': attribute type 1 has an invalid length.
[  189.411133][   T10] dvb-usb: MAC address: 02:02:02:02:02:02
[  189.422668][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  189.439435][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  189.444756][   T10] dw2102: command 0x0e transfer failed.
[  189.446511][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  189.448376][   T10] dw2102: command 0x0e transfer failed.
[  189.452475][ T7008] 8021q: adding VLAN 0 to HW filter on device bond2
[  189.494092][ T7010] 8021q: adding VLAN 0 to HW filter on device bond2
[  189.504129][ T7010] bond2: (slave vxcan1): The slave device specified does not support setting the MAC address
[  189.518307][ T7010] bond2: (slave vxcan1): Error -95 calling set_mac_address
[  189.560874][ T7011] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7011 comm=syz.0.258
[  189.591629][ T7011] gretap1: entered promiscuous mode
[  189.601613][ T7011] bond2: (slave gretap1): making interface the new active one
[  189.612913][ T7011] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  189.649722][ T7008] macvlan2: entered promiscuous mode
[  189.657739][ T7008] macvlan2: entered allmulticast mode
[  189.663829][ T7008] bond2: entered promiscuous mode
[  189.670113][ T7008] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  189.680912][ T7008] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  189.694757][ T7008] bond2: left promiscuous mode
[  189.753482][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  189.755319][   T10] dw2102: command 0x0e transfer failed.
[  189.759404][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  189.761186][   T10] dw2102: command 0x0e transfer failed.
[  189.765688][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  189.767437][   T10] dw2102: command 0x51 transfer failed.
[  189.798667][   T10] DVB: Unable to find symbol ds3000_attach()
[  189.800591][   T10] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  189.883541][   T10] rc_core: IR keymap rc-su3000 not found
[  189.885393][   T10] Registered IR keymap rc-empty
[  189.887927][   T10] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0
[  189.891867][   T10] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input11
[  189.902544][   T10] dvb-usb: schedule remote query interval to 150 msecs.
[  189.913520][   T10] dw2102: su3000_power_ctrl: 0, initialized 1
[  189.915856][   T10] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  189.924175][   T10] usb 8-1: USB disconnect, device number 3
[  189.971396][   T10] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  190.199400][ T7027] binder: 7026:7027 ioctl c0306201 0 returned -14
[  190.299572][   T41] audit: type=1400 audit(1776627560.581:335): avc:  denied  { read } for  pid=7028 comm="syz.3.264" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  190.368641][ T7031] netlink: 112 bytes leftover after parsing attributes in process `syz.3.265'.
[  190.389852][ T7031] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1930 sclass=netlink_route_socket pid=7031 comm=syz.3.265
[  190.653767][ T7041] netlink: 8 bytes leftover after parsing attributes in process `syz.3.268'.
[  190.673555][ T7041] netlink: 20 bytes leftover after parsing attributes in process `syz.3.268'.
[  190.682785][ T7041] geneve2: entered promiscuous mode
[  190.705854][ T7041] geneve2: entered allmulticast mode
[  190.914738][ T7050] team0: Cannot enslave team device to itself
[  190.925440][   T41] audit: type=1400 audit(1776627561.211:336): avc:  denied  { accept } for  pid=7049 comm="syz.3.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  190.983561][ T6050] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  191.143505][ T6050] usb 6-1: Using ep0 maxpacket: 32
[  191.153161][ T6050] usb 6-1: unable to get BOS descriptor or descriptor too short
[  191.159971][ T6050] usb 6-1: config 8 has an invalid interface number: 188 but max is 0
[  191.163964][ T6050] usb 6-1: config 8 has no interface number 0
[  191.166653][ T6050] usb 6-1: config 8 interface 188 has no altsetting 0
[  191.175645][ T6050] usb 6-1: string descriptor 0 read error: -22
[  191.179727][ T6050] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  191.186654][ T6050] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.212450][ T6050] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  191.222057][ T6050] dw2102: su3000_power_ctrl: 1, initialized 0
[  191.227384][ T6050] dvb-usb: bulk message failed: -22 (2/0)
[  191.239529][ T6050] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  191.249908][ T6050] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  191.258452][ T6050] usb 6-1: media controller created
[  191.262644][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  191.266773][ T6050] dw2102: i2c transfer failed.
[  191.268589][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  191.270537][ T6050] dw2102: i2c transfer failed.
[  191.272212][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  191.274773][ T6050] dw2102: i2c transfer failed.
[  191.276735][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  191.279002][ T6050] dw2102: i2c transfer failed.
[  191.281478][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  191.284855][ T6050] dw2102: i2c transfer failed.
[  191.287109][ T6050] dvb-usb: bulk message failed: -22 (6/0)
[  191.289625][ T6050] dw2102: i2c transfer failed.
[  191.291670][ T6050] dvb-usb: MAC address: 02:02:02:02:02:02
[  191.306115][ T6050] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  191.339503][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  191.345778][ T6050] dw2102: command 0x0e transfer failed.
[  191.350818][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  191.355738][ T6050] dw2102: command 0x0e transfer failed.
[  191.663543][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  191.668141][ T6050] dw2102: command 0x0e transfer failed.
[  191.670035][ T6050] dvb-usb: bulk message failed: -22 (3/0)
[  191.676023][ T6050] dw2102: command 0x0e transfer failed.
[  191.678362][ T6050] dvb-usb: bulk message failed: -22 (1/0)
[  191.683005][ T6050] dw2102: command 0x51 transfer failed.
[  191.726441][ T6050] DVB: Unable to find symbol ds3000_attach()
[  191.730318][ T6050] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  191.791922][   T41] kauditd_printk_skb: 1 callbacks suppressed
[  191.791936][   T41] audit: type=1400 audit(1776627562.071:338): avc:  denied  { read } for  pid=7053 comm="syz.3.272" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  191.803498][ T6050] rc_core: IR keymap rc-su3000 not found
[  191.804150][   T41] audit: type=1400 audit(1776627562.071:339): avc:  denied  { open } for  pid=7053 comm="syz.3.272" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  191.805443][ T6050] Registered IR keymap rc-empty
[  191.808594][ T6050] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  191.818558][   T41] audit: type=1400 audit(1776627562.081:340): avc:  denied  { ioctl } for  pid=7053 comm="syz.3.272" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 ioctlcmd=0x587a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  191.829426][   T41] audit: type=1400 audit(1776627562.101:341): avc:  denied  { ioctl } for  pid=7053 comm="syz.3.272" path="socket:[12946]" dev="sockfs" ino=12946 ioctlcmd=0x6612 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  191.830705][ T6050] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input12
[  191.855137][ T6050] dvb-usb: schedule remote query interval to 150 msecs.
[  191.863198][ T6050] dw2102: su3000_power_ctrl: 0, initialized 1
[  191.869553][ T6050] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  191.880153][ T6050] usb 6-1: USB disconnect, device number 4
[  191.923182][ T6050] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  192.070994][   T41] audit: type=1400 audit(1776627562.351:342): avc:  denied  { ioctl } for  pid=7069 comm="syz.3.277" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  192.086355][ T7070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.277'.
[  192.098870][ T7070] netlink: 20 bytes leftover after parsing attributes in process `syz.3.277'.
[  192.123484][ T7070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.277'.
[  192.131744][ T7070] erofs: block size(16384) > page size(4096) not supported by filesystem
[  192.141193][ T7070] erofs (device nullb0): cannot find valid erofs superblock
[  192.148245][ T7074] fuse: Unknown parameter ''
[  192.913512][ T6014] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  193.063477][ T6014] usb 5-1: Using ep0 maxpacket: 32
[  193.074631][ T6014] usb 5-1: unable to get BOS descriptor or descriptor too short
[  193.077953][ T6014] usb 5-1: config 8 has an invalid interface number: 188 but max is 0
[  193.080687][ T6014] usb 5-1: config 8 has no interface number 0
[  193.082790][ T6014] usb 5-1: config 8 interface 188 has no altsetting 0
[  193.095635][ T6014] usb 5-1: string descriptor 0 read error: -22
[  193.097723][ T6014] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  193.100617][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.120788][ T6014] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  193.124113][ T6014] dw2102: su3000_power_ctrl: 1, initialized 0
[  193.128512][ T6014] dvb-usb: bulk message failed: -22 (2/0)
[  193.135756][ T6014] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  193.139847][ T6014] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  193.143197][ T6014] usb 5-1: media controller created
[  193.145420][ T6014] dvb-usb: bulk message failed: -22 (6/0)
[  193.147580][ T6014] dw2102: i2c transfer failed.
[  193.149512][ T6014] dvb-usb: bulk message failed: -22 (6/0)
[  193.151330][ T6014] dw2102: i2c transfer failed.
[  193.152906][ T6014] dvb-usb: bulk message failed: -22 (6/0)
[  193.155097][ T6014] dw2102: i2c transfer failed.
[  193.156663][ T6014] dvb-usb: bulk message failed: -22 (6/0)
[  193.158546][ T6014] dw2102: i2c transfer failed.
[  193.160104][ T6014] dvb-usb: bulk message failed: -22 (6/0)
[  193.162135][ T6014] dw2102: i2c transfer failed.
[  193.163812][ T6014] dvb-usb: bulk message failed: -22 (6/0)
[  193.165664][ T6014] dw2102: i2c transfer failed.
[  193.167219][ T6014] dvb-usb: MAC address: 02:02:02:02:02:02
[  193.174794][ T6014] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  193.188851][ T6014] dvb-usb: bulk message failed: -22 (3/0)
[  193.191185][ T6014] dw2102: command 0x0e transfer failed.
[  193.193398][ T6014] dvb-usb: bulk message failed: -22 (3/0)
[  193.195735][ T6014] dw2102: command 0x0e transfer failed.
[  193.504567][ T6014] dvb-usb: bulk message failed: -22 (3/0)
[  193.506478][ T6014] dw2102: command 0x0e transfer failed.
[  193.512990][ T6014] dvb-usb: bulk message failed: -22 (3/0)
[  193.517505][ T6014] dw2102: command 0x0e transfer failed.
[  193.519521][ T6014] dvb-usb: bulk message failed: -22 (1/0)
[  193.523616][ T6014] dw2102: command 0x51 transfer failed.
[  193.546015][ T6014] DVB: Unable to find symbol ds3000_attach()
[  193.547989][ T6014] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  193.574421][ T7117] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration
[  193.577697][ T7118] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration
[  193.593552][ T6014] rc_core: IR keymap rc-su3000 not found
[  193.598033][ T6014] Registered IR keymap rc-empty
[  193.615417][ T6014] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  193.625438][   T41] audit: type=1400 audit(1776627563.911:343): avc:  denied  { bind } for  pid=7122 comm="syz.2.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  193.638601][ T6014] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input13
[  193.651155][ T6014] dvb-usb: schedule remote query interval to 150 msecs.
[  193.656910][ T6014] dw2102: su3000_power_ctrl: 0, initialized 1
[  193.662231][ T6014] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  193.670228][ T6014] usb 5-1: USB disconnect, device number 7
[  193.709612][   T41] audit: type=1400 audit(1776627563.991:344): avc:  denied  { map } for  pid=7122 comm="syz.2.295" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  193.728179][ T6014] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  193.875403][   T41] audit: type=1400 audit(1776627564.161:345): avc:  denied  { getopt } for  pid=7136 comm="syz.0.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  193.885810][   T41] audit: type=1400 audit(1776627564.171:346): avc:  denied  { getopt } for  pid=7136 comm="syz.0.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  193.935779][ T7139] binder: 7138:7139 ioctl c0306201 0 returned -14
[  194.511789][ T7148] xt_hashlimit: size too large, truncated to 1048576
[  194.527838][   T41] audit: type=1400 audit(1776627564.811:347): avc:  denied  { getopt } for  pid=7147 comm="syz.1.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  194.615491][ T5976] Bluetooth: hci1: adv larger than maximum supported
[  195.063524][   T61] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  195.214958][   T61] usb 7-1: Using ep0 maxpacket: 32
[  195.218646][   T61] usb 7-1: unable to get BOS descriptor or descriptor too short
[  195.224736][   T61] usb 7-1: config 8 has an invalid interface number: 188 but max is 0
[  195.232593][   T61] usb 7-1: config 8 has no interface number 0
[  195.237664][   T61] usb 7-1: config 8 interface 188 has no altsetting 0
[  195.256558][   T61] usb 7-1: string descriptor 0 read error: -22
[  195.258767][   T61] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  195.265322][   T61] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.294403][   T61] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  195.299622][   T61] dw2102: su3000_power_ctrl: 1, initialized 0
[  195.301721][   T61] dvb-usb: bulk message failed: -22 (2/0)
[  195.337652][   T61] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  195.347919][   T61] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  195.350681][   T61] usb 7-1: media controller created
[  195.352406][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  195.363019][   T61] dw2102: i2c transfer failed.
[  195.367098][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  195.374050][   T61] dw2102: i2c transfer failed.
[  195.375815][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  195.385691][   T61] dw2102: i2c transfer failed.
[  195.387239][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  195.393441][   T61] dw2102: i2c transfer failed.
[  195.394961][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  195.403483][   T61] dw2102: i2c transfer failed.
[  195.405031][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  195.409127][   T61] dw2102: i2c transfer failed.
[  195.410655][   T61] dvb-usb: MAC address: 02:02:02:02:02:02
[  195.433788][   T61] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  195.450063][   T61] dvb-usb: bulk message failed: -22 (3/0)
[  195.451944][   T61] dw2102: command 0x0e transfer failed.
[  195.458690][   T61] dvb-usb: bulk message failed: -22 (3/0)
[  195.460541][   T61] dw2102: command 0x0e transfer failed.
[  195.707002][ T7180] netlink: 76 bytes leftover after parsing attributes in process `syz.1.315'.
[  195.783503][   T61] dvb-usb: bulk message failed: -22 (3/0)
[  195.786184][   T61] dw2102: command 0x0e transfer failed.
[  195.788123][   T61] dvb-usb: bulk message failed: -22 (3/0)
[  195.790071][   T61] dw2102: command 0x0e transfer failed.
[  195.791850][   T61] dvb-usb: bulk message failed: -22 (1/0)
[  195.803491][   T61] dw2102: command 0x51 transfer failed.
[  195.807232][ T7158] dvb-usb: bulk message failed: -22 (1/0)
[  195.810496][ T7158] dw2102: i2c transfer failed.
[  195.813969][ T7158] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI
[  195.817738][ T7158] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
[  195.820465][ T7158] CPU: 1 UID: 0 PID: 7158 Comm: syz.2.306 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  195.823842][ T7158] Tainted: [L]=SOFTLOCKUP
[  195.825212][ T7158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  195.828458][ T7158] RIP: 0010:su3000_i2c_transfer+0x571/0xd90
[  195.830782][ T7158] Code: 6b 08 83 e2 07 0f b6 00 38 d0 7f 08 84 c0 0f 85 e9 06 00 00 48 8d 7d 01 45 0f b6 77 02 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 20 38 d0 7f 08 84 c0 0f 85 b8 06 00 00 49 8d 7f 03 44
[  195.836874][ T7158] RSP: 0018:ffffc900035bfc10 EFLAGS: 00010202
[  195.838797][ T7158] RAX: 0000000000000002 RBX: ffff888044268ca0 RCX: ffffc900040c2000
[  195.841268][ T7158] RDX: 0000000000000001 RSI: ffffffff88059077 RDI: 0000000000000011
[  195.843767][ T7158] RBP: 0000000000000010 R08: 0000000000000005 R09: 0000000000000000
[  195.846211][ T7158] R10: 0000000080000000 R11: 0000000000000000 R12: dffffc0000000000
[  195.848718][ T7158] R13: ffff88805885b502 R14: 0000000000000010 R15: ffff88805885b500
[  195.851193][ T7158] FS:  00007f92b4c946c0(0000) GS:ffff8880d63ef000(0000) knlGS:0000000000000000
[  195.853946][ T7158] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  195.856019][ T7158] CR2: 00007f92b3de9f00 CR3: 00000000451ef000 CR4: 0000000000352ef0
[  195.858533][ T7158] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 000000000000000a
[  195.861030][ T7158] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  195.863501][ T7158] Call Trace:
[  195.864571][ T7158]  <TASK>
[  195.865519][ T7158]  __i2c_transfer+0x5e9/0x1780
[  195.867042][ T7158]  ? __pfx___i2c_transfer+0x10/0x10
[  195.868722][ T7158]  ? rt_mutex_slowtrylock+0x93/0x100
[  195.870386][ T7158]  i2c_transfer+0x15f/0x380
[  195.871836][ T7158]  i2cdev_ioctl_rdwr+0x3ec/0x700
[  195.873411][ T7158]  i2cdev_ioctl+0x19d/0x830
[  195.874851][ T7158]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  195.876505][ T7158]  ? selinux_file_ioctl+0x13b/0x290
[  195.878297][ T7158]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  195.879982][ T7158]  __x64_sys_ioctl+0x18e/0x210
[  195.881510][ T7158]  do_syscall_64+0x10b/0xf80
[  195.883036][ T7158]  ? clear_bhb_loop+0x40/0x90
[  195.884553][ T7158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.886423][ T7158] RIP: 0033:0x7f92b3d9c819
[  195.887834][ T7158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  195.893842][ T7158] RSP: 002b:00007f92b4c94028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.896491][ T7158] RAX: ffffffffffffffda RBX: 00007f92b4015fa0 RCX: 00007f92b3d9c819
[  195.898960][ T7158] RDX: 0000200000000000 RSI: 0000000000000707 RDI: 0000000000000004
[  195.901428][ T7158] RBP: 00007f92b3e32c91 R08: 0000000000000000 R09: 0000000000000000
[  195.904050][ T7158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.906550][ T7158] R13: 00007f92b4016038 R14: 00007f92b4015fa0 R15: 00007ffd9f9affc8
[  195.909057][ T7158]  </TASK>
[  195.910047][ T7158] Modules linked in:
[  195.911620][ T7158] ---[ end trace 0000000000000000 ]---
[  195.935724][ T7158] RIP: 0010:su3000_i2c_transfer+0x571/0xd90
[  195.937768][ T7158] Code: 6b 08 83 e2 07 0f b6 00 38 d0 7f 08 84 c0 0f 85 e9 06 00 00 48 8d 7d 01 45 0f b6 77 02 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 20 38 d0 7f 08 84 c0 0f 85 b8 06 00 00 49 8d 7f 03 44
[  195.943493][   T61] DVB: Unable to find symbol ds3000_attach()
[  195.945786][   T61] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  195.971922][ T7158] RSP: 0018:ffffc900035bfc10 EFLAGS: 00010202
[  195.978391][ T7158] RAX: 0000000000000002 RBX: ffff888044268ca0 RCX: ffffc900040c2000
[  195.992341][ T7158] RDX: 0000000000000001 RSI: ffffffff88059077 RDI: 0000000000000011
[  195.999533][ T7158] RBP: 0000000000000010 R08: 0000000000000005 R09: 0000000000000000
[  196.003545][   T61] rc_core: IR keymap rc-su3000 not found
[  196.005344][   T61] Registered IR keymap rc-empty
[  196.006670][ T7158] R10: 0000000080000000 R11: 0000000000000000 R12: dffffc0000000000
[  196.013847][   T61] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  196.014000][ T7158] R13: ffff88805885b502 R14: 0000000000000010 R15: ffff88805885b500
[  196.017554][   T61] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input14
[  196.029242][ T7158] FS:  00007f92b4c946c0(0000) GS:ffff8880d62ef000(0000) knlGS:0000000000000000
[  196.035851][ T7158] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  196.040239][ T7158] CR2: 00007f8ae2ff34b4 CR3: 00000000451ef000 CR4: 0000000000352ef0
[  196.043593][   T61] dvb-usb: schedule remote query interval to 150 msecs.
[  196.044065][ T7158] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 000000000000000a
[  196.048032][   T61] dw2102: su3000_power_ctrl: 0, initialized 1
[  196.052628][   T61] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  196.055833][ T7158] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  196.062774][ T7158] Kernel panic - not syncing: Fatal exception
[  196.065473][ T7158] Kernel Offset: disabled
[  196.066870][ T7158] Rebooting in 86400 seconds..